Class: Nexpose::ReportAdHoc

Inherits:
Object
  • Object
show all
Includes:
XMLUtils
Defined in:
lib/nexpose.rb

Overview

Description

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from XMLUtils

#parse_xml

Constructor Details

#initialize(connection, template_id = 'full-audit', format = 'raw-xml') ⇒ ReportAdHoc

Returns a new instance of ReportAdHoc.



2459
2460
2461
2462
2463
2464
2465
2466
2467
 
# File 'lib/nexpose.rb', line 2459

def initialize(connection, template_id = 'full-audit', format = 'raw-xml')

	@error = false
	@connection = connection
	@filters = Array.new()
	@template_id = template_id
	@format = format

end

Instance Attribute Details

#connectionObject (readonly)

Returns the value of attribute connection.



2447
2448
2449
 
# File 'lib/nexpose.rb', line 2447

def connection
  @connection
end

#errorObject (readonly)

Returns the value of attribute error.



2445
2446
2447
 
# File 'lib/nexpose.rb', line 2445

def error
  @error
end

#error_msgObject (readonly)

Returns the value of attribute error_msg.



2446
2447
2448
 
# File 'lib/nexpose.rb', line 2446

def error_msg
  @error_msg
end

#filtersObject (readonly)

Array of (ReportFilter)*



2453
2454
2455
 
# File 'lib/nexpose.rb', line 2453

def filters
  @filters
end

#formatObject (readonly)

pdf|html|xml|text|csv|raw-xml



2451
2452
2453
 
# File 'lib/nexpose.rb', line 2451

def format
  @format
end

#report_decodedObject (readonly)

Returns the value of attribute report_decoded.



2456
2457
2458
 
# File 'lib/nexpose.rb', line 2456

def report_decoded
  @report_decoded
end

#request_xmlObject (readonly)

Returns the value of attribute request_xml.



2454
2455
2456
 
# File 'lib/nexpose.rb', line 2454

def request_xml
  @request_xml
end

#response_xmlObject (readonly)

Returns the value of attribute response_xml.



2455
2456
2457
 
# File 'lib/nexpose.rb', line 2455

def response_xml
  @response_xml
end

#template_idObject (readonly)

Report Template ID strong e.g. full-audit



2449
2450
2451
 
# File 'lib/nexpose.rb', line 2449

def template_id
  @template_id
end

Instance Method Details

#addFilter(filter_type, id) ⇒ Object 



2469
2470
2471
2472
2473
2474
2475
2476
 
# File 'lib/nexpose.rb', line 2469

def addFilter(filter_type, id)

	# filter_type can be site|group|device|scan
	# id is the ID number. For scan, you can use 'last' for the most recently run scan
	filter = ReportFilter.new(filter_type, id)
	filters.push(filter)

end

#generateObject 



2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
 
# File 'lib/nexpose.rb', line 2478

def generate()
	request_xml = '<ReportAdhocGenerateRequest session-id="' + @connection.session_id + '">'
	request_xml += '<AdhocReportConfig template-id="' + @template_id + '" format="' + @format + '">'
	request_xml += '<Filters>'
	@filters.each do |f|
		request_xml += '<filter type="' + f.type + '" id="'+ f.id.to_s + '"/>'
	end
	request_xml += '</Filters>'
	request_xml += '</AdhocReportConfig>'
	request_xml += '</ReportAdhocGenerateRequest>'

	ad_hoc_request = APIRequest.new(request_xml, @connection.url)
	ad_hoc_request.execute()

	content_type_response = ad_hoc_request.raw_response.header['Content-Type']
	if content_type_response =~ /multipart\/mixed;\s*boundary=([^\s]+)/
		# NeXpose sends an incorrect boundary format which breaks parsing
		# Eg: boundary=XXX; charset=XXX
		# Fix by removing everything from the last semi-colon onward
		last_semi_colon_index = content_type_response.index(/;/, content_type_response.index(/boundary/))
		content_type_response = content_type_response[0, last_semi_colon_index]

		data = "Content-Type: " + content_type_response + "\r\n\r\n" + ad_hoc_request.raw_response_data
		doc = Rex::MIME::Message.new data
		doc.parts.each do |part|
			if /.*base64.*/ =~ part.header.to_s
				return parse_xml(part.content.unpack("m*")[0])
			end
		end
	end
end