Class: Nexpose::Connection

Inherits:
Object
  • Object
show all
Includes:
NexposeAPI, XMLUtils
Defined in:
lib/nexpose.rb

Overview

Description

Object that represents a connection to a NeXpose Security Console.

Examples

# Create a new Nexpose Connection on the default port
nsc = Connection.new("10.1.40.10","nxadmin","password")

# Login to NSC and Establish a Session ID
nsc.()

# Check Session ID
if (nsc.session_id)
    puts "Login Successful"
else
    puts "Login Failure"
end

# //Logout
logout_success = nsc.logout()
if (! logout_success)
    puts "Logout Failure" + "<p>" + nsc.error_msg.to_s
end

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from NexposeAPI

#asset_group_delete, #console_command, #device_delete, #make_xml, #report_config_delete, #report_delete, #report_generate, #report_history, #report_last, #report_template_listing, #scan_activity, #scan_statistics, #scan_status, #scan_stop, #site_delete, #site_device_listing, #site_listing, #system_information

Methods included from XMLUtils

#parse_xml

Constructor Details

#initialize(ip, user, pass, port = 3780) ⇒ Connection

Constructor for Connection



494
495
496
497
498
499
500
501
502
# File 'lib/nexpose.rb', line 494

def initialize(ip, user, pass, port = 3780)
	@host = ip
	@port = port
	@username = user
	@password = pass
	@session_id = nil
	@error = false
	@url = "https://#{@host}:#{@port}/api/1.1/xml"
end

Instance Attribute Details

#errorObject (readonly)

true if an error condition exists; false otherwise



473
474
475
# File 'lib/nexpose.rb', line 473

def error
  @error
end

#error_msgObject (readonly)

Error message string



475
476
477
# File 'lib/nexpose.rb', line 475

def error_msg
  @error_msg
end

#hostObject (readonly)

The hostname or IP Address of the NSC



483
484
485
# File 'lib/nexpose.rb', line 483

def host
  @host
end

#passwordObject (readonly)

The password used to login to the NSC



489
490
491
# File 'lib/nexpose.rb', line 489

def password
  @password
end

#portObject (readonly)

The port of the NSC (default is 3780)



485
486
487
# File 'lib/nexpose.rb', line 485

def port
  @port
end

#request_xmlObject (readonly)

The last XML request sent by this object



477
478
479
# File 'lib/nexpose.rb', line 477

def request_xml
  @request_xml
end

#response_xmlObject (readonly)

The last XML response received by this object



479
480
481
# File 'lib/nexpose.rb', line 479

def response_xml
  @response_xml
end

#session_idObject (readonly)

Session ID of this connection



481
482
483
# File 'lib/nexpose.rb', line 481

def session_id
  @session_id
end

#urlObject (readonly)

The URL for communication



491
492
493
# File 'lib/nexpose.rb', line 491

def url
  @url
end

#usernameObject (readonly)

The username used to login to the NSC



487
488
489
# File 'lib/nexpose.rb', line 487

def username
  @username
end

Instance Method Details

#download(url) ⇒ Object

Download a specific URL



532
533
534
535
536
537
538
539
540
# File 'lib/nexpose.rb', line 532

def download(url)
	uri = URI.parse(url)
	http = Net::HTTP.new(@host, @port)
	http.use_ssl = true
	http.verify_mode = OpenSSL::SSL::VERIFY_NONE            # XXX: security issue
	headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
	resp, data = http.get(uri.path, headers)
	data
end

#execute(xml) ⇒ Object

Execute an API request



527
528
529
# File 'lib/nexpose.rb', line 527

def execute(xml)
	APIRequest.execute(url,xml.to_s)
end

#loginObject

Establish a new connection and Session ID



505
506
507
508
509
510
511
512
513
514
515
# File 'lib/nexpose.rb', line 505

def 
	begin
		r = execute(make_xml('LoginRequest', { 'sync-id' => 0, 'password' => @password, 'user-id' => @username }))
	rescue APIError
		raise AuthenticationFailed.new(r)
	end
	if(r.success)
		@session_id = r.sid
		return true
	end
end

#logoutObject

Logout of the current connection

Raises:



518
519
520
521
522
523
524
# File 'lib/nexpose.rb', line 518

def logout
	r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
	if(r.success)
		return true
	end
	raise APIError.new(r, 'Logout failed')
end