RubyGems - CloudyScripts - Versions diffs - 1.6.1 → 1.7.27 - Mend

CloudyScripts 1.6.1 → 1.7.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (176) hide show

data/Rakefile +1 -1
data/lib/audit/checks/APACHE2.group +6 -0
data/lib/audit/checks/APACHE2_CONFIG_01.check +36 -0
data/lib/audit/checks/APACHE2_CONFIG_02.check +34 -0
data/lib/audit/checks/APACHE2_CONFIG_03.check +60 -0
data/lib/audit/checks/APACHE2_CONFIG_04.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_05.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_06.check +30 -0
data/lib/audit/checks/APACHE2_INIT_1.check +14 -0
data/lib/audit/checks/APACHE2_INIT_2.check +66 -0
data/lib/audit/checks/APACHE2_INIT_3.check +13 -0
data/lib/audit/checks/APACHE2_USER_7.check +17 -0
data/lib/audit/checks/BACKUP_HOME_DOTFILES.check +26 -0
data/lib/audit/checks/BACKUP_LOG.check +24 -0
data/lib/audit/checks/BACKUP_MAIL.check +19 -0
data/lib/audit/checks/BACKUP_WEB.check +12 -0
data/lib/audit/checks/CONFIGURATION_BACKUP.check +14 -0
data/lib/audit/checks/DIRECTORY_LISTING.check +14 -0
data/lib/audit/checks/DISTRIBUTION_FACTS.check +60 -0
data/lib/audit/checks/DMESG_OUTPUT.check +14 -0
data/lib/audit/checks/FIND_GROUP_FILE.check +6 -0
data/lib/audit/checks/FIND_PASSWD_FILE.check +8 -0
data/lib/audit/checks/FIND_SHADOW_FILE.check +5 -0
data/lib/audit/checks/FIND_SUDOERS_FILE.check +6 -0
data/lib/audit/checks/FREE_SPACE.check +26 -0
data/lib/audit/checks/HAS_AWK.check +30 -0
data/lib/audit/checks/HAS_BASE.check +21 -0
data/lib/audit/checks/HAS_CAT.check +18 -0
data/lib/audit/checks/HAS_COMPRESSOR.check +30 -0
data/lib/audit/checks/HAS_CUT.check +18 -0
data/lib/audit/checks/HAS_DF.check +19 -0
data/lib/audit/checks/HAS_DPKG.check +18 -0
data/lib/audit/checks/HAS_FILE_DOWNLOADER.check +32 -0
data/lib/audit/checks/HAS_FIND.check +18 -0
data/lib/audit/checks/HAS_GREP.check +19 -0
data/lib/audit/checks/HAS_GROUPCHECK.check +23 -0
data/lib/audit/checks/HAS_GROUPS.check +19 -0
data/lib/audit/checks/HAS_HOSTNAME.check +7 -0
data/lib/audit/checks/HAS_ID.check +7 -0
data/lib/audit/checks/HAS_LSB_RELEASE.check +16 -0
data/lib/audit/checks/HAS_MOUNT.check +19 -0
data/lib/audit/checks/HAS_NETSTAT.check +20 -0
data/lib/audit/checks/HAS_PASSWD_CHECK.check +17 -0
data/lib/audit/checks/HAS_PS.check +19 -0
data/lib/audit/checks/HAS_ROUTE.check +19 -0
data/lib/audit/checks/HAS_SH.check +19 -0
data/lib/audit/checks/HAS_SORT.check +17 -0
data/lib/audit/checks/HAS_STAT.check +17 -0
data/lib/audit/checks/HAS_SUPERUSER.check +11 -0
data/lib/audit/checks/HAS_TAIL.check +16 -0
data/lib/audit/checks/HAS_TAR.check +7 -0
data/lib/audit/checks/HAS_TR.check +22 -0
data/lib/audit/checks/HAS_UNAME.check +7 -0
data/lib/audit/checks/HAS_UNIQ.check +17 -0
data/lib/audit/checks/HAS_WC.check +16 -0
data/lib/audit/checks/HAS_WHO.check +18 -0
data/lib/audit/checks/HAS_YUM.check +18 -0
data/lib/audit/checks/LASTLOG.check +28 -0
data/lib/audit/checks/LIST_ROUTES.check +33 -0
data/lib/audit/checks/LIST_USER_ACCOUNTS.check +25 -0
data/lib/audit/checks/LOADED_MODULES.check +22 -0
data/lib/audit/checks/LOCAL_NMAP.check +97 -0
data/lib/audit/checks/LOGGED_USERS.check +28 -0
data/lib/audit/checks/LYNIS_AUTH.group +9 -0
data/lib/audit/checks/LYNIS_AUTH_9204.check +43 -0
data/lib/audit/checks/LYNIS_AUTH_9208.check +35 -0
data/lib/audit/checks/LYNIS_AUTH_9216.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9222.check +25 -0
data/lib/audit/checks/LYNIS_AUTH_9226.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9228.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9252.check +19 -0
data/lib/audit/checks/MAYBE_HAS_BZIP2.check +17 -0
data/lib/audit/checks/MAYBE_HAS_CURL.check +17 -0
data/lib/audit/checks/MAYBE_HAS_DU.check +17 -0
data/lib/audit/checks/MAYBE_HAS_HOSTNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_ID.check +17 -0
data/lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check +15 -0
data/lib/audit/checks/MAYBE_HAS_SUPERUSER.check +36 -0
data/lib/audit/checks/MAYBE_HAS_TAR.check +19 -0
data/lib/audit/checks/MAYBE_HAS_UNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_WGET.check +17 -0
data/lib/audit/checks/MOUNTED_DEVICES.check +22 -0
data/lib/audit/checks/MYSQL_HISTORY_1.check +29 -0
data/lib/audit/checks/MYSQL_INIT_1.check +9 -0
data/lib/audit/checks/MYSQL_INIT_2.check +12 -0
data/lib/audit/checks/MYSQL_INIT_3.check +7 -0
data/lib/audit/checks/PACKAGES_INSTALLED_DPKG.check +38 -0
data/lib/audit/checks/PACKAGES_INSTALLED_YUM.check +36 -0
data/lib/audit/checks/PASSWORD_INFORMATION.check +33 -0
data/lib/audit/checks/PLATFORM_FACTS.check +35 -0
data/lib/audit/checks/PORTS_OPEN_NETSTAT.check +121 -0
data/lib/audit/checks/PROCESS_LIST.check +87 -0
data/lib/audit/checks/SLOW.group +7 -0
data/lib/audit/checks/SLOW_1.check +4 -0
data/lib/audit/checks/SLOW_2.check +4 -0
data/lib/audit/checks/SLOW_3.check +4 -0
data/lib/audit/checks/SSH.group +14 -0
data/lib/audit/checks/SSH_CONFIG_01.check +12 -0
data/lib/audit/checks/SSH_CONFIG_02.check +15 -0
data/lib/audit/checks/SSH_CONFIG_03.check +13 -0
data/lib/audit/checks/SSH_CONFIG_04.check +11 -0
data/lib/audit/checks/SSH_CONFIG_05.check +12 -0
data/lib/audit/checks/SSH_CONFIG_06.check +12 -0
data/lib/audit/checks/SSH_CONFIG_07.check +11 -0
data/lib/audit/checks/SSH_CONFIG_08.check +12 -0
data/lib/audit/checks/SSH_CONFIG_09.check +12 -0
data/lib/audit/checks/SSH_CONFIG_10.check +15 -0
data/lib/audit/checks/SSH_CONFIG_11.check +14 -0
data/lib/audit/checks/SSH_INIT_1.check +9 -0
data/lib/audit/checks/SSH_INIT_2.check +12 -0
data/lib/audit/checks/SSH_KEYS_1.check +32 -0
data/lib/audit/checks/USERS_INIT_1.check +9 -0
data/lib/audit/checks/USERS_INIT_2.check +5 -0
data/lib/audit/checks/USERS_INIT_3.check +5 -0
data/lib/audit/checks/USERS_INIT_4.check +9 -0
data/lib/audit/checks/USERS_INIT_5.check +10 -0
data/lib/audit/checks/USER_INFORMATION.check +29 -0
data/lib/audit/checks/VARIOUS.group +19 -0
data/lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check +5 -0
data/lib/audit/checks/benchmark.group +6 -0
data/lib/audit/checks/footer.template +12 -0
data/lib/audit/checks/header.template +10 -0
data/lib/audit/checks/helpers/head.sh +59 -0
data/lib/audit/checks/script_header.template +69 -0
data/lib/audit/create_benchmark.sh +93 -0
data/lib/audit/lib/audit.rb +136 -0
data/lib/audit/lib/audit_facade.rb +5 -0
data/lib/audit/lib/benchmark/audit_benchmark.rb +165 -0
data/lib/audit/lib/benchmark/automatic_dependencies.rb +13 -0
data/lib/audit/lib/benchmark/benchmark_factory.rb +23 -0
data/lib/audit/lib/benchmark/benchmark_result.rb +25 -0
data/lib/audit/lib/benchmark/check.rb +34 -0
data/lib/audit/lib/benchmark/group.rb +30 -0
data/lib/audit/lib/benchmark/item_exception.rb +13 -0
data/lib/audit/lib/benchmark/result_code.rb +11 -0
data/lib/audit/lib/benchmark/rule_result.rb +42 -0
data/lib/audit/lib/benchmark/rule_role.rb +5 -0
data/lib/audit/lib/benchmark/rule_severity.rb +13 -0
data/lib/audit/lib/benchmark/yaml_benchmark.rb +133 -0
data/lib/audit/lib/connection/ami_connection.rb +4 -0
data/lib/audit/lib/connection/connection_factory.rb +27 -0
data/lib/audit/lib/connection/ssh_connection.rb +243 -0
data/lib/audit/lib/ec2_utils.rb +245 -0
data/lib/audit/lib/http_fingerprint.rb +116 -0
data/lib/audit/lib/lazy.rb +37 -0
data/lib/audit/lib/linear_script_generator.rb +31 -0
data/lib/audit/lib/main.rb +13 -0
data/lib/audit/lib/my_option_parser.rb +106 -0
data/lib/audit/lib/nessus_new.rb +290 -0
data/lib/audit/lib/nessus_utils.rb +102 -0
data/lib/audit/lib/parser/command/abstract_command.rb +32 -0
data/lib/audit/lib/parser/command/abstract_command_result.rb +30 -0
data/lib/audit/lib/parser/command/attach_file_command.rb +63 -0
data/lib/audit/lib/parser/command/check_finished_command.rb +45 -0
data/lib/audit/lib/parser/command/cpe_name_command.rb +37 -0
data/lib/audit/lib/parser/command/data_command.rb +43 -0
data/lib/audit/lib/parser/command/listening_port_command.rb +46 -0
data/lib/audit/lib/parser/command/message_command.rb +21 -0
data/lib/audit/lib/parser/command/program_name_command.rb +42 -0
data/lib/audit/lib/parser/parse_exception.rb +2 -0
data/lib/audit/lib/parser/result_type.rb +13 -0
data/lib/audit/lib/parser/script_output_parser.rb +201 -0
data/lib/audit/lib/parser/stdout_line_buffer.rb +43 -0
data/lib/audit/lib/ssh_fingerprint.rb +220 -0
data/lib/audit/lib/ssh_fingerprint2.rb +170 -0
data/lib/audit/lib/ssh_utils.rb +292 -0
data/lib/audit/lib/transformers/web_view_transformer.rb +171 -0
data/lib/audit/lib/transformers/yaml_transformer.rb +50 -0
data/lib/audit/lib/util/random_string.rb +22 -0
data/lib/audit/lib/version.rb +7 -0
data/lib/help/ec2_helper.rb +65 -2
data/lib/help/remote_command_handler.rb +17 -0
data/lib/help/state_transition_helper.rb +8 -0
data/lib/scripts/ec2/open_port_checker.rb +112 -0
data/lib/scripts/ec2/port_range_detector.rb +0 -1
metadata +175 -16

data/lib/audit/lib/ec2_utils.rb ADDED Viewed

@@ -0,0 +1,245 @@
+require 'AWS'
+class EC2_Utils
+	attr_reader :ec2
+	public
+	def initialize(ec2_options)
+		@ec2 = AWS::EC2::Base.new(ec2_options)
+	end
+	# Get public DNS name of an instance.
+	# If the instance is not yet started and the DNS name not known, block until the instance is started.
+	#
+	# @param instance_id Instance ID of the instance that you want to get the DNS from.
+	# @param ec2 The AWS::EC2::Base object that is used to access EC2.
+	# @return Public DNS name of the instance as String.
+	public
+	def get_instance_public_dns(instance_id)
+		error_count = 0
+		begin
+			while (true) do
+				instances = @ec2.describe_instances(:instance_id => instance_id)
+				# protect against nil errors because parts of the structure are not initialized when the DNS is not known
+				begin
+					dns_name = instances["reservationSet"]["item"][0]["instancesSet"]["item"][0]["dnsName"]
+					return dns_name if dns_name
+				rescue => err
+				end
+				sleep(5)
+			end
+		rescue => err
+			error_count += 1
+			raise err if error_count > 3
+			sleep(5)
+			retry
+		end
+	end
+	# Get the AMI from a started instance.
+	#
+	# @param instance_id The instance id that the machine id is retrieved for.
+	# @param ec2 The AWS::EC2::Base object that is used to access EC2.
+	# @return Machine id of the instance as String.
+	public
+	def get_image_id(instance_id)
+		instances = @ec2.describe_instances(:instance_id => instance_id)
+		if instances then
+			return instances["reservationSet"]["item"][0]["instancesSet"]["item"][0]["imageId"]
+		else
+			return "none"
+		end
+	end
+	public
+	def get_instance_states()
+		instanceStates = []
+		@ec2.describe_instances()['reservationSet']['item'].each do|x|
+			x['instancesSet']['item'].each do|y|
+				instanceStates << {:instance_id => y['instanceId'],
+				                   :state => y['instanceState']['name'],
+				                   :image_id => y['imageId'],
+				                   :runtime => (DateTime.now() - DateTime.strptime(y['launchTime'], "%Y-%m-%dT%H:%M:%S")) * 24.0}
+			end
+		end
+		return instanceStates
+	end
+	public
+	def get_cheapest_instance_type(machine_id)
+		machines = @ec2.describe_images(:image_id => machine_id)
+		begin
+			return "t1.micro" if machines['imagesSet']['item'][0]['rootDeviceType'] == "ebs"
+			return 'm1.small' if machines['imagesSet']['item'][0]['architecture'] == "i386"
+			return "m1.large" if machines['imagesSet']['item'][0]['architecture'] == "x86_64"
+		rescue => err
+		end
+		puts "ERROR: Finding cheapest instance type in EC2_Utils::get_cheapest_instance_type for machine_id = #{machine_id}"
+		return "t1.micro"
+	end
+	public
+	def start_instance(options)
+		raise "Invalid parameters to EC2_Utils::start_instance: :id is missing" unless options[:id]
+		if /^ami-.*$/.match(options[:id]) then
+			raise "Invalid parameters to EC2_Utils::start_instance: :ssh_keypair is missing" unless options[:ssh_keypair]
+			raise "Invalid parameters to EC2_Utils::start_instance: :instance_type is missing" unless options[:instance_type]
+			raise "Invalid parameters to EC2_Utils::start_instance: :security_group is missing" unless options[:security_group]
+			instance_id = false
+			if options[:max_price] then
+				spot_request = @ec2.request_spot_instances(
+					:image_id => options[:id],
+					:instance_count => 1,
+					:key_name => options[:ssh_keypair],
+					:security_group => options[:security_group],
+					:disable_api_termination => false,
+					:instance_type => options[:instance_type],
+					:spot_price => options[:max_price],
+					:valid_from => nil,
+					:valid_until => nil)
+				spot_request_id = spot_request['spotInstanceRequestSet']['item'][0]['spotInstanceRequestId']
+				begin
+					spot_reqs = ec2.describe_spot_instance_requests()
+					spot_req = spot_reqs['spotInstanceRequestSet']['item'].reject{|x| x['spotInstanceRequestId'] != spot_request_id}
+					raise "Spot request #{spot_request_id} seems to have disappeared" if spot_req.length() != 1
+					if spot_req[0]['instanceId'] then
+						instance_id = spot_req[0]['instanceId']
+					end
+					sleep(30)
+				end until instance_id
+			else
+				instance = @ec2.run_instances(
+					:image_id => options[:id],
+					:max_count => 1,
+					:key_name => options[:ssh_keypair],
+					:security_group => options[:security_group],
+					:disable_api_termination => false,
+					:instance_type => options[:instance_type])
+				instance_id = instance["instancesSet"]["item"][0]["instanceId"]
+			end
+			image_id = options[:id]
+		elsif /^i-.*$/.match(options[:id]) then
+			instance_id = options[:id]
+			image_id = get_image_id(instance_id)
+		else
+			raise "Unknown identifier #{options[:id]}"
+		end
+		puts "instance #{instance_id} started, waiting for IP address" if options[:verbose]
+		begin
+			dns_name = get_instance_public_dns(instance_id)
+		rescue => err
+			puts "ERROR: During DNS request of AMI" if options[:verbose]
+		end
+		if dns_name.nil? || dns_name.empty? then
+			puts "ERROR: No DNS name for AMI found" if options[:verbose]
+			raise "No DNS name for AMI found"
+		end
+		return {:machine_id => image_id,
+		        :instance_id => instance_id,
+		        :public_dns => dns_name}
+	end
+	public
+	def get_instance_volumes(instance_id)
+		volumes = []
+		instances = @ec2.describe_instances(:instance_id => [instance_id])
+		instances['reservationSet']['item'].each do|reservationSet|
+			next unless reservationSet['instancesSet']
+			reservationSet['instancesSet']['item'].each do|instancesSet|
+				next unless instancesSet['blockDeviceMapping']
+				instancesSet['blockDeviceMapping']['item'].each do|blockDeviceMapping|
+					next unless blockDeviceMapping['ebs']
+					volumes << blockDeviceMapping['ebs']['volumeId']
+				end
+			end
+		end
+		return volumes
+	end
+	public
+	def terminate_instance(instance_id)
+		volumes = get_instance_volumes(instance_id)
+		@ec2.terminate_instances(:instance_id => [instance_id])
+		begin
+			#wait till instance is terminated
+			begin
+				instance_state = @ec2.describe_instances(:instance_id => [instance_id])['reservationSet']['item'][0]['instancesSet']['item'][0]['instanceState']['name']
+			end unless instance_state == "terminated"
+			#delete volumes
+			volumes.each do|volume|
+				begin
+					@ec2.detach_volumes(:volume_id => volume)
+				rescue => err
+				end
+				@ec2.delete_volume(:volume_id => volume)
+			end
+		rescue => err
+			if err.class() == AWS::Error  && /The volume 'vol-[0-9a-f]{8}' does not exist/.match(err.message()) then
+				#ignore error
+			end
+		end
+	end
+	public
+	def get_spot_prices(options = {})
+		arg = {:start_time => Time.now() - 1, :end_time => Time.now()}
+		arg[:instance_type] = options[:instance_type] if options[:instance_type]
+		spot_prices = ec2.describe_spot_price_history(arg)
+		prices = {}
+		if spot_prices["spotPriceHistorySet"] then
+			spot_prices["spotPriceHistorySet"]["item"].each do|spot_price|
+				(prices[spot_price["instanceType"]] ||= {})[spot_price["productDescription"]] = {:price => spot_price["spotPrice"], :timestamp => spot_price["timestamp"]}
+			end
+		end
+		return prices
+	end
+end
+# taken from https://github.com/grempe/amazon-ec2/blob/master/lib/AWS/EC2/console.rb ------------------------->
+module AWS
+  module EC2
+    class Base < AWS::Base
+      # The GetConsoleOutput operation retrieves console output that has been posted for the specified instance.
+      #
+      # Instance console output is buffered and posted shortly after instance boot, reboot and once the instance
+      # is terminated. Only the most recent 64 KB of posted output is available. Console output is available for
+      # at least 1 hour after the most recent post.
+      #
+      # @option options [String] :instance_id ("") an Instance ID
+      #
+      def get_console_output( options = {} )
+        options = {:instance_id => ""}.merge(options)
+        raise ArgumentError, "No instance ID provided" if options[:instance_id].nil? || options[:instance_id].empty?
+        params = { "InstanceId" => options[:instance_id] }
+        return response_generator(:action => "GetConsoleOutput", :params => params)
+      end
+    end
+  end
+end
+# <----------------------------------------------------------------------------------------------------------

data/lib/audit/lib/http_fingerprint.rb ADDED Viewed

@@ -0,0 +1,116 @@
+require 'timeout'
+require 'socket'
+# http://www.apachehaus.com/index.php?option=com_content&view=article&id=119:history-releases-apache&catid=41:catagory-change-logs&Itemid=93
+#Contains code to take responses to revealing HTTP requests.
+#This code needs Ruby 1.9 for the timeout module.
+module HTTP_FINGERPRINT
+	#HTTP request timeout in seconds
+	HTTP_REQUEST_TIMEOUT = 10
+	def self.repeat_character(x, y)
+		if y == 0 then
+			return ""
+		else
+			return x + repeat_character(x, y - 1)
+		end
+	end
+	@http_methods = [["GET / HTTP/1.1\r\n", :get_existing],
+                ["GET /" + repeat_character("x", 1024) + " HTTP/1.1\r\n", :get_long],
+                ["GET /kC8CH9.html HTTP/1.1\r\n", :get_nonexisting],
+                ["GET / HTTP/9.8\r\n", :wrong_version],
+                ["GET / INVD/1.1\r\n", :wrong_protocol],
+                ["HEAD / HTTP/1.1\r\n", :head_existing],
+                ["OPTIONS / HTTP/1.1\r\n", :options],
+                ["DELETE / HTTP/1.1\r\n", :delete_existing],
+                ["GET /etc/passwd?format=%%%&xss=\"><script>alert('xss');" +
+                "</script>&traversal=../../&sql='%20OR%201; HTTP/1.1\r\n", :attack_request],
+                ["TEST / HTTP/1.1\r\n", :wrong_method],
+                ["GET \\ HTTP/1.1\r\n", :get_backslash_resource]]
+	def self.fingerprint_to_xml(fingerprint)
+		xml = [
+			"<scan_targethost>\n",
+			fingerprint[:scan_targethost] + "\n",
+			"</scan_targethost>\n",
+			"<scan_targetport>\n",
+			fingerprint[:scan_targetport].to_s + "\n",
+			"</scan_targetport>\n",
+			"<scan_targetsecure>\n",
+			fingerprint[:scan_targetsecure].to_s + "\n",
+			"</scan_targetsecure>\n",
+			"<scan_date>\n",
+			fingerprint[:scan_timestamp].strftime("%d.%m.%Y") + "\n",
+			"</scan_date>\n",
+			"<scan_time>\n",
+			fingerprint[:scan_timestamp].strftime("%H:%M:%S") + "\n",
+			"</scan_time>\n"]
+		@http_methods.each do|method|
+			xml << ("<" + method[1].to_s + ">\n")
+			fingerprint[method[1]].each {|l| xml << l}
+			xml << ("</" + method[1].to_s + ">\n")
+		end
+		return xml.join
+	end
+	public
+	def self.fingerprint(host, port = 80, useragent = "(KHTML, like Gecko) " +
+	             "Ubuntu/10.04 Chromium/8.0.552.224 Chrome/8.0.552.224" +
+                " Safari/534.10")
+		header_lines = ["User-Agent: " + useragent  + "\r\n",
+	               "Host: " + host + "\r\n",
+                  "Connection: Close\r\n",
+                  "Cache-Control: no-cache\r\n",
+                  "\r\n"]
+		http_fingerprints= {
+				:scan_targethost => host,
+				:scan_targetport => port,
+				:scan_targetsecure => 0,
+				:scan_timestamp => Time.now}
+#				[
+#			"<scan_targethost>\n",
+#			host + "\n",
+#			"</scan_targethost>\n",
+#			"<scan_targetport>\n",
+#			port.to_s + "\n",
+#			"</scan_targetport>\n",
+#			"<scan_targetsecure>\n",
+#			"0\n",
+#			"</scan_targetsecure>\n",
+#			"<scan_date>\n",
+#			Time.now.strftime("%d.%m.%Y") + "\n",
+#			"</scan_date>\n",
+#			"<scan_time>\n",
+#			Time.now.strftime("%H:%M:%S") + "\n",
+#			"</scan_time>\n"]
+		@http_methods.each do|method|
+			http_fingerprints[method[1]] = []
+#			http_fingerprints << ("<" + method[1] + ">\n")
+			begin
+				timeout(HTTP_REQUEST_TIMEOUT) do
+					socket = TCPSocket.new(host, port)
+					socket.puts method[0]
+					header_lines.each do|hdr_line|
+						socket.puts hdr_line
+					end
+					received = socket.readlines
+					for i in 0 .. received.length
+						if received[i] == "\r\n" || received[i] == "\n" then
+							break
+						end
+						http_fingerprints[method[1]] << received[i]
+					end
+				end
+			rescue Timeout::Error
+				http_fingerprints[method[1]] = :TIMEOUT
+			end
+#			http_fingerprints << ("</" + method[1] + ">\n")
+		end
+		return http_fingerprints
+	end
+end

data/lib/audit/lib/lazy.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# To change this template, choose Tools | Templates
+# and open the template in the editor.
+class Lazy
+  def initialize(obj, eval_method, *eval_args, &eval_block)
+    @obj = obj
+    @eval_method = eval_method
+    @eval_args = *eval_args
+    @eval_block = eval_block
+    #debugging
+    raise "Object #{@obj.class.name} does not contain method #{@eval_method}" unless @obj.methods.include? @eval_method
+  end
+  def method_missing(method, *args, &block)
+    @evaluated = @obj.send(@eval_method, *@eval_args, &@eval_block) if @evaluated.nil?
+    @evaluated.send(method, *args, &block)
+  end
+  def to_yaml(opts = {})
+    @evaluated = @obj.send(@eval_method, *@eval_args, &@eval_block) if @evaluated.nil?
+    return @evaluated.to_yaml(opts)
+  end
+  def methods()
+    @evaluated = @obj.send(@eval_method, *@eval_args, &@eval_block) if @evaluated.nil?
+    return @evaluated.methods()
+  end
+  def debug_lazy()
+    return [@obj, @eval_method, @eval_args, @eval_block]
+  end
+  def get()
+	  return @obj
+  end
+end

data/lib/audit/lib/linear_script_generator.rb ADDED Viewed

@@ -0,0 +1,31 @@
+require 'benchmark'
+class LinearScriptGenerator
+	def self.generate(benchmark)
+		retval = ""
+		resolved_dependencies = benchmark.execution_order
+		script_header = benchmark.element("script_header.template")
+		header = benchmark.element("header.template")
+		footer = benchmark.element("footer.template")
+		raise ItemNotFoundException.new("header.template"), "header template missing in benchmark" if header.nil?
+		raise ItemNotFoundException.new("footer.template"), "footer template missing in benchmark" if footer.nil?
+		raise ItemNotFoundException.new("script_header.template"), "script header template missing in benchmark" if script_header.nil?
+		retval = script_header if script_header
+		resolved_dependencies.flatten.each do|x|
+			depends_condition = ""
+	   		x.dependencies.each do|y|
+				depends_condition = depends_condition + "-a ${" + y.id + "_EXITCODE} -eq 0 "
+			end
+			retval = retval + "\n" + header.gsub(/%%SCRIPT_ID%%/, x.id).gsub(/%%DEPENDS_CONDITION%%/, depends_condition) + "\n"
+			retval = retval + (x.script)
+			retval = retval + "\n" + footer.gsub(/%%SCRIPT_ID%%/, x.id)
+		end
+		return retval
+	end
+end

data/lib/audit/lib/main.rb ADDED Viewed

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+require 'my_option_parser'
+# Parsed options from command line
+options = MyOptionParser.new(ARGV).parse()
+print "Connection type: #{options.connection_type}\n"
+print "SSH Credentials: #{options.ssh_credentials.to_s}\n" if options.connection_type == :ssh
+#print "SSH: #{options[:ssh]}\n" unless options[:ssh].nil?

data/lib/audit/lib/my_option_parser.rb ADDED Viewed

@@ -0,0 +1,106 @@
+require 'optparse'
+class MyOptionParser
+	attr_reader :options
+	def initialize(args)
+		@args = args
+	end
+	def parse()
+		@options = {}
+		opts = OptionParser.new do|opts|
+			#Banner string displayed at top of help
+			opts.banner = "Usage: ./main.rb\t--ssh HOST[:PORT] [--user USERNAME] --key KEYFILE --benchmark BENCHMARK"
+			opts.separator "\t\t\t--ami AMI-ID --credentials CREDENTIALS --benchmark BENCHMARK"
+			@options[:verbose] = false
+			opts.on('-v', '--[no-]verbose', 'Output more information') do|v|
+				@options[:verbose] = v
+			end
+			opts.on('-A', '--ami AMI-ID', String, 'Select this AMI for audit') do|ami|
+				@options[:ami] = ami
+			end
+			opts.on('-S', '--ssh HOST', String, 'Select this host for audit') do|host|
+				@options[:ssh] = host
+			end
+			opts.on('-B', '--benchmark BENCHMARK', String, 'Use this benchmark file') do|bm|
+				@options[:benchmark] = bm
+			end
+			opts.on('-K', '--key KEY', String, 'Use this private key file for authentication') do|key|
+				@options[:key] = key
+			end
+			opts.on('-P', '--password PASSWORD', String, 'Use this password for authentication') do|pwd|
+				@options[:password] = pwd
+			end
+			opts.on('-C', '--credentials CREDENTIALS', String, 'Use these Amazon Account credentials to start the AMI') do|cd|
+				@options[:credentials] = cd
+			end
+			opts.on_tail("-h", "--help", "Show this message") do
+				puts opts
+				exit
+			end
+		end
+		opts.parse(@args)
+		if @options[:ssh].nil? and @options[:ami].nil? then
+			print "You must specify one of the --ssh or --ami options. Exiting.\n"
+			exit 1
+		end
+		if not @options[:ssh].nil? and not @options[:ami].nil? then
+			print "Options --ssh and --ami are mutually exclusive, but both chosen. Please specify only one of them. Exiting.\n"
+			exit 1
+		end
+		if @options[:benchmark].nil? then
+			print "Option --benchmark is required. Please specify a benchmark file for this audit. Exiting.\n"
+			exit 1
+		end
+		if not @options[:ssh].nil? and @options[:key].nil? and @options[:password].nil? then
+			print "At least one authentication method for SSH is required. Please specify either --key or --password. Exiting.\n"
+			exit 1
+		end
+		return self
+	end
+	def connection_type
+		return :ami unless @options[:ami].nil?
+		return :ssh unless @options[:ssh].nil?
+		return :none
+	end
+	def ssh_credentials
+		raise "SSH credentials requested although SSH connection method is not chosen" if @options[:ssh].nil?
+		raise "No SSH authentication method chosen" if @options[:password].nil? and @options[:key].nil?
+		cred = {:host => @options[:ssh]}
+		if @options[:user].nil? then
+			cred[:user] = 'root'
+		else
+			cred[:user] = @options[:user]
+		end
+		cred[:key_data] = @options[:key] unless @options[:key].nil?
+		cred[:password] = @options[:password] unless @options[:password].nil?
+		return cred
+	end
+	def benchmark
+		raise "No benchmark file specified" if @options[:benchmark].nil?
+		return @options[:benchmark]
+	end
+end