patronus_fati 0.9.9 → 0.9.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/patronus_fati/message_processor/client.rb +15 -9
- data/lib/patronus_fati/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 30a45534df56bbc7541ead1896e279e351011bfd
|
4
|
+
data.tar.gz: 22a7548d50463aa2fe9ee287d9940ebfb8171073
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c740113e2d63eec12a1c6657218b879a68476357db7511606c86d8ba69f2e70a7dd42f0d460d922f87785a914fd4b8c6177656c333ae9be9ecbcfe3d63677cba
|
7
|
+
data.tar.gz: 292ef8ca17abbda49f2aec6a8948713a272aba5e4490bbacc3239da2f750c4bf2423f9b119f6df4914a5e4fb88476f651af46dd93651f8deb75fc228c50ab87a
|
@@ -5,32 +5,38 @@ module PatronusFati::MessageProcessor::Client
|
|
5
5
|
# We don't care about objects that would have expired already...
|
6
6
|
return if obj[:lasttime] < PatronusFati::DataModels::Client.current_expiration_threshold
|
7
7
|
|
8
|
-
|
9
|
-
|
10
|
-
|
8
|
+
unless obj[:bssid].nil? || obj[:bssid].empty? || obj[:bssid] == obj[:mac]
|
9
|
+
return unless (ap = PatronusFati::DataModels::AccessPoint.first(bssid: obj[:bssid]))
|
10
|
+
ap.seen!
|
11
|
+
end
|
11
12
|
|
12
13
|
# Some messages from kismet come in corrupted with partial MACs. We care
|
13
14
|
# not for them, just drop the bad data.
|
14
15
|
return unless obj[:mac].match(/^([0-9a-f]{2}[:-]){5}[0-9a-f]{2}$/)
|
15
16
|
|
16
17
|
client_info = client_data(obj.attributes)
|
17
|
-
|
18
|
-
|
18
|
+
|
19
|
+
# These potentially represent wired assets leaking through the WiFi and
|
20
|
+
# devices not following the 802.11 spec.
|
21
|
+
if %w( unknown from_ds ).include?(obj[:type]) || obj[:mac].nil?
|
22
|
+
client = PatronusFati::DataModels::Client.first({bssid: obj[:mac]})
|
23
|
+
else
|
24
|
+
client = PatronusFati::DataModels::Client.first_or_create({bssid: obj[:mac]}, client_info)
|
25
|
+
end
|
26
|
+
client.update(client_info) if client
|
19
27
|
|
20
28
|
# Don't deal in associations that are outside of our connection expiration
|
21
29
|
# time...
|
22
30
|
return if obj[:lasttime] < PatronusFati::DataModels::Connection.current_expiration_threshold
|
23
31
|
|
24
32
|
# Handle the associations
|
25
|
-
|
26
|
-
return unless (ap = PatronusFati::DataModels::AccessPoint.first(bssid: obj[:bssid]))
|
27
|
-
ap.seen!
|
28
|
-
|
33
|
+
if ap && client
|
29
34
|
if (conn = PatronusFati::DataModels::Connection.connected.first(client: client, access_point: ap))
|
30
35
|
conn.seen!
|
31
36
|
else
|
32
37
|
average = (obj[:datapackets] == 0 ? 0 : obj[:datasize] / obj[:datapackets])
|
33
38
|
|
39
|
+
# Create a connection only if it meets our thresholding logic below
|
34
40
|
return unless !(obj[:gatewayip].nil? || obj[:ip].nil?) ||
|
35
41
|
(average >= 156 && obj[:datapackets] > 10) ||
|
36
42
|
(average >= 110 && obj[:datapackets] > 50)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: patronus_fati
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Stelfox
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-02-
|
11
|
+
date: 2016-02-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dm-constraints
|
@@ -374,7 +374,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
374
374
|
version: '0'
|
375
375
|
requirements: []
|
376
376
|
rubyforge_project:
|
377
|
-
rubygems_version: 2.4.
|
377
|
+
rubygems_version: 2.4.8
|
378
378
|
signing_key:
|
379
379
|
specification_version: 4
|
380
380
|
summary: A ruby implementation of the Kismet client protocol.
|