我正在解析一些Nessus扫描,并且我试图将插件21643的输出分成3个不同的数组,highSecArray,mediumSecArray和lowSecArray,具体取决于它们的密码强度。我将逐行进行并设置标志以将值放入正确的数组中。输入的样本是;
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
我把它修剪成一个只有以下的数组,它保存在一个数组中(每个数组元素一行)
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
我的问题是将不同的优势分成不同的数组。我有以下代码来做,它应该工作,但没有。它用每一行填充所有3个数组,忽略if声明标志必须设置为true。我正在输出实际的标志值,它们是正确设置的。
(1..count).each do |inc|
version = hash[inc][0].split(" : ")[1]
highSecArray = mediumSecArray = lowSecArray = []
highFlag = mediumFlag = lowFlag = false
puts "=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=#{inc}\\/#{version}=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-="
puts hash[inc]
hash[inc].each do |line|
if line.include? "Low Strength Ciphers"
lowFlag = true
mediumFlag = highFlag = false
elsif line.include? "Medium Strength Ciphers"
mediumFlag = true
lowFlag = highFlag = false
elsif line.include? "High Strength Ciphers"
highFlag = true
lowFlag = mediumFlag = false
else
puts "High:\t#{highFlag}\nMedium:\t#{mediumFlag}\nLow:\t#{lowFlag}\nLine:#{line}\n\n"
highSecArray << line if line != "" && highFlag == true
mediumSecArray << line if line != "" && mediumFlag == true
lowSecArray << line if line != "" && lowFlag == true
end # end if
end
puts "-----------------------High-----------------------"
puts highSecArray
puts "-----------------------Medium-----------------------"
puts mediumSecArray
puts "-----------------------Low-----------------------"
puts lowSecArray
end # end 1..count.each do
我一直用来调试的控制台输出如下,它在顶部有输入,然后是每行的布尔运算符的当前状态(以及行本身),然后是每个数组&#39;最后的内容。媒体数组应该只有2行,high应该有8而low应该是空的,但是所有3行都包含所有行。
=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=1\/TLSv12=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
High: false
Medium: false
Low: false
Line:SSL Version : TLSv12
High: false
Medium: true
Low: false
Line: ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High: false
Medium: true
Low: false
Line: DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High: false
Medium: true
Low: false
Line:
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
High: true
Medium: false
Low: false
Line: AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
High: true
Medium: false
Low: false
Line: AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
High: true
Medium: false
Low: false
Line: RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
High: true
Medium: false
Low: false
Line: RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
High: true
Medium: false
Low: false
Line:
High: true
Medium: false
Low: false
Line:
-----------------------High-----------------------
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
-----------------------Medium-----------------------
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
-----------------------Low-----------------------
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
我无法弄清楚为什么所有阵列都能获得所有价值,我们非常感谢任何帮助!提前致谢
答案 0 :(得分:5)
我无法弄清楚为什么所有数组都获得了每个值
代码中没有“数组”(复数)。只有一个数组(单数):
highSecArray = mediumSecArray = lowSecArray = []
您将所有三个变量设置为同一个数组。您应该将它们设置为不同的数组:
highSecArray, mediumSecArray, lowSecArray = [], [], []
# or
highSecArray = []
mediumSecArray = []
lowSecArray = []
答案 1 :(得分:0)
你在这里采取的方法已经足够了解你应该在一个非常常规的解析操作中被绊倒。让我们解决你的问题:
好消息是您的数据格式足够好,每种类型的线都有不同的特征。您可以使用一些简单的正则表达式来提取所需的详细信息并进行分类。
把它们放在一起:
# Define which ciphers to expect
CIPHERS = [ :high, :medium, :low ]
# Variable to capture the version
version = nil
# No expectation as to where to file the data yet
bucket = nil
# Create a series of buckets, one for each cipher type
ciphers = Hash[CIPHERS.map { |c| [ c, [ ] ] }]
# Read through the data line-by-line
DATA.readlines.each do |line|
# Skip lines that are blank, that is they don't contain at least a
# non-space character.
next unless (line.match(/\S/))
if (line.match(/SSL Version : (\S+)/))
# Capture the version information
version = $1
elsif (line.match(/(\S+) Strength Ciphers/))
# Pull out the first word and use that as the bucket
bucket = $1.downcase.to_sym
# Test that this makes sense
unless (CIPHERS.include?(bucket))
raise "Unknown cipher type #{$1}"
end
elsif (bucket)
# Add the line to the right bucket, but trim off leading and trailing spaces
ciphers[bucket] << line.sub(/\A\s+/, '').sub(/\s+\z/, '')
end
end
__END__
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128)
为简单起见,这将从DATA块(由__END__定义)读入,但您的程序可以使用它喜欢的任何输入源,例如$stdin或某个文件。
这为你提供了这样的输出,这里的格式为YAML以便于阅读:
---
:high:
- DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
- DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
- ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
- ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
- AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128)
:medium:
- EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
- ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
- DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
:low: []