ssh_scan 0.0.18 → 0.0.19

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c743d3b0c304f5452594f2f243125f0a73f8932f
4
- data.tar.gz: b5abd73d7894d26347211e02801f77c4ade9d588
3
+ metadata.gz: d1f38d061727ec16f24abe9fa799d74d928764ca
4
+ data.tar.gz: 1c6e40fa5041aaa45dbaa3fc7a1586ffb19a63f1
5
5
  SHA512:
6
- metadata.gz: 157aa640ebfeb5043bcc4d329c306eb6f57387f2052de6c4b72362af68a8d0002866e3a62b92002a0aa1ba96e43fe71e286f72f749c859ba1623fa82f2a37273
7
- data.tar.gz: a4e0f52893efe9358e3c31269a16c73cb815194d3fcfc627b4e39b953c42bc0d1203f658e8804ab54a4706ba2ea8ef27cfda07cce89b8f7a87101b50a0fe13e8
6
+ metadata.gz: 6504a3a993c90eafdad3be8bd6d63cc11d1dae76260e38e9608939d2525ea6602d7ef24eda0ee43f762bfcf48a08a2b2bdead68f083d946a71f6f234283d93fc
7
+ data.tar.gz: b21c3e244f176cee08ea1d817e842dbb7cb5effeda59136777b81f0364478d30e2b8e8b209e9b68cd66a334ac1043b062808cd183e3c765997d7819692dd9efc
data/bin/ssh_scan CHANGED
@@ -18,7 +18,7 @@ options = {
18
18
  "threads" => 5,
19
19
  "verbosity" => nil,
20
20
  "logger" => Logger.new(STDERR),
21
- "fingerprint_database" => File.join(File.dirname(__FILE__),"../data/fingerprints.db")
21
+ "fingerprint_database" => File.join(File.dirname(__FILE__),"../data/fingerprints.yml")
22
22
  }
23
23
 
24
24
  # Reorder arguments before parsing
@@ -246,6 +246,11 @@ ssh_scan' to get the latest"
246
246
  end
247
247
  end
248
248
 
249
+ # Limit scope of fingerprints DB to (per scan)
250
+ if options["fingerprint_database"] && File.exists?(options["fingerprint_database"])
251
+ File.unlink(options["fingerprint_database"])
252
+ end
253
+
249
254
  options["policy_file"] = SSHScan::Policy.from_file(options["policy"])
250
255
 
251
256
  # Perform scan and get results
@@ -1,39 +1,38 @@
1
- require 'sqlite3'
1
+ require 'yaml/store'
2
2
 
3
3
  module SSHScan
4
4
  class FingerprintDatabase
5
5
  def initialize(database_name)
6
- if File.exists?(database_name)
7
- @db = ::SQLite3::Database.open(database_name)
8
- else
9
- @db = ::SQLite3::Database.new(database_name)
10
- self.create_schema
11
- end
12
- end
13
-
14
- def create_schema
15
- @db.execute <<-SQL
16
- create table fingerprints (
17
- fingerprint varchar(100),
18
- ip varchar(100)
19
- );
20
- SQL
6
+ @store = YAML::Store.new(database_name)
21
7
  end
22
8
 
23
9
  def clear_fingerprints(ip)
24
- @db.execute "delete from fingerprints where ip like ( ? )", [ip]
10
+ @store.transaction do
11
+ @store[ip] = []
12
+ end
25
13
  end
26
14
 
27
15
  def add_fingerprint(fingerprint, ip)
28
- @db.execute "insert into fingerprints values ( ?, ? )", [fingerprint, ip]
16
+ @store.transaction do
17
+ @store[ip] = [] if @store[ip].nil?
18
+ @store[ip] << fingerprint
19
+ end
29
20
  end
30
21
 
31
22
  def find_fingerprints(fingerprint)
32
- ips = []
33
- @db.execute( "select * from fingerprints where fingerprint like ( ? )", [fingerprint] ) do |row|
34
- ips << row[1]
23
+ ip_matches = []
24
+
25
+ @store.transaction(true) do
26
+ @store.roots.each do |ip|
27
+ @store[ip].each do |other_fingerprint|
28
+ if fingerprint == other_fingerprint
29
+ ip_matches << ip
30
+ end
31
+ end
32
+ end
35
33
  end
36
- return ips
34
+
35
+ return ip_matches.uniq
37
36
  end
38
37
  end
39
38
  end
@@ -150,8 +150,10 @@ module SSHScan
150
150
  fingerprint_db.clear_fingerprints(result[:ip])
151
151
  if result['fingerprints']
152
152
  result['fingerprints'].values.each do |host_key_algo|
153
- host_key_algo.values.each do |fingerprint|
154
- fingerprint_db.add_fingerprint(fingerprint, result[:ip])
153
+ host_key_algo.each do |fingerprint|
154
+ key, value = fingerprint
155
+ next if key == "known_bad"
156
+ fingerprint_db.add_fingerprint(value, result[:ip])
155
157
  end
156
158
  end
157
159
  end
@@ -163,8 +165,10 @@ module SSHScan
163
165
  ip = result[:ip]
164
166
  result['duplicate_host_key_ips'] = []
165
167
  result['fingerprints'].values.each do |host_key_algo|
166
- host_key_algo.values.each do |fingerprint|
167
- fingerprint_db.find_fingerprints(fingerprint).each do |other_ip|
168
+ host_key_algo.each do |fingerprint|
169
+ key, value = fingerprint
170
+ next if key == "known_bad"
171
+ fingerprint_db.find_fingerprints(value).each do |other_ip|
168
172
  next if ip == other_ip
169
173
  result['duplicate_host_key_ips'] << other_ip
170
174
  end
@@ -1,3 +1,3 @@
1
1
  module SSHScan
2
- VERSION = '0.0.18'
2
+ VERSION = '0.0.19'
3
3
  end
data/ssh_scan.gemspec CHANGED
@@ -32,7 +32,6 @@ Gem::Specification.new do |s|
32
32
  s.add_dependency('bindata', '~> 2.0')
33
33
  s.add_dependency('netaddr')
34
34
  s.add_dependency('net-ssh')
35
- s.add_dependency('sqlite3')
36
35
  s.add_dependency('sshkey')
37
36
  s.add_development_dependency('pry')
38
37
  s.add_development_dependency('rspec', '~> 3.0')
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ssh_scan
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.18
4
+ version: 0.0.19
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonathan Claudius
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2017-03-24 00:00:00.000000000 Z
15
+ date: 2017-04-18 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: bindata
@@ -56,20 +56,6 @@ dependencies:
56
56
  - - ">="
57
57
  - !ruby/object:Gem::Version
58
58
  version: '0'
59
- - !ruby/object:Gem::Dependency
60
- name: sqlite3
61
- requirement: !ruby/object:Gem::Requirement
62
- requirements:
63
- - - ">="
64
- - !ruby/object:Gem::Version
65
- version: '0'
66
- type: :runtime
67
- prerelease: false
68
- version_requirements: !ruby/object:Gem::Requirement
69
- requirements:
70
- - - ">="
71
- - !ruby/object:Gem::Version
72
- version: '0'
73
59
  - !ruby/object:Gem::Dependency
74
60
  name: sshkey
75
61
  requirement: !ruby/object:Gem::Requirement
@@ -177,7 +163,6 @@ files:
177
163
  - config/policies/mozilla_modern.yml
178
164
  - config/worker/config.yml
179
165
  - data/README
180
- - data/fingerprints.db
181
166
  - data/ssh-badkeys/LICENSE
182
167
  - data/ssh-badkeys/README.md
183
168
  - data/ssh-badkeys/authorized/array-networks-vapv-vxag.key