Class: Nexpose::Connection
- Inherits:
-
Object
- Object
- Nexpose::Connection
- Includes:
- NexposeAPI, XMLUtils
- Defined in:
- lib/nexpose/connection.rb
Overview
Description
Object that represents a connection to a Nexpose Security Console.
Examples
# Create a new Nexpose Connection on the default port
nsc = Connection.new('10.1.40.10', 'nxadmin', 'password')
# Login to NSC and Establish a Session ID
nsc.login
# Check Session ID
if nsc.session_id
puts 'Login Successful'
else
puts 'Login Failure'
end
# //Logout
logout_success = nsc.logout
Instance Attribute Summary collapse
-
#host ⇒ Object
readonly
The hostname or IP Address of the NSC.
-
#password ⇒ Object
readonly
The password used to login to the NSC.
-
#port ⇒ Object
readonly
The port of the NSC (default is 3780).
-
#request_xml ⇒ Object
readonly
The last XML request sent by this object, useful for debugging.
-
#response_xml ⇒ Object
readonly
The last XML response received by this object, useful for debugging.
-
#session_id ⇒ Object
readonly
Session ID of this connection.
-
#url ⇒ Object
readonly
The URL for communication.
-
#username ⇒ Object
readonly
The username used to login to the NSC.
Instance Method Summary collapse
-
#download(url, file_name = nil) ⇒ Object
Download a specific URL, typically a report.
-
#execute(xml, version = '1.1') ⇒ Object
Execute an API request.
-
#initialize(ip, user, pass, port = 3780, silo_id = nil) ⇒ Connection
constructor
Constructor for Connection.
-
#login ⇒ Object
Establish a new connection and Session ID.
-
#logout ⇒ Object
Logout of the current connection.
Methods included from NexposeAPI
#asset_group_delete, #asset_groups, #console_command, #create_multi_tenant_user, #create_silo, #create_silo_profile, #create_ticket, #delete_engine, #delete_mtu, #delete_report, #delete_report_config, #delete_silo, #delete_silo_profile, #delete_ticket, #device_delete, #engine_activity, #generate_report, #get_report_config, #get_report_template, #last_report, #last_scan, #list_engines, #list_mtu, #list_silo_profiles, #list_silos, #list_users, #report_history, #report_listing, #report_template_listing, #restart, #role_listing, #scan_activity, #scan_pause, #scan_resume, #scan_statistics, #scan_status, #scan_stop, #send_log, #site_delete, #site_device_listing, #site_device_scan_start, #site_listing, #site_scan_history, #start_update, #system_information, #vuln_exception_approve, #vuln_exception_create, #vuln_exception_delete, #vuln_exception_recall, #vuln_exception_reject, #vuln_exception_resubmit, #vuln_exception_update_comment, #vuln_exception_update_expiration_date, #vuln_listing
Methods included from XMLUtils
Constructor Details
#initialize(ip, user, pass, port = 3780, silo_id = nil) ⇒ Connection
Constructor for Connection
46 47 48 49 50 51 52 53 54 |
# File 'lib/nexpose/connection.rb', line 46 def initialize(ip, user, pass, port = 3780, silo_id = nil) @host = ip @port = port @username = user @password = pass @silo_id = silo_id @session_id = nil @url = "https://#{@host}:#{@port}/api/API_VERSION/xml" end |
Instance Attribute Details
#host ⇒ Object (readonly)
The hostname or IP Address of the NSC
30 31 32 |
# File 'lib/nexpose/connection.rb', line 30 def host @host end |
#password ⇒ Object (readonly)
The password used to login to the NSC
36 37 38 |
# File 'lib/nexpose/connection.rb', line 36 def password @password end |
#port ⇒ Object (readonly)
The port of the NSC (default is 3780)
32 33 34 |
# File 'lib/nexpose/connection.rb', line 32 def port @port end |
#request_xml ⇒ Object (readonly)
The last XML request sent by this object, useful for debugging.
41 42 43 |
# File 'lib/nexpose/connection.rb', line 41 def request_xml @request_xml end |
#response_xml ⇒ Object (readonly)
The last XML response received by this object, useful for debugging.
43 44 45 |
# File 'lib/nexpose/connection.rb', line 43 def response_xml @response_xml end |
#session_id ⇒ Object (readonly)
Session ID of this connection
28 29 30 |
# File 'lib/nexpose/connection.rb', line 28 def session_id @session_id end |
#url ⇒ Object (readonly)
The URL for communication
38 39 40 |
# File 'lib/nexpose/connection.rb', line 38 def url @url end |
#username ⇒ Object (readonly)
The username used to login to the NSC
34 35 36 |
# File 'lib/nexpose/connection.rb', line 34 def username @username end |
Instance Method Details
#download(url, file_name = nil) ⇒ Object
Download a specific URL, typically a report. Include an optional file_name parameter to write the output to a file.
Note: XML and HTML reports have charts not downloaded by this method.
Would need to do something more sophisticated to grab
all the associated image files.
97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 |
# File 'lib/nexpose/connection.rb', line 97 def download(url, file_name = nil) return nil if url.nil? or url.empty? uri = URI.parse(url) http = Net::HTTP.new(@host, @port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE # XXX: security issue headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"} resp = http.get(uri.to_s, headers) if file_name File.open(file_name, 'w') { |file| file.write(resp.body) } else resp.body end end |
#execute(xml, version = '1.1') ⇒ Object
Execute an API request
83 84 85 86 87 88 89 |
# File 'lib/nexpose/connection.rb', line 83 def execute(xml, version = '1.1') @request_xml = xml.to_s @api_version = version response = APIRequest.execute(@url, @request_xml, @api_version) @response_xml = response.raw_response_data response end |
#login ⇒ Object
Establish a new connection and Session ID
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'lib/nexpose/connection.rb', line 57 def login begin login_hash = {'sync-id' => 0, 'password' => @password, 'user-id' => @username} unless @silo_id.nil? login_hash['silo-id'] = @silo_id end r = execute(make_xml('LoginRequest', login_hash)) rescue APIError raise AuthenticationFailed.new(r) end if (r.success) @session_id = r.sid true end end |