RubyGems - thm - Versions diffs - 0.1.8 - Mend

thm 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

checksums.yaml +7 -0
data/README.1ST +38 -0
data/README.md +59 -0
data/bin/thm-consumer +89 -0
data/bin/thm-pcap +67 -0
data/bin/thm-producer +102 -0
data/bin/thm-session +319 -0
data/bin/thm-useradmin +75 -0
data/config.rb +30 -0
data/datalayerlight.rb +143 -0
data/js/JSXTransformer.js +15919 -0
data/js/chartkick.js +829 -0
data/js/files/authenticate.jsx +30 -0
data/js/jquery.min.js +5 -0
data/js/marked.min.js +6 -0
data/js/react.js +19602 -0
data/lib/thm.rb +49 -0
data/lib/thm/consumer.rb +228 -0
data/lib/thm/dataservices.rb +73 -0
data/lib/thm/localmachine.rb +170 -0
data/lib/thm/producer.rb +198 -0
data/lib/thm/version.rb +14 -0
data/service_definitions.csv +6366 -0
data/sql/geoipdata-monetdb.sql +111 -0
data/sql/threatmonitor-monetdb.sql +174 -0
data/sql/threatmonitor-mysql.sql +156 -0
data/stylesheets/screen.css +150 -0
data/thm-authentication.rb +65 -0
data/thm-authorization.rb +173 -0
data/thm-privileges.rb +97 -0
data/views/authenticate.slim +18 -0
data/views/dashboard.erb +69 -0
data/views/logout.slim +10 -0
metadata +237 -0

data/thm-authentication.rb ADDED Viewed

@@ -0,0 +1,65 @@
+########################################################################
+#
+# Author: Brian Hood
+#
+# Description: Threatmonitor User Administration
+#
+# Extends the functionality of the Thm module adding Authorization
+# Adding Authentication to the Privileges model
+#
+########################################################################
+require "#{File.dirname(__FILE__)}/lib/thm.rb"
+require "#{File.dirname(__FILE__)}/config.rb"
+require "#{File.dirname(__FILE__)}/thm-privileges.rb"
+#require File.expand_path(File.join(
+#          File.dirname(__FILE__),
+#          "/lib/thm.rb")
+module Thm::Authorization
+  class Authentication < Thm::DataServices
+    attr_reader :thmsession
+    attr_accessor :thmsesslock
+    def initialize
+      super
+      @debug = 1
+    end
+    def login(username, password)
+      obj = Thm::Authorization::Privileges.new
+      pwhash = obj.mkhash(password)
+      sqlusrcnt = "SELECT count(*) as num FROM users WHERE username = '#{username}' AND password = '#{pwhash}'"
+      resusrcnt = @conn.query("#{sqlusrcnt}")
+      rowusrcnt = resusrcnt.fetch_hash
+      puts "#{rowusrcnt["num"].to_i}"
+      if rowusrcnt["num"].to_i == 1
+        puts "Authentication Success"
+        @thmsession = Tools::guid.to_s
+        @thmsesslock = "OK"
+      else
+        @thmsession = "failure"
+        @thmsesslock = "FAILURE"
+        puts "\e[1;31m\Failure to Authenticate \e[0m\ "
+      end
+    end
+    def login_session?
+      if @thmsession != "failure" or @thmsession != nil
+        return true
+      else
+        return false
+      end
+    end
+    def logout
+      @thmsession = nil
+      @thmsesslock = "DEADBEEF"
+    end
+  end
+end

data/thm-authorization.rb ADDED Viewed

@@ -0,0 +1,173 @@
+########################################################################
+#
+# Author: Brian Hood
+#
+# Description: Threatmonitor Authorization
+#
+# Extends the functionality of the Thm module adding Authorization
+#
+########################################################################
+require 'digest'
+require "#{File.dirname(__FILE__)}/lib/thm.rb"
+require 'pp'
+puts "\e[1;33m\Threatmonitor - User Administration\e[0m\ "
+puts "\e[1;33m\===================================\e[0m\ \n\n"
+module Thm::Authorization
+  class AuthTemplate < Thm::DataServices
+    def initialize
+      super
+      @debug = 1
+    end
+    def setup_privileges(name, obj)
+      data = obj.new
+      actiontemplate = { 'userdata' => {
+              'type' => "#{data.type}",
+              'group' => "#{data.group}",
+              'password' => "#{data.password}"
+            }
+      }
+      #pp actiontemplate
+      if @debug == 1
+        puts "Action template User data"
+        puts "User: #{name}"
+        puts "Type: #{actiontemplate["userdata"]["type"]}"
+        puts "Group: #{actiontemplate["userdata"]["group"]}"
+        puts "Password: #{actiontemplate["userdata"]["password"]}"
+      end
+      case actiontemplate["userdata"]["type"]
+      when "adduser"
+        sqlid = "SELECT gid FROM groups WHERE groupname = '#{actiontemplate["userdata"]["group"]}';"
+        resgid = @conn.query("#{sqlid}")
+        rowgid = resgid.fetch_hash
+        puts "#{rowgid["gid"].to_i}"
+        if rowgid["gid"] =~ /^[0-9]*$/ # Check the value is numeric
+          sqlidcnt = "SELECT count(*) as num FROM groups WHERE groupname = '#{actiontemplate["userdata"]["group"]}';"
+          resgidcnt = @conn.query("#{sqlidcnt}")
+          rowgidcnt = resgidcnt.fetch_hash
+          puts "#{rowgidcnt["num"].to_i}"
+          if rowgidcnt["num"].to_i == 1
+            sql = "INSERT INTO users (username, password, gid) VALUES ('#{name}', '#{actiontemplate["userdata"]["password"]}', #{rowgid["gid"]});"
+            begin
+              @conn.query("#{sql}")
+              @conn.commit
+            rescue
+              puts "There was a issue adding user check database privileges"
+            end
+          else
+            puts "Group #{actiontemplate["userdata"]["group"]} doesn't exist"
+          end
+        else
+          puts "Group #{actiontemplate["userdata"]["group"]} invalid GID ?"
+        end
+      when "userexists?"
+        sqlchkname = "SELECT COUNT(*) as num FROM users WHERE username = '#{name}';"
+        reschkname = @conn.query("#{sqlchkname}")
+        rowchknamecnt = reschkname.fetch_hash
+        puts "#{rowchknamecnt["num"].to_i}"
+        if rowchknamecnt["num"].to_i == 0
+          puts "User #{name} doesn't exist"
+          return false
+        else
+          return true
+        end
+      when "deleteuser"
+        if self.user_exists?("#{name}") == true
+          sqldeluser = "DELETE FROM users WHERE username = '#{name}';"
+          begin
+            @conn.query("#{sqldeluser}")
+            @conn.commit
+            puts "User #{name} deleted"
+          rescue
+            puts "Error deleting User #{name}"
+          end
+        end
+      when "listusers"
+        sqllsusers = "SELECT uid, username FROM users;"
+        reslsusers = @conn.query("#{sqllsusers}")
+        puts "\n"
+        puts "\e[1;38m|       Users Table        |\e[0m\ \n"
+        puts "\e[1;38m\\==========================/\e[0m\ "
+        while row = reslsusers.fetch_hash do
+          puts "UID: #{row["uid"]} Username: #{row["username"]}"
+        end
+        puts "\n"
+      when "listgroups"
+        sqllsusers = "SELECT gid, groupname FROM groups;"
+        reslsusers = @conn.query("#{sqllsusers}")
+        puts "\n"
+        puts "\e[1;38m|       Groups Table        |\e[0m\ \n"
+        puts "\e[1;38m\\==========================/\e[0m\ "
+        while row = reslsusers.fetch_hash do
+          puts "GID: #{row["gid"]} Groupname: #{row["groupname"]}"
+        end
+        puts "\n"
+      when "groupexists?"
+        sqlchkname = "SELECT COUNT(*) as num FROM groups WHERE groupname = '#{name}';"
+        reschkname = @conn.query("#{sqlchkname}")
+        rowchknamecnt = reschkname.fetch_hash
+        puts "#{rowchknamecnt["num"].to_i}"
+        if rowchknamecnt["num"].to_i == 0
+          if actiontemplate["userdata"]["msg"] == true
+            puts "Group #{name} doesn't exist"
+          end
+          return false
+        else
+          return true
+        end
+      when "deletegroup"
+        puts "#{name}"
+        if self.group_exists?("#{name}") == true
+          sqldelgroup = "DELETE FROM groups WHERE groupname = '#{name}';"
+          begin
+            @conn.query("#{sqldelgroup}")
+            @conn.commit
+            puts "Group #{name} deleted"
+          rescue
+            puts "Error deleting Group #{name}"
+          end
+        end
+      when "addgroup"
+        sqlidcnt = "SELECT count(*) as num FROM groups WHERE groupname = '#{name}';"
+        resgidcnt = @conn.query("#{sqlidcnt}")
+        rowgidcnt = resgidcnt.fetch_hash
+        puts "#{rowgidcnt["num"].to_i}"
+        if rowgidcnt["num"].to_i == 0
+          sqladdgroup = "INSERT INTO groups (groupname) VALUES ('#{name}');"
+          begin
+            @conn.query("#{sqladdgroup}")
+            @conn.commit
+          rescue
+            puts "There was a issue adding group check database privileges"
+          end
+        else
+          puts "Group #{actiontemplate["userdata"]["group"]} doesn't exist"
+        end
+      end
+    end
+    # Build a class object using a Flat scope so we can pass through variables
+    # Then pass it as an object to setup_privileges
+    def objbuilder(user, type="", group="", password="")
+    # user becomes group when adding / deleting groups
+    # objbuilder("#{@thmgroupname}", "addgroup")
+      designobj = Class.new do
+        attr_reader :type, :group, :password
+          define_method :initialize do
+            instance_variable_set("@type", "#{type}")
+            instance_variable_set("@group", "#{group}")
+            instance_variable_set("@password", "#{password}")
+          end
+      end
+      setup_privileges("#{user}", designobj)
+    end
+  end
+end

data/thm-privileges.rb ADDED Viewed

@@ -0,0 +1,97 @@
+########################################################################
+#
+# Author: Brian Hood
+#
+# Description: Threatmonitor User Administration
+#
+# Extends the functionality of the Thm module adding Authorization
+# Adding User / Group Privileges functionality
+#
+########################################################################
+require "#{File.dirname(__FILE__)}/thm-authorization.rb"
+module Thm::Authorization
+  class Privileges < AuthTemplate
+      puts "\e[1;34m\ Manage User / Group Privileges \e[0m\ \n\n"
+      def mkhash(payload)
+        hash = Digest::SHA512.new
+        puts "Password Omitted !"
+        hash.update("#{payload}")
+      end
+      def user_exists?(name)
+        objbuilder("#{name}", "userexists?", msg=false)
+      end
+      def add_user
+        while buf = Readline.readline("\e[1;36m\Add User: \e[0m\ ", true)
+          @thmusername = buf
+          while buf2 = Readline.readline("\e[1;36m\Existing Group: \e[0m\ ", true)
+            @thmgroupname = buf2
+            break
+          end
+          if self.user_exists?("#{@thmusername}"); puts "Exiting ... Can't create duplicate users ?"; exit; end
+          break
+        end
+      end
+      #def update_user; end
+      #alias_method :modify_user, :update_user
+      def delete_user
+        while buf = Readline.readline("\e[1;36m\Remove User: \e[0m\ ", true)
+          @thmusername = buf
+          objbuilder("#{@thmusername}", "deleteuser")
+          break
+        end
+      end
+      def set_password(prompt="\e[1;36m\Password: \e[0m\ ")
+        print prompt
+        plain = STDIN.noecho(&:gets).chomp
+        @thmpassword = mkhash(plain)
+        objbuilder("#{@thmusername}", "adduser", "#{@thmgroupname}", "#{@thmpassword}")
+      end
+      def list_users
+        objbuilder("system", "listusers")
+      end
+      def list_groups
+        objbuilder("system", "listgroups")
+      end
+      def group_exists?(name)
+        objbuilder("#{name}", "groupexists?")
+      end
+      def add_group
+        while buf = Readline.readline("\e[1;36m\Add Group: \e[0m\ ", true)
+          @thmgroupname = buf
+          if self.group_exists?("#{@thmgroupname}") == true
+            puts "Exiting Group exists ..."
+          end
+          if self.group_exists?("#{@thmgroupname}"); puts "Exiting ... Can't create duplicate groups ?"; exit; end
+          objbuilder("#{@thmgroupname}", "addgroup")
+          break
+        end
+      end
+      def delete_group
+        while buf = Readline.readline("\e[1;36m\Delete Group: \e[0m\ ", true)
+          @thmgroupname = buf
+          objbuilder("#{@thmgroupname}", "deletegroup")
+          break
+        end
+      end
+  end
+end

data/views/authenticate.slim ADDED Viewed

@@ -0,0 +1,18 @@
+doctype 5
+html
+  head
+    title Threatmonitor Suite - Login
+    link rel="stylesheet" href="stylesheets/screen.css" type="text/css" media="screen"
+    script src="js/react.js"
+    script src="js/JSXTransformer.js"
+    script src="js/jquery.min.js"
+    script src="js/marked.min.js"
+  body
+    h2 Threatmonitor Suite Login
+    #content
+    div id="content"
+    script type="text/jsx" src="js/files/authenticate.jsx"

data/views/dashboard.erb ADDED Viewed

@@ -0,0 +1,69 @@
+<html>
+  <head>
+    <title>Threatmonitor Suite - Dashboard</title>
+    <link rel="stylesheet" href="stylesheets/screen.css" type="text/css" media="screen">
+    <script src="js/react.js"></script>
+    <script src="js/JSXTransformer.js"></script>
+    <script src="js/jquery.min.js"></script>
+    <script src="js/marked.min.js"></script>
+    <script src="js/jsapi.js"></script>
+    <script src="js/chartkick.js"></script>
+  </head>
+  <body>
+    <h3>Threatmonitor - Overview</h3>
+    <div id="content" style='width:100%; overflow:off;'>
+    <p align="left">Protocol data</p>
+    <table width="100%">
+      <tr><td colspan="2">Geo Location</td></tr>
+      <tr>
+        <td colspan="2" width="100%">
+        <div align="left" id="contentgeo" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= geo_chart @rowgeocount, id: "contentgeo", height: "400px", width: "400px" %>
+        </div></td>
+        </td>
+      </tr>
+      <tr><td>UDP Packets</td><td>TCP Packets</td></tr>
+      <tr>
+        <td width="50%">
+        <div align="left" id="content1" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= pie_chart @rowusrcnt, id: "content1", height: "400px", width: "400px" %>
+        </div></td>
+        <td width="50%">
+        <div align="left" id="content2" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= pie_chart @rowusrcnt2, id: "content2", height: "400px", width: "400px" %>
+        </div>
+        </td>
+      </tr>
+      <tr><td>Top TCP/IP Talkers</td><td>Top UDP/IP Talkers</td></tr>
+      <tr>
+        <td width="50%" height="50%">
+        <div align="left" id="content5" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= column_chart @rowusrcnt5, id: "content5", colors: ["orange", "#ed7718"] %>
+        </div></td>
+        <td width="50%" height="50%">
+        <div align="left" id="content6" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= column_chart @rowusrcnt6, id: "content6", colors: ["purple", "#78099d"] %>
+        </div></td>
+      </tr>
+      <tr><td>UDP Services</td><td>TCP Services</td></tr>
+      <tr>
+        <td width="50%" height="50%">
+        <div align="left" id="content3" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= bar_chart @rowusrcnt3, id: "content3", colors: ["green", "#177925"] %>
+        </div></td>
+        <td width="50%" height="50%">
+        <div align="left" id="content4" style='width:100%; height:100%; transform:scale(0.9);'>
+          <%= bar_chart @rowusrcnt4, id: "content4", colors: ["red", "#b80000"] %>
+        </div></td>
+      </tr>
+    </table>
+    </div>
+    <script type="text/jsx">
+    </script>
+  </body>
+</html>

data/views/logout.slim ADDED Viewed

@@ -0,0 +1,10 @@
+doctype 5
+html
+  head
+    title Threatmonitor Suite - Dashboard
+    link rel="stylesheet" href="stylesheets/screen.css" type="text/css" media="screen"
+  body
+    h5 Logging out ...
+    #content

metadata ADDED Viewed

@@ -0,0 +1,237 @@
+--- !ruby/object:Gem::Specification
+name: thm
+version: !ruby/object:Gem::Version
+  version: 0.1.8
+platform: ruby
+authors:
+- puppetpies
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-07-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.4'
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+- !ruby/object:Gem::Dependency
+  name: bunny
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: amqp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: pcap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
+- !ruby/object:Gem::Dependency
+  name: guid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: eventmachine
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: chartkick
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+- !ruby/object:Gem::Dependency
+  name: slim
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: Threatmonitor - Packet Capture / Analysis Suite
+email: brianh6854@googlemail.com
+executables:
+- thm-consumer
+- thm-pcap
+- thm-producer
+- thm-session
+- thm-useradmin
+extensions: []
+extra_rdoc_files:
+- README.md
+- README.1ST
+files:
+- README.1ST
+- README.md
+- bin/thm-consumer
+- bin/thm-pcap
+- bin/thm-producer
+- bin/thm-session
+- bin/thm-useradmin
+- config.rb
+- datalayerlight.rb
+- js/JSXTransformer.js
+- js/chartkick.js
+- js/files/authenticate.jsx
+- js/jquery.min.js
+- js/marked.min.js
+- js/react.js
+- lib/thm.rb
+- lib/thm/consumer.rb
+- lib/thm/dataservices.rb
+- lib/thm/localmachine.rb
+- lib/thm/producer.rb
+- lib/thm/version.rb
+- service_definitions.csv
+- sql/geoipdata-monetdb.sql
+- sql/threatmonitor-monetdb.sql
+- sql/threatmonitor-mysql.sql
+- stylesheets/screen.css
+- thm-authentication.rb
+- thm-authorization.rb
+- thm-privileges.rb
+- views/authenticate.slim
+- views/dashboard.erb
+- views/logout.slim
+homepage: https://github.com/puppetpies/threatmonitor
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements:
+- libpcap
+rubyforge_project:
+rubygems_version: 2.2.2
+signing_key:
+specification_version: 4
+summary: Packet Data Analysis
+test_files: []