Skip to content

Commit

Permalink
Add SSL probe to probes.
Browse files Browse the repository at this point in the history
  • Loading branch information
dma committed Oct 15, 2014
1 parent 9e6f77d commit 2fb823f
Show file tree
Hide file tree
Showing 8 changed files with 75 additions and 20 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,8 @@
import com.subgraph.vega.api.model.IModelProperties;

public interface IScanAlert extends IModelProperties {
enum Severity { HIGH, MEDIUM, LOW, INFO, UNKNOWN };
enum Severity { HIGH, MEDIUM, LOW, INFO, UNKNOWN }
String getDiscretionaryHostname();
String getName();
Severity getSeverity();
String getTitle();
Expand All @@ -31,4 +32,6 @@ enum Severity { HIGH, MEDIUM, LOW, INFO, UNKNOWN };
void addRegexHighlight(String regex);
void addRegexCaseInsensitiveHighlight(String regex);
Collection<IScanAlertHighlight> getHighlights();
void setDiscretionaryHostname(String hostname);
void setResource(String resourceString);
}
Original file line number Diff line number Diff line change
Expand Up @@ -72,23 +72,25 @@ public void openConnection(OperatedClientConnection conn, HttpHost target, InetA
* otherwise SSLSocketImpl blows up due to, it seems, https://bugs.openjdk.java.net/browse/JDK-8022081.
*/

Class<?> c = sock.getClass();
try {
Field f = c.getDeclaredField("host");
f.setAccessible(true);
f.set(sock, target.getHostName());
} catch (NoSuchFieldException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (SecurityException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IllegalArgumentException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalAccessException e) {
// TODO Auto-generated catch block
e.printStackTrace();
if (sf.isSecure(sock) == true) {
Class<?> c = sock.getClass();
try {
Field f = c.getDeclaredField("host");
f.setAccessible(true);
f.set(sock, target.getHostName());
} catch (NoSuchFieldException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (SecurityException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IllegalArgumentException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalAccessException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

InetSocketAddress localAddress = null;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ public class ScanAlert implements IScanAlert, Activatable {
private final ModelProperties properties;

private transient Activator activator;
private String discretionaryHostname;

ScanAlert(String key, String name, String title, Severity severity, IScanInstance scanInstance, long requestId) {
this.key = key;
Expand Down Expand Up @@ -67,6 +68,26 @@ public String getTitle() {
activate(ActivationPurpose.READ);
return title;
}

@Override
public String getDiscretionaryHostname() {
activate(ActivationPurpose.READ);
return this.discretionaryHostname;
}

@Override
public void setDiscretionaryHostname(String hostname) {
activate(ActivationPurpose.READ);
discretionaryHostname = hostname;
activate(ActivationPurpose.WRITE);
}

@Override
public void setResource(String resourceString) {
activate(ActivationPurpose.READ);
this.resource = resourceString;
activate(ActivationPurpose.WRITE);
}

@Override
public void setTemplateName(String name) {
Expand Down Expand Up @@ -262,4 +283,7 @@ public void bind(Activator activator) {
}





}
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,7 @@ public int getScanStatus() {
public boolean isActive() {
int scanStatus = getScanStatus();
return (scanStatus == SCAN_PROBING || scanStatus == SCAN_STARTING || scanStatus == SCAN_AUDITING);

}

@Override
Expand Down
1 change: 1 addition & 0 deletions platform/com.subgraph.vega.scanner/META-INF/MANIFEST.MF
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ Import-Package: com.google.common.base,
com.subgraph.vega.api.scanner.modules,
com.subgraph.vega.api.util,
com.subgraph.vega.http.requests.custom,
com.subgraph.vega.sslprobe,
org.apache.http;version="4.0.0",
org.apache.http.client,
org.apache.http.client.entity,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
import com.subgraph.vega.api.scanner.modules.IResponseProcessingModule;
import com.subgraph.vega.api.scanner.modules.IScannerModule;
import com.subgraph.vega.api.scanner.modules.IScannerModuleRegistry;
import com.subgraph.vega.sslprobe.SSLProbe;

public class Scan implements IScan {
private final Scanner scanner;
Expand All @@ -44,6 +45,7 @@ public class Scan implements IScan {
private IScanInstance scanInstance; // guarded by this
private IWorkspace workspace; // guarded by this
private ScanProbe scanProbe; // guarded by this
private SSLProbe sslProbe;
private IHttpRequestEngine requestEngine; // guarded by this
private ScannerTask scannerTask; // guarded by this
private Thread scannerThread; // guarded by this
Expand Down Expand Up @@ -140,6 +142,23 @@ public IScanProbeResult probeTargetUri(URI uri) {
}

scanProbe = new ScanProbe(uri, requestEngine);

if (uri.getScheme().contains("https")) {
int sslPort;
String httpHostString;

if (uri.getPort() == -1) {
sslPort = 443;
httpHostString = "https://" + uri.getHost();
} else
{
sslPort = uri.getPort();
httpHostString = "https://" + uri.getHost() + ":" + sslPort;
}
sslProbe = new SSLProbe(scanInstance, uri.getHost(), sslPort, httpHostString);
sslProbe.run();
}

}
final IScanProbeResult probeResult = scanProbe.runProbe();
synchronized(this) {
Expand All @@ -148,7 +167,7 @@ public IScanProbeResult probeTargetUri(URI uri) {
redirectURI = probeResult.getRedirectTarget();
return probeResult;
}

@Override
public void startScan() {
synchronized(this) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,9 @@ private String renderScanInstance() {

sb.append(" [");
switch(scanInstance.getScanStatus()) {

case IScanInstance.SCAN_PROBING:
sb.append("Probing");
sb.append("Probing Server");
break;
case IScanInstance.SCAN_STARTING:
sb.append("Starting");
Expand Down Expand Up @@ -104,6 +105,9 @@ public String getImage() {
@Override
protected String createKeyForAlert(IScanAlert alert) {
if(!alert.hasAssociatedRequest()) {
if (alert.getDiscretionaryHostname() != null) {
return alert.getDiscretionaryHostname();
}
return NO_HOSTNAME;
}
final IRequestLogRecord record = workspace.getRequestLog().lookupRecord(alert.getRequestId());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ private void renderProgress() {
switch(scannerStatus) {
case IScanInstance.SCAN_CONFIG:
case IScanInstance.SCAN_PROBING:
progressPane.setLabelText("Probing server..");
case IScanInstance.SCAN_STARTING:
case IScanInstance.SCAN_AUDITING:
progressPane.setProgressBarValue((int) crawlerPercent);
Expand Down

0 comments on commit 2fb823f

Please sign in to comment.