ronin-listener 0.1.0.rc1

data/lib/ronin/listener/cli/commands/new.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+#
+# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-listener is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-listener is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-listener.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/listener/cli/command'
+require 'command_kit/commands/auto_load'
+
+module Ronin
+  module Listener
+    class CLI
+      module Commands
+        #
+        # Creates a new DNS or HTTP listener Ruby script.
+        #
+        # ## Usage
+        #
+        #     ronin new {project [options] DIR | script FILLE}
+        #
+        # ## Options
+        #
+        #     -h, --help                       Print help information
+        #
+        # ## Arguments
+        #
+        #
+        #     [COMMAND]                        The command name to run
+        #     [ARGS ...]                       Additional arguments for the command
+        #
+        # ## Commands
+        #
+        #     help
+        #     dns
+        #     http
+        #
+        class New < Command
+
+          include CommandKit::Commands::AutoLoad.new(
+            dir:       "#{__dir__}/new",
+            namespace: "#{self}"
+          )
+
+          examples [
+            'dns foo.rb',
+            'http foo.rb'
+          ]
+
+          description 'Creates a new DNS or HTTP listener Ruby script'
+
+          man_page 'ronin-listener-new.1'
+
+        end
+      end
+    end
+  end
+end

data/lib/ronin/listener/cli.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+#
+# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-listener is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-listener is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-listener.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/listener/version'
+require 'ronin/core/cli/help/banner'
+
+require 'command_kit/commands'
+require 'command_kit/commands/auto_load'
+require 'command_kit/options/version'
+
+module Ronin
+  module Listener
+    #
+    # The `ronin-listener` command-line interface (CLI).
+    #
+    # @api private
+    #
+    class CLI
+
+      include CommandKit::Commands
+      include CommandKit::Commands::AutoLoad.new(
+        dir:       "#{__dir__}/cli/commands",
+        namespace: "#{self}::Commands"
+      )
+      include CommandKit::Options::Version
+      include Core::CLI::Help::Banner
+
+      command_name 'ronin-listener'
+      version Ronin::Listener::VERSION
+
+    end
+  end
+end

data/lib/ronin/listener/output_formats.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+#
+# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-listener is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-listener is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-listener.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/core/output_formats'
+
+module Ronin
+  module Listener
+    #
+    # Contains the supported output formats for saving
+    # `Ronin::Listener::DNS::Query` and `Ronin::Listener::HTTP::Request`
+    # object to output files.
+    #
+    module OutputFormats
+      include Core::OutputFormats
+
+      register :txt,    '.txt',    TXT
+      register :csv,    '.csv',    CSV
+      register :json,   '.json',   JSON
+      register :ndjson, '.ndjson', NDJSON
+    end
+  end
+end

data/lib/ronin/listener/root.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+#
+# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-listener is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-listener is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-listener.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+module Ronin
+  module Listener
+    # Path to `ronin-listener` root directory.
+    #
+    # @api private
+    ROOT = File.expand_path(File.join(__dir__,'..','..','..'))
+  end
+end

data/lib/ronin/listener/version.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+#
+# ronin-listener - A Ruby CLI utility for receiving exfiltrated data.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-listener is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-listener is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-listener.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+module Ronin
+  module Listener
+    # ronin-listener version
+    VERSION = '0.1.0.rc1'
+  end
+end

data/man/ronin-listener-completion.1

@@ -0,0 +1,76 @@
+.\" Generated by kramdown-man 1.0.1
+.\" https://github.com/postmodern/kramdown-man#readme
+.TH ronin-listener-completion 1 "2024-01-01" Ronin Listener "User Manuals"
+.SH NAME
+.PP
+ronin\-listener\-completion \- Manages shell completion rules for \fBronin\-listener\fR
+.SH SYNOPSIS
+.PP
+\fBronin\-listener completion\fR \[lB]\fIoptions\fP\[rB]
+.SH DESCRIPTION
+.PP
+The \fBronin\-listener completion\fR command can print, install, or uninstall shell
+completion rules for the \fBronin\-listener\fR command\.
+.PP
+Supports installing completion rules for Bash or Zsh shells\.
+Completion rules for the Fish shell is currently not supported\.
+.SS ZSH SUPPORT
+.PP
+Zsh users will have to add the following lines to their \fB\[ti]\[sl]\.zshrc\fR file in
+order to enable Zsh\[cq]s Bash completion compatibility layer:
+.PP
+.RS 4
+.EX
+autoload \-Uz \[pl]X compinit && compinit
+autoload \-Uz \[pl]X bashcompinit && bashcompinit
+.EE
+.RE
+.SH OPTIONS
+.TP
+\fB\-\-print\fR
+Prints the shell completion file\.
+.TP
+\fB\-\-install\fR
+Installs the shell completion file\.
+.TP
+\fB\-\-uninstall\fR
+Uninstalls the shell completion file\.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Prints help information\.
+.SH ENVIRONMENT
+.TP
+\fIPREFIX\fP
+Specifies the root prefix for the file system\.
+.TP
+\fIHOME\fP
+Specifies the home directory of the user\. Ronin will search for the
+\fB\[ti]\[sl]\.cache\[sl]ronin\-listener\fR cache directory within the home directory\.
+.TP
+\fIXDG\[ru]DATA\[ru]HOME\fP
+Specifies the data directory to use\. Defaults to \fB\[Do]HOME\[sl]\.local\[sl]share\fR\.
+.SH FILES
+.TP
+\fB\[ti]\[sl]\.local\[sl]share\[sl]bash\-completion\[sl]completions\[sl]\fR
+The user\-local installation directory for Bash completion files\.
+.TP
+\fB\[sl]usr\[sl]local\[sl]share\[sl]bash\-completion\[sl]completions\[sl]\fR
+The system\-wide installation directory for Bash completions files\.
+.TP
+\fB\[sl]usr\[sl]local\[sl]share\[sl]zsh\[sl]site\-functions\[sl]\fR
+The installation directory for Zsh completion files\.
+.SH EXAMPLES
+.TP
+\fBronin\-listener completion \-\-print\fR
+Prints the shell completion rules instead of installing them\.
+.TP
+\fBronin\-listener completion \-\-install\fR
+Installs the shell completion rules for \fBronin\-listener\fR\.
+.TP
+\fBronin\-listener completion \-\-uninstall\fR
+Uninstalls the shell completion rules for \fBronin\-listener\fR\.
+.SH AUTHOR
+.PP
+Postmodern 
+.MT postmodern\.mod3\[at]gmail\.com
+.ME

data/man/ronin-listener-completion.1.md

@@ -0,0 +1,78 @@
+# ronin-listener-completion 1 "2024-01-01" Ronin Listener "User Manuals"
+
+## NAME
+
+ronin-listener-completion - Manages shell completion rules for `ronin-listener`
+
+## SYNOPSIS
+
+`ronin-listener completion` [*options*]
+
+## DESCRIPTION
+
+The `ronin-listener completion` command can print, install, or uninstall shell
+completion rules for the `ronin-listener` command.
+
+Supports installing completion rules for Bash or Zsh shells.
+Completion rules for the Fish shell is currently not supported.
+
+### ZSH SUPPORT
+
+Zsh users will have to add the following lines to their `~/.zshrc` file in
+order to enable Zsh's Bash completion compatibility layer:
+
+    autoload -Uz +X compinit && compinit
+    autoload -Uz +X bashcompinit && bashcompinit
+
+## OPTIONS
+
+`--print`
+: Prints the shell completion file.
+
+`--install`
+: Installs the shell completion file.
+
+`--uninstall`
+: Uninstalls the shell completion file.
+
+`-h`, `--help`
+: Prints help information.
+
+## ENVIRONMENT
+
+*PREFIX*
+: Specifies the root prefix for the file system.
+
+*HOME*
+: Specifies the home directory of the user. Ronin will search for the
+  `~/.cache/ronin-listener` cache directory within the home directory.
+
+*XDG_DATA_HOME*
+: Specifies the data directory to use. Defaults to `$HOME/.local/share`.
+
+## FILES
+
+`~/.local/share/bash-completion/completions/`
+: The user-local installation directory for Bash completion files.
+
+`/usr/local/share/bash-completion/completions/`
+: The system-wide installation directory for Bash completions files.
+
+`/usr/local/share/zsh/site-functions/`
+: The installation directory for Zsh completion files.
+
+## EXAMPLES
+
+`ronin-listener completion --print`
+: Prints the shell completion rules instead of installing them.
+
+`ronin-listener completion --install`
+: Installs the shell completion rules for `ronin-listener`.
+
+`ronin-listener completion --uninstall`
+: Uninstalls the shell completion rules for `ronin-listener`.
+
+## AUTHOR
+
+Postmodern <postmodern.mod3@gmail.com>
+

data/man/ronin-listener-dns.1

@@ -0,0 +1,59 @@
+.\" Generated by kramdown-man 1.0.1
+.\" https://github.com/postmodern/kramdown-man#readme
+.TH ronin-listener-dns 1 "2023-03-24" Ronin Listener "User Manuals"
+.SH NAME
+.PP
+ronin\-listener\-dns \- Starts a DNS server for receiving exfiltrated data
+.SH SYNOPSIS
+.PP
+\fBronin\-listener dns\fR \[lB]\fIoptions\fP\[rB] \fIDOMAIN\fP
+.SH DESCRIPTION
+.PP
+Starts a DNS server for receiving exfiltrated data\.
+.SH ARGUMENTS
+.TP
+\fIDOMAIN\fP
+The domain to receive DNS queries for\.
+.SH OPTIONS
+.TP
+\fB\-o\fR, \fB\-\-output\fR \fIFILE\fP
+The output file to write the received DNS queries to\.
+.TP
+\fB\-F\fR, \fB\-\-output\-format\fR \fBtxt\fR\[or]\fBcsv\fR\[or]\fBjson\fR\[or]\fBndjson\fR
+The output format to use\. If not specified, the output format will be inferred
+from the output file\[cq]s extension\. If the output format cannot be inferred from
+the output file\[cq]s extension, then it will default to \fBtxt\fR format\.
+.TP
+\fB\-H\fR, \fB\-\-host\fR \fIIP\fP
+The interface to listen on\. Defaults to \fB0\.0\.0\.0\fR if not given\.
+.TP
+\fB\-p\fR, \fB\-\-port\fR \fIPORT\fP
+The port to listen on\. Defaults to \fB53\fR if not given\.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Prints help information\.
+.SH EXAMPLES
+.PP
+Runs a DNS listener on \fB127\.0\.0\.1:5553\fR for domain \fBexample\.com\fR:
+.PP
+.RS 4
+.EX
+\[Do] ronin\-listener dns \-H 127\.0\.0\.1 \-p 5553 example\.com
+.EE
+.RE
+.PP
+Run a DNS listener on \fB0\.0\.0\.0:53\fR for domain \fBexample\.com\fR as root:
+.PP
+.RS 4
+.EX
+\[Do] sudo ronin\-listener dns example\.com
+.EE
+.RE
+.SH AUTHOR
+.PP
+Postmodern 
+.MT postmodern\.mod3\[at]gmail\.com
+.ME
+.SH SEE ALSO
+.PP
+.BR ronin\-listener\-http (1)

data/man/ronin-listener-dns.1.md

@@ -0,0 +1,55 @@
+# ronin-listener-dns 1 "2023-03-24" Ronin Listener "User Manuals"
+
+## NAME
+
+ronin-listener-dns - Starts a DNS server for receiving exfiltrated data
+
+## SYNOPSIS
+
+`ronin-listener dns` [*options*] *DOMAIN*
+
+## DESCRIPTION
+
+Starts a DNS server for receiving exfiltrated data.
+
+## ARGUMENTS
+
+*DOMAIN*
+: The domain to receive DNS queries for.
+
+## OPTIONS
+
+`-o`, `--output` *FILE*
+: The output file to write the received DNS queries to.
+
+`-F`, `--output-format` `txt`|`csv`|`json`|`ndjson`
+: The output format to use. If not specified, the output format will be inferred
+  from the output file's extension. If the output format cannot be inferred from
+  the output file's extension, then it will default to `txt` format.
+
+`-H`, `--host` *IP*
+: The interface to listen on. Defaults to `0.0.0.0` if not given.
+
+`-p`, `--port` *PORT*
+: The port to listen on. Defaults to `53` if not given.
+
+`-h`, `--help`
+: Prints help information.
+
+## EXAMPLES
+
+Runs a DNS listener on `127.0.0.1:5553` for domain `example.com`:
+
+    $ ronin-listener dns -H 127.0.0.1 -p 5553 example.com
+
+Run a DNS listener on `0.0.0.0:53` for domain `example.com` as root:
+
+    $ sudo ronin-listener dns example.com
+
+## AUTHOR
+
+Postmodern <postmodern.mod3@gmail.com>
+
+## SEE ALSO
+
+[ronin-listener-http](ronin-listener-http.1.md)

data/man/ronin-listener-http.1

@@ -0,0 +1,69 @@
+.\" Generated by kramdown-man 1.0.1
+.\" https://github.com/postmodern/kramdown-man#readme
+.TH ronin-listener-http 1 "2023-03-24" Ronin Listener "User Manuals"
+.SH NAME
+.PP
+ronin\-listener\-http \- Starts a HTTP server for receiving exfiltrated data
+.SH SYNOPSIS
+.PP
+\fBronin\-listener http\fR \[lB]\fIoptions\fP\[rB]
+.SH DESCRIPTION
+.PP
+Starts a HTTP server for receiving exfiltrated data\.
+.SH OPTIONS
+.TP
+\fB\-o\fR, \fB\-\-output\fR \fIFILE\fP
+The output file to write the received DNS queries to\.
+.TP
+\fB\-F\fR, \fB\-\-output\-format\fR \fBtxt\fR\[or]\fBcsv\fR\[or]\fBjson\fR\[or]\fBndjson\fR
+The output format to use\. If not specified, the output format will be inferred
+from the output file\[cq]s extension\. If the output format cannot be inferred from
+the output file\[cq]s extension, then it will default to \fBtxt\fR format\.
+.TP
+\fB\-H\fR, \fB\-\-host\fR \fIIP\fP
+The interface to listen on\. Defaults to \fB0\.0\.0\.0\fR if not given\.
+.TP
+\fB\-p\fR, \fB\-\-port\fR \fIPORT\fP
+The port to listen on\. Defaults to \fB8080\fR if not given\.
+.TP
+\fB\-\-vhost\fR \fIHOST\fP
+The \fBHost:\fR header to filter requests by\.
+.TP
+\fB\-R\fR, \fB\-\-root\fR \fIDIR\fP
+The root directory to filter requests by\. Defaults to \fB\[sl]\fR if not given\.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Prints help information\.
+.SH EXAMPLES
+.PP
+Runs a HTTP listener on \fB127\.0\.0\.1:8080\fR that will receive any request:
+.PP
+.RS 4
+.EX
+\[Do] ronin\-listener http \-p 8080
+.EE
+.RE
+.PP
+Runs a HTTP listener on \fB127\.0\.0\.1:8080\fR for the virtual\-host \fBexample\.com\fR:
+.PP
+.RS 4
+.EX
+\[Do] ronin\-listener http \-p 8080 \-\-vhost example\.com
+.EE
+.RE
+.PP
+Run a HTTP listener on \fB0\.0\.0\.0:80\fR as root:
+.PP
+.RS 4
+.EX
+\[Do] sudo ronin\-listener http
+.EE
+.RE
+.SH AUTHOR
+.PP
+Postmodern 
+.MT postmodern\.mod3\[at]gmail\.com
+.ME
+.SH SEE ALSO
+.PP
+.BR ronin\-listener\-dns (1)

data/man/ronin-listener-http.1.md

@@ -0,0 +1,60 @@
+# ronin-listener-http 1 "2023-03-24" Ronin Listener "User Manuals"
+
+## NAME
+
+ronin-listener-http - Starts a HTTP server for receiving exfiltrated data
+
+## SYNOPSIS
+
+`ronin-listener http` [*options*]
+
+## DESCRIPTION
+
+Starts a HTTP server for receiving exfiltrated data.
+
+## OPTIONS
+
+`-o`, `--output` *FILE*
+: The output file to write the received DNS queries to.
+
+`-F`, `--output-format` `txt`|`csv`|`json`|`ndjson`
+: The output format to use. If not specified, the output format will be inferred
+  from the output file's extension. If the output format cannot be inferred from
+  the output file's extension, then it will default to `txt` format.
+
+`-H`, `--host` *IP*
+: The interface to listen on. Defaults to `0.0.0.0` if not given.
+
+`-p`, `--port` *PORT*
+: The port to listen on. Defaults to `8080` if not given.
+
+`--vhost` *HOST*
+: The `Host:` header to filter requests by.
+
+`-R`, `--root` *DIR*
+: The root directory to filter requests by. Defaults to `/` if not given.
+
+`-h`, `--help`
+: Prints help information.
+
+## EXAMPLES
+
+Runs a HTTP listener on `127.0.0.1:8080` that will receive any request:
+
+    $ ronin-listener http -p 8080
+
+Runs a HTTP listener on `127.0.0.1:8080` for the virtual-host `example.com`:
+
+    $ ronin-listener http -p 8080 --vhost example.com
+
+Run a HTTP listener on `0.0.0.0:80` as root:
+
+    $ sudo ronin-listener http
+
+## AUTHOR
+
+Postmodern <postmodern.mod3@gmail.com>
+
+## SEE ALSO
+
+[ronin-listener-dns](ronin-listener-dns.1.md)

data/man/ronin-listener-new-dns.1

@@ -0,0 +1,35 @@
+.\" Generated by kramdown-man 1.0.0
+.\" https://github.com/postmodern/kramdown-man#readme
+.TH ronin-listener-new-dns 1 "2023-02-01" Ronin Listener "User Manuals"
+.SH SYNOPSIS
+.PP
+\fBronin-listener new dns\fR \[lB]\fIoptions\fP\[rB] \[lB]\fIPATH\fP\[rB]
+.SH DESCRIPTION
+.PP
+Creates a new standalone DNS listener Ruby script\.
+.SH ARGUMENTS
+.TP
+\fIPATH\fP
+The path to the new Ruby script file to create\.
+.SH OPTIONS
+.TP
+\fB-H\fR, \fB--host\fR \fIIP\fP
+The interface to listen on\. Defaults to \fB0.0.0.0\fR if not given\.
+.TP
+\fB-p\fR, \fB--port\fR \fIPORT\fP
+The port to listen on\. Defaults to \fB5553\fR if not given\.
+.TP
+\fB-d\fR, \fB--domain\fR \fIDOMAIN\fP
+The domain to receive queries for\. Defaults to \fBexample.com\fR if not given\.
+.TP
+\fB-h\fR, \fB--help\fR
+Print help information
+.SH AUTHOR
+.PP
+Postmodern 
+.MT postmodern\.mod3\[at]gmail\.com
+.ME
+.SH SEE ALSO
+.PP
+.BR ronin\-listener\-new (1)
+.BR ronin\-listener\-new\-http (1)

data/man/ronin-listener-new-dns.1.md

@@ -0,0 +1,36 @@
+# ronin-listener-new-dns 1 "2023-02-01" Ronin Listener "User Manuals"
+
+## SYNOPSIS
+
+`ronin-listener new dns` [*options*] [*PATH*]
+
+## DESCRIPTION
+
+Creates a new standalone DNS listener Ruby script.
+
+## ARGUMENTS
+
+*PATH*
+: The path to the new Ruby script file to create.
+
+## OPTIONS
+
+`-H`, `--host` *IP*
+: The interface to listen on. Defaults to `0.0.0.0` if not given.
+
+`-p`, `--port` *PORT*
+: The port to listen on. Defaults to `5553` if not given.
+
+`-d`, `--domain` *DOMAIN*
+: The domain to receive queries for. Defaults to `example.com` if not given.
+
+`-h`, `--help`
+: Print help information
+
+## AUTHOR
+
+Postmodern <postmodern.mod3@gmail.com>
+
+## SEE ALSO
+
+[ronin-listener-new](ronin-listener-new.1.md) [ronin-listener-new-http](ronin-listener-new-http.1.md)