librex 0.0.68 → 0.0.70

data/lib/rex/sslscan/result.rb

@@ -0,0 +1,200 @@
+
+require 'rex/socket'
+require 'rex/ui/text/table'
+
+module Rex::SSLScan
+class Result
+
+  attr_accessor :openssl_sslv2
+
+  attr_reader :ciphers
+  attr_reader :supported_versions
+
+  def initialize()
+    @cert = nil
+    @ciphers = Set.new
+    @supported_versions = [:SSLv2, :SSLv3, :TLSv1]
+  end
+
+  def cert
+    @cert
+  end
+
+  def cert=(input)
+    unless input.kind_of? OpenSSL::X509::Certificate or input.nil?
+      raise ArgumentError, "Must be an X509 Cert!"
+    end
+    @cert = input
+  end
+
+  def sslv2
+    @ciphers.reject{|cipher| cipher[:version] != :SSLv2 }
+  end
+
+  def sslv3
+    @ciphers.reject{|cipher| cipher[:version] != :SSLv3 }
+  end
+
+  def tlsv1
+    @ciphers.reject{|cipher| cipher[:version] != :TLSv1 }
+  end
+
+  def weak_ciphers
+    accepted.reject{|cipher| cipher[:weak] == false }
+  end
+
+  def strong_ciphers
+    accepted.reject{|cipher| cipher[:weak] }
+  end
+
+  # Returns all accepted ciphers matching the supplied version
+  # @param version [Symbol, Array] The SSL Version to filter on
+  # @raise [ArgumentError] if the version supplied is invalid
+  # @return [Array] An array of accepted cipher details matching the supplied versions
+  def accepted(version = :all)
+    enum_ciphers(:accepted, version)
+  end
+
+  # Returns all rejected ciphers matching the supplied version
+  # @param version [Symbol, Array] The SSL Version to filter on
+  # @raise [ArgumentError] if the version supplied is invalid
+  # @return [Array] An array of rejected cipher details matching the supplied versions
+  def rejected(version = :all)
+    enum_ciphers(:rejected, version)
+  end
+
+  def each_accepted(version = :all)
+    accepted(version).each do |cipher_result|
+      yield cipher_result
+    end
+  end
+
+  def each_rejected(version = :all)
+    rejected(version).each do |cipher_result|
+      yield cipher_result
+    end
+  end
+
+  def supports_sslv2?
+    !(accepted(:SSLv2).empty?)
+  end
+
+  def supports_sslv3?
+    !(accepted(:SSLv3).empty?)
+  end
+
+  def supports_tlsv1?
+    !(accepted(:TLSv1).empty?)
+  end
+
+  def supports_ssl?
+    supports_sslv2? or supports_sslv3? or supports_tlsv1?
+  end
+
+  def supports_weak_ciphers?
+    !(weak_ciphers.empty?)
+  end
+
+  def standards_compliant?
+    if supports_ssl?
+      return false if supports_sslv2?
+      return false if supports_weak_ciphers?
+    end
+    true
+  end
+
+  # Adds the details of a cipher test to the Result object.
+  # @param version [Symbol] the SSL Version
+  # @param cipher [String] the SSL cipher
+  # @param key_length [Fixnum] the length of encryption key
+  # @param status [Symbol] :accepted or :rejected
+  def add_cipher(version, cipher, key_length, status)
+    unless @supported_versions.include? version
+      raise ArgumentError, "Must be a supported SSL Version"
+    end
+    unless OpenSSL::SSL::SSLContext.new(version).ciphers.flatten.include? cipher
+      raise ArgumentError, "Must be a valid SSL Cipher for #{version}!"
+    end
+    unless key_length.kind_of? Fixnum
+      raise ArgumentError, "Must supply a valid key length"
+    end
+    unless [:accepted, :rejected].include? status
+      raise ArgumentError, "Status must be either :accepted or :rejected"
+    end
+
+    strong_cipher_ctx = OpenSSL::SSL::SSLContext.new(version)
+    # OpenSSL Directive For Strong Ciphers
+    # See: http://www.rapid7.com/vulndb/lookup/ssl-weak-ciphers
+    strong_cipher_ctx.ciphers = "ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM"
+
+    if strong_cipher_ctx.ciphers.flatten.include? cipher
+      weak = false
+    else
+      weak = true
+    end
+
+    cipher_details = {:version => version, :cipher => cipher, :key_length => key_length, :weak => weak, :status => status}
+    @ciphers << cipher_details
+  end
+
+  def to_s
+    unless supports_ssl?
+      return "Server does not appear to support SSL on this port!"
+    end
+    table = Rex::Ui::Text::Table.new(
+      'Header'      => 'SSL Ciphers',
+      'Indent'       => 1,
+      'Columns'   => ['Status', 'Weak', 'SSL Version', 'Key Length', 'Cipher'],
+      'SortIndex'  => -1
+    )
+    ciphers.each do |cipher|
+      if cipher[:weak]
+        weak = '*'
+      else
+        weak = ' '
+      end
+      table << [cipher[:status].to_s.capitalize, weak , cipher[:version], cipher[:key_length], cipher[:cipher]]
+    end
+
+    # Sort by SSL Version, then Key Length, and then Status
+    table.rows.sort_by!{|row| [row[0],row[2],row[3]]}
+    text = "#{table.to_s}"
+    if @cert
+      text << " \n\n #{@cert.to_text}"
+    end
+    if openssl_sslv2 == false
+      text << "\n\n *** WARNING: Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support!"
+    end
+    text
+  end
+
+  protected
+
+  # @param state [Symbol] Either :accepted or :rejected
+  # @param version [Symbol, Array] The SSL Version to filter on (:SSLv2, :SSLv3, :TLSv1, :all)
+  # @return [Set] The Set of cipher results matching the filter criteria
+  def enum_ciphers(state, version = :all)
+    case version
+    when Symbol
+      case version
+      when :all
+        return @ciphers.select{|cipher| cipher[:status] == state}
+      when :SSLv2, :SSLv3, :TLSv1
+        return @ciphers.select{|cipher| cipher[:status] == state and cipher[:version] == version}
+      else
+        raise ArgumentError, "Invalid SSL Version Supplied: #{version}"
+      end
+    when Array
+      version = version.reject{|v| !(@supported_versions.include? v)}
+      if version.empty?
+        return @ciphers.select{|cipher| cipher[:status] == state}
+      else
+        return @ciphers.select{|cipher| cipher[:status] == state and version.include? cipher[:version]}
+      end
+    else
+      raise ArgumentError, "Was expecting Symbol or Array and got #{version.class}"
+    end
+  end
+
+end
+end

data/lib/rex/sslscan/scanner.rb

@@ -0,0 +1,205 @@
+require 'rex/socket'
+require 'rex/sslscan/result'
+
+module Rex::SSLScan
+
+class Scanner
+
+  attr_accessor :context
+  attr_accessor :host
+  attr_accessor :port
+  attr_accessor :timeout
+
+  attr_reader :supported_versions
+  attr_reader :sslv2
+
+  # Initializes the scanner object
+  # @param host [String] IP address or hostname to scan
+  # @param port [Fixnum] Port number to scan, default: 443
+  # @param timeout [Fixnum] Timeout for connections, in seconds. default: 5
+  # @raise [StandardError] Raised when the configuration is invalid
+  def initialize(host,port = 443,context = {},timeout=5)
+    @host       = host
+    @port       = port
+    @timeout    = timeout
+    @context    = context
+    if check_opensslv2 == true
+      @supported_versions = [:SSLv2, :SSLv3, :TLSv1]
+      @sslv2 = true
+    else
+      @supported_versions = [:SSLv3, :TLSv1]
+      @sslv2 = false
+    end
+    raise StandardError, "The scanner configuration is invalid" unless valid?
+  end
+
+  # Checks whether the scanner option has a valid configuration
+  # @return [Boolean] True or False, the configuration is valid.
+  def valid?
+    begin
+      @host = Rex::Socket.getaddress(@host, true)
+    rescue
+      return false
+    end
+    return false unless @port.kind_of? Fixnum
+    return false unless @port >= 0 and @port <= 65535
+    return false unless @timeout.kind_of? Fixnum
+    return true
+  end
+
+  # Initiate the Scan against the target. Will test each cipher one at a time.
+  # @return [Result] object containing the details of the scan
+  def scan
+    scan_result = Rex::SSLScan::Result.new
+    scan_result.openssl_sslv2 = sslv2
+    # If we can't get any SSL connection, then don't bother testing
+    # individual ciphers.
+    if test_ssl == :rejected and test_tls == :rejected
+      return scan_result
+    end
+
+    @supported_versions.each do |ssl_version|
+      sslctx = OpenSSL::SSL::SSLContext.new(ssl_version)
+      sslctx.ciphers.each do |cipher_name, ssl_ver, key_length, alg_length|
+        status = test_cipher(ssl_version, cipher_name)
+        scan_result.add_cipher(ssl_version, cipher_name, key_length, status)
+        if status == :accepted and scan_result.cert.nil?
+          scan_result.cert = get_cert(ssl_version, cipher_name)
+        end
+      end
+    end
+    scan_result
+  end
+
+  def test_ssl
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'Context'    => @context,
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => :SSLv23,
+        'Timeout'    => @timeout
+      )
+    rescue ::Exception => e
+      return :rejected
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+    return :accepted
+  end
+
+  def test_tls
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'Context'    => @context,
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => :TLSv1,
+        'Timeout'    => @timeout
+      )
+    rescue ::Exception => e
+      return :rejected
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+    return :accepted
+  end
+
+  # Tests the specified SSL Version and Cipher against the configured target
+  # @param ssl_version [Symbol] The SSL version to use (:SSLv2,  :SSLv3, :TLSv1)
+  # @param cipher [String] The SSL Cipher to use
+  # @return [Symbol] Either :accepted or :rejected
+  def test_cipher(ssl_version, cipher)
+    validate_params(ssl_version,cipher)
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'Context'    => @context,
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => ssl_version,
+        'SSLCipher'  => cipher,
+        'Timeout'    => @timeout
+      )
+    rescue ::Exception => e
+      return :rejected
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+
+    return :accepted
+  end
+
+  # Retrieve the X509 Cert from the target service,
+  # @param ssl_version [Symbol] The SSL version to use (:SSLv2,  :SSLv3, :TLSv1)
+  # @param cipher [String] The SSL Cipher to use
+  # @return [OpenSSL::X509::Certificate] if the certificate was retrieved
+  # @return [Nil] if the cert couldn't be retrieved
+  def get_cert(ssl_version, cipher)
+    validate_params(ssl_version,cipher)
+    begin
+      scan_client = Rex::Socket::Tcp.create(
+        'PeerHost'   => @host,
+        'PeerPort'   => @port,
+        'SSL'        => true,
+        'SSLVersion' => ssl_version,
+        'SSLCipher'  => cipher,
+        'Timeout'    => @timeout
+      )
+      cert = scan_client.peer_cert
+      if cert.kind_of? OpenSSL::X509::Certificate
+        return cert
+      else
+        return nil
+      end
+    rescue ::Exception => e
+      return nil
+    ensure
+      if scan_client
+        scan_client.close
+      end
+    end
+  end
+
+
+  protected
+
+  # Validates that the SSL Version and Cipher are valid both seperately and
+  # together as part of an SSL Context.
+  # @param ssl_version [Symbol] The SSL version to use (:SSLv2,  :SSLv3, :TLSv1)
+  # @param cipher [String] The SSL Cipher to use
+  # @raise [StandardError] If an invalid or unsupported SSL Version was supplied
+  # @raise [StandardError] If the cipher is not valid for that version of SSL
+  def validate_params(ssl_version, cipher)
+    raise StandardError, "The scanner configuration is invalid" unless valid?
+    unless @supported_versions.include? ssl_version
+      raise StandardError, "SSL Version must be one of: #{@supported_versions.to_s}"
+    end
+    if ssl_version == :SSLv2 and sslv2 == false
+      raise StandardError, "Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support!"
+    else
+      unless OpenSSL::SSL::SSLContext.new(ssl_version).ciphers.flatten.include? cipher
+        raise StandardError, "Must be a valid SSL Cipher for #{ssl_version}!"
+      end
+    end
+  end
+
+  def check_opensslv2
+    begin
+      OpenSSL::SSL::SSLContext.new(:SSLv2)
+    rescue
+      return false
+    end
+    return true
+  end
+
+end
+end

data/lib/rex/struct2.rb

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 
 # just a shim to load all of the Struct2 libraries

data/lib/rex/struct2/c_struct.rb

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 
 # Rex::Struct2
@@ -9,172 +8,172 @@ require 'rex/struct2/s_struct'
 
 class CStruct_Values
 
-	def initialize(obj)
-		@obj = obj
-	end
-
-	def [](*args)
-		o = @obj[*args]
-		return if !o
-		return o.value
-	end
-
-	def []=(*args)
-		o = @obj[*args[0 .. -2]]
-		return if !o
-		o.value = args[-1]
-	end
-
-	# this one is for HD, the whiniest girl around...
-	# allow for like v.field = whatever
-	def method_missing(sym, *args)
-		if sym.to_s[-1] == "="[0]
-			return self[sym.to_s[0 .. -2]] = args[0]
-		else
-			return self[sym.to_s]
-		end
-	end
+  def initialize(obj)
+    @obj = obj
+  end
+
+  def [](*args)
+    o = @obj[*args]
+    return if !o
+    return o.value
+  end
+
+  def []=(*args)
+    o = @obj[*args[0 .. -2]]
+    return if !o
+    o.value = args[-1]
+  end
+
+  # this one is for HD, the whiniest girl around...
+  # allow for like v.field = whatever
+  def method_missing(sym, *args)
+    if sym.to_s[-1] == "="[0]
+      return self[sym.to_s[0 .. -2]] = args[0]
+    else
+      return self[sym.to_s]
+    end
+  end
 end
 
 class CStruct < SStruct
 
-	require 'rex/struct2/element'
-	require 'rex/struct2/generic'
-	require 'rex/struct2/s_string'
-	require 'rex/struct2/c_struct_template'
-	require 'rex/struct2/restraint'
-
-	include Rex::Struct2::Element
-
-	attr_reader  :v
-
-	@@dt_table = {
-	  'int8'      => proc { |*a| Rex::Struct2::Generic.new('C',  true, *a) },
-	  'uint8'     => proc { |*a| Rex::Struct2::Generic.new('C', false, *a) },
-	  'int16v'    => proc { |*a| Rex::Struct2::Generic.new('v',  true, *a) },
-	  'uint16v'   => proc { |*a| Rex::Struct2::Generic.new('v', false, *a) },
-	  'int32v'    => proc { |*a| Rex::Struct2::Generic.new('V',  true, *a) },
-	  'uint32v'   => proc { |*a| Rex::Struct2::Generic.new('V', false, *a) },
-	  'int64v'    => proc { |*a| Rex::Struct2::Generic.new('q',  true, *a) },
-	  'uint64v'   => proc { |*a| Rex::Struct2::Generic.new('Q', false, *a) },
-	  'int16n'    => proc { |*a| Rex::Struct2::Generic.new('n',  true, *a) },
-	  'uint16n'   => proc { |*a| Rex::Struct2::Generic.new('n', false, *a) },
-	  'int32n'    => proc { |*a| Rex::Struct2::Generic.new('N',  true, *a) },
-	  'uint32n'   => proc { |*a| Rex::Struct2::Generic.new('N', false, *a) },
-	  'string'    => proc { |*a| Rex::Struct2::SString.new(*a) },
-	  'sstruct'   => proc { |*a| Rex::Struct2::SStruct.new(*a) },
-	  'object'    => proc { |o| o },
-	  'template'  => proc { |o| o.make_struct },
-	}
-
-	# CStruct.typedef(name, factory, ... )
-	def CStruct.typedef(*args)
-		while args.length >= 2
-			name    = args.shift
-			factory = args.shift
-			@@dt_table[name] = factory
-		end
-	end
-
-	def initialize(*dts)
-		super()
-		@name_table = [ ]
-		@v = Rex::Struct2::CStruct_Values.new(self)
-
-		return self.add_from_dt(*dts)
-	end
-
-	def add_from_dt(*dts)
-		dts.each { | dt |
-			return if !dt.kind_of?(Array) || dt.length < 2
-
-			type = dt[0]
-			name = dt[1]
-
-			factory = @@dt_table[type]
-
-			return if !factory
-
-			# call with the arguments passed in
-			obj = factory.call(*(dt[2 .. -1]))
-
-			self.add_object(name, obj)
-		}
-
-		return dts.length
-	end
-
-	def add_object(*objs)
-		while objs.length >= 2
-			@name_table << objs.shift
-			self        << objs.shift
-		end
-	end
-	# apply_restraint( name, restraint, name2, restraint2 ... )
-	def apply_restraint(*ress)
-		while ress.length >= 2
-			name = ress.shift
-			res  = ress.shift
-			self[name].restraint = res
-
-			# update the restrainted object, so it will update the value
-			# of the restrainter, with the initial size.  If you don't
-			# want this behavior, um, you'll have to be careful with what
-			# you supply as default values...
-			self[name].update_restraint
-		end
-		return self
-	end
-
-	# create_restraints( [ name, stuff_to_restraint_constructor ] ... )
-	def create_restraints(*ress)
-		ress.each { |r|
-			# make a copy before we modify...
-			r = r.dup
-			# resolve names into objects
-			r[1] = self[r[1]] if r[1]
-			r[2] = self[r[2]] if r[2]
-
-			# build and apply the restraint
-			self.apply_restraint(r[0], Rex::Struct2::Restraint.new(*r[1 .. -1]))
-		}
-
-		return self
-	end
-
-	# ya ya, I know, these are weird.  I'm not sure why I even bothered
-	# to inherit from array...
-	def [](index, *other)
-		if index.kind_of?(String)
-			i = @name_table.index(index)
-			return if !i
-			return super(i)
-		else
-			return super(index, *other)
-		end
-	end
-
-	def []=(index, *other)
-		if index.kind_of?(String)
-			i = @name_table.index(index)
-			return if !i
-			return super(i, *other)
-		else
-			return super(index, *other)
-		end
-	end
-	
-	# Produce a list of field names
-	def keys
-		@name_table
-	end
-	
-	# Iterate through all fields and values
-	def each_pair(&block)
-		@name_table.each do |k|
-			block.call(k, self.v[k])
-		end
-	end
+  require 'rex/struct2/element'
+  require 'rex/struct2/generic'
+  require 'rex/struct2/s_string'
+  require 'rex/struct2/c_struct_template'
+  require 'rex/struct2/restraint'
+
+  include Rex::Struct2::Element
+
+  attr_reader  :v
+
+  @@dt_table = {
+    'int8'      => proc { |*a| Rex::Struct2::Generic.new('C',  true, *a) },
+    'uint8'     => proc { |*a| Rex::Struct2::Generic.new('C', false, *a) },
+    'int16v'    => proc { |*a| Rex::Struct2::Generic.new('v',  true, *a) },
+    'uint16v'   => proc { |*a| Rex::Struct2::Generic.new('v', false, *a) },
+    'int32v'    => proc { |*a| Rex::Struct2::Generic.new('V',  true, *a) },
+    'uint32v'   => proc { |*a| Rex::Struct2::Generic.new('V', false, *a) },
+    'int64v'    => proc { |*a| Rex::Struct2::Generic.new('q',  true, *a) },
+    'uint64v'   => proc { |*a| Rex::Struct2::Generic.new('Q', false, *a) },
+    'int16n'    => proc { |*a| Rex::Struct2::Generic.new('n',  true, *a) },
+    'uint16n'   => proc { |*a| Rex::Struct2::Generic.new('n', false, *a) },
+    'int32n'    => proc { |*a| Rex::Struct2::Generic.new('N',  true, *a) },
+    'uint32n'   => proc { |*a| Rex::Struct2::Generic.new('N', false, *a) },
+    'string'    => proc { |*a| Rex::Struct2::SString.new(*a) },
+    'sstruct'   => proc { |*a| Rex::Struct2::SStruct.new(*a) },
+    'object'    => proc { |o| o },
+    'template'  => proc { |o| o.make_struct },
+  }
+
+  # CStruct.typedef(name, factory, ... )
+  def CStruct.typedef(*args)
+    while args.length >= 2
+      name    = args.shift
+      factory = args.shift
+      @@dt_table[name] = factory
+    end
+  end
+
+  def initialize(*dts)
+    super()
+    @name_table = [ ]
+    @v = Rex::Struct2::CStruct_Values.new(self)
+
+    return self.add_from_dt(*dts)
+  end
+
+  def add_from_dt(*dts)
+    dts.each { | dt |
+      return if !dt.kind_of?(Array) || dt.length < 2
+
+      type = dt[0]
+      name = dt[1]
+
+      factory = @@dt_table[type]
+
+      return if !factory
+
+      # call with the arguments passed in
+      obj = factory.call(*(dt[2 .. -1]))
+
+      self.add_object(name, obj)
+    }
+
+    return dts.length
+  end
+
+  def add_object(*objs)
+    while objs.length >= 2
+      @name_table << objs.shift
+      self        << objs.shift
+    end
+  end
+  # apply_restraint( name, restraint, name2, restraint2 ... )
+  def apply_restraint(*ress)
+    while ress.length >= 2
+      name = ress.shift
+      res  = ress.shift
+      self[name].restraint = res
+
+      # update the restrainted object, so it will update the value
+      # of the restrainter, with the initial size.  If you don't
+      # want this behavior, um, you'll have to be careful with what
+      # you supply as default values...
+      self[name].update_restraint
+    end
+    return self
+  end
+
+  # create_restraints( [ name, stuff_to_restraint_constructor ] ... )
+  def create_restraints(*ress)
+    ress.each { |r|
+      # make a copy before we modify...
+      r = r.dup
+      # resolve names into objects
+      r[1] = self[r[1]] if r[1]
+      r[2] = self[r[2]] if r[2]
+
+      # build and apply the restraint
+      self.apply_restraint(r[0], Rex::Struct2::Restraint.new(*r[1 .. -1]))
+    }
+
+    return self
+  end
+
+  # ya ya, I know, these are weird.  I'm not sure why I even bothered
+  # to inherit from array...
+  def [](index, *other)
+    if index.kind_of?(String)
+      i = @name_table.index(index)
+      return if !i
+      return super(i)
+    else
+      return super(index, *other)
+    end
+  end
+
+  def []=(index, *other)
+    if index.kind_of?(String)
+      i = @name_table.index(index)
+      return if !i
+      return super(i, *other)
+    else
+      return super(index, *other)
+    end
+  end
+
+  # Produce a list of field names
+  def keys
+    @name_table
+  end
+
+  # Iterate through all fields and values
+  def each_pair(&block)
+    @name_table.each do |k|
+      block.call(k, self.v[k])
+    end
+  end
 end
 
 # end Rex::Struct2