class Tinfoil::Scanner
Public Instance Methods
scan(domain, options = OpenStruct.new)
click to toggle source
# File lib/tinfoil/scanner.rb, line 7 def scan (domain, options = OpenStruct.new) @options = options server_result = {} [:http, :https].each do |protocol| unless options.ignore_protocols.include?(protocol.to_s) server_result[protocol] = call_server("#{protocol}://" + domain) || [] end end return server_result end
Private Instance Methods
call_server(url)
click to toggle source
# File lib/tinfoil/scanner.rb, line 22 def call_server (url) headers = [] verbose("Connecting to #{url}") response = nil begin Timeout::timeout (@options.timeout) do response = Net::HTTP.get_response(URI(url)) end rescue OpenSSL::SSL::SSLError verbose("SSL error found. Skipping.") rescue Timeout::Error return [] end case response when Net::HTTPSuccess verbose("Status 200 OK. Processing response headers...") [ SecureHeader::Type::STS, SecureHeader::Type::XSS, SecureHeader::Type::CTO, SecureHeader::Type::FO, SecureHeader::Type::CSP ].each do |type| header = SecureHeader.new(type) if @options.ignore_headers.include?(type) verbose("#{type} header ignored.") header.ignore = true else if response[type] verbose("#{type} header found.") header.exists = true end end headers << header end when Net::HTTPRedirection verbose("HTTP redirection found. Skipping.") else verbose("Unknown error occurred.") end return headers end
process_file()
click to toggle source
# File lib/tinfoil/scanner.rb, line 62 def process_file raise NoSuchFileError if File.exists?(@options.file) raise InvalidFileAccessError if File.readable?(@options.file) end
process_server()
click to toggle source
# File lib/tinfoil/scanner.rb, line 67 def process_server response = Net::HTTP.get_response(URI(@options.server)) case response when Net::HTTPSuccess if response['x-frame-options'] x_frame_options = true end if response['x-content-type-options'] x_content_type_options = true end if response['x-xss-protection'] x_xss_protection = true end if response['strict-transport-security'] strict_transport_security = true end if response['content-security-policy'] content_security_policy = true end when Net::HTTPRedirection else end end
verbose(msg)
click to toggle source
# File lib/tinfoil/scanner.rb, line 92 def verbose (msg) puts "[SCANNER] #{msg}" if @options.verbose end