Class: NexposeSCCM::Connection

Inherits:

Object

• Object
• NexposeSCCM::Connection

Defined in:

lib/nexpose_sccm/connection.rb

Overview

Connection object to interact with SCCM and SCCM utilities

• Args :

  • protocol - A String identifying HTTP or HTTPS for the SCCM web service

  • host - A String identifying the target host SCCM is running on

  • port - A String identifying port for the SCCM web service

  • path - A String identifying the URL path for the SCCM web service

  • location - A String identifying the SCCM location for running PS commands on filesystem

  • user - A String identifying username for the SCCM web service

  • pass - A String identifying the password for the SCCM web service

  • namespace - A String identifying the namespace for the SCCM server

  • staging - A String identifying the directory to keep downloaded content updates for SCCM

Instance Attribute Summary

• #conn ⇒ Object readonly

  Returns the value of attribute conn.

• #host ⇒ Object readonly

  Returns the value of attribute host.

• #location ⇒ Object readonly

  Returns the value of attribute location.

• #namespace ⇒ Object readonly

  Returns the value of attribute namespace.

• #staging ⇒ Object readonly

  Returns the value of attribute staging.

Instance Method Summary

• #download_patches(sup_name, ci_ids) ⇒ Object
• #get_ci_id(ldn) ⇒ Object
• #get_collection_devices(collection_id, sccm_devices) ⇒ Object
• #get_collection_id_by_name(collection_name) ⇒ Object
• #get_collections(sccm_devices) ⇒ Object
• #get_deployment_package(name) ⇒ Object
• #get_devices ⇒ Object
• #get_info ⇒ Object
• #get_software_update_groups ⇒ Object
• #initialize(protocol = 'http', host = 'localhost', port = 5985, path = 'wsman', location = nil, user = nil, pass = nil, namespace = nil, staging = nil, no_ssl_peer_verification = false, ssl_peer_fingerprint = nil) ⇒ Connection constructor

  A new instance of Connection.

• #login ⇒ Object

Constructor Details

#initialize(protocol = 'http', host = 'localhost', port = 5985, path = 'wsman', location = nil, user = nil, pass = nil, namespace = nil, staging = nil, no_ssl_peer_verification = false, ssl_peer_fingerprint = nil) ⇒ Connection

Returns a new instance of Connection.

# File 'lib/nexpose_sccm/connection.rb', line 25

def initialize(protocol='http', host='localhost', port=5985, path='wsman', location=nil, user=nil, pass=nil,
               namespace=nil, staging=nil, no_ssl_peer_verification=false, ssl_peer_fingerprint=nil)
  @endpoint = "#{protocol}://#{host}:#{port}/#{path}"
  @user = user
  @password = pass
  @namespace = namespace
  @host = host
  @location = location
  @staging = staging.nil? ? nil : staging.chomp("\\")
  @no_ssl_peer_verification = no_ssl_peer_verification
  @ssl_peer_fingerprint = ssl_peer_fingerprint
end

Instance Attribute Details

#conn ⇒ Object (readonly)

Returns the value of attribute conn.

# File 'lib/nexpose_sccm/connection.rb', line 23

def conn
  @conn
end

#host ⇒ Object (readonly)

Returns the value of attribute host.

# File 'lib/nexpose_sccm/connection.rb', line 23

def host
  @host
end

#location ⇒ Object (readonly)

Returns the value of attribute location.

# File 'lib/nexpose_sccm/connection.rb', line 23

def location
  @location
end

#namespace ⇒ Object (readonly)

Returns the value of attribute namespace.

# File 'lib/nexpose_sccm/connection.rb', line 23

def namespace
  @namespace
end

#staging ⇒ Object (readonly)

Returns the value of attribute staging.

# File 'lib/nexpose_sccm/connection.rb', line 23

def staging
  @staging
end

Instance Method Details

#download_patches(sup_name, ci_ids) ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 140

def download_patches(sup_name, ci_ids)
  NexposeSCCM.logger.info("Downloading Software Update Patches for Deployment Packages.")
  contentIds = []
  ## Need to get ContentID using ci_id
  ci_ids.each do |c|
    results = Wql.run(@conn, @namespace, :ci_to_contentid, c)
    results.each do |r|
      contentIds.push(r[:content_id]) unless contentIds.include?(r[:content_id])
    end
  end
  ## Need to get content info using ContentId
  contentIds.each do |c|
    NexposeSCCM.logger.debug("Working on Content Update: #{c}")
    results = Wql.run(@conn, @namespace, :get_update_url, c)
    results.each do |r|
      res = Powershell.run(@conn, :download_content, r[:source_url], "#{@staging}\\#{sup_name}", c, r[:file_name])
      if res
        NexposeSCCM.logger.debug("Successfully downloaded content update: #{c}")
      else
        NexposeSCCM.logger.error("There was an error downloading content update: #{c}")
      end
    end
  end
end

#get_ci_id(ldn) ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 62

def get_ci_id(ldn)
  NexposeSCCM.logger.debug("Getting CI IDs for solution: #{ldn}")
  ci_ids = []
  results = Wql.run(@conn, @namespace, :get_ci_ids, ldn)
  results.each do |r|
    ci_ids.push(r[:ci_id]) unless ci_ids.include?(r[:ci_id])
  end
  ci_ids
end

#get_collection_devices(collection_id, sccm_devices) ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 109

def get_collection_devices(collection_id, sccm_devices)
  NexposeSCCM.logger.debug("Getting devices for collection ID: #{collection_id}")
  devices = Set.new
  members = Wql.run(@conn, @namespace, :get_collection_members, collection_id)
  members.each do |member|
    device = sccm_devices.select{|device| device.resource_id.eql?(member[:resource_id])}.first
    devices.add(device) unless device.nil?
  end
  devices
end

#get_collection_id_by_name(collection_name) ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 84

def get_collection_id_by_name(collection_name)
  results = Wql.run(@conn, @namespace, :get_collection_by_name, collection_name)

  collection_id = nil
  results.each do |result|
    collection_id = result[:collection_id]
  end
  collection_id
end

#get_collections(sccm_devices) ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 94

def get_collections(sccm_devices)
  NexposeSCCM.logger.debug('Getting name of collections for all existing Rapid7 Collections')
  collections = []
  results = Wql.run(@conn, @namespace, :get_collections)
  results.each do |result|
    NexposeSCCM.logger.debug("Getting device membership for #{result[:name]} collection")
    collection = Collection.new(result[:name],result[:collection_id],result[:member_count])

    collection.current_members = get_collection_devices(collection.collection_id,sccm_devices)

    collections << collection
  end
  collections
end

#get_deployment_package(name) ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 136

def get_deployment_package(name)
  Wql.run(@conn, @namespace, :get_deployment_package, name)
end

#get_devices ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 120

def get_devices
  NexposeSCCM.logger.debug('Getting devices known to SCCM with details')
  devices = []
  members = Wql.run(@conn, @namespace, :get_devices)
  members.each do |member|
    if member[:ip_addresses].is_a?(Nori::StringWithAttributes)
      ips = [member[:ip_addresses]]
    else
      ips = member[:ip_addresses]
    end
    device = Device.new(ips,member[:netbios_name],member[:resource_id])
    devices << device
  end
  devices
end

#get_info ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 48

def get_info
  begin
    results = Powershell.run(@conn, :get_sccm_info)
    info_match = ['Version','Full Version','CU Level']
    results.each do |result|
      if info_match.any?{|word| result.include?(word)}
        NexposeSCCM.logger.info("SCCM #{result.strip.gsub(/\s+/, ' ')}")
      end
    end
  rescue Exception=>e
    NexposeSCCM.logger.error("Unable to retrieve SCCM version details: #{e}")
  end
end

#get_software_update_groups ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 72

def get_software_update_groups
  NexposeSCCM.logger.debug('Getting names and CI IDs for all Rapid7 Software Update Groups')
  groups = []
  results = Wql.run(@conn, @namespace, :get_sups)
  results = results.map {|r| {:ci_id => r[:ci_id], :name => r[:localized_display_name], :description => r[:localized_description]}}
  results.each do |r|
    sup = SoftwareUpdateGroup.new(r[:name], r[:description], nil, r[:ci_id])
    groups.push(sup)
  end
  groups
end

#login ⇒ Object

# File 'lib/nexpose_sccm/connection.rb', line 38

def login
  NexposeSCCM.logger.info("Logging into SCCM via WINRM: #{@endpoint}")
  @conn = WinRM::Connection.new(endpoint: @endpoint,
                                user: @user,
                                password: @password,
                                no_ssl_peer_verification: @no_ssl_peer_verification,
                                ssl_peer_fingerprint: @ssl_peer_fingerprint)
  #get_info
end