Class: Nexpose::Connection

Inherits:

Object

• Object
• Nexpose::Connection

Includes:

NexposeAPI, XMLUtils

Defined in:

lib/nexpose.rb

Overview

Description

Object that represents a connection to a NeXpose Security Console.

Examples

# Create a new Nexpose Connection on the default port
nsc = Connection.new("10.1.40.10","nxadmin","password")

# Login to NSC and Establish a Session ID
nsc.login()

# Check Session ID
if (nsc.session_id)
    puts "Login Successful"
else
    puts "Login Failure"
end

# //Logout
logout_success = nsc.logout()
if (! logout_success)
    puts "Logout Failure" + "<p>" + nsc.error_msg.to_s
end

Instance Attribute Summary

• #error ⇒ Object readonly

  true if an error condition exists; false otherwise.

• #error_msg ⇒ Object readonly

  Error message string.

• #host ⇒ Object readonly

  The hostname or IP Address of the NSC.

• #password ⇒ Object readonly

  The password used to login to the NSC.

• #port ⇒ Object readonly

  The port of the NSC (default is 3780).

• #request_xml ⇒ Object readonly

  The last XML request sent by this object.

• #response_xml ⇒ Object readonly

  The last XML response received by this object.

• #session_id ⇒ Object readonly

  Session ID of this connection.

• #url ⇒ Object readonly

  The URL for communication.

• #username ⇒ Object readonly

  The username used to login to the NSC.

Instance Method Summary

• #download(url) ⇒ Object

  Download a specific URL.

• #execute(xml) ⇒ Object

  Execute an API request.

• #initialize(ip, user, pass, port = 3780) ⇒ Connection constructor

  Constructor for Connection.

• #login ⇒ Object

  Establish a new connection and Session ID.

• #logout ⇒ Object

  Logout of the current connection.

Methods included from NexposeAPI

#asset_group_config, #asset_group_delete, #asset_groups_listing, #console_command, #device_delete, #make_xml, #report_config_delete, #report_delete, #report_generate, #report_history, #report_last, #report_template_listing, #scan_activity, #scan_statistics, #scan_status, #scan_stop, #site_delete, #site_device_listing, #site_device_scan_start, #site_listing, #site_scan_history, #system_information

Methods included from XMLUtils

#parse_xml

Constructor Details

#initialize(ip, user, pass, port = 3780) ⇒ Connection

Constructor for Connection

# File 'lib/nexpose.rb', line 620

def initialize(ip, user, pass, port = 3780)
	@host = ip
	@port = port
	@username = user
	@password = pass
	@session_id = nil
	@error = false
	@url = "https://#{@host}:#{@port}/api/1.1/xml"
end

Instance Attribute Details

#error ⇒ Object (readonly)

true if an error condition exists; false otherwise

# File 'lib/nexpose.rb', line 599

def error
  @error
end

#error_msg ⇒ Object (readonly)

Error message string

# File 'lib/nexpose.rb', line 601

def error_msg
  @error_msg
end

#host ⇒ Object (readonly)

The hostname or IP Address of the NSC

# File 'lib/nexpose.rb', line 609

def host
  @host
end

#password ⇒ Object (readonly)

The password used to login to the NSC

# File 'lib/nexpose.rb', line 615

def password
  @password
end

#port ⇒ Object (readonly)

The port of the NSC (default is 3780)

# File 'lib/nexpose.rb', line 611

def port
  @port
end

#request_xml ⇒ Object (readonly)

The last XML request sent by this object

# File 'lib/nexpose.rb', line 603

def request_xml
  @request_xml
end

#response_xml ⇒ Object (readonly)

The last XML response received by this object

# File 'lib/nexpose.rb', line 605

def response_xml
  @response_xml
end

#session_id ⇒ Object (readonly)

Session ID of this connection

# File 'lib/nexpose.rb', line 607

def session_id
  @session_id
end

#url ⇒ Object (readonly)

The URL for communication

# File 'lib/nexpose.rb', line 617

def url
  @url
end

#username ⇒ Object (readonly)

The username used to login to the NSC

# File 'lib/nexpose.rb', line 613

def username
  @username
end

Instance Method Details

#download(url) ⇒ Object

Download a specific URL

# File 'lib/nexpose.rb', line 658

def download(url)
	uri = URI.parse(url)
	http = Net::HTTP.new(@host, @port)
	http.use_ssl = true
	http.verify_mode = OpenSSL::SSL::VERIFY_NONE            # XXX: security issue
	headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
	resp, data = http.get(uri.path, headers)
	data
end

#execute(xml) ⇒ Object

Execute an API request

# File 'lib/nexpose.rb', line 653

def execute(xml)
	APIRequest.execute(url,xml.to_s)
end

#login ⇒ Object

Establish a new connection and Session ID

# File 'lib/nexpose.rb', line 631

def login
	begin
		r = execute(make_xml('LoginRequest', { 'sync-id' => 0, 'password' => @password, 'user-id' => @username }))
	rescue APIError
		raise AuthenticationFailed.new(r)
	end
	if(r.success)
		@session_id = r.sid
		return true
	end
end

#logout ⇒ Object

Logout of the current connection

Raises:

• (APIError)

# File 'lib/nexpose.rb', line 644

def logout
	r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
	if(r.success)
		return true
	end
	raise APIError.new(r, 'Logout failed')
end