Last active
December 23, 2015 09:49
-
-
Save erran/6617087 to your computer and use it in GitHub Desktop.
Nexpose console class and example usages
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # vi: set ft=ruby : | |
| require_relative './nexpose-console.rb' | |
| nsc = Nexpose::Console.new({ :host => ARGV[0] }) | |
| nsc.scan({ :scan_template => 'full-audit', :site_id => 1 }) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'nexpose' | |
| require 'nexpose/connection' | |
| require 'uri' | |
| # A module dedicated to wrap useful Nexpose API interactions | |
| module Nexpose | |
| # Constants to check against when rescuing from NexposeAPI::Error | |
| NONEXISTENT_SITE = /NexposeAPI: Action failed: Site ID \d+ does not exist./ | |
| # A class that creates a Nexpose::Connection, authenticates against Nexpose, | |
| # and has useful wrapper methods. | |
| class Console < Nexpose::Connection | |
| # Aliases for Nexpose::Connection methods | |
| alias_method :reauthenticate, :login | |
| alias_method :scan_results, :scan_statistics | |
| # Returns a Nexpose::Console object | |
| # | |
| # @param [Hash] config the configuration options to pass to the | |
| # Nexpose::Connection initializer | |
| # @options config [String] :host the host to connect to Nexpose with | |
| # @options config [String] :user the user to use when authenticating with | |
| # Nexpose | |
| # @options config [String] :pass the password to use when authenticating | |
| # with Nexpose | |
| # @options config [String] :port the port to connect to Nexpose with | |
| def initialize(config = {}) | |
| default = { host: 'localhost', user: 'nxadmin', pass: 'nxadmin', port: 3780 } | |
| # If the config Hash has blank values, merge in the default value | |
| config = default.merge(config) | |
| # Nexpose::Connection.new('acme-corp', 'user', 'pass', 3780) | |
| super(config[:host], config[:user], config[:pass], config[:port]) | |
| # Start a session on initialization | |
| login | |
| end | |
| # Runs a Nexpose scan against the specified site | |
| # | |
| # @param [Hash] options the site and scan options to scan with | |
| # @option options [String] :scan_template the scan template to use, defaults | |
| # to 'full-audit' | |
| # @option options [String] :site_id the site ID to scan against | |
| # @option options [String] :site_name the site name to use if the site is | |
| # being created | |
| def scan(options = {}) | |
| @current_site = Nexpose::Site.load(self, options[:site_id]) | |
| rescue Nexpose::APIError => e | |
| if e.message.eql? | |
| # Ensure the scan template isn't nil | |
| options[:scan_template] ||= 'full-audit' | |
| @current_site = Nexpose::Site.new(options[:site_name], options[:scan_template]) | |
| else | |
| raise e | |
| end | |
| ensure | |
| @current_site.save | |
| return @current_site.scan(self) if @current_site | |
| raise Nexpose::APIError, "Unable to load or create a site with the options: #{options}" | |
| end | |
| def scan_statuses | |
| scan_activity.map do |summary| | |
| { | |
| scan_id: summary.scan_id, | |
| site_id: summary.site_id, | |
| status: summary.status, | |
| vulnerabilities: summary.vulnerabilities | |
| } | |
| end | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment