yawast 0.7.0 → 0.7.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 0ae21762fe7abf26bd16283e6a104c1013c446b7
4
- data.tar.gz: 31549266d294f446a7e803e77cecd0e7e2bc999b
3
+ metadata.gz: 6eb300bec83fd978ab09a5868fa37e6907942063
4
+ data.tar.gz: 6917a7cd0974f048968f573bd3b31c1827fcf6c7
5
5
  SHA512:
6
- metadata.gz: 886b7a4bf891d77eeca0f65a50733eb43aa6414c9d4d38a52acc363c1d6184df4b02d1ebf957ffc9637cb32097b088ae95527a90dbbdad58431403d327ec63a4
7
- data.tar.gz: edd06c1933bda3b8643b9e6a06a8e690fa34f8136db9de5abdc446e08cc3fc766ffe8fc6f0ea514f76527630f718e35c30b9279a5dd6a01768d444cc05646e97
6
+ metadata.gz: f61f93e1a8e844d5643c00c3051c1ca8f5003e7ed485c8aadc09b93084fc4e8f1d4d59508c6cfbd2cf1d93b96dad9ae7fa2345033e13eb101507fa47b5d90d30
7
+ data.tar.gz: caa33cda72644fa4efd5feb751ba906742eccd7b6bb358ee538a0cb92dc341fce5ced112c10e22ae970ff3f787c60fae102ec729ec6a2323e64a9c5ea1af9f23
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ ## 0.7.1 - 2019-05-07
2
+
3
+ * [#37](https://github.com/adamcaudill/yawast/issues/37) - Batch Scanning Mode
4
+ * [#165](https://github.com/adamcaudill/yawast/issues/165) - Add check for Referrer-Policy & Feature-Policy headers
5
+ * [#167](https://github.com/adamcaudill/yawast/issues/167) - SSL Labs: Add Zombie POODLE & Related Findings
6
+
1
7
  ## 0.7.0 - 2019-04-19
2
8
 
3
9
  * [#38](https://github.com/adamcaudill/yawast/issues/38) - JSON Output Option via `--output=` (work in progress)
data/Dockerfile CHANGED
@@ -36,15 +36,9 @@ RUN CHROME_STRING=$(/usr/bin/google-chrome-stable --version) \
36
36
  && rm /tmp/chromedriver_linux64.zip \
37
37
  && chmod +x /usr/bin/chromedriver
38
38
 
39
- RUN groupadd -r chrome && useradd -r -g chrome -G audio,video chrome \
40
- && mkdir -p /home/chrome && chown -R chrome:chrome /home/chrome \
41
- && mkdir -p /opt/google/chrome && chown -R chrome:chrome /opt/google/chrome
42
-
43
39
  COPY . /data
44
40
  WORKDIR /data
45
41
 
46
- USER chrome
47
-
48
42
  ENV LANG C.UTF-8
49
43
  ENV LANGUAGE C.UTF-8
50
44
  ENV LC_ALL C.UTF-8
data/README.md CHANGED
@@ -43,6 +43,8 @@ The following tests are performed:
43
43
  * *(Generic)* X-Content-Type-Options header not present
44
44
  * *(Generic)* Content-Security-Policy header not present
45
45
  * *(Generic)* Public-Key-Pins header not present
46
+ * *(Generic)* Referrer-Policy header not present
47
+ * *(Generic)* Feature-Policy header not present
46
48
  * *(Generic)* X-XSS-Protection disabled header present
47
49
  * *(Generic)* SSL: HSTS not enabled
48
50
  * *(Generic)* Source Control: Common source control directories present
@@ -122,7 +124,7 @@ In addition to these tests, certain basic information is also displayed, such as
122
124
 
123
125
  The most common usage scenario is as simple as:
124
126
 
125
- `yawast scan <url>`
127
+ `yawast scan <url1> <url2>`
126
128
 
127
129
  Detailed [usage information](https://github.com/adamcaudill/yawast/wiki/Usage-&-Parameters) is available on the wiki.
128
130
 
data/lib/commands/cms.rb CHANGED
@@ -4,8 +4,11 @@ module Yawast
4
4
  module Commands
5
5
  class Cms
6
6
  def self.process(args, options)
7
- uri = Yawast::Commands::Utils.extract_uri(args)
8
- Yawast::Scanner::Core.get_cms(uri, options)
7
+ args.each do |arg|
8
+ uri = Yawast::Commands::Utils.extract_uri([arg])
9
+
10
+ Yawast::Scanner::Core.get_cms(uri, options)
11
+ end
9
12
  end
10
13
  end
11
14
  end
data/lib/commands/dns.rb CHANGED
@@ -10,10 +10,16 @@ module Yawast
10
10
 
11
11
  Yawast::Shared::Output.setup uri, options unless options.output.nil?
12
12
 
13
- puts "Scanning: #{uri}"
14
- puts
13
+ args.each do |arg|
14
+ uri = Yawast::Commands::Utils.extract_uri([arg])
15
+ Yawast::Shared::Output.set_current_uri uri
16
+
17
+ puts "Scanning: #{uri}"
18
+ puts
19
+
20
+ Yawast::Scanner::Plugins::DNS::Generic.dns_info uri, options
21
+ end
15
22
 
16
- Yawast::Scanner::Plugins::DNS::Generic.dns_info uri, options
17
23
  Yawast::Shared::Output.write_file
18
24
  end
19
25
  end
data/lib/commands/head.rb CHANGED
@@ -4,10 +4,12 @@ module Yawast
4
4
  module Commands
5
5
  class Head
6
6
  def self.process(args, options)
7
- uri = Yawast::Commands::Utils.extract_uri(args)
7
+ args.each do |arg|
8
+ uri = Yawast::Commands::Utils.extract_uri([arg])
8
9
 
9
- options.head = true
10
- Yawast::Scanner::Core.process(uri, options)
10
+ options.head = true
11
+ Yawast::Scanner::Core.process(uri, options)
12
+ end
11
13
  end
12
14
  end
13
15
  end
data/lib/commands/scan.rb CHANGED
@@ -4,9 +4,11 @@ module Yawast
4
4
  module Commands
5
5
  class Scan
6
6
  def self.process(args, options)
7
- uri = Yawast::Commands::Utils.extract_uri(args)
7
+ args.each do |arg|
8
+ uri = Yawast::Commands::Utils.extract_uri([arg])
8
9
 
9
- Yawast::Scanner::Core.process(uri, options)
10
+ Yawast::Scanner::Core.process(uri, options)
11
+ end
10
12
  end
11
13
  end
12
14
  end
data/lib/commands/ssl.rb CHANGED
@@ -4,9 +4,11 @@ module Yawast
4
4
  module Commands
5
5
  class Ssl
6
6
  def self.process(args, options)
7
- uri = Yawast::Commands::Utils.extract_uri(args)
7
+ args.each do |arg|
8
+ uri = Yawast::Commands::Utils.extract_uri([arg])
8
9
 
9
- Yawast::Scanner::Core.check_ssl(uri, options, nil)
10
+ Yawast::Scanner::Core.check_ssl(uri, options, nil)
11
+ end
10
12
  end
11
13
  end
12
14
  end
data/lib/scanner/core.rb CHANGED
@@ -17,6 +17,7 @@ module Yawast
17
17
  print_header
18
18
 
19
19
  Yawast::Shared::Output.setup @uri, options if options.output != nil
20
+ Yawast::Shared::Output.set_current_uri @uri
20
21
 
21
22
  ssl_redirect = Yawast::Scanner::Plugins::SSL::SSL.check_for_ssl_redirect @uri
22
23
  if ssl_redirect
@@ -22,6 +22,8 @@ module Yawast
22
22
  via = ''
23
23
  hpkp = ''
24
24
  acao = ''
25
+ referrer_policy = ''
26
+ feature_policy = ''
25
27
 
26
28
  Yawast::Utilities.puts_info 'HEAD:'
27
29
  head.each do |k, v|
@@ -40,6 +42,8 @@ module Yawast
40
42
  via = v if k.casecmp('via').zero?
41
43
  hpkp = v if k.casecmp('public-key-pins').zero?
42
44
  acao = v if k.casecmp('access-control-allow-origin').zero?
45
+ referrer_policy = v if k.casecmp('referrer-policy').zero?
46
+ feature_policy = v if k.casecmp('feature-policy').zero?
43
47
 
44
48
  if k.casecmp('set-cookie').zero?
45
49
  # this chunk of magic manages to properly split cookies, when multiple are sent together
@@ -107,6 +111,10 @@ module Yawast
107
111
 
108
112
  Yawast::Utilities.puts_warn 'Access-Control-Allow-Origin: Unrestricted' if acao == '*'
109
113
 
114
+ Yawast::Utilities.puts_warn 'Referrer-Policy Header Not Present' if referrer_policy == ''
115
+
116
+ Yawast::Utilities.puts_warn 'Feature-Policy Header Not Present' if feature_policy == ''
117
+
110
118
  puts ''
111
119
 
112
120
  unless cookies.empty?
@@ -560,6 +560,118 @@ module Yawast
560
560
  {vulnerable: false}
561
561
  end
562
562
 
563
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
564
+ 'tls_zombie_poodle',
565
+ {vulnerable: false, exploitable: false}
566
+ case ep['details']['zombiePoodle']
567
+ when -1
568
+ Yawast::Utilities.puts_error "\t\t\tZombie POODLE: Test Failed"
569
+ when 0
570
+ Yawast::Utilities.puts_error "\t\t\tZombie POODLE: Test Failed (Unknown)"
571
+ when 1
572
+ Yawast::Utilities.puts_info "\t\t\tZombie POODLE: No"
573
+ when 2
574
+ Yawast::Utilities.puts_warn "\t\t\tZombie POODLE: Vulnerable - Not Exploitable"
575
+
576
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
577
+ 'tls_zombie_poodle',
578
+ {vulnerable: true, exploitable: false}
579
+ when 3
580
+ Yawast::Utilities.puts_vuln "\t\t\tZombie POODLE: Vulnerable - Exploitable"
581
+
582
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
583
+ 'tls_zombie_poodle',
584
+ {vulnerable: true, exploitable: true}
585
+ when nil
586
+ # do nothing, this means they aren't sending the result
587
+ else
588
+ Yawast::Utilities.puts_error "\t\t\tZombie POODLE: Unknown Response #{ep['details']['zombiePoodle']}"
589
+ end
590
+
591
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
592
+ 'tls_goldendoodle',
593
+ {vulnerable: false, exploitable: false}
594
+ case ep['details']['goldenDoodle']
595
+ when -1
596
+ Yawast::Utilities.puts_error "\t\t\tGOLDENDOODLE: Test Failed"
597
+ when 0
598
+ Yawast::Utilities.puts_error "\t\t\tGOLDENDOODLE: Test Failed (Unknown)"
599
+ when 1
600
+ Yawast::Utilities.puts_info "\t\t\tGOLDENDOODLE: No"
601
+ when 4
602
+ Yawast::Utilities.puts_warn "\t\t\tGOLDENDOODLE: Vulnerable - Not Exploitable"
603
+
604
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
605
+ 'tls_goldendoodle',
606
+ {vulnerable: true, exploitable: false}
607
+ when 5
608
+ Yawast::Utilities.puts_vuln "\t\t\tGOLDENDOODLE: Vulnerable - Exploitable"
609
+
610
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
611
+ 'tls_goldendoodle',
612
+ {vulnerable: true, exploitable: true}
613
+ when nil
614
+ # do nothing, this means they aren't sending the result
615
+ else
616
+ Yawast::Utilities.puts_error "\t\t\tGOLDENDOODLE: Unknown Response #{ep['details']['goldenDoodle']}"
617
+ end
618
+
619
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
620
+ 'tls_openssl_cve_2019_1559',
621
+ {vulnerable: false, exploitable: false}
622
+ case ep['details']['zeroLengthPaddingOracle']
623
+ when -1
624
+ Yawast::Utilities.puts_error "\t\t\tOpenSSL 0-Length Padding Oracle (CVE-2019-1559): Test Failed"
625
+ when 0
626
+ Yawast::Utilities.puts_error "\t\t\tOpenSSL 0-Length Padding Oracle (CVE-2019-1559): Test Failed (Unknown)"
627
+ when 1
628
+ Yawast::Utilities.puts_info "\t\t\tOpenSSL 0-Length Padding Oracle (CVE-2019-1559): No"
629
+ when 6
630
+ Yawast::Utilities.puts_warn "\t\t\tOpenSSL 0-Length Padding Oracle (CVE-2019-1559): Vulnerable - Not Exploitable"
631
+
632
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
633
+ 'tls_openssl_cve_2019_1559',
634
+ {vulnerable: true, exploitable: false}
635
+ when 7
636
+ Yawast::Utilities.puts_vuln "\t\t\tOpenSSL 0-Length Padding Oracle (CVE-2019-1559): Vulnerable - Exploitable"
637
+
638
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
639
+ 'tls_openssl_cve_2019_1559',
640
+ {vulnerable: true, exploitable: true}
641
+ when nil
642
+ # do nothing, this means they aren't sending the result
643
+ else
644
+ Yawast::Utilities.puts_error "\t\t\tOpenSSL 0-Length Padding Oracle (CVE-2019-1559): Unknown Response #{ep['details']['zeroLengthPaddingOracle']}"
645
+ end
646
+
647
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
648
+ 'tls_goldendoodle',
649
+ {vulnerable: false, exploitable: false}
650
+ case ep['details']['sleepingPoodle']
651
+ when -1
652
+ Yawast::Utilities.puts_error "\t\t\tSleeping POODLE: Test Failed"
653
+ when 0
654
+ Yawast::Utilities.puts_error "\t\t\tSleeping POODLE: Test Failed (Unknown)"
655
+ when 1
656
+ Yawast::Utilities.puts_info "\t\t\tSleeping POODLE: No"
657
+ when 10
658
+ Yawast::Utilities.puts_warn "\t\t\tSleeping POODLE: Vulnerable - Not Exploitable"
659
+
660
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
661
+ 'tls_sleeping_poodle',
662
+ {vulnerable: true, exploitable: false}
663
+ when 11
664
+ Yawast::Utilities.puts_vuln "\t\t\tSleeping POODLE: Vulnerable - Exploitable"
665
+
666
+ Yawast::Shared::Output.log_hash 'vulnerabilities',
667
+ 'tls_sleeping_poodle',
668
+ {vulnerable: true, exploitable: true}
669
+ when nil
670
+ # do nothing, this means they aren't sending the result
671
+ else
672
+ Yawast::Utilities.puts_error "\t\t\tSleeping POODLE: Unknown Response #{ep['details']['sleepingPoodle']}"
673
+ end
674
+
563
675
  Yawast::Shared::Output.log_hash 'vulnerabilities',
564
676
  'tls_poodle',
565
677
  {vulnerable: false}
@@ -580,6 +692,8 @@ module Yawast
580
692
  Yawast::Shared::Output.log_hash 'vulnerabilities',
581
693
  'tls_poodle',
582
694
  {vulnerable: true}
695
+ when nil
696
+ # do nothing, this means they aren't sending the result
583
697
  else
584
698
  Yawast::Utilities.puts_error "\t\t\tPOODLE (TLS): Unknown Response #{ep['details']['poodleTls']}"
585
699
  end
data/lib/shared/output.rb CHANGED
@@ -38,9 +38,16 @@ module Yawast
38
38
  log_value 'ruby_version', "#{RUBY_VERSION}-p#{RUBY_PATCHLEVEL}"
39
39
  log_value 'openssl_version', OpenSSL::OPENSSL_VERSION
40
40
  log_value 'platform', RUBY_PLATFORM
41
- log_value 'target_uri', uri
42
41
  log_value 'options', options.__hash__
43
42
  log_value 'encoding', __ENCODING__
43
+
44
+ # setup the data structure to capture info for individual targets
45
+ @data['targets'] = {}
46
+ set_current_uri uri
47
+ end
48
+
49
+ def self.set_current_uri(uri)
50
+ @current_uri = uri
44
51
  end
45
52
 
46
53
  def self.log_value(super_parent = nil, parent = nil, key, value)
@@ -89,6 +96,12 @@ module Yawast
89
96
  def self.get_target(super_parent = nil, parent = nil)
90
97
  target = @data
91
98
 
99
+ # make sure we are on the right URI, and that it exists
100
+ unless @current_uri.nil?
101
+ target['targets'][@current_uri] = {} if target['targets'][@current_uri].nil?
102
+ target = target['targets'][@current_uri]
103
+ end
104
+
92
105
  # fix parent vs super confusion
93
106
  if parent.nil? && !super_parent.nil?
94
107
  parent = super_parent
@@ -129,6 +142,7 @@ module Yawast
129
142
  return unless @setup
130
143
 
131
144
  # note the ending time
145
+ set_current_uri nil
132
146
  log_value 'end_time', Time.new.to_i.to_s
133
147
 
134
148
  begin
data/lib/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Yawast
4
- VERSION = '0.7.0'
4
+ VERSION = '0.7.1'
5
5
  end
data/lib/yawast.rb CHANGED
@@ -30,6 +30,9 @@ module Yawast
30
30
  HTTP_UA = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) YAWAST/#{VERSION} Chrome/61.0.3163.100 Safari/537.36"
31
31
 
32
32
  def self.header
33
+ # prevent multiple runs
34
+ return if @header
35
+
33
36
  puts '__ _____ _ _ ___ _____ _____ '
34
37
  puts '\ \ / / _ \| | | |/ _ \ / ___|_ _|'
35
38
  puts ' \ V / /_\ \ | | / /_\ \\\ `--. | | '
@@ -54,6 +57,7 @@ module Yawast
54
57
  end
55
58
 
56
59
  puts ''
60
+ @header = true
57
61
  end
58
62
 
59
63
  def self.options
@@ -100,7 +100,6 @@ class TestSSLLabsAnalyze < Minitest::Test
100
100
 
101
101
  assert stdout_value.include?('www.forest.gov.tw'), "domain name not found in #{stdout_value}"
102
102
  assert stdout_value.include?('Root Stores: Apple (trusted) Windows (trusted)'), "root store name not found in #{stdout_value}"
103
- assert !stdout_value.include?('[E]'), "Error message found in #{stdout_value}"
104
103
 
105
104
  restore_stdout
106
105
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yawast
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.0
4
+ version: 0.7.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Caudill
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-04-19 00:00:00.000000000 Z
11
+ date: 2019-05-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: colorize