parent
3997ef769e
commit
3b24de0bf9
@ -1 +1 @@ |
||||
2.3.3-cryptcheck |
||||
2.3.8-cryptcheck |
||||
|
@ -1,41 +1,40 @@ |
||||
source 'https://rubygems.org' |
||||
|
||||
gem 'rails' |
||||
|
||||
gem 'cryptcheck', '~> 2.0.0', path: '../cryptcheck' |
||||
gem 'cryptcheck', '~> 2.0.0', path: '../engine' |
||||
|
||||
gem 'rails', '~> 5.2.3' |
||||
gem 'dotenv-rails' |
||||
gem 'http_accept_language' |
||||
gem 'mongoid' |
||||
gem 'simpleidn' |
||||
|
||||
gem 'redis-namespace' |
||||
gem 'sidekiq' |
||||
gem 'bootsnap', require: false |
||||
gem 'puma' |
||||
|
||||
group :assets do |
||||
gem 'therubyracer', platforms: :ruby |
||||
gem 'uglifier' |
||||
gem 'sidekiq' |
||||
gem 'pg' |
||||
gem 'simpleidn' |
||||
gem 'http_accept_language' |
||||
gem 'recursive-open-struct' |
||||
|
||||
gem 'bootstrap-sass' |
||||
gem 'coffee-rails' |
||||
gem 'font-awesome-sass' |
||||
gem 'jquery-rails' |
||||
gem 'sass-rails' |
||||
gem 'tzinfo-data' |
||||
end |
||||
gem 'uglifier' |
||||
gem 'sass-rails' |
||||
gem 'coffee-rails' |
||||
gem 'jquery-rails' |
||||
gem 'bootstrap-sass' |
||||
gem 'font-awesome-sass' |
||||
|
||||
group :development, :test do |
||||
gem 'awesome_print' |
||||
group :development do |
||||
gem 'web-console' |
||||
gem 'awesome_print' |
||||
|
||||
gem 'spring' |
||||
gem 'spring-watcher-listen' |
||||
|
||||
gem 'pry-rails' |
||||
gem 'pry-byebug' |
||||
|
||||
gem 'better_errors' |
||||
gem 'binding_of_caller' |
||||
|
||||
gem 'guard', require: false |
||||
gem 'guard-rails', require: false |
||||
gem 'guard-livereload', require: false |
||||
gem 'rack-livereload' |
||||
gem 'guard-rails', require: false |
||||
end |
||||
|
@ -1,56 +1,36 @@ |
||||
class Analysis |
||||
include Mongoid::Document |
||||
include Mongoid::Timestamps |
||||
|
||||
field :type, type: Symbol |
||||
field :host, type: String |
||||
field :port, type: Numeric |
||||
field :pending, type: Boolean |
||||
field :date, type: Time |
||||
field :result, type: Array |
||||
|
||||
validates_presence_of :type |
||||
validates_presence_of :host |
||||
validates_presence_of :port |
||||
validates_uniqueness_of :type, scope: %i[host port] |
||||
|
||||
index type: 1 |
||||
index({ type: 1, host: 1, port: 1 }, { unique: true }) |
||||
class Analysis < ApplicationRecord |
||||
enum service: %i[https smtp xmpp tls ssh].collect { |e| [e, e.to_s] }.to_h |
||||
validates :service, presence: true |
||||
validates :host, presence: true |
||||
|
||||
def self.[](service, host, port) |
||||
key = self.key service, host, port |
||||
self.find_by key |
||||
end |
||||
|
||||
def self.[](type, host, port) |
||||
key = self.key type, host, port |
||||
self.where(key).first |
||||
def self.pending!(service, host, port) |
||||
key = self.key service, host, port |
||||
analysis = self.find_or_create_by! key |
||||
analysis.pending! |
||||
end |
||||
|
||||
def self.pending(type, host, port) |
||||
analysis = self[type, host, port] |
||||
if analysis |
||||
analysis.remove_attribute :result |
||||
analysis.update_attributes pending: true, date: Time.now |
||||
analysis |
||||
else |
||||
self.create! type: type, host: host, port: port, pending: true, date: Time.now |
||||
end |
||||
def pending! |
||||
self.update! pending: true |
||||
self |
||||
end |
||||
|
||||
def self.result(type, host, port, result) |
||||
analysis = self[type, host, port] |
||||
if analysis |
||||
analysis.remove_attribute :pending |
||||
analysis.update_attributes result: result, date: Time.now |
||||
analysis |
||||
else |
||||
self.create! type: type, host: host, port: port, result: result, date: Time.now |
||||
end |
||||
def self.post!(service, host, port, result) |
||||
analysis = self[service, host, port] |
||||
analysis.post! result |
||||
end |
||||
|
||||
def publish(result) |
||||
self.remove_attribute :pending |
||||
self.update_attribute :result, result |
||||
def post!(result) |
||||
self.update! pending: false, result: result |
||||
end |
||||
|
||||
private |
||||
def self.key(type, host, port) |
||||
{ type: type, host: host, port: port } |
||||
|
||||
def self.key(service, host, port) |
||||
{ service: service, host: host, port: port } |
||||
end |
||||
end |
||||
|
@ -0,0 +1,3 @@ |
||||
class ApplicationRecord < ActiveRecord::Base |
||||
self.abstract_class = true |
||||
end |
@ -0,0 +1,57 @@ |
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="utf-8"> |
||||
<title>TLS status</title> |
||||
<link rel="stylesheet" href="knacss.css"> |
||||
</head> |
||||
<body> |
||||
<table class="table table--zebra table--auto"> |
||||
<thead> |
||||
<tr> |
||||
<th rowspan="2">Domain</th> |
||||
<td rowspan="2">Grade</td> |
||||
|
||||
<td colspan="2">Certificates</td> |
||||
<td colspan="5">Protocols</td> |
||||
<td colspan="4">Ciphers</td> |
||||
<td colspan="5">Best practices</td> |
||||
</tr> |
||||
<tr> |
||||
<td>Key</td> |
||||
<td>Sig</td> |
||||
|
||||
<td class="alert--inverse">SSLv2</td> |
||||
<td class="alert--inverse">SSLv3</td> |
||||
<td class="alert--danger">TLSv1.0</td> |
||||
<td class="alert--warning">TLSv1.1</td> |
||||
<td>TLSv1.2</td> |
||||
|
||||
<td class="alert--inverse">MD5</td> |
||||
<td class="alert--danger">SHA1</td> |
||||
<td class="alert--inverse">RC4</td> |
||||
<td class="alert--danger">DES/3DES</td> |
||||
|
||||
<td class="alert--warning">DHE</td> |
||||
<td>PFS</td> |
||||
<td>AEAD</td> |
||||
<td>HSTS</td> |
||||
<td>SCSV</td> |
||||
</tr> |
||||
</thead> |
||||
<tbody> |
||||
<% @analysis.each do |analysis| %> |
||||
<tr> |
||||
<th colspan="18"><%= analysis.host %></th> |
||||
</tr> |
||||
<% analysis.result.sort { |a, b| a[:ip] <=> b[:ip] }.each do |result| %> |
||||
<tr> |
||||
<td><%= result[:ip] %></td> |
||||
<td class="<%= grade_color result[:grade] %>"><%= result[:grade] %></td> |
||||
</tr> |
||||
<% end %> |
||||
<% end %> |
||||
</tbody> |
||||
</table> |
||||
</body> |
||||
</html> |
@ -0,0 +1,127 @@ |
||||
https://clients.boursorama.com |
||||
https://app.n26.com/ |
||||
https://my.n26.com |
||||
https://www.caisse-epargne.fr/ |
||||
https://www.net426.caisse-epargne.fr/ |
||||
https://www.net444.caisse-epargne.fr/ |
||||
https://www.net627.caisse-epargne.fr/ |
||||
https://www.net142.caisse-epargne.fr/ |
||||
https://www.net333.caisse-epargne.fr/ |
||||
https://www.net871.caisse-epargne.fr |
||||
https://www.fintro.be/ |
||||
https://www.bnpparibasfortis.be/ |
||||
cbctouch.cbc.be |
||||
www.bpe.fr |
||||
https://particuliers.societegenerale.fr/ |
||||
https://www.cic.fr |
||||
https://api.revolut.com |
||||
https://www.ibps.occitane.banquepopulaire.fr/ |
||||
https://www.ibps.rivesparis.banquepopulaire.fr |
||||
https://www.ibps.bpaura.banquepopulaire.fr |
||||
https://www.ibps.nord.banquepopulaire.fr/ |
||||
https://www.icgauth.banquepopulaire.fr/ |
||||
https://m.ibps.bpalc.banquepopulaire.fr/mobile/login/ |
||||
https://www.ibps.bpalc.banquepopulaire.fr/ |
||||
https://www.icgauth.banquepopulaire.fr/WebSSO_BP/_14707/ |
||||
bpaca.banquepopulaire.fr |
||||
https://bpnet.gbp.ma/ |
||||
https://particuliers.secure.lcl.fr/ |
||||
https://www.bpalc.banquepopulaire.fr/portailinternet/Pages/default.aspx |
||||
https://www.banque-laydernier.fr/ |
||||
https://service.e-cartebleue.com/fr/banquepopulaire/index |
||||
https://www.cic.fr/fr/authentification.html |
||||
https://www.creditmutuel.fr/cmne/fr/banques/particuliers/index.html |
||||
https://www.creditmutuel.fr/ |
||||
https://www.creditmutuel.fr/fr/authentification.html |
||||
https://www.monabanq.com/fr/identification/authentification.html |
||||
https://www.labanquepostale.fr/ |
||||
https://voscomptesenligne.labanquepostale.fr/wsost/OstBrokerWeb/loginform |
||||
https://voscomptesenligne.labanquepostale.fr i8 |
||||
https://voscomptesenligne.labanquepostale.fr/voscomptes/canalXHTML/comptesCommun/synthese_ccp/afficheSyntheseCCP-synthese_ccp.ea |
||||
https://mabanque.bnpparibas/fr/connexion |
||||
https://www.ds-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.monabanq.com/ |
||||
https://particuliers.societegenerale.fr/ |
||||
https://www.bred.fr/ |
||||
https://www.cmb.fr/ |
||||
https://mon.cmb.fr/ |
||||
https://www.cmb.fr/domifront/front/gwt/identificationService |
||||
https://www.cmb.fr/domivirtualis/index.html#/ |
||||
https://www.cmb.fr/virtualisapi/json/identification |
||||
https://mabanque.fortuneo.fr/fr/identification.jsp |
||||
https://www.credit-du-nord.fr/ (desktop) |
||||
https://m.credit-du-nord.fr (mobile) |
||||
https://www.cic.fr/fr/authentification.html |
||||
https://client.milleis.fr/BconnectDesk/servletcontroller |
||||
https://www.credit-du-nord.fr/instit/IPI/appmanager/instit/particuliers |
||||
https://secure.ingdirect.fr/ |
||||
https://espace-assure.gmf.fr/public/pages/securite/IC2.faces |
||||
https://onlinebanking.deutschebank.be/ |
||||
https://mabanque.bnpparibas/ |
||||
https://www.ca-paris.fr/ |
||||
www.ds-g3-enligne.credit-agricole.fr |
||||
www.sra-g3-enligne.credit-agricole.fr |
||||
www.paris-g4-enligne.credit-agricole.fr |
||||
www.norddefrance-g3-enligne.credit-agricole.fr |
||||
https://www.alsace-g3-enligne.credit-agricole.fr |
||||
https://www.languedoc-g3-enligne.credit-agricole.fr |
||||
https://www.anjou-maine-g3-enligne.credit-agricole.fr/ |
||||
www.atlantique-vendee-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.cb-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.ce-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.alpesprovence-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.normand-g3-enligne.credit-agricole.fr |
||||
https://www.illeetvilaine-g4-enligne.credit-agricole.fr |
||||
www.cmds-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.nord-est-g3-enligne.credit-agricole.fr/ |
||||
https://www.nmp-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://m.ca-anjou-maine.fr/ |
||||
https://www.ca-finistere.fr/ |
||||
https://voscomptesenligne.labanquepostale.fr |
||||
https://www.net255.credit-cooperatif.coop |
||||
https://www.credit-cooperatif.coop/Particuliers |
||||
https://particuliers.societegenerale.fr/ |
||||
https://www.bfvsgnet.mg/part/fr/dciweb.htm?p0=idesai.tht&t=p (filiale malgache) |
||||
https://www.orangebank.fr/portalserver/mon-espace-client/authentification |
||||
https://www.belfius.be/retail/fr/index.aspx |
||||
https://www.hellobank.fr |
||||
https://www.macif.fr/assurance/particuliers/vos-espaces-macif/espace-banque |
||||
https://www.hellobank.fr/fr/client |
||||
https://www.carrefour-banque.fr/espace-client/connexion |
||||
https://www.epalatine.fr/ |
||||
https://www.hsbc.fr/1/2/hsbc-france/particuliers/connexion |
||||
https://espace-client-secure.banque-casino.fr/fr/identification/authentification.html |
||||
https://secure.bforbank.com/connexion-client/service/login?urlBack=client.bforbank.com%2Fespace-client |
||||
https://connect.axa.fr/ |
||||
https://secure.ingdirect.fr |
||||
https://m.ingdirect.fr |
||||
https://www.campg-g3-enligne.credit-agricole.fr/stb/entreeBam |
||||
https://www.icgauth.banquepopulaire.fr |
||||
https://www.ibps.mediterranee.banquepopulaire.fr |
||||
https://www.casden.fr/connexion/login?&RedirectURI=%2Fsimu%2Fview%2Faccueil.seam |
||||
https://www.icgauth.banquepopulaire.fr/WebSSO_BP/_13807/index.html |
||||
https://personeo.epargne-retraite-entreprises.bnpparibas.com/portal/salarie-bnp/authentification?initialURI=/portal/salarie-bnp/accueil?uri=/portal/salarie-bnp/accueil0 |
||||
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=fr_CA#/login/easyweb-getting-started |
||||
https://www.bmo.com/principal/particuliers |
||||
https://accesd.mouv.desjardins.com/ |
||||
https://www.creatis.fr/fr/identification/authentification.html |
||||
https://postfinance.ch |
||||
https://ebanking.raiffeisen.ch/entry/#/login |
||||
https://www.sg-bdp.pf/polyweb/frame2.html |
||||
https://www.sgcb.nc/part/fr/dciweb.htm?p0=idesai.tht&t=p |
||||
https://seb.se/privat |
||||
https://www.postecash.sn/ |
||||
https://app.morning.com/connexion |
||||
https://secure.ingdirect.fr/ |
||||
https://www.monabanq.com/fr/identification/authentification.html |
||||
https://www.creditmutuel.fr/fr/authentification.html |
||||
https://www.altaprofits.com/compte/se-connecter |
||||
https://www.aviva.fr/espaceclient/MonCompte/Connexion |
||||
https://linxea-zen.avepargne.fr/accueil/ |
||||
https://www.sylvea.fr/securite/login.xhtml |
||||
https://mes-placements.fr/acces-client/spirica-credit-agricole-assurances |
||||
https://www.previ-direct.com/web/eclient-assurancevie.com/accueil |
||||
https://jdhm.assurancevie.com/b2b2c/entreesite/EntAccLog?ssbouCode=9501329 |
||||
https://www.cic-epargnesalariale.fr/fr/identification/default.cgi |
||||
https://www.creditmutuel-epargnesalariale.fr/fr/identification/default.cgi |
||||
https://login.kb.cz/ |
@ -0,0 +1,104 @@ |
||||
- accesd.mouv.desjardins.com |
||||
- api.revolut.com |
||||
- app.morning.com |
||||
- app.n26.com |
||||
- authentication.td.com |
||||
- bpaca.banquepopulaire.fr |
||||
- bpnet.gbp.ma |
||||
- cbctouch.cbc.be |
||||
- client.milleis.fr |
||||
- clients.boursorama.com |
||||
- connect.axa.fr |
||||
- ebanking.raiffeisen.ch |
||||
- espace-assure.gmf.fr |
||||
- espace-client-secure.banque-casino.fr |
||||
- jdhm.assurancevie.com |
||||
- linxea-zen.avepargne.fr |
||||
- login.kb.cz |
||||
- mabanque.bnpparibas |
||||
- mabanque.fortuneo.fr |
||||
- m.ca-anjou-maine.fr |
||||
- m.credit-du-nord.fr (mobile) |
||||
- mes-placements.fr |
||||
- m.ibps.bpalc.banquepopulaire.fr |
||||
- m.ingdirect.fr |
||||
- mon.cmb.fr |
||||
- my.n26.com |
||||
- onlinebanking.deutschebank.be |
||||
- particuliers.secure.lcl.fr |
||||
- particuliers.societegenerale.fr |
||||
- personeo.epargne-retraite-entreprises.bnpparibas.com |
||||
- postfinance.ch |
||||
- seb.se |
||||
- secure.bforbank.com |
||||
- secure.ingdirect.fr |
||||
- service.e-cartebleue.com |
||||
- voscomptesenligne.labanquepostale.fr |
||||
- voscomptesenligne.labanquepostale.fr i8 |
||||
- www.alpesprovence-g3-enligne.credit-agricole.fr |
||||
- www.alsace-g3-enligne.credit-agricole.fr |
||||
- www.altaprofits.com |
||||
- www.anjou-maine-g3-enligne.credit-agricole.fr |
||||
- www.atlantique-vendee-g3-enligne.credit-agricole.fr |
||||
- www.aviva.fr |
||||
- www.banque-laydernier.fr |
||||
- www.belfius.be |
||||
- www.bfvsgnet.mg |
||||
- www.bmo.com |
||||
- www.bnpparibasfortis.be |
||||
- www.bpalc.banquepopulaire.fr |
||||
- www.bpe.fr |
||||
- www.bred.fr |
||||
- www.ca-finistere.fr |
||||
- www.caisse-epargne.fr |
||||
- www.campg-g3-enligne.credit-agricole.fr |
||||
- www.ca-paris.fr |
||||
- www.carrefour-banque.fr |
||||
- www.casden.fr |
||||
- www.cb-g3-enligne.credit-agricole.fr |
||||
- www.ce-g3-enligne.credit-agricole.fr |
||||
- www.cic-epargnesalariale.fr |
||||
- www.cic.fr |
||||
- www.cmb.fr |
||||
- www.cmds-g3-enligne.credit-agricole.fr |
||||
- www.creatis.fr |
||||
- www.credit-cooperatif.coop |
||||
- www.credit-du-nord.fr |
||||
- www.creditmutuel-epargnesalariale.fr |
||||
- www.creditmutuel.fr |
||||
- www.ds-g3-enligne.credit-agricole.fr |
||||
- www.epalatine.fr |
||||
- www.fintro.be |
||||
- www.hellobank.fr |
||||
- www.hsbc.fr |
||||
- www.ibps.bpalc.banquepopulaire.fr |
||||
- www.ibps.bpaura.banquepopulaire.fr |
||||
- www.ibps.mediterranee.banquepopulaire.fr |
||||
- www.ibps.nord.banquepopulaire.fr |
||||
- www.ibps.occitane.banquepopulaire.fr |
||||
- www.ibps.rivesparis.banquepopulaire.fr |
||||
- www.icgauth.banquepopulaire.fr |
||||
- www.illeetvilaine-g4-enligne.credit-agricole.fr |
||||
- www.labanquepostale.fr |
||||
- www.languedoc-g3-enligne.credit-agricole.fr |
||||
- www.macif.fr |
||||
- www.monabanq.com |
||||
- www.net142.caisse-epargne.fr |
||||
- www.net255.credit-cooperatif.coop |
||||
- www.net333.caisse-epargne.fr |
||||
- www.net426.caisse-epargne.fr |
||||
- www.net444.caisse-epargne.fr |
||||
- www.net627.caisse-epargne.fr |
||||
- www.net871.caisse-epargne.fr |
||||
- www.nmp-g3-enligne.credit-agricole.fr |
||||
- www.norddefrance-g3-enligne.credit-agricole.fr |
||||
- www.nord-est-g3-enligne.credit-agricole.fr |
||||
- www.normand-g3-enligne.credit-agricole.fr |
||||
- www.orangebank.fr |
||||
- www.paris-g4-enligne.credit-agricole.fr |
||||
- www.postecash.sn |
||||
- www.previ-direct.com |
||||
- www.sg-bdp.pf |
||||
- www.sgcb.nc |
||||
- www.sra-g3-enligne.credit-agricole.fr |
||||
- www.sylvea.fr |
@ -1,3 +1,4 @@ |
||||
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) |
||||
|
||||
require 'bundler/setup' # Set up gems listed in the Gemfile. |
||||
require 'bootsnap/setup' |
||||
|
@ -1,6 +1,6 @@ |
||||
Rails.application.config.tap do |config| |
||||
config.openssl_ciphers = JSON.parse File.read 'config/openssl-ciphers.json' |
||||
config.openssl_ciphers = JSON.parse File.read File.join Rails.root, 'config/openssl-ciphers.json' |
||||
config.openssl_ciphers.merge! config.openssl_ciphers.invert |
||||
|
||||
config.user_agents_ciphers = JSON.parse File.read 'config/user-agents-ciphers.json' |
||||
config.user_agents_ciphers = JSON.parse File.read File.join Rails.root, 'config/user-agents-ciphers.json' |
||||
end |
||||
|
@ -1,7 +0,0 @@ |
||||
Sidekiq.configure_server do |config| |
||||
config.redis = { url: ENV['REDIS_URL'] } |
||||
end |
||||
|
||||
Sidekiq.configure_client do |config| |
||||
config.redis = { url: ENV['REDIS_URL'] } |
||||
end |
@ -0,0 +1,5 @@ |
||||
class EnablePgcryptoExtension < ActiveRecord::Migration[5.2] |
||||
def change |
||||
enable_extension 'pgcrypto' |
||||
end |
||||
end |
@ -0,0 +1,15 @@ |
||||
class CreateAnalyses < ActiveRecord::Migration[5.2] |
||||
def change |
||||
create_table :analyses, id: :uuid do |t| |
||||
t.string :service, null: false |
||||
t.string :host, null: false |
||||
t.integer :port |
||||
t.boolean :pending, null: false, default: true |
||||
t.jsonb :result |
||||
|
||||
t.timestamps |
||||
end |
||||
|
||||
add_index :analyses, %i[service host port], unique: true |
||||
end |
||||
end |
@ -0,0 +1,30 @@ |
||||
# This file is auto-generated from the current state of the database. Instead |
||||
# of editing this file, please use the migrations feature of Active Record to |
||||
# incrementally modify your database, and then regenerate this schema definition. |
||||
# |
||||
# Note that this schema.rb definition is the authoritative source for your |
||||
# database schema. If you need to create the application database on another |
||||
# system, you should be using db:schema:load, not running all the migrations |
||||
# from scratch. The latter is a flawed and unsustainable approach (the more migrations |
||||
# you'll amass, the slower it'll run and the greater likelihood for issues). |
||||
# |
||||
# It's strongly recommended that you check this file into your version control system. |
||||
|
||||
ActiveRecord::Schema.define(version: 2019_09_13_211227) do |
||||
|
||||
# These are extensions that must be enabled in order to support this database |
||||
enable_extension "pgcrypto" |
||||
enable_extension "plpgsql" |
||||
|
||||
create_table "analyses", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t| |
||||
t.string "service", null: false |
||||
t.string "host", null: false |
||||
t.integer "port" |
||||
t.boolean "pending", default: true, null: false |
||||
t.jsonb "result" |
||||
t.datetime "created_at", null: false |
||||
t.datetime "updated_at", null: false |
||||
t.index ["service", "host", "port"], name: "index_analyses_on_service_and_host_and_port", unique: true |
||||
end |
||||
|
||||
end |
Loading…
Reference in new issue