moby.rb 1.0.0

data/lib/Thoran/Selenium/WebDriver/SearchContext/ElementPresentQ/element_presentQ.rb

@@ -0,0 +1,39 @@
+# Thoran/Selenium/WebDriver/SearchContext/ElementPresentQ/element_presentQ.rb
+# Thoran::Selenium::WebDriver::SearchContext::ElementPresentQ.element_present?
+
+# 20200418
+# 0.0.0
+
+# Examples:
+# 1. driver.element_present?(:xpath, '//a[@id="submit"]')
+# 2. driver.element_present?(:id, @logout_button_id)
+
+# Changes:
+# 1. + Thoran namespace.
+
+module Thoran
+  module Selenium
+    module WebDriver
+      module SearchContext
+        module ElementPresentQ
+
+          def element_present?(selector_type, selector)
+            bridge.find_element_by(selector_type, selector)
+            true
+          rescue ::Selenium::WebDriver::Error::NoSuchElementError
+            false
+          end
+
+        end
+      end
+    end
+  end
+end
+
+module Selenium
+  module WebDriver
+    class Driver
+      include Thoran::Selenium::WebDriver::SearchContext::ElementPresentQ
+    end
+  end
+end

data/moby.gemspec

@@ -0,0 +1,51 @@
+# moby.gemspec
+
+require_relative './lib/Moby/VERSION'
+
+Gem::Specification.new do |spec|
+  spec.name = 'moby.rb'
+
+  spec.version = Moby::VERSION
+  spec.date = '2026-01-08'
+
+  spec.summary = "Moby is a credentials poisoning tool which floods phishing forms with fake credentials."
+  spec.description = "Sometimes when they go fishing, they get a whale and it sinks their boat. Moby is a counter-phishing tool that floods phishing websites with fake login credentials, making harvested data useless."
+
+  spec.author = 'thoran'
+  spec.email = 'code@thoran.com'
+  spec.homepage = 'https://github.com/thoran/moby'
+  spec.license = 'MIT'
+
+  spec.required_ruby_version = ">= 2.5.0"
+
+  spec.add_dependency('mechanize', '~> 2')
+  spec.add_dependency('switches.rb', '~> 0')
+
+  spec.add_development_dependency('minitest')
+  spec.add_development_dependency('minitest-spec-context')
+  spec.add_development_dependency('rake')
+  spec.add_development_dependency('webmock')
+
+  spec.files = Dir[
+    'bin/*',
+    'lib/**/*.rb',
+    'test/**/*.rb',
+    'CHANGES.txt',
+    'Gemfile',
+    'LICENSE.txt',
+    'moby.gemspec',
+    'Rakefile',
+    'README.md',
+  ]
+
+  spec.bindir = 'bin'
+  spec.executables = ['moby']
+  spec.require_paths = ['lib']
+
+  spec.metadata = {
+    "bug_tracker_uri" => "https://github.com/thoran/moby/issues",
+    "changelog_uri" => "https://github.com/thoran/moby/blob/main/CHANGES.txt",
+    "source_code_uri" => "https://github.com/thoran/moby",
+    "documentation_uri" => "https://github.com/thoran/moby/blob/main/README.md"
+  }
+end

data/test/Moby/VERSION_test.rb

@@ -0,0 +1,23 @@
+# test/Moby/VERSION_test.rb
+
+require_relative '../test_helper'
+
+describe Moby do
+  describe "VERSION" do
+    it "has VERSION constant" do
+      _(defined?(Moby::VERSION)).wont_be_nil
+    end
+
+    it "version is a string" do
+      _(Moby::VERSION).must_be_kind_of(String)
+    end
+
+    it "version follows semver pattern" do
+      _(Moby::VERSION).must_match(/\d+\.\d+\.\d+/)
+    end
+
+    it "version is 1.0.0" do
+      _(Moby::VERSION).must_equal('1.0.0')
+    end
+  end
+end

data/test/moby_test.rb

@@ -0,0 +1,295 @@
+# test/moby_test.rb
+
+require_relative './test_helper'
+
+describe Moby do
+  let(:url){'https://phishing.example.com/login'}
+  let(:moby){Moby.new(url: url)}
+
+  before do
+    WebMock.disable_net_connect!
+
+    # Stub the login page
+    stub_request(:get, url)
+      .to_return(
+        status: 200,
+        body: TestFixtures::SIMPLE_LOGIN_FORM,
+        headers: {'Content-Type' => 'text/html'}
+      )
+
+    # Stub form submission
+    stub_request(:post, 'https://phishing.example.com/login')
+      .to_return(status: 200, body: 'Success')
+  end
+
+  after do
+    WebMock.reset!
+    WebMock.allow_net_connect!
+  end
+
+  describe "initialization" do
+    it "accepts url parameter" do
+      _(moby.url).must_equal(url)
+    end
+
+    it "sets default form_number to 0" do
+      _(moby.form_number).must_equal(0)
+    end
+
+    it "sets default username_field_name to 'username'" do
+      _(moby.username_field_name).must_equal('username')
+    end
+
+    it "sets default password_field_name to 'password'" do
+      _(moby.password_field_name).must_equal('password')
+    end
+
+    it "sets default username_field_number to 0" do
+      _(moby.username_field_number).must_equal(0)
+    end
+
+    it "sets default password_field_number to 1" do
+      _(moby.password_field_number).must_equal(1)
+    end
+
+    it "accepts form_name parameter" do
+      m = Moby.new(url: url, form_name: 'login')
+
+      _(m.form_name).must_equal('login')
+    end
+
+    it "accepts username_hostname parameter" do
+      m = Moby.new(url: url, username_hostname: 'example.com')
+
+      _(m.username_hostname).must_equal('example.com')
+    end
+
+    it "accepts username_is_email_address parameter" do
+      m = Moby.new(url: url, username_is_email_address: true)
+
+      _(m.username_is_email_address).must_equal(true)
+    end
+  end
+
+  describe "mechanize setup" do
+    it "creates Mechanize instance lazily" do
+      mech = moby.instance_variable_get(:@mechanize)
+
+      _(mech).must_be_nil
+
+      moby.send(:mechanize)
+      mech = moby.instance_variable_get(:@mechanize)
+
+      _(mech).must_be_instance_of(Mechanize)
+    end
+
+    it "reuses same mechanize instance" do
+      mech1 = moby.send(:mechanize)
+      mech2 = moby.send(:mechanize)
+
+      _(mech1).must_be_same_as(mech2)
+    end
+  end
+
+  describe "page loading" do
+    it "loads the target URL" do
+      page = moby.send(:page)
+
+      _(page).must_be_instance_of(Mechanize::Page)
+      assert_requested(:get, url, times: 1)
+    end
+
+    it "reuses loaded page" do
+      page1 = moby.send(:page)
+      page2 = moby.send(:page)
+
+      _(page1).must_be_same_as(page2)
+      assert_requested(:get, url, times: 1)
+    end
+
+    it "handles meta refresh redirects" do
+      redirect_body = '<html><head><meta http-equiv="Refresh" content="0; url=https://phishing.example.com/real-login"></head></html>'
+
+      stub_request(:get, url)
+        .to_return(status: 200, body: redirect_body, headers: {'Content-Type' => 'text/html'})
+
+      stub_request(:get, 'https://phishing.example.com/real-login')
+        .to_return(status: 200, body: TestFixtures::SIMPLE_LOGIN_FORM, headers: {'Content-Type' => 'text/html'})
+
+      m = Moby.new(url: url)
+      page = m.send(:page)
+
+      assert_requested(:get, url, times: 1)
+      assert_requested(:get, 'https://phishing.example.com/real-login', times: 1)
+    end
+  end
+
+  describe "form finding" do
+    describe "finding by name" do
+      let(:moby) do
+        Moby.new(url: url, form_name: 'login')
+      end
+
+      it "finds form by name when form_name is set" do
+        moby.send(:page)
+        form = moby.send(:form)
+
+        _(form).must_be_instance_of(Mechanize::Form)
+        _(form.name).must_equal('login')
+      end
+    end
+
+    describe "finding by number" do
+      let(:moby) do
+        Moby.new(url: 'https://multi.example.com/page', form_number: 1)
+      end
+
+      it "finds form by number when form_number is set" do
+        stub_request(:get, 'https://multi.example.com/page')
+          .to_return(
+            status: 200,
+            body: TestFixtures::MULTIPLE_FORMS,
+            headers: {'Content-Type' => 'text/html'}
+          )
+        moby.send(:page)
+        form = moby.send(:form)
+
+        _(form).must_be_instance_of(Mechanize::Form)
+        _(form.node['id']).must_equal('login_form')
+      end
+    end
+
+    describe "deafult form" do
+      it "defaults to first form" do
+        moby.send(:page)
+        form = moby.send(:form)
+
+        _(form).must_be_instance_of(Mechanize::Form)
+      end
+    end
+  end
+
+  describe "field finding" do
+    describe "finding by name" do
+      let(:moby) do
+        Moby.new(url: url, form_name: 'login', username_field_name: 'username', password_field_name: 'password')
+      end
+
+      it "finds username field by name" do
+        moby.send(:page)
+        moby.send(:form)
+        field = moby.send(:username_field)
+
+        _(field.name).must_equal('username')
+      end
+
+      it "finds password field by name" do
+        moby.send(:page)
+        moby.send(:form)
+        field = moby.send(:password_field)
+
+        _(field.name).must_equal('password')
+      end
+    end
+
+    describe "finding by number" do
+      let(:moby) do
+        Moby.new(url: url, username_field_number: 0, password_field_number: 1)
+      end
+
+      it "finds username field by number" do
+        moby.send(:page)
+        moby.send(:form)
+        field = moby.send(:username_field)
+
+        _(field).wont_be_nil
+      end
+
+      it "finds password field by number" do
+        moby.send(:page)
+        moby.send(:form)
+        field = moby.send(:password_field)
+
+        _(field).wont_be_nil
+      end
+    end
+  end
+
+  describe "#username" do
+    it "generates random username" do
+      username = moby.send(:username)
+
+      _(username).must_be_kind_of(String)
+      _(username.length).must_be(:>, 0)
+    end
+
+    it "generates email address when username_is_email_address is true" do
+      m = Moby.new(url: url, username_is_email_address: true)
+      username = m.send(:username)
+
+      _(username).must_match(/@/)
+    end
+
+    it "generates email with custom hostname" do
+      m = Moby.new(url: url, username_hostname: 'example.com')
+      username = m.send(:username)
+
+      _(username).must_match(/@example\.com$/)
+    end
+
+
+    it "generates different usernames" do
+      usernames = 10.times.map{moby.send(:username)}
+
+      _(usernames.uniq.length).must_be(:>, 1)
+    end
+  end
+
+  describe "#password" do
+    it "generates random password" do
+      password = moby.send(:password)
+
+      _(password).must_be_kind_of(String)
+      _(password.length).must_be(:>, 0)
+    end
+  end
+
+  describe "#user_agent" do
+    it "returns random user agent when not set" do
+      agent = moby.send(:user_agent)
+
+      _(agent).must_be_kind_of(String)
+      _(agent).wont_equal('Mechanize')
+    end
+
+    it "returns set user agent when provided" do
+      m = Moby.new(url: url, user_agent: 'CustomAgent')
+
+      _(m.send(:user_agent)).must_equal('CustomAgent')
+    end
+
+    it "generates different random agents" do
+      agents = 10.times.map{Moby.new(url: url).send(:user_agent)}
+
+      _(agents.uniq.length).must_be(:>, 1)
+    end
+  end
+
+  describe "#username_is_email_address?" do
+    it "returns true when username_is_email_address is set" do
+      m = Moby.new(url: url, username_is_email_address: true)
+
+      _(m.send(:username_is_email_address?)).must_equal(true)
+    end
+
+    it "returns true when username_hostname is set" do
+      m = Moby.new(url: url, username_hostname: 'example.com')
+
+      _(m.send(:username_is_email_address?)).wont_be_nil
+    end
+
+    it "returns false by default" do
+      _(moby.send(:username_field_name)).must_equal('username')
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,36 @@
+# test/test_helper.rb
+
+require 'minitest/autorun'
+require 'minitest-spec-context'
+require 'webmock/minitest'
+
+require_relative '../lib/moby'
+
+module TestFixtures
+  SIMPLE_LOGIN_FORM = <<~HTML
+    <html>
+      <body>
+        <form name="login" action="/login" method="post">
+          <input type="text" name="username" />
+          <input type="password" name="password" />
+          <input type="submit" value="Login" />
+        </form>
+      </body>
+    </html>
+  HTML
+
+  MULTIPLE_FORMS = <<~HTML
+    <html>
+      <body>
+        <form name="search">
+          <input type="text" name="q" />
+        </form>
+        <form id="login_form">
+          <input type="email" name="username" id="user_email" />
+          <input type="password" name="password" id="user_password" />
+          <button type="submit">Submit</button>
+        </form>
+      </body>
+    </html>
+  HTML
+end

metadata

@@ -0,0 +1,153 @@
+--- !ruby/object:Gem::Specification
+name: moby.rb
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- thoran
+bindir: bin
+cert_chain: []
+date: 2026-01-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mechanize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: switches.rb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest-spec-context
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Sometimes when they go fishing, they get a whale and it sinks their boat.
+  Moby is a counter-phishing tool that floods phishing websites with fake login credentials,
+  making harvested data useless.
+email: code@thoran.com
+executables:
+- moby
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGES.txt
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/moby
+- lib/File/self.collect.rb
+- lib/Moby.rb
+- lib/Moby/Backends/MechanizeBackend.rb
+- lib/Moby/Backends/SeleniumBackend.rb
+- lib/Moby/Configuration.rb
+- lib/Moby/RandomInputGenerator.rb
+- lib/Moby/VERSION.rb
+- lib/Selenium/WebDriver/Driver/Attempt/attempt.rb
+- lib/Selenium/WebDriver/SearchContext/ElementPresentQ/element_presentQ.rb
+- lib/Thoran/File/SelfCollect/self.collect.rb
+- lib/Thoran/Selenium/WebDriver/Driver/Attempt/attempt.rb
+- lib/Thoran/Selenium/WebDriver/SearchContext/ElementPresentQ/element_presentQ.rb
+- moby.gemspec
+- test/Moby/VERSION_test.rb
+- test/moby_test.rb
+- test/test_helper.rb
+homepage: https://github.com/thoran/moby
+licenses:
+- MIT
+metadata:
+  bug_tracker_uri: https://github.com/thoran/moby/issues
+  changelog_uri: https://github.com/thoran/moby/blob/main/CHANGES.txt
+  source_code_uri: https://github.com/thoran/moby
+  documentation_uri: https://github.com/thoran/moby/blob/main/README.md
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 4.0.3
+specification_version: 4
+summary: Moby is a credentials poisoning tool which floods phishing forms with fake
+  credentials.
+test_files: []