Class: PxnxJruby::NexposeConnection

Inherits:
Object
  • Object
show all
Includes:
Callable
Defined in:
lib/pxnx_jruby/nexpose_connection.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(ips, options = {}) ⇒ NexposeConnection

Returns a new instance of NexposeConnection.



14
15
16
17
18
19
20
21
22
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 14

def initialize(ips, options = {})
  @log = LoggerFactory.getLogger(NexposeConnection.become_java!)
  @nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],options[:nexpose_data][:nxuser], ENV['NEXPOSE_PASSWORD'])
  @log.info("Connecting to nexpose console: #{options[:nexpose_data][:nxconsole]}.")
  @nsc.
  PxnxJruby::NxLogger.instance.on_connect(options[:nexpose_data][:nxconsole], 3780, @nsc.session_id, "{}")
  @ip_list = ips
  @options = options
end

Instance Attribute Details

#devices_to_quarantineObject

Returns the value of attribute devices_to_quarantine.



12
13
14
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def devices_to_quarantine
  @devices_to_quarantine
end

#ipObject

Returns the value of attribute ip.



12
13
14
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def ip
  @ip
end

#nscObject

Returns the value of attribute nsc.



12
13
14
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def nsc
  @nsc
end

#scan_infoObject

Returns the value of attribute scan_info.



12
13
14
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def scan_info
  @scan_info
end

#siteObject

Returns the value of attribute site.



12
13
14
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def site
  @site
end

Instance Method Details

#callObject

TODO Allow scan options.



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/pxnx_jruby/nexpose_connection.rb', line 25

def call
    begin
      @ip = @ip_list.is_a?(Array) ? @ip_list : Array.new(1, @ip_list)
      @site = Nexpose::Site.new("pxGrid-Nexpose-#{DateTime.now.strftime('%Y%jT%H%M%SZ')}", 'full-audit')
      @site.description = "Rapid7 Nexpose - Cisco pxGrid Integration scan job saved at #{DateTime.now.strftime('%Y%jT%H%M%SZ')}"
      @log.info("Scanning IPs <#{@ip.each{|ip| ip}}> on site <#{@site.name}>.")
      @ip.each { |ip| @site.add_ip(ip) }
      @site.engine = @options[:nexpose_data][:engine] unless @options.empty?
      @site.save(@nsc)
      @scan_info = @site.scan(@nsc)

      # Hold this thread until the scan has finished
      # Add ', :verbose => true' to get more info.
      WaitUtil.wait_for_condition('waiting_for_scan_to_finish', :timeout_sec => @options[:nexpose_data][:scan_timeout], :delay_sec => 30) do
        @completed = true
        if %w(unknown dispatched running).include? (@nsc.scan_status(@scan_info.id))
          @completed = false
          @log.debug("Scan still running for site <#{@site.name}>")
        end
        @completed
      end
      @log.info("Scan completed for site #{@site.name}>")
      devices = @nsc.devices(@site.id)
      @devices_to_quarantine = devices.select { |d| d.risk_score >= @options[:nexpose_data][:riskscore]}
      Thread.new do
        eps_broker = PxnxJruby::EpsBroker.new(@options[:grid_connection].grid)
        @log.info("Quarantining device <#{@devices_to_quarantine}> for site <#{@site.name}>.")
        eps_broker.quarantine_ip(@devices_to_quarantine) unless @devices_to_quarantine.empty?
      end unless @options[:debug] == true
      @log.debug("Deleting temporary site <#{@site.name}>, logging out and exiting.")
      @site.delete(@nsc) unless @options[:debug] == true
      @nsc.logout unless @options[:debug] == true
    rescue Exception => e
      @log.error("Exception while running a Nexpose connection thread! Message is <#{e.message}> and stacktrace is <#{e.backtrace.join("\n")}>.")
  end
end