yawast 0.5.2 → 0.6.0.beta1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7b364a28ae5689b6ec07c5f7f9bcf3475fc11144
-  data.tar.gz: 4d49cb9633e87e6f31fcb1e77c4177b73370a772
+  metadata.gz: 71eb6eb4ed8a87d84f26c92c4ec55fc685dd4a1e
+  data.tar.gz: ea0bfebab8bce5379d26d3bdfee53f5cf6fa2a23
 SHA512:
-  metadata.gz: 56ea8e0165b2b634c24f8e4382099a0aa02fd5f57b1b4981994ea7885243d857fea28783ecdbe853701ab607169143f042c4d7cc8566de41a8c79dc05fef6264
-  data.tar.gz: 815079863ff0369a7fece526423a3e047ef814555488735f937048c6ca91a1a00e228336a70f0008fc533391daa5d407a95e39c941d2bf0a62cde2ffc2c864a6
+  metadata.gz: eb8c1f78bd2768b39879ecac338fddfc926aeea8f949d4503dc5ceebc7914c3084d1472b9878a42542a6cf951a62131e0475f80e5fe238d30ae8723b7c83578d
+  data.tar.gz: 7e0225ef254fca5cb47fb75f0fa687edca356267e16a0bdec33a71eefb0809194b7145c9dabc74b012bf0354ef8e096713f7552ed7ff82ff8c8b5064382f6b9e

data/.rubocop.yml

@@ -81,7 +81,7 @@ Lint/EnsureReturn:
   StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-return-ensure'
   Enabled: true
 
-Lint/Eval:
+Security/Eval:
   Description: 'The use of eval represents a serious security risk.'
   Enabled: true
 
@@ -716,7 +716,7 @@ Style/LineEndConcatenation:
                  line end.
   Enabled: false
 
-Style/MethodCallParentheses:
+Style/MethodCallWithoutArgsParentheses:
   Description: 'Do not use parentheses for method calls with no arguments.'
   StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-args-no-parens'
   Enabled: false

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## 0.6.0 - In Development
+
+* [#109](https://github.com/adamcaudill/yawast/issues/109) - DNS CAA Support
+* [#113](https://github.com/adamcaudill/yawast/issues/113) - Better False Positive Detection For Directory Search
+
 ## 0.5.2 - 2017-07-13
 
 * [#107](https://github.com/adamcaudill/yawast/issues/107) - Current version check

data/lib/scanner/plugins/dns/caa.rb

@@ -0,0 +1,51 @@
+require 'dnsruby'
+include Dnsruby
+
+module Yawast
+  module Scanner
+    module Plugins
+      module DNS
+        class CAA
+          def self.caa_info(uri)
+            # force DNS resolver to something that works
+            res = Resolver.new({:nameserver => ['8.8.8.8']})
+
+            domain = uri.host.to_s
+
+            #BUG: this is a basic implementation that ignores CNAMEs/etc
+            while domain != '' do
+              begin
+                ans = res.query(domain, 'CAA')
+
+                # check if we have any response
+                if ans.answer.count > 0
+                  ans.answer.each do |rec|
+                    # check for CNAME first
+                    if rec.type == 'CNAME'
+                      Yawast::Utilities.puts_error "\t\tCAA (#{domain}): CNAME Found: Not Currently Supported"
+                    else
+                      # check for RDATA
+                      if rec.rdata != nil
+                        Yawast::Utilities.puts_info "\t\tCAA (#{domain}): #{rec.rdata}"
+                      else
+                        Yawast::Utilities.puts_error "\t\tCAA (#{domain}): Invalid Response: #{ans.answer}"
+                      end
+                    end
+                  end
+                else
+                  Yawast::Utilities.puts_info "\t\tCAA (#{domain}): No Records Found"
+                end
+
+              rescue => e
+                Yawast::Utilities.puts_error "\t\tCAA (#{domain}): #{e.message}"
+              end
+
+              # strip the leading element off the domain
+              domain = domain.partition('.').last
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/scanner/plugins/dns/generic.rb

@@ -150,6 +150,9 @@ module Yawast
                 end
               end
 
+              #get the CAA info
+              Yawast::Scanner::Plugins::DNS::CAA.caa_info uri
+
               puts
             rescue => e
               Yawast::Utilities.puts_error "Error getting basic information: #{e.message}"

data/lib/scanner/plugins/http/directory_search.rb

@@ -1,9 +1,18 @@
+require 'securerandom'
+
 module Yawast
   module Scanner
     module Plugins
       module Http
         class DirectorySearch
           def self.search(uri, recursive, list_redirects, search_list = nil)
+            #first, we need to see if the site responds to 404 in a reasonable way
+            unless Yawast::Shared::Http.check_not_found(uri, false)
+              puts 'Site does not respond properly to non-existent directory requests; skipping some checks.'
+
+              return
+            end
+
             @recursive = recursive
             @list_redirects = list_redirects
 

data/lib/scanner/plugins/http/file_presence.rb

@@ -27,10 +27,7 @@ module Yawast
 
           def self.check_all(uri, common_files)
             #first, we need to see if the site responds to 404 in a reasonable way
-            fake_uri = uri.copy
-            fake_uri.path = "/#{SecureRandom.hex}/"
-            if Yawast::Shared::Http.get_status_code(fake_uri) != '404'
-              #crazy 404 handling
+            unless Yawast::Shared::Http.check_not_found(uri, true)
               puts 'Site does not respond properly to non-existent file requests; skipping some checks.'
 
               return

data/lib/shared/http.rb

@@ -1,3 +1,5 @@
+require 'securerandom'
+
 module Yawast
   module Shared
     class Http
@@ -62,6 +64,23 @@ module Yawast
         req
       end
 
+      def self.check_not_found(uri, file)
+        fake_uri = uri.copy
+
+        if file
+          fake_uri.path = "/#{SecureRandom.hex}.html"
+        else
+          fake_uri.path = "/#{SecureRandom.hex}/"
+        end
+
+        if Yawast::Shared::Http.get_status_code(fake_uri) != '404'
+          #crazy 404 handling
+          return false
+        end
+
+        return true
+      end
+
       # noinspection RubyStringKeysInHashInspection
       def self.get_headers(extra_headers = nil)
         if @cookie == nil

data/lib/version.rb

@@ -1,3 +1,3 @@
 module Yawast
-  VERSION = '0.5.2'
+  VERSION = '0.6.0.beta1'
 end

data/yawast.gemspec

@@ -22,6 +22,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'ipaddress', '~> 0.8'
   s.add_runtime_dependency 'public_suffix', '~> 2.0'
   s.add_runtime_dependency 'sslshake', '~> 1.1'
+  s.add_runtime_dependency 'dnsruby', '~> 1.60'
 
   s.bindir            = 'bin'
   s.files             = `git ls-files`.split("\n")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yawast
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.6.0.beta1
 platform: ruby
 authors:
 - Adam Caudill
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-07-13 00:00:00.000000000 Z
+date: 2017-09-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ssllabs
@@ -136,6 +136,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: dnsruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.60'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.60'
 description: YAWAST is an application meant to simplify initial analysis and information
   gathering for penetration testers and security auditors.
 email: adam@adamcaudill.com
@@ -173,6 +187,7 @@ files:
 - lib/scanner/iis.rb
 - lib/scanner/nginx.rb
 - lib/scanner/php.rb
+- lib/scanner/plugins/dns/caa.rb
 - lib/scanner/plugins/dns/generic.rb
 - lib/scanner/plugins/http/directory_search.rb
 - lib/scanner/plugins/http/file_presence.rb
@@ -225,9 +240,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: yawast
 rubygems_version: 2.4.8