ssh_scan 0.0.17.pre → 0.0.17

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 377880ac09b5bd925aeb32066409dd9e4c8edc7e
-  data.tar.gz: c3b70dcfae67ffd84ddf0d028c67486bbf71256e
+  metadata.gz: a10a01b406a2be15ea25dbfa12ea545d7de0c0e6
+  data.tar.gz: 298d66db95a37923769f05632c54b1878a56abb8
 SHA512:
-  metadata.gz: 16055032c71dda26d38356da8622cd827fd6fd5dd6409325b6f66af1d38c80dff0a80e86f0416807da6663e0d2dfe7472c2f78db178a766434517e46121d67f0
-  data.tar.gz: 913c4870b8768f85c7ada637c76060ddc045dc64e53ef1dc8d52d717a3743b52b93793d518b55b8f55056b9eafc8501443d6514cf6c63567f9c850a4a12a348d
+  metadata.gz: 524e92a2fdce37132604360047d13bcec2d014cb45bf96b5807e27366b70966382a9f38067063edd39bd1300c44e7fa0364a9b50d72b97a692886120bf6cd261
+  data.tar.gz: d3995af1afc70d679b62b2de3d6bb7f05ef3b9e4712bf4304cdfc49d1b234e1e842cf6bc1bf7540536a5b88f3cadd32d5980e571cb9487d1971c7c97de51bfc6

data/bin/ssh_scan

@@ -12,7 +12,7 @@ require 'logger'
 #Default options
 options = {
   "sockets" => [],
-  "policy" => File.join(Dir.pwd, '/config/policies/mozilla_modern.yml'),
+  "policy" => File.join(File.dirname(__FILE__),"../config/policies/mozilla_modern.yml"),
   "unit_test" => false,
   "timeout" => 2,
   "threads" => 5,
@@ -227,7 +227,7 @@ end
 
 unless File.exist?(options["policy"])
   puts opt_parser.help
-  puts "\nReason: policy file supplied is not a file"
+  puts "\nReason: policy file supplied is not a file #{options["policy"]}"
   exit 1
 end
 

data/config/policies/mozilla_intermediate.yml

@@ -0,0 +1,19 @@
+---
+name: Mozilla Intermediate
+ssh_version: 2.0
+auth_methods:
+- publickey
+kex:
+- diffie-hellman-group-exchange-sha256
+encryption:
+- aes256-ctr
+- aes192-ctr
+- aes128-ctr
+macs:
+- hmac-sha2-512
+- hmac-sha2-256
+compression:
+- none
+- zlib@openssh.com
+references:
+- https://wiki.mozilla.org/Security/Guidelines/OpenSSH

data/config/policies/mozilla_modern.yml

@@ -0,0 +1,30 @@
+---
+name: Mozilla Modern
+ssh_version: 2.0
+auth_methods:
+- publickey
+kex:
+- curve25519-sha256@libssh.org
+- ecdh-sha2-nistp521
+- ecdh-sha2-nistp384
+- ecdh-sha2-nistp256
+- diffie-hellman-group-exchange-sha256
+encryption:
+- chacha20-poly1305@openssh.com
+- aes256-gcm@openssh.com
+- aes128-gcm@openssh.com
+- aes256-ctr
+- aes192-ctr
+- aes128-ctr
+macs:
+- hmac-sha2-512-etm@openssh.com
+- hmac-sha2-256-etm@openssh.com
+- umac-128-etm@openssh.com
+- hmac-sha2-512
+- hmac-sha2-256
+- umac-128@openssh.com
+compression:
+- none
+- zlib@openssh.com
+references:
+- https://wiki.mozilla.org/Security/Guidelines/OpenSSH

data/config/worker/config.yml

@@ -0,0 +1,22 @@
+# The location of the API server
+server: 127.0.0.1
+
+# The port of the API server
+port: 8000
+
+# Scheme (http/https)
+# http - useful for development
+# https - recommended for production
+scheme: http
+
+# SSL/TLS verify - has no effect is scheme is not set to https
+# false - don't verify SSL/TLS (useful for development)
+# true - verify SSL/TLS (recommended for production)
+verify: false
+
+# Where to send worker logs to (default: STDOUT)
+#logger: ./bin/ssh_scan_worker.log
+
+# Authentication - if using authentication on the API, you'll 
+# need to have an auth token with matches in the API configuration
+# auth_token: INSERT_WORKER_TOKEN

data/lib/ssh_scan/scan_engine.rb

@@ -47,7 +47,7 @@ module SSHScan
         client = SSHScan::Client.new(target, port, timeout)
         client.connect()
         result = client.get_kex_result()
-        result[:hostname] = ""
+        result[:hostname] = target.resolve_ptr
         return result if result.include?(:error)
       end
 

data/lib/ssh_scan/version.rb

@@ -1,3 +1,3 @@
 module SSHScan
-  VERSION = '0.0.17.pre'
+  VERSION = '0.0.17'
 end

data/lib/string_ext.rb

@@ -55,7 +55,18 @@ class String
   end
 
   def resolve_fqdn
-    @fqdn ||= TCPSocket.gethostbyname(self)[3]
+    TCPSocket.gethostbyname(self)[3]
+  end
+
+  def resolve_ptr(timeout = 3)
+    begin
+      Timeout::timeout(timeout) {
+        reversed_dns = Resolv.new.getname(self)
+        return reversed_dns
+      }
+    rescue Timeout::Error,Resolv::ResolvError
+      return ""
+    end
   end
 
   def fqdn?

data/ssh_scan.gemspec

@@ -11,6 +11,7 @@ Gem::Specification.new do |s|
   s.platform = Gem::Platform::RUBY
   s.files = Dir.glob("lib/**/*") +
             Dir.glob("bin/**/*") +
+            Dir.glob("config/**/*") +
             Dir.glob("policies/**/*") +
             [".gitignore",
              ".rspec",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ssh_scan
 version: !ruby/object:Gem::Version
-  version: 0.0.17.pre
+  version: 0.0.17
 platform: ruby
 authors:
 - Jonathan Claudius
@@ -12,7 +12,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-02 00:00:00.000000000 Z
+date: 2017-03-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bindata
@@ -145,6 +145,9 @@ files:
 - bin/ssh_scan
 - bin/ssh_scan_worker
 - bin/ssh_scan_worker_example_config.yml
+- config/policies/mozilla_intermediate.yml
+- config/policies/mozilla_modern.yml
+- config/worker/config.yml
 - lib/ssh_scan.rb
 - lib/ssh_scan/banner.rb
 - lib/ssh_scan/client.rb
@@ -210,9 +213,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.6.2