dap 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 73ff4b39330e321425b775345ca2ea42a378d763
4
- data.tar.gz: 8a48bfc369a9a73125a16e30c2909a2e1f22cc26
3
+ metadata.gz: 7353b035e42f0ddd251e0e568ecd58cf22294869
4
+ data.tar.gz: fa161592d559ecb61c0ca8e03bb88a93377406f0
5
5
  SHA512:
6
- metadata.gz: 2160fbc5d336626b36cfbfb897b10734d8fda2e6833762861089883af48d0580f7e5ab4a343096a89a0eeb0dabd132afc6f6093dc01d3b944a614b5a5be37272
7
- data.tar.gz: 358e4a7817f7cf2a622a77c8f7697c8a9eecfc86b6cf4df281dae66c9c7b237288be5429a7c78dac9d237e23324250374c335e8852c034a2ffb23db44a3b97a4
6
+ metadata.gz: 4f96b6c1e7032263ed23214ea4a5cd56a7ae16690f92e59321635cd3d05c74ae4d7f2735612e925e2517e471e7ec19187b64d8a83ecf2eb25bcfbc10f83c4f5b
7
+ data.tar.gz: b7f9c5bb9a947f7bec0c38f57bed0059be0b893bbdcc8087f8821db72aa1869069cf06eb999e72136b768fbadcff3ab3733237c8cea5979bdebb3bdf41d717bf
data/Gemfile CHANGED
@@ -6,7 +6,7 @@ gem 'htmlentities'
6
6
  gem 'net-dns'
7
7
  gem 'bit-struct'
8
8
  gem 'geoip-c'
9
- gem 'recog'
9
+ gem 'recog', '>=1.0.15'
10
10
 
11
11
  group :test do
12
12
  gem 'rspec', '~> 3.1.0'
@@ -28,7 +28,7 @@ GEM
28
28
  nokogiri (1.6.3.1)
29
29
  mini_portile (= 0.6.0)
30
30
  oj (2.10.2)
31
- recog (0.02)
31
+ recog (1.0.15)
32
32
  nokogiri
33
33
  rspec (3.1.0)
34
34
  rspec-core (~> 3.1.0)
@@ -55,5 +55,5 @@ DEPENDENCIES
55
55
  net-dns
56
56
  nokogiri
57
57
  oj
58
- recog
58
+ recog (>= 1.0.15)
59
59
  rspec (~> 3.1.0)
@@ -6,4 +6,6 @@ require 'dap/filter/openssl'
6
6
  require 'dap/filter/names'
7
7
  require 'dap/filter/geoip'
8
8
  require 'dap/filter/recog'
9
- require 'dap/filter/vulnmatch'
9
+ require 'dap/filter/vulnmatch'
10
+ require 'dap/filter/ssh_keyscan'
11
+ require 'dap/filter/smbclient'
@@ -0,0 +1,26 @@
1
+ module Dap
2
+ module Filter
3
+
4
+ require 'digest/md5'
5
+
6
+ class FilterDecodeSMBClient
7
+ include BaseDecoder
8
+
9
+ def decode(data)
10
+ save = {}
11
+
12
+ data.split(/\n/).each do |line|
13
+ case line.strip
14
+ when /^Domain=\[([^\]]+)\] OS=\[([^\]]+)\] Server=\[([^\]]+)\]/
15
+ save['smb_domain'] = $1
16
+ save['smb_native_os'] = $2
17
+ save['smb_native_lm'] = $3
18
+ end
19
+ end
20
+
21
+ save
22
+ end
23
+ end
24
+
25
+ end
26
+ end
@@ -0,0 +1,37 @@
1
+ module Dap
2
+ module Filter
3
+
4
+ require 'digest/md5'
5
+
6
+ class FilterDecodeSSHKeyscan
7
+ include BaseDecoder
8
+
9
+ def decode(data)
10
+ save = {}
11
+
12
+ data.split(/\n/).each do |line|
13
+ case line.strip
14
+ when /^# [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s+(.*)/m
15
+ banner = $1
16
+ save['banner'] = banner
17
+ if banner =~ /^SSH-([\d\.]+)-([^\s]+)\s+(.*)/m
18
+ save['ssh-protocol'] = $1
19
+ save['ssh-version'] = $2
20
+ save['ssh-vendor'] = $3
21
+ save['ssh-recog'] = $2 + " " + $3
22
+ end
23
+
24
+ when /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s+((ssh|ecdsa)[^\s]+)\s+(.*)/m
25
+ ktype = $1
26
+ kdata = $3
27
+ save['hkey-' + ktype] = kdata
28
+ save['hkey-' + ktype + '-fp'] = Digest::MD5.hexdigest(kdata.unpack('m*').first).scan(/../).join(':')
29
+ end
30
+ end
31
+
32
+ save
33
+ end
34
+ end
35
+
36
+ end
37
+ end
@@ -1,3 +1,3 @@
1
1
  module Dap
2
- VERSION = "0.0.3"
2
+ VERSION = "0.0.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rapid7 Research
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-01-06 00:00:00.000000000 Z
11
+ date: 2015-02-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -183,6 +183,8 @@ files:
183
183
  - lib/dap/filter/openssl.rb
184
184
  - lib/dap/filter/recog.rb
185
185
  - lib/dap/filter/simple.rb
186
+ - lib/dap/filter/smbclient.rb
187
+ - lib/dap/filter/ssh_keyscan.rb
186
188
  - lib/dap/filter/udp.rb
187
189
  - lib/dap/filter/vulnmatch.rb
188
190
  - lib/dap/input.rb