dstruct 0.0.1

data/lib/rex/socket/udp.rb

@@ -0,0 +1,165 @@
+# -*- coding: binary -*-
+require 'rex/socket'
+
+###
+#
+# This class provides methods for interacting with a UDP socket.
+#
+###
+module Rex::Socket::Udp
+
+  include Rex::Socket
+
+  ##
+  #
+  # Factory
+  #
+  ##
+
+  #
+  # Creates the client using the supplied hash.
+  #
+  def self.create(hash = {})
+    hash['Proto'] = 'udp'
+    # If we have are to bind to a LocalHost we must be a Server to avail of pivoting.
+    # Rex::Socket::Parameters will subsequently turn off the sever flag after the correct
+    # comm has been chosen.
+    if( hash['LocalHost'] )
+      hash['Server'] = true
+    end
+    self.create_param(Rex::Socket::Parameters.from_hash(hash))
+  end
+
+  #
+  # Wrapper around the base socket class' creation method that automatically
+  # sets the parameter's protocol to UDP.
+  #
+  def self.create_param(param)
+    param.proto = 'udp'
+    Rex::Socket.create_param(param)
+  end
+
+  ##
+  #
+  # UDP connected state methods
+  #
+  ##
+
+  #
+  # Write the supplied datagram to the connected UDP socket.
+  #
+  def write(gram)
+    begin
+      return syswrite(gram)
+    rescue  ::Errno::EHOSTUNREACH,::Errno::ENETDOWN,::Errno::ENETUNREACH,::Errno::ENETRESET,::Errno::EHOSTDOWN,::Errno::EACCES,::Errno::EINVAL,::Errno::EADDRNOTAVAIL
+      return nil
+    end
+  end
+
+  alias put write
+
+  #
+  # Read a datagram from the UDP socket.
+  #
+  def read(length = 65535)
+    if length < 0
+      length = 65535
+    end
+    return sysread(length)
+  end
+
+  #
+  # Read a datagram from the UDP socket with a timeout
+  #
+  def timed_read(length = 65535, timeout=def_read_timeout)
+    begin
+      if ((rv = ::IO.select([ fd ], nil, nil, timeout)) and
+          (rv[0]) and (rv[0][0] == fd)
+         )
+          return read(length)
+      else
+        return ''
+      end
+    rescue Exception
+      return ''
+    end
+  end
+
+  #alias send write
+  #alias recv read
+
+  ##
+  #
+  # UDP non-connected state methods
+  #
+  ##
+
+  #
+  # Sends a datagram to the supplied host:port with optional flags.
+  #
+  def sendto(gram, peerhost, peerport, flags = 0)
+
+    # Catch unconnected IPv6 sockets talking to IPv4 addresses
+    peer = Rex::Socket.resolv_nbo(peerhost)
+    if (peer.length == 4 and self.ipv == 6)
+      peerhost = Rex::Socket.getaddress(peerhost, true)
+      if peerhost[0,7].downcase != '::ffff:'
+        peerhost = '::ffff:' + peerhost
+      end
+    end
+
+    begin
+      send(gram, flags, Rex::Socket.to_sockaddr(peerhost, peerport))
+    rescue  ::Errno::EHOSTUNREACH,::Errno::ENETDOWN,::Errno::ENETUNREACH,::Errno::ENETRESET,::Errno::EHOSTDOWN,::Errno::EACCES,::Errno::EINVAL,::Errno::EADDRNOTAVAIL
+      return nil
+    end
+
+  end
+
+  #
+  # Receives a datagram and returns the data and host:port of the requestor
+  # as [ data, host, port ].
+  #
+  def recvfrom(length = 65535, timeout=def_read_timeout)
+
+    begin
+      if ((rv = ::IO.select([ fd ], nil, nil, timeout)) and
+          (rv[0]) and (rv[0][0] == fd)
+         )
+          data, saddr    = recvfrom_nonblock(length)
+          af, host, port = Rex::Socket.from_sockaddr(saddr)
+
+          return [ data, host, port ]
+      else
+        return [ '', nil, nil ]
+      end
+    rescue ::Timeout::Error
+      return [ '', nil, nil ]
+    rescue ::Interrupt
+      raise $!
+    rescue ::Exception
+      return [ '', nil, nil ]
+    end
+  end
+
+  #
+  # Calls recvfrom and only returns the data
+  #
+  def get(timeout=nil)
+    data, saddr, sport = recvfrom(65535, timeout)
+    return data
+  end
+
+  #
+  # The default number of seconds to wait for a read operation to timeout.
+  #
+  def def_read_timeout
+    10
+  end
+
+  def type?
+    return 'udp'
+  end
+
+end
+

data/lib/rex/sslscan/result.rb

@@ -0,0 +1,201 @@
+# -*- coding: binary -*-
+
+require 'rex/socket'
+require 'rex/ui/text/table'
+
+module Rex::SSLScan
+class Result
+
+  attr_accessor :openssl_sslv2
+
+  attr_reader :ciphers
+  attr_reader :supported_versions
+
+  def initialize()
+    @cert = nil
+    @ciphers = Set.new
+    @supported_versions = [:SSLv2, :SSLv3, :TLSv1]
+  end
+
+  def cert
+    @cert
+  end
+
+  def cert=(input)
+    unless input.kind_of? OpenSSL::X509::Certificate or input.nil?
+      raise ArgumentError, "Must be an X509 Cert!"
+    end
+    @cert = input
+  end
+
+  def sslv2
+    @ciphers.reject{|cipher| cipher[:version] != :SSLv2 }
+  end
+
+  def sslv3
+    @ciphers.reject{|cipher| cipher[:version] != :SSLv3 }
+  end
+
+  def tlsv1
+    @ciphers.reject{|cipher| cipher[:version] != :TLSv1 }
+  end
+
+  def weak_ciphers
+    accepted.reject{|cipher| cipher[:weak] == false }
+  end
+
+  def strong_ciphers
+    accepted.reject{|cipher| cipher[:weak] }
+  end
+
+  # Returns all accepted ciphers matching the supplied version
+  # @param version [Symbol, Array] The SSL Version to filter on
+  # @raise [ArgumentError] if the version supplied is invalid
+  # @return [Array] An array of accepted cipher details matching the supplied versions
+  def accepted(version = :all)
+    enum_ciphers(:accepted, version)
+  end
+
+  # Returns all rejected ciphers matching the supplied version
+  # @param version [Symbol, Array] The SSL Version to filter on
+  # @raise [ArgumentError] if the version supplied is invalid
+  # @return [Array] An array of rejected cipher details matching the supplied versions
+  def rejected(version = :all)
+    enum_ciphers(:rejected, version)
+  end
+
+  def each_accepted(version = :all)
+    accepted(version).each do |cipher_result|
+      yield cipher_result
+    end
+  end
+
+  def each_rejected(version = :all)
+    rejected(version).each do |cipher_result|
+      yield cipher_result
+    end
+  end
+
+  def supports_sslv2?
+    !(accepted(:SSLv2).empty?)
+  end
+
+  def supports_sslv3?
+    !(accepted(:SSLv3).empty?)
+  end
+
+  def supports_tlsv1?
+    !(accepted(:TLSv1).empty?)
+  end
+
+  def supports_ssl?
+    supports_sslv2? or supports_sslv3? or supports_tlsv1?
+  end
+
+  def supports_weak_ciphers?
+    !(weak_ciphers.empty?)
+  end
+
+  def standards_compliant?
+    if supports_ssl?
+      return false if supports_sslv2?
+      return false if supports_weak_ciphers?
+    end
+    true
+  end
+
+  # Adds the details of a cipher test to the Result object.
+  # @param version [Symbol] the SSL Version
+  # @param cipher [String] the SSL cipher
+  # @param key_length [Fixnum] the length of encryption key
+  # @param status [Symbol] :accepted or :rejected
+  def add_cipher(version, cipher, key_length, status)
+    unless @supported_versions.include? version
+      raise ArgumentError, "Must be a supported SSL Version"
+    end
+    unless OpenSSL::SSL::SSLContext.new(version).ciphers.flatten.include? cipher
+      raise ArgumentError, "Must be a valid SSL Cipher for #{version}!"
+    end
+    unless key_length.kind_of? Fixnum
+      raise ArgumentError, "Must supply a valid key length"
+    end
+    unless [:accepted, :rejected].include? status
+      raise ArgumentError, "Status must be either :accepted or :rejected"
+    end
+
+    strong_cipher_ctx = OpenSSL::SSL::SSLContext.new(version)
+    # OpenSSL Directive For Strong Ciphers
+    # See: http://www.rapid7.com/vulndb/lookup/ssl-weak-ciphers
+    strong_cipher_ctx.ciphers = "ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM"
+
+    if strong_cipher_ctx.ciphers.flatten.include? cipher
+      weak = false
+    else
+      weak = true
+    end
+
+    cipher_details = {:version => version, :cipher => cipher, :key_length => key_length, :weak => weak, :status => status}
+    @ciphers << cipher_details
+  end
+
+  def to_s
+    unless supports_ssl?
+      return "Server does not appear to support SSL on this port!"
+    end
+    table = Rex::Ui::Text::Table.new(
+      'Header'      => 'SSL Ciphers',
+      'Indent'       => 1,
+      'Columns'   => ['Status', 'Weak', 'SSL Version', 'Key Length', 'Cipher'],
+      'SortIndex'  => -1
+    )
+    ciphers.each do |cipher|
+      if cipher[:weak]
+        weak = '*'
+      else
+        weak = ' '
+      end
+      table << [cipher[:status].to_s.capitalize, weak , cipher[:version], cipher[:key_length], cipher[:cipher]]
+    end
+
+    # Sort by SSL Version, then Key Length, and then Status
+    table.rows.sort_by!{|row| [row[0],row[2],row[3]]}
+    text = "#{table.to_s}"
+    if @cert
+      text << " \n\n #{@cert.to_text}"
+    end
+    if openssl_sslv2 == false
+      text << "\n\n *** WARNING: Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support!"
+    end
+    text
+  end
+
+  protected
+
+  # @param state [Symbol] Either :accepted or :rejected
+  # @param version [Symbol, Array] The SSL Version to filter on (:SSLv2, :SSLv3, :TLSv1, :all)
+  # @return [Set] The Set of cipher results matching the filter criteria
+  def enum_ciphers(state, version = :all)
+    case version
+    when Symbol
+      case version
+      when :all
+        return @ciphers.select{|cipher| cipher[:status] == state}
+      when :SSLv2, :SSLv3, :TLSv1
+        return @ciphers.select{|cipher| cipher[:status] == state and cipher[:version] == version}
+      else
+        raise ArgumentError, "Invalid SSL Version Supplied: #{version}"
+      end
+    when Array
+      version = version.reject{|v| !(@supported_versions.include? v)}
+      if version.empty?
+        return @ciphers.select{|cipher| cipher[:status] == state}
+      else
+        return @ciphers.select{|cipher| cipher[:status] == state and version.include? cipher[:version]}
+      end
+    else
+      raise ArgumentError, "Was expecting Symbol or Array and got #{version.class}"
+    end
+  end
+
+end
+end

data/lib/rex/sslscan/scanner.rb

@@ -0,0 +1,206 @@
+# -*- coding: binary -*-
+require 'rex/socket'
+require 'rex/sslscan/result'
+
+module Rex::SSLScan
+
+class Scanner
+
+  attr_accessor :context
+  attr_accessor :host
+  attr_accessor :port
+  attr_accessor :timeout
+
+  attr_reader :supported_versions
+  attr_reader :sslv2
+
+  # Initializes the scanner object
+  # @param host [String] IP address or hostname to scan
+  # @param port [Fixnum] Port number to scan, default: 443
+  # @param timeout [Fixnum] Timeout for connections, in seconds. default: 5
+  # @raise [StandardError] Raised when the configuration is invalid
+  def initialize(host,port = 443,context = {},timeout=5)
+    @host       = host
+    @port       = port
+    @timeout    = timeout
+    @context    = context
+    if check_opensslv2 == true
+      @supported_versions = [:SSLv2, :SSLv3, :TLSv1]
+      @sslv2 = true
+    else
+      @supported_versions = [:SSLv3, :TLSv1]
+      @sslv2 = false
+    end
+    raise StandardError, "The scanner configuration is invalid" unless valid?
+  end
+
+  # Checks whether the scanner option has a valid configuration
+  # @return [Boolean] True or False, the configuration is valid.
+  def valid?
+    begin
+      @host = Rex::Socket.getaddress(@host, true)
+    rescue
+      return false
+    end
+    return false unless @port.kind_of? Fixnum
+    return false unless @port >= 0 and @port <= 65535
+    return false unless @timeout.kind_of? Fixnum
+    return true
+  end
+
+  # Initiate the Scan against the target. Will test each cipher one at a time.
+  # @return [Result] object containing the details of the scan
+  def scan
+    scan_result = Rex::SSLScan::Result.new
+    scan_result.openssl_sslv2 = sslv2
+    # If we can't get any SSL connection, then don't bother testing
+    # individual ciphers.
+    if test_ssl == :rejected and test_tls == :rejected
+      return scan_result
+    end
+
+    @supported_versions.each do |ssl_version|
+      sslctx = OpenSSL::SSL::SSLContext.new(ssl_version)
+      sslctx.ciphers.each do |cipher_name, ssl_ver, key_length, alg_length|
+        status = test_cipher(ssl_version, cipher_name)
+        scan_result.add_cipher(ssl_version, cipher_name, key_length, status)
+        if status == :accepted and scan_result.cert.nil?
+          scan_result.cert = get_cert(ssl_version, cipher_name)
+        end
+      end
+    end
+    scan_result
+  end
+
+  def test_ssl
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'Context'    => @context,
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => :SSLv23,
+        'Timeout'    => @timeout
+      )
+    rescue ::Exception => e
+      return :rejected
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+    return :accepted
+  end
+
+  def test_tls
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'Context'    => @context,
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => :TLSv1,
+        'Timeout'    => @timeout
+      )
+    rescue ::Exception => e
+      return :rejected
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+    return :accepted
+  end
+
+  # Tests the specified SSL Version and Cipher against the configured target
+  # @param ssl_version [Symbol] The SSL version to use (:SSLv2,  :SSLv3, :TLSv1)
+  # @param cipher [String] The SSL Cipher to use
+  # @return [Symbol] Either :accepted or :rejected
+  def test_cipher(ssl_version, cipher)
+    validate_params(ssl_version,cipher)
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'Context'    => @context,
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => ssl_version,
+        'SSLCipher'  => cipher,
+        'Timeout'    => @timeout
+      )
+    rescue ::Exception => e
+      return :rejected
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+
+    return :accepted
+  end
+
+  # Retrieve the X509 Cert from the target service,
+  # @param ssl_version [Symbol] The SSL version to use (:SSLv2,  :SSLv3, :TLSv1)
+  # @param cipher [String] The SSL Cipher to use
+  # @return [OpenSSL::X509::Certificate] if the certificate was retrieved
+  # @return [Nil] if the cert couldn't be retrieved
+  def get_cert(ssl_version, cipher)
+    validate_params(ssl_version,cipher)
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => ssl_version,
+        'SSLCipher'  => cipher,
+        'Timeout'    => @timeout
+      )
+      cert = scan_client.peer_cert
+      if cert.kind_of? OpenSSL::X509::Certificate
+        return cert
+      else
+        return nil
+      end
+    rescue ::Exception => e
+      return nil
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+  end
+
+
+  protected
+
+  # Validates that the SSL Version and Cipher are valid both seperately and
+  # together as part of an SSL Context.
+  # @param ssl_version [Symbol] The SSL version to use (:SSLv2,  :SSLv3, :TLSv1)
+  # @param cipher [String] The SSL Cipher to use
+  # @raise [StandardError] If an invalid or unsupported SSL Version was supplied
+  # @raise [StandardError] If the cipher is not valid for that version of SSL
+  def validate_params(ssl_version, cipher)
+    raise StandardError, "The scanner configuration is invalid" unless valid?
+    unless @supported_versions.include? ssl_version
+      raise StandardError, "SSL Version must be one of: #{@supported_versions.to_s}"
+    end
+    if ssl_version == :SSLv2 and sslv2 == false
+      raise StandardError, "Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support!"
+    else
+      unless OpenSSL::SSL::SSLContext.new(ssl_version).ciphers.flatten.include? cipher
+        raise StandardError, "Must be a valid SSL Cipher for #{ssl_version}!"
+      end
+    end
+  end
+
+  def check_opensslv2
+    begin
+      OpenSSL::SSL::SSLContext.new(:SSLv2)
+    rescue
+      return false
+    end
+    return true
+  end
+
+end
+end