Ruby 忽略 IF 语句中的布尔值

Ruby ignoring boolean value in IF statement

我正在解析一些 Nessus 扫描,并试图根据密码强度将插件 21643 的输出拆分为 3 个不同的数组:highSecArray、mediumSecArray 和 lowSecArray。我将逐行进行并设置标志以将值放入适当的数组中。输入样本是;

Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

The fields above are :

  {OpenSSL ciphername}
  Kx={key exchange}
  Au={authentication}
  Enc={symmetric encryption method}
  Mac={message authentication code}
  {export flag}

我将其缩减为仅包含以下内容的数组,该数组保存在数组中(每个数组元素一行)

SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1 

我的问题是将不同的强度分成不同的数组。我有以下代码可以执行此操作,它应该有效但无效。它用每一行填充所有 3 个数组,忽略 if 说明标志必须设置为 true。我正在输出带有线条的实际标志值,它们是否已正确设置。

(1..count).each do |inc|
      version = hash[inc][0].split(" : ")[1]
      highSecArray = mediumSecArray = lowSecArray = []
      highFlag = mediumFlag = lowFlag = false

      puts "=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=#{inc}\/#{version}=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-="
      puts hash[inc]

      hash[inc].each do |line|
        if line.include? "Low Strength Ciphers"
          lowFlag = true
          mediumFlag = highFlag = false
        elsif line.include? "Medium Strength Ciphers"
          mediumFlag = true
          lowFlag = highFlag = false
        elsif line.include? "High Strength Ciphers"
          highFlag = true
          lowFlag = mediumFlag = false
        else
          puts "High:\t#{highFlag}\nMedium:\t#{mediumFlag}\nLow:\t#{lowFlag}\nLine:#{line}\n\n"

          highSecArray << line if line != "" && highFlag == true
          mediumSecArray << line if line != "" && mediumFlag == true
          lowSecArray << line if line != "" && lowFlag == true
        end # end if
      end
      puts "-----------------------High-----------------------"
      puts highSecArray
      puts "-----------------------Medium-----------------------"
      puts mediumSecArray
      puts "-----------------------Low-----------------------"
      puts lowSecArray
  end # end 1..count.each do

我一直用来调试的控制台输出如下,它在顶部有输入,然后是每一行的布尔运算符的当前状态(连同该行本身),然后是每个数组的内容到底。 medium 数组应该只有 2 行,high 应该有 8 行,low 应该是空的,但是 3 个都包含所有行。

=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=1\/TLSv12=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=
SSL Version : TLSv12
  Medium Strength Ciphers (> 64-bit and < 112-bit key)
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (>= 112-bit key)
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  


High:   false
Medium: false
Low:    false
Line:SSL Version : TLSv12

High:   false
Medium: true
Low:    false
Line:      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

High:   false
Medium: true
Low:    false
Line:      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

High:   false
Medium: true
Low:    false
Line:

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  

High:   true
Medium: false
Low:    false
Line:      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  

High:   true
Medium: false
Low:    false
Line:

High:   true
Medium: false
Low:    false
Line:

-----------------------High-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  
-----------------------Medium-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  
-----------------------Low-----------------------
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      AES256-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA256      Kx=ECDHE       Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      ECDHE-RSA-AES256-SHA384      Kx=ECDHE       Au=RSA      Enc=AES-CBC(256)         Mac=SHA384  
      RSA-AES128-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(128)         Mac=SHA256  
      RSA-AES256-SHA256            Kx=RSA         Au=RSA      Enc=AES-CBC(256)         Mac=SHA256  

我不明白为什么所有数组都获取每个值,非常感谢您的帮助!提前致谢

I can't figure out why all the arrays are getting every value

您的代码中没有 "arrays"(复数)。只有一个数组(单数):

 highSecArray = mediumSecArray = lowSecArray = []

您正在将所有三个变量设置到同一个数组。您应该将它们设置为不同的数组:

 highSecArray, mediumSecArray, lowSecArray = [], [], []
 # or
 highSecArray   = []
 mediumSecArray = []
 lowSecArray    = []

您在此处采用的方法有悖常理,您会被本应是非常常规的解析操作所绊倒。让我们分解您的问题:

  • 有 header 行需要特殊处理。
  • 有节标识符可以更改后续行的分类。
  • 有数据行需要解析并分类到 bin 中。

好消息是您的数据格式足够好,每种类型的线都有不同的特征。您可以使用一些简单的正则表达式来提取所需的详细信息并进行分类。

放在一起:

# Define which ciphers to expect
CIPHERS = [ :high, :medium, :low ]

# Variable to capture the version
version = nil
# No expectation as to where to file the data yet
bucket = nil

# Create a series of buckets, one for each cipher type
ciphers = Hash[CIPHERS.map { |c| [ c, [ ] ] }]

# Read through the data line-by-line
DATA.readlines.each do |line|
  # Skip lines that are blank, that is they don't contain at least a
  # non-space character.
  next unless (line.match(/\S/))

  if (line.match(/SSL Version : (\S+)/))
    # Capture the version information
    version = 
  elsif (line.match(/(\S+) Strength Ciphers/))
    # Pull out the first word and use that as the bucket
    bucket = .downcase.to_sym

    # Test that this makes sense
    unless (CIPHERS.include?(bucket))
      raise "Unknown cipher type #{}"
    end
  elsif (bucket)
    # Add the line to the right bucket, but trim off leading and trailing spaces
    ciphers[bucket] << line.sub(/\A\s+/, '').sub(/\s+\z/, '')
  end
end

__END__
SSL Version : TLSv12
  Medium Strength Ciphers (&gt; 64-bit and &lt; 112-bit key)
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

  High Strength Ciphers (&gt;= 112-bit key)
      DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1   
      ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1   
      AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128) 

为简单起见,它从 DATA 块(由 __END__ 定义)中读取,但您的程序可以使用它喜欢的任何输入源,例如 $stdin 或某些文件。

这为您提供了这样的输出,为了便于阅读,此处采用 YAML 格式:

---
:high:
- DHE-RSA-AES128-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(128)         Mac=SHA1
- DHE-RSA-AES256-SHA           Kx=DH          Au=RSA      Enc=AES-CBC(256)         Mac=SHA1
- ECDHE-RSA-AES128-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(128)         Mac=SHA1
- ECDHE-RSA-AES256-SHA         Kx=ECDH        Au=RSA      Enc=AES-CBC(256)         Mac=SHA1
- AES128-SHA                   Kx=RSA         Au=RSA      Enc=AES-CBC(128)
:medium:
- EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1
- ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1
- DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1
:low: []