Class: Nexpose::ReportAdHoc

Inherits:
Object
  • Object
show all
Includes:
XMLUtils
Defined in:
lib/nexpose.rb

Overview

Description

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from XMLUtils

#parse_xml

Constructor Details

#initialize(connection, template_id = 'full-audit', format = 'raw-xml') ⇒ ReportAdHoc

Returns a new instance of ReportAdHoc.



2330
2331
2332
2333
2334
2335
2336
2337
2338
 
# File 'lib/nexpose.rb', line 2330

def initialize(connection, template_id = 'full-audit', format = 'raw-xml')

	@error = false
	@connection = connection
	@filters = Array.new()
	@template_id = template_id
	@format = format

end

Instance Attribute Details

#connectionObject (readonly)

Returns the value of attribute connection.



2318
2319
2320
 
# File 'lib/nexpose.rb', line 2318

def connection
  @connection
end

#errorObject (readonly)

Returns the value of attribute error.



2316
2317
2318
 
# File 'lib/nexpose.rb', line 2316

def error
  @error
end

#error_msgObject (readonly)

Returns the value of attribute error_msg.



2317
2318
2319
 
# File 'lib/nexpose.rb', line 2317

def error_msg
  @error_msg
end

#filtersObject (readonly)

Array of (ReportFilter)*



2324
2325
2326
 
# File 'lib/nexpose.rb', line 2324

def filters
  @filters
end

#formatObject (readonly)

pdf|html|xml|text|csv|raw-xml



2322
2323
2324
 
# File 'lib/nexpose.rb', line 2322

def format
  @format
end

#report_decodedObject (readonly)

Returns the value of attribute report_decoded.



2327
2328
2329
 
# File 'lib/nexpose.rb', line 2327

def report_decoded
  @report_decoded
end

#request_xmlObject (readonly)

Returns the value of attribute request_xml.



2325
2326
2327
 
# File 'lib/nexpose.rb', line 2325

def request_xml
  @request_xml
end

#response_xmlObject (readonly)

Returns the value of attribute response_xml.



2326
2327
2328
 
# File 'lib/nexpose.rb', line 2326

def response_xml
  @response_xml
end

#template_idObject (readonly)

Report Template ID strong e.g. full-audit



2320
2321
2322
 
# File 'lib/nexpose.rb', line 2320

def template_id
  @template_id
end

Instance Method Details

#addFilter(filter_type, id) ⇒ Object 



2340
2341
2342
2343
2344
2345
2346
2347
 
# File 'lib/nexpose.rb', line 2340

def addFilter(filter_type, id)

	# filter_type can be site|group|device|scan
	# id is the ID number. For scan, you can use 'last' for the most recently run scan
	filter = ReportFilter.new(filter_type, id)
	filters.push(filter)

end

#generateObject 



2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
 
# File 'lib/nexpose.rb', line 2349

def generate()
	request_xml = '<ReportAdhocGenerateRequest session-id="' + @connection.session_id + '">'
	request_xml += '<AdhocReportConfig template-id="' + @template_id + '" format="' + @format + '">'
	request_xml += '<Filters>'
	@filters.each do |f|
		request_xml += '<filter type="' + f.type + '" id="'+ f.id.to_s + '"/>'
	end
	request_xml += '</Filters>'
	request_xml += '</AdhocReportConfig>'
	request_xml += '</ReportAdhocGenerateRequest>'

	ad_hoc_request = APIRequest.new(request_xml, @connection.url)
	ad_hoc_request.execute()

	content_type_response = ad_hoc_request.raw_response.header['Content-Type']
	if content_type_response =~ /multipart\/mixed;\s*boundary=([^\s]+)/
		# NeXpose sends an incorrect boundary format which breaks parsing
		# Eg: boundary=XXX; charset=XXX
		# Fix by removing everything from the last semi-colon onward
		last_semi_colon_index = content_type_response.index(/;/, content_type_response.index(/boundary/))
		content_type_response = content_type_response[0, last_semi_colon_index]

		data = "Content-Type: " + content_type_response + "\r\n\r\n" + ad_hoc_request.raw_response_data
		doc = Rex::MIME::Message.new data
		doc.parts.each do |part|
			if /.*base64.*/ =~ part.header.to_s
				return parse_xml(part.content.unpack("m*")[0])
			end
		end
	end
end