rex-sslscan 0.1.4 → 0.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +1 -2
  3. data.tar.gz.sig +0 -0
  4. data/Gemfile +3 -0
  5. data/lib/rex/sslscan.rb +1 -0
  6. data/lib/rex/sslscan/result.rb +17 -6
  7. data/lib/rex/sslscan/scanner.rb +24 -7
  8. data/lib/rex/sslscan/version.rb +1 -1
  9. data/rex-sslscan.gemspec +1 -0
  10. metadata +16 -2
  11. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 944b36ec941d7703a1db9c9bf24608fda0e5d1ea
4
- data.tar.gz: a5b72f8806f8496bc8eb92a33b72a3411148a679
3
+ metadata.gz: 64e6a97ef539869e079f677c3b394096286e2913
4
+ data.tar.gz: b5b03d4b04ba4455fa2da9f3125067bc7f96d771
5
5
  SHA512:
6
- metadata.gz: 9513fa3626cd8792f1791c2f3f93ddec1aa7d0af1362c482705488357f750d25d9f66e1441ab9be891a733ddd97971d415a3f8d352805a013763e16ac69fb0c8
7
- data.tar.gz: 3dc88346570a88ee404720803dd5f10e709af5c05bfb65c3e4bfdb3ed49adc138a0f2d680c12c570e05dead58c604d9e9f9797ee3ee99f2fc6a1a6f78b5cdd55
6
+ metadata.gz: 2f4171a9cc51b961ec1caa294c39512a23552088ba225316c44df6aabf73c07df2153c3754e809e172dd34d23301f7a264a43f757d6eb2f4e503f0b23f31f71c
7
+ data.tar.gz: 9499756e69163fefc5042fefb23d282e579d4dc79ea8b6fffd43629e530ac7a6b0d6171744e05e4173a1dc98f81249d5768d4581c12c6ffbf47343174ad85162
checksums.yaml.gz.sig CHANGED
@@ -1,2 +1 @@
1
- ��)��
2
- "�G��Ȗ\k���B���T�ƣClZ��ƭ�T��N}�:��_��$�T��~�!�:�T�v���n��o�]u_�-��9:8A���u���\6���8�X��L_p'k\��˘T|4��6x�w��n��e&�fM��m�i?oj����� ����À�_��b��Nw!����m�:e{��m濹���p���N���CL�dz��~,�j+��~ލ��� `C�~�//a�Lp hN���
1
+ p�mֳ��O��z'kl�$N<)87KT�O��%�6XK� e�ܢ�`��_�Cd�ڿ���r䤹�5g�q<Rv2g�B��)�o���8Z��CE���Z�pK�����;����R��J�@>:��#��}݄��ǐnuz����ۑޫ���1�6{���яF��&�G�Uc�ԯ̥`�rX���v86y� ����d�z��^,>�ު��bOJ�p8�5������:��Ʈ�1\ɔ\�9��m�HH��o|E�(b�Hp�±~y
data.tar.gz.sig CHANGED
Binary file
data/Gemfile CHANGED
@@ -2,3 +2,6 @@ source 'https://rubygems.org'
2
2
 
3
3
  # Specify your gem's dependencies in rex-sslscan.gemspec
4
4
  gemspec
5
+
6
+
7
+ gem 'pry'
data/lib/rex/sslscan.rb CHANGED
@@ -1,3 +1,4 @@
1
+ require 'rex/core'
1
2
  require "rex/sslscan/version"
2
3
  require 'rex/sslscan/scanner'
3
4
  require 'rex/sslscan/version'
data/lib/rex/sslscan/result.rb CHANGED
@@ -15,7 +15,7 @@ class Result
15
15
  def initialize()
16
16
  @cert = nil
17
17
  @ciphers = Set.new
18
- @supported_versions = [:SSLv2, :SSLv3, :TLSv1]
18
+ @supported_versions = [:SSLv2, :SSLv3, :TLSv1, :TLSv1_1, :TLSv1_2]
19
19
  @deprecated_weak_ciphers = [
20
20
  'ECDHE-RSA-DES-CBC3-SHA',
21
21
  'ECDHE-ECDSA-DES-CBC3-SHA',
@@ -32,7 +32,9 @@ class Result
32
32
  'EXP-EDH-DSS-DES-CBC-SHA',
33
33
  'EXP-DES-CBC-SHA',
34
34
  'EXP-RC2-CBC-MD5',
35
- 'EXP-RC4-MD5'
35
+ 'EXP-RC4-MD5',
36
+ 'EXP-RC4-MD5',
37
+ 'DES-CBC-SHA'
36
38
  ]
37
39
  end
38
40
 
@@ -107,8 +109,16 @@ class Result
107
109
  !(accepted(:TLSv1).empty?)
108
110
  end
109
111
 
112
+ def supports_tlsv1_1?
113
+ !(accepted(:TLSv1_1).empty?)
114
+ end
115
+
116
+ def supports_tlsv1_2?
117
+ !(accepted(:TLSv1_2).empty?)
118
+ end
119
+
110
120
  def supports_ssl?
111
- supports_sslv2? or supports_sslv3? or supports_tlsv1?
121
+ supports_sslv2? or supports_sslv3? or supports_tlsv1? or supports_tlsv1_1? or supports_tlsv1_2?
112
122
  end
113
123
 
114
124
  def supports_weak_ciphers?
@@ -118,7 +128,9 @@ class Result
118
128
  def standards_compliant?
119
129
  if supports_ssl?
120
130
  return false if supports_sslv2?
131
+ return false if supports_sslv3?
121
132
  return false if supports_weak_ciphers?
133
+ return false if supports_tlsv1?
122
134
  end
123
135
  true
124
136
  end
@@ -132,8 +144,7 @@ class Result
132
144
  unless @supported_versions.include? version
133
145
  raise ArgumentError, "Must be a supported SSL Version"
134
146
  end
135
- unless OpenSSL::SSL::SSLContext.new(version).ciphers.flatten.include?(cipher) \
136
- || @deprecated_weak_ciphers.include?(cipher)
147
+ unless OpenSSL::SSL::SSLContext.new(version).ciphers.flatten.include?(cipher) || @deprecated_weak_ciphers.include?(cipher)
137
148
  raise ArgumentError, "Must be a valid SSL Cipher for #{version}!"
138
149
  end
139
150
  unless key_length.kind_of? Integer
@@ -200,7 +211,7 @@ class Result
200
211
  case version
201
212
  when :all
202
213
  return @ciphers.select{|cipher| cipher[:status] == state}
203
- when :SSLv2, :SSLv3, :TLSv1
214
+ when :SSLv2, :SSLv3, :TLSv1, :TLSv1_1, :TLSv1_2
204
215
  return @ciphers.select{|cipher| cipher[:status] == state and cipher[:version] == version}
205
216
  else
206
217
  raise ArgumentError, "Invalid SSL Version Supplied: #{version}"
data/lib/rex/sslscan/scanner.rb CHANGED
@@ -6,6 +6,9 @@ module Rex::SSLScan
6
6
 
7
7
  class Scanner
8
8
 
9
+ class InvalidCipher < StandardError
10
+ end
11
+
9
12
  attr_accessor :context
10
13
  attr_accessor :host
11
14
  attr_accessor :port
@@ -25,10 +28,10 @@ class Scanner
25
28
  @timeout = timeout
26
29
  @context = context
27
30
  if check_opensslv2 == true
28
- @supported_versions = [:SSLv2, :SSLv3, :TLSv1]
31
+ @supported_versions = [:SSLv2, :SSLv3, :TLSv1, :TLSv1_1, :TLSv1_2]
29
32
  @sslv2 = true
30
33
  else
31
- @supported_versions = [:SSLv3, :TLSv1]
34
+ @supported_versions = [:SSLv3, :TLSv1, :TLSv1_1, :TLSv1_2]
32
35
  @sslv2 = false
33
36
  end
34
37
  raise StandardError, "The scanner configuration is invalid" unless valid?
@@ -56,16 +59,30 @@ class Scanner
56
59
  return scan_result
57
60
  end
58
61
 
62
+ threads = []
63
+ ciphers = Queue.new
59
64
  @supported_versions.each do |ssl_version|
60
65
  sslctx = OpenSSL::SSL::SSLContext.new(ssl_version)
61
66
  sslctx.ciphers.each do |cipher_name, ssl_ver, key_length, alg_length|
62
- status = test_cipher(ssl_version, cipher_name)
63
- scan_result.add_cipher(ssl_version, cipher_name, key_length, status)
64
- if status == :accepted and scan_result.cert.nil?
65
- scan_result.cert = get_cert(ssl_version, cipher_name)
67
+ threads << Thread.new do
68
+ begin
69
+ status = test_cipher(ssl_version, cipher_name)
70
+ ciphers << [ssl_version, cipher_name, key_length, status]
71
+ if status == :accepted and scan_result.cert.nil?
72
+ scan_result.cert = get_cert(ssl_version, cipher_name)
73
+ end
74
+ rescue Rex::SSLScan::Scanner::InvalidCipher
75
+ next
76
+ end
66
77
  end
67
78
  end
68
79
  end
80
+ threads.each { |thr| thr.join }
81
+
82
+ until ciphers.empty? do
83
+ cipher = ciphers.pop
84
+ scan_result.add_cipher(*cipher)
85
+ end
69
86
  scan_result
70
87
  end
71
88
 
@@ -185,7 +202,7 @@ class Scanner
185
202
  raise StandardError, "Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support!"
186
203
  else
187
204
  unless OpenSSL::SSL::SSLContext.new(ssl_version).ciphers.flatten.include? cipher
188
- raise StandardError, "Must be a valid SSL Cipher for #{ssl_version}!"
205
+ raise InvalidCipher, "Must be a valid SSL Cipher for #{ssl_version}!"
189
206
  end
190
207
  end
191
208
  end
data/lib/rex/sslscan/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Sslscan
3
- VERSION = "0.1.4"
3
+ VERSION = "0.1.5"
4
4
  end
5
5
  end
data/rex-sslscan.gemspec CHANGED
@@ -26,6 +26,7 @@ Gem::Specification.new do |spec|
26
26
  spec.add_development_dependency "rake", "~> 10.0"
27
27
  spec.add_development_dependency "rspec", "~> 3.0"
28
28
 
29
+ spec.add_runtime_dependency "rex-core"
29
30
  spec.add_runtime_dependency "rex-text"
30
31
  spec.add_runtime_dependency "rex-socket"
31
32
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-sslscan
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.4
4
+ version: 0.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Maloney
@@ -88,7 +88,7 @@ cert_chain:
88
88
  G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
89
89
  8mVuTXnyJOKRJA==
90
90
  -----END CERTIFICATE-----
91
- date: 2017-05-11 00:00:00.000000000 Z
91
+ date: 2017-08-16 00:00:00.000000000 Z
92
92
  dependencies:
93
93
  - !ruby/object:Gem::Dependency
94
94
  name: bundler
@@ -132,6 +132,20 @@ dependencies:
132
132
  - - "~>"
133
133
  - !ruby/object:Gem::Version
134
134
  version: '3.0'
135
+ - !ruby/object:Gem::Dependency
136
+ name: rex-core
137
+ requirement: !ruby/object:Gem::Requirement
138
+ requirements:
139
+ - - ">="
140
+ - !ruby/object:Gem::Version
141
+ version: '0'
142
+ type: :runtime
143
+ prerelease: false
144
+ version_requirements: !ruby/object:Gem::Requirement
145
+ requirements:
146
+ - - ">="
147
+ - !ruby/object:Gem::Version
148
+ version: '0'
135
149
  - !ruby/object:Gem::Dependency
136
150
  name: rex-text
137
151
  requirement: !ruby/object:Gem::Requirement
metadata.gz.sig CHANGED
Binary file