Knowledge Base

Ask A Question

Questions

0

Ruby Script Execution Error

I am trying to apply exceptions to asset ID on a vuln ID but I am getting the following error, Retrying the request due to undefined method `sub' for nil:NilClass. If you see this message please open an Issue on Github with the error. Retrying the request due to undefined method `sub' for nil:NilClass. If you see this message please open an Issue on Github with the error. Retrying the request due to undefined method `sub' for nil:NilClass. If you see this message please open an Issue on Github with the error. Retrying the request due to undefined method `sub' for nil:NilClass. If you see this message please open an Issue on Github with the error. Retrying the request due to undefined method `sub' for nil:NilClass. If you see this message please open an Issue on Github with the error. I, [2018-08-23T10:26:45.015942 #5052] INFO -- : Logging out of Nexpose Traceback (most recent call last): 8: from ApplyException.rb:61:in `<main>' 7: from C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/csv-1.0.1/lib/csv.rb:1191:in `foreach' 6: from C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/csv-1.0.1/lib/csv.rb:1339:in `open' 5: from C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/csv-1.0.1/lib/csv.rb:1192:in `block in foreach' 4: from C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/csv-1.0.1/lib/csv.rb:1814:in `each' 3: from ApplyException.rb:73:in `block in <main>' 2: from C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/nexpose-7.2.0/lib/nexpose/vuln_exception.rb:230:in `save' 1: from C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/nexpose-7.2.0/lib/nexpose/connection.rb:124:in `execute' C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/nexpose-7.2.0/lib/nexpose/api_request.rb:148:in `execute': NexposeAPI: Action failed: Nexpose service returned an unrecognized response: "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n<Failure error-code=\"-1\">\n <Message>Error encountered, unable to fulfill request.</Message>\n <Exception>\n <Message></Message>\n <Stacktrace></Stacktrace>\n </Exception>\n</Failure>\n" (Nexpose::APIError) ## Initialize Gems require 'nexpose' require 'rubygems' require 'csv' require 'logger' require 'yaml' require 'time' require 'set' gem 'nexpose' require 'highline/import' include Nexpose ## Enable Logging so that all tags created and modified are tracked $log = Logger.new(STDOUT) $log.level = Logger::INFO ## Import credentials from the configuration file config_path = File.expand_path("../nexpose.yaml", __FILE__) config = YAML.load_file(config_path) @nx_host = config["nx_hostname"] @nx_username = config["nx_username"] @nx_password = config["nx_password"] thedate = DateTime.now ## Input CSV File that contains IPs + Vuln ID's vuln_file = 'x.csv' ## Log file to write all the exceptions default_logfile = 'ApplyException_' + thedate.strftime('%Y-%m-%d--%H%M') + '.log' ## Log File Name log_file = 'exception_asset.log' time = Time.new set_date = time.strftime("%Y%m%d-%Hh%Mm") ## Enter Credentials and URI for Nexpose connection nsc = Nexpose::Connection.from_uri(@nx_host, @nx_username, @nx_password) ## Login to Nexpose $log.info "Logging into Nexpose" nsc.login at_exit { $log.info "Logging out of Nexpose" nsc.logout } review_comments = "Auto approved by submitter." rsn = Nexpose::VulnException::Reason::ACCEPTABLE_RISK scope = Nexpose::VulnException::Scope::ALL_INSTANCES_ON_A_SPECIFIC_ASSET CSV.foreach(vuln_file, {:headers => true}) do |asset| # Skip any rows that have Empty column entries for Asset ID, Comment, Expiration Date, Vuln ID next if asset['ASSET_ID'].nil? || asset['Comment'].nil? || asset['Expiration Date'].nil? || asset['Vuln ID'].nil? # Build the exception Hash exceptionDetails = Hash.new exceptionDetails[:vuln_id] = asset['Vuln ID'] exceptionDetails[:reason] = rsn exceptionDetails[:scope] = scope exceptionDetails[:comment] = asset['Comment'] exceptionDetails[:device_id] = asset['ASSET_ID'] exception = Nexpose::VulnException.new(asset['Vuln ID'], 'All Instances on a Specific Asset', 'Acceptable Risk') exception.asset_id = asset['ASSET_ID'] exception.save(nsc, asset['Comment']) exception.update_expiration_date(nsc, asset['Expiration Date']) exception.approve(nsc, review_comments) log.puts 'Created Exception:' log.puts 'vuln_id: ' + exceptionDetails[:vuln_id] + ', ' + 'device_id: ' + exceptionDetails[:device_id].to_s + ', ' + 'reason: ' + exceptionDetails[:reason] + ', ' + 'scope: ' + exceptionDetails[:scope] + ', ' + 'comment: ' + (exceptionDetails[:comment].nil? ? '' : exceptionDetails[:comment].to_s) end

Posted by SANDEEP BATCHU 3 months ago