Class: Nexpose::Credential

Inherits:

Object

• Object
• Nexpose::Credential

Includes:

Comparable, XMLUtils

Defined in:

lib/nexpose/creds.rb

Overview

Object that represents administrative credentials to be used during a scan. When retrieved from an existing site configuration the credentials will be returned as a security blob and can only be passed back as is during a Site Save operation. This object can only be used to create a new set of credentials.

Defined Under Namespace

Modules: ElevationType, Type

Constant Summary

DEFAULT_PORTS =

{ 'cvs' => 2401,
'ftp' => 21,
'http' => 80,
'as400' => 449,
'notes' => 1352,
'tds' => 1433,
'sybase' => 5000,
'cifs' => 445,
'cifshash' => 445,
'oracle' => 1521,
'pop' => 110,
'postgresql' => 5432,
'remote execution' => 512,
'snmp' => 161,
'ssh' => 22,
'ssh-key' => 22,
'telnet' => 23,
'mysql' => 3306,
'db2' => 50000 }

Instance Attribute Summary

• #blob ⇒ Object

  Security blob for an existing set of credentials.

• #headers ⇒ Object

  When using httpheaders, this represents the set of headers to pass with the authentication request.

• #host ⇒ Object

  The host for these credentials.

• #html_forms ⇒ Object

  When using htmlforms, this represents the tho form to pass the authentication request to.

• #password ⇒ Object

  The password.

• #port ⇒ Object

  The port on which to use these credentials.

• #priv_password ⇒ Object

  The password to use when escalating privileges (optional).

• #priv_type ⇒ Object

  The type of privilege escalation to use (sudo/su).

• #priv_username ⇒ Object

  The userid to use when escalating privileges (optional).

• #realm ⇒ Object

  The realm for these credentials.

• #service ⇒ Object

  The service for these credentials.

• #userid ⇒ Object

  The user id or username.

Class Method Summary

• .for_service(service, user, password, realm = nil, host = nil, port = nil) ⇒ Object
• .parse(xml) ⇒ Object

Instance Method Summary

• #<=>(other) ⇒ Object
• #add_privilege_credentials(type, username, password) ⇒ Object

  Sets privilege escalation credentials.

• #as_xml ⇒ Object (also: #to_xml_elem)
• #eql?(other) ⇒ Boolean
• #hash ⇒ Object
• #to_xml ⇒ Object

Methods included from XMLUtils

#make_xml, #parse_xml

Instance Attribute Details

#blob ⇒ Object

Security blob for an existing set of credentials

# File 'lib/nexpose/creds.rb', line 33

def blob
  @blob
end

#headers ⇒ Object

When using httpheaders, this represents the set of headers to pass with the authentication request.

# File 'lib/nexpose/creds.rb', line 48

def headers
  @headers
end

#host ⇒ Object

The host for these credentials. Can be Any.

# File 'lib/nexpose/creds.rb', line 37

def host
  @host
end

#html_forms ⇒ Object

When using htmlforms, this represents the tho form to pass the authentication request to.

# File 'lib/nexpose/creds.rb', line 51

def html_forms
  @html_forms
end

#password ⇒ Object

The password

# File 'lib/nexpose/creds.rb', line 43

def password
  @password
end

#port ⇒ Object

The port on which to use these credentials.

# File 'lib/nexpose/creds.rb', line 39

def port
  @port
end

#priv_password ⇒ Object

The password to use when escalating privileges (optional)

# File 'lib/nexpose/creds.rb', line 57

def priv_password
  @priv_password
end

#priv_type ⇒ Object

The type of privilege escalation to use (sudo/su)

# File 'lib/nexpose/creds.rb', line 53

def priv_type
  @priv_type
end

#priv_username ⇒ Object

The userid to use when escalating privileges (optional)

# File 'lib/nexpose/creds.rb', line 55

def priv_username
  @priv_username
end

#realm ⇒ Object

The realm for these credentials

# File 'lib/nexpose/creds.rb', line 45

def realm
  @realm
end

#service ⇒ Object

The service for these credentials. Can be All.

# File 'lib/nexpose/creds.rb', line 35

def service
  @service
end

#userid ⇒ Object

The user id or username

# File 'lib/nexpose/creds.rb', line 41

def userid
  @userid
end

Class Method Details

.for_service(service, user, password, realm = nil, host = nil, port = nil) ⇒ Object

# File 'lib/nexpose/creds.rb', line 59

def self.for_service(service, user, password, realm = nil, host = nil, port = nil)
  cred = new
  cred.service = service
  cred.userid = user
  cred.password = password
  cred.realm = realm
  cred.host = host
  cred.port = port
  cred
end

.parse(xml) ⇒ Object

# File 'lib/nexpose/creds.rb', line 77

def self.parse(xml)
  cred = new
  cred.service = xml.attributes['service']
  cred.host = xml.attributes['host']
  cred.port = xml.attributes['port']
  cred.blob = xml.get_text
  cred
end

Instance Method Details

#<=>(other) ⇒ Object

# File 'lib/nexpose/creds.rb', line 113

def <=>(other)
  to_xml <=> other.to_xml
end

#add_privilege_credentials(type, username, password) ⇒ Object

Sets privilege escalation credentials. Type should be either sudo/su.

# File 'lib/nexpose/creds.rb', line 71

def add_privilege_credentials(type, username, password)
  @priv_type = type
  @priv_username = username
  @priv_password = password
end

#as_xml ⇒ Object Also known as: to_xml_elem

# File 'lib/nexpose/creds.rb', line 90

def as_xml
  attributes = {}

  attributes['service'] = @service
  attributes['userid'] = @userid
  attributes['password'] = @password
  attributes['realm'] = @realm
  attributes['host'] = @host
  attributes['port'] = @port

  attributes['privilegeelevationtype'] = @priv_type if @priv_type
  attributes['privilegeelevationusername'] = @priv_username if @priv_username
  attributes['privilegeelevationpassword'] = @priv_password if @priv_password

  xml = make_xml('adminCredentials', attributes, blob)
  xml.add_element(@headers.to_xml_elem) if @headers
  xml.add_element(@html_forms.to_xml_elem) if @html_forms
  xml
end

#eql?(other) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/nexpose/creds.rb', line 117

def eql?(other)
  to_xml == other.to_xml
end

#hash ⇒ Object

# File 'lib/nexpose/creds.rb', line 121

def hash
  to_xml.hash
end

#to_xml ⇒ Object

# File 'lib/nexpose/creds.rb', line 86

def to_xml
  to_xml_elem.to_s
end