RubyGems - pstream - Versions diffs - 0.1.6 → 0.1.7 - Mend

pstream 0.1.6 → 0.1.7

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: db60008303d60fa05efe50c9481ad9218c69f7f2
-  data.tar.gz: 7eb962f4c41ee92d12b2ae00d68e783d92ba8954
+  metadata.gz: 2afaa0231c97802387625086c64da95b5ce114c2
+  data.tar.gz: 6e187acbce7c6c027faafacdcf1cd732f63e9ecf
 SHA512:
-  metadata.gz: 91c364b4931a5f687ef496e1705101ecad13097aa7c8dc5e490e45cfdee15fac03290034db6ff0992f38399245ff2b08d7a938f521de5e30cfbd05328a581d97
-  data.tar.gz: 371ed0e85b84eb5ce2c66c3e0b5a594055c6a08e092146c9fdb75fec6a7e1f83f9c2a4f5c38920aeeb2758c4c74e2d3d2e98de79f395e9cadbf9fa782f8ae9cf
+  metadata.gz: becd5a9ac9389461223797903374a9b4d8d26384748bacd8f2d1bd4dbb512df26ed0b3a6d525d6407f36040dfb15c7230e52f188f5c26b62b2b504a2fcb832e1
+  data.tar.gz: 3a1f74c8c74442bb8b8a31743bdb2295b31686592d802a5992e5d1fadc4c9fd2d638719d598ddda6c40078f9a591b4c37daa2ac34062433a872160714da8b4d9

data/bin/pstream CHANGED Viewed

@@ -41,6 +41,10 @@ def parse(args)
             exit PStreamExit::GOOD
         end
+        opts.on("--nocolor", "Disable colorized output") do
+            String.disable_colorization = true
+        end
         opts.on("-s", "--stream=NUM", "Show specified stream") do |s|
             options["stream"] = s.to_i
         end
@@ -91,14 +95,48 @@ begin
     pstream = PStream.new(options["pcap"])
     if (options["stream"])
-        puts pstream.get_stream(
+        pstream.get_stream(
             options["stream"].to_i,
             options["prot"]
-        ).contents
+        ).contents.split("\n").each do |line|
+            m = line.match(/([0-9A-Fa-f]{8}) (.*) (.{17})/)
+            puts [
+                m[1].light_blue,
+                m[2].light_green,
+                m[3].white
+            ].join(" ")
+        end
     elsif (options["ciphers"])
         puts pstream.ciphers
     else
-        puts pstream.to_s
+        pstream.to_s.split("\n").each do |line|
+            case line
+            when /.*:$/
+                # Headers
+                puts line.white
+            when /<->/
+                # Streams
+                m = line.match(/([0-9]+) \| (.+) \| ([0-9]+ Frames)/)
+                puts [
+                    m[1].light_blue,
+                    m[2].light_green,
+                    m[3].light_white
+                ].join(" | ")
+            else
+                case line
+                when /Unknown/
+                    puts line.light_yellow
+                when /NULL|MD5|RC4|anon/
+                    # Bad cipher suites
+                    puts line.light_red
+                when /E?(EC)?DHE?|AES_256/
+                    # Great cipher suites
+                    puts line.light_green
+                else
+                    puts line.white
+                end
+            end
+        end
     end
 rescue PStream::Error => e
     $stderr.puts e.message.red

data/lib/pstream.rb CHANGED Viewed

@@ -2,8 +2,7 @@ require "pathname"
 require "scoobydoo"
 class PStream
-    attr_reader :tcp_streams
-    attr_reader :udp_streams
+    attr_reader :streams
     def ciphers
         # List ciphers during ssl handshake
@@ -16,24 +15,28 @@ class PStream
     def get_stream(stream, prot = "tcp")
         case prot
-        when "tcp"
-            if (@tcp_streams.empty? && !@udp_streams.empty?)
+        when /^tcp$/i
+            if (@streams["tcp"].empty? && !@streams["udp"].empty?)
                 return get_stream(stream, "udp")
             end
-            if (stream >= @tcp_streams.length)
+            if (stream >= @streams["tcp"].length)
+                if (stream < @streams["udp"].length)
+                    return @streams["udp"][stream]
+                end
                 raise PStream::Error::StreamNotFound.new(stream, prot)
-            else
-                return @tcp_streams[stream]
             end
-        when "udp"
-            if (@udp_streams.empty? && !@tcp_streams.empty?)
-                return get_stream(stream, "udp")
+            return @streams["tcp"][stream]
+        when /^udp$/i
+            if (@streams["udp"].empty? && !@streams["tcp"].empty?)
+                return get_stream(stream, "tcp")
             end
-            if (stream >= @udp_streams.length)
+            if (stream >= @streams["udp"].length)
+                if (stream < @streams["tcp"].length)
+                    return @streams["tcp"][stream]
+                end
                 raise PStream::Error::StreamNotFound.new(stream, prot)
-            else
-                return @udp_streams[stream]
             end
+            return @streams["udp"][stream]
         else
             raise PStream::Error::ProtocolNotSupported.new(prot)
         end
@@ -41,7 +44,7 @@ class PStream
     def get_streams(prot)
         case prot
-        when "tcp", "udp"
+        when /^tcp$/i, /^udp$/i
             # Do nothing
         else
             raise PStream::Error::ProtocolNotSupported.new(prot)
@@ -57,11 +60,7 @@ class PStream
         count = 0
         out.split("\n").each do |line|
             desc, frames = line.split(" | ")
-            id = count
-            id = desc.gsub(" <-> ", ",") if (prot == "udp")
-            streams.push(Stream.new(@pcap, prot, id, desc, frames))
+            streams.push(Stream.new(@pcap, prot, count, desc, frames))
             count += 1
         end
@@ -82,8 +81,10 @@ class PStream
             raise PStream::Error::PcapNotReadable.new(@pcap)
         end
-        @tcp_streams = get_streams("tcp")
-        @udp_streams = get_streams("udp")
+        @streams = Hash.new
+        ["tcp", "udp"].each do |prot|
+            @streams[prot] = get_streams(prot)
+        end
     end
     def negotiated_ciphers
@@ -99,23 +100,14 @@ class PStream
     def summary
         ret = Array.new
-        # List TCP streams
-        ret.push("TCP Streams:")
-        count = 0
-        @tcp_streams.each do |stream|
-            ret.push("#{count} | #{stream.desc} | #{stream.frames}")
-            count += 1
-        end
-        ret.push("")
-        # List UDP streams
-        ret.push("UDP Streams:")
-        count = 0
-        @udp_streams.each do |stream|
-            ret.push("#{count} | #{stream.desc} | #{stream.frames}")
-            count += 1
+        # List streams
+        ["tcp", "udp"].each do |prot|
+            ret.push("#{prot} streams:")
+            @streams[prot].each do |s|
+                ret.push("#{s.id} | #{s.desc} | #{s.frames}")
+            end
+            ret.push("")
         end
-        ret.push("")
         # List ciphers that were actually selected
         ret.push("Ciphers in use:")

data/lib/pstream/stream.rb CHANGED Viewed

@@ -4,8 +4,17 @@ class PStream::Stream
     attr_reader :id
     def contents
+        case @prot
+        when /^tcp$/i
+            id=@id
+        when /^udp$/i
+            id=@desc.gsub(" <-> ", ",")
+        else
+            raise PStream::Error::ProtocolNotSupported.new(@prot)
+        end
         out = %x(
-            tshark -r #{@pcap} -z follow,#{@prot},hex,#{@id} | \
+            tshark -r #{@pcap} -z follow,#{@prot},hex,#{id} | \
                  sed "s|^	||" | \grep -E "^[0-9A-Fa-f]{8}"
         )
         return out

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pstream
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - Miles Whittaker
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-03-03 00:00:00.000000000 Z
+date: 2016-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize