Merge pull request #48 from RUB-NDS/bbrework

BB and Padding Oracle Rework Changes

Author: ic0ns

nbactions.xml

@@ -1,46 +1,46 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <actions>
-        <action>
-            <actionName>run</actionName>
-            <packagings>
-                <packaging>jar</packaging>
-            </packagings>
-            <goals>
-                <goal>process-classes</goal>
-                <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
-            </goals>
-            <properties>
-                <exec.args>-classpath %classpath de.rub.nds.tlsscanner.Main -connect scotthelme.co.uk -threads 20 -danger 0</exec.args>
-                <exec.executable>java</exec.executable>
-            </properties>
-        </action>
-        <action>
-            <actionName>debug</actionName>
-            <packagings>
-                <packaging>jar</packaging>
-            </packagings>
-            <goals>
-                <goal>process-classes</goal>
-                <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
-            </goals>
-            <properties>
-                <exec.args>-Xdebug -Xrunjdwp:transport=dt_socket,server=n,address=${jpda.address} -classpath %classpath de.rub.nds.tlsscanner.Main -connect scotthelme.co.uk -threads 20 -danger 0</exec.args>
-                <exec.executable>java</exec.executable>
-                <jpda.listen>true</jpda.listen>
-            </properties>
-        </action>
-        <action>
-            <actionName>profile</actionName>
-            <packagings>
-                <packaging>jar</packaging>
-            </packagings>
-            <goals>
-                <goal>process-classes</goal>
-                <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
-            </goals>
-            <properties>
-                <exec.args>-classpath %classpath de.rub.nds.tlsscanner.Main -connect scotthelme.co.uk -threads 20 -danger 0</exec.args>
-                <exec.executable>java</exec.executable>
-            </properties>
-        </action>
-    </actions>
+    <action>
+        <actionName>run</actionName>
+        <packagings>
+            <packaging>jar</packaging>
+        </packagings>
+        <goals>
+            <goal>process-classes</goal>
+            <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
+        </goals>
+        <properties>
+            <exec.args>-classpath %classpath de.rub.nds.tlsscanner.Main -connect localhost -threads 20 -danger 0</exec.args>
+            <exec.executable>java</exec.executable>
+        </properties>
+    </action>
+    <action>
+        <actionName>debug</actionName>
+        <packagings>
+            <packaging>jar</packaging>
+        </packagings>
+        <goals>
+            <goal>process-classes</goal>
+            <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
+        </goals>
+        <properties>
+            <exec.args>-Xdebug -Xrunjdwp:transport=dt_socket,server=n,address=${jpda.address} -classpath %classpath de.rub.nds.tlsscanner.Main -connect localhost -threads 20 -danger 0</exec.args>
+            <exec.executable>java</exec.executable>
+            <jpda.listen>true</jpda.listen>
+        </properties>
+    </action>
+    <action>
+        <actionName>profile</actionName>
+        <packagings>
+            <packaging>jar</packaging>
+        </packagings>
+        <goals>
+            <goal>process-classes</goal>
+            <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
+        </goals>
+        <properties>
+            <exec.args>-classpath %classpath de.rub.nds.tlsscanner.Main -connect localhost -threads 20 -danger 0</exec.args>
+            <exec.executable>java</exec.executable>
+        </properties>
+    </action>
+</actions>

pom.xml

@@ -3,18 +3,18 @@
     <modelVersion>4.0.0</modelVersion>
     <artifactId>TLS-Scanner</artifactId>
     <groupId>de.rub.nds.tlsscanner</groupId>
-    <version>2.4</version>
+    <version>2.5</version>
     <packaging>jar</packaging>
     <dependencies>
         <dependency>
             <groupId>de.rub.nds.tlsattacker</groupId>
             <artifactId>TLS-Core</artifactId>
-            <version>2.6</version>
+            <version>2.7</version>
         </dependency>
         <dependency>
             <groupId>de.rub.nds.tlsattacker</groupId>
             <artifactId>Attacks</artifactId>
-            <version>2.6</version>
+            <version>2.7</version>
         </dependency>
         <dependency>
             <groupId>junit</groupId>
@@ -27,6 +27,11 @@
             <artifactId>progressbar</artifactId>
             <version>0.7.1</version>
         </dependency>
+        <dependency>
+            <groupId>com.googlecode.json-simple</groupId>
+            <artifactId>json-simple</artifactId>
+            <version>1.1.1</version>
+        </dependency>
     </dependencies>
     <profiles>
         <profile>

src/main/java/de/rub/nds/tlsscanner/ConsoleLogger.java

@@ -16,6 +16,7 @@
  * @author robert
  */
 public class ConsoleLogger {
+
     public static final Logger CONSOLE = LogManager.getLogger("ConsoleLogger");
 
     private ConsoleLogger() {

src/main/java/de/rub/nds/tlsscanner/Main.java

@@ -18,6 +18,7 @@
 import java.io.IOException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.ThreadContext;
 
 /**
  *
@@ -38,23 +39,24 @@ public static void main(String[] args) throws IOException {
             }
             // Cmd was parsable
             try {
+                if (config.getGeneralDelegate().isDebug()) {
+                    ThreadContext.put("ROUTINGKEY", "special");
+                }
                 TlsScanner scanner = new TlsScanner(config);
                 long time = System.currentTimeMillis();
                 LOGGER.info("Performing Scan, this may take some time...");
                 SiteReport report = scanner.scan();
-                LOGGER.info("Scanned in:" + ((System.currentTimeMillis()-time)/1000) + "s\n");
-                if(!config.getGeneralDelegate().isDebug()){
+                LOGGER.info("Scanned in:" + ((System.currentTimeMillis() - time) / 1000) + "s\n");
+                if (!config.getGeneralDelegate().isDebug()) {
                     // ANSI escape sequences to erase the progressbar
                     ConsoleLogger.CONSOLE.info(AnsiEscapeSequence.ANSI_ONE_LINE_UP + AnsiEscapeSequence.ANSI_ERASE_LINE);
                 }
-                ConsoleLogger.CONSOLE.info("Scanned in: " + ((System.currentTimeMillis()-time)/1000) + "s\n" + report.getFullReport(config.getReportDetail()));
+                ConsoleLogger.CONSOLE.info("Scanned in: " + ((System.currentTimeMillis() - time) / 1000) + "s\n" + report.getFullReport(config.getReportDetail()));
             } catch (ConfigurationException E) {
-                LOGGER.info("Encountered a ConfigurationException aborting.");
-                LOGGER.warn(E);
+                LOGGER.error("Encountered a ConfigurationException aborting.", E);
             }
         } catch (ParameterException E) {
-            LOGGER.info("Could not parse provided parameters");
-            LOGGER.debug(E);
+            LOGGER.error("Could not parse provided parameters", E);
             commander.usage();
         }
     }

src/main/java/de/rub/nds/tlsscanner/MultiThreadedScanJobExecutor.java

@@ -15,6 +15,7 @@
 import de.rub.nds.tlsscanner.report.result.ProbeResult;
 import de.rub.nds.tlsscanner.report.SiteReport;
 import de.rub.nds.tlsscanner.probe.TlsProbe;
+import de.rub.nds.tlsscanner.probe.stats.ExtractedValueContainer;
 import de.rub.nds.tlsscanner.report.after.AfterProbe;
 import java.util.LinkedList;
 import java.util.List;
@@ -86,9 +87,7 @@ private SiteReport scan(ScannerConfig config, ScanJob scanJob, ProgressBar pb) {
             try {
                 resultList.add(probeResult.get());
             } catch (InterruptedException | ExecutionException ex) {
-                LOGGER.warn("Encoutered Exception while retrieving probeResult");
-                ex.printStackTrace();
-                LOGGER.warn(ex);
+                LOGGER.error("Encoutered Exception while retrieving probeResult", ex);
             }
         }
 
@@ -130,20 +129,39 @@ private SiteReport scan(ScannerConfig config, ScanJob scanJob, ProgressBar pb) {
             try {
                 resultList.add(probeResult.get());
             } catch (InterruptedException | ExecutionException ex) {
-                LOGGER.warn("Encoutered Exception while retrieving probeResult");
-                ex.printStackTrace();
-                LOGGER.warn(ex);
+                LOGGER.error("Encoutered Exception while retrieving probeResult", ex);
             }
         }
         // mergeData phase 2
         for (ProbeResult result : resultList) {
             result.merge(report);
         }
-        //phase 3 - afterprobes
+        //phase 3 - collect statistics
+        List<TlsProbe> allProbes = scanJob.getJoinedProbes();
+        List<ExtractedValueContainer> globalContainerList = new LinkedList<>();
+        for (TlsProbe probe : allProbes) {
+            List<ExtractedValueContainer> tempContainerList = probe.getWriter().getCumulatedExtractedValues();
+            for (ExtractedValueContainer tempContainer : tempContainerList) {
+                //Try to find the original container , if it not found add it
+                ExtractedValueContainer targetContainer = null;
+                for (ExtractedValueContainer globalContainer : globalContainerList) {
+                    if (tempContainer.getType() == globalContainer.getType()) {
+                        targetContainer = globalContainer;
+                        break;
+                    }
+                }
+                if (targetContainer == null) {
+                    targetContainer = new ExtractedValueContainer(tempContainer.getType());
+                    globalContainerList.add(targetContainer);
+                }
+                targetContainer.getExtractedValueList().addAll(tempContainer.getExtractedValueList());
+            }
+        }
+        report.setExtractedValueContainerList(globalContainerList);
+        //phase 4 - afterprobes
         for (AfterProbe afterProbe : scanJob.getAfterProbes()) {
             afterProbe.analyze(report);
         }
-        executor.shutdown();
         LOGGER.info("Finished scan for: " + hostname);
         return report;
     }
@@ -152,7 +170,7 @@ private void checkProbesDone(List<Future<ProbeResult>> futureResults, ProgressBa
         boolean isNotReady = true;
         int done = 0;
         int tempDone = 0;
-        while (isNotReady) {
+        while (isNotReady && futureResults.size() > 0) {
             tempDone = 0;
             for (Future<ProbeResult> probeResult : futureResults) {
                 if (probeResult.isDone()) {

src/main/java/de/rub/nds/tlsscanner/ScanJob.java

@@ -10,6 +10,7 @@
 
 import de.rub.nds.tlsscanner.probe.TlsProbe;
 import de.rub.nds.tlsscanner.report.after.AfterProbe;
+import java.util.LinkedList;
 import java.util.List;
 
 /**
@@ -39,4 +40,11 @@ public List<TlsProbe> getPhaseTwoTestList() {
     public List<AfterProbe> getAfterProbes() {
         return afterList;
     }
+
+    public List<TlsProbe> getJoinedProbes() {
+        List<TlsProbe> probeList = new LinkedList<>();
+        probeList.addAll(phaseOneTestList);
+        probeList.addAll(phaseTwoTestList);
+        return probeList;
+    }
 }