timing_attack 0.5.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.txt +21 -0
- data/README.md +40 -0
- data/exe/timing_attack +33 -1
- data/lib/timing_attack/errors.rb +3 -2
- data/lib/timing_attack/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 95817b4056c1f1165c1ac8906afaec786275d967
|
|
4
|
+
data.tar.gz: 89f6577a6bb247bdb5becd5049bd1237b065cd0c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1419ba3974ce57b6895a15d96dc589f0c0748244fc2240d8ff0f8c0e9ba31beac4f54e541127682f10276bf49b601a286ccb48319ae309f30f09481a955efbb0
|
|
7
|
+
data.tar.gz: 2f91cf8e49eb9d33c1277f87aff5924f734caedd58bb4b817d3e9797110082678ca12c271de483a0029623fcadf05be2ce5db2a02cfe3477561a67d8ef26dcc8
|
data/LICENSE.txt
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
The MIT License (MIT)
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2017 Forrest Fleming
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
|
13
|
+
all copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
21
|
+
THE SOFTWARE.
|
data/README.md
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
|
+
|
|
1
2
|
[](http://badge.fury.io/rb/timing_attack)
|
|
3
|
+
|
|
2
4
|
# timing_attack
|
|
3
5
|
|
|
4
6
|
Profile web applications, sorting inputs into two categories based on
|
|
@@ -24,8 +26,11 @@ timing_attack [options] -u <target> <inputs>
|
|
|
24
26
|
-p, --post Use POST, not GET
|
|
25
27
|
-q, --quiet Quiet mode (don't display progress bars)
|
|
26
28
|
-b, --brute-force Brute force mode
|
|
29
|
+
-i, --inputs-file FILE Read inputs from specified file, one per line
|
|
27
30
|
--parameters STR JSON hash of URL parameters. 'INPUT' will be replaced with the attack string
|
|
31
|
+
--parameters-file FILE Name of file containing parameters as with --parameters
|
|
28
32
|
--body STR JSON hash of parameters to be included in the request body. 'INPUT' will be replaced with the attack string
|
|
33
|
+
--body-file FILE Name of file containing parameters as with --body
|
|
29
34
|
--http-username STR HTTP basic authentication username. 'INPUT' will be replaced with the attack string
|
|
30
35
|
--http-password STR HTTP basic authentication password. 'INPUT' will be replaced with the attack string
|
|
31
36
|
--percentile NUM Use NUMth percentile for calculations (default: 3)
|
|
@@ -94,6 +99,41 @@ current attack string as above.
|
|
|
94
99
|
|
|
95
100
|
The `--parameters` and `--body` options must be specified in JSON format.
|
|
96
101
|
|
|
102
|
+
## Reading from files
|
|
103
|
+
|
|
104
|
+
Body contents, parameters, and inputs can all be read from a file specified on
|
|
105
|
+
the comamnd line with `--body-file`, `--parameters-file`, and `--inputs-file`
|
|
106
|
+
respectively. `--body-file` and `--parameters-file` expect the file's contents
|
|
107
|
+
to be a JSON hash; `--inputs-file` simply expects one input per line.
|
|
108
|
+
|
|
109
|
+
Example:
|
|
110
|
+
```
|
|
111
|
+
% cat inputs.txt
|
|
112
|
+
charles@poodles.com
|
|
113
|
+
camel@sahara.com
|
|
114
|
+
woofer@beagles.net
|
|
115
|
+
bactrian@dev.null
|
|
116
|
+
dromedary@dev.null
|
|
117
|
+
alpaca@theand.es
|
|
118
|
+
```
|
|
119
|
+
```
|
|
120
|
+
% cat params.txt
|
|
121
|
+
{"login":"INPUT", "password":"123", "delta":"10"}
|
|
122
|
+
```
|
|
123
|
+
```
|
|
124
|
+
% timing_attack -q -u "http://localhost:3000/timing/login" \
|
|
125
|
+
--parameters-file params.txt \
|
|
126
|
+
--inputs-file inputs.txt
|
|
127
|
+
Short tests:
|
|
128
|
+
woofer@beagles.net 0.0023
|
|
129
|
+
alpaca@theand.es 0.0025
|
|
130
|
+
Long tests:
|
|
131
|
+
bactrian@dev.null 0.1042
|
|
132
|
+
charles@poodles.com 0.1046
|
|
133
|
+
camel@sahara.com 0.1051
|
|
134
|
+
dromedary@dev.null 0.1054
|
|
135
|
+
```
|
|
136
|
+
|
|
97
137
|
## How it works
|
|
98
138
|
|
|
99
139
|
The various inputs are each thrown at the endpoint `--number` times. The
|
data/exe/timing_attack
CHANGED
|
@@ -15,6 +15,24 @@ class TimingAttackCli
|
|
|
15
15
|
|
|
16
16
|
private
|
|
17
17
|
|
|
18
|
+
def json_file(filename)
|
|
19
|
+
begin
|
|
20
|
+
JSON.parse(File.read(filename))
|
|
21
|
+
rescue JSON::ParserError => e
|
|
22
|
+
raise TimingAttack::Errors::InvalidFileFormatError.new("Invalid JSON in #{filename}: #{e.message}")
|
|
23
|
+
rescue Errno::ENOENT
|
|
24
|
+
raise TimingAttack::Errors::FileNotFoundError.new("#{filename} not found")
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def flat_file(filename)
|
|
29
|
+
begin
|
|
30
|
+
File.readlines(filename).map(&:strip)
|
|
31
|
+
rescue Errno::ENOENT
|
|
32
|
+
raise TimingAttack::Errors::FileNotFoundError.new("#{filename} not found")
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
18
36
|
def opt_parser
|
|
19
37
|
@opt_parser ||= OptionParser.new do |opts|
|
|
20
38
|
opts.program_name = File.basename(__FILE__)
|
|
@@ -34,12 +52,21 @@ class TimingAttackCli
|
|
|
34
52
|
opts.on("-p", "--post", "Use POST, not GET") { |bool| options[:method] = bool ? :post : :get }
|
|
35
53
|
opts.on("-q", "--quiet", "Quiet mode (don't display progress bars)") { |bool| options[:verbose] = !bool }
|
|
36
54
|
opts.on("-b", "--brute-force", "Brute force mode") { |bool| options[:brute_force] = bool }
|
|
55
|
+
opts.on("-i FILE", "--inputs-file FILE", "Read inputs from specified file, one per line") do |str|
|
|
56
|
+
options[:inputs] = flat_file(filename)
|
|
57
|
+
end
|
|
37
58
|
opts.on("--parameters STR", "JSON hash of URL parameters. 'INPUT' will be replaced with the attack string") do |str|
|
|
38
59
|
options[:params] = JSON.parse(str)
|
|
39
60
|
end
|
|
61
|
+
opts.on("--parameters-file FILE", "Name of file containing parameters as with --parameters") do |str|
|
|
62
|
+
options[:params] = json_file(str)
|
|
63
|
+
end
|
|
40
64
|
opts.on("--body STR", "JSON hash of parameters to be included in the request body. 'INPUT' will be replaced with the attack string") do |str|
|
|
41
65
|
options[:body] = JSON.parse(str)
|
|
42
66
|
end
|
|
67
|
+
opts.on("--body-file FILE", "Name of file containing parameters as with --body") do |str|
|
|
68
|
+
options[:body] = json_file(str)
|
|
69
|
+
end
|
|
43
70
|
opts.on("--http-username STR", "HTTP basic authentication username. 'INPUT' will be replaced with the attack string") do |str|
|
|
44
71
|
options[:basic_auth_username] = str
|
|
45
72
|
end
|
|
@@ -61,6 +88,9 @@ class TimingAttackCli
|
|
|
61
88
|
def parse_options
|
|
62
89
|
begin
|
|
63
90
|
opt_parser.parse!
|
|
91
|
+
rescue TimingAttack::Errors::InvalidFileFormatError, TimingAttack::Errors::FileNotFoundError => e
|
|
92
|
+
STDERR.puts e.message
|
|
93
|
+
exit
|
|
64
94
|
rescue OptionParser::InvalidOption => e
|
|
65
95
|
STDERR.puts e.message
|
|
66
96
|
puts opt_parser
|
|
@@ -70,6 +100,7 @@ class TimingAttackCli
|
|
|
70
100
|
|
|
71
101
|
def sanitize_options
|
|
72
102
|
options[:verbose] = true if options[:verbose].nil?
|
|
103
|
+
options[:inputs] = ARGV if options[:inputs].nil?
|
|
73
104
|
if options[:percentile]
|
|
74
105
|
options.delete(:mean)
|
|
75
106
|
elsif options[:median]
|
|
@@ -84,7 +115,8 @@ class TimingAttackCli
|
|
|
84
115
|
atk = if options.delete(:brute_force)
|
|
85
116
|
TimingAttack::BruteForcer.new(options: options)
|
|
86
117
|
else
|
|
87
|
-
|
|
118
|
+
inputs = options.delete(:inputs)
|
|
119
|
+
TimingAttack::Enumerator.new(inputs: inputs, options: options)
|
|
88
120
|
end
|
|
89
121
|
atk.run!
|
|
90
122
|
rescue ArgumentError => e
|
data/lib/timing_attack/errors.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: timing_attack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Forrest Fleming
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-12-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ruby-progressbar
|
|
@@ -119,6 +119,7 @@ files:
|
|
|
119
119
|
- ".rspec"
|
|
120
120
|
- ".travis.yml"
|
|
121
121
|
- Gemfile
|
|
122
|
+
- LICENSE.txt
|
|
122
123
|
- README.md
|
|
123
124
|
- Rakefile
|
|
124
125
|
- bin/console
|
|
@@ -154,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
154
155
|
version: '0'
|
|
155
156
|
requirements: []
|
|
156
157
|
rubyforge_project:
|
|
157
|
-
rubygems_version: 2.
|
|
158
|
+
rubygems_version: 2.6.11
|
|
158
159
|
signing_key:
|
|
159
160
|
specification_version: 4
|
|
160
161
|
summary: Perform timing attacks against web applications
|