Class: Nexpose::AdminCredentials

Inherits:

Object

• Object
• Nexpose::AdminCredentials

Includes:

Comparable, XMLUtils

Defined in:

lib/nexpose/creds.rb

Overview

Object that represents administrative credentials to be used during a scan. When retrieved from an existing site configuration the credentials will be returned as a security blob and can only be passed back as is during a Site Save operation. This object can only be used to create a new set of credentials.

Instance Attribute Summary

• #headers ⇒ Object

  When using httpheaders, this represents the set of headers to pass with the authentication request.

• #host ⇒ Object

  The host for these credentials.

• #html_forms ⇒ Object

  When using htmlforms, this represents the tho form to pass the authentication request to.

• #isblob ⇒ Object

  Designates if this object contains user defined credentials or a security blob.

• #password ⇒ Object

  The password.

• #port ⇒ Object

  The port on which to use these credentials.

• #priv_password ⇒ Object

  The password to use when escalating privileges (optional).

• #priv_type ⇒ Object

  The type of privilege escalation to use (sudo/su).

• #priv_username ⇒ Object

  The userid to use when escalating privileges (optional).

• #realm ⇒ Object

  The realm for these credentials.

• #securityblob ⇒ Object

  Security blob for an existing set of credentials.

• #service ⇒ Object

  The service for these credentials.

• #userid ⇒ Object

  The user id or username.

Class Method Summary

• .for_service(service, user, password, realm = nil, host = nil, port = nil) ⇒ Object

Instance Method Summary

• #<=>(other) ⇒ Object
• #eql?(other) ⇒ Boolean
• #hash ⇒ Object
• #initialize(isblob = false) ⇒ AdminCredentials constructor

  A new instance of AdminCredentials.

• #set_blob(securityblob) ⇒ Object

  Credentials fetched from the API are encrypted into a securityblob.

• #set_credentials(service, host, port, userid, password, realm) ⇒ Object

  Sets the credentials information for this object.

• #set_headers(headers) ⇒ Object

  Add Headers to credentials for httpheaders.

• #set_host(host) ⇒ Object
• #set_html_forms(html_forms) ⇒ Object
• #set_privilege_credentials(type, username, password) ⇒ Object

  Sets privilege escalation credentials.

• #set_service(service) ⇒ Object

  The name of the service.

• #to_xml ⇒ Object
• #to_xml_elem ⇒ Object

Methods included from XMLUtils

#make_xml, #parse_xml

Constructor Details

#initialize(isblob = false) ⇒ AdminCredentials

Returns a new instance of AdminCredentials.

# File 'lib/nexpose/creds.rb', line 40

def initialize(isblob = false)
  @isblob = isblob
end

Instance Attribute Details

#headers ⇒ Object

When using httpheaders, this represents the set of headers to pass with the authentication request.

# File 'lib/nexpose/creds.rb', line 29

def headers
  @headers
end

#host ⇒ Object

The host for these credentials. Can be Any.

# File 'lib/nexpose/creds.rb', line 18

def host
  @host
end

#html_forms ⇒ Object

When using htmlforms, this represents the tho form to pass the authentication request to.

# File 'lib/nexpose/creds.rb', line 32

def html_forms
  @html_forms
end

#isblob ⇒ Object

Designates if this object contains user defined credentials or a security blob

# File 'lib/nexpose/creds.rb', line 14

def isblob
  @isblob
end

#password ⇒ Object

The password

# File 'lib/nexpose/creds.rb', line 24

def password
  @password
end

#port ⇒ Object

The port on which to use these credentials.

# File 'lib/nexpose/creds.rb', line 20

def port
  @port
end

#priv_password ⇒ Object

The password to use when escalating privileges (optional)

# File 'lib/nexpose/creds.rb', line 38

def priv_password
  @priv_password
end

#priv_type ⇒ Object

The type of privilege escalation to use (sudo/su)

# File 'lib/nexpose/creds.rb', line 34

def priv_type
  @priv_type
end

#priv_username ⇒ Object

The userid to use when escalating privileges (optional)

# File 'lib/nexpose/creds.rb', line 36

def priv_username
  @priv_username
end

#realm ⇒ Object

The realm for these credentials

# File 'lib/nexpose/creds.rb', line 26

def realm
  @realm
end

#securityblob ⇒ Object

Security blob for an existing set of credentials

# File 'lib/nexpose/creds.rb', line 12

def securityblob
  @securityblob
end

#service ⇒ Object

The service for these credentials. Can be All.

# File 'lib/nexpose/creds.rb', line 16

def service
  @service
end

#userid ⇒ Object

The user id or username

# File 'lib/nexpose/creds.rb', line 22

def userid
  @userid
end

Class Method Details

.for_service(service, user, password, realm = nil, host = nil, port = nil) ⇒ Object

# File 'lib/nexpose/creds.rb', line 56

def self.for_service(service, user, password, realm = nil, host = nil, port = nil)
  cred = new
  cred.service = service
  cred.userid = user
  cred.password = password
  cred.realm = realm
  cred.host = host
  cred.port = port
  cred
end

Instance Method Details

#<=>(other) ⇒ Object

# File 'lib/nexpose/creds.rb', line 129

def <=>(other)
  to_xml <=> other.to_xml
end

#eql?(other) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/nexpose/creds.rb', line 133

def eql?(other)
  to_xml == other.to_xml
end

#hash ⇒ Object

# File 'lib/nexpose/creds.rb', line 137

def hash
  to_xml.hash
end

#set_blob(securityblob) ⇒ Object

Credentials fetched from the API are encrypted into a securityblob. If you want to use those credentials on a different site, copy the blob into the credential.

# File 'lib/nexpose/creds.rb', line 88

def set_blob(securityblob)
  @isblob = true
  @securityblob = securityblob
end

#set_credentials(service, host, port, userid, password, realm) ⇒ Object

Sets the credentials information for this object.

# File 'lib/nexpose/creds.rb', line 45

def set_credentials(service, host, port, userid, password, realm)
  @isblob = false
  @securityblob = nil
  @service = service
  @host = host
  @port = port
  @userid = userid
  @password = password
  @realm = realm
end

#set_headers(headers) ⇒ Object

Add Headers to credentials for httpheaders.

# File 'lib/nexpose/creds.rb', line 94

def set_headers(headers)
  @headers = headers
end

#set_host(host) ⇒ Object

# File 'lib/nexpose/creds.rb', line 81

def set_host(host)
  @host = host
end

#set_html_forms(html_forms) ⇒ Object

# File 'lib/nexpose/creds.rb', line 98

def set_html_forms(html_forms)
  @html_forms = html_forms
end

#set_privilege_credentials(type, username, password) ⇒ Object

Sets privilege escalation credentials. Type should be either sudo/su.

# File 'lib/nexpose/creds.rb', line 69

def set_privilege_credentials(type, username, password)
  @priv_type = type
  @priv_username = username
  @priv_password = password
end

#set_service(service) ⇒ Object

The name of the service. Possible values are outlined in the Nexpose API docs.

# File 'lib/nexpose/creds.rb', line 77

def set_service(service)
  @service = service
end

#to_xml ⇒ Object

# File 'lib/nexpose/creds.rb', line 102

def to_xml
  to_xml_elem.to_s
end

#to_xml_elem ⇒ Object

# File 'lib/nexpose/creds.rb', line 106

def to_xml_elem
  attributes = {}

  attributes['service'] = @service
  attributes['userid'] = @userid
  attributes['password'] = @password
  attributes['realm'] = @realm
  attributes['host'] = @host
  attributes['port'] = @port

  attributes['privilegeelevationtype'] = @priv_type if @priv_type
  attributes['privilegeelevationusername'] = @priv_username if @priv_username
  attributes['privilegeelevationpassword'] = @priv_password if @priv_password

  data = isblob ? securityblob : ''
  xml = make_xml('adminCredentials', attributes, data)
  xml.add_element(@headers.to_xml_elem) if @headers
  xml.add_element(@html_forms.to_xml_elem) if @html_forms
  xml
end