RubyGems - pstream - Versions diffs - 0.1.6 → 0.1.7 - Mend

pstream 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: db60008303d60fa05efe50c9481ad9218c69f7f2
-  data.tar.gz: 7eb962f4c41ee92d12b2ae00d68e783d92ba8954
+  metadata.gz: 2afaa0231c97802387625086c64da95b5ce114c2
+  data.tar.gz: 6e187acbce7c6c027faafacdcf1cd732f63e9ecf
 SHA512:
-  metadata.gz: 91c364b4931a5f687ef496e1705101ecad13097aa7c8dc5e490e45cfdee15fac03290034db6ff0992f38399245ff2b08d7a938f521de5e30cfbd05328a581d97
-  data.tar.gz: 371ed0e85b84eb5ce2c66c3e0b5a594055c6a08e092146c9fdb75fec6a7e1f83f9c2a4f5c38920aeeb2758c4c74e2d3d2e98de79f395e9cadbf9fa782f8ae9cf
+  metadata.gz: becd5a9ac9389461223797903374a9b4d8d26384748bacd8f2d1bd4dbb512df26ed0b3a6d525d6407f36040dfb15c7230e52f188f5c26b62b2b504a2fcb832e1
+  data.tar.gz: 3a1f74c8c74442bb8b8a31743bdb2295b31686592d802a5992e5d1fadc4c9fd2d638719d598ddda6c40078f9a591b4c37daa2ac34062433a872160714da8b4d9

data/bin/pstream CHANGED Viewed

@@ -41,6 +41,10 @@ def parse(args)
             exit PStreamExit::GOOD
         end
+        opts.on("--nocolor", "Disable colorized output") do
+            String.disable_colorization = true
+        end
         opts.on("-s", "--stream=NUM", "Show specified stream") do |s|
             options["stream"] = s.to_i
         end
@@ -91,14 +95,48 @@ begin
     pstream = PStream.new(options["pcap"])
     if (options["stream"])
-        puts pstream.get_stream(
+        pstream.get_stream(
             options["stream"].to_i,
             options["prot"]
-        ).contents
+        ).contents.split("\n").each do |line|
+            m = line.match(/([0-9A-Fa-f]{8}) (.*) (.{17})/)
+            puts [
+                m[1].light_blue,
+                m[2].light_green,
+                m[3].white
+            ].join(" ")
+        end
     elsif (options["ciphers"])
         puts pstream.ciphers
     else
-        puts pstream.to_s
+        pstream.to_s.split("\n").each do |line|
+            case line
+            when /.*:$/
+                # Headers
+                puts line.white
+            when /<->/
+                # Streams
+                m = line.match(/([0-9]+) \| (.+) \| ([0-9]+ Frames)/)
+                puts [
+                    m[1].light_blue,
+                    m[2].light_green,
+                    m[3].light_white
+                ].join(" | ")
+            else
+                case line
+                when /Unknown/
+                    puts line.light_yellow
+                when /NULL|MD5|RC4|anon/
+                    # Bad cipher suites
+                    puts line.light_red
+                when /E?(EC)?DHE?|AES_256/
+                    # Great cipher suites
+                    puts line.light_green
+                else
+                    puts line.white
+                end
+            end
+        end
     end
 rescue PStream::Error => e
     $stderr.puts e.message.red

data/lib/pstream.rb CHANGED Viewed

@@ -2,8 +2,7 @@ require "pathname"
 require "scoobydoo"
 class PStream
-    attr_reader :tcp_streams
-    attr_reader :udp_streams
+    attr_reader :streams
     def ciphers
         # List ciphers during ssl handshake
@@ -16,24 +15,28 @@ class PStream
     def get_stream(stream, prot = "tcp")
         case prot
-        when "tcp"
-            if (@tcp_streams.empty? && !@udp_streams.empty?)
+        when /^tcp$/i
+            if (@streams["tcp"].empty? && !@streams["udp"].empty?)
                 return get_stream(stream, "udp")
             end
-            if (stream >= @tcp_streams.length)
+            if (stream >= @streams["tcp"].length)
+                if (stream < @streams["udp"].length)
+                    return @streams["udp"][stream]
+                end
                 raise PStream::Error::StreamNotFound.new(stream, prot)
-            else
-                return @tcp_streams[stream]
             end
-        when "udp"
-            if (@udp_streams.empty? && !@tcp_streams.empty?)
-                return get_stream(stream, "udp")
+            return @streams["tcp"][stream]
+        when /^udp$/i
+            if (@streams["udp"].empty? && !@streams["tcp"].empty?)
+                return get_stream(stream, "tcp")
             end
-            if (stream >= @udp_streams.length)
+            if (stream >= @streams["udp"].length)
+                if (stream < @streams["tcp"].length)
+                    return @streams["tcp"][stream]
+                end
                 raise PStream::Error::StreamNotFound.new(stream, prot)
-            else
-                return @udp_streams[stream]
             end
+            return @streams["udp"][stream]
         else
             raise PStream::Error::ProtocolNotSupported.new(prot)
         end
@@ -41,7 +44,7 @@ class PStream
     def get_streams(prot)
         case prot
-        when "tcp", "udp"
+        when /^tcp$/i, /^udp$/i
             # Do nothing
         else
             raise PStream::Error::ProtocolNotSupported.new(prot)
@@ -57,11 +60,7 @@ class PStream
         count = 0
         out.split("\n").each do |line|
             desc, frames = line.split(" | ")
-            id = count
-            id = desc.gsub(" <-> ", ",") if (prot == "udp")
-            streams.push(Stream.new(@pcap, prot, id, desc, frames))
+            streams.push(Stream.new(@pcap, prot, count, desc, frames))
             count += 1
         end
@@ -82,8 +81,10 @@ class PStream
             raise PStream::Error::PcapNotReadable.new(@pcap)
         end
-        @tcp_streams = get_streams("tcp")
-        @udp_streams = get_streams("udp")
+        @streams = Hash.new
+        ["tcp", "udp"].each do |prot|
+            @streams[prot] = get_streams(prot)
+        end
     end
     def negotiated_ciphers
@@ -99,23 +100,14 @@ class PStream
     def summary
         ret = Array.new
-        # List TCP streams
-        ret.push("TCP Streams:")
-        count = 0
-        @tcp_streams.each do |stream|
-            ret.push("#{count} | #{stream.desc} | #{stream.frames}")
-            count += 1
-        end
-        ret.push("")
-        # List UDP streams
-        ret.push("UDP Streams:")
-        count = 0
-        @udp_streams.each do |stream|
-            ret.push("#{count} | #{stream.desc} | #{stream.frames}")
-            count += 1
+        # List streams
+        ["tcp", "udp"].each do |prot|
+            ret.push("#{prot} streams:")
+            @streams[prot].each do |s|
+                ret.push("#{s.id} | #{s.desc} | #{s.frames}")
+            end
+            ret.push("")
         end
-        ret.push("")
         # List ciphers that were actually selected
         ret.push("Ciphers in use:")

data/lib/pstream/stream.rb CHANGED Viewed

@@ -4,8 +4,17 @@ class PStream::Stream
     attr_reader :id
     def contents
+        case @prot
+        when /^tcp$/i
+            id=@id
+        when /^udp$/i
+            id=@desc.gsub(" <-> ", ",")
+        else
+            raise PStream::Error::ProtocolNotSupported.new(@prot)
+        end
         out = %x(
-            tshark -r #{@pcap} -z follow,#{@prot},hex,#{@id} | \
+            tshark -r #{@pcap} -z follow,#{@prot},hex,#{id} | \
                  sed "s|^	||" | \grep -E "^[0-9A-Fa-f]{8}"
         )
         return out

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pstream
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - Miles Whittaker
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-03-03 00:00:00.000000000 Z
+date: 2016-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize