patronus_fati 0.9.23 → 0.9.24
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/patronus_fati/consts.rb +0 -5
- data/lib/patronus_fati/message_processor/alert.rb +3 -0
- data/lib/patronus_fati/message_processor/bssid.rb +4 -4
- data/lib/patronus_fati/message_processor/client.rb +4 -4
- data/lib/patronus_fati/message_processor/ssid.rb +4 -4
- data/lib/patronus_fati/message_processor.rb +5 -0
- data/lib/patronus_fati/version.rb +1 -1
- data/lib/patronus_fati.rb +8 -0
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 16a317acf1d621054cb167f661a59626b6abd5f9
|
4
|
+
data.tar.gz: f6a7904b7301861e0866cb87b0ea78f090acc514
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bbe5e2c8f3c1fad88e4f1c406b5a572b546d9940e6cf947fcd3e998da7e3ceb4751c26a9db7df9235288e6b5b72dce5f97a98d5154c1d8dd3fb54a4c9febf446
|
7
|
+
data.tar.gz: 093f50a97c650e4bf05ac1998b10c6eb87513501a96bd49e7d48180b053fb846623f8d4ce8bd320f2d17484252622bb996b7a71883f653e17ef8a132748733e5
|
data/lib/patronus_fati/consts.rb
CHANGED
@@ -79,11 +79,6 @@ module PatronusFati
|
|
79
79
|
# consider no longer actively connected.
|
80
80
|
CONNECTION_EXPIRATION = 1800
|
81
81
|
|
82
|
-
# This is how long after startup we trust kismet's timestamps. It apparently
|
83
|
-
# does not reliably update it's timestamps so after the initial flood we
|
84
|
-
# start ignoring it.
|
85
|
-
STARTUP_TRUST_WINDOW = 300
|
86
|
-
|
87
82
|
# Number of seconds before we consider an access point no longer advertising
|
88
83
|
# an SSID. It is safe for this to be longer than the AP expiration; If we
|
89
84
|
# think the AP has gone offline we will automatically mark all SSIDs as
|
@@ -2,6 +2,9 @@ module PatronusFati::MessageProcessor::Alert
|
|
2
2
|
include PatronusFati::MessageProcessor
|
3
3
|
|
4
4
|
def self.process(obj)
|
5
|
+
# Ignore the initial flood of cached data
|
6
|
+
return unless PatronusFati.past_initial_flood?
|
7
|
+
|
5
8
|
PatronusFati.event_handler.event(:alert, :new, process_obj(obj))
|
6
9
|
|
7
10
|
nil
|
@@ -2,10 +2,10 @@ module PatronusFati::MessageProcessor::Bssid
|
|
2
2
|
include PatronusFati::MessageProcessor
|
3
3
|
|
4
4
|
def self.process(obj)
|
5
|
-
#
|
6
|
-
#
|
7
|
-
return
|
8
|
-
obj[:lasttime]
|
5
|
+
# Ignore the initial flood of cached data and any objects that would have
|
6
|
+
# already expired
|
7
|
+
return unless PatronusFati.past_initial_flood? &&
|
8
|
+
obj[:lasttime] >= PatronusFati::DataModels::Ssid.current_expiration_threshold
|
9
9
|
|
10
10
|
# Some messages from kismet come in corrupted with partial MACs. We care
|
11
11
|
# not for them, just drop the bad data.
|
@@ -2,10 +2,10 @@ module PatronusFati::MessageProcessor::Client
|
|
2
2
|
include PatronusFati::MessageProcessor
|
3
3
|
|
4
4
|
def self.process(obj)
|
5
|
-
#
|
6
|
-
#
|
7
|
-
return
|
8
|
-
obj[:lasttime]
|
5
|
+
# Ignore the initial flood of cached data and any objects that would have
|
6
|
+
# already expired
|
7
|
+
return unless PatronusFati.past_initial_flood? &&
|
8
|
+
obj[:lasttime] >= PatronusFati::DataModels::Ssid.current_expiration_threshold
|
9
9
|
|
10
10
|
# obj[:mac] is the client's MAC address
|
11
11
|
# obj[:bssid] is the AP's MAC address
|
@@ -2,10 +2,10 @@ module PatronusFati::MessageProcessor::Ssid
|
|
2
2
|
include PatronusFati::MessageProcessor
|
3
3
|
|
4
4
|
def self.process(obj)
|
5
|
-
#
|
6
|
-
#
|
7
|
-
return
|
8
|
-
obj[:lasttime]
|
5
|
+
# Ignore the initial flood of cached data and any objects that would have
|
6
|
+
# already expired
|
7
|
+
return unless PatronusFati.past_initial_flood? &&
|
8
|
+
obj[:lasttime] >= PatronusFati::DataModels::Ssid.current_expiration_threshold
|
9
9
|
|
10
10
|
ssid_info = ssid_data(obj.attributes)
|
11
11
|
|
@@ -73,6 +73,11 @@ module PatronusFati
|
|
73
73
|
end
|
74
74
|
|
75
75
|
def self.handle(message_obj)
|
76
|
+
if !PatronusFati.past_initial_flood? && @last_msg_received && (Time.now.to_f - @last_msg_received) >= 0.8
|
77
|
+
PatronusFati.past_initial_flood!
|
78
|
+
end
|
79
|
+
@last_msg_received = Time.now.to_f
|
80
|
+
|
76
81
|
periodic_flush
|
77
82
|
report_recently_seen
|
78
83
|
result = factory(class_to_name(message_obj), message_obj)
|
data/lib/patronus_fati.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: patronus_fati
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.24
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Stelfox
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-01-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dm-constraints
|
@@ -371,7 +371,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
371
371
|
version: '0'
|
372
372
|
requirements: []
|
373
373
|
rubyforge_project:
|
374
|
-
rubygems_version: 2.
|
374
|
+
rubygems_version: 2.6.8
|
375
375
|
signing_key:
|
376
376
|
specification_version: 4
|
377
377
|
summary: A ruby implementation of the Kismet client protocol.
|