ronin-dorks 0.1.0

data/History.txt

@@ -0,0 +1,18 @@
+=== 0.1.0 / 2008-08-21
+
+* Initial release.
+* Provides convenience methods for many common Google (tm) Dorks:
+  * Search for URLs containing a specified string:
+  * Search for URLs containing a specified pattern:
+  * Search for Indexes of unprotected <tt>cgi-bin</tt> directories.
+  * Search for unprotected MySQL dump files.
+  * Search for unprotected MySQL dump files containing the password hash
+    'admin'.
+  * Search for Certificate Practice Statement documents.
+  * Search for Network Vulnerability Assessemnt reports.
+  * Search for order receipts.
+  * Search for <tt>robots.txt</tt> files.
+  * Search for unprotected PHP MyAdmin panels.
+  * Search for <tt>emails.xls</tt> files.
+  * Search for <tt>finances.xls</tt> files.
+

data/Manifest.txt

@@ -0,0 +1,8 @@
+History.txt
+Manifest.txt
+README.txt
+Rakefile
+lib/ronin/dorks.rb
+lib/ronin/dorks/version.rb
+lib/ronin/web/dorks.rb
+test/test_ronin_dorks.rb

data/README.txt

@@ -0,0 +1,87 @@
+= Ronin Dorks
+
+* http://ronin.rubyforge.org/dorks/
+* Postmodern Modulus III
+
+== DESCRIPTION:
+
+Ronin Dorks is a Ruby library for Ronin that provides support for various
+Google (tm) Dorks functionality.
+
+Ronin is a Ruby platform designed for information security and data
+exploration tasks. Ronin allows for the rapid development and distribution
+of code over many of the common Source-Code-Management (SCM) systems.
+
+=== Free
+
+All source code within Ronin is licensed under the GPL-2, therefore no user
+will ever have to pay for Ronin or updates to Ronin. Not only is the
+source code free, the Ronin project will not sell enterprise grade security
+snake-oil solutions, give private training classes or later turn Ronin into
+commercial software.
+
+=== Modular
+
+Ronin was not designed as one monolithic library but instead as a collection
+of libraries which can be individually installed. This allows users to pick
+and choose what functionality they want in Ronin.
+
+=== Decentralized
+
+Ronin does not have a central repository of exploits and payloads which
+all developers contribute to. Instead Ronin has Overlays, repositories of
+code that can be hosted on any CVS/SVN/Git/Rsync server. Users can then use
+Ronin to quickly install or update Overlays. This allows developers and
+users to form their own communities, independent of the main developers
+of Ronin.
+
+== FEATURES/PROBLEMS:
+
+* Provides convenience methods for many common Google (tm) Dorks:
+  * Search for URLs containing a specified string:
+  * Search for URLs containing a specified pattern:
+  * Search for Indexes of unprotected <tt>cgi-bin</tt> directories.
+  * Search for unprotected MySQL dump files.
+  * Search for unprotected MySQL dump files containing the password hash
+    'admin'.
+  * Search for Certificate Practice Statement documents.
+  * Search for Network Vulnerability Assessemnt reports.
+  * Search for order receipts.
+  * Search for <tt>robots.txt</tt> files.
+  * Search for unprotected PHP MyAdmin panels.
+  * Search for <tt>emails.xls</tt> files.
+  * Search for <tt>finances.xls</tt> files.
+
+== SYNOPSIS:
+
+  $ ronin dorks
+
+== REQUIREMENTS:
+
+* Ronin >= 0.0.9
+* GScraper >= 0.2.0
+
+== INSTALL:
+
+  $ sudo gem install ronin-dorks
+
+== LICENSE:
+
+Ronin SQL - A Ruby library for Ronin that provides support for various
+Google (tm) Dorks and Hacking functionality.
+
+Copyright (c) 2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

data/Rakefile

@@ -0,0 +1,13 @@
+# -*- ruby -*-
+
+require 'rubygems'
+require 'hoe'
+require './lib/ronin/dorks/version.rb'
+
+Hoe.new('ronin-dorks', Ronin::Dorks::VERSION) do |p|
+  p.rubyforge_name = 'ronin'
+  p.developer('Postmodern Modulus III', 'postmodern.mod3@gmail.com')
+  p.extra_deps = [['ronin', '>=0.0.9'], ['gscraper', '>=0.2.1']]
+end
+
+# vim: syntax=Ruby

data/lib/ronin/dorks.rb

@@ -0,0 +1,25 @@
+#
+#--
+# Ronin Dorks - A Ruby library for Ronin that provides support for various
+# Google (tm) Dorks functionality.
+#
+# Copyright (c) 2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/web/dorks'
+require 'ronin/dorks/version'

data/lib/ronin/dorks/version.rb

@@ -0,0 +1,28 @@
+#
+#--
+# Ronin Dorks - A Ruby library for Ronin that provides support for various
+# Google (tm) Dorks functionality.
+#
+# Copyright (c) 2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+module Ronin
+  module Dorks
+    VERSION = '0.1.0'
+  end
+end

data/lib/ronin/web/dorks.rb

@@ -0,0 +1,149 @@
+#
+#--
+# Ronin Dorks - A Ruby library for Ronin that provides support for various
+# Google (tm) Dorks functionality.
+#
+# Copyright (c) 2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/web/web'
+require 'ronin/extensions/uri'
+require 'ronin/formatting/digest'
+
+require 'json'
+require 'gscraper/search'
+
+module Ronin
+  module Web
+    module Dorks
+      include GScraper
+
+      #
+      # Creates either a <tt>GScraper::Search::WebQuery</tt> or a
+      # <tt>GScraper::Search::AJAXQuery</tt> with the given _options_.
+      # If a _block_ is given, it will be passed the newly created 
+      # query object.
+      #
+      # _options_ may contain the following keys:
+      # <tt>:ajax</tt>:: Specifies wether or not to create a
+      #                  <tt>GScraper::Search::AJAXQuery</tt>.
+      #
+      def Dorks.search(options={},&block)
+        if options[:ajax] == true
+          return Search.ajax_query(options,&block)
+        else
+          return Search.query(options,&block)
+        end
+      end
+
+      def Dorks.inurl(pattern,options={},&block)
+        Dorks.search(options.merge(:inurl => pattern),&block)
+      end
+
+      def Dorks.string_inurl(string,options={},&block)
+        Dorks.inurl("'#{string}'",options,&block)
+      end
+
+      def Dorks.allinurl(patterns,options={},&block)
+        Dorks.search(options.merge(:allinurl => patterns),&block)
+      end
+
+      def Dorks.all_strings_inurl(patterns,options={},&block)
+        Dorks.search(options.merge(:allinurl => patterns.map { |pattern|
+          "'#{pattern}'"
+        }),&block)
+      end
+
+      def Dorks.index_of_cgi_bin(options={},&block)
+        Dorks.search(options.merge(:exact_phrase => 'Index of cgi-bin'),&block)
+      end
+
+      def Dorks.mysql_dump(options={},&block)
+        query = []
+        
+        query << "Host: #{options[:host]}" if options[:host]
+        query << "Database: #{options[:database]}" if options[:database]
+        query << options[:version] if options[:version]
+
+        query << "\"#{options[:sql]}\"" if options[:sql]
+        query << options[:password].to_s.md5 if options[:password]
+
+        return Dorks.search(options.merge(:query => query,
+                                          :exact_phrase => '"#mysql dump"',
+                                          :filetype => :sql),&block)
+      end
+
+      def Dorks.mysql_dump_admin(options={},&block)
+        Dorks.mysql_dump(options.merge(:password => :admin),&block)
+      end
+
+      def Dorks.cps(options={},&block)
+        Dorks.search(options.merge(:exact_phrase => 'Certificate Practice Statement',
+                                   :inurl => '(PDF | DOC)'),&block)
+      end
+
+      def Dorks.vuln_report(options={},&block)
+        Dorks.search(options.merge(:exact_phrase => 'Network Vulnerability Assessment'),&block)
+      end
+
+      def Dorks.receipts(options={},&block)
+        Dorks.search(options.merge(:exact_phrase => 'Thank you for your order',
+                                   :with_words => ['receipt'],
+                                   :filetype => :pdf),&block)
+      end
+
+      def Dorks.robots_txt(options={},&block)
+        Dorks.search(options.merge(:exact_phrase => 'robots.txt',
+                                   :with_words => ['Disallow'],
+                                   :filetype => :txt),&block)
+      end
+
+      def Dorks.php_my_admin(options={},&block)
+        Dorks.search(options.merge(:with_words => ['phpMyAdmin'],
+                                   :exact_phrase => 'running on',
+                                   :inurl => 'main.php'),&block)
+      end
+
+      def Dorks.qbw(options={},&block)
+        Dorks.search(options.merge(:query => 'qbw',
+                                   :filetype => 'QBW'),&block)
+      end
+
+      def Dorks.emails_xls(options={},&block)
+        Dorks.search(options.merge(:filetype => 'xls',
+                                   :inurl => '"email.xls"'),&block)
+      end
+
+      def Dorks.index_for_finances_xls(options={},&block)
+        Dorks.search(options.merge(:query => 'finances.xls',
+                                   :intitle => '"Index of"'),&block)
+      end
+
+      def Dorks.download_file(options={},&block)
+        Dorks.search(options.merge(:allinurl => ['download.php?',
+                                                 'file']),&block)
+      end
+
+      def Dorks.download_pdf(options={},&block)
+        Dorks.search(options.merge(:allinurl => ['download.php?',
+                                                 'file',
+                                                 '.pdf']),&block)
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,93 @@
+--- !ruby/object:Gem::Specification 
+name: ronin-dorks
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Postmodern Modulus III
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-08-21 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: ronin
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.0.9
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: gscraper
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.2.1
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.7.0
+    version: 
+description: Ronin Dorks is a Ruby library for Ronin that provides support for various Google (tm) Dorks functionality.  Ronin is a Ruby platform designed for information security and data exploration tasks. Ronin allows for the rapid development and distribution of code over many of the common Source-Code-Management (SCM) systems.
+email: 
+- postmodern.mod3@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- README.txt
+files: 
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- lib/ronin/dorks.rb
+- lib/ronin/dorks/version.rb
+- lib/ronin/web/dorks.rb
+- test/test_ronin_dorks.rb
+has_rdoc: true
+homepage: http://ronin.rubyforge.org/dorks/
+post_install_message: 
+rdoc_options: 
+- --main
+- README.txt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: ronin
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Ronin Dorks is a Ruby library for Ronin that provides support for various Google (tm) Dorks functionality
+test_files: 
+- test/test_ronin_dorks.rb