RubygemsResearch

Sha256: 51273c71ae51374ad02d6104651aa518e6c6f8fa786e4543e7200ceed1f34f87

Contents?: true

Size: 865 Bytes

Versions: 58

Compression:

Stored size: 865 Bytes

#!/usr/bin/env ruby

require 'oj'

SEARCHES = {
  "data.ipmi_compat_password"           => { value: "1", name: "straight-pass" },
  "data.ipmi_compat_md2"                => { value: "1", name: "md2" },
  "data.ipmi_compat_none"               => { value: "1", name: "noauth" },
  "data.ipmi_user_disable_message_auth" => { value: "1", name: "permsg" },
  "data.ipmi_user_disable_user_auth"    => { value: "1", name: "usrlvl" }
}

def search(hash)
  SEARCHES.each do | key, vuln |
    if hash[key] == vuln[:value]
      hash["VULN-IPMI-#{vuln[:name].upcase}"] = "true"
    end
  end
  if (hash['data.ipmi_user_non_null'] == "0") && (hash['data.ipmi_user_null'] == "0")
    hash["VULN-IPMI-ANON"] = "true"
  end 
  hash
end

$stdin.each_line do |line|
  json = Oj.load(line.unpack("C*").pack("C*").strip) rescue nil
  next unless json
  puts Oj.dump(search(json))
end

Version data entries

58 entries across 58 versions & 1 rubygems

Version	Path
dap-1.3.1	tools/ipmi-vulns.rb
dap-1.3.0	tools/ipmi-vulns.rb
dap-1.2.9	tools/ipmi-vulns.rb
dap-1.2.8	tools/ipmi-vulns.rb
dap-1.2.7	tools/ipmi-vulns.rb
dap-1.2.6	tools/ipmi-vulns.rb
dap-1.2.5	tools/ipmi-vulns.rb
dap-1.2.4	tools/ipmi-vulns.rb
dap-1.2.3	tools/ipmi-vulns.rb
dap-1.2.2	tools/ipmi-vulns.rb
dap-1.2.1	tools/ipmi-vulns.rb
dap-1.2.0	tools/ipmi-vulns.rb
dap-1.0.2	tools/ipmi-vulns.rb
dap-1.0.1	tools/ipmi-vulns.rb
dap-1.0.0	tools/ipmi-vulns.rb
dap-0.1.24	tools/ipmi-vulns.rb
dap-0.1.23	tools/ipmi-vulns.rb
dap-0.1.22	tools/ipmi-vulns.rb
dap-0.1.21	tools/ipmi-vulns.rb
dap-0.1.20	tools/ipmi-vulns.rb