pstream 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: db60008303d60fa05efe50c9481ad9218c69f7f2
4
- data.tar.gz: 7eb962f4c41ee92d12b2ae00d68e783d92ba8954
3
+ metadata.gz: 2afaa0231c97802387625086c64da95b5ce114c2
4
+ data.tar.gz: 6e187acbce7c6c027faafacdcf1cd732f63e9ecf
5
5
  SHA512:
6
- metadata.gz: 91c364b4931a5f687ef496e1705101ecad13097aa7c8dc5e490e45cfdee15fac03290034db6ff0992f38399245ff2b08d7a938f521de5e30cfbd05328a581d97
7
- data.tar.gz: 371ed0e85b84eb5ce2c66c3e0b5a594055c6a08e092146c9fdb75fec6a7e1f83f9c2a4f5c38920aeeb2758c4c74e2d3d2e98de79f395e9cadbf9fa782f8ae9cf
6
+ metadata.gz: becd5a9ac9389461223797903374a9b4d8d26384748bacd8f2d1bd4dbb512df26ed0b3a6d525d6407f36040dfb15c7230e52f188f5c26b62b2b504a2fcb832e1
7
+ data.tar.gz: 3a1f74c8c74442bb8b8a31743bdb2295b31686592d802a5992e5d1fadc4c9fd2d638719d598ddda6c40078f9a591b4c37daa2ac34062433a872160714da8b4d9
data/bin/pstream CHANGED
@@ -41,6 +41,10 @@ def parse(args)
41
41
  exit PStreamExit::GOOD
42
42
  end
43
43
 
44
+ opts.on("--nocolor", "Disable colorized output") do
45
+ String.disable_colorization = true
46
+ end
47
+
44
48
  opts.on("-s", "--stream=NUM", "Show specified stream") do |s|
45
49
  options["stream"] = s.to_i
46
50
  end
@@ -91,14 +95,48 @@ begin
91
95
  pstream = PStream.new(options["pcap"])
92
96
 
93
97
  if (options["stream"])
94
- puts pstream.get_stream(
98
+ pstream.get_stream(
95
99
  options["stream"].to_i,
96
100
  options["prot"]
97
- ).contents
101
+ ).contents.split("\n").each do |line|
102
+ m = line.match(/([0-9A-Fa-f]{8}) (.*) (.{17})/)
103
+ puts [
104
+ m[1].light_blue,
105
+ m[2].light_green,
106
+ m[3].white
107
+ ].join(" ")
108
+ end
98
109
  elsif (options["ciphers"])
99
110
  puts pstream.ciphers
100
111
  else
101
- puts pstream.to_s
112
+ pstream.to_s.split("\n").each do |line|
113
+ case line
114
+ when /.*:$/
115
+ # Headers
116
+ puts line.white
117
+ when /<->/
118
+ # Streams
119
+ m = line.match(/([0-9]+) \| (.+) \| ([0-9]+ Frames)/)
120
+ puts [
121
+ m[1].light_blue,
122
+ m[2].light_green,
123
+ m[3].light_white
124
+ ].join(" | ")
125
+ else
126
+ case line
127
+ when /Unknown/
128
+ puts line.light_yellow
129
+ when /NULL|MD5|RC4|anon/
130
+ # Bad cipher suites
131
+ puts line.light_red
132
+ when /E?(EC)?DHE?|AES_256/
133
+ # Great cipher suites
134
+ puts line.light_green
135
+ else
136
+ puts line.white
137
+ end
138
+ end
139
+ end
102
140
  end
103
141
  rescue PStream::Error => e
104
142
  $stderr.puts e.message.red
data/lib/pstream.rb CHANGED
@@ -2,8 +2,7 @@ require "pathname"
2
2
  require "scoobydoo"
3
3
 
4
4
  class PStream
5
- attr_reader :tcp_streams
6
- attr_reader :udp_streams
5
+ attr_reader :streams
7
6
 
8
7
  def ciphers
9
8
  # List ciphers during ssl handshake
@@ -16,24 +15,28 @@ class PStream
16
15
 
17
16
  def get_stream(stream, prot = "tcp")
18
17
  case prot
19
- when "tcp"
20
- if (@tcp_streams.empty? && !@udp_streams.empty?)
18
+ when /^tcp$/i
19
+ if (@streams["tcp"].empty? && !@streams["udp"].empty?)
21
20
  return get_stream(stream, "udp")
22
21
  end
23
- if (stream >= @tcp_streams.length)
22
+ if (stream >= @streams["tcp"].length)
23
+ if (stream < @streams["udp"].length)
24
+ return @streams["udp"][stream]
25
+ end
24
26
  raise PStream::Error::StreamNotFound.new(stream, prot)
25
- else
26
- return @tcp_streams[stream]
27
27
  end
28
- when "udp"
29
- if (@udp_streams.empty? && !@tcp_streams.empty?)
30
- return get_stream(stream, "udp")
28
+ return @streams["tcp"][stream]
29
+ when /^udp$/i
30
+ if (@streams["udp"].empty? && !@streams["tcp"].empty?)
31
+ return get_stream(stream, "tcp")
31
32
  end
32
- if (stream >= @udp_streams.length)
33
+ if (stream >= @streams["udp"].length)
34
+ if (stream < @streams["tcp"].length)
35
+ return @streams["tcp"][stream]
36
+ end
33
37
  raise PStream::Error::StreamNotFound.new(stream, prot)
34
- else
35
- return @udp_streams[stream]
36
38
  end
39
+ return @streams["udp"][stream]
37
40
  else
38
41
  raise PStream::Error::ProtocolNotSupported.new(prot)
39
42
  end
@@ -41,7 +44,7 @@ class PStream
41
44
 
42
45
  def get_streams(prot)
43
46
  case prot
44
- when "tcp", "udp"
47
+ when /^tcp$/i, /^udp$/i
45
48
  # Do nothing
46
49
  else
47
50
  raise PStream::Error::ProtocolNotSupported.new(prot)
@@ -57,11 +60,7 @@ class PStream
57
60
  count = 0
58
61
  out.split("\n").each do |line|
59
62
  desc, frames = line.split(" | ")
60
-
61
- id = count
62
- id = desc.gsub(" <-> ", ",") if (prot == "udp")
63
-
64
- streams.push(Stream.new(@pcap, prot, id, desc, frames))
63
+ streams.push(Stream.new(@pcap, prot, count, desc, frames))
65
64
  count += 1
66
65
  end
67
66
 
@@ -82,8 +81,10 @@ class PStream
82
81
  raise PStream::Error::PcapNotReadable.new(@pcap)
83
82
  end
84
83
 
85
- @tcp_streams = get_streams("tcp")
86
- @udp_streams = get_streams("udp")
84
+ @streams = Hash.new
85
+ ["tcp", "udp"].each do |prot|
86
+ @streams[prot] = get_streams(prot)
87
+ end
87
88
  end
88
89
 
89
90
  def negotiated_ciphers
@@ -99,23 +100,14 @@ class PStream
99
100
  def summary
100
101
  ret = Array.new
101
102
 
102
- # List TCP streams
103
- ret.push("TCP Streams:")
104
- count = 0
105
- @tcp_streams.each do |stream|
106
- ret.push("#{count} | #{stream.desc} | #{stream.frames}")
107
- count += 1
108
- end
109
- ret.push("")
110
-
111
- # List UDP streams
112
- ret.push("UDP Streams:")
113
- count = 0
114
- @udp_streams.each do |stream|
115
- ret.push("#{count} | #{stream.desc} | #{stream.frames}")
116
- count += 1
103
+ # List streams
104
+ ["tcp", "udp"].each do |prot|
105
+ ret.push("#{prot} streams:")
106
+ @streams[prot].each do |s|
107
+ ret.push("#{s.id} | #{s.desc} | #{s.frames}")
108
+ end
109
+ ret.push("")
117
110
  end
118
- ret.push("")
119
111
 
120
112
  # List ciphers that were actually selected
121
113
  ret.push("Ciphers in use:")
@@ -4,8 +4,17 @@ class PStream::Stream
4
4
  attr_reader :id
5
5
 
6
6
  def contents
7
+ case @prot
8
+ when /^tcp$/i
9
+ id=@id
10
+ when /^udp$/i
11
+ id=@desc.gsub(" <-> ", ",")
12
+ else
13
+ raise PStream::Error::ProtocolNotSupported.new(@prot)
14
+ end
15
+
7
16
  out = %x(
8
- tshark -r #{@pcap} -z follow,#{@prot},hex,#{@id} | \
17
+ tshark -r #{@pcap} -z follow,#{@prot},hex,#{id} | \
9
18
  sed "s|^ ||" | \grep -E "^[0-9A-Fa-f]{8}"
10
19
  )
11
20
  return out
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pstream
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.6
4
+ version: 0.1.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Miles Whittaker
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-03-03 00:00:00.000000000 Z
11
+ date: 2016-03-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: colorize