Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

updated to use protege, cleaned up code, new logger, added silence op…

…tion for logging
  • Loading branch information...
commit e29a5b8bc5984c5a62ff96de8caa31ce41a81884 1 parent 264714a
@contra contra authored
View
13 README.md
@@ -1,12 +1,12 @@
-**node-fusker is a library to prevent and manage a multitude of attacks in nodejs**
+**fusker is a library to prevent and manage a multitude of attacks in nodejs**
-To install node-fusker, use [npm](http://github.com/isaacs/npm):
+To install fusker, use [npm](http://github.com/isaacs/npm):
$ npm install fusker
## Example
-Please see [the example folder](http://github.com/wearefractal/fusker/blob/master/example/) for working examples and documentation.
+Please see [the examples folder](http://github.com/wearefractal/fusker/blob/master/examples/) for working examples and documentation.
To execute an XSS attack on the test server, just click [HERE](http://localhost:8080/index.html?wat=1%22%3E%3Cimg%20src=x) while it's running.
## Test Site
@@ -63,10 +63,15 @@ Add a .js or .coffee file to the 'socket-detectives' directory of the module.
Add a .js or .coffee file to the 'socket-payloads' directory of the module.
## Express Middleware
-Please see [this example](http://github.com/wearefractal/fusker/blob/master/example/express-test.coffee) for a working express example.
+Please see [this](http://github.com/wearefractal/fusker/blob/master/examples/express-test.coffee) for a working express example.
It's as easy as
app.use(fusker.express.check);
Detectives/payloads are the same as they would be for the fusker HTTP server. Make sure fusker is the first piece of middleware added.
+
+## PROTIPS
+
+Setting config.silent to true will turn off all logging
+Setting config.verbose to true will turn on a ton of logging
## Contributors
View
0  example/express-test.coffee → examples/express-test.coffee
File renamed without changes
View
0  example/index.html → examples/index.html
File renamed without changes
View
0  example/test.coffee → examples/test.coffee
File renamed without changes
View
12 lib/config.coffee
@@ -1,5 +1,7 @@
-exports.dir = process.cwd()
-exports.banLength = 1440
-exports.httplog = "http-attacks.log"
-exports.socketlog = "socket-attacks.log"
-exports.verbose = false
+module.exports =
+ dir: process.cwd()
+ banLength: 1440
+ httplog: "http-attacks.log"
+ socketlog: "socket-attacks.log"
+ verbose: false
+ silent: false
View
9 lib/express.coffee
@@ -1,8 +1,5 @@
-express = {}
-
-express.check = (req, res, next) ->
- http = require('./fusker').http
+module.exports.check = (req, res, next) ->
+ http = require './http'
http.processRequest req, res
- if next
+ if next?
next()
-module.exports = express
View
5 lib/fusker.coffee
@@ -1,3 +1,5 @@
+require 'protege'
+
/* Create global var */
fusker = {}
@@ -8,5 +10,6 @@ fusker.http = require './http'
fusker.express = require './express'
fusker.socket = require './socketio'
fusker.patterns = require './patterns'
-module.exports = fusker
+
+module.exports = fusker
View
24 lib/http.coffee
@@ -5,16 +5,17 @@ fs = require 'fs'
path = require 'path'
util = require './util'
config = require './config'
+log = require './logger'
http = {}
-http.detectives = new Array()
-http.payloads = new Array()
-http.blacklist = new Array()
+http.detectives = []
+http.payloads = []
+http.blacklist = []
http.createServer = (port) ->
- console.log '[FUSKER] Creating HTTP server on port ' + port
- console.log '[FUSKER] Detectives: ' + http.detectives
- console.log '[FUSKER] Payloads: ' + http.payloads
+ log.info '[FUSKER] Creating HTTP server on port ' + port
+ log.info '[FUSKER] Detectives: ' + http.detectives
+ log.info '[FUSKER] Payloads: ' + http.payloads
serv = https.createServer (req, res) ->
unless req
@@ -37,18 +38,17 @@ http.createServer = (port) ->
/* This is split out so it can be used in other places (such as the express middleware) */
http.processRequest = (req, res) ->
userIP = req.connection.remoteAddress
- if config.verbose
- console.log '[FUSKER] HTTP: ' + userIP + ' -> ' + req.url
+ log.debug '[FUSKER] HTTP: ' + userIP + ' -> ' + req.url
for entry in http.blacklist
if entry.ip is userIP
served = util.getSince entry.date
if served >= config.banLength
- console.log '[FUSKER] Lifting HTTP ban on ' + userIP
- http.blacklist.splice http.blacklist.indexOf(entry), 1
+ log.debug '[FUSKER] Lifting HTTP ban on ' + userIP
+ http.blacklist.remove entry
break
else
- console.log '[FUSKER] ' + userIP + ' blocked via HTTP. Remaining: ' + Math.round(config.banLength - served) + ' min'
+ log.debug '[FUSKER] ' + userIP + ' blocked via HTTP. Remaining: ' + Math.round(config.banLength - served) + ' min'
res.end()
return
@@ -66,7 +66,7 @@ http.logAttack = (file, module, req) ->
log.end()
http.handleAttack = (module, req, res) ->
- console.log '[FUSKER] HTTP attack detected! Module: ' + module + ' IP: ' + req.connection.remoteAddress
+ log.info '[FUSKER] HTTP attack detected! Module: ' + module + ' IP: ' + req.connection.remoteAddress
http.logAttack config.httplog, module, req
for payload in http.payloads
View
24 lib/logger.coffee
@@ -0,0 +1,24 @@
+require 'colors'
+config = require './config'
+pack = require('./package').load()
+
+module.exports =
+ log: (str) ->
+ if !config.silent
+ console.log str
+
+ debug: (str) ->
+ if !config.silent and config.verbose
+ console.log '[' + pack.name.magenta, '-', 'DEBUG'.upcase().green.inverse + ']', str
+
+ info: (str) ->
+ if !config.silent
+ console.log '[' + pack.name.magenta, '-', 'info'.white + ']', str
+
+ warn: (str) ->
+ if !config.silent
+ console.log '[' + pack.name.magenta, '-', 'warn'.upcase().yellow + ']', str
+
+ error: (str) ->
+ if !config.silent
+ console.log '[' + pack.name.magenta, '-', 'debug'.upcase().red.inverse + ']', str
View
11 lib/package.coffee
@@ -0,0 +1,11 @@
+fs = require 'fs'
+path = require 'path'
+
+# Singleton for the contents of package.json
+exports.load = ->
+ if !@package
+ location = path.join(__dirname, '../', 'package.json')
+ @package = JSON.parse fs.readFileSync(location)
+ return @package
+ else
+ return @package
View
22 lib/socketio.coffee
@@ -4,37 +4,37 @@ fs = require 'fs'
path = require 'path'
util = require './util'
config = require './config'
+log = require './logger'
socketio = {}
-socketio.detectives = new Array()
-socketio.payloads = new Array()
-socketio.blacklist = new Array()
+socketio.detectives = []
+socketio.payloads = []
+socketio.blacklist = []
socketio.listen = (server) ->
- console.log '[FUSKER] Creating Socket.IO server'
+ log.info '[FUSKER] Creating Socket.IO server'
sio = require 'socket.io'
io = sio.listen server
io.sockets.on 'connection', (socket) ->
- socket.remoteAddress = socket.handshake.address.address
+ socket.remoteAddress ?= socket.handshake.address.address
for entry in socketio.blacklist
if entry.ip is socket.remoteAddress
served = util.getSince entry.date
if served >= config.banLength
- console.log '[FUSKER] Lifting SocketIO ban on ' + socket.remoteAddress
- socketio.blacklist.splice socketio.blacklist.indexOf(entry), 1
+ log.debug '[FUSKER] Lifting SocketIO ban on ' + socket.remoteAddress
+ socketio.blacklist.remove entry
break
else
- console.log '[FUSKER] ' + socket.remoteAddress + ' blocked via SocketIO. Remaining: ' + Math.round(config.banLength - served) + ' min'
+ log.debug '[FUSKER] ' + socket.remoteAddress + ' blocked via SocketIO. Remaining: ' + Math.round(config.banLength - served) + ' min'
socket.disconnect()
return
socket.on 'newListener', (evt, listener) ->
socket.listeners(evt).push (msg) ->
- if config.verbose
- console.log '[FUSKER] SocketIO: ' + socket.remoteAddress + ' -> ' + evt
+ log.debug '[FUSKER] SocketIO: ' + socket.remoteAddress + ' -> ' + evt
for detective in socketio.detectives
module = require './socket-detectives/' + detective
@@ -51,7 +51,7 @@ socketio.logAttack = (file, module, socket, msg) ->
log.end()
socketio.handleAttack = (module, socket, msg) ->
- console.log '[FUSKER] Socket attack detected! Module: ' + module + ' IP: ' + socket.remoteAddress
+ log.info '[FUSKER] Socket attack detected! Module: ' + module + ' IP: ' + socket.remoteAddress
socketio.logAttack config.socketlog, module, socket, msg
for payload in socketio.payloads
1  nodester
@@ -1 +0,0 @@
-Subproject commit e062c38b0fda69f22c000b355afd2ed78bf457cc
View
10 package.json
@@ -1,9 +1,9 @@
{
"name": "fusker",
"description": "Detect, prevent, and fight back against hackers in the lulziest ways possible",
- "version": "0.1.2",
+ "version": "0.1.3",
"homepage": "http://github.com/wearefractal/fusker",
- "keywords": ["fusker", "hack", "protect", "csrf", "lfi", "xss", "sqli", "injection", "attack", "blacklist", "express", "socket", "security"],
+ "keywords": ["fusker", "hack", "protect", "csrf", "lfi", "xss", "sqli", "injection", "attack", "blacklist", "express", "socket", "security", "firewall"],
"author": "Contra <contra@australia.edu> (http://wearefractal.com)",
"main": "./lib/fusker.coffee",
"directories": {
@@ -18,8 +18,10 @@
"url": "http://github.com/wearefractal/fusker.git"
},
"dependencies": {
- "socket.io": "0.7.x",
- "coffee-script": "*"
+ "socket.io": ">= 0.7.4",
+ "coffee-script": "*",
+ "colors":"*",
+ "protege":"*"
},
"contributors": [{
"name": "Contra",

0 comments on commit e29a5b8

Please sign in to comment.
Something went wrong with that request. Please try again.