ssh_scan 0.0.36 → 0.0.37

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/bin/ssh_scan +4 -4
  3. data/lib/ssh_scan/constants.rb +0 -38
  4. data/lib/ssh_scan/scan_engine.rb +6 -12
  5. data/lib/ssh_scan/subprocess.rb +26 -0
  6. data/lib/ssh_scan/version.rb +1 -1
  7. metadata +4 -5
  8. data/data/fingerprints.yml +0 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c7760b60b6fa4f036f588147286c1049b440bd80405de36ecb50632e71d30ec8
4
- data.tar.gz: af61813309a141954d6569308ed9d7c74f9872d7e73ef2ae76898828714e8600
3
+ metadata.gz: 195a5119e3da26d5ec580e04515eaebc535a14a6339876bd1f706613ed7e5e66
4
+ data.tar.gz: c3a7c0ed4c3dc3856f947d351fa2fca337c0087ffa35d6bca72718dbdba9f034
5
5
  SHA512:
6
- metadata.gz: daa1acd4b9fcd8b0a5b7fd301e0360137c61f068cb0b343db402c6d5e82fbb62f814acb3d4809bca0b35aaeaf7f98d58f8b73bcb89cdfc904e5358fdac45f9e9
7
- data.tar.gz: 288603cba2a480716ba48dddd3fda0632e91d6dbbbefd5f47353b46846ce41babf722ec7b755780e960071d81a30744527410b485257822e2d6b6fa12477cbca
6
+ metadata.gz: c12b131fe0ea8f32572479f50ad75325346e4bded4e37b83d73a6405b60d06d3e20657108b1cd61554497896039da0562273c5f91bf95d37ead4c7b74105a67d
7
+ data.tar.gz: 35fd82e8beca94d613992d8db2cee74955c822d9bfbaed291bf15d19f73a6acff827c6af5212d35db36cb5374e017272bedfeecd97c1f6b62db4bd462f6ad893
data/bin/ssh_scan CHANGED
@@ -18,7 +18,7 @@ options = {
18
18
  "threads" => 5,
19
19
  "verbosity" => nil,
20
20
  "logger" => Logger.new(STDERR),
21
- "fingerprint_database" => File.join(File.dirname(__FILE__),"../data/fingerprints.yml")
21
+ "fingerprint_database" => ENV['HOME']+'/.ssh_scan_fingerprints.yml'
22
22
  }
23
23
 
24
24
  # Reorder arguments before parsing
@@ -247,9 +247,9 @@ end
247
247
  #end
248
248
 
249
249
  # Limit scope of fingerprints DB to (per scan)
250
- if options["fingerprint_database"] && File.exists?(options["fingerprint_database"])
251
- File.unlink(options["fingerprint_database"])
252
- end
250
+ # if options["fingerprint_database"] && File.exists?(options["fingerprint_database"])
251
+ # File.unlink(options["fingerprint_database"])
252
+ # end
253
253
 
254
254
  options["policy_file"] = SSHScan::Policy.from_file(options["policy"])
255
255
 
data/lib/ssh_scan/constants.rb CHANGED
@@ -50,43 +50,5 @@ d6374722c6165733235362d63747200000021686d61632d6d6435\
50
50
  00021686d61632d6d64352c686d61632d736861312c686d61632d\
51
51
  726970656d64313630000000046e6f6e65000000046e6f6e65000\
52
52
  000000000000000000000006e05b3b4".freeze
53
-
54
- CONTRIBUTE_JSON = {
55
- :name => "ssh_scan api",
56
- :description => "An api for performing ssh compliance \
57
- and policy scanning",
58
- :repository => {
59
- :url => "https://github.com/mozilla/ssh_scan",
60
- :tests => "https://travis-ci.org/mozilla/ssh_scan",
61
- },
62
- :participate => {
63
- :home => "https://github.com/mozilla/ssh_scan",
64
- :docs => "https://github.com/mozilla/ssh_scan",
65
- :irc => "irc://irc.mozilla.org/#infosec",
66
- :irc_contacts => [
67
- "claudijd",
68
- "pwnbus",
69
- "kang",
70
- ],
71
- :gitter => "https://gitter.im/mozilla-ssh_scan/Lobby",
72
- :gitter_contacts => [
73
- "claudijd",
74
- "pwnbus",
75
- "kang",
76
- "jinankjain",
77
- "agaurav77"
78
- ],
79
- },
80
- :bugs => {
81
- :list => "https://github.com/mozilla/ssh_scan/issues",
82
- },
83
- :keywords => [
84
- "ruby",
85
- "sinatra",
86
- ],
87
- :urls => {
88
- :dev => "https://sshscan.rubidus.com",
89
- }
90
- }.freeze
91
53
  end
92
54
  end
data/lib/ssh_scan/scan_engine.rb CHANGED
@@ -1,7 +1,8 @@
1
1
  require 'socket'
2
2
  require 'ssh_scan/client'
3
3
  require 'ssh_scan/crypto'
4
- #require 'ssh_scan/fingerprint_database'
4
+ require 'ssh_scan/fingerprint_database'
5
+ require 'ssh_scan/subprocess'
5
6
  require 'net/ssh'
6
7
  require 'logger'
7
8
  require 'open3'
@@ -122,17 +123,10 @@ module SSHScan
122
123
 
123
124
  output = ""
124
125
 
125
- begin
126
- Timeout::timeout(timeout) {
127
- stdin, stdout, stderr, wait_thr = Open3.popen3('ssh-keyscan', '-t', 'rsa,dsa', '-p', port.to_s, target)
128
- output = stdout.gets(nil) if port.nil?
129
- stdout.close
130
- output = stderr.gets(nil) if !port.nil?
131
- stderr.close
132
- exit_code = wait_thr.value
133
- }
134
- rescue Timeout::Error
135
- #nop
126
+ cmd = ['ssh-keyscan', '-t', 'rsa,dsa', '-p', port.to_s, target].join(" ")
127
+
128
+ Utils::Subprocess.new(cmd) do |stdout, stderr, thread|
129
+ output += stdout
136
130
  end
137
131
 
138
132
  host_keys = output.split
data/lib/ssh_scan/subprocess.rb ADDED
@@ -0,0 +1,26 @@
1
+ require 'open3'
2
+
3
+ module Utils
4
+ class Subprocess
5
+ def initialize(cmd, &block)
6
+ # see: http://stackoverflow.com/a/1162850/83386
7
+ Open3.popen3(cmd) do |stdin, stdout, stderr, thread|
8
+ # read each stream from a new thread
9
+ { :out => stdout, :err => stderr }.each do |key, stream|
10
+ Thread.new do
11
+ until (line = stream.gets).nil? do
12
+ # yield the block depending on the stream
13
+ if key == :out
14
+ yield line, nil, thread if block_given?
15
+ else
16
+ yield nil, line, thread if block_given?
17
+ end
18
+ end
19
+ end
20
+ end
21
+
22
+ thread.join # don't exit until the external process is done
23
+ end
24
+ end
25
+ end
26
+ end
data/lib/ssh_scan/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SSHScan
2
- VERSION = '0.0.36'
2
+ VERSION = '0.0.37'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ssh_scan
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.36
4
+ version: 0.0.37
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonathan Claudius
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2018-12-19 00:00:00.000000000 Z
15
+ date: 2019-01-15 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: bindata
@@ -158,7 +158,6 @@ files:
158
158
  - config/policies/mozilla_intermediate.yml
159
159
  - config/policies/mozilla_modern.yml
160
160
  - data/README
161
- - data/fingerprints.yml
162
161
  - lib/ssh_scan.rb
163
162
  - lib/ssh_scan/attribute.rb
164
163
  - lib/ssh_scan/banner.rb
@@ -207,6 +206,7 @@ files:
207
206
  - lib/ssh_scan/ssh_lib/rosssh.rb
208
207
  - lib/ssh_scan/ssh_lib/sentryssh.rb
209
208
  - lib/ssh_scan/ssh_lib/unknown.rb
209
+ - lib/ssh_scan/subprocess.rb
210
210
  - lib/ssh_scan/target_parser.rb
211
211
  - lib/ssh_scan/update.rb
212
212
  - lib/ssh_scan/version.rb
@@ -232,8 +232,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
232
232
  - !ruby/object:Gem::Version
233
233
  version: '0'
234
234
  requirements: []
235
- rubyforge_project:
236
- rubygems_version: 2.6.13
235
+ rubygems_version: 3.0.2
237
236
  signing_key:
238
237
  specification_version: 4
239
238
  summary: Ruby-based SSH Scanner
data/data/fingerprints.yml DELETED
@@ -1,2 +0,0 @@
1
- ---
2
- 98.207.250.115: []