Class: Nexpose::Connection

Inherits:
Object
  • Object
show all
Includes:
NexposeAPI, XMLUtils
Defined in:
lib/nexpose/connection.rb

Overview

Description

Object that represents a connection to a Nexpose Security Console.

Examples

# Create a new Nexpose Connection on the default port
nsc = Connection.new('10.1.40.10', 'nxadmin', 'password')

# Login to NSC and Establish a Session ID
nsc.

# Check Session ID
if nsc.session_id
    puts 'Login Successful'
else
    puts 'Login Failure'
end

# //Logout
logout_success = nsc.logout

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from NexposeAPI

#asset_group_delete, #asset_groups, #console_command, #create_multi_tenant_user, #create_silo, #create_silo_profile, #create_ticket, #delete_engine, #delete_mtu, #delete_report, #delete_report_config, #delete_silo, #delete_silo_profile, #delete_ticket, #delete_tickets, #device_delete, #engine_activity, #generate_report, #get_report_config, #get_report_template, #last_report, #last_scan, #list_engines, #list_mtu, #list_silo_profiles, #list_silos, #list_users, #report_history, #report_listing, #report_template_listing, #restart, #role_delete, #role_listing, #scan_activity, #scan_pause, #scan_resume, #scan_statistics, #scan_status, #scan_stop, #send_log, #site_delete, #site_device_listing, #site_device_scan_start, #site_listing, #site_scan_history, #start_update, #system_information, #ticket_listing, #vuln_details, #vuln_exception_approve, #vuln_exception_create, #vuln_exception_delete, #vuln_exception_listing, #vuln_exception_recall, #vuln_exception_reject, #vuln_exception_resubmit, #vuln_exception_update_comment, #vuln_exception_update_expiration_date, #vuln_listing

Methods included from XMLUtils

#make_xml, #parse_xml

Constructor Details

#initialize(ip, user, pass, port = 3780, silo_id = nil) ⇒ Connection

Constructor for Connection



46
47
48
49
50
51
52
53
54
 
# File 'lib/nexpose/connection.rb', line 46

def initialize(ip, user, pass, port = 3780, silo_id = nil)
  @host = ip
  @port = port
  @username = user
  @password = pass
  @silo_id = silo_id
  @session_id = nil
  @url = "https://#{@host}:#{@port}/api/API_VERSION/xml"
end

Instance Attribute Details

#hostObject (readonly)

The hostname or IP Address of the NSC



30
31
32
 
# File 'lib/nexpose/connection.rb', line 30

def host
  @host
end

#passwordObject (readonly)

The password used to login to the NSC



36
37
38
 
# File 'lib/nexpose/connection.rb', line 36

def password
  @password
end

#portObject (readonly)

The port of the NSC (default is 3780)



32
33
34
 
# File 'lib/nexpose/connection.rb', line 32

def port
  @port
end

#request_xmlObject (readonly)

The last XML request sent by this object, useful for debugging.



41
42
43
 
# File 'lib/nexpose/connection.rb', line 41

def request_xml
  @request_xml
end

#response_xmlObject (readonly)

The last XML response received by this object, useful for debugging.



43
44
45
 
# File 'lib/nexpose/connection.rb', line 43

def response_xml
  @response_xml
end

#session_idObject (readonly)

Session ID of this connection



28
29
30
 
# File 'lib/nexpose/connection.rb', line 28

def session_id
  @session_id
end

#urlObject (readonly)

The URL for communication



38
39
40
 
# File 'lib/nexpose/connection.rb', line 38

def url
  @url
end

#usernameObject (readonly)

The username used to login to the NSC



34
35
36
 
# File 'lib/nexpose/connection.rb', line 34

def username
  @username
end

Instance Method Details

#download(url, file_name = nil) ⇒ Object

Download a specific URL, typically a report. Include an optional file_name parameter to write the output to a file.

Note: XML and HTML reports have charts not downloaded by this method.

Would need to do something more sophisticated to grab
all the associated image files.



97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'lib/nexpose/connection.rb', line 97

def download(url, file_name = nil)
  return nil if url.nil? or url.empty?
  uri = URI.parse(url)
  http = Net::HTTP.new(@host, @port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE # XXX: security issue
  headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
  resp = http.get(uri.to_s, headers)

  if file_name
    File.open(file_name, 'w') { |file| file.write(resp.body) }
  else
    resp.body
  end
end

#execute(xml, version = '1.1') ⇒ Object

Execute an API request



83
84
85
86
87
88
89
 
# File 'lib/nexpose/connection.rb', line 83

def execute(xml, version = '1.1')
  @request_xml = xml.to_s
  @api_version = version
  response = APIRequest.execute(@url, @request_xml, @api_version)
  @response_xml = response.raw_response_data
  response
end

#loginObject

Establish a new connection and Session ID



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'lib/nexpose/connection.rb', line 57

def 
  begin
     = {'sync-id' => 0, 'password' => @password, 'user-id' => @username}
    unless @silo_id.nil?
      ['silo-id'] = @silo_id
    end
    r = execute(make_xml('LoginRequest', ))
  rescue APIError
    raise AuthenticationFailed.new(r)
  end
  if (r.success)
    @session_id = r.sid
    true
  end
end

#logoutObject

Logout of the current connection

Raises:



74
75
76
77
78
79
80
 
# File 'lib/nexpose/connection.rb', line 74

def logout
  r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
  if (r.success)
    return true
  end
  raise APIError.new(r, 'Logout failed')
end