patronus_fati 0.9.23 → 0.9.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/patronus_fati/consts.rb +0 -5
- data/lib/patronus_fati/message_processor/alert.rb +3 -0
- data/lib/patronus_fati/message_processor/bssid.rb +4 -4
- data/lib/patronus_fati/message_processor/client.rb +4 -4
- data/lib/patronus_fati/message_processor/ssid.rb +4 -4
- data/lib/patronus_fati/message_processor.rb +5 -0
- data/lib/patronus_fati/version.rb +1 -1
- data/lib/patronus_fati.rb +8 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 16a317acf1d621054cb167f661a59626b6abd5f9
|
|
4
|
+
data.tar.gz: f6a7904b7301861e0866cb87b0ea78f090acc514
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bbe5e2c8f3c1fad88e4f1c406b5a572b546d9940e6cf947fcd3e998da7e3ceb4751c26a9db7df9235288e6b5b72dce5f97a98d5154c1d8dd3fb54a4c9febf446
|
|
7
|
+
data.tar.gz: 093f50a97c650e4bf05ac1998b10c6eb87513501a96bd49e7d48180b053fb846623f8d4ce8bd320f2d17484252622bb996b7a71883f653e17ef8a132748733e5
|
data/lib/patronus_fati/consts.rb
CHANGED
|
@@ -79,11 +79,6 @@ module PatronusFati
|
|
|
79
79
|
# consider no longer actively connected.
|
|
80
80
|
CONNECTION_EXPIRATION = 1800
|
|
81
81
|
|
|
82
|
-
# This is how long after startup we trust kismet's timestamps. It apparently
|
|
83
|
-
# does not reliably update it's timestamps so after the initial flood we
|
|
84
|
-
# start ignoring it.
|
|
85
|
-
STARTUP_TRUST_WINDOW = 300
|
|
86
|
-
|
|
87
82
|
# Number of seconds before we consider an access point no longer advertising
|
|
88
83
|
# an SSID. It is safe for this to be longer than the AP expiration; If we
|
|
89
84
|
# think the AP has gone offline we will automatically mark all SSIDs as
|
|
@@ -2,6 +2,9 @@ module PatronusFati::MessageProcessor::Alert
|
|
|
2
2
|
include PatronusFati::MessageProcessor
|
|
3
3
|
|
|
4
4
|
def self.process(obj)
|
|
5
|
+
# Ignore the initial flood of cached data
|
|
6
|
+
return unless PatronusFati.past_initial_flood?
|
|
7
|
+
|
|
5
8
|
PatronusFati.event_handler.event(:alert, :new, process_obj(obj))
|
|
6
9
|
|
|
7
10
|
nil
|
|
@@ -2,10 +2,10 @@ module PatronusFati::MessageProcessor::Bssid
|
|
|
2
2
|
include PatronusFati::MessageProcessor
|
|
3
3
|
|
|
4
4
|
def self.process(obj)
|
|
5
|
-
#
|
|
6
|
-
#
|
|
7
|
-
return
|
|
8
|
-
obj[:lasttime]
|
|
5
|
+
# Ignore the initial flood of cached data and any objects that would have
|
|
6
|
+
# already expired
|
|
7
|
+
return unless PatronusFati.past_initial_flood? &&
|
|
8
|
+
obj[:lasttime] >= PatronusFati::DataModels::Ssid.current_expiration_threshold
|
|
9
9
|
|
|
10
10
|
# Some messages from kismet come in corrupted with partial MACs. We care
|
|
11
11
|
# not for them, just drop the bad data.
|
|
@@ -2,10 +2,10 @@ module PatronusFati::MessageProcessor::Client
|
|
|
2
2
|
include PatronusFati::MessageProcessor
|
|
3
3
|
|
|
4
4
|
def self.process(obj)
|
|
5
|
-
#
|
|
6
|
-
#
|
|
7
|
-
return
|
|
8
|
-
obj[:lasttime]
|
|
5
|
+
# Ignore the initial flood of cached data and any objects that would have
|
|
6
|
+
# already expired
|
|
7
|
+
return unless PatronusFati.past_initial_flood? &&
|
|
8
|
+
obj[:lasttime] >= PatronusFati::DataModels::Ssid.current_expiration_threshold
|
|
9
9
|
|
|
10
10
|
# obj[:mac] is the client's MAC address
|
|
11
11
|
# obj[:bssid] is the AP's MAC address
|
|
@@ -2,10 +2,10 @@ module PatronusFati::MessageProcessor::Ssid
|
|
|
2
2
|
include PatronusFati::MessageProcessor
|
|
3
3
|
|
|
4
4
|
def self.process(obj)
|
|
5
|
-
#
|
|
6
|
-
#
|
|
7
|
-
return
|
|
8
|
-
obj[:lasttime]
|
|
5
|
+
# Ignore the initial flood of cached data and any objects that would have
|
|
6
|
+
# already expired
|
|
7
|
+
return unless PatronusFati.past_initial_flood? &&
|
|
8
|
+
obj[:lasttime] >= PatronusFati::DataModels::Ssid.current_expiration_threshold
|
|
9
9
|
|
|
10
10
|
ssid_info = ssid_data(obj.attributes)
|
|
11
11
|
|
|
@@ -73,6 +73,11 @@ module PatronusFati
|
|
|
73
73
|
end
|
|
74
74
|
|
|
75
75
|
def self.handle(message_obj)
|
|
76
|
+
if !PatronusFati.past_initial_flood? && @last_msg_received && (Time.now.to_f - @last_msg_received) >= 0.8
|
|
77
|
+
PatronusFati.past_initial_flood!
|
|
78
|
+
end
|
|
79
|
+
@last_msg_received = Time.now.to_f
|
|
80
|
+
|
|
76
81
|
periodic_flush
|
|
77
82
|
report_recently_seen
|
|
78
83
|
result = factory(class_to_name(message_obj), message_obj)
|
data/lib/patronus_fati.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: patronus_fati
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.9.
|
|
4
|
+
version: 0.9.24
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sam Stelfox
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-01-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dm-constraints
|
|
@@ -371,7 +371,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
371
371
|
version: '0'
|
|
372
372
|
requirements: []
|
|
373
373
|
rubyforge_project:
|
|
374
|
-
rubygems_version: 2.
|
|
374
|
+
rubygems_version: 2.6.8
|
|
375
375
|
signing_key:
|
|
376
376
|
specification_version: 4
|
|
377
377
|
summary: A ruby implementation of the Kismet client protocol.
|