Class: Nexpose::ScanTemplate

Inherits:
Object
  • Object
show all
Includes:
Sanitize
Defined in:
lib/nexpose/scan_template.rb

Overview

Configuration object for a scan template.

The constructor is designed to take a valid XML representation of a scan template. If you wish to create a new scan template from scratch, use the #load method without a template ID. If you wish to copy and modify an existing template, use the #copy method.

This class is only a partial representation of some of the features available for configuration.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Sanitize

#replace_entities

Constructor Details

#initialize(xml) ⇒ ScanTemplate

Returns a new instance of ScanTemplate.

Parameters:

  • xml (String)

    XML representation of a scan template.



55
56
57
# File 'lib/nexpose/scan_template.rb', line 55

def initialize(xml)
  @xml = REXML::Document.new(xml)
end

Instance Attribute Details

#xmlObject (readonly)

Parsed XML of a scan template.



52
53
54
# File 'lib/nexpose/scan_template.rb', line 52

def xml
  @xml
end

Class Method Details

.copy(nsc, id) ⇒ ScanTemplate

Copy an existing scan template, changing the id and title.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • id (String)

    Unique identifier of an existing scan template.

Returns:

  • (ScanTemplate)

    A copy of the requested scan template configuration.



528
529
530
531
532
533
# File 'lib/nexpose/scan_template.rb', line 528

def self.copy(nsc, id)
  dupe = load(nsc, id)
  dupe.id = '#NewScanTemplate#'
  dupe.name = "#{dupe.name} Copy"
  dupe
end

.load(nsc, id = nil) ⇒ ScanTemplate

Load a scan template.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • id (String) (defaults to: nil)

    Unique identifier of an existing scan template. If no ID is provided, a blank, base template will be returned.

Returns:

  • (ScanTemplate)

    The requested scan template configuration.



512
513
514
515
516
517
518
519
520
# File 'lib/nexpose/scan_template.rb', line 512

def self.load(nsc, id = nil)
  if id
    response = JSON.parse(AJAX.get(nsc, "/data/scan/templates/#{URI.encode(id)}"))
    xml = response['value']
  else
    xml = AJAX.get(nsc, '/data/scan-template')
  end
  new(xml)
end

Instance Method Details

#_disable_check(check, elem) ⇒ Object



420
421
422
423
424
425
# File 'lib/nexpose/scan_template.rb', line 420

def _disable_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
  disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
  disabled_checks.add_element(elem, { 'name' => check })
end

#_enable_check(check, elem) ⇒ Object



413
414
415
416
417
418
# File 'lib/nexpose/scan_template.rb', line 413

def _enable_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
  enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
  enabled_checks.add_element(elem, { 'name' => check })
end

#_remove_check(check, elem) ⇒ Object



427
428
429
430
431
# File 'lib/nexpose/scan_template.rb', line 427

def _remove_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
  checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
end

#aces_enabled?Boolean

Returns whether asset configuration scanning is enabled for this template.

Returns:

  • (Boolean)

    whether asset configuration scanning is enabled for this template.



577
578
579
# File 'lib/nexpose/scan_template.rb', line 577

def aces_enabled?
  return 'full' == aces_level
end

#aces_levelString

Returns the asset configuration logging value for this template.

Returns:

  • (String)

    the asset configuration logging value for this template.



567
568
569
570
571
572
573
# File 'lib/nexpose/scan_template.rb', line 567

def aces_level
  logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
  return 'default' if logging.nil?
  aces = REXML::XPath.first(logging, 'aces')
  return 'default' if aces.nil?
  return aces.attributes['level']
end

#aces_level=(level) ⇒ Object

Enable or disable asset configuration scanning for this template. If the level is not “full”, “default” or “none”, this is a no-op.

Parameters:

  • "full" (String)

    to enable asset configuration logging, and “default” or “none” to disable it.



549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
# File 'lib/nexpose/scan_template.rb', line 549

def aces_level=(level)
  return if level.nil?
  return unless ['full', 'default', 'none'].include? level.downcase
  logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
  if (logging.nil?)
    logging = REXML::Element.new('Logging')
    @xml.add_element(logging)
  end
  aces = REXML::XPath.first(logging, 'aces')
  if (aces.nil?)
     aces = REXML::Element.new('aces')
     logging.add_element(aces)
  end
  aces.attributes['level'] = level
end

#checks_by_categoryObject

Deprecated.


325
326
327
328
# File 'lib/nexpose/scan_template.rb', line 325

def checks_by_category
  warn "[DEPRECATED] Use #{self.class}#enabled_checks_by_category instead of #{self.class}##{__method__}"
  enabled_checks_by_category
end

#checks_by_typeObject

Deprecated.


374
375
376
377
# File 'lib/nexpose/scan_template.rb', line 374

def checks_by_type
  warn "[DEPRECATED] Use #{self.class}#enabled_checks_by_type instead of #{self.class}##{__method__}"
  enabled_checks_by_type
end

#control_scanning=(enable) ⇒ Object

Adjust whether to perform control scanning (ControlsInsight integration) with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on control scanning.



121
122
123
124
# File 'lib/nexpose/scan_template.rb', line 121

def control_scanning=(enable)
  local_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/localControlsScanEnabled')
  local_controls_scan.attributes['enabled'] = enable ? '1' : '0'
end

#control_scanning?Boolean

Returns Whether control scanning in enabled.

Returns:

  • (Boolean)

    Whether control scanning in enabled.



111
112
113
114
115
116
# File 'lib/nexpose/scan_template.rb', line 111

def control_scanning?
  global_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/globalControlsScanEnabled')
  local_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/localControlsScanEnabled')

  global_controls_scan.attributes['enabled'] == '1' || local_controls_scan.attributes['enabled'] == '1'
end

#correlate=(enable) ⇒ Object

Adjust whether to correlate reliable checks with regular checks.

Parameters:

  • enable (Boolean)

    Whether to turn on vulnerability correlation.



282
283
284
285
# File 'lib/nexpose/scan_template.rb', line 282

def correlate=(enable)
  vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  vuln_checks.attributes['correlate'] = enable ? '1' : '0'
end

#correlate?Boolean

Returns Whether to correlate reliable checks with regular checks.

Returns:

  • (Boolean)

    Whether to correlate reliable checks with regular checks.



275
276
277
278
# File 'lib/nexpose/scan_template.rb', line 275

def correlate?
  vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  vuln_checks.attributes['correlate'] == '1'
end

#delete(nsc) ⇒ Object

Delete this scan template from the console. Cannot be used to delete a built-in template.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.



540
541
542
# File 'lib/nexpose/scan_template.rb', line 540

def delete(nsc)
  nsc.delete_scan_template(id)
end

#descriptionString

Returns Description of this scan template.

Returns:

  • (String)

    Description of this scan template.



91
92
93
94
# File 'lib/nexpose/scan_template.rb', line 91

def description
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  desc.nil? ? nil : desc.text.to_s
end

#description=(description) ⇒ Object

Assign a description to this scan template. Require attribute.

Parameters:

  • description (String)

    Description of the scan template.



98
99
100
101
102
103
104
105
106
107
108
# File 'lib/nexpose/scan_template.rb', line 98

def description=(description)
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  if desc
    desc.text = replace_entities(description)
  else
    root = REXML::XPath.first(xml, 'ScanTemplate')
    desc = REXML::Element.new('templateDescription')
    desc.add_text(description)
    root.add_element(desc)
  end
end

#disable_checks_by_category(category) ⇒ Object

Disable checks by category for this template.

Parameters:

  • category (String)

    Category to disable. @see #list_vuln_categories



351
352
353
# File 'lib/nexpose/scan_template.rb', line 351

def disable_checks_by_category(category)
  _disable_check(category, 'VulnCategory')
end

#disable_checks_by_type(type) ⇒ Object

Disable checks by type for this template.

Parameters:

  • type (String)

    Type to disable. @see #list_vuln_types



400
401
402
# File 'lib/nexpose/scan_template.rb', line 400

def disable_checks_by_type(type)
  _disable_check(type, 'CheckType')
end

#disable_vuln_check(check_id) ⇒ Object

Disable individual check for this template.

Parameters:

  • check_id (String)

    Unique identifier of vuln check.



472
473
474
475
476
477
# File 'lib/nexpose/scan_template.rb', line 472

def disable_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Enabled/Check[@id='#{check_id}']")
  disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
  disabled_checks.add_element('Check', { 'id' => check_id })
end

#disabled_checks_by_categoryArray[String]

Get a list of the check categories disabled for this scan template.

Returns:

  • (Array[String])

    List of enabled categories.



319
320
321
322
# File 'lib/nexpose/scan_template.rb', line 319

def disabled_checks_by_category
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
  checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
end

#disabled_checks_by_typeArray[String]

Get a list of the check types disabled for this scan template.

Returns:

  • (Array[String])

    List of enabled check types.



368
369
370
371
# File 'lib/nexpose/scan_template.rb', line 368

def disabled_checks_by_type
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
  checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
end

#disabled_vuln_checksArray[String]

Get a list of the individual vuln checks disabled for this scan template.

Returns:

  • (Array[String])

    List of enabled vulnerability checks.



452
453
454
455
# File 'lib/nexpose/scan_template.rb', line 452

def disabled_vuln_checks
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
  checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
end

#enable_checks_by_category(category) ⇒ Object

Enable checks by category for this template.

Parameters:

  • category (String)

    Category to enable. @see #list_vuln_categories



343
344
345
# File 'lib/nexpose/scan_template.rb', line 343

def enable_checks_by_category(category)
  _enable_check(category, 'VulnCategory')
end

#enable_checks_by_type(type) ⇒ Object

Enable checks by type for this template.

Parameters:

  • type (String)

    Type to enable. @see #list_vuln_types



392
393
394
# File 'lib/nexpose/scan_template.rb', line 392

def enable_checks_by_type(type)
  _enable_check(type, 'CheckType')
end

#enable_debug_logging=(enable) ⇒ Object

Enable or disable the debug logging.

Parameters:

  • enable (Boolean)

    Enable or disable the debug logging.



583
584
585
586
587
588
589
590
591
592
593
594
595
596
# File 'lib/nexpose/scan_template.rb', line 583

def enable_debug_logging=(enable)
  return if enable.nil?
  logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
  if logging.nil?
    logging = REXML::Element.new('Logging')
    @xml.add_element(logging)
  end
  debug_logging = REXML::XPath.first(logging, 'debugLogging')
  if debug_logging.nil?
    debug_logging = REXML::Element.new('debugLogging')
    logging.add_element(debug_logging)
  end
  debug_logging.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_enhanced_logging=(enable) ⇒ Object

Enable or disable the enhanced logging.

Parameters:

  • enable (Boolean)

    Enable or disable the enhanced logging.



600
601
602
603
# File 'lib/nexpose/scan_template.rb', line 600

def enable_enhanced_logging=(enable)
  self.enable_debug_logging = enable
  self.aces_level = (enable ? 'full' : 'none')
end

#enable_icmp_device_discovery=(enable) ⇒ Object

Enable/disable ICMP device discovery

Parameters:

  • enable (Boolean)

    Enable or disable ICMP device discovery



196
197
198
199
# File 'lib/nexpose/scan_template.rb', line 196

def enable_icmp_device_discovery=(enable)
  icmp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/icmpHostCheck')
  icmp.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_ip_stack_fingerprinting=(enable) ⇒ Object

Enable/disable IP stack fingerprinting

Parameters:

  • enable (Boolean)

    Enable or disable IP stack fingerprinting



181
182
183
184
185
186
187
188
189
190
191
192
# File 'lib/nexpose/scan_template.rb', line 181

def enable_ip_stack_fingerprinting=(enable)
  ns = REXML::XPath.first(@xml, 'ScanTemplate/Plugins/Plugin[@name="java/NetworkScanners"]')
  param = REXML::XPath.first(ns, './param[@name="ipFingerprintEnabled"]')
  if param
    param.text = (enable ? 1 : 0)
  else
    param = REXML::Element.new('param')
    param.add_attribute('name', 'ipFingerprintEnabled')
    param.text = (enable ? 1 : 0)
    ns.add_element(param)
  end
end

#enable_tcp_device_discovery=(enable) ⇒ Object

Enable/disable TCP device discovery

Parameters:

  • enable (Boolean)

    Enable or disable TCP device discovery



203
204
205
206
# File 'lib/nexpose/scan_template.rb', line 203

def enable_tcp_device_discovery=(enable)
  tcp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/TCPHostCheck')
  tcp.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_tcp_service_discovery=(enable) ⇒ Object

Enable or disable TCP port scanning.

Parameters:

  • enable (Boolean)

    Enable or disable TCP ports



231
232
233
234
# File 'lib/nexpose/scan_template.rb', line 231

def enable_tcp_service_discovery=(enable)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/TCPPortScan')
  service_ports.attributes['mode'] = 'none' unless enable
end

#enable_udp_device_discovery=(enable) ⇒ Object

Enable/disable UDP device discovery

Parameters:

  • enable (Boolean)

    Enable or disable UDP device discovery



217
218
219
220
# File 'lib/nexpose/scan_template.rb', line 217

def enable_udp_device_discovery=(enable)
  udp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/UDPHostCheck')
  udp.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_udp_service_discovery=(enable) ⇒ Object

Enable or disable UDP service discovery

Parameters:

  • enable (Boolean)

    Enable or disable UDP service discovery



269
270
271
272
# File 'lib/nexpose/scan_template.rb', line 269

def enable_udp_service_discovery=(enable)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/UDPPortScan')
  service_ports.attributes['mode'] = 'none' unless enable
end

#enable_vuln_check(check_id) ⇒ Object

Enable individual check for this template.

Parameters:

  • check_id (String)

    Unique identifier of vuln check.



461
462
463
464
465
466
# File 'lib/nexpose/scan_template.rb', line 461

def enable_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/Check[@id='#{check_id}']")
  enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
  enabled_checks.add_element('Check', { 'id' => check_id })
end

#enabled_checks_by_categoryArray[String]

Get a list of the check categories enabled for this scan template.

Returns:

  • (Array[String])

    List of enabled categories.



334
335
336
337
# File 'lib/nexpose/scan_template.rb', line 334

def enabled_checks_by_category
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
end

#enabled_checks_by_typeArray[String]

Get a list of the check types enabled for this scan template.

Returns:

  • (Array[String])

    List of enabled check types.



383
384
385
386
# File 'lib/nexpose/scan_template.rb', line 383

def enabled_checks_by_type
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
end

#enabled_vuln_checksArray[String]

Get a list of the individual vuln checks enabled for this scan template.

Returns:

  • (Array[String])

    List of enabled vulnerability checks.



443
444
445
446
# File 'lib/nexpose/scan_template.rb', line 443

def enabled_vuln_checks
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
end

#exclude_tcp_service_discovery_ports=(ports) ⇒ Object

Exclude TCP ports during TCP service discovery

Parameters:

  • ports (Array)

    TCP ports to exclude from TCP service discovery



247
248
249
250
# File 'lib/nexpose/scan_template.rb', line 247

def exclude_tcp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/ExcludedTCPPortScan')
  REXML::XPath.first(service_ports, './portList').text = ports.join(",")
end

#exclude_udp_service_discovery_ports=(ports) ⇒ Object

Exclude UDP ports when performing UDP service discovery

Parameters:

  • ports (Array)

    UDP ports to exclude from UDP service discovery



262
263
264
265
# File 'lib/nexpose/scan_template.rb', line 262

def exclude_udp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/ExcludedUDPPortScan')
  REXML::XPath.first(service_ports, './portList').text = ports.join(",")
end

#host_threads=(threads) ⇒ Object

Adjust the number of threads to use per asset for this template

Parameters:

  • threads (Integer)

    the number of threads to use per asset



174
175
176
177
# File 'lib/nexpose/scan_template.rb', line 174

def host_threads=(threads)
  host_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/hostThreads')
  host_threads.text = threads.to_s
end

#idString

Returns Unique identifier of the scan template.

Returns:

  • (String)

    Unique identifier of the scan template.



60
61
62
63
# File 'lib/nexpose/scan_template.rb', line 60

def id
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  root.attributes['id']
end

#id=(value) ⇒ Object



65
66
67
68
# File 'lib/nexpose/scan_template.rb', line 65

def id=(value)
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  root.attributes['id'] = value
end

#nameString

Returns Name or title of this scan template.

Returns:

  • (String)

    Name or title of this scan template.



71
72
73
74
# File 'lib/nexpose/scan_template.rb', line 71

def name
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  desc.nil? ? nil : desc.attributes['title']
end

#name=(name) ⇒ Object

Assign name to this scan template. Required attribute.

Parameters:

  • name (String)

    Title to assign.



78
79
80
81
82
83
84
85
86
87
88
# File 'lib/nexpose/scan_template.rb', line 78

def name=(name)
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  if desc
    desc.attributes['title'] = replace_entities(name)
  else
    root = REXML::XPath.first(xml, 'ScanTemplate')
    desc = REXML::Element.new('templateDescription')
    desc.add_attribute('title', name)
    root.add_element(desc)
  end
end

#policy_scanning=(enable) ⇒ Object

Adjust whether to perform policy scanning with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on policy scanning.



147
148
149
150
# File 'lib/nexpose/scan_template.rb', line 147

def policy_scanning=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disablePolicyScan'] = enable ? '0' : '1'
end

#policy_scanning?Boolean

Returns Whether policy scanning in enabled.

Returns:

  • (Boolean)

    Whether policy scanning in enabled.



140
141
142
143
# File 'lib/nexpose/scan_template.rb', line 140

def policy_scanning?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disablePolicyScan'] == '0'
end

#potential_checks=(enable) ⇒ Object

Adjust whether to perform potential vulnerability checks with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on potential checks.



310
311
312
313
# File 'lib/nexpose/scan_template.rb', line 310

def potential_checks=(enable)
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['potential'] = enable ? '1' : '0'
end

#potential_checks?Boolean

Returns Whether potential vulnerability checks are performed with this template.

Returns:

  • (Boolean)

    Whether potential vulnerability checks are performed with this template.



303
304
305
306
# File 'lib/nexpose/scan_template.rb', line 303

def potential_checks?
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['potential'] == '1'
end

#remove_checks_by_category(category) ⇒ Object

Remove checks by category for this template. Removes both enabled and disabled checks.

Parameters:

  • category (String)

    Category to remove. @see #list_vuln_categories



360
361
362
# File 'lib/nexpose/scan_template.rb', line 360

def remove_checks_by_category(category)
  _remove_check(category, 'VulnCategory')
end

#remove_checks_by_type(type) ⇒ Object

Remove checks by type for this template. Removes both enabled and disabled checks.

Parameters:

  • type (String)

    Type to remove. @see #list_vuln_types



409
410
411
# File 'lib/nexpose/scan_template.rb', line 409

def remove_checks_by_type(type)
  _remove_check(type, 'CheckType')
end

#remove_vuln_check(check_id) ⇒ Object

Remove individual check for this template. Removes both enabled and disabled checks.

Parameters:

  • check_id (String)

    Unique identifier of vuln check.



484
485
486
487
488
# File 'lib/nexpose/scan_template.rb', line 484

def remove_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/Check[@id='#{check_id}']")
  checks.elements.delete("Enabled/Check[@id='#{check_id}']")
end

#save(nsc) ⇒ Object

Save this scan template configuration to a Nexpose console.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.



494
495
496
497
498
499
500
501
502
503
# File 'lib/nexpose/scan_template.rb', line 494

def save(nsc)
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  if root.attributes['id'] == '#NewScanTemplate#'
    response = JSON.parse(AJAX.post(nsc, '/data/scan/templates', xml))
    root.attributes['id'] = response['value']
  else
    response = JSON.parse(AJAX.put(nsc, "/data/scan/templates/#{URI.encode(id)}", xml))
  end
  response['value']
end

#scan_threads=(threads) ⇒ Object

Adjust the number of threads to use per scan engine for this template

Parameters:

  • threads (Integer)

    the number of threads to use per engine



167
168
169
170
# File 'lib/nexpose/scan_template.rb', line 167

def scan_threads=(threads)
  scan_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/scanThreads')
  scan_threads.text = threads.to_s
end

#tcp_device_discovery_ports=(ports) ⇒ Object

Set custom TCP ports to scan for device discovery

Parameters:

  • ports (Array)

    Ports to scan for device discovery



210
211
212
213
# File 'lib/nexpose/scan_template.rb', line 210

def tcp_device_discovery_ports=(ports)
  tcp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/TCPHostCheck')
  REXML::XPath.first(tcp, './portList').text = ports.join(',')
end

#tcp_service_discovery_ports=(ports) ⇒ Object

Set custom TCP ports to scan for TCP service discovery

Parameters:

  • ports (Array)

    Ports to scan for TCP service discovery



238
239
240
241
242
243
# File 'lib/nexpose/scan_template.rb', line 238

def tcp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/TCPPortScan')
  service_ports.attributes['mode'] = "custom"
  service_ports.attributes['method'] = "syn"
  REXML::XPath.first(service_ports, './portList').text = ports.join(",")
end

#udp_device_discovery_ports=(ports) ⇒ Object

Set custom UDP ports to scan for UDP device discovery

Parameters:

  • ports (Array)

    Ports to scan for UDP device discovery



224
225
226
227
# File 'lib/nexpose/scan_template.rb', line 224

def udp_device_discovery_ports=(ports)
  udp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/UDPHostCheck')
  REXML::XPath.first(udp, './portList').text = ports.join(',')
end

#udp_service_discovery_ports=(ports) ⇒ Object

Set custom UDP ports to scan for UDP service discovery

Parameters:

  • ports (Array)

    Ports to scan during UDP service discovery



254
255
256
257
258
# File 'lib/nexpose/scan_template.rb', line 254

def udp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/UDPPortScan')
  service_ports.attributes['mode'] = "custom"
  REXML::XPath.first(service_ports, './portList').text = ports.join(",")
end

#unsafe_checks=(enable) ⇒ Object

Adjust whether to perform unsafe vulnerability checks with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on unsafe checks.



296
297
298
299
# File 'lib/nexpose/scan_template.rb', line 296

def unsafe_checks=(enable)
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['unsafe'] = enable ? '1' : '0'
end

#unsafe_checks?Boolean

Returns Whether unsafe vulnerability checks are performed by this template.

Returns:

  • (Boolean)

    Whether unsafe vulnerability checks are performed by this template.



289
290
291
292
# File 'lib/nexpose/scan_template.rb', line 289

def unsafe_checks?
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['unsafe'] == '1'
end

#vuln_checksObject

Deprecated.

Use #enabled_vuln_checks instead



434
435
436
437
# File 'lib/nexpose/scan_template.rb', line 434

def vuln_checks
  warn "[DEPRECATED] Use #{self.class}#enabled_vuln_checks instead of #{self.class}##{__method__}"
  enabled_vuln_checks
end

#vuln_scanning=(enable) ⇒ Object

Adjust whether to perform vuln scanning with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on vuln scanning.



134
135
136
137
# File 'lib/nexpose/scan_template.rb', line 134

def vuln_scanning=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableVulnScan'] = enable ? '0' : '1'
end

#vuln_scanning?Boolean

Returns Whether vuln scanning in enabled.

Returns:

  • (Boolean)

    Whether vuln scanning in enabled.



127
128
129
130
# File 'lib/nexpose/scan_template.rb', line 127

def vuln_scanning?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableVulnScan'] == '0'
end

#web_spidering=(enable) ⇒ Object

Adjust whether to perform web spidering with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on web spider scanning.



160
161
162
163
# File 'lib/nexpose/scan_template.rb', line 160

def web_spidering=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableWebSpider'] = enable ? '0' : '1'
end

#web_spidering?Boolean

Returns Whether web spidering in enabled.

Returns:

  • (Boolean)

    Whether web spidering in enabled.



153
154
155
156
# File 'lib/nexpose/scan_template.rb', line 153

def web_spidering?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableWebSpider'] == '0'
end