arraysrubyif-statementnessus

Ruby ignoring boolean value in IF statement


I am parsing some Nessus scans, and am trying to split the output of plugin 21643 into 3 different arrays, highSecArray, mediumSecArray, and lowSecArray depending on their Cipher strength. I am going line by line and have been setting flags to put the values in their proper array. A sample of the input is;

Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

The fields above are :

  {OpenSSL ciphername}
  Kx={key exchange}
  Au={authentication}
  Enc={symmetric encryption method}
  Mac={message authentication code}
  {export flag}

I have it trimmed down to an array with just the following, which is saved in an array (one line per array element)

SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1 

My issue is with splitting the different strengths into different arrays. I have the following code to do it, which should work but does not. It fills all 3 arrays with each line, ignoring the if stating the flag must be set to true. I am outputting the actual flag values with the lines are they are properly set.

(1..count).each do |inc|
      version = hash[inc][0].split(" : ")[1]
      highSecArray = mediumSecArray = lowSecArray = []
      highFlag = mediumFlag = lowFlag = false

      puts "=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=#{inc}\\/#{version}=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-="
      puts hash[inc]

      hash[inc].each do |line|
        if line.include? "Low Strength Ciphers"
          lowFlag = true
          mediumFlag = highFlag = false
        elsif line.include? "Medium Strength Ciphers"
          mediumFlag = true
          lowFlag = highFlag = false
        elsif line.include? "High Strength Ciphers"
          highFlag = true
          lowFlag = mediumFlag = false
        else
          puts "High:\t#{highFlag}\nMedium:\t#{mediumFlag}\nLow:\t#{lowFlag}\nLine:#{line}\n\n"

          highSecArray << line if line != "" && highFlag == true
          mediumSecArray << line if line != "" && mediumFlag == true
          lowSecArray << line if line != "" && lowFlag == true
        end # end if
      end
      puts "-----------------------High-----------------------"
      puts highSecArray
      puts "-----------------------Medium-----------------------"
      puts mediumSecArray
      puts "-----------------------Low-----------------------"
      puts lowSecArray
  end # end 1..count.each do

The console output I have been using to debug is as follows, it has the input at the top, then the current state of the boolean operators for each line (along with the line itself), followed by each array's contents in the end. The medium array should only have 2 lines, high should have 8 and the low should be empty, but all 3 have all the lines in them.

=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=1\/TLSv12=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=
SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  


High:   false
Medium: false
Low:    false
Line:SSL Version : TLSv12

High:   false
Medium: true
Low:    false
Line:      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

High:   false
Medium: true
Low:    false
Line:      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

High:   false
Medium: true
Low:    false
Line:

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  

High:   true
Medium: false
Low:    false
Line:      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:

High:   true
Medium: false
Low:    false
Line:

-----------------------High-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  
-----------------------Medium-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  
-----------------------Low-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  

I can't figure out why all the arrays are getting every value, any help is greatly appreciated! Thanks in advance


Solution

  • I can't figure out why all the arrays are getting every value

    There are no "arrays" (plural) in your code. There is only one array (singular):

     highSecArray = mediumSecArray = lowSecArray = []
    

    You are setting all three variables to the same single array. You should set them to different arrays:

     highSecArray, mediumSecArray, lowSecArray = [], [], []
     # or
     highSecArray   = []
     mediumSecArray = []
     lowSecArray    = []