rex-socket 0.1.8 → 0.1.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 18bb58a6a55981a1a6e883d7a60f99851162d6f8
-  data.tar.gz: 66d105060da27f4303522d2947196abab1bb58b1
+  metadata.gz: f089313baf795935488a8dd6afd689ca30581cd7
+  data.tar.gz: 571a4ebe9c229c3d3e721f400862467352b7a1e1
 SHA512:
-  metadata.gz: 5226bee52b4a24107ef6673fe73002eba689ec865e82ffc534e6992f05c80223a47b005da96b8292cc6db9464608a4fb4a6d97863d1fcd4ef208de0b5ead7715
-  data.tar.gz: 77a6ee0ad79d35244ea92ed9fb7a20279886640acdd0150e233641d1e3e35afd248f35124691a67630f446e3d5f773d83cfb12ec33751c8e218ec38f75088fb7
+  metadata.gz: e5e550e2585b6c9d37ce381ced3f8bcdad76ff1fe59f71e2e0da49500b057ca85b947a4d914f95284bc984f0fe8c5c9052b85ce21c9d605090540b232a8ac4fa
+  data.tar.gz: 851c8ffde6dd2bf3642f0c54e87fe5ee10bed0e1ebf1802f63e622c7ae970cc0963fb0fe14aecda4946fff6a16653f74d4da5181bae237fb7fa18e3dc9209dbf

data.tar.gz.sig

@@ -1 +1,2 @@
-&��\{�������T�L�\��>�T{ڄ�-{��Է�{��)��r�r��
`-/܁>�'B��^A����È��T~%st[)k2D\���c*n���}�|IW�f�\���ro�����e��˜�(d�M<�w�Ԁ&�s?����ǰD�f�;�=/�h�")Q�]�'у21����1��O~o�����7�!�+�Pㄏ��rW�dK�r����*�7K}���gu)��"��r,�{�e^e���`LjQ	�
+,����f��fه����R
+p��("r*�r�����������7*�=�i�'ƹJs�	I�eJ�y�������w�!4���

data/lib/rex/socket/ssl_tcp_server.rb

@@ -133,22 +133,37 @@ module Rex::Socket::SslTcpServer
     Rex::Socket::SslTcpServer.ssl_parse_pem(ssl_cert)
   end
 
+  def self.ssl_generate_subject
+    st  = Rex::Text.rand_state
+    loc = Rex::Text.rand_name.capitalize
+    org = Rex::Text.rand_name.capitalize
+    cn  = Rex::Text.rand_hostname
+    "US/ST=#{st}/L=#{loc}/O=#{org}/CN=#{cn}"
+  end
+
+  def self.ssl_generate_issuer
+    org = Rex::Text.rand_name.capitalize
+    cn  = Rex::Text.rand_name.capitalize + " " + Rex::Text.rand_name.capitalize
+    "US/O=#{org}/CN=#{cn}"
+  end
+
   #
   # Generate a realistic-looking but obstensibly fake SSL
   # certificate. This matches a typical "snakeoil" cert.
   #
   # @return [String, String, Array]
   def self.ssl_generate_certificate
-    yr   = 24*3600*365
-    vf   = Time.at(Time.now.to_i - rand(yr * 3) - yr)
-    vt   = Time.at(vf.to_i + (10 * yr))
-    cn   = Rex::Text.rand_text_alpha_lower(rand(8)+2)
-    key  = OpenSSL::PKey::RSA.new(2048){ }
-    cert = OpenSSL::X509::Certificate.new
+    yr      = 24*3600*365
+    vf      = Time.at(Time.now.to_i - rand(yr * 3) - yr)
+    vt      = Time.at(vf.to_i + (rand(9)+1) * yr)
+    subject = ssl_generate_subject
+    issuer  = ssl_generate_issuer
+    key     = OpenSSL::PKey::RSA.new(2048){ }
+    cert    = OpenSSL::X509::Certificate.new
     cert.version    = 2
     cert.serial     = (rand(0xFFFFFFFF) << 32) + rand(0xFFFFFFFF)
-    cert.subject    = OpenSSL::X509::Name.new([["CN", cn]])
-    cert.issuer     = OpenSSL::X509::Name.new([["CN", cn]])
+    cert.subject    = OpenSSL::X509::Name.new([["C", subject]])
+    cert.issuer     = OpenSSL::X509::Name.new([["C", issuer]])
     cert.not_before = vf
     cert.not_after  = vt
     cert.public_key = key.public_key

data/lib/rex/socket/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Socket
-    VERSION = "0.1.8"
+    VERSION = "0.1.9"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-socket
 version: !ruby/object:Gem::Version
-  version: 0.1.8
+  version: 0.1.9
 platform: ruby
 authors:
 - David Maloney
@@ -88,7 +88,7 @@ cert_chain:
   G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
   8mVuTXnyJOKRJA==
   -----END CERTIFICATE-----
-date: 2017-06-30 00:00:00.000000000 Z
+date: 2017-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -202,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: The Ruby Exploitation (Rex) Socket Abstraction Library.