Class: Nexpose::SiteCredentials
- Inherits:
-
Credential
- Object
- APIObject
- Credential
- Nexpose::SiteCredentials
- Defined in:
- lib/nexpose/site_credentials.rb
Overview
Object that represents administrative credentials to be used during a scan. When retrieved from an existing site configuration the credentials will be returned as a security blob and can only be passed back as is during a Site Save operation. This object can only be used to create a new set of credentials.
Constant Summary
Constants inherited from Credential
Instance Attribute Summary collapse
-
#authentication_type ⇒ Object
The authentication type to use with SNMP v3 credentials.
-
#community_name ⇒ Object
for snmp v1/v2.
-
#database ⇒ Object
database of the service.
-
#description ⇒ Object
the description of credential.
-
#domain ⇒ Object
domain of the service.
-
#enabled ⇒ Object
is this credential enable on site or not.
-
#host_restriction ⇒ Object
The host for these credentials.
-
#id ⇒ Object
Unique identifier of the credential on the Nexpose console.
-
#name ⇒ Object
The name.
-
#notes_id_password ⇒ Object
the notes password.
-
#password ⇒ Object
The password.
-
#pem_format_private_key ⇒ Object
for ssh public key require pem format private key.
-
#permission_elevation_password ⇒ Object
The password to use when escalating privileges (optional).
-
#permission_elevation_type ⇒ Object
The type of privilege escalation to use (sudo/su) Permission elevation type.
-
#permission_elevation_user ⇒ Object
The userid to use when escalating privileges (optional).
-
#port_restriction ⇒ Object
The port on which to use these credentials.
-
#privacy_password ⇒ Object
The privacy/encryption pass phrase to use with SNMP v3 credentials.
-
#privacy_type ⇒ Object
The privacy/encryption type to use with SNMP v3 credentials.
-
#scope ⇒ Object
scope of credential.
-
#service ⇒ Object
The service for these credentials.
-
#service_name ⇒ Object
service name for oracle.
-
#sid ⇒ Object
sid for oracle.
-
#use_windows_auth ⇒ Object
use windows auth.
-
#user_name ⇒ Object
the user name to be used in service.
Class Method Summary collapse
-
.copy(connection, site_id, credential_id) ⇒ SiteCredentials
Copy an existing configuration from a Nexpose instance.
-
.for_service(name, id = -1,, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS) ⇒ Object
Create a credential object using name, id, description, host and port.
-
.load(nsc, site_id, credential_id) ⇒ SiteCredential
Load an credential from the provided console.
Instance Method Summary collapse
- #==(other) ⇒ Object
- #_to_param(target, engine_id, port, siteid) ⇒ Object
-
#copy ⇒ SiteCredentials
Copy an existing configuration from a site credential.
- #eql?(other) ⇒ Boolean
-
#test(nsc, target, engine_id = nil, siteid = -1)) ⇒ Boolean
Test this credential against a target where the credentials should apply.
- #to_h ⇒ Object
- #to_json ⇒ Object
Methods included from CredentialHelper
#set_as400_service, #set_cifs_service, #set_cifshash_service, #set_cvs_service, #set_db2_service, #set_ftp_service, #set_http_service, #set_mysql_service, #set_notes_service, #set_oracle_service, #set_oracle_service_using_service_name_auth, #set_pop_service, #set_postgresql_service, #set_remote_execution_service, #set_snmp_service, #set_snmpv3_service, #set_ssh_key_service, #set_ssh_service, #set_sybase_service, #set_tds_service, #set_telnet_service
Methods inherited from APIObject
Instance Attribute Details
#authentication_type ⇒ Object
The authentication type to use with SNMP v3 credentials
39 40 41 |
# File 'lib/nexpose/site_credentials.rb', line 39 def authentication_type @authentication_type end |
#community_name ⇒ Object
for snmp v1/v2
57 58 59 |
# File 'lib/nexpose/site_credentials.rb', line 57 def community_name @community_name end |
#database ⇒ Object
database of the service
30 31 32 |
# File 'lib/nexpose/site_credentials.rb', line 30 def database @database end |
#description ⇒ Object
the description of credential
26 27 28 |
# File 'lib/nexpose/site_credentials.rb', line 26 def description @description end |
#domain ⇒ Object
domain of the service
28 29 30 |
# File 'lib/nexpose/site_credentials.rb', line 28 def domain @domain end |
#enabled ⇒ Object
is this credential enable on site or not.
24 25 26 |
# File 'lib/nexpose/site_credentials.rb', line 24 def enabled @enabled end |
#host_restriction ⇒ Object
The host for these credentials.
16 17 18 |
# File 'lib/nexpose/site_credentials.rb', line 16 def host_restriction @host_restriction end |
#id ⇒ Object
Unique identifier of the credential on the Nexpose console.
12 13 14 |
# File 'lib/nexpose/site_credentials.rb', line 12 def id @id end |
#name ⇒ Object
The name
22 23 24 |
# File 'lib/nexpose/site_credentials.rb', line 22 def name @name end |
#notes_id_password ⇒ Object
the notes password
47 48 49 |
# File 'lib/nexpose/site_credentials.rb', line 47 def notes_id_password @notes_id_password end |
#password ⇒ Object
The password
20 21 22 |
# File 'lib/nexpose/site_credentials.rb', line 20 def password @password end |
#pem_format_private_key ⇒ Object
for ssh public key require pem format private key
55 56 57 |
# File 'lib/nexpose/site_credentials.rb', line 55 def pem_format_private_key @pem_format_private_key end |
#permission_elevation_password ⇒ Object
The password to use when escalating privileges (optional)
37 38 39 |
# File 'lib/nexpose/site_credentials.rb', line 37 def @permission_elevation_password end |
#permission_elevation_type ⇒ Object
The type of privilege escalation to use (sudo/su) Permission elevation type. See Nexpose::Credential::ElevationType.
33 34 35 |
# File 'lib/nexpose/site_credentials.rb', line 33 def @permission_elevation_type end |
#permission_elevation_user ⇒ Object
The userid to use when escalating privileges (optional)
35 36 37 |
# File 'lib/nexpose/site_credentials.rb', line 35 def @permission_elevation_user end |
#port_restriction ⇒ Object
The port on which to use these credentials.
18 19 20 |
# File 'lib/nexpose/site_credentials.rb', line 18 def port_restriction @port_restriction end |
#privacy_password ⇒ Object
The privacy/encryption pass phrase to use with SNMP v3 credentials
43 44 45 |
# File 'lib/nexpose/site_credentials.rb', line 43 def privacy_password @privacy_password end |
#privacy_type ⇒ Object
The privacy/encryption type to use with SNMP v3 credentials
41 42 43 |
# File 'lib/nexpose/site_credentials.rb', line 41 def privacy_type @privacy_type end |
#scope ⇒ Object
scope of credential
59 60 61 |
# File 'lib/nexpose/site_credentials.rb', line 59 def scope @scope end |
#service ⇒ Object
The service for these credentials.
14 15 16 |
# File 'lib/nexpose/site_credentials.rb', line 14 def service @service end |
#service_name ⇒ Object
service name for oracle
53 54 55 |
# File 'lib/nexpose/site_credentials.rb', line 53 def service_name @service_name end |
#sid ⇒ Object
sid for oracle
51 52 53 |
# File 'lib/nexpose/site_credentials.rb', line 51 def sid @sid end |
#use_windows_auth ⇒ Object
use windows auth
49 50 51 |
# File 'lib/nexpose/site_credentials.rb', line 49 def use_windows_auth @use_windows_auth end |
#user_name ⇒ Object
the user name to be used in service
45 46 47 |
# File 'lib/nexpose/site_credentials.rb', line 45 def user_name @user_name end |
Class Method Details
.copy(connection, site_id, credential_id) ⇒ SiteCredentials
Copy an existing configuration from a Nexpose instance. Returned object will reset the credential ID and append “Copy” to the existing name. Reminder: The password field will not be populated due to the API not sending password.
143 144 145 146 147 148 |
# File 'lib/nexpose/site_credentials.rb', line 143 def self.copy(connection, site_id, credential_id) site_credential = self.load(connection, site_id, credential_id) site_credential.id = -1 site_credential.name = "#{site_credential.name} Copy" site_credential end |
.for_service(name, id = -1,, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS) ⇒ Object
Create a credential object using name, id, description, host and port
105 106 107 108 109 110 111 112 113 114 115 116 117 |
# File 'lib/nexpose/site_credentials.rb', line 105 def self.for_service(name, id = -1, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS) cred = new cred.name = name cred.id = id.to_i cred.enabled = true cred.description = desc cred.host_restriction = host cred.port_restriction = port cred.service = service cred.scope = Credential::Scope::SITE_SPECIFIC cred. = Credential::ElevationType::NONE cred end |
.load(nsc, site_id, credential_id) ⇒ SiteCredential
Load an credential from the provided console.
126 127 128 129 130 131 |
# File 'lib/nexpose/site_credentials.rb', line 126 def self.load(nsc, site_id, credential_id) uri = "/api/2.1/sites/#{site_id}/credentials/#{credential_id}" resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON) hash = JSON.parse(resp, symbolize_names: true) new.object_from_hash(nsc, hash) end |
Instance Method Details
#==(other) ⇒ Object
195 196 197 |
# File 'lib/nexpose/site_credentials.rb', line 195 def ==(other) eql?(other) end |
#_to_param(target, engine_id, port, siteid) ⇒ Object
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'lib/nexpose/site_credentials.rb', line 83 def _to_param(target, engine_id, port, siteid) { dev: target, port: port, siteID: siteid, engineID: engine_id, service: @service, domain: @domain, database: @database, userName: @user_name, password: @password, privilegeElevationUserName: @permission_elevation_user, privilegeElevationPassword: @permission_elevation_password, privilegeElevationType: @permission_elevation_type, pemkey: @pem_format_private_key, snmpv3AuthType: @authentication_type, snmpv3PrivType: @privacy_type, snmpv3PrivPassword: @privacy_password } end |
#copy ⇒ SiteCredentials
Copy an existing configuration from a site credential. Returned object will reset the credential ID and append “Copy” to the existing name. Reminder: The password field will not be populated due to the API not sending password.
157 158 159 160 161 162 |
# File 'lib/nexpose/site_credentials.rb', line 157 def copy site_credential = self.clone site_credential.id = -1 site_credential.name = "#{site_credential.name} Copy" site_credential end |
#eql?(other) ⇒ Boolean
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 |
# File 'lib/nexpose/site_credentials.rb', line 199 def eql?(other) id.eql?(other.id) && service.eql?(other.service) && host_restriction.eql?(other.host_restriction) && port_restriction.eql?(other.port_restriction) && password.eql?(other.password) && name.eql?(other.name) && enabled.eql?(other.enabled) && description.eql?(other.description) && domain.eql?(other.domain) && database.eql?(other.database) && .eql?(other.) && .eql?(other.) && .eql?(other.) && authentication_type.eql?(other.authentication_type) && privacy_type.eql?(other.privacy_type) && privacy_password.eql?(other.privacy_password) && user_name.eql?(other.user_name) && notes_id_password.eql?(other.notes_id_password) && use_windows_auth.eql?(other.use_windows_auth) && sid.eql?(other.sid) && service_name.eql?(other.service_name) && pem_format_private_key.eql?(other.pem_format_private_key) && community_name.eql?(other.community_name) && scope.eql?(other.scope) end |
#test(nsc, target, engine_id = nil, siteid = -1)) ⇒ Boolean
Test this credential against a target where the credentials should apply. Only works for a newly created credential. Loading an existing credential will likely fail due to the API not sending password.
72 73 74 75 76 77 78 79 80 81 |
# File 'lib/nexpose/site_credentials.rb', line 72 def test(nsc, target, engine_id = nil, siteid = -1) unless engine_id engine_id = nsc.engines.detect { |e| e.name == 'Local scan engine' }.id end @port = Credential::DEFAULT_PORTS[@service] if @port.nil? parameters = _to_param(target, engine_id, @port, siteid) parameters = JSON.generate(parameters) resp = JSON.parse(Nexpose::AJAX.post(nsc, '/data/credential/test', parameters, Nexpose::AJAX::CONTENT_TYPE::JSON)) resp['success'] == 'true' end |
#to_h ⇒ Object
168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 |
# File 'lib/nexpose/site_credentials.rb', line 168 def to_h { id: id, service: service, host_restriction: host_restriction, port_restriction: port_restriction, password: password, name: name, enabled: enabled, description: description, domain: domain, database: database, permission_elevation_type: , permission_elevation_user: , permission_elevation_password: , authentication_type: authentication_type, privacy_type: privacy_type, privacy_password: privacy_password, user_name: user_name, notes_id_password: notes_id_password, use_windows_auth: use_windows_auth, sid: sid, service_name: service_name, pem_format_private_key: pem_format_private_key, community_name: community_name, scope: scope } end |
#to_json ⇒ Object
164 165 166 |
# File 'lib/nexpose/site_credentials.rb', line 164 def to_json JSON.generate(to_h) end |