Class: Nexpose::AdhocReportConfig

Inherits:
Object
  • Object
show all
Includes:
XMLUtils
Defined in:
lib/nexpose/report.rb

Overview

Definition object for an adhoc report configuration.

NOTE: Only text, pdf, and csv currently work reliably.

Direct Known Subclasses

ReportConfig

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from XMLUtils

#make_xml, #parse_xml

Constructor Details

#initialize(template_id, format, site_id = nil) ⇒ AdhocReportConfig

Returns a new instance of AdhocReportConfig.



193
194
195
196
197
198
199
 
# File 'lib/nexpose/report.rb', line 193

def initialize(template_id, format, site_id = nil)
  @template_id = template_id 
  @format = format 

  @filters = []
  @filters << Filter.new('site', site_id) if site_id
end

Instance Attribute Details

#baselineObject

Baseline comparison highlights the changes between two scans, including newly discovered assets, services and vulnerabilities, assets and services that are no longer available and vulnerabilities that were mitigated or fixed. The current scan results can be compared against the results of the first scan, the most recent (previous) scan, or the scan results from a particular date.



191
192
193
 
# File 'lib/nexpose/report.rb', line 191

def baseline
  @baseline
end

#filtersObject

Array of filters associated with this report.



184
185
186
 
# File 'lib/nexpose/report.rb', line 184

def filters
  @filters
end

#formatObject

Format. One of: pdf|html|rtf|xml|text|csv|db|raw-xml|raw-xml-v2|ns-xml|qualys-xml



181
182
183
 
# File 'lib/nexpose/report.rb', line 181

def format
  @format
end

#template_idObject

The ID of the report template used.



179
180
181
 
# File 'lib/nexpose/report.rb', line 179

def template_id
  @template_id
end

Instance Method Details

#add_filter(type, id) ⇒ Object

Add a new filter to this report configuration.



202
203
204
 
# File 'lib/nexpose/report.rb', line 202

def add_filter(type, id)
  filters << Filter.new(type, id)
end

#generate(connection) ⇒ Object

Generate a report once using a simple configuration, and send it back in a multi-part mime response.



222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
 
# File 'lib/nexpose/report.rb', line 222

def generate(connection)
  xml = %Q{<ReportAdhocGenerateRequest session-id='#{connection.session_id}'>}
  xml << to_xml
  xml << '</ReportAdhocGenerateRequest>'
  response = connection.execute(xml)
  if response.success
    content_type_response = response.raw_response.header['Content-Type']
    if content_type_response =~ /multipart\/mixed;\s*boundary=([^\s]+)/
      # Nexpose sends an incorrect boundary format which breaks parsing
      # e.g., boundary=XXX; charset=XXX
      # Fix by removing everything from the last semi-colon onward.
      last_semi_colon_index = content_type_response.index(/;/, content_type_response.index(/boundary/))
      content_type_response = content_type_response[0, last_semi_colon_index]

      data = 'Content-Type: ' + content_type_response + "\r\n\r\n" + response.raw_response_data
      doc = Rex::MIME::Message.new(data)
      doc.parts.each do |part|
        if /.*base64.*/ =~ part.header.to_s
          if (@format == 'text') or (@format == 'pdf') or (@format == 'csv')
            return part.content.unpack('m*')[0]
          else
            # FIXME This isn't working.
            return parse_xml(part.content.unpack("m*")[0])
          end
        end
      end
    end
  end
end

#to_xmlObject 



206
207
208
209
210
211
212
213
214
215
216
 
# File 'lib/nexpose/report.rb', line 206

def to_xml
  xml = %Q{<AdhocReportConfig format='#{@format}' template-id='#{@template_id}'>}

  xml << '<Filters>'
  @filters.each { |filter| xml << filter.to_xml }
  xml << '</Filters>'

  xml << %Q{<Baseline compareTo='#{@baseline}' />} if @baseline

  xml << '</AdhocReportConfig>'
end