RubyGems - timing_attack - Versions diffs - 0.4.0 → 0.4.1 - Mend

timing_attack 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +3 -0
data/lib/timing_attack/brute_forcer.rb +10 -3
data/lib/timing_attack/errors.rb +6 -0
data/lib/timing_attack/version.rb +1 -1
data/lib/timing_attack.rb +1 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f4aa7a2b7ae3b9a7bf2b6d39d586d3484aa83d7e
-  data.tar.gz: 3432f10030dbb838b9ff224d4c7942f8fb82392a
+  metadata.gz: 4c07deac97e0cdfadcb0c1249fc09a950642030b
+  data.tar.gz: b565450cb34a4c42a6e7a89394296546834c37cc
 SHA512:
-  metadata.gz: 635ff7244a86461d6531034e54a607b0c91973c5d1a31631e571860b3eca132ce770753dce0973ab4d798a4aed209d9567bdaf7bca75901fa52f4dc8c94aa5fc
-  data.tar.gz: 0d7d00c315e3bdc7f947c4ba1294f2810a4bd901a225bdc2655e51d4807ceebc785e7d85ace2d02d442088aa5b7f14eb66e2579c97cd5fd89fa4a4dc9ba7e4f1
+  metadata.gz: 27f0cbb88c3038b68d16764d8170a924c0c344117545c8ca37877e854d7b80526297b37f866c53cdc1ad0f5615df354dd898ba3267dd5ccb428db4d6d66a25af
+  data.tar.gz: 0507d9712a8d68d75d5686c7aa3e32e9042a3f7f9116dda113eac59bfed863e5a9203315a57bb1c0e5e38732bcfc3ff0e661f82f87b0b40be6a0d05f61d3b35e

data/README.md CHANGED Viewed

@@ -3,6 +3,9 @@
 Profile web applications, sorting inputs into two categories based on
 discrepancies in the application's response time.
+If you need a known-vulnerable application for testing and/or development, see
+[Camelflage](https://github.com/ffleming/camelflage).
 ## Installation
 ```bash

data/lib/timing_attack/brute_forcer.rb CHANGED Viewed

@@ -13,8 +13,13 @@ module TimingAttack
     attr_reader :known
     POTENTIAL_BYTES = (' '..'z').to_a
     def attack!
-      while(true)
-        attack_byte!
+      begin
+        while(true)
+          attack_byte!
+        end
+      rescue Errors::BruteForcerError => e
+        puts "\n#{e.message}"
+        exit(1)
       end
     end
@@ -48,7 +53,9 @@ module TimingAttack
       grouper = Grouper.new(attacks: attacks, group_by: { percentile: options.fetch(:percentile) })
       results = grouper.long_tests.map(&:input)
       if grouper.long_tests.count > 1
-        raise StandardError.new("Got too many possibilities: #{results.join(', ')}")
+        msg = "Got too many possibilities to continue brute force:\n\t"
+        msg << results.join("\t")
+        raise Errors::BruteForcerError.new(msg)
       end
       @known = results.first
     end

data/lib/timing_attack/errors.rb ADDED Viewed

@@ -0,0 +1,6 @@
+module TimingAttack
+  module Errors
+    class BruteForcerError < StandardError
+    end
+  end
+end

data/lib/timing_attack/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module TimingAttack
-  VERSION = "0.4.0"
+  VERSION = "0.4.1"
 end

data/lib/timing_attack.rb CHANGED Viewed

@@ -3,6 +3,7 @@ require 'json'
 require 'optparse'
 require 'ruby-progressbar'
 require "timing_attack/version"
+require "timing_attack/errors"
 require "timing_attack/attacker"
 require 'timing_attack/spinner'
 require "timing_attack/brute_forcer"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: timing_attack
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Forrest Fleming
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2017-02-04 00:00:00.000000000 Z
+date: 2017-02-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby-progressbar
@@ -116,6 +116,7 @@ files:
 - lib/timing_attack/attacker.rb
 - lib/timing_attack/brute_forcer.rb
 - lib/timing_attack/enumerator.rb
+- lib/timing_attack/errors.rb
 - lib/timing_attack/grouper.rb
 - lib/timing_attack/spinner.rb
 - lib/timing_attack/test_case.rb