Class: Nessus::Client
- Inherits:
-
Object
- Object
- Nessus::Client
- Defined in:
- lib/nessus/client.rb,
lib/nessus/client/feed.rb,
lib/nessus/client/file.rb,
lib/nessus/client/scan.rb,
lib/nessus/client/uuid.rb,
lib/nessus/client/users.rb,
lib/nessus/client/policy.rb,
lib/nessus/client/report.rb,
lib/nessus/client/server.rb,
lib/nessus/client/chapter.rb,
lib/nessus/client/plugins.rb,
lib/nessus/client/report2.rb,
lib/nessus/client/timezones.rb,
lib/nessus/client/preferences.rb
Overview
Defined Under Namespace
Modules: File, Policy, Report, Report2, Scan
Class Attribute Summary collapse
-
.verify_ssl ⇒ Boolean
Whether to verify SSL with Faraday (default: true).
Instance Attribute Summary collapse
-
#connection ⇒ Object
Returns the value of attribute connection.
Instance Method Summary collapse
-
#authenticate(login, password) ⇒ Object
(also: #login)
POST /login.
- #authenticated? ⇒ Boolean
- #get(url, params = {}, headers = {}) ⇒ Object
-
#initialize(host, login = nil, password = nil, connection_options = {}) {|@connection| ... } ⇒ Client
constructor
A new instance of Client.
-
#logout ⇒ Object
POST /logout.
- #post(url, payload = nil, headers = nil, &block) ⇒ Object
Methods included from Scan
#scan_list, #scan_new, #scan_pause, #scan_resume, #scan_stop, #scan_template_new
Methods included from Report2
Methods included from Report
#report_delete, #report_details, #report_find_all, #report_find_by_name, #report_find_by_readable_name, #report_findings, #report_hostlist, #report_hosts, #report_item, #report_list, #report_parse, #report_plugin_summary, #report_portlist, #report_ports, #report_readable_name, #report_tags
Methods included from Policy
#policies, #policy_id_by_name, #policy_list, #policy_name_by_id
Methods included from File
Constructor Details
#initialize(host, login = nil, password = nil, connection_options = {}) {|@connection| ... } ⇒ Client
Returns a new instance of Client.
32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/nessus/client.rb', line 32 def initialize(host, login = nil, password = nil, = {}) [:ssl] ||= {} [:ssl][:verify] ||= Nessus::Client.verify_ssl.nil? || Nessus::Client.verify_ssl @connection = Faraday.new host, @connection.headers[:user_agent] = "Nessus.rb v#{Nessus::VERSION}".freeze # Allow passing a block to Faraday::Connection yield @connection if block_given? authenticate(login, password) if login && password end |
Class Attribute Details
.verify_ssl ⇒ Boolean
Returns whether to verify SSL with Faraday (default: true).
24 25 26 |
# File 'lib/nessus/client.rb', line 24 def verify_ssl @verify_ssl end |
Instance Attribute Details
#connection ⇒ Object
Returns the value of attribute connection.
29 30 31 |
# File 'lib/nessus/client.rb', line 29 def connection @connection end |
Instance Method Details
#authenticate(login, password) ⇒ Object Also known as: login
POST /login
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 |
# File 'lib/nessus/client.rb', line 49 def authenticate(login, password) @login = login @password = password payload = { :login => login, :password => password, :json => 1, } resp = connection.post '/login', payload resp = JSON.parse(resp.body) if resp['reply']['status'].eql? 'OK' connection.headers[:cookie] = "token=#{resp['reply']['contents']['token']}" end true end |
#authenticated? ⇒ Boolean
91 92 93 94 |
# File 'lib/nessus/client.rb', line 91 def authenticated? headers = connection.headers !!headers[:cookie] && headers[:cookie].include?('token=') end |
#get(url, params = {}, headers = {}) ⇒ Object
100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 |
# File 'lib/nessus/client.rb', line 100 def get(url, params = {}, headers = {}) retries ||= 0 unless authenticated? fail Nessus::Unauthorized, 'Unable to detect a session token cookie, use #authenticate before sending any other requests' end params ||= {} params[:json] = 1 resp = connection.get url, params, headers fail Nessus::Unauthorized if resp.status == 401 fail Nessus::Forbidden if resp.status == 403 JSON.parse(resp.body) rescue Nessus::Unauthorized, Nessus::Forbidden if retries < 1 retries += 1 authenticate(@login, @password) if @login && @password retry else raise Nessus::Forbidden, 'Unable to automatically reauthenticate' end end |
#logout ⇒ Object
POST /logout
73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'lib/nessus/client.rb', line 73 def logout resp = post '/logout' if resp['reply']['status'].eql? 'OK' if connection.headers[:cookie].include? 'token=' connection.headers.delete(:cookie) else # TODO: Instead of warning the user # and deleting the cookies anyway delete only the token $stdout.puts 'Deleting cookies...' connection.headers.delete(:cookie) end end true end |
#post(url, payload = nil, headers = nil, &block) ⇒ Object
129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
# File 'lib/nessus/client.rb', line 129 def post(url, payload = nil, headers = nil, &block) retries ||= 0 unless authenticated? fail Nessus::Unauthorized, 'Unable to detect a session token cookie, use #authenticate before sending any other requests' end payload ||= {} payload[:json] = 1 resp = connection.post(url, payload, headers, &block) fail Nessus::Unauthorized if resp.status == 401 fail Nessus::Forbidden if resp.status == 403 JSON.parse(resp.body) rescue Nessus::Unauthorized, Nessus::Forbidden if retries < 1 retries += 1 authenticate(@login, @password) if @login && @password retry else raise Nessus::Forbidden, 'Unable to automatically reauthenticate' end end |