ciphersurfer 1.0.4 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: f1503df20e8e6fb158b82a0cb49f1ec3ccccdf1c
4
+ data.tar.gz: 0144cabd84f3d1f72fc5844f2d82b025e2f5a5f6
5
+ SHA512:
6
+ metadata.gz: 4a0a44b91ffd8a7ceb03ac5ad25b986c5c126607811b4f750a231ac025d5178f92317f07dda234c274ecf0676b329027af432fb12e048c631b6a6d3e1de38a31
7
+ data.tar.gz: 34428251037480f89df420a00ea8fda7dd6eb972cd5bee9c5efe201192c6a9b4f1967e7948585a409a8fda914877988eba43b9897e8b79dd5afa3c1a55920a4e
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/.rvmrc ADDED
@@ -0,0 +1 @@
1
+ rvm use 2.1.3@hacking
data/Gemfile CHANGED
@@ -1,18 +1,4 @@
1
- source "http://rubygems.org"
1
+ source 'https://rubygems.org'
2
2
 
3
- gem 'rainbow'
4
- gem 'json'
5
- gem 'httpclient'
6
-
7
- # Add dependencies required to use your gem here.
8
- # Example:
9
- # gem "activesupport", ">= 2.3.5"
10
-
11
- # Add dependencies to develop your gem here.
12
- # Include everything needed to run rake, tests, features, etc.
13
- group :development do
14
- gem "rspec", "~> 2.3.0"
15
- gem "bundler", "~> 1.0.0"
16
- gem "jeweler", "~> 1.6.4"
17
- gem "rcov", ">= 0"
18
- end
3
+ # Specify your gem's dependencies in ciphersurfer.gemspec
4
+ gemspec
data/Gemfile.lock CHANGED
@@ -1,34 +1,21 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ ciphersurfer (1.2.0)
5
+ httpclient
6
+ rainbow
7
+
1
8
  GEM
2
- remote: http://rubygems.org/
9
+ remote: https://rubygems.org/
3
10
  specs:
4
- diff-lcs (1.1.3)
5
- git (1.2.5)
6
11
  httpclient (2.2.4)
7
- jeweler (1.6.4)
8
- bundler (~> 1.0)
9
- git (>= 1.2.5)
10
- rake
11
- json (1.6.5)
12
12
  rainbow (1.1.3)
13
13
  rake (0.9.2.2)
14
- rcov (0.9.11)
15
- rspec (2.3.0)
16
- rspec-core (~> 2.3.0)
17
- rspec-expectations (~> 2.3.0)
18
- rspec-mocks (~> 2.3.0)
19
- rspec-core (2.3.1)
20
- rspec-expectations (2.3.0)
21
- diff-lcs (~> 1.1.2)
22
- rspec-mocks (2.3.0)
23
14
 
24
15
  PLATFORMS
25
16
  ruby
26
17
 
27
18
  DEPENDENCIES
28
- bundler (~> 1.0.0)
29
- httpclient
30
- jeweler (~> 1.6.4)
31
- json
32
- rainbow
33
- rcov
34
- rspec (~> 2.3.0)
19
+ bundler (~> 1.5)
20
+ ciphersurfer!
21
+ rake
data/LICENSE.txt CHANGED
@@ -1,4 +1,6 @@
1
- Copyright (c) 2012 Paolo Perego
1
+ Copyright (c) 2014 Paolo Perego
2
+
3
+ MIT License
2
4
 
3
5
  Permission is hereby granted, free of charge, to any person obtaining
4
6
  a copy of this software and associated documentation files (the
data/Rakefile CHANGED
@@ -1,58 +1 @@
1
- # encoding: utf-8
2
-
3
- require 'rubygems'
4
- require 'bundler'
5
- begin
6
- Bundler.setup(:default, :development)
7
- rescue Bundler::BundlerError => e
8
- $stderr.puts e.message
9
- $stderr.puts "Run `bundle install` to install missing gems"
10
- exit e.status_code
11
- end
12
- require 'rake'
13
-
14
- require 'jeweler'
15
- require './lib/ciphersurfer/version'
16
-
17
- Jeweler::Tasks.new do |gem|
18
- # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
19
- gem.name = "ciphersurfer"
20
- gem.homepage = "http://github.com/thesp0nge/ciphersurfer"
21
- gem.license = "BSD"
22
- gem.version = Ciphersurfer::Version::STRING
23
- File.open('VERSION', 'w') {|f| f.write(Ciphersurfer::Version::STRING) }
24
-
25
- gem.summary = %Q{evaluates web server SSL configuration}
26
- gem.description = %Q{ciphersurfer is a security tool that evaluates web server SSL configuration}
27
- gem.email = "thesp0nge@gmail.com"
28
- gem.required_ruby_version = '>= 1.8.7'
29
- gem.authors = ["Paolo Perego"]
30
- gem.executables = ['ciphersurfer']
31
- gem.default_executable = 'ciphersurfer'
32
- gem.require_path = 'lib'
33
- # dependencies defined in Gemfile
34
- end
35
- Jeweler::RubygemsDotOrgTasks.new
36
-
37
- require 'rspec/core'
38
- require 'rspec/core/rake_task'
39
- RSpec::Core::RakeTask.new(:spec) do |spec|
40
- spec.pattern = FileList['spec/**/*_spec.rb']
41
- end
42
-
43
- RSpec::Core::RakeTask.new(:rcov) do |spec|
44
- spec.pattern = 'spec/**/*_spec.rb'
45
- spec.rcov = true
46
- end
47
-
48
- task :default => :spec
49
-
50
- require 'rake/rdoctask'
51
- Rake::RDocTask.new do |rdoc|
52
- version = File.exist?('VERSION') ? File.read('VERSION') : ""
53
-
54
- rdoc.rdoc_dir = 'rdoc'
55
- rdoc.title = "ciphersurfer #{version}"
56
- rdoc.rdoc_files.include('README*')
57
- rdoc.rdoc_files.include('lib/**/*.rb')
58
- end
1
+ require "bundler/gem_tasks"
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.0.4
1
+ 1.2.0
data/bin/ciphersurfer CHANGED
@@ -20,11 +20,12 @@ opts = GetoptLong.new(
20
20
  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
21
21
  [ '--version', '-v', GetoptLong::NO_ARGUMENT ],
22
22
  [ '--list-ciphers', '-l', GetoptLong::NO_ARGUMENT ],
23
+ [ '--poodle-test', '-P', GetoptLong::NO_ARGUMENT ],
23
24
  [ '--json', '-j', GetoptLong::NO_ARGUMENT]
24
25
  )
25
26
  trap("INT") { puts '['+'INTERRUPTED'.color(:red)+']'; exit -1 }
26
27
 
27
- options={:json=>false,:list_ciphers=>false}
28
+ options={:json=>false,:list_ciphers=>false, :poodle=>true}
28
29
 
29
30
  opts.each do |opt, arg|
30
31
  case opt
@@ -32,6 +33,7 @@ opts.each do |opt, arg|
32
33
  puts "usage: ciphersurfer [-ljvh] server[:port]"
33
34
  puts " -l: lists supported ciphers instead of just evaluate the security level"
34
35
  puts " -j: formats the output using JSON"
36
+ puts " -P: checks if server supports SSLv3 protocol for the POODLE attack (https://www.openssl.org/~bodo/ssl-poodle.pdf)"
35
37
  puts " -v: shows version"
36
38
  puts " -h: this help"
37
39
  exit 0
@@ -42,6 +44,8 @@ opts.each do |opt, arg|
42
44
  options[:json]=true
43
45
  when '--list-ciphers'
44
46
  options[:list_ciphers]=true
47
+ when '--poodle-test'
48
+ options[:poodle] = true
45
49
  end
46
50
  end
47
51
 
@@ -96,7 +100,10 @@ end
96
100
  cert= Ciphersurfer::Scanner.cert(host, port)
97
101
  if ! cert.nil?
98
102
  a=cert.public_key.to_text ||= ""
99
- key_size=/Modulus \((\d+)/i.match(a)[1]
103
+ match_modulus=/Modulus \((\d+)/i.match(a)
104
+ key_size=match_modulus[1].to_i unless match_modulus.nil?
105
+ match_key=/Public-Key: \((\d+) bit\)/i.match(a)
106
+ key_size=match_key[1].to_i unless match_key.nil?
100
107
  else
101
108
  puts "warning: the server didn't give us the certificate".color(:yellow)
102
109
  key_size=0
@@ -114,6 +121,13 @@ if (options[:json])
114
121
 
115
122
  exit 0
116
123
  end
124
+ if (options[:poodle])
125
+ supported_protocols.each do|s|
126
+ puts "[!] #{target} is vulnerable to POODLE attack. Please remove SSLv3 support" if s == :SSLv3
127
+ puts "[!] #{target} supports SSLv1 that is obsolete and insecure. Please remove SSLv2 support" if s == :SSLv2
128
+ end
129
+ exit 0
130
+ end
117
131
 
118
132
  printf "%20s : %s (%s)\n", "Overall evaluation", Ciphersurfer::Score.evaluate(score), score.to_s
119
133
  printf "%20s : ", "Protocol support"
@@ -126,3 +140,4 @@ printf "%20s : ", "Cipher strength"
126
140
  cipher_score.to_i.times{print 'o'.color(score_to_color(cipher_score))}
127
141
  puts ' ('+cipher_score.to_s+')'
128
142
 
143
+
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'ciphersurfer/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "ciphersurfer"
8
+ spec.version = Ciphersurfer::VERSION
9
+ spec.authors = ["Paolo Perego"]
10
+ spec.email = ["thesp0nge@gmail.com"]
11
+ spec.summary = %q{ciphersurfer is a tool to check how strong is an SSL certificate. It also check for POODLE vulnerability, if your server supports SSLv3}
12
+ spec.description = %q{ciphersurfer is a tool to check how strong is an SSL certificate. It also check for POODLE vulnerability, if your server supports SSLv3}
13
+ spec.homepage = "https://codiceinsicuro.it"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_dependency "rainbow"
22
+ spec.add_dependency "httpclient"
23
+ spec.add_development_dependency "bundler", "~> 1.5"
24
+ spec.add_development_dependency "rake"
25
+ end
@@ -1,10 +1,3 @@
1
1
  module Ciphersurfer
2
- module Version
3
- MAJOR = 1
4
- MINOR = 0
5
- PATCH = 4
6
- #BUILD = ''
7
- #STRING = [MAJOR, MINOR, PATCH, BUILD].compact.join('.')
8
- STRING = [MAJOR, MINOR, PATCH].compact.join('.')
9
- end
2
+ VERSION = "1.2.0"
10
3
  end
metadata CHANGED
@@ -1,104 +1,84 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ciphersurfer
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
5
- prerelease:
4
+ version: 1.2.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Paolo Perego
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2012-02-13 00:00:00.000000000Z
11
+ date: 2014-10-15 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: rainbow
16
- requirement: &70177371274920 !ruby/object:Gem::Requirement
17
- none: false
15
+ requirement: !ruby/object:Gem::Requirement
18
16
  requirements:
19
- - - ! '>='
17
+ - - ">="
20
18
  - !ruby/object:Gem::Version
21
19
  version: '0'
22
20
  type: :runtime
23
21
  prerelease: false
24
- version_requirements: *70177371274920
25
- - !ruby/object:Gem::Dependency
26
- name: json
27
- requirement: &70177371273600 !ruby/object:Gem::Requirement
28
- none: false
22
+ version_requirements: !ruby/object:Gem::Requirement
29
23
  requirements:
30
- - - ! '>='
24
+ - - ">="
31
25
  - !ruby/object:Gem::Version
32
26
  version: '0'
33
- type: :runtime
34
- prerelease: false
35
- version_requirements: *70177371273600
36
27
  - !ruby/object:Gem::Dependency
37
28
  name: httpclient
38
- requirement: &70177371272420 !ruby/object:Gem::Requirement
39
- none: false
29
+ requirement: !ruby/object:Gem::Requirement
40
30
  requirements:
41
- - - ! '>='
31
+ - - ">="
42
32
  - !ruby/object:Gem::Version
43
33
  version: '0'
44
34
  type: :runtime
45
35
  prerelease: false
46
- version_requirements: *70177371272420
47
- - !ruby/object:Gem::Dependency
48
- name: rspec
49
- requirement: &70177371271500 !ruby/object:Gem::Requirement
50
- none: false
36
+ version_requirements: !ruby/object:Gem::Requirement
51
37
  requirements:
52
- - - ~>
38
+ - - ">="
53
39
  - !ruby/object:Gem::Version
54
- version: 2.3.0
55
- type: :development
56
- prerelease: false
57
- version_requirements: *70177371271500
40
+ version: '0'
58
41
  - !ruby/object:Gem::Dependency
59
42
  name: bundler
60
- requirement: &70177371262180 !ruby/object:Gem::Requirement
61
- none: false
43
+ requirement: !ruby/object:Gem::Requirement
62
44
  requirements:
63
- - - ~>
45
+ - - "~>"
64
46
  - !ruby/object:Gem::Version
65
- version: 1.0.0
47
+ version: '1.5'
66
48
  type: :development
67
49
  prerelease: false
68
- version_requirements: *70177371262180
69
- - !ruby/object:Gem::Dependency
70
- name: jeweler
71
- requirement: &70177371261020 !ruby/object:Gem::Requirement
72
- none: false
50
+ version_requirements: !ruby/object:Gem::Requirement
73
51
  requirements:
74
- - - ~>
52
+ - - "~>"
75
53
  - !ruby/object:Gem::Version
76
- version: 1.6.4
77
- type: :development
78
- prerelease: false
79
- version_requirements: *70177371261020
54
+ version: '1.5'
80
55
  - !ruby/object:Gem::Dependency
81
- name: rcov
82
- requirement: &70177371260040 !ruby/object:Gem::Requirement
83
- none: false
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
84
58
  requirements:
85
- - - ! '>='
59
+ - - ">="
86
60
  - !ruby/object:Gem::Version
87
61
  version: '0'
88
62
  type: :development
89
63
  prerelease: false
90
- version_requirements: *70177371260040
91
- description: ciphersurfer is a security tool that evaluates web server SSL configuration
92
- email: thesp0nge@gmail.com
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ description: ciphersurfer is a tool to check how strong is an SSL certificate. It
70
+ also check for POODLE vulnerability, if your server supports SSLv3
71
+ email:
72
+ - thesp0nge@gmail.com
93
73
  executables:
94
74
  - ciphersurfer
95
75
  extensions: []
96
- extra_rdoc_files:
97
- - LICENSE.txt
98
- - README.md
76
+ extra_rdoc_files: []
99
77
  files:
100
- - .document
101
- - .rspec
78
+ - ".document"
79
+ - ".gitignore"
80
+ - ".rspec"
81
+ - ".rvmrc"
102
82
  - Gemfile
103
83
  - Gemfile.lock
104
84
  - LICENSE.txt
@@ -106,6 +86,7 @@ files:
106
86
  - Rakefile
107
87
  - VERSION
108
88
  - bin/ciphersurfer
89
+ - ciphersurfer.gemspec
109
90
  - lib/ciphersurfer.rb
110
91
  - lib/ciphersurfer/scanner.rb
111
92
  - lib/ciphersurfer/score.rb
@@ -113,29 +94,32 @@ files:
113
94
  - spec/ciphersurfer_spec.rb
114
95
  - spec/scoring_spec.rb
115
96
  - spec/spec_helper.rb
116
- homepage: http://github.com/thesp0nge/ciphersurfer
97
+ homepage: https://codiceinsicuro.it
117
98
  licenses:
118
- - BSD
99
+ - MIT
100
+ metadata: {}
119
101
  post_install_message:
120
102
  rdoc_options: []
121
103
  require_paths:
122
104
  - lib
123
105
  required_ruby_version: !ruby/object:Gem::Requirement
124
- none: false
125
106
  requirements:
126
- - - ! '>='
107
+ - - ">="
127
108
  - !ruby/object:Gem::Version
128
- version: 1.8.7
109
+ version: '0'
129
110
  required_rubygems_version: !ruby/object:Gem::Requirement
130
- none: false
131
111
  requirements:
132
- - - ! '>='
112
+ - - ">="
133
113
  - !ruby/object:Gem::Version
134
114
  version: '0'
135
115
  requirements: []
136
116
  rubyforge_project:
137
- rubygems_version: 1.8.10
117
+ rubygems_version: 2.2.2
138
118
  signing_key:
139
- specification_version: 3
140
- summary: evaluates web server SSL configuration
141
- test_files: []
119
+ specification_version: 4
120
+ summary: ciphersurfer is a tool to check how strong is an SSL certificate. It also
121
+ check for POODLE vulnerability, if your server supports SSLv3
122
+ test_files:
123
+ - spec/ciphersurfer_spec.rb
124
+ - spec/scoring_spec.rb
125
+ - spec/spec_helper.rb