ronin-listener 0.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.document +4 -0
- data/.github/workflows/ruby.yml +47 -0
- data/.gitignore +14 -0
- data/.rspec +1 -0
- data/.rubocop.yml +11 -0
- data/.ruby-version +1 -0
- data/.yardopts +1 -0
- data/COPYING.txt +165 -0
- data/ChangeLog.md +8 -0
- data/Gemfile +40 -0
- data/README.md +132 -0
- data/Rakefile +43 -0
- data/bin/ronin-listener +34 -0
- data/data/completions/ronin-listener +103 -0
- data/data/new/dns.rb.erb +7 -0
- data/data/new/http.rb.erb +14 -0
- data/gemspec.yml +39 -0
- data/lib/ronin/listener/cli/command.rb +40 -0
- data/lib/ronin/listener/cli/commands/completion.rb +61 -0
- data/lib/ronin/listener/cli/commands/dns.rb +137 -0
- data/lib/ronin/listener/cli/commands/http.rb +159 -0
- data/lib/ronin/listener/cli/commands/new/dns.rb +123 -0
- data/lib/ronin/listener/cli/commands/new/http.rb +130 -0
- data/lib/ronin/listener/cli/commands/new.rb +71 -0
- data/lib/ronin/listener/cli.rb +50 -0
- data/lib/ronin/listener/output_formats.rb +39 -0
- data/lib/ronin/listener/root.rb +28 -0
- data/lib/ronin/listener/version.rb +26 -0
- data/man/ronin-listener-completion.1 +76 -0
- data/man/ronin-listener-completion.1.md +78 -0
- data/man/ronin-listener-dns.1 +59 -0
- data/man/ronin-listener-dns.1.md +55 -0
- data/man/ronin-listener-http.1 +69 -0
- data/man/ronin-listener-http.1.md +60 -0
- data/man/ronin-listener-new-dns.1 +35 -0
- data/man/ronin-listener-new-dns.1.md +36 -0
- data/man/ronin-listener-new-http.1 +38 -0
- data/man/ronin-listener-new-http.1.md +39 -0
- data/man/ronin-listener-new.1 +56 -0
- data/man/ronin-listener-new.1.md +52 -0
- data/man/ronin-listener.1 +38 -0
- data/man/ronin-listener.1.md +40 -0
- data/ronin-listener.gemspec +62 -0
- data/scripts/setup +58 -0
- metadata +153 -0
data/gemspec.yml
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
name: ronin-listener
|
2
|
+
summary: A Ruby CLI utility for receiving exfiltrated data.
|
3
|
+
description: |
|
4
|
+
ronin-listener is a small CLI utility for receiving exfiltrated data over DNS
|
5
|
+
or HTTP.
|
6
|
+
|
7
|
+
license: LGPL-3.0
|
8
|
+
authors: Postmodern
|
9
|
+
email: postmodern.mod3@gmail.com
|
10
|
+
homepage: https://ronin-rb.dev/
|
11
|
+
has_yard: true
|
12
|
+
|
13
|
+
metadata:
|
14
|
+
documentation_uri: https://ronin-rb.dev/docs/ronin-listener
|
15
|
+
source_code_uri: https://github.com/ronin-rb/ronin-listener
|
16
|
+
bug_tracker_uri: https://github.com/ronin-rb/ronin-listener/issues
|
17
|
+
changelog_uri: https://github.com/ronin-rb/ronin-listener/blob/main/ChangeLog.md
|
18
|
+
rubygems_mfa_required: 'true'
|
19
|
+
|
20
|
+
generated_files:
|
21
|
+
- data/completions/ronin-listener
|
22
|
+
- man/ronin-listener.1
|
23
|
+
- man/ronin-listener-completion.1
|
24
|
+
- man/ronin-listener-dns.1
|
25
|
+
- man/ronin-listener-http.1
|
26
|
+
- man/ronin-listener-new.1
|
27
|
+
- man/ronin-listener-new-dns.1
|
28
|
+
- man/ronin-listener-new-http.1
|
29
|
+
|
30
|
+
required_ruby_version: ">= 3.0.0"
|
31
|
+
|
32
|
+
dependencies:
|
33
|
+
# Ronin dependencies:
|
34
|
+
ronin-listener-dns: ~> 0.1.0.rc1
|
35
|
+
ronin-listener-http: ~> 0.1.0.rc1
|
36
|
+
ronin-core: ~> 0.2.0.rc1
|
37
|
+
|
38
|
+
development_dependencies:
|
39
|
+
bundler: ~> 2.0
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/root'
|
22
|
+
|
23
|
+
require 'ronin/core/cli/command'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Listener
|
27
|
+
class CLI
|
28
|
+
#
|
29
|
+
# Base command for all `ronin-listener` commands.
|
30
|
+
#
|
31
|
+
class Command < Core::CLI::Command
|
32
|
+
|
33
|
+
man_dir File.join(ROOT,'man')
|
34
|
+
|
35
|
+
bug_report_url 'https://github.com/ronin-rb/ronin-listener/issues/new'
|
36
|
+
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/root'
|
22
|
+
require 'ronin/core/cli/completion_command'
|
23
|
+
|
24
|
+
module Ronin
|
25
|
+
module Listener
|
26
|
+
class CLI
|
27
|
+
module Commands
|
28
|
+
#
|
29
|
+
# Manages the shell completion rules for `ronin-listener`.
|
30
|
+
#
|
31
|
+
# ## Usage
|
32
|
+
#
|
33
|
+
# ronin-listener completion [options]
|
34
|
+
#
|
35
|
+
# ## Options
|
36
|
+
#
|
37
|
+
# --print Prints the shell completion file
|
38
|
+
# --install Installs the shell completion file
|
39
|
+
# --uninstall Uninstalls the shell completion file
|
40
|
+
# -h, --help Print help information
|
41
|
+
#
|
42
|
+
# ## Examples
|
43
|
+
#
|
44
|
+
# ronin-listener completion --print
|
45
|
+
# ronin-listener completion --install
|
46
|
+
# ronin-listener completion --uninstall
|
47
|
+
#
|
48
|
+
class Completion < Core::CLI::CompletionCommand
|
49
|
+
|
50
|
+
completion_file File.join(ROOT,'data','completions','ronin-listener')
|
51
|
+
|
52
|
+
man_dir File.join(ROOT,'man')
|
53
|
+
man_page 'ronin-listener-completion.1'
|
54
|
+
|
55
|
+
description 'Manages the shell completion rules for ronin-listener'
|
56
|
+
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,137 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/listener/output_formats'
|
23
|
+
require 'ronin/listener/dns'
|
24
|
+
|
25
|
+
require 'ronin/core/cli/logging'
|
26
|
+
|
27
|
+
module Ronin
|
28
|
+
module Listener
|
29
|
+
class CLI
|
30
|
+
module Commands
|
31
|
+
#
|
32
|
+
# Starts a DNS server for receiving exfiltrated data.
|
33
|
+
#
|
34
|
+
# ## Usage
|
35
|
+
#
|
36
|
+
# ronin-listener dns [options] DOMAIN
|
37
|
+
#
|
38
|
+
# ## Options
|
39
|
+
#
|
40
|
+
# -o, --output FILE The output file to write DNS queries to
|
41
|
+
# -F, --output-format txt|csv|json|ndjson
|
42
|
+
# The output format
|
43
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
44
|
+
# -p, --port PORT The port to listen on (Default: 53)
|
45
|
+
# -h, --help Print help information
|
46
|
+
#
|
47
|
+
# ## Arguments
|
48
|
+
#
|
49
|
+
# DOMAIN The domain to receive queries for
|
50
|
+
#
|
51
|
+
# ## Examples
|
52
|
+
#
|
53
|
+
# ronin-listener dns -H 127.0.0.1 -p 5553 example.com
|
54
|
+
#
|
55
|
+
class Dns < Command
|
56
|
+
|
57
|
+
include Core::CLI::Logging
|
58
|
+
|
59
|
+
usage '[options] DOMAIN'
|
60
|
+
|
61
|
+
option :output, short: '-o',
|
62
|
+
value: {
|
63
|
+
type: String,
|
64
|
+
usage: 'FILE'
|
65
|
+
},
|
66
|
+
desc: 'The output file to write DNS queries to' do |path|
|
67
|
+
options[:output] = path
|
68
|
+
options[:output_format] ||= OutputFormats.infer_from(path)
|
69
|
+
end
|
70
|
+
|
71
|
+
option :output_format, short: '-F',
|
72
|
+
value: {
|
73
|
+
type: OutputFormats.formats
|
74
|
+
},
|
75
|
+
desc: 'The output format'
|
76
|
+
|
77
|
+
option :host, short: '-H',
|
78
|
+
value: {
|
79
|
+
type: String,
|
80
|
+
usage: 'IP',
|
81
|
+
default: '0.0.0.0'
|
82
|
+
},
|
83
|
+
desc: 'The interface to listen on'
|
84
|
+
|
85
|
+
option :port, short: '-p',
|
86
|
+
value: {
|
87
|
+
type: Integer,
|
88
|
+
usage: 'PORT',
|
89
|
+
default: 53
|
90
|
+
},
|
91
|
+
desc: 'The port to listen on'
|
92
|
+
|
93
|
+
argument :domain, required: true,
|
94
|
+
desc: 'The domain to receive queries for'
|
95
|
+
|
96
|
+
description 'Starts a DNS server for receiving exfiltrated data'
|
97
|
+
|
98
|
+
examples [
|
99
|
+
'-H 127.0.0.1 -p 5553 example.com'
|
100
|
+
]
|
101
|
+
|
102
|
+
man_page 'ronin-listener-dns.1'
|
103
|
+
|
104
|
+
#
|
105
|
+
# Runs the `ronin-listener dns` command.
|
106
|
+
#
|
107
|
+
# @param [String] domain
|
108
|
+
# The `DOMAIN` argument.
|
109
|
+
#
|
110
|
+
def run(domain)
|
111
|
+
output_file = if options[:output] && options[:output_format]
|
112
|
+
options[:output_format].open(options[:output])
|
113
|
+
end
|
114
|
+
|
115
|
+
Ronin::Listener::DNS.listen(domain,**proxy_kwargs) do |query|
|
116
|
+
log_info "Received DNS query: #{query.type} #{query.label} from #{query.source}"
|
117
|
+
output_file << query if output_file
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
121
|
+
#
|
122
|
+
# Maps options to keyword arguments for `Ronin::Listener::DNS.listen`.
|
123
|
+
#
|
124
|
+
# @return [Hash{Symbol => Object}]
|
125
|
+
#
|
126
|
+
def proxy_kwargs
|
127
|
+
{
|
128
|
+
host: options[:host],
|
129
|
+
port: options[:port]
|
130
|
+
}
|
131
|
+
end
|
132
|
+
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|
@@ -0,0 +1,159 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/listener/output_formats'
|
23
|
+
require 'ronin/listener/http'
|
24
|
+
|
25
|
+
require 'ronin/core/cli/logging'
|
26
|
+
|
27
|
+
module Ronin
|
28
|
+
module Listener
|
29
|
+
class CLI
|
30
|
+
module Commands
|
31
|
+
#
|
32
|
+
# Starts a HTTP server for receiving exfiltrated data.
|
33
|
+
#
|
34
|
+
# ## Usage
|
35
|
+
#
|
36
|
+
# ronin-listener http [options]
|
37
|
+
#
|
38
|
+
# ## Options
|
39
|
+
#
|
40
|
+
# -o, --output FILE The output file to write HTTP requests to
|
41
|
+
# -F, --output-format txt|csv|json|ndjson
|
42
|
+
# The output format
|
43
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
44
|
+
# -p, --port PORT The port to listen on (Default: 8080)
|
45
|
+
# --vhost HOST The Host: header to filter requests by
|
46
|
+
# -R, --root DIR The root directory to filter requests by (Default: /)
|
47
|
+
# -h, --help Print help information
|
48
|
+
#
|
49
|
+
# ## Examples
|
50
|
+
#
|
51
|
+
# ronin-listener http -H 127.0.0.1 -p 8080
|
52
|
+
# ronin-listener http -H 127.0.0.1 -p 8080 --vhost example.com
|
53
|
+
#
|
54
|
+
class Http < Command
|
55
|
+
|
56
|
+
include Core::CLI::Logging
|
57
|
+
|
58
|
+
usage '[options]'
|
59
|
+
|
60
|
+
option :output, short: '-o',
|
61
|
+
value: {
|
62
|
+
type: String,
|
63
|
+
usage: 'FILE'
|
64
|
+
},
|
65
|
+
desc: 'The output file to write HTTP requests to' do |path|
|
66
|
+
options[:output] = path
|
67
|
+
options[:output_format] ||= OutputFormats.infer_from(path)
|
68
|
+
end
|
69
|
+
|
70
|
+
option :output_format, short: '-F',
|
71
|
+
value: {
|
72
|
+
type: OutputFormats.formats
|
73
|
+
},
|
74
|
+
desc: 'The output format'
|
75
|
+
|
76
|
+
option :host, short: '-H',
|
77
|
+
value: {
|
78
|
+
type: String,
|
79
|
+
usage: 'IP',
|
80
|
+
default: '0.0.0.0'
|
81
|
+
},
|
82
|
+
desc: 'The interface to listen on'
|
83
|
+
|
84
|
+
option :port, short: '-p',
|
85
|
+
value: {
|
86
|
+
type: Integer,
|
87
|
+
usage: 'PORT',
|
88
|
+
default: 8080
|
89
|
+
},
|
90
|
+
desc: 'The port to listen on'
|
91
|
+
|
92
|
+
option :vhost, value: {
|
93
|
+
type: String,
|
94
|
+
usage: 'HOST'
|
95
|
+
},
|
96
|
+
desc: 'The Host: header to filter requests by'
|
97
|
+
|
98
|
+
option :root, short: '-R',
|
99
|
+
value: {
|
100
|
+
type: String,
|
101
|
+
usage: 'DIR',
|
102
|
+
default: '/'
|
103
|
+
},
|
104
|
+
desc: 'The root directory to filter requests by'
|
105
|
+
|
106
|
+
description 'Starts a HTTP server for receiving exfiltrated data'
|
107
|
+
|
108
|
+
examples [
|
109
|
+
'-H 127.0.0.1 -p 8080',
|
110
|
+
'-H 127.0.0.1 -p 8080 --vhost example.com'
|
111
|
+
]
|
112
|
+
|
113
|
+
man_page 'ronin-listener-http.1'
|
114
|
+
|
115
|
+
#
|
116
|
+
# Runs the `ronin-listener http` command.
|
117
|
+
#
|
118
|
+
def run
|
119
|
+
output_file = if options[:output] && options[:output_format]
|
120
|
+
options[:output_format].open(options[:output])
|
121
|
+
end
|
122
|
+
|
123
|
+
Ronin::Listener::HTTP.listen(**server_kwargs) do |request|
|
124
|
+
remote_addr = request.remote_address
|
125
|
+
|
126
|
+
log_info "Received HTTP request from #{remote_addr.ip_address}:#{remote_addr.ip_port} ..."
|
127
|
+
|
128
|
+
puts "#{request.method} #{request.path}"
|
129
|
+
|
130
|
+
request.headers.each do |name,value|
|
131
|
+
puts "#{name}: #{value}"
|
132
|
+
end
|
133
|
+
|
134
|
+
puts request.body if request.body
|
135
|
+
puts
|
136
|
+
|
137
|
+
output_file << request if output_file
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
#
|
142
|
+
# Maps options to keyword arguments for `Ronin::Listener::HTTP.listen`.
|
143
|
+
#
|
144
|
+
# @return [Hash{Symbol => Object}]
|
145
|
+
#
|
146
|
+
def server_kwargs
|
147
|
+
{
|
148
|
+
host: options[:host],
|
149
|
+
port: options[:port],
|
150
|
+
vhost: options[:vhost],
|
151
|
+
root: options[:root]
|
152
|
+
}
|
153
|
+
end
|
154
|
+
|
155
|
+
end
|
156
|
+
end
|
157
|
+
end
|
158
|
+
end
|
159
|
+
end
|
@@ -0,0 +1,123 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/core/cli/generator'
|
23
|
+
require 'ronin/listener/root'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Listener
|
27
|
+
class CLI
|
28
|
+
module Commands
|
29
|
+
class New < Command
|
30
|
+
#
|
31
|
+
# Creates a new standalone DNS listener Ruby script.
|
32
|
+
#
|
33
|
+
# ## Usage
|
34
|
+
#
|
35
|
+
# ronin-listener new dns PATH
|
36
|
+
#
|
37
|
+
# ## Options
|
38
|
+
#
|
39
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
40
|
+
# -p, --port PORT The port to listen on (Default: 5553)
|
41
|
+
# --domain DOMAIN The domain to receive queries for (Default: example.com)
|
42
|
+
# -h, --help Print help information
|
43
|
+
#
|
44
|
+
# ## Arguments
|
45
|
+
#
|
46
|
+
# PATH The script file to create
|
47
|
+
#
|
48
|
+
class Dns < Command
|
49
|
+
|
50
|
+
include Core::CLI::Generator
|
51
|
+
|
52
|
+
template_dir File.join(ROOT,'data','new')
|
53
|
+
|
54
|
+
usage '[options] PATH'
|
55
|
+
|
56
|
+
option :host, short: '-H',
|
57
|
+
value: {
|
58
|
+
type: String,
|
59
|
+
usage: 'IP',
|
60
|
+
default: '0.0.0.0'
|
61
|
+
},
|
62
|
+
desc: 'The interface to listen on' do |host|
|
63
|
+
@host = host
|
64
|
+
end
|
65
|
+
|
66
|
+
option :port, short: '-p',
|
67
|
+
value: {
|
68
|
+
type: Integer,
|
69
|
+
usage: 'PORT',
|
70
|
+
default: 5553
|
71
|
+
},
|
72
|
+
desc: 'The port to listen on' do |port|
|
73
|
+
@port = port
|
74
|
+
end
|
75
|
+
|
76
|
+
option :domain, short: '-d',
|
77
|
+
value: {
|
78
|
+
type: String,
|
79
|
+
usage: 'DOMAIN',
|
80
|
+
default: 'example.com'
|
81
|
+
},
|
82
|
+
desc: 'The domain to receive queries for' do |domain|
|
83
|
+
@domain = domain
|
84
|
+
end
|
85
|
+
|
86
|
+
argument :path, required: true,
|
87
|
+
desc: 'The script file to create'
|
88
|
+
|
89
|
+
description 'Creates a new standalone DNS listener Ruby script'
|
90
|
+
|
91
|
+
man_page 'ronin-listener-new-dns.1'
|
92
|
+
|
93
|
+
#
|
94
|
+
# Initializes the `ronin-listener new dns` command.
|
95
|
+
#
|
96
|
+
# @param [Hash{Symbol => Object}] kwargs
|
97
|
+
# Additional keyword arguments for the command.
|
98
|
+
#
|
99
|
+
def initialize(**kwargs)
|
100
|
+
super(**kwargs)
|
101
|
+
|
102
|
+
@host = '0.0.0.0'
|
103
|
+
@port = 5553
|
104
|
+
@domain = 'example.com'
|
105
|
+
end
|
106
|
+
|
107
|
+
#
|
108
|
+
# Runs the `ronin-listener new dns` command.
|
109
|
+
#
|
110
|
+
# @param [String] path
|
111
|
+
# The path to the new script file to create.
|
112
|
+
#
|
113
|
+
def run(path)
|
114
|
+
erb 'dns.rb.erb', path
|
115
|
+
chmod '+x', path
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
@@ -0,0 +1,130 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/core/cli/generator'
|
23
|
+
require 'ronin/listener/root'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Listener
|
27
|
+
class CLI
|
28
|
+
module Commands
|
29
|
+
class New < Command
|
30
|
+
#
|
31
|
+
# Creates a new standalone HTTP listener Ruby script.
|
32
|
+
#
|
33
|
+
# ## Usage
|
34
|
+
#
|
35
|
+
# ronin-listener new http PATH
|
36
|
+
#
|
37
|
+
# ## Options
|
38
|
+
#
|
39
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
40
|
+
# -p, --port PORT The port to listen on (Default: 8080)
|
41
|
+
# --vhost HOST The Host: header to filter requests by
|
42
|
+
# -R, --root DIR The root directory to filter requests by
|
43
|
+
# -h, --help Print help information
|
44
|
+
#
|
45
|
+
# ## Arguments
|
46
|
+
#
|
47
|
+
# PATH The script file to create
|
48
|
+
#
|
49
|
+
class Http < Command
|
50
|
+
|
51
|
+
include Core::CLI::Generator
|
52
|
+
|
53
|
+
template_dir File.join(ROOT,'data','new')
|
54
|
+
|
55
|
+
usage '[options] PATH'
|
56
|
+
|
57
|
+
option :host, short: '-H',
|
58
|
+
value: {
|
59
|
+
type: String,
|
60
|
+
usage: 'IP',
|
61
|
+
default: '0.0.0.0'
|
62
|
+
},
|
63
|
+
desc: 'The interface to listen on' do |host|
|
64
|
+
@host = host
|
65
|
+
end
|
66
|
+
|
67
|
+
option :port, short: '-p',
|
68
|
+
value: {
|
69
|
+
type: Integer,
|
70
|
+
usage: 'PORT',
|
71
|
+
default: 8080
|
72
|
+
},
|
73
|
+
desc: 'The port to listen on' do |port|
|
74
|
+
@port = port
|
75
|
+
end
|
76
|
+
|
77
|
+
option :vhost, value: {
|
78
|
+
type: String,
|
79
|
+
usage: 'HOST'
|
80
|
+
},
|
81
|
+
desc: 'The Host: header to filter requests by' do |vhost|
|
82
|
+
@vhost = vhost
|
83
|
+
end
|
84
|
+
|
85
|
+
option :root, short: '-R',
|
86
|
+
value: {
|
87
|
+
type: String,
|
88
|
+
usage: 'DIR'
|
89
|
+
},
|
90
|
+
desc: 'The root directory to filter requests by' do |root|
|
91
|
+
@root = root
|
92
|
+
end
|
93
|
+
|
94
|
+
argument :path, required: true,
|
95
|
+
desc: 'The script file to create'
|
96
|
+
|
97
|
+
description 'Creates a new standalone HTTP listener Ruby script'
|
98
|
+
|
99
|
+
man_page 'ronin-listener-new-http.1'
|
100
|
+
|
101
|
+
#
|
102
|
+
# Initializes the `ronin-listener new http` command.
|
103
|
+
#
|
104
|
+
# @param [Hash{Symbol => Object}] kwargs
|
105
|
+
# Additional keyword arguments for the command.
|
106
|
+
#
|
107
|
+
def initialize(**kwargs)
|
108
|
+
super(**kwargs)
|
109
|
+
|
110
|
+
@host = '0.0.0.0'
|
111
|
+
@port = 5553
|
112
|
+
end
|
113
|
+
|
114
|
+
#
|
115
|
+
# Runs the `ronin-listener new http` command.
|
116
|
+
#
|
117
|
+
# @param [String] path
|
118
|
+
# The path to the new script file to create.
|
119
|
+
#
|
120
|
+
def run(path)
|
121
|
+
erb 'http.rb.erb', path
|
122
|
+
chmod '+x', path
|
123
|
+
end
|
124
|
+
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
128
|
+
end
|
129
|
+
end
|
130
|
+
end
|