Module: Nexpose
- Defined in:
- lib/nexpose.rb
Defined Under Namespace
Modules: NexposeAPI, Sanitize, XMLUtils Classes: APIError, APIRequest, AdminCredentials, AuthenticationFailed, Connection, Device, EngineActivity, EngineListing, EngineSummary, HostName, IPRange, Reference, ReportAdHoc, ReportConfig, ReportConfigSummary, ReportFilter, ReportHistory, ReportSchedule, ReportSection, ReportSummary, ReportTemplateListing, ReportTemplateSummary, ScanConfig, ScanFilter, ScanStatistics, ScanSummary, ScanTrigger, Schedule, Site, SiteConfig, SiteDeviceListing, SiteListing, SiteScanHistory, SiteSummary, SmtpAlert, SnmpAlert, SyslogAlert, VulnFilter, VulnerabilityDetail, VulnerabilityListing, VulnerabilitySummary
Class Method Summary collapse
-
.get_iso_8601_date(int_date) ⇒ Object
Description Returns an ISO 8601 formatted date/time stamp.
-
.getAttribute(attribute, xml) ⇒ Object
Description TODO.
-
.printXML(object) ⇒ Object
Description Echos the last XML API request and response for the specified object.
-
.site_device_scan(connection, site_id, device_array, host_array, debug = false) ⇒ Object
TODO add.
- .testa(ip, port, user, passwd) ⇒ Object
Class Method Details
.get_iso_8601_date(int_date) ⇒ Object
Description
Returns an ISO 8601 formatted date/time stamp. All dates in NeXpose must use this format.
2502 2503 2504 2505 2506 |
# File 'lib/nexpose.rb', line 2502 def self.get_iso_8601_date(int_date) #@date_mod = date('Ymd\THis000', @int_date) date_mod = '' return date_mod end |
.getAttribute(attribute, xml) ⇒ Object
Description
TODO
2494 2495 2496 2497 2498 |
# File 'lib/nexpose.rb', line 2494 def self.getAttribute(attribute, xml) value = '' #@value = substr(substr(strstr(strstr(@xml,@attribute),'"'),1),0,strpos(substr(strstr(strstr(@xml,@attribute),'"'),1),'"')) return value end |
.printXML(object) ⇒ Object
Description
Echos the last XML API request and response for the specified object. (Useful for debugging)
2510 2511 2512 2513 |
# File 'lib/nexpose.rb', line 2510 def self.printXML(object) puts "request" + object.request_xml.to_s puts "response is " + object.response_xml.to_s end |
.site_device_scan(connection, site_id, device_array, host_array, debug = false) ⇒ Object
TODO add
2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 |
# File 'lib/nexpose.rb', line 2472 def self.site_device_scan(connection, site_id, device_array, host_array, debug = false) request_xml = '<SiteDevicesScanRequest session-id="' + connection.session_id.to_s + '" site-id="' + site_id.to_s + '">' request_xml += '<Devices>' device_array.each do |d| request_xml += '<device id="' + d.to_s + '"/>' end request_xml += '</Devices>' request_xml += '<Hosts>' # The host array can only by single IP addresses for now. TODO: Expand to full API Spec. host_array.each do |h| request_xml += '<range from="' + h.to_s + '"/>' end request_xml += '</Hosts>' request_xml += '</SiteDevicesScanRequest>' r = connection.execute(request_xml) r.success ? { :engine_id => r.attributes['engine_id'], :scan_id => r.attributes['scan-id'] } : nil end |
.testa(ip, port, user, passwd) ⇒ Object
2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535 2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 2552 2553 2554 2555 2556 2557 2558 2559 2560 2561 2562 2563 2564 2565 2566 2567 2568 2569 2570 2571 2572 2573 2574 2575 2576 2577 2578 2579 2580 2581 2582 2583 2584 2585 2586 2587 2588 2589 2590 2591 2592 2593 2594 2595 2596 2597 2598 2599 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 2632 2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 2643 2644 2645 2646 2647 2648 2649 2650 |
# File 'lib/nexpose.rb', line 2517 def self.testa(ip, port, user, passwd) nsc = Connection.new(ip, user, passwd, port) nsc.login site_listing = SiteListing.new(nsc) site_listing.sites.each do |site| puts "name is #{site.site_name}" puts "id is #{site.id}" end =begin ## Site Delete ## nsc.login status = deleteSite(nsc, '244', true) puts "status: #{status}" =end =begin nsc.login site = Site.new(nsc) site.setSiteConfig("New Site 3", "New Site Description") site.site_config.addHost(IPRange.new("10.1.90.86")) status = site.saveSite() report_config = ReportConfig.new(nsc) report_config.set_template_id("raw-xml") report_config.set_format("xml") report_config.addFilter("SiteFilter",site.site_id) report_config.set_generate_after_scan(1) report_config.set_storeOnServer(1) report_config.saveReport() puts report_config.config_id.to_s site.scanSite() nsc.logout =end =begin nsc.login site = Site.new(nsc) site.setSiteConfig("New Site 3", "New Site Description") site.site_config.addHost(IPRange.new("10.1.90.86")) status = site.saveSite() report_config = ReportConfig.new(nsc) report_config.set_template_id("audit-report") report_config.set_format("pdf") report_config.addFilter("SiteFilter",site.site_id) report_config.set_email_As("file") report_config.set_smtp_relay_server("") report_config.set_sender("[email protected]") report_config.addEmailRecipient("[email protected]") report_config.set_generate_after_scan(1) report_config.saveReport() site.scanSite() =end nsc.logout =begin vuln_listing = VulnerabilityListing.new(nsc) vuln_listing.vulnerability_summaries.each do |v| puts "vuln id #{v.id}" exit end n.logout =end =begin nsc.login vuln_id = 'generic-icmp-timestamp' vuln = VulnerabilityDetail.new(n,vuln_id.to_s) puts "#{vuln.id}" puts "#{vuln.title}" puts "#{vuln.pciSeverity}" puts "#{vuln.cvssScore}" puts "#{vuln.cvssVector}" puts "#{vuln.description}" vuln.references.each do |r| puts "source: #{r.source}" puts "reference: #{r.reference}" end puts "#{vuln.solution}" =end =begin site = Site.new(n) site.setSiteConfig("New Site Name", "New Site Description") site.site_config.addHost(IPRange.new("10.1.90.86")) #site.site_config.addHost(HostName.new("localhost")) #site.site_config.addHost(IPRange.new("192.168.7.1","192.168.7.20")) #site.site_config.addHost(IPRange.new("10.1.90.130")) status = site.saveSite() puts "#{site.site_id}" site.scanSite nsc.logout =end =begin site = Site.new(nsc,'263') site.printSite() site.getSiteXML() puts "#{site.site_id}" puts "#{site.site_config.description}" puts "#{site.site_config.riskfactor}" nsc.logout =end #site.scanSite() =begin site_config = SiteConfig.new() my_site = site_config.getSiteConfig(n, '244') history = SiteScanHistory.new(n, '244') devices = SiteDeviceListing.new(n, '244') =end =begin site_listing = SiteListing.new(n) site_listing.sites.each do |site| puts "name is #{site.site_name}" end =end end |