Class: Nexpose::Connection

Inherits:
Object
  • Object
show all
Includes:
NexposeAPI, XMLUtils
Defined in:
lib/nexpose/connection.rb

Overview

Description

Object that represents a connection to a Nexpose Security Console.

Examples

# Create a new Nexpose Connection on the default port
nsc = Connection.new('10.1.40.10', 'nxadmin', 'password')

# Login to NSC and Establish a Session ID
nsc.

# Check Session ID
if nsc.session_id
    puts 'Login Successful'
else
    puts 'Login Failure'
end

# //Logout
logout_success = nsc.logout
if (! logout_success)
    puts "Logout Failure" + "<p>" + nsc.error_msg.to_s
end

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from NexposeAPI

#asset_group_config, #asset_group_delete, #asset_groups_listing, #console_command, #create_multi_tenant_user, #create_silo, #create_silo_profile, #create_ticket, #delete_engine, #delete_mtu, #delete_report, #delete_report_config, #delete_silo, #delete_silo_profile, #delete_ticket, #device_delete, #generate_report, #get_report_config, #get_report_template, #last_report, #list_mtu, #list_silo_profiles, #list_silos, #list_users, #report_history, #report_listing, #report_template_listing, #restart, #role_listing, #scan_activity, #scan_pause, #scan_resume, #scan_statistics, #scan_status, #scan_stop, #send_log, #site_delete, #site_device_listing, #site_device_scan_start, #site_listing, #site_scan_history, #start_update, #system_information, #vuln_exception_approve, #vuln_exception_create, #vuln_exception_delete, #vuln_exception_recall, #vuln_exception_reject, #vuln_exception_resubmit, #vuln_exception_update_comment, #vuln_exception_update_expiration_date, #vuln_listing

Methods included from XMLUtils

#make_xml, #parse_xml

Constructor Details

#initialize(ip, user, pass, port = 3780, silo_id = nil) ⇒ Connection

Constructor for Connection



52
53
54
55
56
57
58
59
60
61
 
# File 'lib/nexpose/connection.rb', line 52

def initialize(ip, user, pass, port = 3780, silo_id = nil)
  @host = ip
  @port = port
  @username = user
  @password = pass
  @silo_id = silo_id
  @session_id = nil
  @error = false
  @url = "https://#{@host}:#{@port}/api/API_VERSION/xml"
end

Instance Attribute Details

#errorObject (readonly)

true if an error condition exists; false otherwise



31
32
33
 
# File 'lib/nexpose/connection.rb', line 31

def error
  @error
end

#error_msgObject (readonly)

Error message string



33
34
35
 
# File 'lib/nexpose/connection.rb', line 33

def error_msg
  @error_msg
end

#hostObject (readonly)

The hostname or IP Address of the NSC



41
42
43
 
# File 'lib/nexpose/connection.rb', line 41

def host
  @host
end

#passwordObject (readonly)

The password used to login to the NSC



47
48
49
 
# File 'lib/nexpose/connection.rb', line 47

def password
  @password
end

#portObject (readonly)

The port of the NSC (default is 3780)



43
44
45
 
# File 'lib/nexpose/connection.rb', line 43

def port
  @port
end

#request_xmlObject (readonly)

The last XML request sent by this object



35
36
37
 
# File 'lib/nexpose/connection.rb', line 35

def request_xml
  @request_xml
end

#response_xmlObject (readonly)

The last XML response received by this object



37
38
39
 
# File 'lib/nexpose/connection.rb', line 37

def response_xml
  @response_xml
end

#session_idObject (readonly)

Session ID of this connection



39
40
41
 
# File 'lib/nexpose/connection.rb', line 39

def session_id
  @session_id
end

#urlObject (readonly)

The URL for communication



49
50
51
 
# File 'lib/nexpose/connection.rb', line 49

def url
  @url
end

#usernameObject (readonly)

The username used to login to the NSC



45
46
47
 
# File 'lib/nexpose/connection.rb', line 45

def username
  @username
end

Instance Method Details

#download(url, file_name = nil) ⇒ Object

Download a specific URL, typically a report. Include an optional file_name parameter to write the output to a file.

Note: XML and HTML reports have charts not downloaded by this method.

Would need to do something more sophisticated to grab
all the associated image files.



101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
 
# File 'lib/nexpose/connection.rb', line 101

def download(url, file_name = nil)
  return nil if url.nil? or url.empty?
  uri = URI.parse(url)
  http = Net::HTTP.new(@host, @port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE # XXX: security issue
  headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
  resp = http.get(uri.path, headers)

  if file_name
    File.open(file_name, 'w') { |file| file.write(resp.body) }
  else
    resp.body
  end
end

#execute(xml, version = '1.1') ⇒ Object

Execute an API request



90
91
92
93
 
# File 'lib/nexpose/connection.rb', line 90

def execute(xml, version = '1.1')
  @api_version = version
  APIRequest.execute(@url, xml.to_s, @api_version)
end

#loginObject

Establish a new connection and Session ID



64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# File 'lib/nexpose/connection.rb', line 64

def 
  begin
     = {'sync-id' => 0, 'password' => @password, 'user-id' => @username}
    unless @silo_id.nil?
      ['silo-id'] = @silo_id
    end
    r = execute(make_xml('LoginRequest', ))
  rescue APIError
    raise AuthenticationFailed.new(r)
  end
  if (r.success)
    @session_id = r.sid
    true
  end
end

#logoutObject

Logout of the current connection

Raises:



81
82
83
84
85
86
87
 
# File 'lib/nexpose/connection.rb', line 81

def logout
  r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
  if (r.success)
    return true
  end
  raise APIError.new(r, 'Logout failed')
end