hash/FunguyBot
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security fixes

Browse Source
This commit is contained in:
Hash Borgir
2026-05-07 17:37:20 -05:00
parent e71a145dea
commit f8e8ae9533
9 changed files with 162 additions and 386 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/sslscan.py
+14 -4
View File
@@ -11,6 +11,8 @@ import re
import simplematrixbotlib as botlib
from urllib.parse import urlparse
from plugins.utils import is_public_destination
# SSL/TLS configuration - handle missing protocols in modern Python
TLS_VERSIONS = {
'TLSv1.2': ssl.PROTOCOL_TLSv1_2,
@@ -94,6 +96,14 @@ async def handle_command(room, message, bot, prefix, config):
await bot.api.send_text_message(room.room_id, "Invalid port number")
return
# SSRF protection: refuse internal hosts
if not is_public_destination(target):
await bot.api.send_text_message(
room.room_id,
"❌ Scanning of private/internal addresses is not allowed."
)
return
await perform_ssl_scan(room, bot, target, port)
async def show_usage(room, bot):
@@ -334,7 +344,7 @@ async def check_vulnerabilities(scan_results):
"""Check for common SSL/TLS vulnerabilities."""
vulnerabilities = []
# Check for weak protocols (these will be False in modern Python, which is good)
# Check for weak protocols
if scan_results['protocols'].get('SSLv2', False):
vulnerabilities.append({
'name': 'SSLv2 Support',
@@ -400,7 +410,7 @@ async def calculate_security_score(scan_results):
"""Calculate overall security score."""
score = 100
# Protocol penalties (in modern Python, SSLv2/SSLv3 will be False, which is good)
# Protocol penalties
if scan_results['protocols'].get('SSLv2', False):
score -= 30
if scan_results['protocols'].get('SSLv3', False):
@@ -598,9 +608,9 @@ def format_cert_date(date_str):
# Plugin Metadata
# ---------------------------------------------------------------------------
__version__ = "1.0.0"
__version__ = "1.0.1"
__author__ = "Funguy Bot"
__description__ = "SSL/TLS security scanner"
__description__ = "SSL/TLS security scanner (SSRFsafe)"
__help__ = """
<details>
<summary><strong>!sslscan</strong> SSL/TLS analysis</summary>