0

我正在解析一些 Nessus 扫描,并尝试将插件 21643 的输出拆分为 3 个不同的数组,即 highSecArray、mediumSecArray 和 lowSecArray,具体取决于它们的密码强度。我逐行进行,并一直在设置标志以将值放入正确的数组中。输入样本是;

Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

The fields above are :

  {OpenSSL ciphername}
  Kx={key exchange}
  Au={authentication}
  Enc={symmetric encryption method}
  Mac={message authentication code}
  {export flag}

我将其修剪为仅包含以下内容的数组,该数组保存在数组中(每个数组元素一行)

SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1

我的问题是将不同的优势分成不同的阵列。我有以下代码可以做到这一点,它应该可以工作,但不能。它用每一行填充所有 3 个数组,忽略 if 声明标志必须设置为 true。如果设置正确,我正在输出带有行的实际标志值。

(1..count).each do |inc|
      version = hash[inc][0].split(" : ")[1]
      highSecArray = mediumSecArray = lowSecArray = []
      highFlag = mediumFlag = lowFlag = false

      puts "=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=#{inc}\\/#{version}=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-="
      puts hash[inc]

      hash[inc].each do |line|
        if line.include? "Low Strength Ciphers"
          lowFlag = true
          mediumFlag = highFlag = false
        elsif line.include? "Medium Strength Ciphers"
          mediumFlag = true
          lowFlag = highFlag = false
        elsif line.include? "High Strength Ciphers"
          highFlag = true
          lowFlag = mediumFlag = false
        else
          puts "High:\t#{highFlag}\nMedium:\t#{mediumFlag}\nLow:\t#{lowFlag}\nLine:#{line}\n\n"

          highSecArray << line if line != "" && highFlag == true
          mediumSecArray << line if line != "" && mediumFlag == true
          lowSecArray << line if line != "" && lowFlag == true
        end # end if
      end
      puts "-----------------------High-----------------------"
      puts highSecArray
      puts "-----------------------Medium-----------------------"
      puts mediumSecArray
      puts "-----------------------Low-----------------------"
      puts lowSecArray
  end # end 1..count.each do

我一直用来调试的控制台输出如下,它在顶部有输入,然后是每行的布尔运算符的当前状态(以及行本身),最后是每个数组的内容。中型阵列应该只有 2 行,高应该有 8 行,低应该是空的,但所有 3 行都在其中。

=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=1\/TLSv12=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=
SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  


High:   false
Medium: false
Low:    false
Line:SSL Version : TLSv12

High:   false
Medium: true
Low:    false
Line:      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

High:   false
Medium: true
Low:    false
Line:      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

High:   false
Medium: true
Low:    false
Line:

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  

High:   true
Medium: false
Low:    false
Line:      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:

High:   true
Medium: false
Low:    false
Line:

-----------------------High-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  
-----------------------Medium-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  
-----------------------Low-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256

我无法弄清楚为什么所有数组都获得了每个值,非常感谢任何帮助!提前致谢

4

2 回答 2

5

我无法弄清楚为什么所有数组都获得了每个值

您的代码中没有“数组”(复数)。只有一个数组(单数):

 highSecArray = mediumSecArray = lowSecArray = []

您将所有三个变量设置为同一个数组。您应该将它们设置为不同的数组:

 highSecArray, mediumSecArray, lowSecArray = [], [], []
 # or
 highSecArray   = []
 mediumSecArray = []
 lowSecArray    = []
于 2017-03-13T15:46:53.430 回答
0

您在此处采用的方法与常规做法背道而驰,以至于您在应该是非常常规的解析操作上被绊倒了。让我们分解您的问题:

  • 有一个需要特殊处理的标题行。
  • 有部分标识符会改变后续行的分类。
  • 有需要解析和分类到 bin 中的数据行。

好消息是您的数据格式足够好,每种类型的行都有不同的特征。您可以使用一些简单的正则表达式来提取所需的详细信息并进行分类。

把它放在一起:

# Define which ciphers to expect
CIPHERS = [ :high, :medium, :low ]

# Variable to capture the version
version = nil
# No expectation as to where to file the data yet
bucket = nil

# Create a series of buckets, one for each cipher type
ciphers = Hash[CIPHERS.map { |c| [ c, [ ] ] }]

# Read through the data line-by-line
DATA.readlines.each do |line|
  # Skip lines that are blank, that is they don't contain at least a
  # non-space character.
  next unless (line.match(/\S/))

  if (line.match(/SSL Version : (\S+)/))
    # Capture the version information
    version = $1
  elsif (line.match(/(\S+) Strength Ciphers/))
    # Pull out the first word and use that as the bucket
    bucket = $1.downcase.to_sym

    # Test that this makes sense
    unless (CIPHERS.include?(bucket))
      raise "Unknown cipher type #{$1}"
    end
  elsif (bucket)
    # Add the line to the right bucket, but trim off leading and trailing spaces
    ciphers[bucket] << line.sub(/\A\s+/, '').sub(/\s+\z/, '')
  end
end

__END__
SSL Version : TLSv12
  Medium Strength Ciphers (&gt; 64-bit and &lt; 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (&gt;= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)

为简单起见,它从DATA块中读取(由 定义__END__),但是您的程序可以使用它喜欢的任何输入源,例如$stdin或某些文件。

这会给你这样的输出,为了便于阅读,这里用 YAML 格式化:

---
:high:
- DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1
- DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1
- ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1
- ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1
- AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)
:medium:
- EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1
- ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1
- DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1
:low: []
于 2017-03-13T16:22:16.567 回答