ronin-recon 0.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.document +4 -0
- data/.github/workflows/ruby.yml +46 -0
- data/.gitignore +20 -0
- data/.rspec +1 -0
- data/.rubocop.yml +44 -0
- data/.ruby-version +1 -0
- data/.yardopts +1 -0
- data/COPYING.txt +165 -0
- data/ChangeLog.md +36 -0
- data/Gemfile +62 -0
- data/README.md +391 -0
- data/Rakefile +74 -0
- data/bin/ronin-recon +16 -0
- data/data/completions/ronin-recon +95 -0
- data/data/templates/worker.rb.erb +67 -0
- data/data/wordlists/raft-small-directories.txt.gz +0 -0
- data/data/wordlists/subdomains-1000.txt.gz +0 -0
- data/examples/recon.rb +24 -0
- data/gemspec.yml +57 -0
- data/lib/ronin/recon/builtin/dns/lookup.rb +65 -0
- data/lib/ronin/recon/builtin/dns/mailservers.rb +64 -0
- data/lib/ronin/recon/builtin/dns/nameservers.rb +61 -0
- data/lib/ronin/recon/builtin/dns/reverse_lookup.rb +63 -0
- data/lib/ronin/recon/builtin/dns/srv_enum.rb +178 -0
- data/lib/ronin/recon/builtin/dns/subdomain_enum.rb +105 -0
- data/lib/ronin/recon/builtin/dns/suffix_enum.rb +168 -0
- data/lib/ronin/recon/builtin/net/ip_range_enum.rb +65 -0
- data/lib/ronin/recon/builtin/net/port_scan.rb +84 -0
- data/lib/ronin/recon/builtin/net/service_id.rb +75 -0
- data/lib/ronin/recon/builtin/ssl/cert_enum.rb +109 -0
- data/lib/ronin/recon/builtin/ssl/cert_grab.rb +76 -0
- data/lib/ronin/recon/builtin/ssl/cert_sh.rb +77 -0
- data/lib/ronin/recon/builtin/web/dir_enum.rb +121 -0
- data/lib/ronin/recon/builtin/web/email_addresses.rb +70 -0
- data/lib/ronin/recon/builtin/web/spider.rb +93 -0
- data/lib/ronin/recon/builtin.rb +34 -0
- data/lib/ronin/recon/cli/command.rb +40 -0
- data/lib/ronin/recon/cli/commands/completion.rb +61 -0
- data/lib/ronin/recon/cli/commands/irb.rb +57 -0
- data/lib/ronin/recon/cli/commands/new.rb +203 -0
- data/lib/ronin/recon/cli/commands/run.rb +420 -0
- data/lib/ronin/recon/cli/commands/test.rb +99 -0
- data/lib/ronin/recon/cli/commands/worker.rb +114 -0
- data/lib/ronin/recon/cli/commands/workers.rb +80 -0
- data/lib/ronin/recon/cli/debug_option.rb +45 -0
- data/lib/ronin/recon/cli/printing.rb +122 -0
- data/lib/ronin/recon/cli/ruby_shell.rb +51 -0
- data/lib/ronin/recon/cli/worker_command.rb +105 -0
- data/lib/ronin/recon/cli.rb +50 -0
- data/lib/ronin/recon/config.rb +371 -0
- data/lib/ronin/recon/dns_worker.rb +41 -0
- data/lib/ronin/recon/engine.rb +639 -0
- data/lib/ronin/recon/exceptions.rb +45 -0
- data/lib/ronin/recon/graph.rb +127 -0
- data/lib/ronin/recon/importer.rb +224 -0
- data/lib/ronin/recon/input_file.rb +81 -0
- data/lib/ronin/recon/message/job_completed.rb +60 -0
- data/lib/ronin/recon/message/job_failed.rb +69 -0
- data/lib/ronin/recon/message/job_started.rb +60 -0
- data/lib/ronin/recon/message/shutdown.rb +38 -0
- data/lib/ronin/recon/message/value.rb +76 -0
- data/lib/ronin/recon/message/worker_started.rb +51 -0
- data/lib/ronin/recon/message/worker_stopped.rb +51 -0
- data/lib/ronin/recon/mixins/dns.rb +639 -0
- data/lib/ronin/recon/mixins/http.rb +58 -0
- data/lib/ronin/recon/mixins.rb +21 -0
- data/lib/ronin/recon/output_formats/dir.rb +94 -0
- data/lib/ronin/recon/output_formats/dot.rb +155 -0
- data/lib/ronin/recon/output_formats/graph_format.rb +48 -0
- data/lib/ronin/recon/output_formats/graphviz_format.rb +115 -0
- data/lib/ronin/recon/output_formats/pdf.rb +43 -0
- data/lib/ronin/recon/output_formats/png.rb +43 -0
- data/lib/ronin/recon/output_formats/svg.rb +43 -0
- data/lib/ronin/recon/output_formats.rb +48 -0
- data/lib/ronin/recon/registry.rb +35 -0
- data/lib/ronin/recon/root.rb +33 -0
- data/lib/ronin/recon/scope.rb +112 -0
- data/lib/ronin/recon/value/parser.rb +113 -0
- data/lib/ronin/recon/value.rb +110 -0
- data/lib/ronin/recon/value_status.rb +87 -0
- data/lib/ronin/recon/values/cert.rb +168 -0
- data/lib/ronin/recon/values/domain.rb +88 -0
- data/lib/ronin/recon/values/email_address.rb +114 -0
- data/lib/ronin/recon/values/host.rb +137 -0
- data/lib/ronin/recon/values/ip.rb +123 -0
- data/lib/ronin/recon/values/ip_range.rb +155 -0
- data/lib/ronin/recon/values/mailserver.rb +61 -0
- data/lib/ronin/recon/values/nameserver.rb +61 -0
- data/lib/ronin/recon/values/open_port.rb +190 -0
- data/lib/ronin/recon/values/url.rb +218 -0
- data/lib/ronin/recon/values/website.rb +200 -0
- data/lib/ronin/recon/values/wildcard.rb +140 -0
- data/lib/ronin/recon/values.rb +32 -0
- data/lib/ronin/recon/version.rb +26 -0
- data/lib/ronin/recon/web_worker.rb +35 -0
- data/lib/ronin/recon/worker.rb +433 -0
- data/lib/ronin/recon/worker_pool.rb +203 -0
- data/lib/ronin/recon/workers.rb +260 -0
- data/lib/ronin/recon.rb +22 -0
- data/man/ronin-recon-completion.1 +76 -0
- data/man/ronin-recon-completion.1.md +78 -0
- data/man/ronin-recon-irb.1 +27 -0
- data/man/ronin-recon-irb.1.md +26 -0
- data/man/ronin-recon-new.1 +58 -0
- data/man/ronin-recon-new.1.md +59 -0
- data/man/ronin-recon-run.1 +137 -0
- data/man/ronin-recon-run.1.md +115 -0
- data/man/ronin-recon-test.1 +53 -0
- data/man/ronin-recon-test.1.md +55 -0
- data/man/ronin-recon-worker.1 +32 -0
- data/man/ronin-recon-worker.1.md +34 -0
- data/man/ronin-recon-workers.1 +29 -0
- data/man/ronin-recon-workers.1.md +31 -0
- data/man/ronin-recon.1 +57 -0
- data/man/ronin-recon.1.md +57 -0
- data/ronin-recon.gemspec +62 -0
- data/scripts/setup +58 -0
- metadata +364 -0
@@ -0,0 +1,121 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/web_worker'
|
22
|
+
require 'ronin/recon/root'
|
23
|
+
|
24
|
+
require 'wordlist'
|
25
|
+
require 'uri'
|
26
|
+
require 'async/queue'
|
27
|
+
require 'async/http/internet/instance'
|
28
|
+
|
29
|
+
module Ronin
|
30
|
+
module Recon
|
31
|
+
module Web
|
32
|
+
#
|
33
|
+
# A recon worker that discovers HTTP directories.
|
34
|
+
#
|
35
|
+
class DirEnum < WebWorker
|
36
|
+
|
37
|
+
DEFAULT_WORDLIST = File.join(WORDLISTS_DIR, 'raft-small-directories.txt.gz')
|
38
|
+
|
39
|
+
register 'web/dir_enum'
|
40
|
+
|
41
|
+
summary 'Discovers HTTP directories for a website'
|
42
|
+
|
43
|
+
description <<~DESC
|
44
|
+
Discovers hidden directories on a website by sending HTTP HEAD
|
45
|
+
requests using a wordlist of common web directory names.
|
46
|
+
DESC
|
47
|
+
|
48
|
+
accepts Website
|
49
|
+
outputs URL
|
50
|
+
intensity :aggressive
|
51
|
+
|
52
|
+
param :concurrency, Integer, default: 10,
|
53
|
+
desc: 'Sets the number of async tasks'
|
54
|
+
|
55
|
+
param :wordlist, String, desc: 'Optional directory wordlist to use'
|
56
|
+
|
57
|
+
#
|
58
|
+
# Discovers HTTP directories for a given website.
|
59
|
+
#
|
60
|
+
# @param [Values::Website] website
|
61
|
+
# The website to recon.
|
62
|
+
#
|
63
|
+
# @yield [url]
|
64
|
+
# Every discovered directory will be passed to the block as a URL.
|
65
|
+
#
|
66
|
+
# @yieldparam [Values::URL] url
|
67
|
+
# A URL representing an exposed directory.
|
68
|
+
#
|
69
|
+
def process(website)
|
70
|
+
wordlist = Wordlist.open(params[:wordlist] || DEFAULT_WORDLIST)
|
71
|
+
queue = Async::LimitedQueue.new(params[:concurrency])
|
72
|
+
base_url = website.to_s
|
73
|
+
|
74
|
+
Async do |task|
|
75
|
+
task.async do
|
76
|
+
# feed the queue with the wordlist
|
77
|
+
wordlist.each { |name| queue << name }
|
78
|
+
|
79
|
+
# send stop messages for each sub-task
|
80
|
+
params[:concurrency].times { queue << nil }
|
81
|
+
end
|
82
|
+
|
83
|
+
# spawn the sub-tasks
|
84
|
+
params[:concurrency].times do
|
85
|
+
task.async do
|
86
|
+
http = Async::HTTP::Internet.instance
|
87
|
+
|
88
|
+
while (dir = queue.dequeue)
|
89
|
+
path = "/#{URI.encode_uri_component(dir)}"
|
90
|
+
url = "#{base_url}#{path}"
|
91
|
+
retries = 0
|
92
|
+
|
93
|
+
begin
|
94
|
+
response = http.head(url)
|
95
|
+
|
96
|
+
if VALID_STATUS_CODES.include?(response.status)
|
97
|
+
yield URL.new(url, status: response.status,
|
98
|
+
headers: response.headers)
|
99
|
+
end
|
100
|
+
rescue Errno::ECONNREFUSED,
|
101
|
+
SocketError
|
102
|
+
task.stop
|
103
|
+
rescue StandardError
|
104
|
+
if retries > 3
|
105
|
+
next
|
106
|
+
else
|
107
|
+
retries += 1
|
108
|
+
sleep 1
|
109
|
+
retry
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/web_worker'
|
22
|
+
require 'ronin/recon/builtin/web/spider'
|
23
|
+
require 'ronin/support/text/patterns'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Recon
|
27
|
+
module Web
|
28
|
+
#
|
29
|
+
# A recon worker that returns email addresses found on website.
|
30
|
+
#
|
31
|
+
class EmailAddresses < WebWorker
|
32
|
+
|
33
|
+
register 'web/email_addresses'
|
34
|
+
|
35
|
+
summary 'Extracts emails from a website'
|
36
|
+
|
37
|
+
description <<~DESC
|
38
|
+
Extracts all emails from a website.
|
39
|
+
DESC
|
40
|
+
|
41
|
+
accepts URL
|
42
|
+
outputs EmailAddress
|
43
|
+
intensity :passive
|
44
|
+
|
45
|
+
#
|
46
|
+
# Extract email addresses found in the pages body.
|
47
|
+
#
|
48
|
+
# @param [Values::URL] url
|
49
|
+
# The URL of the page to extract email addresses from.
|
50
|
+
#
|
51
|
+
# @yield [email]
|
52
|
+
# Each email address found on the page will be yielded.
|
53
|
+
#
|
54
|
+
# @yieldparam [Values::EmailAddress] email
|
55
|
+
# Email address found on the page.
|
56
|
+
#
|
57
|
+
def process(url)
|
58
|
+
return nil unless url.body
|
59
|
+
|
60
|
+
email_pattern = Ronin::Support::Text::Patterns::EMAIL_ADDRESS
|
61
|
+
|
62
|
+
url.body.force_encoding(Encoding::UTF_8).scan(email_pattern) do |email|
|
63
|
+
yield EmailAddress.new(email)
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/web_worker'
|
22
|
+
|
23
|
+
require 'ronin/web/spider'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Recon
|
27
|
+
module Web
|
28
|
+
#
|
29
|
+
# A recon worker that spiders a website.
|
30
|
+
#
|
31
|
+
class Spider < WebWorker
|
32
|
+
|
33
|
+
register 'web/spider'
|
34
|
+
|
35
|
+
summary 'Spiders a website'
|
36
|
+
|
37
|
+
description <<~DESC
|
38
|
+
Spiders a website and returns every URL.
|
39
|
+
DESC
|
40
|
+
|
41
|
+
accepts Website
|
42
|
+
outputs URL
|
43
|
+
|
44
|
+
#
|
45
|
+
# Spiders a website and yields every spidered URL.
|
46
|
+
#
|
47
|
+
# @param [Values::Website] website
|
48
|
+
# The website value to start spidering.
|
49
|
+
#
|
50
|
+
# @yield [url]
|
51
|
+
# Every spidered URL will be yielded.
|
52
|
+
#
|
53
|
+
# @yieldparam [Values::URL] url
|
54
|
+
# A URL visited by the spider.
|
55
|
+
#
|
56
|
+
def process(website)
|
57
|
+
base_uri = website.to_uri
|
58
|
+
|
59
|
+
Ronin::Web::Spider.site(base_uri) do |agent|
|
60
|
+
agent.every_page do |page|
|
61
|
+
if VALID_STATUS_CODES.include?(page.code)
|
62
|
+
yield URL.new(page.url, status: page.code,
|
63
|
+
headers: page.headers,
|
64
|
+
body: page.body)
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
agent.every_javascript_url_string do |url,page|
|
69
|
+
uri = URI.parse(url)
|
70
|
+
|
71
|
+
case uri
|
72
|
+
when URI::HTTP
|
73
|
+
agent.enqueue(uri)
|
74
|
+
end
|
75
|
+
rescue URI::InvalidURIError
|
76
|
+
# ignore invalid URIs
|
77
|
+
end
|
78
|
+
|
79
|
+
agent.every_javascript_path_string do |path,page|
|
80
|
+
if (uri = page.to_absolute(path))
|
81
|
+
case uri
|
82
|
+
when URI::HTTP
|
83
|
+
agent.enqueue(uri)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/builtin/dns/lookup'
|
22
|
+
require 'ronin/recon/builtin/dns/reverse_lookup'
|
23
|
+
require 'ronin/recon/builtin/dns/mailservers'
|
24
|
+
require 'ronin/recon/builtin/dns/nameservers'
|
25
|
+
require 'ronin/recon/builtin/dns/subdomain_enum'
|
26
|
+
require 'ronin/recon/builtin/dns/suffix_enum'
|
27
|
+
require 'ronin/recon/builtin/dns/srv_enum'
|
28
|
+
require 'ronin/recon/builtin/net/ip_range_enum'
|
29
|
+
require 'ronin/recon/builtin/net/port_scan'
|
30
|
+
require 'ronin/recon/builtin/net/service_id'
|
31
|
+
require 'ronin/recon/builtin/ssl/cert_grab'
|
32
|
+
require 'ronin/recon/builtin/ssl/cert_enum'
|
33
|
+
require 'ronin/recon/builtin/web/spider'
|
34
|
+
require 'ronin/recon/builtin/web/dir_enum'
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/root'
|
22
|
+
|
23
|
+
require 'ronin/core/cli/command'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module Recon
|
27
|
+
class CLI
|
28
|
+
#
|
29
|
+
# Base command for all `ronin-recon` commands.
|
30
|
+
#
|
31
|
+
class Command < Core::CLI::Command
|
32
|
+
|
33
|
+
man_dir File.join(ROOT,'man')
|
34
|
+
|
35
|
+
bug_report_url 'https://github.com/ronin-rb/ronin-recon/issues/new'
|
36
|
+
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/root'
|
22
|
+
require 'ronin/core/cli/completion_command'
|
23
|
+
|
24
|
+
module Ronin
|
25
|
+
module Recon
|
26
|
+
class CLI
|
27
|
+
module Commands
|
28
|
+
#
|
29
|
+
# Manages the shell completion rules for `ronin-recon`.
|
30
|
+
#
|
31
|
+
# ## Usage
|
32
|
+
#
|
33
|
+
# ronin-recon completion [options]
|
34
|
+
#
|
35
|
+
# ## Options
|
36
|
+
#
|
37
|
+
# --print Prints the shell completion file
|
38
|
+
# --install Installs the shell completion file
|
39
|
+
# --uninstall Uninstalls the shell completion file
|
40
|
+
# -h, --help Print help information
|
41
|
+
#
|
42
|
+
# ## Examples
|
43
|
+
#
|
44
|
+
# ronin-recon completion --print
|
45
|
+
# ronin-recon completion --install
|
46
|
+
# ronin-recon completion --uninstall
|
47
|
+
#
|
48
|
+
class Completion < Core::CLI::CompletionCommand
|
49
|
+
|
50
|
+
completion_file File.join(ROOT,'data','completions','ronin-recon')
|
51
|
+
|
52
|
+
man_dir File.join(ROOT,'man')
|
53
|
+
man_page 'ronin-recon-completion.1'
|
54
|
+
|
55
|
+
description 'Manages the shell completion rules for ronin-recon'
|
56
|
+
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/cli/command'
|
22
|
+
require 'ronin/recon/cli/ruby_shell'
|
23
|
+
|
24
|
+
module Ronin
|
25
|
+
module Recon
|
26
|
+
class CLI
|
27
|
+
module Commands
|
28
|
+
#
|
29
|
+
# Starts an interactive Ruby shell with `ronin-recon` loaded.
|
30
|
+
#
|
31
|
+
# ## Usage
|
32
|
+
#
|
33
|
+
# ronin-recon irb [options]
|
34
|
+
#
|
35
|
+
# ## Options
|
36
|
+
#
|
37
|
+
# -h, --help Print help information
|
38
|
+
#
|
39
|
+
class Irb < Command
|
40
|
+
|
41
|
+
description "Starts an interactive Ruby shell with ronin-recon loaded"
|
42
|
+
|
43
|
+
man_page 'ronin-recon-irb.1'
|
44
|
+
|
45
|
+
#
|
46
|
+
# Runs the `ronin-recon irb` command.
|
47
|
+
#
|
48
|
+
def run
|
49
|
+
require 'ronin/recon'
|
50
|
+
CLI::RubyShell.start
|
51
|
+
end
|
52
|
+
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,203 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# ronin-recon - A micro-framework and tool for performing reconnaissance.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
6
|
+
#
|
7
|
+
# ronin-recon is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU Lesser General Public License as published
|
9
|
+
# by the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# ronin-recon is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU Lesser General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU Lesser General Public License
|
18
|
+
# along with ronin-recon. If not, see <https://www.gnu.org/licenses/>.
|
19
|
+
#
|
20
|
+
|
21
|
+
require 'ronin/recon/cli/command'
|
22
|
+
require 'ronin/recon/root'
|
23
|
+
|
24
|
+
require 'ronin/core/cli/generator'
|
25
|
+
require 'ronin/core/cli/generator/options/author'
|
26
|
+
require 'ronin/core/cli/generator/options/summary'
|
27
|
+
require 'ronin/core/cli/generator/options/description'
|
28
|
+
require 'ronin/core/cli/generator/options/reference'
|
29
|
+
require 'ronin/core/git'
|
30
|
+
|
31
|
+
require 'command_kit/inflector'
|
32
|
+
require 'set'
|
33
|
+
|
34
|
+
module Ronin
|
35
|
+
module Recon
|
36
|
+
class CLI
|
37
|
+
module Commands
|
38
|
+
#
|
39
|
+
# Creates a new recon worker file.
|
40
|
+
#
|
41
|
+
# ## Usage
|
42
|
+
#
|
43
|
+
# ronin-recon new [options] FILE
|
44
|
+
#
|
45
|
+
# ## Options
|
46
|
+
#
|
47
|
+
# -t, --type worker|dns|web The type for the new recon worker
|
48
|
+
# -a, --author NAME The name of the author (Default: Postmodern)
|
49
|
+
# -e, --author-email EMAIL The email address of the author (Default: postmodern.mod3@gmail.com)
|
50
|
+
# -S, --summary TEXT One sentence summary
|
51
|
+
# -D, --description TEXT A longer description
|
52
|
+
# -R, --reference URL Adds a reference URL
|
53
|
+
# -A cert|domain|email_address|host|ip_range|ip|mailserver|nameserver|open_port|url|website|wildcard,
|
54
|
+
# --accepts The value type(s) the worker accepts
|
55
|
+
# -O cert|domain|email_address|host|ip_range|ip|mailserver|nameserver|open_port|url|website|wildcard,
|
56
|
+
# --outputs The value type(s) the worker outputs
|
57
|
+
# -I passive|active|aggressive, Specifies the intensity of the recon worker
|
58
|
+
# --intensity
|
59
|
+
# -h, --help Print help information
|
60
|
+
#
|
61
|
+
# ## Arguments
|
62
|
+
#
|
63
|
+
# PATH The path to the new recon workerfile
|
64
|
+
#
|
65
|
+
class New < Command
|
66
|
+
|
67
|
+
include Core::CLI::Generator
|
68
|
+
|
69
|
+
template_dir File.join(ROOT,'data','templates')
|
70
|
+
|
71
|
+
usage '[options] FILE'
|
72
|
+
|
73
|
+
# Mapping of recon worker types and their file/class names.
|
74
|
+
WORKER_TYPES = {
|
75
|
+
worker: {
|
76
|
+
file: 'worker',
|
77
|
+
class: 'Worker'
|
78
|
+
},
|
79
|
+
|
80
|
+
dns: {
|
81
|
+
file: 'dns_worker',
|
82
|
+
class: 'DNSWorker'
|
83
|
+
},
|
84
|
+
|
85
|
+
web: {
|
86
|
+
file: 'web_worker',
|
87
|
+
class: 'WebWorker'
|
88
|
+
}
|
89
|
+
}
|
90
|
+
|
91
|
+
option :type, short: '-t',
|
92
|
+
value: {type: WORKER_TYPES.keys},
|
93
|
+
desc: 'The type for the new recon worker' do |type|
|
94
|
+
@worker_type = WORKER_TYPES.fetch(type)
|
95
|
+
end
|
96
|
+
|
97
|
+
include Core::CLI::Generator::Options::Author
|
98
|
+
include Core::CLI::Generator::Options::Summary
|
99
|
+
include Core::CLI::Generator::Options::Description
|
100
|
+
include Core::CLI::Generator::Options::Reference
|
101
|
+
|
102
|
+
# Mapping of value types and their class names.
|
103
|
+
VALUE_TYPES = {
|
104
|
+
cert: 'Cert',
|
105
|
+
domain: 'Domain',
|
106
|
+
email_address: 'EmailAddress',
|
107
|
+
host: 'Host',
|
108
|
+
ip_range: 'IPRange',
|
109
|
+
ip: 'IP',
|
110
|
+
mailserver: 'Mailserver',
|
111
|
+
nameserver: 'Nameserver',
|
112
|
+
open_port: 'OpenPort',
|
113
|
+
url: 'URL',
|
114
|
+
website: 'Website',
|
115
|
+
wildcard: 'Wildcard'
|
116
|
+
}
|
117
|
+
|
118
|
+
option :accepts, short: '-A',
|
119
|
+
value: {
|
120
|
+
type: VALUE_TYPES
|
121
|
+
},
|
122
|
+
desc: 'The value type(s) the worker accepts' do |value|
|
123
|
+
@accepts << value
|
124
|
+
end
|
125
|
+
|
126
|
+
option :outputs, short: '-O',
|
127
|
+
value: {
|
128
|
+
type: VALUE_TYPES
|
129
|
+
},
|
130
|
+
desc: 'The value type(s) the worker outputs' do |value|
|
131
|
+
@outputs << value
|
132
|
+
end
|
133
|
+
|
134
|
+
option :intensity, short: '-I',
|
135
|
+
value: {
|
136
|
+
type: [:passive, :active, :aggressive]
|
137
|
+
},
|
138
|
+
desc: 'Specifies the intensity of the recon worker' do |intensity|
|
139
|
+
@intensity = intensity
|
140
|
+
end
|
141
|
+
|
142
|
+
argument :path, desc: 'The path to the new recon worker file'
|
143
|
+
|
144
|
+
description 'Creates a new recon worker file'
|
145
|
+
|
146
|
+
man_page 'ronin-recon-new.1'
|
147
|
+
|
148
|
+
# The worker type information.
|
149
|
+
#
|
150
|
+
# @return [Hash{Symbol => String}, nil]
|
151
|
+
attr_reader :worker_type
|
152
|
+
|
153
|
+
# The values class names which the new worker will accept.
|
154
|
+
#
|
155
|
+
# @return [Set<String>]
|
156
|
+
attr_reader :accepts
|
157
|
+
|
158
|
+
# The values class names which the new worker will output.
|
159
|
+
#
|
160
|
+
# @return [Set<String>]
|
161
|
+
attr_reader :outputs
|
162
|
+
|
163
|
+
# The intensity level for the new worker.
|
164
|
+
#
|
165
|
+
# @return [:passive, :active, :aggressive, nil]
|
166
|
+
attr_reader :intensity
|
167
|
+
|
168
|
+
#
|
169
|
+
# Initializes the `ronin-recon new` command.
|
170
|
+
#
|
171
|
+
# @param [Hash{Symbol => Object}] kwargs
|
172
|
+
# Additional keyword arguments.
|
173
|
+
#
|
174
|
+
def initialize(**kwargs)
|
175
|
+
super(**kwargs)
|
176
|
+
|
177
|
+
@worker_type = WORKER_TYPES.fetch(:worker)
|
178
|
+
@accepts = Set.new
|
179
|
+
@outputs = Set.new
|
180
|
+
end
|
181
|
+
|
182
|
+
#
|
183
|
+
# Runs the `ronin-recon new` command.
|
184
|
+
#
|
185
|
+
# @param [String] file
|
186
|
+
# The path to the new recon worker file.
|
187
|
+
#
|
188
|
+
def run(file)
|
189
|
+
@directory = File.dirname(file)
|
190
|
+
@file_name = File.basename(file,File.extname(file))
|
191
|
+
@class_name = CommandKit::Inflector.camelize(@file_name)
|
192
|
+
|
193
|
+
mkdir @directory unless File.directory?(@directory)
|
194
|
+
|
195
|
+
erb "worker.rb.erb", file
|
196
|
+
chmod '+x', file
|
197
|
+
end
|
198
|
+
|
199
|
+
end
|
200
|
+
end
|
201
|
+
end
|
202
|
+
end
|
203
|
+
end
|