aquatone 0.1.0

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "aquatone"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/exe/aquatone-discover

@@ -0,0 +1,129 @@
+#!/usr/bin/env ruby
+
+require "aquatone"
+
+options = {
+  :fallback_nameservers => %w(8.8.8.8 8.8.4.4),
+  :threads => 5,
+  :ignore_private => true
+}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: aquatone-discover OPTIONS"
+
+  opts.on("-d", "--domain DOMAIN", "Domain name to assess") do |v|
+    if !Aquatone::Validation.valid_domain_name?(v)
+      puts "#{v} doesn't look like a valid domain name."
+      exit 1
+    end
+    options[:domain] = v
+  end
+
+  opts.on("--nameservers NAMESERVERS", "Nameservers to use") do |v|
+    ips = v.split(",").map(&:strip).uniq
+    if ips.empty?
+      puts "Nameservers can't be empty."
+      exit 1
+    end
+    ips.each do |ip|
+      if !Aquatone::Validation.valid_ip?(ip)
+        puts "#{ip} is not a valid IP address."
+        exit 1
+      end
+    end
+    options[:nameservers] = ips
+  end
+
+  opts.on("--fallback-nameservers NAMESERVERS", "Nameservers to fall back to") do |v|
+    ips = v.split(",").map(&:strip).uniq
+    if ips.empty?
+      puts "Fallback nameservers can't be empty."
+      exit 1
+    end
+    ips.each do |ip|
+      if !Aquatone::Validation.valid_ip?(ip)
+        puts "#{ip} is not a valid IP address."
+        exit 1
+      end
+    end
+    options[:fallback_nameservers] = ips
+  end
+
+  opts.on("--[no-]ignore-private", "Ignore hosts resolving to private IP addresses") do |v|
+    options[:ignore_private] = v
+  end
+
+  opts.on("--set-key KEY VALUE", "Save a key to key store") do |key|
+    if ARGV.empty?
+      puts "No key value given."
+      exit 1
+    end
+    key   = key.to_s.downcase
+    value = ARGV.join(" ").strip
+    Aquatone::KeyStore.set(key, value)
+    puts "Saved key #{key} with value #{value}."
+    exit
+  end
+
+  opts.on("--list-collectors", "See information on collectors") do
+    Aquatone::Collector.descendants.each do |collector|
+      puts "Name.......: #{collector.meta[:name]}"
+      puts "Description: #{collector.meta[:description]}" if collector.meta[:description]
+      puts "Author.....: #{collector.meta[:author]}"
+      puts "Key........: #{collector.sluggified_name}\n\n"
+      puts "--------------------------------------------------\n\n"
+    end
+    exit
+  end
+
+  opts.on("--only-collectors COLLECTORS", "Only run specified collectors") do |v|
+    known_collectors = Aquatone::Collector.descendants.map(&:sluggified_name)
+    collectors       = v.split(",").map(&:strip).uniq
+    collectors.each do |collector|
+      if !known_collectors.include?(collector)
+        puts "Unknown collector key: #{collector}"
+        exit 1
+      end
+    end
+    options[:only_collectors] = collectors
+  end
+
+  opts.on("--disable-collectors COLLECTORS", "Disable specified collectors") do |v|
+    known_collectors = Aquatone::Collector.descendants.map(&:sluggified_name)
+    collectors       = v.split(",").map(&:strip).uniq
+    collectors.each do |collector|
+      if !known_collectors.include?(collector)
+        puts "Unknown collector key: #{collector}"
+        exit 1
+      end
+    end
+    options[:disable_collectors] = collectors
+  end
+
+  opts.on("-t", "--threads THREADS", "Number of concurrent threads to use") do |v|
+    options[:threads] = v.to_i
+  end
+
+  opts.on("-s", "--sleep SECONDS", "Seconds to sleep between lookups") do |v|
+    if v.to_i < 1
+      puts "Sleep can't be less than 1"
+      exit 1
+    end
+    options[:sleep] = v.to_i
+  end
+
+  opts.on("-j", "--jitter PERCENTAGE", "Jitter factor for sleep intervals") do |v|
+    if !v.to_i.between?(1, 100)
+      puts "Jitter factor must be between 1 and 100"
+      exit 1
+    end
+    options[:jitter] = v.to_f
+  end
+
+  opts.on("-h", "--help", "Show help") do
+    puts opts
+    exit 0
+  end
+end.parse!
+
+Aquatone::Commands::Discover.run(options)

data/exe/aquatone-gather

@@ -0,0 +1,55 @@
+#!/usr/bin/env ruby
+
+require "aquatone"
+
+options = {
+  :threads   => 5,
+  :timeout   => 15
+}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: aquatone-gather OPTIONS"
+
+  opts.on("-d", "--domain DOMAIN", "Domain name to assess") do |v|
+    if !Aquatone::Validation.valid_domain_name?(v)
+      puts "#{v} doesn't look like a valid domain name."
+      exit 1
+    end
+    options[:domain] = v
+  end
+
+  opts.on("-t", "--threads THREADS", "Number of concurrent threads to use") do |v|
+    options[:threads] = v.to_i
+  end
+
+  opts.on("--timeout SECONDS", "Timeout for page renderings") do |v|
+    if v.to_i < 1
+      puts "Timeout must be at least 1 second"
+      exit 1
+    end
+    options[:timeout] = v.to_i
+  end
+
+  opts.on("-s", "--sleep SECONDS", "Seconds to sleep between lookups") do |v|
+    if v.to_i < 1
+      puts "Sleep can't be less than 1"
+      exit 1
+    end
+    options[:sleep] = v.to_i
+  end
+
+  opts.on("-j", "--jitter PERCENTAGE", "Jitter factor for sleep intervals") do |v|
+    if !v.to_i.between?(1, 100)
+      puts "Jitter factor must be between 1 and 100"
+      exit 1
+    end
+    options[:jitter] = v.to_f
+  end
+
+  opts.on("-h", "--help", "Show help") do
+    puts opts
+    exit 0
+  end
+end.parse!
+
+Aquatone::Commands::Gather.run(options)

data/exe/aquatone-scan

@@ -0,0 +1,76 @@
+#!/usr/bin/env ruby
+
+require "aquatone"
+
+options = {
+  :ports   => Aquatone::PortLists::MEDIUM,
+  :threads => 5,
+  :timeout => 0.5
+}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: aquatone-scan OPTIONS"
+
+  opts.on("-d", "--domain DOMAIN", "Domain name to assess") do |v|
+    if !Aquatone::Validation.valid_domain_name?(v)
+      puts "#{v} doesn't look like a valid domain name."
+      exit 1
+    end
+    options[:domain] = v
+  end
+
+  opts.on("-p", "--ports PORTS", "Ports to scan") do |v|
+    if v =~ /\A[\d,\s]{1,}\z/
+      ports = v.split(",").map { |p| p.strip.to_i }
+      ports.each do |p|
+        if !Aquatone::Validation.valid_tcp_port?(p)
+          puts "#{p} is not a valid TCP port."
+          exit 1
+        end
+      end
+      options[:ports] = ports
+    else
+      begin
+        options[:ports] = Aquatone::PortLists.port_list_by_name(v.downcase)
+      rescue Aquatone::PortLists::UnknownPortListName => e
+        puts e.message
+        exit 1
+      end
+    end
+  end
+
+  opts.on("--timeout SECONDS", "Timeout in seconds for port probes") do |v|
+    if v.to_f <= 0
+      puts "Timeout can't be zero"
+      exit 1
+    end
+    options[:timeout] = v.to_f
+  end
+
+  opts.on("-t", "--threads THREADS", "Number of concurrent threads to use") do |v|
+    options[:threads] = v.to_i
+  end
+
+  opts.on("-s", "--sleep SECONDS", "Seconds to sleep between port probes") do |v|
+    if v.to_i < 1
+      puts "Sleep can't be less than 1"
+      exit 1
+    end
+    options[:sleep] = v.to_i
+  end
+
+  opts.on("-j", "--jitter PERCENTAGE", "Jitter factor for sleep intervals") do |v|
+    if !v.to_i.between?(1, 100)
+      puts "Jitter factor must be between 1 and 100"
+      exit 1
+    end
+    options[:jitter] = v.to_f
+  end
+
+  opts.on("-h", "--help", "Show help") do
+    puts opts
+    exit 0
+  end
+end.parse!
+
+Aquatone::Commands::Scan.run(options)

data/lib/aquatone.rb

@@ -0,0 +1,43 @@
+require "resolv"
+require "ipaddr"
+require "socket"
+require "timeout"
+require "shellwords"
+require "optparse"
+
+require "httparty"
+require "childprocess"
+
+require "aquatone/version"
+require "aquatone/port_lists"
+require "aquatone/url_maker"
+require "aquatone/validation"
+require "aquatone/thread_pool"
+require "aquatone/http_client"
+require "aquatone/browser"
+require "aquatone/browser/drivers/nightmare"
+require "aquatone/domain"
+require "aquatone/resolver"
+require "aquatone/assessment"
+require "aquatone/report"
+require "aquatone/command"
+require "aquatone/collector"
+
+module Aquatone
+  AQUATONE_ROOT         = File.expand_path(File.join(File.dirname(__FILE__), "..")).freeze
+  DEFAULT_AQUATONE_PATH = File.join(Dir.home, "aquatone").freeze
+
+  def self.aquatone_path
+    ENV['AQUATONEPATH'] || DEFAULT_AQUATONE_PATH
+  end
+end
+
+require "aquatone/key_store"
+
+Dir[File.join(File.dirname(__FILE__), "aquatone", "collectors", "*.rb")].each do |collector|
+  require collector
+end
+
+require "aquatone/commands/discover"
+require "aquatone/commands/scan"
+require "aquatone/commands/gather"

data/lib/aquatone/assessment.rb

@@ -0,0 +1,40 @@
+module Aquatone
+  class Assessment
+    attr_reader :domain
+
+    def initialize(domain)
+      @domain = domain
+      initialize_assessment_directory
+    end
+
+    def has_file?(name)
+      File.exist?(File.join(path, name))
+    end
+
+    def read_file(name)
+      File.read(File.join(path, name))
+    end
+
+    def write_file(name, data, mode = "w")
+      File.open(File.join(path, name), mode) do |file|
+        file.write(data)
+      end
+    end
+
+    def make_directory(name)
+      dir = File.join(path, name)
+      Dir.mkdir(dir) unless Dir.exist?(dir)
+    end
+
+    def path
+      File.join(Aquatone.aquatone_path, domain)
+    end
+
+    private
+
+    def initialize_assessment_directory
+      Dir.mkdir(Aquatone.aquatone_path) unless Dir.exist?(Aquatone.aquatone_path)
+      Dir.mkdir(path) unless Dir.exist?(path)
+    end
+  end
+end

data/lib/aquatone/browser.rb

@@ -0,0 +1,18 @@
+module Aquatone
+  class Browser
+    def self.visit(url, vhost, html_destination, headers_destination, screenshot_destination, options)
+      driver = make_driver(url, vhost, html_destination, headers_destination, screenshot_destination, options)
+      visit  = driver.visit
+      if !visit["success"]
+        visit = driver.visit
+      end
+      visit
+    end
+
+    protected
+
+    def self.make_driver(url, vhost, html_destination, headers_destination, screenshot_destination, options)
+      Aquatone::Browser::Drivers::Nightmare.new(url, vhost, html_destination, headers_destination, screenshot_destination, options)
+    end
+  end
+end

data/lib/aquatone/browser/drivers/nightmare.rb

@@ -0,0 +1,52 @@
+module Aquatone
+  class Browser
+    module Drivers
+      class Nightmare
+        attr_reader :url, :vhost, :html_destination, :headers_destination, :screenshot_destination, :options
+
+        def initialize(url, vhost, html_destination, headers_destination, screenshot_destination, options)
+          @url                    = url
+          @vhost                  = vhost
+          @html_destination       = html_destination
+          @headers_destination    = headers_destination
+          @screenshot_destination = screenshot_destination
+          @options                = options
+        end
+
+        def visit
+          rout, wout = IO.pipe
+          process           = ChildProcess.build(*construct_command)
+          process.cwd       = Aquatone::AQUATONE_ROOT
+          process.io.stdout = wout
+          process.start
+          process.poll_for_exit(options[:timeout])
+          wout.close
+          command_output = rout.readlines.join("\n").strip
+          JSON.parse(command_output)
+        rescue => e
+          process.stop if process
+          return {
+            "success" => false,
+            "error"   => e.is_a?(ChildProcess::TimeoutError) ? "Timeout" : "#{e.class}: #{e.message}",
+            "code"    => 0,
+            "details" => ""
+          }
+        end
+
+        private
+
+        def construct_command
+          [
+            "node",
+            File.join(Aquatone::AQUATONE_ROOT, "aquatone.js"),
+            Shellwords.escape(url),
+            Shellwords.escape(vhost),
+            Shellwords.escape(html_destination),
+            Shellwords.escape(headers_destination),
+            Shellwords.escape(screenshot_destination)
+          ]
+        end
+      end
+    end
+  end
+end