Class: Nexpose::Connection

Inherits:

Object

• Object
• Nexpose::Connection

Includes:

NexposeAPI, XMLUtils

Defined in:

lib/nexpose/connection.rb

Overview

Description

Object that represents a connection to a NeXpose Security Console.

Examples

# Create a new Nexpose Connection on the default port
nsc = Connection.new("10.1.40.10","nxadmin","password")

# Login to NSC and Establish a Session ID
nsc.login()

# Check Session ID
if (nsc.session_id)
    puts "Login Successful"
else
    puts "Login Failure"
end

# //Logout
logout_success = nsc.logout()
if (! logout_success)
    puts "Logout Failure" + "<p>" + nsc.error_msg.to_s
end

Instance Attribute Summary

• #error ⇒ Object readonly

  true if an error condition exists; false otherwise.

• #error_msg ⇒ Object readonly

  Error message string.

• #host ⇒ Object readonly

  The hostname or IP Address of the NSC.

• #password ⇒ Object readonly

  The password used to login to the NSC.

• #port ⇒ Object readonly

  The port of the NSC (default is 3780).

• #request_xml ⇒ Object readonly

  The last XML request sent by this object.

• #response_xml ⇒ Object readonly

  The last XML response received by this object.

• #session_id ⇒ Object readonly

  Session ID of this connection.

• #url ⇒ Object readonly

  The URL for communication.

• #username ⇒ Object readonly

  The username used to login to the NSC.

Instance Method Summary

• #download(url) ⇒ Object

  Download a specific URL.

• #execute(xml, version = '1.1') ⇒ Object

  Execute an API request.

• #initialize(ip, user, pass, port = 3780, silo_id = nil) ⇒ Connection constructor

  Constructor for Connection.

• #login ⇒ Object

  Establish a new connection and Session ID.

• #logout ⇒ Object

  Logout of the current connection.

Methods included from NexposeAPI

#asset_group_config, #asset_group_delete, #asset_groups_listing, #console_command, #create_multi_tenant_user, #create_silo, #create_silo_profile, #create_ticket, #delete_mtu, #delete_silo, #delete_silo_profile, #delete_ticket, #device_delete, #list_mtu, #list_silo_profiles, #list_silos, #list_users, #report_config_delete, #report_delete, #report_generate, #report_history, #report_last, #report_template_listing, #scan_activity, #scan_resume, #scan_statistics, #scan_status, #scan_stop, #site_delete, #site_device_listing, #site_device_scan_start, #site_listing, #site_scan_history, #system_information, #vuln_exception_approve, #vuln_exception_create, #vuln_exception_delete, #vuln_exception_recall, #vuln_exception_reject, #vuln_exception_resubmit, #vuln_exception_update_comment, #vuln_exception_update_expiration_date, #vuln_listing

Methods included from XMLUtils

#make_xml, #parse_xml

Constructor Details

#initialize(ip, user, pass, port = 3780, silo_id = nil) ⇒ Connection

Constructor for Connection

# File 'lib/nexpose/connection.rb', line 52

def initialize(ip, user, pass, port = 3780, silo_id = nil)
	@host = ip
	@port = port
	@username = user
	@password = pass
	@silo_id = silo_id
	@session_id = nil
	@error = false
	@url = "https://#{@host}:#{@port}/api/API_VERSION/xml"
end

Instance Attribute Details

#error ⇒ Object (readonly)

true if an error condition exists; false otherwise

# File 'lib/nexpose/connection.rb', line 31

def error
  @error
end

#error_msg ⇒ Object (readonly)

Error message string

# File 'lib/nexpose/connection.rb', line 33

def error_msg
  @error_msg
end

#host ⇒ Object (readonly)

The hostname or IP Address of the NSC

# File 'lib/nexpose/connection.rb', line 41

def host
  @host
end

#password ⇒ Object (readonly)

The password used to login to the NSC

# File 'lib/nexpose/connection.rb', line 47

def password
  @password
end

#port ⇒ Object (readonly)

The port of the NSC (default is 3780)

# File 'lib/nexpose/connection.rb', line 43

def port
  @port
end

#request_xml ⇒ Object (readonly)

The last XML request sent by this object

# File 'lib/nexpose/connection.rb', line 35

def request_xml
  @request_xml
end

#response_xml ⇒ Object (readonly)

The last XML response received by this object

# File 'lib/nexpose/connection.rb', line 37

def response_xml
  @response_xml
end

#session_id ⇒ Object (readonly)

Session ID of this connection

# File 'lib/nexpose/connection.rb', line 39

def session_id
  @session_id
end

#url ⇒ Object (readonly)

The URL for communication

# File 'lib/nexpose/connection.rb', line 49

def url
  @url
end

#username ⇒ Object (readonly)

The username used to login to the NSC

# File 'lib/nexpose/connection.rb', line 45

def username
  @username
end

Instance Method Details

#download(url) ⇒ Object

Download a specific URL

# File 'lib/nexpose/connection.rb', line 96

def download(url)
	uri = URI.parse(url)
	http = Net::HTTP.new(@host, @port)
	http.use_ssl = true
	http.verify_mode = OpenSSL::SSL::VERIFY_NONE # XXX: security issue
	headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
	resp = http.get(uri.path, headers)
	resp.body
end

#execute(xml, version = '1.1') ⇒ Object

Execute an API request

# File 'lib/nexpose/connection.rb', line 90

def execute(xml, version = '1.1')
	@api_version = version
	APIRequest.execute(@url, xml.to_s, @api_version)
end

#login ⇒ Object

Establish a new connection and Session ID

# File 'lib/nexpose/connection.rb', line 64

def login
	begin
		login_hash = {'sync-id' => 0, 'password' => @password, 'user-id' => @username}
		unless @silo_id.nil?
			login_hash['silo-id'] = @silo_id
		end
		r = execute(make_xml('LoginRequest', login_hash))
	rescue APIError
		raise AuthenticationFailed.new(r)
	end
	if (r.success)
		@session_id = r.sid
		true
	end
end

#logout ⇒ Object

Logout of the current connection

Raises:

• (APIError)

# File 'lib/nexpose/connection.rb', line 81

def logout
	r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
	if (r.success)
		return true
	end
	raise APIError.new(r, 'Logout failed')
end