parent
792bdf6d24
commit
089a3b98be
@ -0,0 +1,14 @@ |
||||
class SitesController < ApplicationController |
||||
@@sites = YAML.load_file Rails.root.join 'config/sites.yml' |
||||
@@sites.keys.each do |name| |
||||
define_method(name) { sites name } |
||||
end |
||||
|
||||
private |
||||
|
||||
def sites(name) |
||||
@name = name |
||||
@sites = Stat[:"sites_#{name}"].data |
||||
render :sites |
||||
end |
||||
end |
@ -1,2 +0,0 @@ |
||||
module ApplicationHelper |
||||
end |
@ -0,0 +1,77 @@ |
||||
#!./bin/rails runner |
||||
|
||||
# Profit from open class to add stats methods only on this script |
||||
class Analysis |
||||
def grade |
||||
grades = self.result.collect { _1['grade'] }.compact |
||||
CryptCheck::Grade.worst grades |
||||
end |
||||
|
||||
def tls |
||||
return unless (result = self.result) |
||||
protocols = result.collect { |r| r.dig('handshakes', 'protocols') |
||||
&.collect { |p| p['protocol'].to_sym } } |
||||
.compact.flatten.uniq |
||||
|
||||
return :ssl unless (protocols & %i[SSLv2 SSLv3]).empty? |
||||
return :tls unless protocols.include? :TLSv1_2 |
||||
return :tls1_2_only if protocols == %i[TLSv1_2] |
||||
:tls1_2 |
||||
end |
||||
|
||||
def ciphers |
||||
return unless (result = self.result) |
||||
status = result.collect do |r| |
||||
r.dig('handshakes', 'ciphers')&.collect do |c| |
||||
s = CryptCheck::Tls::Cipher |
||||
.new(nil, c.fetch('name')).status |
||||
CryptCheck::State.good_or_bad s |
||||
end |
||||
end.compact.flatten.uniq |
||||
|
||||
return :bad if status.include? :bad |
||||
:good |
||||
end |
||||
|
||||
def pfs |
||||
return unless (result = self.result) |
||||
ciphers = result.collect do |r| |
||||
r.dig('handshakes', 'ciphers')&.collect do |c| |
||||
CryptCheck::Tls::Cipher |
||||
.new(nil, c.fetch('name')) |
||||
.pfs? |
||||
end |
||||
end.compact.flatten.uniq |
||||
|
||||
return :no_pfs unless ciphers.include? true |
||||
return :pfs_only unless ciphers.include? false |
||||
:pfs |
||||
end |
||||
end |
||||
|
||||
sites = YAML.load_file Rails.root.join 'config/sites.yml' |
||||
|
||||
workflows = [] |
||||
sites.each do |type, domains| |
||||
domains.each do |domain| |
||||
puts "Refreshing #{domain}" |
||||
@analysis = Analysis.pending! :https, domain, 443 |
||||
workflows << CheckWorkflow.start!(:https, @analysis.host, *@analysis.args) |
||||
end |
||||
end |
||||
workflows.each &:wait |
||||
|
||||
sites.each do |type, domains| |
||||
domains = domains.collect do |domain| |
||||
analysis = Analysis[:https, domain, 443] |
||||
stats = { |
||||
grade: analysis.grade, |
||||
tls: analysis.tls, |
||||
ciphers: analysis.ciphers, |
||||
pfs: analysis.pfs |
||||
} |
||||
[domain, stats] |
||||
end.to_h |
||||
|
||||
Stat.create! :"sites_#{type}", domains |
||||
end |
@ -0,0 +1,67 @@ |
||||
banks: |
||||
- admin.vybecard.com |
||||
- app.n26.com |
||||
- app.nickel.eu |
||||
- app.qonto.com |
||||
- clients.boursorama.com |
||||
- clients.cmavignon.com |
||||
- connexion-mabanque.bnpparibas |
||||
- ebanking-ch3.ubs.com |
||||
- epargnants.interepargne.natixis.fr |
||||
- espace-client.hellobank.fr |
||||
- espace-client.lanef.com |
||||
- espaceclient.axa.fr |
||||
- linxea-zen.avepargne.fr |
||||
- m.ing.fr |
||||
- mabanque.bnpparibas |
||||
- mabanque.fortuneo.fr |
||||
- mon.cmb.fr |
||||
- monespace.lcl.fr |
||||
- particuliers.societegenerale.fr |
||||
- secure.bforbank.com |
||||
- transatplan.banquetransatlantique.com |
||||
- voscomptesenligne.labanquepostale.fr |
||||
- www.altaprofits.com |
||||
- www.aviva.fr |
||||
- www.banque-rhone-alpes.fr |
||||
- www.banquepopulaire.fr |
||||
- www.bred.fr |
||||
- www.caisse-epargne.fr |
||||
- www.cic.fr |
||||
- www.credit-agricole.fr |
||||
- www.credit-cooperatif.coop |
||||
- www.creditmutuel.fr |
||||
- www.hsbc.fr |
||||
- www.ibps.sud.banquepopulaire.fr |
||||
- www.icgauth.banquebcp.fr |
||||
- www.labanquepostale.fr |
||||
- www.mgen.fr |
||||
- www.monabanq.com |
||||
- www.previ-direct.com |
||||
insurances: |
||||
- adherent.gie-afer.fr |
||||
- authentification.groupama.fr |
||||
- connect.axa.fr |
||||
- connect.maif.fr |
||||
- connect.sogarep.fr |
||||
- epargnant.amundi-ee.com |
||||
- espace-assure.gmf.fr |
||||
- espace-client.allianz.fr |
||||
- espace-client.mma.fr |
||||
- espace-personnel.direct-assurance.fr |
||||
- espaceperso.mutuelledesmotards.fr |
||||
- harmonie-et-moi.fr |
||||
- myswisslife.fr |
||||
- www.acommeassure.com |
||||
- www.assu2000.fr |
||||
- www.assurances-collectives.cm-cic.com |
||||
- www.aviva.fr |
||||
- www.creditmutuel-epargnesalariale.fr |
||||
- www.lolivier.fr |
||||
- www.maaf.fr |
||||
- www.mgen.fr |
||||
- www.monabanq.com |
||||
- www.monespace.generali.fr |
||||
- www.mutavie.fr |
||||
- www.sylvea.fr |
||||
|
Loading…
Reference in new issue