ronin-listener 0.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.document +4 -0
- data/.github/workflows/ruby.yml +47 -0
- data/.gitignore +14 -0
- data/.rspec +1 -0
- data/.rubocop.yml +11 -0
- data/.ruby-version +1 -0
- data/.yardopts +1 -0
- data/COPYING.txt +165 -0
- data/ChangeLog.md +8 -0
- data/Gemfile +40 -0
- data/README.md +132 -0
- data/Rakefile +43 -0
- data/bin/ronin-listener +34 -0
- data/data/completions/ronin-listener +103 -0
- data/data/new/dns.rb.erb +7 -0
- data/data/new/http.rb.erb +14 -0
- data/gemspec.yml +39 -0
- data/lib/ronin/listener/cli/command.rb +40 -0
- data/lib/ronin/listener/cli/commands/completion.rb +61 -0
- data/lib/ronin/listener/cli/commands/dns.rb +137 -0
- data/lib/ronin/listener/cli/commands/http.rb +159 -0
- data/lib/ronin/listener/cli/commands/new/dns.rb +123 -0
- data/lib/ronin/listener/cli/commands/new/http.rb +130 -0
- data/lib/ronin/listener/cli/commands/new.rb +71 -0
- data/lib/ronin/listener/cli.rb +50 -0
- data/lib/ronin/listener/output_formats.rb +39 -0
- data/lib/ronin/listener/root.rb +28 -0
- data/lib/ronin/listener/version.rb +26 -0
- data/man/ronin-listener-completion.1 +76 -0
- data/man/ronin-listener-completion.1.md +78 -0
- data/man/ronin-listener-dns.1 +59 -0
- data/man/ronin-listener-dns.1.md +55 -0
- data/man/ronin-listener-http.1 +69 -0
- data/man/ronin-listener-http.1.md +60 -0
- data/man/ronin-listener-new-dns.1 +35 -0
- data/man/ronin-listener-new-dns.1.md +36 -0
- data/man/ronin-listener-new-http.1 +38 -0
- data/man/ronin-listener-new-http.1.md +39 -0
- data/man/ronin-listener-new.1 +56 -0
- data/man/ronin-listener-new.1.md +52 -0
- data/man/ronin-listener.1 +38 -0
- data/man/ronin-listener.1.md +40 -0
- data/ronin-listener.gemspec +62 -0
- data/scripts/setup +58 -0
- metadata +153 -0
@@ -0,0 +1,71 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/cli/command'
|
22
|
+
require 'command_kit/commands/auto_load'
|
23
|
+
|
24
|
+
module Ronin
|
25
|
+
module Listener
|
26
|
+
class CLI
|
27
|
+
module Commands
|
28
|
+
#
|
29
|
+
# Creates a new DNS or HTTP listener Ruby script.
|
30
|
+
#
|
31
|
+
# ## Usage
|
32
|
+
#
|
33
|
+
# ronin new {project [options] DIR | script FILLE}
|
34
|
+
#
|
35
|
+
# ## Options
|
36
|
+
#
|
37
|
+
# -h, --help Print help information
|
38
|
+
#
|
39
|
+
# ## Arguments
|
40
|
+
#
|
41
|
+
#
|
42
|
+
# [COMMAND] The command name to run
|
43
|
+
# [ARGS ...] Additional arguments for the command
|
44
|
+
#
|
45
|
+
# ## Commands
|
46
|
+
#
|
47
|
+
# help
|
48
|
+
# dns
|
49
|
+
# http
|
50
|
+
#
|
51
|
+
class New < Command
|
52
|
+
|
53
|
+
include CommandKit::Commands::AutoLoad.new(
|
54
|
+
dir: "#{__dir__}/new",
|
55
|
+
namespace: "#{self}"
|
56
|
+
)
|
57
|
+
|
58
|
+
examples [
|
59
|
+
'dns foo.rb',
|
60
|
+
'http foo.rb'
|
61
|
+
]
|
62
|
+
|
63
|
+
description 'Creates a new DNS or HTTP listener Ruby script'
|
64
|
+
|
65
|
+
man_page 'ronin-listener-new.1'
|
66
|
+
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/listener/version'
|
22
|
+
require 'ronin/core/cli/help/banner'
|
23
|
+
|
24
|
+
require 'command_kit/commands'
|
25
|
+
require 'command_kit/commands/auto_load'
|
26
|
+
require 'command_kit/options/version'
|
27
|
+
|
28
|
+
module Ronin
|
29
|
+
module Listener
|
30
|
+
#
|
31
|
+
# The `ronin-listener` command-line interface (CLI).
|
32
|
+
#
|
33
|
+
# @api private
|
34
|
+
#
|
35
|
+
class CLI
|
36
|
+
|
37
|
+
include CommandKit::Commands
|
38
|
+
include CommandKit::Commands::AutoLoad.new(
|
39
|
+
dir: "#{__dir__}/cli/commands",
|
40
|
+
namespace: "#{self}::Commands"
|
41
|
+
)
|
42
|
+
include CommandKit::Options::Version
|
43
|
+
include Core::CLI::Help::Banner
|
44
|
+
|
45
|
+
command_name 'ronin-listener'
|
46
|
+
version Ronin::Listener::VERSION
|
47
|
+
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/core/output_formats'
|
22
|
+
|
23
|
+
module Ronin
|
24
|
+
module Listener
|
25
|
+
#
|
26
|
+
# Contains the supported output formats for saving
|
27
|
+
# `Ronin::Listener::DNS::Query` and `Ronin::Listener::HTTP::Request`
|
28
|
+
# object to output files.
|
29
|
+
#
|
30
|
+
module OutputFormats
|
31
|
+
include Core::OutputFormats
|
32
|
+
|
33
|
+
register :txt, '.txt', TXT
|
34
|
+
register :csv, '.csv', CSV
|
35
|
+
register :json, '.json', JSON
|
36
|
+
register :ndjson, '.ndjson', NDJSON
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
module Ronin
|
22
|
+
module Listener
|
23
|
+
# Path to `ronin-listener` root directory.
|
24
|
+
#
|
25
|
+
# @api private
|
26
|
+
ROOT = File.expand_path(File.join(__dir__,'..','..','..'))
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-listener is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-listener is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-listener. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
module Ronin
|
22
|
+
module Listener
|
23
|
+
# ronin-listener version
|
24
|
+
VERSION = '0.1.0.rc1'
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,76 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-listener-completion 1 "2024-01-01" Ronin Listener "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-listener\-completion \- Manages shell completion rules for \fBronin\-listener\fR
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-listener completion\fR \[lB]\fIoptions\fP\[rB]
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
The \fBronin\-listener completion\fR command can print, install, or uninstall shell
|
13
|
+
completion rules for the \fBronin\-listener\fR command\.
|
14
|
+
.PP
|
15
|
+
Supports installing completion rules for Bash or Zsh shells\.
|
16
|
+
Completion rules for the Fish shell is currently not supported\.
|
17
|
+
.SS ZSH SUPPORT
|
18
|
+
.PP
|
19
|
+
Zsh users will have to add the following lines to their \fB\[ti]\[sl]\.zshrc\fR file in
|
20
|
+
order to enable Zsh\[cq]s Bash completion compatibility layer:
|
21
|
+
.PP
|
22
|
+
.RS 4
|
23
|
+
.EX
|
24
|
+
autoload \-Uz \[pl]X compinit && compinit
|
25
|
+
autoload \-Uz \[pl]X bashcompinit && bashcompinit
|
26
|
+
.EE
|
27
|
+
.RE
|
28
|
+
.SH OPTIONS
|
29
|
+
.TP
|
30
|
+
\fB\-\-print\fR
|
31
|
+
Prints the shell completion file\.
|
32
|
+
.TP
|
33
|
+
\fB\-\-install\fR
|
34
|
+
Installs the shell completion file\.
|
35
|
+
.TP
|
36
|
+
\fB\-\-uninstall\fR
|
37
|
+
Uninstalls the shell completion file\.
|
38
|
+
.TP
|
39
|
+
\fB\-h\fR, \fB\-\-help\fR
|
40
|
+
Prints help information\.
|
41
|
+
.SH ENVIRONMENT
|
42
|
+
.TP
|
43
|
+
\fIPREFIX\fP
|
44
|
+
Specifies the root prefix for the file system\.
|
45
|
+
.TP
|
46
|
+
\fIHOME\fP
|
47
|
+
Specifies the home directory of the user\. Ronin will search for the
|
48
|
+
\fB\[ti]\[sl]\.cache\[sl]ronin\-listener\fR cache directory within the home directory\.
|
49
|
+
.TP
|
50
|
+
\fIXDG\[ru]DATA\[ru]HOME\fP
|
51
|
+
Specifies the data directory to use\. Defaults to \fB\[Do]HOME\[sl]\.local\[sl]share\fR\.
|
52
|
+
.SH FILES
|
53
|
+
.TP
|
54
|
+
\fB\[ti]\[sl]\.local\[sl]share\[sl]bash\-completion\[sl]completions\[sl]\fR
|
55
|
+
The user\-local installation directory for Bash completion files\.
|
56
|
+
.TP
|
57
|
+
\fB\[sl]usr\[sl]local\[sl]share\[sl]bash\-completion\[sl]completions\[sl]\fR
|
58
|
+
The system\-wide installation directory for Bash completions files\.
|
59
|
+
.TP
|
60
|
+
\fB\[sl]usr\[sl]local\[sl]share\[sl]zsh\[sl]site\-functions\[sl]\fR
|
61
|
+
The installation directory for Zsh completion files\.
|
62
|
+
.SH EXAMPLES
|
63
|
+
.TP
|
64
|
+
\fBronin\-listener completion \-\-print\fR
|
65
|
+
Prints the shell completion rules instead of installing them\.
|
66
|
+
.TP
|
67
|
+
\fBronin\-listener completion \-\-install\fR
|
68
|
+
Installs the shell completion rules for \fBronin\-listener\fR\.
|
69
|
+
.TP
|
70
|
+
\fBronin\-listener completion \-\-uninstall\fR
|
71
|
+
Uninstalls the shell completion rules for \fBronin\-listener\fR\.
|
72
|
+
.SH AUTHOR
|
73
|
+
.PP
|
74
|
+
Postmodern
|
75
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
76
|
+
.ME
|
@@ -0,0 +1,78 @@
|
|
1
|
+
# ronin-listener-completion 1 "2024-01-01" Ronin Listener "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-listener-completion - Manages shell completion rules for `ronin-listener`
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-listener completion` [*options*]
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
The `ronin-listener completion` command can print, install, or uninstall shell
|
14
|
+
completion rules for the `ronin-listener` command.
|
15
|
+
|
16
|
+
Supports installing completion rules for Bash or Zsh shells.
|
17
|
+
Completion rules for the Fish shell is currently not supported.
|
18
|
+
|
19
|
+
### ZSH SUPPORT
|
20
|
+
|
21
|
+
Zsh users will have to add the following lines to their `~/.zshrc` file in
|
22
|
+
order to enable Zsh's Bash completion compatibility layer:
|
23
|
+
|
24
|
+
autoload -Uz +X compinit && compinit
|
25
|
+
autoload -Uz +X bashcompinit && bashcompinit
|
26
|
+
|
27
|
+
## OPTIONS
|
28
|
+
|
29
|
+
`--print`
|
30
|
+
: Prints the shell completion file.
|
31
|
+
|
32
|
+
`--install`
|
33
|
+
: Installs the shell completion file.
|
34
|
+
|
35
|
+
`--uninstall`
|
36
|
+
: Uninstalls the shell completion file.
|
37
|
+
|
38
|
+
`-h`, `--help`
|
39
|
+
: Prints help information.
|
40
|
+
|
41
|
+
## ENVIRONMENT
|
42
|
+
|
43
|
+
*PREFIX*
|
44
|
+
: Specifies the root prefix for the file system.
|
45
|
+
|
46
|
+
*HOME*
|
47
|
+
: Specifies the home directory of the user. Ronin will search for the
|
48
|
+
`~/.cache/ronin-listener` cache directory within the home directory.
|
49
|
+
|
50
|
+
*XDG_DATA_HOME*
|
51
|
+
: Specifies the data directory to use. Defaults to `$HOME/.local/share`.
|
52
|
+
|
53
|
+
## FILES
|
54
|
+
|
55
|
+
`~/.local/share/bash-completion/completions/`
|
56
|
+
: The user-local installation directory for Bash completion files.
|
57
|
+
|
58
|
+
`/usr/local/share/bash-completion/completions/`
|
59
|
+
: The system-wide installation directory for Bash completions files.
|
60
|
+
|
61
|
+
`/usr/local/share/zsh/site-functions/`
|
62
|
+
: The installation directory for Zsh completion files.
|
63
|
+
|
64
|
+
## EXAMPLES
|
65
|
+
|
66
|
+
`ronin-listener completion --print`
|
67
|
+
: Prints the shell completion rules instead of installing them.
|
68
|
+
|
69
|
+
`ronin-listener completion --install`
|
70
|
+
: Installs the shell completion rules for `ronin-listener`.
|
71
|
+
|
72
|
+
`ronin-listener completion --uninstall`
|
73
|
+
: Uninstalls the shell completion rules for `ronin-listener`.
|
74
|
+
|
75
|
+
## AUTHOR
|
76
|
+
|
77
|
+
Postmodern <postmodern.mod3@gmail.com>
|
78
|
+
|
@@ -0,0 +1,59 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-listener-dns 1 "2023-03-24" Ronin Listener "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-listener\-dns \- Starts a DNS server for receiving exfiltrated data
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-listener dns\fR \[lB]\fIoptions\fP\[rB] \fIDOMAIN\fP
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Starts a DNS server for receiving exfiltrated data\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fIDOMAIN\fP
|
16
|
+
The domain to receive DNS queries for\.
|
17
|
+
.SH OPTIONS
|
18
|
+
.TP
|
19
|
+
\fB\-o\fR, \fB\-\-output\fR \fIFILE\fP
|
20
|
+
The output file to write the received DNS queries to\.
|
21
|
+
.TP
|
22
|
+
\fB\-F\fR, \fB\-\-output\-format\fR \fBtxt\fR\[or]\fBcsv\fR\[or]\fBjson\fR\[or]\fBndjson\fR
|
23
|
+
The output format to use\. If not specified, the output format will be inferred
|
24
|
+
from the output file\[cq]s extension\. If the output format cannot be inferred from
|
25
|
+
the output file\[cq]s extension, then it will default to \fBtxt\fR format\.
|
26
|
+
.TP
|
27
|
+
\fB\-H\fR, \fB\-\-host\fR \fIIP\fP
|
28
|
+
The interface to listen on\. Defaults to \fB0\.0\.0\.0\fR if not given\.
|
29
|
+
.TP
|
30
|
+
\fB\-p\fR, \fB\-\-port\fR \fIPORT\fP
|
31
|
+
The port to listen on\. Defaults to \fB53\fR if not given\.
|
32
|
+
.TP
|
33
|
+
\fB\-h\fR, \fB\-\-help\fR
|
34
|
+
Prints help information\.
|
35
|
+
.SH EXAMPLES
|
36
|
+
.PP
|
37
|
+
Runs a DNS listener on \fB127\.0\.0\.1:5553\fR for domain \fBexample\.com\fR:
|
38
|
+
.PP
|
39
|
+
.RS 4
|
40
|
+
.EX
|
41
|
+
\[Do] ronin\-listener dns \-H 127\.0\.0\.1 \-p 5553 example\.com
|
42
|
+
.EE
|
43
|
+
.RE
|
44
|
+
.PP
|
45
|
+
Run a DNS listener on \fB0\.0\.0\.0:53\fR for domain \fBexample\.com\fR as root:
|
46
|
+
.PP
|
47
|
+
.RS 4
|
48
|
+
.EX
|
49
|
+
\[Do] sudo ronin\-listener dns example\.com
|
50
|
+
.EE
|
51
|
+
.RE
|
52
|
+
.SH AUTHOR
|
53
|
+
.PP
|
54
|
+
Postmodern
|
55
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
56
|
+
.ME
|
57
|
+
.SH SEE ALSO
|
58
|
+
.PP
|
59
|
+
.BR ronin\-listener\-http (1)
|
@@ -0,0 +1,55 @@
|
|
1
|
+
# ronin-listener-dns 1 "2023-03-24" Ronin Listener "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-listener-dns - Starts a DNS server for receiving exfiltrated data
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-listener dns` [*options*] *DOMAIN*
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Starts a DNS server for receiving exfiltrated data.
|
14
|
+
|
15
|
+
## ARGUMENTS
|
16
|
+
|
17
|
+
*DOMAIN*
|
18
|
+
: The domain to receive DNS queries for.
|
19
|
+
|
20
|
+
## OPTIONS
|
21
|
+
|
22
|
+
`-o`, `--output` *FILE*
|
23
|
+
: The output file to write the received DNS queries to.
|
24
|
+
|
25
|
+
`-F`, `--output-format` `txt`|`csv`|`json`|`ndjson`
|
26
|
+
: The output format to use. If not specified, the output format will be inferred
|
27
|
+
from the output file's extension. If the output format cannot be inferred from
|
28
|
+
the output file's extension, then it will default to `txt` format.
|
29
|
+
|
30
|
+
`-H`, `--host` *IP*
|
31
|
+
: The interface to listen on. Defaults to `0.0.0.0` if not given.
|
32
|
+
|
33
|
+
`-p`, `--port` *PORT*
|
34
|
+
: The port to listen on. Defaults to `53` if not given.
|
35
|
+
|
36
|
+
`-h`, `--help`
|
37
|
+
: Prints help information.
|
38
|
+
|
39
|
+
## EXAMPLES
|
40
|
+
|
41
|
+
Runs a DNS listener on `127.0.0.1:5553` for domain `example.com`:
|
42
|
+
|
43
|
+
$ ronin-listener dns -H 127.0.0.1 -p 5553 example.com
|
44
|
+
|
45
|
+
Run a DNS listener on `0.0.0.0:53` for domain `example.com` as root:
|
46
|
+
|
47
|
+
$ sudo ronin-listener dns example.com
|
48
|
+
|
49
|
+
## AUTHOR
|
50
|
+
|
51
|
+
Postmodern <postmodern.mod3@gmail.com>
|
52
|
+
|
53
|
+
## SEE ALSO
|
54
|
+
|
55
|
+
[ronin-listener-http](ronin-listener-http.1.md)
|
@@ -0,0 +1,69 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-listener-http 1 "2023-03-24" Ronin Listener "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-listener\-http \- Starts a HTTP server for receiving exfiltrated data
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-listener http\fR \[lB]\fIoptions\fP\[rB]
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Starts a HTTP server for receiving exfiltrated data\.
|
13
|
+
.SH OPTIONS
|
14
|
+
.TP
|
15
|
+
\fB\-o\fR, \fB\-\-output\fR \fIFILE\fP
|
16
|
+
The output file to write the received DNS queries to\.
|
17
|
+
.TP
|
18
|
+
\fB\-F\fR, \fB\-\-output\-format\fR \fBtxt\fR\[or]\fBcsv\fR\[or]\fBjson\fR\[or]\fBndjson\fR
|
19
|
+
The output format to use\. If not specified, the output format will be inferred
|
20
|
+
from the output file\[cq]s extension\. If the output format cannot be inferred from
|
21
|
+
the output file\[cq]s extension, then it will default to \fBtxt\fR format\.
|
22
|
+
.TP
|
23
|
+
\fB\-H\fR, \fB\-\-host\fR \fIIP\fP
|
24
|
+
The interface to listen on\. Defaults to \fB0\.0\.0\.0\fR if not given\.
|
25
|
+
.TP
|
26
|
+
\fB\-p\fR, \fB\-\-port\fR \fIPORT\fP
|
27
|
+
The port to listen on\. Defaults to \fB8080\fR if not given\.
|
28
|
+
.TP
|
29
|
+
\fB\-\-vhost\fR \fIHOST\fP
|
30
|
+
The \fBHost:\fR header to filter requests by\.
|
31
|
+
.TP
|
32
|
+
\fB\-R\fR, \fB\-\-root\fR \fIDIR\fP
|
33
|
+
The root directory to filter requests by\. Defaults to \fB\[sl]\fR if not given\.
|
34
|
+
.TP
|
35
|
+
\fB\-h\fR, \fB\-\-help\fR
|
36
|
+
Prints help information\.
|
37
|
+
.SH EXAMPLES
|
38
|
+
.PP
|
39
|
+
Runs a HTTP listener on \fB127\.0\.0\.1:8080\fR that will receive any request:
|
40
|
+
.PP
|
41
|
+
.RS 4
|
42
|
+
.EX
|
43
|
+
\[Do] ronin\-listener http \-p 8080
|
44
|
+
.EE
|
45
|
+
.RE
|
46
|
+
.PP
|
47
|
+
Runs a HTTP listener on \fB127\.0\.0\.1:8080\fR for the virtual\-host \fBexample\.com\fR:
|
48
|
+
.PP
|
49
|
+
.RS 4
|
50
|
+
.EX
|
51
|
+
\[Do] ronin\-listener http \-p 8080 \-\-vhost example\.com
|
52
|
+
.EE
|
53
|
+
.RE
|
54
|
+
.PP
|
55
|
+
Run a HTTP listener on \fB0\.0\.0\.0:80\fR as root:
|
56
|
+
.PP
|
57
|
+
.RS 4
|
58
|
+
.EX
|
59
|
+
\[Do] sudo ronin\-listener http
|
60
|
+
.EE
|
61
|
+
.RE
|
62
|
+
.SH AUTHOR
|
63
|
+
.PP
|
64
|
+
Postmodern
|
65
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
66
|
+
.ME
|
67
|
+
.SH SEE ALSO
|
68
|
+
.PP
|
69
|
+
.BR ronin\-listener\-dns (1)
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# ronin-listener-http 1 "2023-03-24" Ronin Listener "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-listener-http - Starts a HTTP server for receiving exfiltrated data
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-listener http` [*options*]
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Starts a HTTP server for receiving exfiltrated data.
|
14
|
+
|
15
|
+
## OPTIONS
|
16
|
+
|
17
|
+
`-o`, `--output` *FILE*
|
18
|
+
: The output file to write the received DNS queries to.
|
19
|
+
|
20
|
+
`-F`, `--output-format` `txt`|`csv`|`json`|`ndjson`
|
21
|
+
: The output format to use. If not specified, the output format will be inferred
|
22
|
+
from the output file's extension. If the output format cannot be inferred from
|
23
|
+
the output file's extension, then it will default to `txt` format.
|
24
|
+
|
25
|
+
`-H`, `--host` *IP*
|
26
|
+
: The interface to listen on. Defaults to `0.0.0.0` if not given.
|
27
|
+
|
28
|
+
`-p`, `--port` *PORT*
|
29
|
+
: The port to listen on. Defaults to `8080` if not given.
|
30
|
+
|
31
|
+
`--vhost` *HOST*
|
32
|
+
: The `Host:` header to filter requests by.
|
33
|
+
|
34
|
+
`-R`, `--root` *DIR*
|
35
|
+
: The root directory to filter requests by. Defaults to `/` if not given.
|
36
|
+
|
37
|
+
`-h`, `--help`
|
38
|
+
: Prints help information.
|
39
|
+
|
40
|
+
## EXAMPLES
|
41
|
+
|
42
|
+
Runs a HTTP listener on `127.0.0.1:8080` that will receive any request:
|
43
|
+
|
44
|
+
$ ronin-listener http -p 8080
|
45
|
+
|
46
|
+
Runs a HTTP listener on `127.0.0.1:8080` for the virtual-host `example.com`:
|
47
|
+
|
48
|
+
$ ronin-listener http -p 8080 --vhost example.com
|
49
|
+
|
50
|
+
Run a HTTP listener on `0.0.0.0:80` as root:
|
51
|
+
|
52
|
+
$ sudo ronin-listener http
|
53
|
+
|
54
|
+
## AUTHOR
|
55
|
+
|
56
|
+
Postmodern <postmodern.mod3@gmail.com>
|
57
|
+
|
58
|
+
## SEE ALSO
|
59
|
+
|
60
|
+
[ronin-listener-dns](ronin-listener-dns.1.md)
|
@@ -0,0 +1,35 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.0
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-listener-new-dns 1 "2023-02-01" Ronin Listener "User Manuals"
|
4
|
+
.SH SYNOPSIS
|
5
|
+
.PP
|
6
|
+
\fBronin-listener new dns\fR \[lB]\fIoptions\fP\[rB] \[lB]\fIPATH\fP\[rB]
|
7
|
+
.SH DESCRIPTION
|
8
|
+
.PP
|
9
|
+
Creates a new standalone DNS listener Ruby script\.
|
10
|
+
.SH ARGUMENTS
|
11
|
+
.TP
|
12
|
+
\fIPATH\fP
|
13
|
+
The path to the new Ruby script file to create\.
|
14
|
+
.SH OPTIONS
|
15
|
+
.TP
|
16
|
+
\fB-H\fR, \fB--host\fR \fIIP\fP
|
17
|
+
The interface to listen on\. Defaults to \fB0.0.0.0\fR if not given\.
|
18
|
+
.TP
|
19
|
+
\fB-p\fR, \fB--port\fR \fIPORT\fP
|
20
|
+
The port to listen on\. Defaults to \fB5553\fR if not given\.
|
21
|
+
.TP
|
22
|
+
\fB-d\fR, \fB--domain\fR \fIDOMAIN\fP
|
23
|
+
The domain to receive queries for\. Defaults to \fBexample.com\fR if not given\.
|
24
|
+
.TP
|
25
|
+
\fB-h\fR, \fB--help\fR
|
26
|
+
Print help information
|
27
|
+
.SH AUTHOR
|
28
|
+
.PP
|
29
|
+
Postmodern
|
30
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
31
|
+
.ME
|
32
|
+
.SH SEE ALSO
|
33
|
+
.PP
|
34
|
+
.BR ronin\-listener\-new (1)
|
35
|
+
.BR ronin\-listener\-new\-http (1)
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# ronin-listener-new-dns 1 "2023-02-01" Ronin Listener "User Manuals"
|
2
|
+
|
3
|
+
## SYNOPSIS
|
4
|
+
|
5
|
+
`ronin-listener new dns` [*options*] [*PATH*]
|
6
|
+
|
7
|
+
## DESCRIPTION
|
8
|
+
|
9
|
+
Creates a new standalone DNS listener Ruby script.
|
10
|
+
|
11
|
+
## ARGUMENTS
|
12
|
+
|
13
|
+
*PATH*
|
14
|
+
: The path to the new Ruby script file to create.
|
15
|
+
|
16
|
+
## OPTIONS
|
17
|
+
|
18
|
+
`-H`, `--host` *IP*
|
19
|
+
: The interface to listen on. Defaults to `0.0.0.0` if not given.
|
20
|
+
|
21
|
+
`-p`, `--port` *PORT*
|
22
|
+
: The port to listen on. Defaults to `5553` if not given.
|
23
|
+
|
24
|
+
`-d`, `--domain` *DOMAIN*
|
25
|
+
: The domain to receive queries for. Defaults to `example.com` if not given.
|
26
|
+
|
27
|
+
`-h`, `--help`
|
28
|
+
: Print help information
|
29
|
+
|
30
|
+
## AUTHOR
|
31
|
+
|
32
|
+
Postmodern <postmodern.mod3@gmail.com>
|
33
|
+
|
34
|
+
## SEE ALSO
|
35
|
+
|
36
|
+
[ronin-listener-new](ronin-listener-new.1.md) [ronin-listener-new-http](ronin-listener-new-http.1.md)
|