ronin-recon 0.1.0.rc2 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -1
  3. data/ChangeLog.md +1 -1
  4. data/README.md +1 -0
  5. data/data/wordlists/raft-small-directories.txt.gz +0 -0
  6. data/data/wordlists/subdomains-1000.txt.gz +0 -0
  7. data/gemspec.yml +6 -6
  8. data/lib/ronin/recon/builtin/api/crt_sh.rb +21 -10
  9. data/lib/ronin/recon/builtin/net/port_scan.rb +1 -0
  10. data/lib/ronin/recon/builtin/web/spider.rb +6 -2
  11. data/lib/ronin/recon/values/url.rb +0 -1
  12. data/lib/ronin/recon/version.rb +1 -1
  13. metadata +15 -15
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d9353cb03516130e8ab2c0c672c9b989076eede3a91027e8442356550a9698fc
4
- data.tar.gz: 85fd1b4795c9f776be9ac8c378279b4575e7d80ecc0407a092fec925c70614e9
3
+ metadata.gz: fb12d7c803f46db1479703050ae863e2c684bcf02c27e56845f57aabadba8295
4
+ data.tar.gz: 3ecef315a0ef47934ba2b6b7117ad9b2bc9813508f4db64d96e851b09469008b
5
5
  SHA512:
6
- metadata.gz: b55e6f1ce78547f5bc1f5f7571033016ea35835975d87e83ced3ac9a1ce91606194512e42a67eafc40cb67d5179000880c89dd22b3b5f518be908771f50e9ed3
7
- data.tar.gz: 8f3d6ebcb3b2a4547a21af4805d382349f597654d095a7df3b0d2d18ddf262f332221dc3f88a81b1d3f2a7d669e514bb2c44167e8655d11739e099192c0a15b6
6
+ metadata.gz: 8d4956f0572724eb5db72c774ac20202dfef0d56513d1569a3d309c5329a988a3f085db9c3d58bb23f4f7922a6da87c67f69d43971efff50704e89a2486393e9
7
+ data.tar.gz: 87eb036e8d7702d7a9bd2645c1bf152b797e990a6bf0a7f566db8c1f787217a9c14b19f9d93940f6f8645745367bba63cf27ee6b9700214d73567a17b324da6f
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- ruby-3.1
1
+ ruby-3.3
data/ChangeLog.md CHANGED
@@ -1,4 +1,4 @@
1
- ### 0.1.0 / 2024-XX-XX
1
+ ### 0.1.0 / 2024-07-22
2
2
 
3
3
  * Initial release:
4
4
  * Uses asynchronous I/O and fibers.
data/README.md CHANGED
@@ -56,6 +56,7 @@ and uses asynchronous I/O to maximize efficiency.
56
56
 
57
57
  * Does not require API keys to run.
58
58
  * Not just a script that runs a bunch of other recon tools.
59
+ * Does not use AI.
59
60
 
60
61
  ## Synopsis
61
62
 
data/data/wordlists/subdomains-1000.txt.gz CHANGED
Binary file
data/gemspec.yml CHANGED
@@ -45,13 +45,13 @@ dependencies:
45
45
  async-http: ~> 0.60
46
46
  wordlist: ~> 1.0, >= 1.0.3
47
47
  # Ronin dependencies:
48
- ronin-support: ~> 1.1.0.rc1
49
- ronin-core: ~> 0.2.0.rc1
50
- ronin-db: ~> 0.2.0.rc1
48
+ ronin-support: ~> 1.1
49
+ ronin-core: ~> 0.2
50
+ ronin-db: ~> 0.2
51
51
  ronin-repos: ~> 0.1
52
- ronin-masscan: ~> 0.1.0.rc1
53
- ronin-nmap: ~> 0.1.0.rc1
54
- ronin-web-spider: ~> 0.2.0.rc1
52
+ ronin-masscan: ~> 0.1
53
+ ronin-nmap: ~> 0.1
54
+ ronin-web-spider: ~> 0.2
55
55
 
56
56
  development_dependencies:
57
57
  bundler: ~> 2.0
data/lib/ronin/recon/builtin/api/crt_sh.rb CHANGED
@@ -19,8 +19,10 @@
19
19
  #
20
20
 
21
21
  require 'ronin/recon/worker'
22
+ require 'ronin/support/text/patterns/network'
22
23
 
23
24
  require 'async/http/internet/instance'
25
+ require 'set'
24
26
 
25
27
  module Ronin
26
28
  module Recon
@@ -33,10 +35,11 @@ module Ronin
33
35
 
34
36
  register 'api/crt_sh'
35
37
 
36
- summary 'Queries https://crt.sh and returns host from each domains certificate.'
38
+ summary 'Queries https://crt.sh'
37
39
 
38
40
  description <<~DESC
39
- Queries https://crt.sh and returns host from each domains certificate.
41
+ Queries https://crt.sh and returns the host names from each valid
42
+ certificate for the domain.
40
43
  DESC
41
44
 
42
45
  accepts Domain
@@ -67,6 +70,11 @@ module Ronin
67
70
  )
68
71
  end
69
72
 
73
+ # Regular expression to verify valid host names.
74
+ #
75
+ # @api private
76
+ HOST_NAME_REGEX = /\A#{Support::Text::Patterns::HOST_NAME}\z/
77
+
70
78
  #
71
79
  # Returns host from each domains certificate.
72
80
  #
@@ -81,15 +89,18 @@ module Ronin
81
89
  # The host from certificate.
82
90
  #
83
91
  def process(domain)
84
- Async do
85
- path = "/?dNSName=#{domain}&exclude=expired&output=json"
86
- response = @client.get(path)
87
- certs = JSON.parse(response.read, symbolize_names: true)
92
+ path = "/?dNSName=#{domain}&exclude=expired&output=json"
93
+ response = @client.get(path)
94
+ certs = JSON.parse(response.read, symbolize_names: true)
95
+ hostnames = Set.new
96
+
97
+ certs.each do |cert|
98
+ common_name = cert[:common_name]
88
99
 
89
- certs.each do |cert|
90
- if (common_name = cert[:common_name])
91
- yield Host.new(common_name)
92
- end
100
+ if common_name &&
101
+ common_name =~ HOST_NAME_REGEX &&
102
+ hostnames.add?(common_name)
103
+ yield Host.new(common_name)
93
104
  end
94
105
  end
95
106
  end
data/lib/ronin/recon/builtin/net/port_scan.rb CHANGED
@@ -41,6 +41,7 @@ module Ronin
41
41
 
42
42
  accepts IP
43
43
  outputs OpenPort
44
+ concurrency 1 # prevents overloading the network interface
44
45
 
45
46
  param :ports, String, desc: 'Optional port list to scan'
46
47
 
data/lib/ronin/recon/builtin/web/spider.rb CHANGED
@@ -32,10 +32,14 @@ module Ronin
32
32
 
33
33
  register 'web/spider'
34
34
 
35
- summary 'Spiders a website'
35
+ summary 'Spiders a website and finds every URL'
36
36
 
37
37
  description <<~DESC
38
- Spiders a website and returns every URL.
38
+ Spiders a website and finds every URL.
39
+
40
+ * Visits every `a`, `iframe`, `frame`, `link`, and `script` URL.
41
+ * Extracts paths from JavaScript.
42
+ * Extracts URLs from JavaScript.
39
43
  DESC
40
44
 
41
45
  accepts Website
data/lib/ronin/recon/values/url.rb CHANGED
@@ -21,7 +21,6 @@
21
21
  require 'ronin/recon/value'
22
22
 
23
23
  require 'uri'
24
- require 'base64'
25
24
 
26
25
  module Ronin
27
26
  module Recon
data/lib/ronin/recon/version.rb CHANGED
@@ -21,6 +21,6 @@
21
21
  module Ronin
22
22
  module Recon
23
23
  # ronin-recon version
24
- VERSION = '0.1.0.rc2'
24
+ VERSION = '0.1.0'
25
25
  end
26
26
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ronin-recon
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0.rc2
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Postmodern
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-07-15 00:00:00.000000000 Z
11
+ date: 2024-07-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thread-local
@@ -92,42 +92,42 @@ dependencies:
92
92
  requirements:
93
93
  - - "~>"
94
94
  - !ruby/object:Gem::Version
95
- version: 1.1.0.rc1
95
+ version: '1.1'
96
96
  type: :runtime
97
97
  prerelease: false
98
98
  version_requirements: !ruby/object:Gem::Requirement
99
99
  requirements:
100
100
  - - "~>"
101
101
  - !ruby/object:Gem::Version
102
- version: 1.1.0.rc1
102
+ version: '1.1'
103
103
  - !ruby/object:Gem::Dependency
104
104
  name: ronin-core
105
105
  requirement: !ruby/object:Gem::Requirement
106
106
  requirements:
107
107
  - - "~>"
108
108
  - !ruby/object:Gem::Version
109
- version: 0.2.0.rc1
109
+ version: '0.2'
110
110
  type: :runtime
111
111
  prerelease: false
112
112
  version_requirements: !ruby/object:Gem::Requirement
113
113
  requirements:
114
114
  - - "~>"
115
115
  - !ruby/object:Gem::Version
116
- version: 0.2.0.rc1
116
+ version: '0.2'
117
117
  - !ruby/object:Gem::Dependency
118
118
  name: ronin-db
119
119
  requirement: !ruby/object:Gem::Requirement
120
120
  requirements:
121
121
  - - "~>"
122
122
  - !ruby/object:Gem::Version
123
- version: 0.2.0.rc1
123
+ version: '0.2'
124
124
  type: :runtime
125
125
  prerelease: false
126
126
  version_requirements: !ruby/object:Gem::Requirement
127
127
  requirements:
128
128
  - - "~>"
129
129
  - !ruby/object:Gem::Version
130
- version: 0.2.0.rc1
130
+ version: '0.2'
131
131
  - !ruby/object:Gem::Dependency
132
132
  name: ronin-repos
133
133
  requirement: !ruby/object:Gem::Requirement
@@ -148,42 +148,42 @@ dependencies:
148
148
  requirements:
149
149
  - - "~>"
150
150
  - !ruby/object:Gem::Version
151
- version: 0.1.0.rc1
151
+ version: '0.1'
152
152
  type: :runtime
153
153
  prerelease: false
154
154
  version_requirements: !ruby/object:Gem::Requirement
155
155
  requirements:
156
156
  - - "~>"
157
157
  - !ruby/object:Gem::Version
158
- version: 0.1.0.rc1
158
+ version: '0.1'
159
159
  - !ruby/object:Gem::Dependency
160
160
  name: ronin-nmap
161
161
  requirement: !ruby/object:Gem::Requirement
162
162
  requirements:
163
163
  - - "~>"
164
164
  - !ruby/object:Gem::Version
165
- version: 0.1.0.rc1
165
+ version: '0.1'
166
166
  type: :runtime
167
167
  prerelease: false
168
168
  version_requirements: !ruby/object:Gem::Requirement
169
169
  requirements:
170
170
  - - "~>"
171
171
  - !ruby/object:Gem::Version
172
- version: 0.1.0.rc1
172
+ version: '0.1'
173
173
  - !ruby/object:Gem::Dependency
174
174
  name: ronin-web-spider
175
175
  requirement: !ruby/object:Gem::Requirement
176
176
  requirements:
177
177
  - - "~>"
178
178
  - !ruby/object:Gem::Version
179
- version: 0.2.0.rc1
179
+ version: '0.2'
180
180
  type: :runtime
181
181
  prerelease: false
182
182
  version_requirements: !ruby/object:Gem::Requirement
183
183
  requirements:
184
184
  - - "~>"
185
185
  - !ruby/object:Gem::Version
186
- version: 0.2.0.rc1
186
+ version: '0.2'
187
187
  - !ruby/object:Gem::Dependency
188
188
  name: bundler
189
189
  requirement: !ruby/object:Gem::Requirement
@@ -357,7 +357,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
357
357
  - !ruby/object:Gem::Version
358
358
  version: '0'
359
359
  requirements: []
360
- rubygems_version: 3.3.27
360
+ rubygems_version: 3.5.11
361
361
  signing_key:
362
362
  specification_version: 4
363
363
  summary: A micro-framework and tool for performing reconnaissance.