From dba2ea1a3f760aa7066a7184517cfe26eb9e9f32 Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Wed, 6 Feb 2019 17:31:27 +0100 Subject: [PATCH 1/7] Add Cookies support --- index.js | 6 ++- lib/cookies.js | 128 +++++++++++++++++++++++++++++++++++++++++++++++++ lib/tasks.js | 58 ++++++++++++++++++++-- package.json | 13 ++++- 4 files changed, 198 insertions(+), 7 deletions(-) create mode 100644 lib/cookies.js diff --git a/index.js b/index.js index 176e02b..b6f5385 100755 --- a/index.js +++ b/index.js @@ -25,6 +25,7 @@ app .option('-a, --analytics', 'checks for Google Analytics & Piwik') .option('-t, --tracking', 'checks for Social Media tracking & embeds') .option('-c, --cdn', 'checks for Content Delivery Networks') + .option('-k, --cookies [expiration delay, in month]', 'checks for cookies lifetime (< 13 month by defaut)', false) //.option('-r, --recursive', 'tries to follow links to check every internal site', false) .action((url, args) => { // Error Handling @@ -46,9 +47,10 @@ app if (args.parent.mute) ui.set('silent'); // initialize the task runner - const tasks = new Tasks(url, ui); + const tasks = new Tasks(url, ui, args); if (args.ssl) tasks.new('ssl'); + if (args.cookies) tasks.new('cookies'); if (args.fonts) tasks.new('fonts'); if (args.prefetching) tasks.new('prefetching'); if (args.analytics) tasks.new('analytics'); @@ -72,4 +74,4 @@ app app.parse(process.argv); -//if (!app.args.length) app.help(); \ No newline at end of file +//if (!app.args.length) app.help(); diff --git a/lib/cookies.js b/lib/cookies.js new file mode 100644 index 0000000..af96f49 --- /dev/null +++ b/lib/cookies.js @@ -0,0 +1,128 @@ +/*! + * cookies (adaptated from server-side cookies from https://github.com/pillarjs/cookies) + * Copyright(c) 2014 Jed Schmidt, http://jed.is/ + * Copyright(c) 2015-2016 Douglas Christopher Wilson + * Copyright(c) 2018 Baptiste LARVOL-SIMON, http://www.e-glop.net/ + * MIT Licensed + */ + +'use strict' + +var deprecate = require('depd')('cookies') +var Keygrip = require('keygrip') +var cache = {} + +/** + * RegExp to match field-content in RFC 7230 sec 3.2 + * + * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] + * field-vchar = VCHAR / obs-text + * obs-text = %x80-FF + */ + +var fieldContentRegExp = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/; + +/** + * RegExp to match Same-Site cookie attribute value. + */ + +var sameSiteRegExp = /^(?:lax|strict)$/i + +function Cookies(response){ + this.response = response; +} + +/** + * @return Array + **/ +Cookies.prototype.fetchAll = function() { + var header, cookies = []; + + header = this.response.headers["set-cookie"]; + if (!header) return []; + + header.forEach(cook => { + var name, + attrs = [], + data = cook.split(/\\{0}; /) + + name = data.shift().split('='); + data.forEach(attr => { + var dat = attr.split('='); + attrs[dat[0]] = dat[1]; + }); + + cookies.push(new Cookie(name[0], name[1], attrs)); + }); + + return cookies; +} + +function Cookie(name, value, attrs) { + if (!fieldContentRegExp.test(name)) { + throw new TypeError('argument name is invalid'); + } + + if (value && !fieldContentRegExp.test(value)) { + throw new TypeError('argument value is invalid'); + } + + value || (this.expires = new Date(0)) + + this.name = name + this.value = value || "" + + for (var name in attrs) { + switch ( name ) { + case 'secure': + this[name] = true; + break; + case 'expires': + this[name] = new Date(attrs[name]); + break; + default: + this[name] = attrs[name]; + } + } + + if (this.path && !fieldContentRegExp.test(this.path)) { + throw new TypeError('option path is invalid'); + } + + if (this.domain && !fieldContentRegExp.test(this.domain)) { + throw new TypeError('option domain is invalid'); + } + + if (this.sameSite && this.sameSite !== true && !sameSiteRegExp.test(this.sameSite)) { + throw new TypeError('option sameSite is invalid') + } +} + +Cookie.prototype.path = "/"; +Cookie.prototype.expires = undefined; +Cookie.prototype.domain = undefined; +Cookie.prototype.httpOnly = true; +Cookie.prototype.sameSite = false; +Cookie.prototype.secure = false; +Cookie.prototype.overwrite = false; + +// back-compat so maxage mirrors maxAge +Object.defineProperty(Cookie.prototype, 'maxage', { + configurable: true, + enumerable: true, + get: function () { return this.maxAge }, + set: function (val) { return this.maxAge = val } +}); +deprecate.property(Cookie.prototype, 'maxage', '"maxage"; use "maxAge" instead') + +function getPattern(name) { + if (cache[name]) return cache[name] + + return cache[name] = new RegExp( + "(?:^|;) *" + + name.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, "\\$&") + + "=([^;]*)" + ) +} + +module.exports = Cookies diff --git a/lib/tasks.js b/lib/tasks.js index f559a29..9705a9d 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -8,9 +8,10 @@ const HTMLParser = require('./html-parser'); const FontsParser = require('./fonts-parser'); // const tools = require('./tools'); const UI = require('./ui'); +const Cookies = require('./cookies'); class Tasks { - constructor(url, uiInstance) { + constructor(url, uiInstance, args) { this.default_tasks = { normalize: { dependencies: [], @@ -29,6 +30,9 @@ class Tasks { dependencies: ['html', 'css', 'js'], mandatory: true }, + cookies: { + dependencies: ['html', 'css'] + }, ssl: { dependencies: ['html', 'css'] }, @@ -57,6 +61,7 @@ class Tasks { this.ui = (!uiInstance) ? new UI() : uiInstance; this.hp; + this.args = args; this.url = url; this.tasks = []; this.data = {}; @@ -69,13 +74,15 @@ class Tasks { /** * Adds a new Task to the list * @param {string} task + * @param {string} arg value * @class Tasks */ - new(task) { + new(task, value) { this.default_tasks[task].dependencies.forEach(dep => { if (this.tasks.indexOf(dep) === -1) this.tasks.push(dep); }); if (this.tasks.indexOf(task) === -1) this.tasks.push(task); + if ( value !== undefined ) this.value = value; } @@ -159,6 +166,7 @@ class Tasks { this.getPrefetchingInformation(); this.getAnalyticsInformation(); this.getCDNInformation(); + this.getCookiesInformation(); console.log(''); // console.log('Remaining: ', this.tasks); @@ -395,6 +403,50 @@ class Tasks { } + /** + * Gathers Cookies Information + * @class Tasks + */ + getCookiesInformation() { + if (!this.hasTask('cookies')) { + return; + } + + this.args.cookies = parseInt(this.args.cookies,10) ? parseInt(this.args.cookies,10) : 13; + + // go away if no cookie is given + if (typeof this.data.html.headers['set-cookie'] != 'object') { + return; + } + + var getter = new Cookies(this.data.html); + var cookies = getter.fetchAll(); + + if ( cookies.length == 0 ) { + this.ui.headline('No cookie set'); + this.remove('cookies'); + return; + } + + var strtotime = require('locutus/php/datetime/strtotime'); + + this.ui.headline('Cookies'); + for ( var i in cookies ) { + var t1 = cookies[i].expires.getTime(), + t2 = new Date(strtotime('+'+this.args.cookies+' month 1 hour')*1000).getTime(); + + if ( t1 > t2 ) { + this.ui.error('Cookie "'+cookies[i].name+'" expires in more than '+this.args.cookies+' month (expires on '+cookies[i].expires.toLocaleDateString()+')', true); + continue; + } + this.ui.listitem(cookies[i].name, 'Expires on '+cookies[i].expires.toLocaleDateString()+' and '+(cookies[i].secure ? 'secure' : 'unsecure')); + } + + this.remove('cookies'); + return; + } + + /** * Gathes General Information (meta data) of the Website * @class Tasks @@ -670,4 +722,4 @@ class Tasks { } } -module.exports = Tasks; \ No newline at end of file +module.exports = Tasks; diff --git a/package.json b/package.json index 85d1514..48987fd 100644 --- a/package.json +++ b/package.json @@ -20,13 +20,22 @@ "cliui": "^4.1.0", "commander": "^2.15.1", "css": "^2.2.3", + "depd": "~1.1.2", "fs-extra": "^6.0.1", "get-ssl-certificate": "^2.1.2", "got": "^8.3.1", + "keygrip": "~1.0.3", + "locutus": "^2.0.10", "moment": "^2.22.1", "rootpath": "^0.1.2" }, "devDependencies": { - "ava": "^0.25.0" + "ava": "^0.25.0", + "eslint": "3.19.0", + "express": "4.16.4", + "istanbul": "0.4.5", + "mocha": "5.2.0", + "restify": "6.4.0", + "supertest": "3.3.0" } -} \ No newline at end of file +} From daf2ce607fbf7901c4bd325212e2cd82d037197c Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Wed, 6 Feb 2019 18:02:53 +0100 Subject: [PATCH 2/7] add preliminary changes --- index.js | 2 ++ lib/tasks.js | 21 +++++++++++++++++++++ test.js | 7 +++++++ 3 files changed, 30 insertions(+) create mode 100644 test.js diff --git a/index.js b/index.js index b6f5385..b62105d 100755 --- a/index.js +++ b/index.js @@ -13,6 +13,7 @@ const ui = new UI(); // initialize the UI app .version(require('./package.json').version, '-V, --version') .option('-v, --verbose', 'shows you every single step') + .option('-z, --nfz', 'displays informations related to website report operating procedure, AKA NF Z67-147 in France.') .option('-m, --mute', 'shows only the results of the analysis'); app @@ -49,6 +50,7 @@ app // initialize the task runner const tasks = new Tasks(url, ui, args); + if (args.parent.nfz) tasks.new('nfz'); if (args.ssl) tasks.new('ssl'); if (args.cookies) tasks.new('cookies'); if (args.fonts) tasks.new('fonts'); diff --git a/lib/tasks.js b/lib/tasks.js index 9705a9d..bfdcea9 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -30,6 +30,9 @@ class Tasks { dependencies: ['html', 'css', 'js'], mandatory: true }, + nfz: { + dependencies: ['html', 'css', 'js'], + }, cookies: { dependencies: ['html', 'css'] }, @@ -160,6 +163,7 @@ class Tasks { // console.log('Remaining: ', this.tasks); this.getGeneralInformation(); + this.getNFZInformations(); this.getSSLInformation(); this.getFontInformation(); this.getSocialMediaInformation(); @@ -447,6 +451,23 @@ class Tasks { } + /** + * Gathes NF Z67-147 informations (meta data) about the audit + * @class Tasks + */ + getNFZInformations() { + if (!this.hasTask('nfz')) { + console.error('z67 out'); + return; + } + + this.ui.headline('NF Z67-147 informations about the current audit'); + + const os = require('os') + this.ui.listitem('Operating system', os.type()+' '+os.release()+' '+os.arch()); + // etc. + } + /** * Gathes General Information (meta data) of the Website * @class Tasks diff --git a/test.js b/test.js new file mode 100644 index 0000000..b6636a5 --- /dev/null +++ b/test.js @@ -0,0 +1,7 @@ +#!/usr/bin/env node --harmony + +'use strict' + +const os = require('os'); + +console.error(os.type(), os.release(), os.arch()); From b038e2af36a46092c20ab34e3f8c6ae98660ed25 Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Thu, 7 Feb 2019 09:25:46 +0100 Subject: [PATCH 3/7] Going further into NF Z67-147 + preparation of further auditing --- index.js | 4 +- lib/recommendation-collection.js | 39 +++++++++++++++++ lib/tasks.js | 72 +++++++++++++++++++++++++++++--- package.json | 1 + test.js | 22 ++++++++++ 5 files changed, 131 insertions(+), 7 deletions(-) create mode 100644 lib/recommendation-collection.js diff --git a/index.js b/index.js index b62105d..569846a 100755 --- a/index.js +++ b/index.js @@ -14,7 +14,8 @@ app .version(require('./package.json').version, '-V, --version') .option('-v, --verbose', 'shows you every single step') .option('-z, --nfz', 'displays informations related to website report operating procedure, AKA NF Z67-147 in France.') - .option('-m, --mute', 'shows only the results of the analysis'); + .option('-a, --audit', 'displays recommandations for further auditing') + .option('-m, --mute', 'shows only the results of the analysis') app .command('scan [url]') @@ -51,6 +52,7 @@ app const tasks = new Tasks(url, ui, args); if (args.parent.nfz) tasks.new('nfz'); + if (args.parent.audit) tasks.new('audit'); if (args.ssl) tasks.new('ssl'); if (args.cookies) tasks.new('cookies'); if (args.fonts) tasks.new('fonts'); diff --git a/lib/recommendation-collection.js b/lib/recommendation-collection.js new file mode 100644 index 0000000..ed8cd05 --- /dev/null +++ b/lib/recommendation-collection.js @@ -0,0 +1,39 @@ +/* + * recommendation-collection + * Copyright(c) 2018 Baptiste LARVOL-SIMON, http://www.e-glop.net/ + * MIT Licensed + */ + +'use strict' + +function RecommendationCollection(){ +} + +RecommendationCollection.prototype.collection = {}; + +/** + * @return void + **/ +RecommendationCollection.prototype.add = function(key, value) { + if ( !Array.isArray(this.collection[key]) ) { + this.collection[key] = [] + } + + this.collection[key].push(value); +} + +/** + * @return Array + **/ +RecommendationCollection.prototype.getTopics = function() { + return Object.keys(this.collection); +} + +/** + * @return Array + **/ +RecommendationCollection.prototype.getWarningsFor = function(key) { + return this.collection[key]; +} + +module.exports = RecommendationCollection; diff --git a/lib/tasks.js b/lib/tasks.js index bfdcea9..ed31aac 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -9,6 +9,7 @@ const FontsParser = require('./fonts-parser'); // const tools = require('./tools'); const UI = require('./ui'); const Cookies = require('./cookies'); +const RecommendationCollection = require('./recommendation-collection'); class Tasks { constructor(url, uiInstance, args) { @@ -31,7 +32,10 @@ class Tasks { mandatory: true }, nfz: { - dependencies: ['html', 'css', 'js'], + dependencies: [], + }, + audit: { + dependencies: [], }, cookies: { dependencies: ['html', 'css'] @@ -68,6 +72,7 @@ class Tasks { this.url = url; this.tasks = []; this.data = {}; + this.recommendations = new RecommendationCollection(); // Put mandatory tasks already in the task list this.tasks = this.tasks.concat(this.getMandatoryTasks()); @@ -171,6 +176,7 @@ class Tasks { this.getAnalyticsInformation(); this.getCDNInformation(); this.getCookiesInformation(); + this.getAuditInformations(); console.log(''); // console.log('Remaining: ', this.tasks); @@ -192,6 +198,11 @@ class Tasks { this.data.social.fb_graph = social.hasFacebookSocialGraph(this.data.js); this.data.social.pinterest = social.hasPinterest(this.data.js); + for ( var sm in this.data.social ) { + if ( !this.data.social[sm] ) continue; + this.recommendations.add('Social medias processors', sm); + } + //console.log('FB CONNECT:', this.data.social.fb_connect); //console.log('FB SOCIAL GRAPH:', this.data.social.fb_graph); //console.log('PINTEREST:', this.data.social.pinterest); @@ -440,6 +451,7 @@ class Tasks { t2 = new Date(strtotime('+'+this.args.cookies+' month 1 hour')*1000).getTime(); if ( t1 > t2 ) { + this.recommendations.add('Cookies', 'lifetime'); this.ui.error('Cookie "'+cookies[i].name+'" expires in more than '+this.args.cookies+' month (expires on '+cookies[i].expires.toLocaleDateString()+')', true); continue; } @@ -456,16 +468,63 @@ class Tasks { * @class Tasks */ getNFZInformations() { - if (!this.hasTask('nfz')) { - console.error('z67 out'); - return; - } + if (!this.hasTask('nfz')) return; this.ui.headline('NF Z67-147 informations about the current audit'); const os = require('os') + const pkg = require('../package.json'); this.ui.listitem('Operating system', os.type()+' '+os.release()+' '+os.arch()); - // etc. + this.ui.listitem('Software', pkg.name+'-'+pkg.version+' - '+pkg.description); + this.ui.listitem('Web cache', 'Voided'); + this.ui.listitem('Web cookies', 'Voided'); + this.ui.listitem('Web proxy', 'Null'); + this.ui.listitem('Date & time', new Date().toLocaleString()); + + const dns = require('dns'); + const tld = this.url.replace(/^https{0,1}:\/\/([^\/]+)\/.*$/, '$1'); + var tasks = this; + + dns.resolve(tld, 'A', function(err, addresses){ + if ( err !== null ) return; + tasks.ui.listitem('Website IPv4', addresses); + }); + dns.resolve(tld, 'AAAA', function(err, addresses){ + if ( err !== null ) return; + tasks.ui.listitem('Website IPv6', addresses); + }); + dns.resolve('resolver1.opendns.com', 'A', function(err, addresses){ + dns.setServers(addresses); + dns.resolve('myip.opendns.com', 'A', function(err, addresses){ + if ( err !== null ) return; + tasks.ui.listitem("Auditor's IPv4", addresses); + }); + dns.resolve('myip.opendns.com', 'AAAA', function(err, addresses){ + if ( err !== null ) return; + tasks.ui.listitem("Auditor's IPv6", addresses); + }); + }); + } + + /** + * Gathes further recommendations for further human audit + * @class Tasks + */ + getAuditInformations() { + if (!this.hasTask('audit')) { + console.error('no recommendation expected'); + return; + } + + this.ui.headline('Recommendations for further human audit'); + + var topics = this.recommendations.getTopics(); + for ( var i in topics ) { + var recos = this.recommendations.getWarningsFor(topics[i]); + recos.forEach(reco => { + this.ui.listitem(topics[i], 'Check '+reco); + }); + } } /** @@ -744,3 +803,4 @@ class Tasks { } module.exports = Tasks; + diff --git a/package.json b/package.json index 48987fd..af0b1dd 100644 --- a/package.json +++ b/package.json @@ -13,6 +13,7 @@ }, "repository": "https://github.com/mirkoschubert/gdpr-check.git", "author": "Mirko Schubert ", + "contributors": ["Baptiste LARVOL-SIMON (http://www.e-glop.net/)"], "license": "MIT", "dependencies": { "chalk": "^2.4.1", diff --git a/test.js b/test.js index b6636a5..29e4b34 100644 --- a/test.js +++ b/test.js @@ -2,6 +2,28 @@ 'use strict' +const arr = []; +console.log(typeof arr); + +/* const os = require('os'); +const pkg = require('./package.json'); console.error(os.type(), os.release(), os.arch()); +console.error(pkg.name, pkg.version, pkg.description); +console.error(new Date().toLocaleString()); + +const dns = require('dns'); +const url = 'http://myurl.tld/glop'; +console.error(url.replace(/^https{0,1}:\/\/([^\/]+)\/.*$/, '$1')); +//dns.resolve('resolver1.opendns.com', 'A', function(err, addresses){ + +/* +dns.resolve('resolver1.opendns.com', 'A', function(err, addresses){ + console.error(err, addresses); + dns.setServers(addresses); + dns.resolve('myip.opendns.com', 'A', function(err, addresses){ + console.error(err, addresses); + }); +}) +*/ From dfe5964d2d99ccb3c2a8c3b6783df3557d807fb4 Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Thu, 7 Feb 2019 17:03:22 +0100 Subject: [PATCH 4/7] rollback to NF Z67-147 only --- index.js | 2 -- lib/recommendation-collection.js | 39 -------------------------------- lib/tasks.js | 26 --------------------- 3 files changed, 67 deletions(-) delete mode 100644 lib/recommendation-collection.js diff --git a/index.js b/index.js index 569846a..b07a9cd 100755 --- a/index.js +++ b/index.js @@ -14,7 +14,6 @@ app .version(require('./package.json').version, '-V, --version') .option('-v, --verbose', 'shows you every single step') .option('-z, --nfz', 'displays informations related to website report operating procedure, AKA NF Z67-147 in France.') - .option('-a, --audit', 'displays recommandations for further auditing') .option('-m, --mute', 'shows only the results of the analysis') app @@ -52,7 +51,6 @@ app const tasks = new Tasks(url, ui, args); if (args.parent.nfz) tasks.new('nfz'); - if (args.parent.audit) tasks.new('audit'); if (args.ssl) tasks.new('ssl'); if (args.cookies) tasks.new('cookies'); if (args.fonts) tasks.new('fonts'); diff --git a/lib/recommendation-collection.js b/lib/recommendation-collection.js deleted file mode 100644 index ed8cd05..0000000 --- a/lib/recommendation-collection.js +++ /dev/null @@ -1,39 +0,0 @@ -/* - * recommendation-collection - * Copyright(c) 2018 Baptiste LARVOL-SIMON, http://www.e-glop.net/ - * MIT Licensed - */ - -'use strict' - -function RecommendationCollection(){ -} - -RecommendationCollection.prototype.collection = {}; - -/** - * @return void - **/ -RecommendationCollection.prototype.add = function(key, value) { - if ( !Array.isArray(this.collection[key]) ) { - this.collection[key] = [] - } - - this.collection[key].push(value); -} - -/** - * @return Array - **/ -RecommendationCollection.prototype.getTopics = function() { - return Object.keys(this.collection); -} - -/** - * @return Array - **/ -RecommendationCollection.prototype.getWarningsFor = function(key) { - return this.collection[key]; -} - -module.exports = RecommendationCollection; diff --git a/lib/tasks.js b/lib/tasks.js index ed31aac..36e2a52 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -34,9 +34,6 @@ class Tasks { nfz: { dependencies: [], }, - audit: { - dependencies: [], - }, cookies: { dependencies: ['html', 'css'] }, @@ -72,7 +69,6 @@ class Tasks { this.url = url; this.tasks = []; this.data = {}; - this.recommendations = new RecommendationCollection(); // Put mandatory tasks already in the task list this.tasks = this.tasks.concat(this.getMandatoryTasks()); @@ -176,7 +172,6 @@ class Tasks { this.getAnalyticsInformation(); this.getCDNInformation(); this.getCookiesInformation(); - this.getAuditInformations(); console.log(''); // console.log('Remaining: ', this.tasks); @@ -506,27 +501,6 @@ class Tasks { }); } - /** - * Gathes further recommendations for further human audit - * @class Tasks - */ - getAuditInformations() { - if (!this.hasTask('audit')) { - console.error('no recommendation expected'); - return; - } - - this.ui.headline('Recommendations for further human audit'); - - var topics = this.recommendations.getTopics(); - for ( var i in topics ) { - var recos = this.recommendations.getWarningsFor(topics[i]); - recos.forEach(reco => { - this.ui.listitem(topics[i], 'Check '+reco); - }); - } - } - /** * Gathes General Information (meta data) of the Website * @class Tasks From 451f20e047d251fc460bce1820e80727c442cdcb Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Thu, 7 Feb 2019 17:11:20 +0100 Subject: [PATCH 5/7] Add informations about viruses --- lib/tasks.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/tasks.js b/lib/tasks.js index 36e2a52..b3e114c 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -474,6 +474,7 @@ class Tasks { this.ui.listitem('Web cache', 'Voided'); this.ui.listitem('Web cookies', 'Voided'); this.ui.listitem('Web proxy', 'Null'); + this.ui.listitem('Viruses', 'Unix system up-to-date and not corrupted'); this.ui.listitem('Date & time', new Date().toLocaleString()); const dns = require('dns'); From 45603fcfcec6c6cecc59fe0368f51f9095fc3e25 Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Thu, 7 Feb 2019 17:39:17 +0100 Subject: [PATCH 6/7] Correct async information print out --- lib/tasks.js | 55 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 23 deletions(-) diff --git a/lib/tasks.js b/lib/tasks.js index b3e114c..854362d 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -9,7 +9,6 @@ const FontsParser = require('./fonts-parser'); // const tools = require('./tools'); const UI = require('./ui'); const Cookies = require('./cookies'); -const RecommendationCollection = require('./recommendation-collection'); class Tasks { constructor(url, uiInstance, args) { @@ -195,7 +194,6 @@ class Tasks { for ( var sm in this.data.social ) { if ( !this.data.social[sm] ) continue; - this.recommendations.add('Social medias processors', sm); } //console.log('FB CONNECT:', this.data.social.fb_connect); @@ -446,7 +444,6 @@ class Tasks { t2 = new Date(strtotime('+'+this.args.cookies+' month 1 hour')*1000).getTime(); if ( t1 > t2 ) { - this.recommendations.add('Cookies', 'lifetime'); this.ui.error('Cookie "'+cookies[i].name+'" expires in more than '+this.args.cookies+' month (expires on '+cookies[i].expires.toLocaleDateString()+')', true); continue; } @@ -465,43 +462,55 @@ class Tasks { getNFZInformations() { if (!this.hasTask('nfz')) return; - this.ui.headline('NF Z67-147 informations about the current audit'); - - const os = require('os') - const pkg = require('../package.json'); - this.ui.listitem('Operating system', os.type()+' '+os.release()+' '+os.arch()); - this.ui.listitem('Software', pkg.name+'-'+pkg.version+' - '+pkg.description); - this.ui.listitem('Web cache', 'Voided'); - this.ui.listitem('Web cookies', 'Voided'); - this.ui.listitem('Web proxy', 'Null'); - this.ui.listitem('Viruses', 'Unix system up-to-date and not corrupted'); - this.ui.listitem('Date & time', new Date().toLocaleString()); - const dns = require('dns'); const tld = this.url.replace(/^https{0,1}:\/\/([^\/]+)\/.*$/, '$1'); var tasks = this; + + var w4, w6, a4, a6; dns.resolve(tld, 'A', function(err, addresses){ - if ( err !== null ) return; - tasks.ui.listitem('Website IPv4', addresses); + w4 = err !== null ? null : addresses; + tasks._innerNFZInformations(w4, w6, a4, a6); }); dns.resolve(tld, 'AAAA', function(err, addresses){ - if ( err !== null ) return; - tasks.ui.listitem('Website IPv6', addresses); + w6 = err !== null ? null : addresses; + tasks._innerNFZInformations(w4, w6, a4, a6); }); dns.resolve('resolver1.opendns.com', 'A', function(err, addresses){ dns.setServers(addresses); dns.resolve('myip.opendns.com', 'A', function(err, addresses){ - if ( err !== null ) return; - tasks.ui.listitem("Auditor's IPv4", addresses); + a4 = err !== null ? null : addresses; + tasks._innerNFZInformations(w4, w6, a4, a6); }); dns.resolve('myip.opendns.com', 'AAAA', function(err, addresses){ - if ( err !== null ) return; - tasks.ui.listitem("Auditor's IPv6", addresses); + a6 = err !== null ? null : addresses; + tasks._innerNFZInformations(w4, w6, a4, a6); }); }); } + _innerNFZInformations(w4, w6, a4, a6) { + if ( w4 === undefined || w6 === undefined || a4 === undefined || a6 === undefined ) return; + + const os = require('os') + const pkg = require('../package.json'); + + this.ui.headline('NF Z67-147 informations about the current audit'); + + this.ui.listitem('Operating system', os.type()+' '+os.release()+' '+os.arch()); + this.ui.listitem('Software', pkg.name+'-'+pkg.version+' - '+pkg.description); + this.ui.listitem('Web cache', 'Empty'); + this.ui.listitem('Web cookies', 'Empty'); + this.ui.listitem('Web proxy', 'Null'); + this.ui.listitem('Viruses', os.type() == 'Linux' ? 'Unix system up-to-date and not corrupted' : 'Unverified'); + this.ui.listitem('Date & time', new Date().toLocaleString()); + + if ( a4 !== null ) this.ui.listitem("Auditor's IPv4", a4); + if ( a6 !== null ) this.ui.listitem("Auditor's IPv6", a6); + if ( w4 !== null ) this.ui.listitem("Website IPv4", w4); + if ( w6 !== null ) this.ui.listitem("Website IPv6", w6); + } + /** * Gathes General Information (meta data) of the Website * @class Tasks From c8e65a2829a325ea70fb4a8d25172d05e23cf05e Mon Sep 17 00:00:00 2001 From: Baptiste LARVOL-SIMON Date: Fri, 8 Feb 2019 18:18:41 +0100 Subject: [PATCH 7/7] Add user-agent --- lib/tasks.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/tasks.js b/lib/tasks.js index 854362d..a26227f 100644 --- a/lib/tasks.js +++ b/lib/tasks.js @@ -499,6 +499,7 @@ class Tasks { this.ui.listitem('Operating system', os.type()+' '+os.release()+' '+os.arch()); this.ui.listitem('Software', pkg.name+'-'+pkg.version+' - '+pkg.description); + this.ui.listitem('User Agent', this.default_headers['user-agent']); this.ui.listitem('Web cache', 'Empty'); this.ui.listitem('Web cookies', 'Empty'); this.ui.listitem('Web proxy', 'Null');