Class: Nexpose::ScanTemplate
- Inherits:
-
Object
- Object
- Nexpose::ScanTemplate
- Includes:
- Sanitize
- Defined in:
- lib/nexpose/scan_template.rb
Overview
Configuration object for a scan template.
The constructor is designed to take a valid XML representation of a scan template. If you wish to create a new scan template from scratch, use the #load method without a template ID. If you wish to copy and modify an existing template, use the #copy method.
This class is only a partial representation of some of the features available for configuration.
Instance Attribute Summary collapse
-
#xml ⇒ Object
readonly
Parsed XML of a scan template.
Class Method Summary collapse
-
.copy(nsc, id) ⇒ ScanTemplate
Copy an existing scan template, changing the id and title.
-
.load(nsc, id = nil) ⇒ ScanTemplate
Load a scan template.
Instance Method Summary collapse
- #_disable_check(check, elem) ⇒ Object
- #_enable_check(check, elem) ⇒ Object
- #_remove_check(check, elem) ⇒ Object
-
#aces_enabled? ⇒ Boolean
Whether asset configuration scanning is enabled for this template.
-
#aces_level ⇒ String
The asset configuration logging value for this template.
-
#aces_level=(level) ⇒ Object
Enable or disable asset configuration scanning for this template.
-
#control_scanning=(enable) ⇒ Object
Adjust whether to perform control scanning (ControlsInsight integration) with this template.
-
#control_scanning? ⇒ Boolean
Whether control scanning in enabled.
-
#correlate=(enable) ⇒ Object
Adjust whether to correlate reliable checks with regular checks.
-
#correlate? ⇒ Boolean
Whether to correlate reliable checks with regular checks.
-
#delete(nsc) ⇒ Object
Delete this scan template from the console.
-
#description ⇒ String
Description of this scan template.
-
#description=(description) ⇒ Object
Assign a description to this scan template.
-
#disable_checks_by_category(category) ⇒ Object
Disable checks by category for this template.
-
#disable_checks_by_type(type) ⇒ Object
Disable checks by type for this template.
-
#disable_vuln_check(check_id) ⇒ Object
Disable individual check for this template.
-
#disabled_checks_by_category ⇒ Array[String]
Get a list of the check categories disabled for this scan template.
-
#disabled_checks_by_type ⇒ Array[String]
Get a list of the check types disabled for this scan template.
-
#disabled_vuln_checks ⇒ Array[String]
Get a list of the individual vuln checks disabled for this scan template.
-
#enable_checks_by_category(category) ⇒ Object
Enable checks by category for this template.
-
#enable_checks_by_type(type) ⇒ Object
Enable checks by type for this template.
-
#enable_debug_logging=(enable) ⇒ Object
Enable or disable the debug logging.
-
#enable_enhanced_logging=(enable) ⇒ Object
Enable or disable the enhanced logging.
-
#enable_icmp_device_discovery=(enable) ⇒ Object
Enable/disable ICMP device discovery.
-
#enable_ip_stack_fingerprinting=(enable) ⇒ Object
Enable/disable IP stack fingerprinting.
-
#enable_tcp_device_discovery=(enable) ⇒ Object
Enable/disable TCP device discovery.
-
#enable_tcp_service_discovery=(enable) ⇒ Object
Enable or disable TCP port scanning.
-
#enable_udp_device_discovery=(enable) ⇒ Object
Enable/disable UDP device discovery.
-
#enable_udp_service_discovery=(enable) ⇒ Object
Enable or disable UDP service discovery.
-
#enable_vuln_check(check_id) ⇒ Object
Enable individual check for this template.
-
#enabled_checks_by_category ⇒ Array[String]
Get a list of the check categories enabled for this scan template.
-
#enabled_checks_by_type ⇒ Array[String]
Get a list of the check types enabled for this scan template.
-
#enabled_vuln_checks ⇒ Array[String]
Get a list of the individual vuln checks enabled for this scan template.
-
#exclude_tcp_service_discovery_ports=(ports) ⇒ Object
Exclude TCP ports during TCP service discovery.
-
#exclude_udp_service_discovery_ports=(ports) ⇒ Object
Exclude UDP ports when performing UDP service discovery.
-
#host_threads=(threads) ⇒ Object
Adjust the number of threads to use per asset for this template.
-
#id ⇒ String
Unique identifier of the scan template.
- #id=(value) ⇒ Object
-
#initialize(xml) ⇒ ScanTemplate
constructor
A new instance of ScanTemplate.
-
#invulnerable_storage=(enable) ⇒ Object
Adjust whether to Store Invulnerable results with this template.
-
#invulnerable_storage? ⇒ Boolean
Whether Invulnerable Results is enabled.
-
#name ⇒ String
Name or title of this scan template.
-
#name=(name) ⇒ Object
Assign name to this scan template.
-
#policy_scanning=(enable) ⇒ Object
Adjust whether to perform policy scanning with this template.
-
#policy_scanning? ⇒ Boolean
Whether policy scanning in enabled.
-
#potential_checks=(enable) ⇒ Object
Adjust whether to perform potential vulnerability checks with this template.
-
#potential_checks? ⇒ Boolean
Whether potential vulnerability checks are performed with this template.
-
#remove_checks_by_category(category) ⇒ Object
Remove checks by category for this template.
-
#remove_checks_by_type(type) ⇒ Object
Remove checks by type for this template.
-
#remove_vuln_check(check_id) ⇒ Object
Remove individual check for this template.
-
#save(nsc) ⇒ Object
Save this scan template configuration to a Nexpose console.
-
#scan_threads=(threads) ⇒ Object
Adjust the number of threads to use per scan engine for this template.
-
#tcp_device_discovery_ports=(ports) ⇒ Object
Set custom TCP ports to scan for device discovery.
-
#tcp_service_discovery_ports=(ports) ⇒ Object
Set custom TCP ports to scan for TCP service discovery.
-
#udp_device_discovery_ports=(ports) ⇒ Object
Set custom UDP ports to scan for UDP device discovery.
-
#udp_service_discovery_ports=(ports) ⇒ Object
Set custom UDP ports to scan for UDP service discovery.
-
#unsafe_checks=(enable) ⇒ Object
Adjust whether to perform unsafe vulnerability checks with this template.
-
#unsafe_checks? ⇒ Boolean
Whether unsafe vulnerability checks are performed by this template.
-
#vuln_scanning=(enable) ⇒ Object
Adjust whether to perform vuln scanning with this template.
-
#vuln_scanning? ⇒ Boolean
Whether vuln scanning in enabled.
-
#web_spidering=(enable) ⇒ Object
Adjust whether to perform web spidering with this template.
-
#web_spidering? ⇒ Boolean
Whether web spidering in enabled.
-
#windows_service_editor=(enable) ⇒ Object
Enable or disable windows service editor.
Methods included from Sanitize
Constructor Details
#initialize(xml) ⇒ ScanTemplate
Returns a new instance of ScanTemplate.
55 56 57 |
# File 'lib/nexpose/scan_template.rb', line 55 def initialize(xml) @xml = REXML::Document.new(xml) end |
Instance Attribute Details
#xml ⇒ Object (readonly)
Parsed XML of a scan template.
52 53 54 |
# File 'lib/nexpose/scan_template.rb', line 52 def xml @xml end |
Class Method Details
.copy(nsc, id) ⇒ ScanTemplate
Copy an existing scan template, changing the id and title.
523 524 525 526 527 528 |
# File 'lib/nexpose/scan_template.rb', line 523 def self.copy(nsc, id) dupe = load(nsc, id) dupe.id = '#NewScanTemplate#' dupe.name = "#{dupe.name} Copy" dupe end |
.load(nsc, id = nil) ⇒ ScanTemplate
Load a scan template.
507 508 509 510 511 512 513 514 515 |
# File 'lib/nexpose/scan_template.rb', line 507 def self.load(nsc, id = nil) if id response = JSON.parse(AJAX.get(nsc, "/data/scan/templates/#{URI.encode(id)}")) xml = response['value'] else xml = AJAX.get(nsc, '/data/scan-template') end new(xml) end |
Instance Method Details
#_disable_check(check, elem) ⇒ Object
421 422 423 424 425 426 |
# File 'lib/nexpose/scan_template.rb', line 421 def _disable_check(check, elem) checks = REXML::XPath.first(@xml, '//VulnerabilityChecks') checks.elements.delete("Enabled/#{elem}[@name='#{check}']") disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled') disabled_checks.add_element(elem, { 'name' => check }) end |
#_enable_check(check, elem) ⇒ Object
414 415 416 417 418 419 |
# File 'lib/nexpose/scan_template.rb', line 414 def _enable_check(check, elem) checks = REXML::XPath.first(@xml, '//VulnerabilityChecks') checks.elements.delete("Disabled/#{elem}[@name='#{check}']") enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled') enabled_checks.add_element(elem, { 'name' => check }) end |
#_remove_check(check, elem) ⇒ Object
428 429 430 431 432 |
# File 'lib/nexpose/scan_template.rb', line 428 def _remove_check(check, elem) checks = REXML::XPath.first(@xml, '//VulnerabilityChecks') checks.elements.delete("Disabled/#{elem}[@name='#{check}']") checks.elements.delete("Enabled/#{elem}[@name='#{check}']") end |
#aces_enabled? ⇒ Boolean
Returns whether asset configuration scanning is enabled for this template.
572 573 574 |
# File 'lib/nexpose/scan_template.rb', line 572 def aces_enabled? aces_level == 'full' end |
#aces_level ⇒ String
Returns the asset configuration logging value for this template.
562 563 564 565 566 567 568 |
# File 'lib/nexpose/scan_template.rb', line 562 def aces_level logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging') return 'default' if logging.nil? aces = REXML::XPath.first(logging, 'aces') return 'default' if aces.nil? aces.attributes['level'] end |
#aces_level=(level) ⇒ Object
Enable or disable asset configuration scanning for this template. If the level is not “full”, “default” or “none”, this is a no-op.
544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 |
# File 'lib/nexpose/scan_template.rb', line 544 def aces_level=(level) return if level.nil? return unless ['full', 'default', 'none'].include? level.downcase logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging') if logging.nil? logging = REXML::Element.new('Logging') @xml.add_element(logging) end aces = REXML::XPath.first(logging, 'aces') if aces.nil? aces = REXML::Element.new('aces') logging.add_element(aces) end aces.attributes['level'] = level end |
#control_scanning=(enable) ⇒ Object
Adjust whether to perform control scanning (ControlsInsight integration) with this template.
121 122 123 124 |
# File 'lib/nexpose/scan_template.rb', line 121 def control_scanning=(enable) local_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/localControlsScanEnabled') local_controls_scan.attributes['enabled'] = enable ? '1' : '0' end |
#control_scanning? ⇒ Boolean
Returns Whether control scanning in enabled.
111 112 113 114 115 116 |
# File 'lib/nexpose/scan_template.rb', line 111 def control_scanning? global_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/globalControlsScanEnabled') local_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/localControlsScanEnabled') global_controls_scan.attributes['enabled'] == '1' || local_controls_scan.attributes['enabled'] == '1' end |
#correlate=(enable) ⇒ Object
Adjust whether to correlate reliable checks with regular checks.
295 296 297 298 |
# File 'lib/nexpose/scan_template.rb', line 295 def correlate=(enable) vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks') vuln_checks.attributes['correlate'] = enable ? '1' : '0' end |
#correlate? ⇒ Boolean
Returns Whether to correlate reliable checks with regular checks.
288 289 290 291 |
# File 'lib/nexpose/scan_template.rb', line 288 def correlate? vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks') vuln_checks.attributes['correlate'] == '1' end |
#delete(nsc) ⇒ Object
Delete this scan template from the console. Cannot be used to delete a built-in template.
535 536 537 |
# File 'lib/nexpose/scan_template.rb', line 535 def delete(nsc) nsc.delete_scan_template(id) end |
#description ⇒ String
Returns Description of this scan template.
91 92 93 94 |
# File 'lib/nexpose/scan_template.rb', line 91 def description desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription') desc.nil? ? nil : desc.text.to_s end |
#description=(description) ⇒ Object
Assign a description to this scan template. Require attribute.
98 99 100 101 102 103 104 105 106 107 108 |
# File 'lib/nexpose/scan_template.rb', line 98 def description=(description) desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription') if desc desc.text = replace_entities(description) else root = REXML::XPath.first(xml, 'ScanTemplate') desc = REXML::Element.new('templateDescription') desc.add_text(description) root.add_element(desc) end end |
#disable_checks_by_category(category) ⇒ Object
Disable checks by category for this template.
358 359 360 |
# File 'lib/nexpose/scan_template.rb', line 358 def disable_checks_by_category(category) _disable_check(category, 'VulnCategory') end |
#disable_checks_by_type(type) ⇒ Object
Disable checks by type for this template.
401 402 403 |
# File 'lib/nexpose/scan_template.rb', line 401 def disable_checks_by_type(type) _disable_check(type, 'CheckType') end |
#disable_vuln_check(check_id) ⇒ Object
Disable individual check for this template.
467 468 469 470 471 472 |
# File 'lib/nexpose/scan_template.rb', line 467 def disable_vuln_check(check_id) checks = REXML::XPath.first(@xml, '//VulnerabilityChecks') checks.elements.delete("Enabled/Check[@id='#{check_id}']") disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled') disabled_checks.add_element('Check', { 'id' => check_id }) end |
#disabled_checks_by_category ⇒ Array[String]
Get a list of the check categories disabled for this scan template.
332 333 334 335 |
# File 'lib/nexpose/scan_template.rb', line 332 def disabled_checks_by_category checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled') checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : [] end |
#disabled_checks_by_type ⇒ Array[String]
Get a list of the check types disabled for this scan template.
375 376 377 378 |
# File 'lib/nexpose/scan_template.rb', line 375 def disabled_checks_by_type checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled') checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : [] end |
#disabled_vuln_checks ⇒ Array[String]
Get a list of the individual vuln checks disabled for this scan template.
447 448 449 450 |
# File 'lib/nexpose/scan_template.rb', line 447 def disabled_vuln_checks checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled') checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : [] end |
#enable_checks_by_category(category) ⇒ Object
Enable checks by category for this template.
350 351 352 |
# File 'lib/nexpose/scan_template.rb', line 350 def enable_checks_by_category(category) _enable_check(category, 'VulnCategory') end |
#enable_checks_by_type(type) ⇒ Object
Enable checks by type for this template.
393 394 395 |
# File 'lib/nexpose/scan_template.rb', line 393 def enable_checks_by_type(type) _enable_check(type, 'CheckType') end |
#enable_debug_logging=(enable) ⇒ Object
Enable or disable the debug logging.
578 579 580 581 582 583 584 585 586 587 588 589 590 591 |
# File 'lib/nexpose/scan_template.rb', line 578 def enable_debug_logging=(enable) return if enable.nil? logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging') if logging.nil? logging = REXML::Element.new('Logging') @xml.add_element(logging) end debug_logging = REXML::XPath.first(logging, 'debugLogging') if debug_logging.nil? debug_logging = REXML::Element.new('debugLogging') logging.add_element(debug_logging) end debug_logging.attributes['enabled'] = (enable ? 1 : 0) end |
#enable_enhanced_logging=(enable) ⇒ Object
Enable or disable the enhanced logging.
595 596 597 598 |
# File 'lib/nexpose/scan_template.rb', line 595 def enable_enhanced_logging=(enable) self.enable_debug_logging = enable self.aces_level = (enable ? 'full' : 'none') end |
#enable_icmp_device_discovery=(enable) ⇒ Object
Enable/disable ICMP device discovery
209 210 211 212 |
# File 'lib/nexpose/scan_template.rb', line 209 def enable_icmp_device_discovery=(enable) icmp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/icmpHostCheck') icmp.attributes['enabled'] = (enable ? 1 : 0) end |
#enable_ip_stack_fingerprinting=(enable) ⇒ Object
Enable/disable IP stack fingerprinting
194 195 196 197 198 199 200 201 202 203 204 205 |
# File 'lib/nexpose/scan_template.rb', line 194 def enable_ip_stack_fingerprinting=(enable) ns = REXML::XPath.first(@xml, 'ScanTemplate/Plugins/Plugin[@name="java/NetworkScanners"]') param = REXML::XPath.first(ns, './param[@name="ipFingerprintEnabled"]') if param param.text = (enable ? 1 : 0) else param = REXML::Element.new('param') param.add_attribute('name', 'ipFingerprintEnabled') param.text = (enable ? 1 : 0) ns.add_element(param) end end |
#enable_tcp_device_discovery=(enable) ⇒ Object
Enable/disable TCP device discovery
216 217 218 219 |
# File 'lib/nexpose/scan_template.rb', line 216 def enable_tcp_device_discovery=(enable) tcp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/TCPHostCheck') tcp.attributes['enabled'] = (enable ? 1 : 0) end |
#enable_tcp_service_discovery=(enable) ⇒ Object
Enable or disable TCP port scanning.
244 245 246 247 |
# File 'lib/nexpose/scan_template.rb', line 244 def enable_tcp_service_discovery=(enable) service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/TCPPortScan') service_ports.attributes['mode'] = 'none' unless enable end |
#enable_udp_device_discovery=(enable) ⇒ Object
Enable/disable UDP device discovery
230 231 232 233 |
# File 'lib/nexpose/scan_template.rb', line 230 def enable_udp_device_discovery=(enable) udp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/UDPHostCheck') udp.attributes['enabled'] = (enable ? 1 : 0) end |
#enable_udp_service_discovery=(enable) ⇒ Object
Enable or disable UDP service discovery
282 283 284 285 |
# File 'lib/nexpose/scan_template.rb', line 282 def enable_udp_service_discovery=(enable) service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/UDPPortScan') service_ports.attributes['mode'] = 'none' unless enable end |
#enable_vuln_check(check_id) ⇒ Object
Enable individual check for this template.
456 457 458 459 460 461 |
# File 'lib/nexpose/scan_template.rb', line 456 def enable_vuln_check(check_id) checks = REXML::XPath.first(@xml, '//VulnerabilityChecks') checks.elements.delete("Disabled/Check[@id='#{check_id}']") enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled') enabled_checks.add_element('Check', { 'id' => check_id }) end |
#enabled_checks_by_category ⇒ Array[String]
Get a list of the check categories enabled for this scan template.
341 342 343 344 |
# File 'lib/nexpose/scan_template.rb', line 341 def enabled_checks_by_category checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled') checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : [] end |
#enabled_checks_by_type ⇒ Array[String]
Get a list of the check types enabled for this scan template.
384 385 386 387 |
# File 'lib/nexpose/scan_template.rb', line 384 def enabled_checks_by_type checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled') checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : [] end |
#enabled_vuln_checks ⇒ Array[String]
Get a list of the individual vuln checks enabled for this scan template.
438 439 440 441 |
# File 'lib/nexpose/scan_template.rb', line 438 def enabled_vuln_checks checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled') checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : [] end |
#exclude_tcp_service_discovery_ports=(ports) ⇒ Object
Exclude TCP ports during TCP service discovery
260 261 262 263 |
# File 'lib/nexpose/scan_template.rb', line 260 def exclude_tcp_service_discovery_ports=(ports) service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/ExcludedTCPPortScan') REXML::XPath.first(service_ports, './portList').text = ports.join(',') end |
#exclude_udp_service_discovery_ports=(ports) ⇒ Object
Exclude UDP ports when performing UDP service discovery
275 276 277 278 |
# File 'lib/nexpose/scan_template.rb', line 275 def exclude_udp_service_discovery_ports=(ports) service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/ExcludedUDPPortScan') REXML::XPath.first(service_ports, './portList').text = ports.join(',') end |
#host_threads=(threads) ⇒ Object
Adjust the number of threads to use per asset for this template
187 188 189 190 |
# File 'lib/nexpose/scan_template.rb', line 187 def host_threads=(threads) host_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/hostThreads') host_threads.text = threads.to_s end |
#id ⇒ String
Returns Unique identifier of the scan template.
60 61 62 63 |
# File 'lib/nexpose/scan_template.rb', line 60 def id root = REXML::XPath.first(@xml, 'ScanTemplate') root.attributes['id'] end |
#id=(value) ⇒ Object
65 66 67 68 |
# File 'lib/nexpose/scan_template.rb', line 65 def id=(value) root = REXML::XPath.first(@xml, 'ScanTemplate') root.attributes['id'] = value end |
#invulnerable_storage=(enable) ⇒ Object
Adjust whether to Store Invulnerable results with this template.
173 174 175 176 |
# File 'lib/nexpose/scan_template.rb', line 173 def invulnerable_storage=(enable) gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['invulnerableStorage'] = enable ? 'on' : 'off' end |
#invulnerable_storage? ⇒ Boolean
Returns Whether Invulnerable Results is enabled.
166 167 168 169 |
# File 'lib/nexpose/scan_template.rb', line 166 def invulnerable_storage? gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['invulnerableStorage'] == 'on' end |
#name ⇒ String
Returns Name or title of this scan template.
71 72 73 74 |
# File 'lib/nexpose/scan_template.rb', line 71 def name desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription') desc.nil? ? nil : desc.attributes['title'] end |
#name=(name) ⇒ Object
Assign name to this scan template. Required attribute.
78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/nexpose/scan_template.rb', line 78 def name=(name) desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription') if desc desc.attributes['title'] = replace_entities(name) else root = REXML::XPath.first(xml, 'ScanTemplate') desc = REXML::Element.new('templateDescription') desc.add_attribute('title', name) root.add_element(desc) end end |
#policy_scanning=(enable) ⇒ Object
Adjust whether to perform policy scanning with this template.
147 148 149 150 |
# File 'lib/nexpose/scan_template.rb', line 147 def policy_scanning=(enable) gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['disablePolicyScan'] = enable ? '0' : '1' end |
#policy_scanning? ⇒ Boolean
Returns Whether policy scanning in enabled.
140 141 142 143 |
# File 'lib/nexpose/scan_template.rb', line 140 def policy_scanning? gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['disablePolicyScan'] == '0' end |
#potential_checks=(enable) ⇒ Object
Adjust whether to perform potential vulnerability checks with this template.
323 324 325 326 |
# File 'lib/nexpose/scan_template.rb', line 323 def potential_checks=(enable) checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks') checks.attributes['potential'] = enable ? '1' : '0' end |
#potential_checks? ⇒ Boolean
Returns Whether potential vulnerability checks are performed with this template.
316 317 318 319 |
# File 'lib/nexpose/scan_template.rb', line 316 def potential_checks? checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks') checks.attributes['potential'] == '1' end |
#remove_checks_by_category(category) ⇒ Object
Remove checks by category for this template. Removes both enabled and disabled checks.
367 368 369 |
# File 'lib/nexpose/scan_template.rb', line 367 def remove_checks_by_category(category) _remove_check(category, 'VulnCategory') end |
#remove_checks_by_type(type) ⇒ Object
Remove checks by type for this template. Removes both enabled and disabled checks.
410 411 412 |
# File 'lib/nexpose/scan_template.rb', line 410 def remove_checks_by_type(type) _remove_check(type, 'CheckType') end |
#remove_vuln_check(check_id) ⇒ Object
Remove individual check for this template. Removes both enabled and disabled checks.
479 480 481 482 483 |
# File 'lib/nexpose/scan_template.rb', line 479 def remove_vuln_check(check_id) checks = REXML::XPath.first(@xml, '//VulnerabilityChecks') checks.elements.delete("Disabled/Check[@id='#{check_id}']") checks.elements.delete("Enabled/Check[@id='#{check_id}']") end |
#save(nsc) ⇒ Object
Save this scan template configuration to a Nexpose console.
489 490 491 492 493 494 495 496 497 498 |
# File 'lib/nexpose/scan_template.rb', line 489 def save(nsc) root = REXML::XPath.first(@xml, 'ScanTemplate') if root.attributes['id'] == '#NewScanTemplate#' response = JSON.parse(AJAX.post(nsc, '/data/scan/templates', xml)) root.attributes['id'] = response['value'] else response = JSON.parse(AJAX.put(nsc, "/data/scan/templates/#{URI.encode(id)}", xml)) end response['value'] end |
#scan_threads=(threads) ⇒ Object
Adjust the number of threads to use per scan engine for this template
180 181 182 183 |
# File 'lib/nexpose/scan_template.rb', line 180 def scan_threads=(threads) scan_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/scanThreads') scan_threads.text = threads.to_s end |
#tcp_device_discovery_ports=(ports) ⇒ Object
Set custom TCP ports to scan for device discovery
223 224 225 226 |
# File 'lib/nexpose/scan_template.rb', line 223 def tcp_device_discovery_ports=(ports) tcp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/TCPHostCheck') REXML::XPath.first(tcp, './portList').text = ports.join(',') end |
#tcp_service_discovery_ports=(ports) ⇒ Object
Set custom TCP ports to scan for TCP service discovery
251 252 253 254 255 256 |
# File 'lib/nexpose/scan_template.rb', line 251 def tcp_service_discovery_ports=(ports) service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/TCPPortScan') service_ports.attributes['mode'] = 'custom' service_ports.attributes['method'] = 'syn' REXML::XPath.first(service_ports, './portList').text = ports.join(',') end |
#udp_device_discovery_ports=(ports) ⇒ Object
Set custom UDP ports to scan for UDP device discovery
237 238 239 240 |
# File 'lib/nexpose/scan_template.rb', line 237 def udp_device_discovery_ports=(ports) udp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/UDPHostCheck') REXML::XPath.first(udp, './portList').text = ports.join(',') end |
#udp_service_discovery_ports=(ports) ⇒ Object
Set custom UDP ports to scan for UDP service discovery
267 268 269 270 271 |
# File 'lib/nexpose/scan_template.rb', line 267 def udp_service_discovery_ports=(ports) service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/UDPPortScan') service_ports.attributes['mode'] = 'custom' REXML::XPath.first(service_ports, './portList').text = ports.join(',') end |
#unsafe_checks=(enable) ⇒ Object
Adjust whether to perform unsafe vulnerability checks with this template.
309 310 311 312 |
# File 'lib/nexpose/scan_template.rb', line 309 def unsafe_checks=(enable) checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks') checks.attributes['unsafe'] = enable ? '1' : '0' end |
#unsafe_checks? ⇒ Boolean
Returns Whether unsafe vulnerability checks are performed by this template.
302 303 304 305 |
# File 'lib/nexpose/scan_template.rb', line 302 def unsafe_checks? checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks') checks.attributes['unsafe'] == '1' end |
#vuln_scanning=(enable) ⇒ Object
Adjust whether to perform vuln scanning with this template.
134 135 136 137 |
# File 'lib/nexpose/scan_template.rb', line 134 def vuln_scanning=(enable) gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['disableVulnScan'] = enable ? '0' : '1' end |
#vuln_scanning? ⇒ Boolean
Returns Whether vuln scanning in enabled.
127 128 129 130 |
# File 'lib/nexpose/scan_template.rb', line 127 def vuln_scanning? gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['disableVulnScan'] == '0' end |
#web_spidering=(enable) ⇒ Object
Adjust whether to perform web spidering with this template.
160 161 162 163 |
# File 'lib/nexpose/scan_template.rb', line 160 def web_spidering=(enable) gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['disableWebSpider'] = enable ? '0' : '1' end |
#web_spidering? ⇒ Boolean
Returns Whether web spidering in enabled.
153 154 155 156 |
# File 'lib/nexpose/scan_template.rb', line 153 def web_spidering? gen = REXML::XPath.first(@xml, 'ScanTemplate/General') gen.attributes['disableWebSpider'] == '0' end |
#windows_service_editor=(enable) ⇒ Object
Enable or disable windows service editor.
602 603 604 605 606 607 608 609 610 611 612 613 614 |
# File 'lib/nexpose/scan_template.rb', line 602 def windows_service_editor=(enable) cifs_scanner = REXML::XPath.first(@xml, 'ScanTemplate/Plugins/Plugin[@name="java/CifsScanner"]') param = REXML::XPath.first(cifs_scanner, './param[@name="windowsServiceEditor"]') if param param.text = (enable ? '1' : '0') else param = REXML::Element.new('param') param.attributes['name'] = 'windowsServiceEditor' param.text = (enable ? '1' : '0') cifs_scanner.add_element(param) end param.text end |