ronin-listener 0.1.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.document +4 -0
- data/.github/workflows/ruby.yml +47 -0
- data/.gitignore +14 -0
- data/.rspec +1 -0
- data/.rubocop.yml +11 -0
- data/.ruby-version +1 -0
- data/.yardopts +1 -0
- data/COPYING.txt +165 -0
- data/ChangeLog.md +8 -0
- data/Gemfile +40 -0
- data/README.md +132 -0
- data/Rakefile +43 -0
- data/bin/ronin-listener +34 -0
- data/data/completions/ronin-listener +103 -0
- data/data/new/dns.rb.erb +7 -0
- data/data/new/http.rb.erb +14 -0
- data/gemspec.yml +39 -0
- data/lib/ronin/listener/cli/command.rb +40 -0
- data/lib/ronin/listener/cli/commands/completion.rb +61 -0
- data/lib/ronin/listener/cli/commands/dns.rb +137 -0
- data/lib/ronin/listener/cli/commands/http.rb +159 -0
- data/lib/ronin/listener/cli/commands/new/dns.rb +123 -0
- data/lib/ronin/listener/cli/commands/new/http.rb +130 -0
- data/lib/ronin/listener/cli/commands/new.rb +71 -0
- data/lib/ronin/listener/cli.rb +50 -0
- data/lib/ronin/listener/output_formats.rb +39 -0
- data/lib/ronin/listener/root.rb +28 -0
- data/lib/ronin/listener/version.rb +26 -0
- data/man/ronin-listener-completion.1 +76 -0
- data/man/ronin-listener-completion.1.md +78 -0
- data/man/ronin-listener-dns.1 +59 -0
- data/man/ronin-listener-dns.1.md +55 -0
- data/man/ronin-listener-http.1 +69 -0
- data/man/ronin-listener-http.1.md +60 -0
- data/man/ronin-listener-new-dns.1 +35 -0
- data/man/ronin-listener-new-dns.1.md +36 -0
- data/man/ronin-listener-new-http.1 +38 -0
- data/man/ronin-listener-new-http.1.md +39 -0
- data/man/ronin-listener-new.1 +56 -0
- data/man/ronin-listener-new.1.md +52 -0
- data/man/ronin-listener.1 +38 -0
- data/man/ronin-listener.1.md +40 -0
- data/ronin-listener.gemspec +62 -0
- data/scripts/setup +58 -0
- metadata +153 -0
data/gemspec.yml
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
name: ronin-listener
|
2
|
+
summary: A Ruby CLI utility for receiving exfiltrated data.
|
3
|
+
description: |
|
4
|
+
ronin-listener is a small CLI utility for receiving exfiltrated data over DNS
|
5
|
+
or HTTP.
|
6
|
+
|
7
|
+
license: LGPL-3.0
|
8
|
+
authors: Postmodern
|
9
|
+
email: postmodern.mod3@gmail.com
|
10
|
+
homepage: https://ronin-rb.dev/
|
11
|
+
has_yard: true
|
12
|
+
|
13
|
+
metadata:
|
14
|
+
documentation_uri: https://ronin-rb.dev/docs/ronin-listener
|
15
|
+
source_code_uri: https://github.com/ronin-rb/ronin-listener
|
16
|
+
bug_tracker_uri: https://github.com/ronin-rb/ronin-listener/issues
|
17
|
+
changelog_uri: https://github.com/ronin-rb/ronin-listener/blob/main/ChangeLog.md
|
18
|
+
rubygems_mfa_required: 'true'
|
19
|
+
|
20
|
+
generated_files:
|
21
|
+
- data/completions/ronin-listener
|
22
|
+
- man/ronin-listener.1
|
23
|
+
- man/ronin-listener-completion.1
|
24
|
+
- man/ronin-listener-dns.1
|
25
|
+
- man/ronin-listener-http.1
|
26
|
+
- man/ronin-listener-new.1
|
27
|
+
- man/ronin-listener-new-dns.1
|
28
|
+
- man/ronin-listener-new-http.1
|
29
|
+
|
30
|
+
required_ruby_version: ">= 3.0.0"
|
31
|
+
|
32
|
+
dependencies:
|
33
|
+
# Ronin dependencies:
|
34
|
+
ronin-listener-dns: ~> 0.1.0.rc1
|
35
|
+
ronin-listener-http: ~> 0.1.0.rc1
|
36
|
+
ronin-core: ~> 0.2.0.rc1
|
37
|
+
|
38
|
+
development_dependencies:
|
39
|
+
bundler: ~> 2.0
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/root'
|
22
|
+
|
23
|
+
require 'ronin/core/cli/command'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Listener
|
27
|
+
class CLI
|
28
|
+
#
|
29
|
+
# Base command for all `ronin-listener` commands.
|
30
|
+
#
|
31
|
+
class Command < Core::CLI::Command
|
32
|
+
|
33
|
+
man_dir File.join(ROOT,'man')
|
34
|
+
|
35
|
+
bug_report_url 'https://github.com/ronin-rb/ronin-listener/issues/new'
|
36
|
+
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/root'
|
22
|
+
require 'ronin/core/cli/completion_command'
|
23
|
+
|
24
|
+
module Ronin
|
25
|
+
module Listener
|
26
|
+
class CLI
|
27
|
+
module Commands
|
28
|
+
#
|
29
|
+
# Manages the shell completion rules for `ronin-listener`.
|
30
|
+
#
|
31
|
+
# ## Usage
|
32
|
+
#
|
33
|
+
# ronin-listener completion [options]
|
34
|
+
#
|
35
|
+
# ## Options
|
36
|
+
#
|
37
|
+
# --print Prints the shell completion file
|
38
|
+
# --install Installs the shell completion file
|
39
|
+
# --uninstall Uninstalls the shell completion file
|
40
|
+
# -h, --help Print help information
|
41
|
+
#
|
42
|
+
# ## Examples
|
43
|
+
#
|
44
|
+
# ronin-listener completion --print
|
45
|
+
# ronin-listener completion --install
|
46
|
+
# ronin-listener completion --uninstall
|
47
|
+
#
|
48
|
+
class Completion < Core::CLI::CompletionCommand
|
49
|
+
|
50
|
+
completion_file File.join(ROOT,'data','completions','ronin-listener')
|
51
|
+
|
52
|
+
man_dir File.join(ROOT,'man')
|
53
|
+
man_page 'ronin-listener-completion.1'
|
54
|
+
|
55
|
+
description 'Manages the shell completion rules for ronin-listener'
|
56
|
+
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,137 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/listener/output_formats'
|
23
|
+
require 'ronin/listener/dns'
|
24
|
+
|
25
|
+
require 'ronin/core/cli/logging'
|
26
|
+
|
27
|
+
module Ronin
|
28
|
+
module Listener
|
29
|
+
class CLI
|
30
|
+
module Commands
|
31
|
+
#
|
32
|
+
# Starts a DNS server for receiving exfiltrated data.
|
33
|
+
#
|
34
|
+
# ## Usage
|
35
|
+
#
|
36
|
+
# ronin-listener dns [options] DOMAIN
|
37
|
+
#
|
38
|
+
# ## Options
|
39
|
+
#
|
40
|
+
# -o, --output FILE The output file to write DNS queries to
|
41
|
+
# -F, --output-format txt|csv|json|ndjson
|
42
|
+
# The output format
|
43
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
44
|
+
# -p, --port PORT The port to listen on (Default: 53)
|
45
|
+
# -h, --help Print help information
|
46
|
+
#
|
47
|
+
# ## Arguments
|
48
|
+
#
|
49
|
+
# DOMAIN The domain to receive queries for
|
50
|
+
#
|
51
|
+
# ## Examples
|
52
|
+
#
|
53
|
+
# ronin-listener dns -H 127.0.0.1 -p 5553 example.com
|
54
|
+
#
|
55
|
+
class Dns < Command
|
56
|
+
|
57
|
+
include Core::CLI::Logging
|
58
|
+
|
59
|
+
usage '[options] DOMAIN'
|
60
|
+
|
61
|
+
option :output, short: '-o',
|
62
|
+
value: {
|
63
|
+
type: String,
|
64
|
+
usage: 'FILE'
|
65
|
+
},
|
66
|
+
desc: 'The output file to write DNS queries to' do |path|
|
67
|
+
options[:output] = path
|
68
|
+
options[:output_format] ||= OutputFormats.infer_from(path)
|
69
|
+
end
|
70
|
+
|
71
|
+
option :output_format, short: '-F',
|
72
|
+
value: {
|
73
|
+
type: OutputFormats.formats
|
74
|
+
},
|
75
|
+
desc: 'The output format'
|
76
|
+
|
77
|
+
option :host, short: '-H',
|
78
|
+
value: {
|
79
|
+
type: String,
|
80
|
+
usage: 'IP',
|
81
|
+
default: '0.0.0.0'
|
82
|
+
},
|
83
|
+
desc: 'The interface to listen on'
|
84
|
+
|
85
|
+
option :port, short: '-p',
|
86
|
+
value: {
|
87
|
+
type: Integer,
|
88
|
+
usage: 'PORT',
|
89
|
+
default: 53
|
90
|
+
},
|
91
|
+
desc: 'The port to listen on'
|
92
|
+
|
93
|
+
argument :domain, required: true,
|
94
|
+
desc: 'The domain to receive queries for'
|
95
|
+
|
96
|
+
description 'Starts a DNS server for receiving exfiltrated data'
|
97
|
+
|
98
|
+
examples [
|
99
|
+
'-H 127.0.0.1 -p 5553 example.com'
|
100
|
+
]
|
101
|
+
|
102
|
+
man_page 'ronin-listener-dns.1'
|
103
|
+
|
104
|
+
#
|
105
|
+
# Runs the `ronin-listener dns` command.
|
106
|
+
#
|
107
|
+
# @param [String] domain
|
108
|
+
# The `DOMAIN` argument.
|
109
|
+
#
|
110
|
+
def run(domain)
|
111
|
+
output_file = if options[:output] && options[:output_format]
|
112
|
+
options[:output_format].open(options[:output])
|
113
|
+
end
|
114
|
+
|
115
|
+
Ronin::Listener::DNS.listen(domain,**proxy_kwargs) do |query|
|
116
|
+
log_info "Received DNS query: #{query.type} #{query.label} from #{query.source}"
|
117
|
+
output_file << query if output_file
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
121
|
+
#
|
122
|
+
# Maps options to keyword arguments for `Ronin::Listener::DNS.listen`.
|
123
|
+
#
|
124
|
+
# @return [Hash{Symbol => Object}]
|
125
|
+
#
|
126
|
+
def proxy_kwargs
|
127
|
+
{
|
128
|
+
host: options[:host],
|
129
|
+
port: options[:port]
|
130
|
+
}
|
131
|
+
end
|
132
|
+
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|
@@ -0,0 +1,159 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/listener/output_formats'
|
23
|
+
require 'ronin/listener/http'
|
24
|
+
|
25
|
+
require 'ronin/core/cli/logging'
|
26
|
+
|
27
|
+
module Ronin
|
28
|
+
module Listener
|
29
|
+
class CLI
|
30
|
+
module Commands
|
31
|
+
#
|
32
|
+
# Starts a HTTP server for receiving exfiltrated data.
|
33
|
+
#
|
34
|
+
# ## Usage
|
35
|
+
#
|
36
|
+
# ronin-listener http [options]
|
37
|
+
#
|
38
|
+
# ## Options
|
39
|
+
#
|
40
|
+
# -o, --output FILE The output file to write HTTP requests to
|
41
|
+
# -F, --output-format txt|csv|json|ndjson
|
42
|
+
# The output format
|
43
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
44
|
+
# -p, --port PORT The port to listen on (Default: 8080)
|
45
|
+
# --vhost HOST The Host: header to filter requests by
|
46
|
+
# -R, --root DIR The root directory to filter requests by (Default: /)
|
47
|
+
# -h, --help Print help information
|
48
|
+
#
|
49
|
+
# ## Examples
|
50
|
+
#
|
51
|
+
# ronin-listener http -H 127.0.0.1 -p 8080
|
52
|
+
# ronin-listener http -H 127.0.0.1 -p 8080 --vhost example.com
|
53
|
+
#
|
54
|
+
class Http < Command
|
55
|
+
|
56
|
+
include Core::CLI::Logging
|
57
|
+
|
58
|
+
usage '[options]'
|
59
|
+
|
60
|
+
option :output, short: '-o',
|
61
|
+
value: {
|
62
|
+
type: String,
|
63
|
+
usage: 'FILE'
|
64
|
+
},
|
65
|
+
desc: 'The output file to write HTTP requests to' do |path|
|
66
|
+
options[:output] = path
|
67
|
+
options[:output_format] ||= OutputFormats.infer_from(path)
|
68
|
+
end
|
69
|
+
|
70
|
+
option :output_format, short: '-F',
|
71
|
+
value: {
|
72
|
+
type: OutputFormats.formats
|
73
|
+
},
|
74
|
+
desc: 'The output format'
|
75
|
+
|
76
|
+
option :host, short: '-H',
|
77
|
+
value: {
|
78
|
+
type: String,
|
79
|
+
usage: 'IP',
|
80
|
+
default: '0.0.0.0'
|
81
|
+
},
|
82
|
+
desc: 'The interface to listen on'
|
83
|
+
|
84
|
+
option :port, short: '-p',
|
85
|
+
value: {
|
86
|
+
type: Integer,
|
87
|
+
usage: 'PORT',
|
88
|
+
default: 8080
|
89
|
+
},
|
90
|
+
desc: 'The port to listen on'
|
91
|
+
|
92
|
+
option :vhost, value: {
|
93
|
+
type: String,
|
94
|
+
usage: 'HOST'
|
95
|
+
},
|
96
|
+
desc: 'The Host: header to filter requests by'
|
97
|
+
|
98
|
+
option :root, short: '-R',
|
99
|
+
value: {
|
100
|
+
type: String,
|
101
|
+
usage: 'DIR',
|
102
|
+
default: '/'
|
103
|
+
},
|
104
|
+
desc: 'The root directory to filter requests by'
|
105
|
+
|
106
|
+
description 'Starts a HTTP server for receiving exfiltrated data'
|
107
|
+
|
108
|
+
examples [
|
109
|
+
'-H 127.0.0.1 -p 8080',
|
110
|
+
'-H 127.0.0.1 -p 8080 --vhost example.com'
|
111
|
+
]
|
112
|
+
|
113
|
+
man_page 'ronin-listener-http.1'
|
114
|
+
|
115
|
+
#
|
116
|
+
# Runs the `ronin-listener http` command.
|
117
|
+
#
|
118
|
+
def run
|
119
|
+
output_file = if options[:output] && options[:output_format]
|
120
|
+
options[:output_format].open(options[:output])
|
121
|
+
end
|
122
|
+
|
123
|
+
Ronin::Listener::HTTP.listen(**server_kwargs) do |request|
|
124
|
+
remote_addr = request.remote_address
|
125
|
+
|
126
|
+
log_info "Received HTTP request from #{remote_addr.ip_address}:#{remote_addr.ip_port} ..."
|
127
|
+
|
128
|
+
puts "#{request.method} #{request.path}"
|
129
|
+
|
130
|
+
request.headers.each do |name,value|
|
131
|
+
puts "#{name}: #{value}"
|
132
|
+
end
|
133
|
+
|
134
|
+
puts request.body if request.body
|
135
|
+
puts
|
136
|
+
|
137
|
+
output_file << request if output_file
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
#
|
142
|
+
# Maps options to keyword arguments for `Ronin::Listener::HTTP.listen`.
|
143
|
+
#
|
144
|
+
# @return [Hash{Symbol => Object}]
|
145
|
+
#
|
146
|
+
def server_kwargs
|
147
|
+
{
|
148
|
+
host: options[:host],
|
149
|
+
port: options[:port],
|
150
|
+
vhost: options[:vhost],
|
151
|
+
root: options[:root]
|
152
|
+
}
|
153
|
+
end
|
154
|
+
|
155
|
+
end
|
156
|
+
end
|
157
|
+
end
|
158
|
+
end
|
159
|
+
end
|
@@ -0,0 +1,123 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/core/cli/generator'
|
23
|
+
require 'ronin/listener/root'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Listener
|
27
|
+
class CLI
|
28
|
+
module Commands
|
29
|
+
class New < Command
|
30
|
+
#
|
31
|
+
# Creates a new standalone DNS listener Ruby script.
|
32
|
+
#
|
33
|
+
# ## Usage
|
34
|
+
#
|
35
|
+
# ronin-listener new dns PATH
|
36
|
+
#
|
37
|
+
# ## Options
|
38
|
+
#
|
39
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
40
|
+
# -p, --port PORT The port to listen on (Default: 5553)
|
41
|
+
# --domain DOMAIN The domain to receive queries for (Default: example.com)
|
42
|
+
# -h, --help Print help information
|
43
|
+
#
|
44
|
+
# ## Arguments
|
45
|
+
#
|
46
|
+
# PATH The script file to create
|
47
|
+
#
|
48
|
+
class Dns < Command
|
49
|
+
|
50
|
+
include Core::CLI::Generator
|
51
|
+
|
52
|
+
template_dir File.join(ROOT,'data','new')
|
53
|
+
|
54
|
+
usage '[options] PATH'
|
55
|
+
|
56
|
+
option :host, short: '-H',
|
57
|
+
value: {
|
58
|
+
type: String,
|
59
|
+
usage: 'IP',
|
60
|
+
default: '0.0.0.0'
|
61
|
+
},
|
62
|
+
desc: 'The interface to listen on' do |host|
|
63
|
+
@host = host
|
64
|
+
end
|
65
|
+
|
66
|
+
option :port, short: '-p',
|
67
|
+
value: {
|
68
|
+
type: Integer,
|
69
|
+
usage: 'PORT',
|
70
|
+
default: 5553
|
71
|
+
},
|
72
|
+
desc: 'The port to listen on' do |port|
|
73
|
+
@port = port
|
74
|
+
end
|
75
|
+
|
76
|
+
option :domain, short: '-d',
|
77
|
+
value: {
|
78
|
+
type: String,
|
79
|
+
usage: 'DOMAIN',
|
80
|
+
default: 'example.com'
|
81
|
+
},
|
82
|
+
desc: 'The domain to receive queries for' do |domain|
|
83
|
+
@domain = domain
|
84
|
+
end
|
85
|
+
|
86
|
+
argument :path, required: true,
|
87
|
+
desc: 'The script file to create'
|
88
|
+
|
89
|
+
description 'Creates a new standalone DNS listener Ruby script'
|
90
|
+
|
91
|
+
man_page 'ronin-listener-new-dns.1'
|
92
|
+
|
93
|
+
#
|
94
|
+
# Initializes the `ronin-listener new dns` command.
|
95
|
+
#
|
96
|
+
# @param [Hash{Symbol => Object}] kwargs
|
97
|
+
# Additional keyword arguments for the command.
|
98
|
+
#
|
99
|
+
def initialize(**kwargs)
|
100
|
+
super(**kwargs)
|
101
|
+
|
102
|
+
@host = '0.0.0.0'
|
103
|
+
@port = 5553
|
104
|
+
@domain = 'example.com'
|
105
|
+
end
|
106
|
+
|
107
|
+
#
|
108
|
+
# Runs the `ronin-listener new dns` command.
|
109
|
+
#
|
110
|
+
# @param [String] path
|
111
|
+
# The path to the new script file to create.
|
112
|
+
#
|
113
|
+
def run(path)
|
114
|
+
erb 'dns.rb.erb', path
|
115
|
+
chmod '+x', path
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
@@ -0,0 +1,130 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'ronin/core/cli/generator'
|
23
|
+
require 'ronin/listener/root'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Listener
|
27
|
+
class CLI
|
28
|
+
module Commands
|
29
|
+
class New < Command
|
30
|
+
#
|
31
|
+
# Creates a new standalone HTTP listener Ruby script.
|
32
|
+
#
|
33
|
+
# ## Usage
|
34
|
+
#
|
35
|
+
# ronin-listener new http PATH
|
36
|
+
#
|
37
|
+
# ## Options
|
38
|
+
#
|
39
|
+
# -H, --host IP The interface to listen on (Default: 0.0.0.0)
|
40
|
+
# -p, --port PORT The port to listen on (Default: 8080)
|
41
|
+
# --vhost HOST The Host: header to filter requests by
|
42
|
+
# -R, --root DIR The root directory to filter requests by
|
43
|
+
# -h, --help Print help information
|
44
|
+
#
|
45
|
+
# ## Arguments
|
46
|
+
#
|
47
|
+
# PATH The script file to create
|
48
|
+
#
|
49
|
+
class Http < Command
|
50
|
+
|
51
|
+
include Core::CLI::Generator
|
52
|
+
|
53
|
+
template_dir File.join(ROOT,'data','new')
|
54
|
+
|
55
|
+
usage '[options] PATH'
|
56
|
+
|
57
|
+
option :host, short: '-H',
|
58
|
+
value: {
|
59
|
+
type: String,
|
60
|
+
usage: 'IP',
|
61
|
+
default: '0.0.0.0'
|
62
|
+
},
|
63
|
+
desc: 'The interface to listen on' do |host|
|
64
|
+
@host = host
|
65
|
+
end
|
66
|
+
|
67
|
+
option :port, short: '-p',
|
68
|
+
value: {
|
69
|
+
type: Integer,
|
70
|
+
usage: 'PORT',
|
71
|
+
default: 8080
|
72
|
+
},
|
73
|
+
desc: 'The port to listen on' do |port|
|
74
|
+
@port = port
|
75
|
+
end
|
76
|
+
|
77
|
+
option :vhost, value: {
|
78
|
+
type: String,
|
79
|
+
usage: 'HOST'
|
80
|
+
},
|
81
|
+
desc: 'The Host: header to filter requests by' do |vhost|
|
82
|
+
@vhost = vhost
|
83
|
+
end
|
84
|
+
|
85
|
+
option :root, short: '-R',
|
86
|
+
value: {
|
87
|
+
type: String,
|
88
|
+
usage: 'DIR'
|
89
|
+
},
|
90
|
+
desc: 'The root directory to filter requests by' do |root|
|
91
|
+
@root = root
|
92
|
+
end
|
93
|
+
|
94
|
+
argument :path, required: true,
|
95
|
+
desc: 'The script file to create'
|
96
|
+
|
97
|
+
description 'Creates a new standalone HTTP listener Ruby script'
|
98
|
+
|
99
|
+
man_page 'ronin-listener-new-http.1'
|
100
|
+
|
101
|
+
#
|
102
|
+
# Initializes the `ronin-listener new http` command.
|
103
|
+
#
|
104
|
+
# @param [Hash{Symbol => Object}] kwargs
|
105
|
+
# Additional keyword arguments for the command.
|
106
|
+
#
|
107
|
+
def initialize(**kwargs)
|
108
|
+
super(**kwargs)
|
109
|
+
|
110
|
+
@host = '0.0.0.0'
|
111
|
+
@port = 5553
|
112
|
+
end
|
113
|
+
|
114
|
+
#
|
115
|
+
# Runs the `ronin-listener new http` command.
|
116
|
+
#
|
117
|
+
# @param [String] path
|
118
|
+
# The path to the new script file to create.
|
119
|
+
#
|
120
|
+
def run(path)
|
121
|
+
erb 'http.rb.erb', path
|
122
|
+
chmod '+x', path
|
123
|
+
end
|
124
|
+
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
128
|
+
end
|
129
|
+
end
|
130
|
+
end
|