yawast 0.4.0.beta1 → 0.4.0.beta2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d707bc2b668e3aee9be0c3f5824c58ae6cfe0fe2
4
- data.tar.gz: 60c589954dc8a4839d77de50acc0eb210f958677
3
+ metadata.gz: 0bd401e7dfb0ed1202b3649590c6188004f32d89
4
+ data.tar.gz: 349a07e700f68ffaf4cb2c3b2d73723b838eaa63
5
5
  SHA512:
6
- metadata.gz: ab2799d958dcebc5bc137494cff6c6361f492837d8830f53dd43ed47875be6c97af7fefdc9c25138d48c051166bc155a674caaa895a92a4ec1a61ca78b07dabf
7
- data.tar.gz: 30b24583e8f97011a74c459a755552b583daaa369115c23b57b4b238cae996dbd2a1d5445b84aa0868b733334a565a0616e41cf6f00507f069cc5465d0473997
6
+ metadata.gz: 08980226efef51d1c4bd02b943fd63ff09b759bc4b921e544e2684f695682867214970d14e7ea31e22a97ce79720db1cb03de3a143fefa5ed0dc7652d8d1e96b
7
+ data.tar.gz: 77de689186f88cbb65b6ec5dc072c50013696b4f50420cd982afd0b6eb1c2be888cf7e99c09bc8dd8d8c7978c9c9014b471f19a5a214acf6f8be190822ed103b
@@ -0,0 +1,10 @@
1
+ module Yawast
2
+ module Commands
3
+ class Cert
4
+ def self.process(options)
5
+ scan = Yawast::Scanner::Cert.new
6
+ scan.get_certs(options)
7
+ end
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,99 @@
1
+ require 'openssl'
2
+ require 'openssl-extensions/all'
3
+
4
+ module Yawast
5
+ module Scanner
6
+ class Cert
7
+ def setup
8
+ unless @setup
9
+
10
+ Yawast.header
11
+ puts
12
+
13
+ Yawast.set_openssl_options
14
+ end
15
+
16
+ @setup = true
17
+ end
18
+
19
+ def get_certs(options)
20
+ setup
21
+
22
+ content = File.readlines options.input
23
+
24
+ pool_size = 16
25
+ jobs = Queue.new
26
+ @results = Queue.new
27
+
28
+ content.map do |domain|
29
+ jobs.push domain.trim
30
+ end
31
+
32
+ workers = (pool_size).times.map do
33
+ Thread.new do
34
+ begin
35
+ while (domain = jobs.pop(true))
36
+ process domain
37
+ end
38
+ rescue ThreadError
39
+ #do nothing
40
+ end
41
+ end
42
+ end
43
+
44
+ results = Thread.new do
45
+ begin
46
+ while true
47
+ if @results.length > 0
48
+ out = @results.pop(true)
49
+ Yawast::Utilities.puts_info out
50
+ end
51
+ end
52
+ rescue ThreadError
53
+ #do nothing
54
+ end
55
+ end
56
+
57
+ workers.map(&:join)
58
+ results.terminate
59
+
60
+ puts
61
+ puts
62
+ puts 'Done.'
63
+ end
64
+
65
+ def process(domain)
66
+ return if domain == ''
67
+
68
+ begin
69
+ socket = Socket.tcp(domain, 443, opts={connect_timeout: 3})
70
+
71
+ ctx = OpenSSL::SSL::SSLContext.new
72
+ ctx.ciphers = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:ciphers]
73
+
74
+ ssl = OpenSSL::SSL::SSLSocket.new(socket, ctx)
75
+ ssl.hostname = domain
76
+
77
+ Timeout::timeout(5) {
78
+ ssl.connect
79
+ }
80
+
81
+ cert = ssl.peer_cert
82
+
83
+ if cert.nil?
84
+ raise 'No certificate received.'
85
+ else
86
+ @results.push "#{domain}: Issuer: '#{cert.issuer.common_name}' / '#{cert.issuer.organization}' Serial: #{cert.serial}"
87
+ end
88
+ rescue
89
+ unless domain.start_with? 'www.'
90
+ process 'www.' + domain
91
+ end
92
+ ensure
93
+ ssl.sysclose if ssl
94
+ socket.close if socket
95
+ end
96
+ end
97
+ end
98
+ end
99
+ end
data/lib/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Yawast
2
- VERSION = '0.4.0.beta1'
2
+ VERSION = '0.4.0.beta2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yawast
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0.beta1
4
+ version: 0.4.0.beta2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Caudill
@@ -110,6 +110,7 @@ files:
110
110
  - README.md
111
111
  - Rakefile
112
112
  - bin/yawast
113
+ - lib/commands/cert.rb
113
114
  - lib/commands/cms.rb
114
115
  - lib/commands/head.rb
115
116
  - lib/commands/scan.rb
@@ -117,6 +118,7 @@ files:
117
118
  - lib/commands/utils.rb
118
119
  - lib/resources/common.txt
119
120
  - lib/scanner/apache.rb
121
+ - lib/scanner/cert.rb
120
122
  - lib/scanner/cms.rb
121
123
  - lib/scanner/core.rb
122
124
  - lib/scanner/generic.rb