paraxial 1.3.0 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/paraxial/checker.rb +17 -30
- data/lib/paraxial/initializers/startup.rb +1 -1
- data/lib/paraxial/version.rb +1 -1
- data/lib/paraxial.rb +24 -17
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b51eef23aae22276c25b2f576f35d4a66fd2c0e286cd5d8b8c5ba86172bb9167
|
|
4
|
+
data.tar.gz: d1c5152de188f489b296ba377d0358fc8265bb5ba7d0cefb2b0975dfce2897fe
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f9720fcb74a4146551ff9a1c51d5d28bcb45e82d01ce0d6f28ee34f3923fc2c5c05b3a18548e34d92ba5aed8976541eccfc0c73be562404f3e0f7cd3a469b2d7
|
|
7
|
+
data.tar.gz: 1cf80129ca6b2ed6c1e2dbe422af2ea150bc4f245f45cb89e5eec2fe07a002ccedc3816f7e8a4a02ea4a46386d5ff61508517a3e85b3af1b6ec71ee5fe5e0f79
|
data/lib/paraxial/checker.rb
CHANGED
|
@@ -130,7 +130,11 @@ module Paraxial
|
|
|
130
130
|
end
|
|
131
131
|
|
|
132
132
|
def self.ban_ip_msg(ip, length, msg)
|
|
133
|
-
if
|
|
133
|
+
if whitelist_ip?(ip)
|
|
134
|
+
:on_whitelist
|
|
135
|
+
elsif blacklist_ip?(ip)
|
|
136
|
+
:already_banned
|
|
137
|
+
else
|
|
134
138
|
local_ban(ip)
|
|
135
139
|
|
|
136
140
|
uri = URI.parse(Paraxial::Helpers.get_ruby_ban_url)
|
|
@@ -147,8 +151,6 @@ module Paraxial
|
|
|
147
151
|
else
|
|
148
152
|
:error
|
|
149
153
|
end
|
|
150
|
-
else
|
|
151
|
-
:already_banned
|
|
152
154
|
end
|
|
153
155
|
end
|
|
154
156
|
|
|
@@ -166,19 +168,6 @@ module Paraxial
|
|
|
166
168
|
end
|
|
167
169
|
end
|
|
168
170
|
|
|
169
|
-
def self.ban_ip(ip)
|
|
170
|
-
local_ban(ip)
|
|
171
|
-
uri = URI.parse(Paraxial::Helpers.get_ban_url)
|
|
172
|
-
|
|
173
|
-
body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
|
|
174
|
-
r = Net::HTTP.post(uri, body.to_json, @headers)
|
|
175
|
-
if r.code == '200'
|
|
176
|
-
:ok
|
|
177
|
-
else
|
|
178
|
-
:error
|
|
179
|
-
end
|
|
180
|
-
end
|
|
181
|
-
|
|
182
171
|
def self.local_ban(ip)
|
|
183
172
|
if ip.include?('.')
|
|
184
173
|
# IPv4
|
|
@@ -193,21 +182,19 @@ module Paraxial
|
|
|
193
182
|
end
|
|
194
183
|
end
|
|
195
184
|
|
|
196
|
-
def self.
|
|
185
|
+
def self.whitelist_ip?(ip)
|
|
197
186
|
if ip.include?('.')
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
else # v6 on no list
|
|
210
|
-
true
|
|
187
|
+
!@allows['v4'].search_best(ip).nil? # v4 on allow list
|
|
188
|
+
else
|
|
189
|
+
!@allows['v6'].search_best(ip).nil? # v6 on allow list
|
|
190
|
+
end
|
|
191
|
+
end
|
|
192
|
+
|
|
193
|
+
def self.blacklist_ip?(ip)
|
|
194
|
+
if ip.include?('.')
|
|
195
|
+
!@bans['v4'].search_best(ip).nil? # v4 on allow list
|
|
196
|
+
else
|
|
197
|
+
!@bans['v6'].search_best(ip).nil? # v6 on allow list
|
|
211
198
|
end
|
|
212
199
|
end
|
|
213
200
|
end
|
|
@@ -7,7 +7,7 @@ require_relative '../free_tier'
|
|
|
7
7
|
|
|
8
8
|
Bundler.setup
|
|
9
9
|
|
|
10
|
-
unless Rails.env.test? || File.basename($0) == 'rake' ||
|
|
10
|
+
unless Rails.env.test? || File.basename($0) == 'rake' || Paraxial.do_not_start?
|
|
11
11
|
Rails.application.config.to_prepare do
|
|
12
12
|
puts "[Paraxial] v#{Paraxial::VERSION} Agent starting..."
|
|
13
13
|
api_key = Paraxial::Helpers.get_api_key
|
data/lib/paraxial/version.rb
CHANGED
data/lib/paraxial.rb
CHANGED
|
@@ -98,14 +98,16 @@ module Paraxial
|
|
|
98
98
|
def self.req_allowed?(request)
|
|
99
99
|
return if Paraxial::Helpers.get_api_key.nil?
|
|
100
100
|
|
|
101
|
-
if request.
|
|
102
|
-
false
|
|
103
|
-
elsif Paraxial::Checker.allow_ip?(request.remote_ip) == true
|
|
101
|
+
if Paraxial::Checker.whitelist_ip?(request.remote_ip)
|
|
104
102
|
request.env['paraxial.deny'] = false
|
|
105
103
|
true
|
|
106
|
-
|
|
104
|
+
elsif Paraxial::Checker.blacklist_ip?(request.remote_ip)
|
|
107
105
|
request.env['paraxial.deny'] = true
|
|
108
106
|
false
|
|
107
|
+
elsif request.env['paraxial.deny']
|
|
108
|
+
false
|
|
109
|
+
else
|
|
110
|
+
true
|
|
109
111
|
end
|
|
110
112
|
end
|
|
111
113
|
|
|
@@ -129,12 +131,6 @@ module Paraxial
|
|
|
129
131
|
end
|
|
130
132
|
end
|
|
131
133
|
|
|
132
|
-
def self.ban_ip(ip)
|
|
133
|
-
return if Paraxial::Helpers.get_api_key.nil?
|
|
134
|
-
|
|
135
|
-
Paraxial::Checker.ban_ip(ip)
|
|
136
|
-
end
|
|
137
|
-
|
|
138
134
|
def self.ban_ip_msg(ip, length, msg)
|
|
139
135
|
return if Paraxial::Helpers.get_api_key.nil?
|
|
140
136
|
|
|
@@ -147,12 +143,6 @@ module Paraxial
|
|
|
147
143
|
Paraxial::Checker.honeypot_ban(ip, length)
|
|
148
144
|
end
|
|
149
145
|
|
|
150
|
-
def self.allow_ip?(ip)
|
|
151
|
-
return if Paraxial::Helpers.get_api_key.nil?
|
|
152
|
-
|
|
153
|
-
Paraxial::Checker.allow_ip?(ip)
|
|
154
|
-
end
|
|
155
|
-
|
|
156
146
|
def self.trim_dep(input)
|
|
157
147
|
if input.nil?
|
|
158
148
|
nil
|
|
@@ -176,7 +166,7 @@ module Paraxial
|
|
|
176
166
|
|
|
177
167
|
def self.check_exploit_guard
|
|
178
168
|
if configuration.nil?
|
|
179
|
-
puts "[Paraxial] Exploit Guard, no configuration exists, will not run"
|
|
169
|
+
# puts "[Paraxial] Exploit Guard, no configuration exists, will not run"
|
|
180
170
|
return
|
|
181
171
|
end
|
|
182
172
|
|
|
@@ -199,4 +189,21 @@ module Paraxial
|
|
|
199
189
|
@exploit_guard = nil
|
|
200
190
|
end
|
|
201
191
|
end
|
|
192
|
+
|
|
193
|
+
def self.do_not_start?
|
|
194
|
+
defined?(Rails::Command::CredentialsCommand) ||
|
|
195
|
+
defined?(Rails::Command::Db::System::ChangeCommand) ||
|
|
196
|
+
defined?(Rails::Command::DbConsoleCommand) ||
|
|
197
|
+
defined?(Rails::Command::DestroyCommand) ||
|
|
198
|
+
defined?(Rails::Command::DevCommand) ||
|
|
199
|
+
defined?(Rails::Command::EncryptedCommand) ||
|
|
200
|
+
defined?(Rails::Command::GenerateCommand) ||
|
|
201
|
+
defined?(Rails::Command::InitializersCommand) ||
|
|
202
|
+
defined?(Rails::Command::NotesCommand) ||
|
|
203
|
+
defined?(Rails::Command::RoutesCommand) ||
|
|
204
|
+
defined?(Rails::Command::RunnerCommand) ||
|
|
205
|
+
defined?(Rails::Command::SecretsCommand) ||
|
|
206
|
+
defined?(Rails::Command::AboutCommand) ||
|
|
207
|
+
defined?(Rails::Command::DbconsoleCommand)
|
|
208
|
+
end
|
|
202
209
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: paraxial
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michael Lubas
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-11-
|
|
11
|
+
date: 2024-11-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -133,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
133
133
|
- !ruby/object:Gem::Version
|
|
134
134
|
version: '0'
|
|
135
135
|
requirements: []
|
|
136
|
-
rubygems_version: 3.5.
|
|
136
|
+
rubygems_version: 3.5.23
|
|
137
137
|
signing_key:
|
|
138
138
|
specification_version: 4
|
|
139
139
|
summary: Paraxial.io Ruby Agent
|