J. Loffhagen
Reputation: 15
Ruby ignoring boolean value in IF statement
I am parsing some Nessus scans, and am trying to split the output of plugin 21643 into 3 different arrays, highSecArray, mediumSecArray, and lowSecArray depending on their Cipher strength. I am going line by line and have been setting flags to put the values in their proper array. A sample of the input is;
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
I have it trimmed down to an array with just the following, which is saved in an array (one line per array element)
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
My issue is with splitting the different strengths into different arrays. I have the following code to do it, which should work but does not. It fills all 3 arrays with each line, ignoring the if stating the flag must be set to true. I am outputting the actual flag values with the lines are they are properly set.
(1..count).each do |inc|
version = hash[inc][0].split(" : ")[1]
highSecArray = mediumSecArray = lowSecArray = []
highFlag = mediumFlag = lowFlag = false
puts "=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=#{inc}\\/#{version}=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-="
puts hash[inc]
hash[inc].each do |line|
if line.include? "Low Strength Ciphers"
lowFlag = true
mediumFlag = highFlag = false
elsif line.include? "Medium Strength Ciphers"
mediumFlag = true
lowFlag = highFlag = false
elsif line.include? "High Strength Ciphers"
highFlag = true
lowFlag = mediumFlag = false
else
puts "High:\t#{highFlag}\nMedium:\t#{mediumFlag}\nLow:\t#{lowFlag}\nLine:#{line}\n\n"
highSecArray << line if line != "" && highFlag == true
mediumSecArray << line if line != "" && mediumFlag == true
lowSecArray << line if line != "" && lowFlag == true
end # end if
end
puts "-----------------------High-----------------------"
puts highSecArray
puts "-----------------------Medium-----------------------"
puts mediumSecArray
puts "-----------------------Low-----------------------"
puts lowSecArray
end # end 1..count.each do
The console output I have been using to debug is as follows, it has the input at the top, then the current state of the boolean operators for each line (along with the line itself), followed by each array's contents in the end. The medium array should only have 2 lines, high should have 8 and the low should be empty, but all 3 have all the lines in them.
=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=1\/TLSv12=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
High: false
Medium: false
Low: false
Line:SSL Version : TLSv12
High: false
Medium: true
Low: false
Line: ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High: false
Medium: true
Low: false
Line: DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High: false
Medium: true
Low: false
Line:
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
High: true
Medium: false
Low: false
Line: AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
High: true
Medium: false
Low: false
Line: AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
High: true
Medium: false
Low: false
Line: ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
High: true
Medium: false
Low: false
Line: RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
High: true
Medium: false
Low: false
Line: RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
High: true
Medium: false
Low: false
Line:
High: true
Medium: false
Low: false
Line:
-----------------------High-----------------------
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
-----------------------Medium-----------------------
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
-----------------------Low-----------------------
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDHE Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
I can't figure out why all the arrays are getting every value, any help is greatly appreciated! Thanks in advance
Upvotes: 0
Views: 71
Answers (2)
tadman
Reputation: 211610
The approach you're taking here is going against the grain enough you're getting tripped up on what should be a pretty routine parsing operation. Let's break down your problems:
- There's a header row that requires special handling.
- There's section identifiers that change the classification of subsequent lines.
- There's data lines that need to be parsed and sorted into bins.
The good news is your data is sufficiently well formatted that each type of line has distinct characteristics. You can use some simple regular expressions to extract the required details and do the classification.
Putting this together:
# Define which ciphers to expect
CIPHERS = [ :high, :medium, :low ]
# Variable to capture the version
version = nil
# No expectation as to where to file the data yet
bucket = nil
# Create a series of buckets, one for each cipher type
ciphers = Hash[CIPHERS.map { |c| [ c, [ ] ] }]
# Read through the data line-by-line
DATA.readlines.each do |line|
# Skip lines that are blank, that is they don't contain at least a
# non-space character.
next unless (line.match(/\S/))
if (line.match(/SSL Version : (\S+)/))
# Capture the version information
version = $1
elsif (line.match(/(\S+) Strength Ciphers/))
# Pull out the first word and use that as the bucket
bucket = $1.downcase.to_sym
# Test that this makes sense
unless (CIPHERS.include?(bucket))
raise "Unknown cipher type #{$1}"
end
elsif (bucket)
# Add the line to the right bucket, but trim off leading and trailing spaces
ciphers[bucket] << line.sub(/\A\s+/, '').sub(/\s+\z/, '')
end
end
__END__
SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128)
For simplicity this reads in from the DATA block (defined by __END__) but your program can use whatever input source it prefers, like $stdin or some file.
This gives you output like this, here formatted in YAML for readability:
---
:high:
- DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
- DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
- ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
- ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
- AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128)
:medium:
- EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
- ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
- DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
:low: []
Upvotes: 0
Jörg W Mittag
Reputation: 369478
I can't figure out why all the arrays are getting every value
There are no "arrays" (plural) in your code. There is only one array (singular):
highSecArray = mediumSecArray = lowSecArray = []
You are setting all three variables to the same single array. You should set them to different arrays:
highSecArray, mediumSecArray, lowSecArray = [], [], []
# or
highSecArray = []
mediumSecArray = []
lowSecArray = []
Upvotes: 5
Related Questions
- Issues with basic ruby if statement
- Ruby if statements is always else
- Conditional Boolean If statement syntax in ruby
- Checking value of an index in an If statement Ruby
- How to set an IF statement comparing to values inside an array? (Ruby)
- If/elsif/else statement is skipping straight to else
- if VARIABLE in ARRAY ruby
- Processing Array and returning boolean value
- Ruby If condition that looks at all contents of an array
- Boolean comparison of array of strings in Ruby