metasploit-framework/lib/rex/sslscan/scanner.rb

require 'rex/socket'

module Rex::SSLScan

class Scanner

	attr_accessor :host
	attr_accessor :port
	attr_accessor :timeout
	
	attr_reader :supported_versions

	def initialize(host,port = 443,timeout=20)
		@host       = host
		@port       = port
		@timeout = timeout
		@supported_versions = [:SSLv2, :SSLv3, :TLSv1]
		raise StandardError, "The scanner configuration is invalid" unless valid?
	end

	def valid?
		begin
			@host = Rex::Socket.getaddress(@host, true)
		rescue
			return false
		end
		return false unless @port.kind_of? Fixnum
		return false unless @port >= 0 and @port <= 65535
		return false unless @timeout.kind_of? Fixnum
		return true
	end

	def scan
		scan_result = Rex::SSLScan::Result.new
	end

	def test_cipher(ssl_version, cipher)
		validate_params(ssl_version,cipher)

		begin
			scan_client = Rex::Socket::Tcp.create(
				'PeerHost'     => @host,
				'PeerPort'      => @port,
				'SSL'               => true,
				'SSLVersion'  => ssl_version,
				'SSLCipher'   => cipher,
				'Timeout'      => @timeout
			)
		rescue ::Exception => e 
			return :rejected
		end
		return :accepted
	end


	protected

	def validate_params(ssl_version, cipher)
		raise StandardError, "The scanner configuration is invalid" unless valid?
		unless @supported_versions.include? ssl_version
			raise StandardError, "SSL Version must be one of: #{@supported_versions.to_s}"
		end
		unless OpenSSL::SSL::SSLContext.new(ssl_version).ciphers.flatten.include? cipher
			raise ArgumentError, "Must be a valid SSL Cipher for #{version}!"
		end
	end

end
end
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00			`require 'rex/socket'`
empty shells for the scanner and its specs 2013-02-07 22:16:41 +00:00
			`module Rex::SSLScan`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00
empty shells for the scanner and its specs 2013-02-07 22:16:41 +00:00			`class Scanner`

Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00			`attr_accessor :host`
			`attr_accessor :port`
			`attr_accessor :timeout`
Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00
			`attr_reader :supported_versions`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00
Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00			`def initialize(host,port = 443,timeout=20)`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00			`@host = host`
			`@port = port`
			`@timeout = timeout`
Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00			`@supported_versions = [:SSLv2, :SSLv3, :TLSv1]`
			`raise StandardError, "The scanner configuration is invalid" unless valid?`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00			`end`

			`def valid?`
			`begin`
			`@host = Rex::Socket.getaddress(@host, true)`
			`rescue`
			`return false`
			`end`
			`return false unless @port.kind_of? Fixnum`
			`return false unless @port >= 0 and @port <= 65535`
			`return false unless @timeout.kind_of? Fixnum`
			`return true`
			`end`

			`def scan`
			`scan_result = Rex::SSLScan::Result.new`
Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00			`end`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00
Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00			`def test_cipher(ssl_version, cipher)`
			`validate_params(ssl_version,cipher)`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00
Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00			`begin`
			`scan_client = Rex::Socket::Tcp.create(`
			`'PeerHost' => @host,`
			`'PeerPort' => @port,`
			`'SSL' => true,`
			`'SSLVersion' => ssl_version,`
			`'SSLCipher' => cipher,`
			`'Timeout' => @timeout`
			`)`
			`rescue ::Exception => e`
			`return :rejected`
			`end`
			`return :accepted`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00			`end`


Test Cipher method underway Trying to get a clever test plan under way to actually test the network side of this. Not quite working yet 2013-02-09 07:07:56 +00:00			`protected`

			`def validate_params(ssl_version, cipher)`
			`raise StandardError, "The scanner configuration is invalid" unless valid?`
			`unless @supported_versions.include? ssl_version`
			`raise StandardError, "SSL Version must be one of: #{@supported_versions.to_s}"`
			`end`
			`unless OpenSSL::SSL::SSLContext.new(ssl_version).ciphers.flatten.include? cipher`
			`raise ArgumentError, "Must be a valid SSL Cipher for #{version}!"`
			`end`
Beginings of the actual scanner configuration and configuration validation in place with tests. 2013-02-09 06:03:58 +00:00			`end`

empty shells for the scanner and its specs 2013-02-07 22:16:41 +00:00			`end`
			`end`