Class: PxnxJruby::NexposeConnection

Inherits:

Object

• Object
• PxnxJruby::NexposeConnection

Includes:

Callable

Defined in:

lib/pxnx_jruby/nexpose_connection.rb

Instance Attribute Summary

• #devices_to_quarantine ⇒ Object

  Returns the value of attribute devices_to_quarantine.

• #ip ⇒ Object

  Returns the value of attribute ip.

• #nsc ⇒ Object

  Returns the value of attribute nsc.

• #scan_info ⇒ Object

  Returns the value of attribute scan_info.

• #site ⇒ Object

  Returns the value of attribute site.

Class Method Summary

• .is_valid_scan_template(options) ⇒ Object

Instance Method Summary

• #call ⇒ Object

  TODO Allow scan options.

• #initialize(ips, options = {}) ⇒ NexposeConnection constructor

  A new instance of NexposeConnection.

Constructor Details

#initialize(ips, options = {}) ⇒ NexposeConnection

Returns a new instance of NexposeConnection.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 14

def initialize(ips, options = {})
  @log = LoggerFactory.getLogger(NexposeConnection.become_java!)
  @nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],
                                 options[:nexpose_data][:nxuser], 
                                 ENV['NEXPOSE_PASSWORD'], 
                                 options[:nexpose_data][:nexpose_port])
  @log.info("Connecting to nexpose console: #{options[:nexpose_data][:nxconsole]}.")
  @nsc.login      
  @ip_list = ips
  @options = options
end

Instance Attribute Details

#devices_to_quarantine ⇒ Object

Returns the value of attribute devices_to_quarantine.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def devices_to_quarantine
  @devices_to_quarantine
end

#ip ⇒ Object

Returns the value of attribute ip.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def ip
  @ip
end

#nsc ⇒ Object

Returns the value of attribute nsc.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def nsc
  @nsc
end

#scan_info ⇒ Object

Returns the value of attribute scan_info.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def scan_info
  @scan_info
end

#site ⇒ Object

Returns the value of attribute site.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 12

def site
  @site
end

Class Method Details

.is_valid_scan_template(options) ⇒ Object

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 64

def self.is_valid_scan_template(options)
  nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],
                                options[:nexpose_data][:nxuser], 
                                ENV['NEXPOSE_PASSWORD'], 
                                options[:nexpose_data][:nexpose_port])
  nsc.login
  PxnxJruby::NxLogger.instance.on_connect(options[:nexpose_data][:nxconsole], 
                                          options[:nexpose_data][:nexpose_port], 
                                          nsc.session_id, 
                                          "{}")
  return nsc.list_scan_templates.select{|template_summary| template_summary.id.eql?(options[:nexpose_data][:scan_template_id])}.any?
end

Instance Method Details

#call ⇒ Object

TODO Allow scan options.

# File 'lib/pxnx_jruby/nexpose_connection.rb', line 27

def call
    begin
      @ip = @ip_list.is_a?(Array) ? @ip_list : Array.new(1, @ip_list)
      @site = Nexpose::Site.new("pxGrid-Nexpose-#{DateTime.now.strftime('%Y%jT%H%M%SZ')}", @options[:nexpose_data][:scan_template_id])
      @site.description = "Rapid7 Nexpose - Cisco pxGrid Integration scan job saved at #{DateTime.now.strftime('%Y%jT%H%M%SZ')}"
      @log.info("Scanning IPs <#{@ip.each{|ip| ip}}> on site <#{@site.name}>.")
      @ip.each { |ip| @site.add_ip(ip) }
      @site.engine = @options[:nexpose_data][:engine] unless @options.empty?
      @site.save(@nsc)
      @scan_info = @site.scan(@nsc)

      # Hold this thread until the scan has finished
      # Add ', :verbose => true' to get more info.
      WaitUtil.wait_for_condition('waiting_for_scan_to_finish', :timeout_sec => @options[:nexpose_data][:scan_timeout], :delay_sec => 30) do
        @completed = true
        if %w(unknown dispatched running integrating).include? (@nsc.scan_status(@scan_info.id))
          @completed = false
          @log.debug("Scan still running for site <#{@site.name}>")
        end
        @completed
      end
      @log.info("Scan completed for site #{@site.name}>")
      devices = @nsc.devices(@site.id)
      @devices_to_quarantine = devices.map { |d| d.address if d.risk_score >= @options[:nexpose_data][:riskscore]}
      Thread.new do
        eps_broker = PxnxJruby::EpsBroker.new(@options[:grid_connection].grid)
        @log.info("Quarantining device(s) <#{@devices_to_quarantine}> for site <#{@site.name}>.")
        eps_broker.quarantine_ip(@devices_to_quarantine) unless @devices_to_quarantine.empty?
      end unless @options[:debug] == true
      @log.debug("Deleting temporary site <#{@site.name}>, logging out and exiting.")
      @site.delete(@nsc) unless @options[:debug] == true
      @nsc.logout unless @options[:debug] == true
    rescue Exception => e
      @log.error("Exception while running a Nexpose connection thread! Message is <#{e.message}> and stacktrace is <#{e.backtrace.join("\n")}>.")
  end
end