Module: Nexpose::NexposeAPI
- Included in:
- Connection
- Defined in:
- lib/nexpose.rb
Instance Method Summary collapse
-
#asset_group_config(group_id) ⇒ Object
————————————————————————- Returns an asset group configuration information for a specific group ID ————————————————————————-.
- #asset_group_delete(connection, id, debug = false) ⇒ Object
-
#asset_groups_listing ⇒ Object
————————————————————————- Returns all asset group information ————————————————————————-.
- #console_command(cmd_string) ⇒ Object
- #device_delete(param) ⇒ Object
- #make_xml(name, opts = {}, data = '') ⇒ Object
- #report_config_delete(param) ⇒ Object
- #report_delete(param) ⇒ Object
- #report_generate(param) ⇒ Object
- #report_history(param) ⇒ Object
- #report_last(param) ⇒ Object
- #report_template_listing ⇒ Object
- #scan_activity ⇒ Object
- #scan_statistics(param) ⇒ Object
- #scan_status(param) ⇒ Object
- #scan_stop(param) ⇒ Object
- #site_delete(param) ⇒ Object
- #site_device_listing(site_id) ⇒ Object
-
#site_device_scan_start(site_id, devices, hosts) ⇒ Object
———————————————————————– Starts device specific site scanning.
- #site_listing ⇒ Object
-
#site_scan_history(site_id) ⇒ Object
———————————————————————– TODO: Needs to be expanded to included details ———————————————————————–.
- #system_information ⇒ Object
Instance Method Details
#asset_group_config(group_id) ⇒ Object
Returns an asset group configuration information for a specific group ID
373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 |
# File 'lib/nexpose.rb', line 373 def asset_group_config(group_id) r = execute(make_xml('AssetGroupConfigRequest', {'group-id' => group_id})) if r.success res = [] r.res.elements.each('//Devices/device') do |device_info| res << { :device_id => device_info.attributes['id'].to_i, :site_id => device_info.attributes['site-id'].to_i, :address => device_info.attributes['address'].to_s, :riskfactor => device_info.attributes['riskfactor'].to_f, } end res else false end end |
#asset_group_delete(connection, id, debug = false) ⇒ Object
343 344 345 346 |
# File 'lib/nexpose.rb', line 343 def asset_group_delete(connection, id, debug = false) r = execute(make_xml('AssetGroupDeleteRequest', { 'group-id' => param })) r.success end |
#asset_groups_listing ⇒ Object
Returns all asset group information
351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 |
# File 'lib/nexpose.rb', line 351 def asset_groups_listing() r = execute(make_xml('AssetGroupListingRequest')) if r.success res = [] r.res.elements.each('//AssetGroupSummary') do |group| res << { :asset_group_id => group.attributes['id'].to_i, :name => group.attributes['name'].to_s, :description => group.attributes['description'].to_s, :risk_score => group.attributes['riskscore'].to_f, } end res else false end end |
#console_command(cmd_string) ⇒ Object
534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 |
# File 'lib/nexpose.rb', line 534 def console_command(cmd_string) xml = make_xml('ConsoleCommandRequest', { }) cmd = REXML::Element.new('Command') cmd.text = cmd_string xml << cmd r = execute(xml) if(r.success) res = "" r.res.elements.each("//Output") do |out| res << out.text.to_s end return res else return false end end |
#device_delete(param) ⇒ Object
338 339 340 341 |
# File 'lib/nexpose.rb', line 338 def device_delete(param) r = execute(make_xml('DeviceDeleteRequest', { 'site-id' => param })) r.success end |
#make_xml(name, opts = {}, data = '') ⇒ Object
220 221 222 223 224 225 226 227 228 229 230 231 232 233 |
# File 'lib/nexpose.rb', line 220 def make_xml(name, opts={}, data='') xml = REXML::Element.new(name) if(@session_id) xml.attributes['session-id'] = @session_id end opts.keys.each do |k| xml.attributes[k] = "#{opts[k]}" end xml.text = data xml end |
#report_config_delete(param) ⇒ Object
328 329 330 331 |
# File 'lib/nexpose.rb', line 328 def report_config_delete(param) r = execute(make_xml('ReportDeleteRequest', { 'reportcfg-id' => param })) r.success end |
#report_delete(param) ⇒ Object
333 334 335 336 |
# File 'lib/nexpose.rb', line 333 def report_delete(param) r = execute(make_xml('ReportDeleteRequest', { 'report-id' => param })) r.success end |
#report_generate(param) ⇒ Object
303 304 305 306 |
# File 'lib/nexpose.rb', line 303 def report_generate(param) r = execute(make_xml('ReportGenerateRequest', { 'report-id' => param })) r.success end |
#report_history(param) ⇒ Object
324 325 326 |
# File 'lib/nexpose.rb', line 324 def report_history(param) execute(make_xml('ReportHistoryRequest', { 'reportcfg-id' => param })) end |
#report_last(param) ⇒ Object
308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 |
# File 'lib/nexpose.rb', line 308 def report_last(param) r = execute(make_xml('ReportHistoryRequest', { 'reportcfg-id' => param })) res = nil if(r.success) stk = [] r.res.elements.each("//ReportSummary") do |rep| stk << [ rep.attributes['id'].to_i, rep.attributes['report-URI'] ] end if (stk.length > 0) stk.sort!{|a,b| b[0] <=> a[0]} res = stk[0][1] end end res end |
#report_template_listing ⇒ Object
510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 |
# File 'lib/nexpose.rb', line 510 def report_template_listing r = execute(make_xml('ReportTemplateListingRequest', { })) if(r.success) res = [] r.res.elements.each("//ReportTemplateSummary") do |template| desc = '' template.elements.each("//description") do |ent| desc = ent.text end res << { :template_id => template.attributes['id'].to_s, :name => template.attributes['name'].to_s, :description => desc.to_s } end return res else return false end end |
#scan_activity ⇒ Object
245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 |
# File 'lib/nexpose.rb', line 245 def scan_activity r = execute(make_xml('ScanActivityRequest', { })) if(r.success) res = [] r.res.elements.each("//ScanSummary") do |scan| res << { :scan_id => scan.attributes['scan-id'].to_i, :site_id => scan.attributes['site-id'].to_i, :engine_id => scan.attributes['engine-id'].to_i, :status => scan.attributes['status'].to_s, :start_time => Date.parse(scan.attributes['startTime'].to_s).to_time } end return res else return false end end |
#scan_statistics(param) ⇒ Object
264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 |
# File 'lib/nexpose.rb', line 264 def scan_statistics(param) r = execute(make_xml('ScanStatisticsRequest', {'scan-id' => param })) if(r.success) res = {} r.res.elements.each("//ScanSummary/nodes") do |node| res[:nodes] = {} node.attributes.keys.each do |k| res[:nodes][k] = node.attributes[k].to_i end end r.res.elements.each("//ScanSummary/tasks") do |task| res[:task] = {} task.attributes.keys.each do |k| res[:task][k] = task.attributes[k].to_i end end r.res.elements.each("//ScanSummary/vulnerabilities") do |vuln| res[:vulns] ||= {} k = vuln.attributes['status'] + (vuln.attributes['severity'] ? ("-" + vuln.attributes['severity']) : '') res[:vulns][k] = vuln.attributes['count'].to_i end r.res.elements.each("//ScanSummary") do |summ| res[:summary] = {} summ.attributes.keys.each do |k| res[:summary][k] = summ.attributes[k] if (res[:summary][k] =~ /^\d+$/) res[:summary][k] = res[:summary][k].to_i end end end r.res.elements.each("//ScanSummary/message") do || res[:message] = .text end return res else return false end end |
#scan_status(param) ⇒ Object
240 241 242 243 |
# File 'lib/nexpose.rb', line 240 def scan_status(param) r = execute(make_xml('ScanStatusRequest', { 'scan-id' => param })) r.success ? r.attributes['status'] : nil end |
#scan_stop(param) ⇒ Object
235 236 237 238 |
# File 'lib/nexpose.rb', line 235 def scan_stop(param) r = execute(make_xml('ScanStopRequest', { 'scan-id' => param })) r.success end |
#site_delete(param) ⇒ Object
444 445 446 447 |
# File 'lib/nexpose.rb', line 444 def site_delete(param) r = execute(make_xml('SiteDeleteRequest', { 'site-id' => param })) r.success end |
#site_device_listing(site_id) ⇒ Object
491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 |
# File 'lib/nexpose.rb', line 491 def site_device_listing(site_id) r = execute(make_xml('SiteDeviceListingRequest', { 'site-id' => site_id.to_s })) if(r.success) res = [] r.res.elements.each("//device") do |device| res << { :device_id => device.attributes['id'].to_i, :address => device.attributes['address'].to_s, :risk_factor => device.attributes['risk_factor'].to_f, :risk_score => device.attributes['risk_score'].to_f, } end return res else return false end end |
#site_device_scan_start(site_id, devices, hosts) ⇒ Object
Starts device specific site scanning.
devices - An Array of device IDs hosts - An Array of Hashes [o]=>:range=>“to,from” [1]=>:host=>host
398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 |
# File 'lib/nexpose.rb', line 398 def site_device_scan_start(site_id, devices, hosts) if hosts == nil and devices == nil raise ArgumentError.new("Both the device and host list is nil") end xml = make_xml('SiteDevicesScanRequest', {'site-id' => site_id}) if devices != nil inner_xml = REXML::Element.new 'Devices' for device_id in devices inner_xml.add_element 'device', {'id' => "#{device_id}"} end xml.add_element inner_xml end if hosts != nil inner_xml = REXML::Element.new 'Hosts' hosts.each_index do |x| if hosts[x].key? :range to = hosts[x][:range].split(',')[0] from = hosts[x][:range].split(',')[1] inner_xml.add_element 'range', {'to' => "#{to}", 'from' => "#{from}"} end if hosts[x].key? :host host_element = REXML::Element.new 'host' host_element.text = "#{hosts[x][:host]}" inner_xml.add_element host_element end end xml.add_element inner_xml end r = execute xml if r.success r.res.elements.each('//Scan') do |scan_info| return { :scan_id => scan_info.attributes['scan-id'].to_i, :engine_id => scan_info.attributes['engine-id'].to_i } end else false end end |
#site_listing ⇒ Object
449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 |
# File 'lib/nexpose.rb', line 449 def site_listing r = execute(make_xml('SiteListingRequest', { })) if(r.success) res = [] r.res.elements.each("//SiteSummary") do |site| res << { :site_id => site.attributes['id'].to_i, :name => site.attributes['name'].to_s, :risk_factor => site.attributes['risk_factor'].to_f, :risk_score => site.attributes['risk_score'].to_f, } end return res else return false end end |
#site_scan_history(site_id) ⇒ Object
TODO: Needs to be expanded to included details
471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 |
# File 'lib/nexpose.rb', line 471 def site_scan_history(site_id) r.execute(make_xml('SiteScanHistoryRequest', {'site-id' => site_id.to_s})) if (r.success) res = [] r.res.elements.each("//ScanSummary") do |site_scan_history| res << { :site_id => site_scan_history.attributes['site-id'].to_i, :scan_id => site_scan_history.attributes['scan-id'].to_i, :engine_id => site_scan_history.attributes['engine-id'].to_i, :start_time => site_scan_history.attributes['startTime'].to_s, :end_time => site_scan_history.attributes['endTime'].to_s } end return res else false end end |
#system_information ⇒ Object
554 555 556 557 558 559 560 561 562 563 564 565 566 567 |
# File 'lib/nexpose.rb', line 554 def system_information r = execute(make_xml('SystemInformationRequest', { })) if(r.success) res = {} r.res.elements.each("//Statistic") do |stat| res[ stat.attributes['name'].to_s ] = stat.text.to_s end return res else return false end end |