yawast 0.5.0.beta3 → 0.5.0.beta4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d4708466ef6ca5c2b60d7bc65c8d0b7e140f13ef
4
- data.tar.gz: ce469cdfc381a00bae37220c150fbf1424f84bb2
3
+ metadata.gz: 400253733c35a69633bfa93c996cd7eb2fed21b5
4
+ data.tar.gz: 453abac414cc6af0f4efb1b952189a1457887e33
5
5
  SHA512:
6
- metadata.gz: 2790493be0d96156111fe4dd65e86fd77492e2887861af9e255b0cf28103502270f3c9cdea85586b2a926fab8aa6ad5c96ce5905f84262ce308ecee45afcdda0
7
- data.tar.gz: 8cad9004d6af28d5bc0851000e94c53eee474389f67f3eb5f58d251449fadd71e762af2ff593582ff2f5972ca2ba44fcc7635f6410d5b3841a6ade6b55d1a184
6
+ metadata.gz: 899b87c5677b6fbf4bcd6fde0d6249064a0844c11a4a53f7567da47cb08aec289dcdaa7ca525a544cced1249b7c7e584a4c0f632e716351a1c364d6489bc0626
7
+ data.tar.gz: 83b67f387e7364708c1b49f7f6c7d900466f6e438ae6b14ae5a223d57dcb737f6874dd9e16c1183cc60958a43fa20dbc6689b4549c75b23634c21d116c1f2b6a
data/CHANGELOG.md CHANGED
@@ -7,7 +7,6 @@
7
7
  * [#86](https://github.com/adamcaudill/yawast/issues/86) - Add check for Tomcat Manager & common passwords
8
8
  * [#87](https://github.com/adamcaudill/yawast/issues/87) - Tomcat version detection via invalid HTTP verb
9
9
  * [#88](https://github.com/adamcaudill/yawast/issues/88) - Add IP Network Info via [api.iptoasn.com](https://api.iptoasn.com/)
10
- * [#89](https://github.com/adamcaudill/yawast/issues/89) - Add IP Location Info
11
10
  * [#90](https://github.com/adamcaudill/yawast/issues/90) - Add HSTS Preload check via [HSTSPreload.com](https://hstspreload.com/)
12
11
  * [#91](https://github.com/adamcaudill/yawast/issues/91) - Enhanced file search
13
12
  * [#96](https://github.com/adamcaudill/yawast/issues/96) - Scan for known SRV DNS Records
@@ -15,6 +14,7 @@
15
14
  * [#76](https://github.com/adamcaudill/yawast/issues/76) - Bug: Handle error for OpenSSL version support error
16
15
  * [#98](https://github.com/adamcaudill/yawast/issues/98) - Bug: SWEET32 Test Fails if 3DES Not Support By Latest Server Supported TLS Version
17
16
  * [#99](https://github.com/adamcaudill/yawast/issues/99) - Bug: Cloudflare SWEET32 False Positive
17
+ * [#101](https://github.com/adamcaudill/yawast/issues/101) - Bug: SWEET32 False Negative
18
18
  * Various code and other improvements.
19
19
 
20
20
  ## 0.4.0 - 2016-11-03
data/lib/scanner/core.rb CHANGED
@@ -120,7 +120,7 @@ module Yawast
120
120
  begin
121
121
  Yawast::Shared::Http.head(@uri)
122
122
  rescue => e
123
- Yawast::Utilities.puts_error "Fatal Connection Error (#{e.class}: #{e.message})"
123
+ Yawast::Utilities.puts_error "Fatal Connection Error: Unable to complete HEAD request from '#{@uri}' (#{e.class}: #{e.message})"
124
124
  exit 1
125
125
  end
126
126
  end
@@ -27,7 +27,6 @@ module Yawast
27
27
  else
28
28
  #show network info
29
29
  Yawast::Utilities.puts_info "\t\t\t#{get_network_info(ip.address)}"
30
- get_network_location_info ip
31
30
 
32
31
  puts "\t\t\thttps://www.shodan.io/host/#{ip.address}"
33
32
  puts "\t\t\thttps://censys.io/ipv4/#{ip.address}"
@@ -52,7 +51,6 @@ module Yawast
52
51
  else
53
52
  #show network info
54
53
  Yawast::Utilities.puts_info "\t\t\t#{get_network_info(ip.address)}"
55
- get_network_location_info ip
56
54
 
57
55
  puts "\t\t\thttps://www.shodan.io/host/#{ip.address.to_s.downcase}"
58
56
  end
@@ -164,6 +162,11 @@ module Yawast
164
162
  @netinfo = Hash.new if @netinfo == nil
165
163
  return @netinfo[ip] if @netinfo[ip] != nil
166
164
 
165
+ #check to see if this has failed, if so, skip it. We do this to avoid repeated timeouts if outbound
166
+ #connections are blocked.
167
+ @netinfo_failed = false if @netinfo_failed == nil
168
+ return 'Network Information disabled due to prior failure' if @netinfo_failed
169
+
167
170
  begin
168
171
  network_info = JSON.parse(Net::HTTP.get(URI("https://api.iptoasn.com/v1/as/ip/#{ip}")))
169
172
 
@@ -172,22 +175,10 @@ module Yawast
172
175
 
173
176
  return ret
174
177
  rescue => e
178
+ @netinfo_failed = true
175
179
  return "Error: getting network information failed (#{e.message})"
176
180
  end
177
181
  end
178
-
179
- def self.get_network_location_info(ip)
180
- begin
181
- info = JSON.parse(Net::HTTP.get(URI("https://freegeoip.net/json/#{ip.address}")))
182
- location = [info['city'], info['region_name'], info['country_code']].reject { |c| c.empty? }.join(', ')
183
-
184
- if location != nil && !location.empty?
185
- Yawast::Utilities.puts_info "\t\t\t#{location}"
186
- end
187
- rescue => e
188
- Yawast::Utilities.puts_error "Error getting location information: #{e.message}"
189
- end
190
- end
191
182
  end
192
183
  end
193
184
  end
@@ -48,11 +48,13 @@ module Yawast
48
48
  end
49
49
 
50
50
  req.start do |http|
51
+ #cache the number of hits
52
+ hits = http.instance_variable_get(:@ssl_context).session_cache_stats[:cache_hits]
51
53
  10000.times do |i|
52
54
  http.head(uri.path, headers)
53
55
 
54
56
  # hack to detect transparent disconnects
55
- if http.instance_variable_get(:@ssl_context).session_cache_stats[:cache_hits] != 0
57
+ if http.instance_variable_get(:@ssl_context).session_cache_stats[:cache_hits] != hits
56
58
  raise 'TLS Reconnected'
57
59
  end
58
60
 
data/lib/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Yawast
2
- VERSION = '0.5.0.beta3'
2
+ VERSION = '0.5.0.beta4'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yawast
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0.beta3
4
+ version: 0.5.0.beta4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Caudill
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-03-11 00:00:00.000000000 Z
11
+ date: 2017-03-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ssllabs