ronin-app 0.1.0.rc1

data/workers/import.rb

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'dry-schema'
+require 'ronin/app/types'
+require 'ronin/app/types/import'
+
+require 'ronin/nmap/importer'
+require 'ronin/masscan/importer'
+
+module Workers
+  #
+  # Worker which imports `nmap` or `masscan` scan files.
+  #
+  class Import
+
+    include Ronin::App
+    include Sidekiq::Worker
+    sidekiq_options queue: :import, retry: false, backtrace: true
+
+    # The accepted JSON params which will be passed to {Import#perform}.
+    Params = Dry::Schema::JSON() do
+      required(:type).filled(Types::Import::TypeType)
+      required(:path).filled(:string)
+    end
+
+    # Mapping of importer `type`s and the importer modules.
+    IMPORT_TYPES = {
+      'nmap'    => Ronin::Nmap::Importer,
+      'masscan' => Ronin::Masscan::Importer
+    }
+
+    #
+    # Processes an `import` job.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    def perform(params)
+      kwargs = validate(params)
+
+      type = kwargs[:type]
+      path = kwargs[:path]
+
+      importer = IMPORT_TYPES.fetch(type) do
+        raise(NotImplementedError,"unsupported import type: #{type.inspect}")
+      end
+
+      importer.import_file(path)
+    end
+
+    #
+    # Validates the given job params.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @return [Hash{Symbol => Object}]
+    #   The validated and coerced params as a Symbol Hash.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    def validate(params)
+      result = Params.call(params)
+
+      if result.failure?
+        raise(ArgumentError,"invalid import params (#{params.inspect}): #{result.errors.inspect}")
+      end
+
+      return result.to_h
+    end
+
+  end
+end

data/workers/install_repo.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'ronin/repos'
+
+module Workers
+  #
+  # A worker that installs a new [ronin repo][ronin-repos].
+  #
+  # [ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
+  #
+  class InstallRepo
+
+    include Sidekiq::Worker
+    sidekiq_options queue: :repos, retry: false, backtrace: true
+
+    def perform(uri,name=nil)
+      Ronin::Repos.cache_dir.install(uri,name)
+    end
+
+  end
+end

data/workers/masscan.rb

@@ -0,0 +1,135 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'dry-schema'
+require 'ronin/app/types'
+
+require 'tempfile'
+require 'masscan/command'
+require 'ronin/masscan/importer'
+
+module Workers
+  #
+  # `masscan` scanner worker.
+  #
+  class Masscan
+
+    include Ronin::App
+    include Sidekiq::Worker
+    sidekiq_options queue: :scan, retry: false, backtrace: true
+
+    # The accepted JSON params which will be passed to {Masscan#perform}.
+    Params = Dry::Schema::JSON() do
+      required(:ips).array(:string).each(:string)
+      required(:ports).filled(:string)
+
+      optional(:banners).maybe(:bool)
+      optional(:rate).maybe(:integer)
+      optional(:config_file).maybe(:string)
+      optional(:adapter).maybe(:string)
+      optional(:adapter_ip).maybe(:string)
+      optional(:adapter_port).maybe(:string)
+      optional(:adapter_mac).maybe(:string)
+      optional(:adapter_vlan).maybe(:string)
+      optional(:router_mac).maybe(:string)
+      optional(:ping).maybe(:bool)
+      optional(:exclude).maybe(:string)
+      optional(:exclude_file).maybe(:string)
+      optional(:include_file).maybe(:string)
+      optional(:pcap_payloads).maybe(:string)
+      optional(:nmap_payloads).maybe(:string)
+      optional(:http_method).maybe(Types::HTTPMethod)
+      optional(:http_url).maybe(:string)
+      optional(:http_version).maybe(:string)
+      optional(:http_host).maybe(:string)
+      optional(:http_user_agent).maybe(:string)
+      optional(:http_field).maybe(:string)
+      optional(:http_cookie).maybe(:string)
+      optional(:http_payload).maybe(:string)
+      optional(:open_only).maybe(:bool)
+      optional(:pcap).maybe(:string)
+      optional(:packet_trace).maybe(:bool)
+      optional(:pfring).maybe(:bool)
+      optional(:shards).maybe(:string)
+      optional(:seed).maybe(:integer)
+      optional(:ttl).maybe(:integer)
+      optional(:wait).maybe(:integer)
+      optional(:retries).maybe(:integer)
+    end
+
+    #
+    # Processes an `masscan` job.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    # @raise [RuntimeError]
+    #   The `masscan` command failed or is not installed.
+    #
+    def perform(params)
+      kwargs = validate(params)
+
+      Tempfile.open(['masscan-', '.bin']) do |tempfile|
+        status = ::Masscan::Command.run(
+          **kwargs,
+          interactive:   true,
+          output_format: :binary,
+          output_file:   tempfile.path
+        )
+
+        case status
+        when true
+          Ronin::Masscan::Importer.import_file(tempfile.path)
+        when false
+          raise("masscan command failed")
+        when nil
+          raise("masscan command not installed")
+        end
+      end
+    end
+
+    #
+    # Validates the given job params.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @return [Hash{Symbol => Object}]
+    #   The validated and coerced params as a Symbol Hash.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    def validate(params)
+      result = Params.call(params)
+
+      if result.failure?
+        raise(ArgumentError,"invalid masscan params (#{params.inspect}): #{result.errors.inspect}")
+      end
+
+      return result.to_h
+    end
+
+  end
+end

data/workers/nmap.rb

@@ -0,0 +1,216 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'dry-schema'
+require 'ronin/app/types/nmap'
+
+require 'tempfile'
+require 'nmap/command'
+require 'ronin/nmap/importer'
+
+module Workers
+  #
+  # `nmap` scanner worker.
+  #
+  class Nmap
+
+    include Ronin::App
+    include Sidekiq::Worker
+    sidekiq_options queue: :scan, retry: false, backtrace: true
+
+    # The accepted JSON params which will be passed to {Nmap#perform}.
+    Params = Dry::Schema::JSON() do
+      required(:targets).array(:string).each(:string)
+
+      # TARGET SPECIFICATIONS:
+      optional(:target_file).maybe(:string)
+      optional(:random_targets).maybe(:integer)
+      optional(:exclude).maybe(:array)
+      optional(:exclude_file).maybe(:string)
+
+      # HOST DISCOVERY:
+      optional(:ping).maybe(:bool)
+      optional(:skip_discovery).maybe(:bool)
+      optional(:syn_discovery).maybe(Types::Bool | Types::Nmap::PortRangeList)
+      optional(:ack_discovery).maybe(Types::Bool | Types::Nmap::PortRangeList)
+      optional(:udp_discovery).maybe(Types::Bool | Types::Nmap::PortRangeList)
+      optional(:sctp_init_ping).maybe(Types::Bool | Types::Nmap::PortRangeList)
+      optional(:icmp_echo_discovery).maybe(:bool)
+      optional(:icmp_timestamp_discovery).maybe(:bool)
+      optional(:icmp_netmask_discovery).maybe(:bool)
+      optional(:ip_ping).maybe(Types::Bool | Types::Nmap::ProtocolList)
+      optional(:arp_ping).maybe(:bool)
+      optional(:traceroute).maybe(:bool)
+      optional(:disable_dns).maybe(:bool)
+      optional(:enable_dns).maybe(:bool)
+      optional(:resolve_all).maybe(:bool)
+      optional(:unique).maybe(:bool)
+      optional(:dns_servers).maybe(:array)
+      optional(:system_dns).maybe(:bool)
+
+      # PORT SCANNING TECHNIQUES:
+      optional(:syn_scan).maybe(:bool)
+      optional(:connect_scan).maybe(:bool)
+      optional(:udp_scan).maybe(:bool)
+      optional(:sctp_init_scan).maybe(:bool)
+      optional(:null_scan).maybe(:bool)
+      optional(:fin_scan).maybe(:bool)
+      optional(:xmas_scan).maybe(:bool)
+      optional(:ack_scan).maybe(:bool)
+      optional(:window_scan).maybe(:bool)
+      optional(:maimon_scan).maybe(:bool)
+      optional(:scan_flags).maybe(Types::Nmap::ScanFlags)
+      optional(:sctp_cookie_echo_scan).maybe(:bool)
+      optional(:idle_scan).maybe(:string)
+      optional(:ip_scan).maybe(:bool)
+      optional(:ftp_bounce_scan).maybe(:string)
+
+      # PORT SPECIFICATION AND SCAN ORDER:
+      optional(:ports).maybe(Types::Nmap::PortRangeList)
+      optional(:exclude_ports).maybe(Types::Nmap::PortRangeList)
+      optional(:fast).maybe(:bool)
+      optional(:consecutively).maybe(:bool)
+      optional(:top_ports).maybe(:integer)
+      optional(:port_ratio).maybe(:float)
+
+      # SERVICE/VERSION DETECTION:
+      optional(:service_scan).maybe(:bool)
+      optional(:all_ports).maybe(:bool)
+      optional(:version_intensity).maybe(:integer)
+      optional(:version_light).maybe(:bool)
+      optional(:version_all).maybe(:bool)
+      optional(:version_trace).maybe(:bool)
+
+      # OS DETECTION:
+      optional(:os_fingerprint).maybe(:bool)
+      optional(:limit_os_scan).maybe(:bool)
+      optional(:max_os_scan).maybe(:bool)
+      optional(:max_os_tries).maybe(:bool)
+
+      # TIMING AND PERFORMANCE:
+      optional(:min_host_group).maybe(:integer)
+      optional(:max_host_group).maybe(:integer)
+      optional(:min_parallelism).maybe(:integer)
+      optional(:max_parallelism).maybe(:integer)
+      optional(:min_rtt_timeout).maybe(Types::Nmap::Time)
+      optional(:max_rtt_timeout).maybe(Types::Nmap::Time)
+      optional(:initial_rtt_timeout).maybe(Types::Nmap::Time)
+      optional(:max_retries).maybe(:integer)
+      optional(:host_timeout).maybe(Types::Nmap::Time)
+      optional(:script_timeout).maybe(Types::Nmap::Time)
+      optional(:scan_delay).maybe(Types::Nmap::Time)
+      optional(:max_scan_delay).maybe(Types::Nmap::Time)
+      optional(:min_rate).maybe(:integer)
+      optional(:max_rate).maybe(:integer)
+      optional(:defeat_rst_ratelimit).maybe(:bool)
+      optional(:defeat_icmp_ratelimit).maybe(:bool)
+      optional(:nsock_engine).maybe(Types::Nmap::NsockEngine)
+      optional(:timing_template).maybe(Types::Nmap::TimingTemplate)
+
+      # FIREWALL/IDS EVASION AND SPOOFING:
+      optional(:packet_fragments).maybe(:bool)
+      optional(:mtu).maybe(Types::Bool | Types::Integer)
+      optional(:decoys).maybe(:array)
+      optional(:spoof).maybe(:string)
+      optional(:interface).maybe(:string)
+      optional(:source_port).maybe(Types::Nmap::Port)
+      optional(:proxies).maybe(:array)
+      optional(:data).maybe(Types::Nmap::HexString)
+      optional(:data_string).maybe(:string)
+      optional(:data_length).maybe(:integer)
+      optional(:ip_options).maybe(:string)
+      optional(:ttl).maybe(:integer)
+      optional(:randomize_hosts).maybe(:bool)
+      optional(:spoof_mac).maybe(:string)
+      optional(:bad_checksum).maybe(:bool)
+      optional(:sctp_adler32).maybe(:bool)
+
+      # MISC:
+      optional(:ipv6).maybe(:bool)
+      optional(:all).maybe(:bool)
+      optional(:nmap_datadir).maybe(:string)
+      optional(:servicedb).maybe(:string)
+      optional(:versiondb).maybe(:string)
+      optional(:send_eth).maybe(:bool)
+      optional(:send_ip).maybe(:bool)
+      optional(:privileged).maybe(:bool)
+      optional(:unprivileged).maybe(:bool)
+      optional(:release_memory).maybe(:bool)
+    end
+
+    #
+    # Processes an `nmap` job.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    # @raise [RuntimeError]
+    #   The `nmap` command failed or is not installed.
+    #
+    def perform(params)
+      kwargs = validate(params)
+
+      Tempfile.open(['nmap-', '.xml']) do |tempfile|
+        status = ::Nmap::Command.run(
+          **kwargs,
+          verbose:    true,
+          privileged: true,
+          output_xml: tempfile.path
+        )
+
+        case status
+        when true
+          Ronin::Nmap::Importer.import_file(tempfile.path)
+        when false
+          raise("nmap command failed")
+        when nil
+          raise("nmap command not installed")
+        end
+      end
+    end
+
+    #
+    # Validates the given job params.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @return [Hash{Symbol => Object}]
+    #   The validated and coerced params as a Symbol Hash.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    def validate(params)
+      result = Params.call(params)
+
+      if result.failure?
+        raise(ArgumentError,"invalid nmap params (#{params.inspect}): #{result.errors.inspect}")
+      end
+
+      return result.to_h
+    end
+
+  end
+end

data/workers/purge_repos.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'ronin/repos'
+
+module Workers
+  #
+  # A worker that deletes all installed [ronin repos][ronin-repos].
+  #
+  # [ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
+  #
+  class PurgeRepos
+
+    include Sidekiq::Worker
+    sidekiq_options queue: :repos, retry: false, backtrace: true
+
+    def perform
+      Ronin::Repos.cache_dir.purge
+    end
+
+  end
+end

data/workers/recon.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'dry-schema'
+
+require 'ronin/recon/value/parser'
+require 'ronin/recon/engine'
+require 'ronin/recon/importer'
+
+module Workers
+  #
+  # `ronin-recon run` worker.
+  #
+  class Recon
+
+    include Sidekiq::Worker
+    sidekiq_options queue: :recon, retry: false, backtrace: true
+
+    # The accepted JSON params which will be passed to {Recon#perform}.
+    Params = Dry::Schema::JSON() do
+      required(:scope).array(:string).each(:filled?)
+
+      optional(:ignore).maybe(:array)
+      optional(:max_depth).maybe(:integer)
+    end
+
+    #
+    # Processes a `recon` job.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    def perform(params)
+      kwargs = validate(params)
+      values = kwargs[:scope].map(&Ronin::Recon::Value.method(:parse))
+
+      ignore = if (ignore_kwargs = kwargs[:ignore])
+                 ignore_kwargs.map(&Ronin::Recon::Value.method(:parse))
+               else
+                 []
+               end
+
+      Ronin::Recon::Engine.run(values, ignore:    ignore,
+                                       max_depth: kwargs[:max_depth]) do |engine|
+        engine.on(:value) do |value,parent|
+          Ronin::Recon::Importer.import_value(value)
+        end
+      end
+    end
+
+    #
+    # Validates the given job params.
+    #
+    # @param [Hash{String => Object}] params
+    #   The JSON deserialized params for the job.
+    #
+    # @return [Hash{Symbol => Object}]
+    #   The validated and coerced params as a Symbol Hash.
+    #
+    # @raise [ArgumentError]
+    #   The params could not be validated or coerced.
+    #
+    def validate(params)
+      result = Params.call(params)
+
+      if result.failure?
+        raise(ArgumentError,"invalid recon params (#{params.inspect}): #{result.errors.inspect}")
+      end
+
+      return result.to_h
+    end
+
+  end
+end

data/workers/remove_repo.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (C) 2023 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'sidekiq'
+require 'ronin/repos'
+
+module Workers
+  #
+  # A worker that removes an  installed [ronin repo][ronin-repos].
+  #
+  # [ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
+  #
+  class RemoveRepo
+
+    include Sidekiq::Worker
+    sidekiq_options queue: :repos, retry: false, backtrace: true
+
+    def perform(name)
+      Ronin::Repos.cache_dir.remove(name)
+    end
+
+  end
+end