Class: Nexpose::Credential

Inherits:

Object

• Object
• Nexpose::Credential

Includes:

Comparable, XMLUtils

Defined in:

lib/nexpose/creds.rb

Overview

Object that represents administrative credentials to be used during a scan. When retrieved from an existing site configuration the credentials will be returned as a security blob and can only be passed back as is during a Site Save operation. This object can only be used to create a new set of credentials.

Defined Under Namespace

Modules: ElevationType, Type

Constant Summary

DEFAULT_PORTS =

{ 'cvs' => 2401,
'ftp' => 21,
'http' => 80,
'as400' => 449,
'notes' => 1352,
'tds' => 1433,
'sybase' => 5000,
'cifs' => 445,
'cifshash' => 445,
'oracle' => 1521,
'pop' => 110,
'postgresql' => 5432,
'remote execution' => 512,
'snmp' => 161,
'snmpv3' => 161,
'ssh' => 22,
'ssh-key' => 22,
'telnet' => 23,
'mysql' => 3306,
'db2' => 50000 }

Instance Attribute Summary

• #auth_type ⇒ Object

  The authentication type to use with SNMP v3 credentials.

• #blob ⇒ Object

  Security blob for an existing set of credentials.

• #headers ⇒ Object

  When using httpheaders, this represents the set of headers to pass with the authentication request.

• #host ⇒ Object

  The host for these credentials.

• #html_forms ⇒ Object

  When using htmlforms, this represents the tho form to pass the authentication request to.

• #password ⇒ Object

  The password.

• #port ⇒ Object

  The port on which to use these credentials.

• #priv_password ⇒ Object

  The password to use when escalating privileges (optional).

• #priv_type ⇒ Object

  The type of privilege escalation to use (sudo/su).

• #priv_username ⇒ Object

  The userid to use when escalating privileges (optional).

• #privacy_password ⇒ Object

  The privacy/encryption pass phrase to use with SNMP v3 credentials.

• #privacy_type ⇒ Object

  The privacy/encryption type to use with SNMP v3 credentials.

• #realm ⇒ Object

  The realm for these credentials.

• #service ⇒ Object

  The service for these credentials.

• #userid ⇒ Object

  The user id or username.

Class Method Summary

• .for_service(service, user, password, realm = nil, host = nil, port = nil) ⇒ Object
• .parse(xml) ⇒ Object

Instance Method Summary

• #<=>(other) ⇒ Object
• #add_privilege_credentials(type, username, password) ⇒ Object

  Sets privilege escalation credentials.

• #add_snmpv3_credentials(auth_type, privacy_type, privacy_password) ⇒ Object
• #as_xml ⇒ Object (also: #to_xml_elem)
• #eql?(other) ⇒ Boolean
• #hash ⇒ Object
• #to_xml ⇒ Object

Methods included from XMLUtils

#make_xml, #parse_xml

Instance Attribute Details

#auth_type ⇒ Object

The authentication type to use with SNMP v3 credentials

# File 'lib/nexpose/creds.rb', line 60

def auth_type
  @auth_type
end

#blob ⇒ Object

Security blob for an existing set of credentials

# File 'lib/nexpose/creds.rb', line 34

def blob
  @blob
end

#headers ⇒ Object

When using httpheaders, this represents the set of headers to pass with the authentication request.

# File 'lib/nexpose/creds.rb', line 49

def headers
  @headers
end

#host ⇒ Object

The host for these credentials.

# File 'lib/nexpose/creds.rb', line 38

def host
  @host
end

#html_forms ⇒ Object

When using htmlforms, this represents the tho form to pass the authentication request to.

# File 'lib/nexpose/creds.rb', line 52

def html_forms
  @html_forms
end

#password ⇒ Object

The password

# File 'lib/nexpose/creds.rb', line 44

def password
  @password
end

#port ⇒ Object

The port on which to use these credentials.

# File 'lib/nexpose/creds.rb', line 40

def port
  @port
end

#priv_password ⇒ Object

The password to use when escalating privileges (optional)

# File 'lib/nexpose/creds.rb', line 58

def priv_password
  @priv_password
end

#priv_type ⇒ Object

The type of privilege escalation to use (sudo/su)

# File 'lib/nexpose/creds.rb', line 54

def priv_type
  @priv_type
end

#priv_username ⇒ Object

The userid to use when escalating privileges (optional)

# File 'lib/nexpose/creds.rb', line 56

def priv_username
  @priv_username
end

#privacy_password ⇒ Object

The privacy/encryption pass phrase to use with SNMP v3 credentials

# File 'lib/nexpose/creds.rb', line 64

def privacy_password
  @privacy_password
end

#privacy_type ⇒ Object

The privacy/encryption type to use with SNMP v3 credentials

# File 'lib/nexpose/creds.rb', line 62

def privacy_type
  @privacy_type
end

#realm ⇒ Object

The realm for these credentials

# File 'lib/nexpose/creds.rb', line 46

def realm
  @realm
end

#service ⇒ Object

The service for these credentials.

# File 'lib/nexpose/creds.rb', line 36

def service
  @service
end

#userid ⇒ Object

The user id or username

# File 'lib/nexpose/creds.rb', line 42

def userid
  @userid
end

Class Method Details

.for_service(service, user, password, realm = nil, host = nil, port = nil) ⇒ Object

# File 'lib/nexpose/creds.rb', line 66

def self.for_service(service, user, password, realm = nil, host = nil, port = nil)
  cred = new
  cred.service = service
  cred.userid = user
  cred.password = password
  cred.realm = realm
  cred.host = host
  cred.port = port
  cred
end

.parse(xml) ⇒ Object

# File 'lib/nexpose/creds.rb', line 90

def self.parse(xml)
  cred = new
  cred.service = xml.attributes['service']
  cred.host = xml.attributes['host']
  cred.port = xml.attributes['port']
  cred.blob = xml.get_text
  cred
end

Instance Method Details

#<=>(other) ⇒ Object

# File 'lib/nexpose/creds.rb', line 130

def <=>(other)
  to_xml <=> other.to_xml
end

#add_privilege_credentials(type, username, password) ⇒ Object

Sets privilege escalation credentials. Type should be either sudo/su.

# File 'lib/nexpose/creds.rb', line 78

def add_privilege_credentials(type, username, password)
  @priv_type = type
  @priv_username = username
  @priv_password = password
end

#add_snmpv3_credentials(auth_type, privacy_type, privacy_password) ⇒ Object

# File 'lib/nexpose/creds.rb', line 84

def add_snmpv3_credentials(auth_type, privacy_type, privacy_password)
  @auth_type = auth_type
  @privacy_type = privacy_type
  @privacy_password = privacy_password
end

#as_xml ⇒ Object Also known as: to_xml_elem

# File 'lib/nexpose/creds.rb', line 103

def as_xml
  attributes = {}

  attributes['service'] = @service
  attributes['userid'] = @userid
  attributes['password'] = @password
  attributes['realm'] = @realm
  attributes['host'] = @host
  attributes['port'] = @port

  attributes['privilegeelevationtype'] = @priv_type if @priv_type
  attributes['privilegeelevationusername'] = @priv_username if @priv_username
  attributes['privilegeelevationpassword'] = @priv_password if @priv_password
  
  attributes['snmpv3authtype'] = @auth_type if @auth_type
  attributes['snmpv3privtype'] = @privacy_type if @privacy_type
  attributes['snmpv3privpassword'] = @privacy_password if @privacy_password

  xml = make_xml('adminCredentials', attributes, blob)
  xml.add_element(@headers.to_xml_elem) if @headers
  xml.add_element(@html_forms.to_xml_elem) if @html_forms
  xml
end

#eql?(other) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/nexpose/creds.rb', line 134

def eql?(other)
  to_xml == other.to_xml
end

#hash ⇒ Object

# File 'lib/nexpose/creds.rb', line 138

def hash
  to_xml.hash
end

#to_xml ⇒ Object

# File 'lib/nexpose/creds.rb', line 99

def to_xml
  to_xml_elem.to_s
end