Class: Nexpose::SiteCredentials

Inherits:
Credential show all
Defined in:
lib/nexpose/site_credentials.rb

Overview

Object that represents administrative credentials to be used during a scan. When retrieved from an existing site configuration the credentials will be returned as a security blob and can only be passed back as is during a Site Save operation. This object can only be used to create a new set of credentials.

Constant Summary

Constants inherited from Credential

Credential::DEFAULT_PORTS

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Credential

#_to_param, #set_as400_service, #set_cifs_service, #set_cifshash_service, #set_cvs_service, #set_db2_service, #set_ftp_service, #set_http_service, #set_mysql_service, #set_notes_service, #set_oracle_service, #set_pop_service, #set_postgresql_service, #set_remote_execution_service, #set_snmp_service, #set_snmpv3_service, #set_ssh_key_service, #set_ssh_service, #set_sybase_service, #set_tds_service, #set_telnet_service, #test

Methods inherited from APIObject

#object_from_hash

Instance Attribute Details

#authentication_typeObject

The authentication type to use with SNMP v3 credentials



39
40
41
 
# File 'lib/nexpose/site_credentials.rb', line 39

def authentication_type
  @authentication_type
end

#community_nameObject

for snmp v1/v2



55
56
57
 
# File 'lib/nexpose/site_credentials.rb', line 55

def community_name
  @community_name
end

#databaseObject

database of the service



30
31
32
 
# File 'lib/nexpose/site_credentials.rb', line 30

def database
  @database
end

#descriptionObject

the description of credential



26
27
28
 
# File 'lib/nexpose/site_credentials.rb', line 26

def description
  @description
end

#domainObject

domain of the service



28
29
30
 
# File 'lib/nexpose/site_credentials.rb', line 28

def domain
  @domain
end

#enabledObject

is this credential enable on site or not.



24
25
26
 
# File 'lib/nexpose/site_credentials.rb', line 24

def enabled
  @enabled
end

#host_restrictionObject

The host for these credentials.



16
17
18
 
# File 'lib/nexpose/site_credentials.rb', line 16

def host_restriction
  @host_restriction
end

#idObject

Unique identifier of the credential on the Nexpose console.



12
13
14
 
# File 'lib/nexpose/site_credentials.rb', line 12

def id
  @id
end

#nameObject

The name



22
23
24
 
# File 'lib/nexpose/site_credentials.rb', line 22

def name
  @name
end

#notes_id_passwordObject

the notes password



47
48
49
 
# File 'lib/nexpose/site_credentials.rb', line 47

def notes_id_password
  @notes_id_password
end

#passwordObject

The password



20
21
22
 
# File 'lib/nexpose/site_credentials.rb', line 20

def password
  @password
end

#pem_format_private_keyObject

for ssh public key require pem format private key



53
54
55
 
# File 'lib/nexpose/site_credentials.rb', line 53

def pem_format_private_key
  @pem_format_private_key
end

#permission_elevation_passwordObject

The password to use when escalating privileges (optional)



37
38
39
 
# File 'lib/nexpose/site_credentials.rb', line 37

def permission_elevation_password
  @permission_elevation_password
end

#permission_elevation_typeObject

The type of privilege escalation to use (sudo/su) Permission elevation type. See Nexpose::Credential::ElevationType.



33
34
35
 
# File 'lib/nexpose/site_credentials.rb', line 33

def permission_elevation_type
  @permission_elevation_type
end

#permission_elevation_userObject

The userid to use when escalating privileges (optional)



35
36
37
 
# File 'lib/nexpose/site_credentials.rb', line 35

def permission_elevation_user
  @permission_elevation_user
end

#port_restrictionObject

The port on which to use these credentials.



18
19
20
 
# File 'lib/nexpose/site_credentials.rb', line 18

def port_restriction
  @port_restriction
end

#privacy_passwordObject

The privacy/encryption pass phrase to use with SNMP v3 credentials



43
44
45
 
# File 'lib/nexpose/site_credentials.rb', line 43

def privacy_password
  @privacy_password
end

#privacy_typeObject

The privacy/encryption type to use with SNMP v3 credentials



41
42
43
 
# File 'lib/nexpose/site_credentials.rb', line 41

def privacy_type
  @privacy_type
end

#scopeObject

scope of credential



57
58
59
 
# File 'lib/nexpose/site_credentials.rb', line 57

def scope
  @scope
end

#serviceObject

The service for these credentials.



14
15
16
 
# File 'lib/nexpose/site_credentials.rb', line 14

def service
  @service
end

#sidObject

sid for oracle



51
52
53
 
# File 'lib/nexpose/site_credentials.rb', line 51

def sid
  @sid
end

#use_windows_authObject

use windows auth



49
50
51
 
# File 'lib/nexpose/site_credentials.rb', line 49

def use_windows_auth
  @use_windows_auth
end

#user_nameObject

the user name to be used in service



45
46
47
 
# File 'lib/nexpose/site_credentials.rb', line 45

def user_name
  @user_name
end

Class Method Details

.copy(siteCredential) ⇒ SiteCredentials

Copy an existing configuration from a site credential. Returned object will reset the credential ID and append “Copy” to the existing name.

Parameters:

  • site (siteCredential)

    credential to be copied.

Returns:



97
98
99
100
101
102
 
# File 'lib/nexpose/site_credentials.rb', line 97

def self.copy(connection, site_id, credential_id)
  siteCredential = self.load(connection, site_id, credential_id)
  siteCredential.id = -1
  siteCredential.name = "#{siteCredential.name} Copy"
  siteCredential
end

.for_service(name, id = -1,, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS) ⇒ Object

Create a credential object using name, id, description, host and port



60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'lib/nexpose/site_credentials.rb', line 60

def self.for_service(name, id = -1, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS)
  cred = new
  cred.name = name
  cred.id = id.to_i
  cred.enabled = true
  cred.description = desc
  cred.host_restriction = host
  cred.port_restriction = port
  cred.service = service
  cred.scope = Credential::Scope::SITE_SPECIFIC
  cred.permission_elevation_type = Credential::ElevationType::NONE
  cred
end

.load(nsc, site_id, credential_id) ⇒ SiteCredential

Load an credential from the provided console.

Parameters:

  • nsc (Connection)

    Active connection to a Nexpose console.

  • id (String)

    Unique identifier of an site.

  • id (String)

    Unique identifier of an credential.

Returns:

  • (SiteCredential)

    The requested credential of site, if found.



81
82
83
84
85
86
 
# File 'lib/nexpose/site_credentials.rb', line 81

def self.load(nsc, site_id, credential_id)
  uri = "/api/2.1/sites/#{site_id}/credentials/#{credential_id}"
  resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
  hash = JSON.parse(resp, symbolize_names: true)
  new.object_from_hash(nsc, hash)
end

Instance Method Details

#==(other) ⇒ Object 



148
149
150
 
# File 'lib/nexpose/site_credentials.rb', line 148

def ==(other)
  eql?(other)
end

#eql?(other) ⇒ Boolean

Returns:

  • (Boolean) 


152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
 
# File 'lib/nexpose/site_credentials.rb', line 152

def eql?(other)
  id.eql?(other.id) &&
  service.eql?(other.service) &&
  host_restriction.eql?(other.host_restriction) &&
  port_restriction.eql?(other.port_restriction) &&
  password.eql?(other.password) &&
  name.eql?(other.name) &&
  enabled.eql?(other.enabled) &&
  description.eql?(other.description) &&
  domain.eql?(other.domain) &&
  database.eql?(other.database) &&
  permission_elevation_type.eql?(other.permission_elevation_type) &&
  permission_elevation_user.eql?(other.permission_elevation_user) &&
  permission_elevation_password.eql?(other.permission_elevation_password) &&
  authentication_type.eql?(other.authentication_type) &&
  privacy_type.eql?(other.privacy_type) &&
  privacy_password.eql?(other.privacy_password) &&
  user_name.eql?(other.user_name) &&
  notes_id_password.eql?(other.notes_id_password) &&
  use_windows_auth.eql?(other.use_windows_auth) &&
  sid.eql?(other.sid) &&
  pem_format_private_key.eql?(other.pem_format_private_key) &&
  community_name.eql?(other.community_name) &&
  scope.eql?(other.scope)
end

#to_hObject 



121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
# File 'lib/nexpose/site_credentials.rb', line 121

def to_h
  { id: id,
    service: service,
    host_restriction: host_restriction,
    port_restriction: port_restriction,
    password: password,
    name: name,
    enabled: enabled,
    description: description,
    domain: domain,
    database: database,
    permission_elevation_type: permission_elevation_type,
    permission_elevation_user: permission_elevation_user,
    permission_elevation_password: permission_elevation_password,
    authentication_type: authentication_type,
    privacy_type: privacy_type,
    privacy_password: privacy_password,
    user_name: user_name,
    notes_id_password: notes_id_password,
    use_windows_auth: use_windows_auth,
    sid: sid,
    pem_format_private_key: pem_format_private_key,
    community_name: community_name,
    scope: scope
  }
end

#to_jsonObject 



117
118
119
 
# File 'lib/nexpose/site_credentials.rb', line 117

def to_json
  JSON.generate(to_h)
end