ronin-scanners 0.1.4 → 1.0.0.pre1

data/Rakefile

@@ -1,19 +1,44 @@
-# -*- ruby -*-
-
 require 'rubygems'
-require 'hoe'
-require 'hoe/signing'
-require './tasks/spec.rb'
 
-Hoe.spec('ronin-scanners') do
-  self.rubyforge_name = 'ronin'
-  self.developer('Postmodern', 'postmodern.mod3@gmail.com')
-  self.remote_rdoc_dir = 'docs/ronin-scanners'
-  self.extra_deps = [
-    ['scandb', '>=0.1.3'],
-    ['rprogram', '>=0.1.6'],
-    ['ronin', '>=0.2.4']
+begin
+  require 'bundler'
+rescue LoadError => e
+  warn e.message
+  warn "Run `gem install bundler` to install Bundler."
+  exit -1
+end
+
+begin
+  Bundler.setup(:development)
+rescue Bundler::BundlerError => e
+  warn e.message
+  warn "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
+require 'rake'
+
+require 'rubygems/tasks'
+Gem::Tasks.new(:sign => {:checksum => true, :pgp => true}) do |tasks|
+  tasks.console.command = 'ripl'
+  tasks.console.options = %w[
+    -rripl/multi_line
+    -rripl/auto_indent
+    -rripl/color_result
   ]
 end
 
-# vim: syntax=Ruby
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+task :test => :spec
+task :default => :spec
+
+require 'dm-visualizer/rake/graphviz_task'
+DataMapper::Visualizer::Rake::GraphVizTask.new(
+  :bundle => [:runtime],
+  :include => ['lib'],
+  :require => ['ronin/scanners']
+)
+
+require 'yard'
+YARD::Rake::YardocTask.new

data/bin/ronin-scan-dork

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+
+root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+if File.directory?(File.join(root,'.git'))
+  Dir.chdir(root) do
+    begin
+      require 'bundler/setup'
+    rescue LoadError => e
+      warn e.message
+      warn "Run `gem install bundler` to install Bundler"
+      exit -1
+    end
+  end
+end
+
+require 'ronin/ui/cli/commands/scan/dork'
+
+Ronin::UI::CLI::Commands::Scan::Dork.start

data/bin/ronin-scan-nmap

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+
+root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+if File.directory?(File.join(root,'.git'))
+  Dir.chdir(root) do
+    begin
+      require 'bundler/setup'
+    rescue LoadError => e
+      warn e.message
+      warn "Run `gem install bundler` to install Bundler"
+      exit -1
+    end
+  end
+end
+
+require 'ronin/ui/cli/commands/scan/nmap'
+
+Ronin::UI::CLI::Commands::Scan::Nmap.start

data/bin/ronin-scan-proxies

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+
+root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+if File.directory?(File.join(root,'.git'))
+  Dir.chdir(root) do
+    begin
+      require 'bundler/setup'
+    rescue LoadError => e
+      warn e.message
+      warn "Run `gem install bundler` to install Bundler"
+      exit -1
+    end
+  end
+end
+
+require 'ronin/ui/cli/commands/scan/proxies'
+
+Ronin::UI::CLI::Commands::Scan::Proxies.start

data/bin/ronin-scan-spider

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+
+root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+if File.directory?(File.join(root,'.git'))
+  Dir.chdir(root) do
+    begin
+      require 'bundler/setup'
+    rescue LoadError => e
+      warn e.message
+      warn "Run `gem install bundler` to install Bundler"
+      exit -1
+    end
+  end
+end
+
+require 'ronin/ui/cli/commands/scan/spider'
+
+Ronin::UI::CLI::Commands::Scan::Spider.start

data/bin/ronin-scanner

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+
+root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+if File.directory?(File.join(root,'.git'))
+  Dir.chdir(root) do
+    begin
+      require 'bundler/setup'
+    rescue LoadError => e
+      warn e.message
+      warn "Run `gem install bundler` to install Bundler"
+      exit -1
+    end
+  end
+end
+
+require 'ronin/ui/cli/commands/scanner'
+
+Ronin::UI::CLI::Commands::Scanner.start

data/bin/ronin-scanners

@@ -2,13 +2,21 @@
 
 require 'rubygems'
 
-lib_dir = File.expand_path(File.join(File.dirname(__FILE__),'..','lib'))
-unless $LOAD_PATH.include?(lib_dir)
-  $LOAD_PATH << lib_dir
+root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+if File.directory?(File.join(root,'.git'))
+  Dir.chdir(root) do
+    begin
+      require 'bundler/setup'
+    rescue LoadError => e
+      warn e.message
+      warn "Run `gem install bundler` to install Bundler"
+      exit -1
+    end
+  end
 end
 
-require 'ronin/ui/command_line/commands/console'
 require 'ronin/ui/console'
+require 'ronin/ui/cli/commands/console'
 
 Ronin::UI::Console.auto_load << 'ronin/scanners'
-Ronin::UI::CommandLine::Commands::Console.run(*ARGV)
+Ronin::UI::CLI::Commands::Console.start

data/gemspec.yml

@@ -0,0 +1,31 @@
+name: ronin-scanners
+summary:
+  A Ruby library for Ronin that provides Ruby interfaces to various
+  third-party security scanners.
+
+description:
+  Ronin Scanners is a Ruby library for Ronin that provides Ruby interfaces
+  to various third-party security scanners.
+
+license: GPL-2
+authors: Postmodern
+email: postmodern.mod3@gmail.com
+homepage: http://ronin-ruby.github.com/scanners/
+has_yard: true
+
+dependencies:
+  open_namespace: ~> 0.3
+  # Ronin Scanners dependencies:
+  ruby-nmap: ~> 0.5
+  net-http-persistent: ~> 2.0 
+  nokogiri: ~> 1.4
+  spidr: ~> 0.3
+  gscraper: ~> 0.4
+  # Ronin dependencies:
+  ronin-support: ~> 0.5
+  ronin: ~> 1.5
+
+development_dependencies:
+  bundler: ~> 1.0
+  yard: ~> 0.7
+  yard-parameters: ~> 0.1

data/lib/ronin/database/migrations/scanners.rb

@@ -0,0 +1,25 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/database/migrations/scanners/1.0.0'
+require 'ronin/database/database'
+
+Ronin::Database.upgrade!

data/lib/ronin/database/migrations/scanners/1.0.0.rb

@@ -0,0 +1,51 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/database/migrations'
+
+module Ronin
+  module Database
+    module Migrations
+      migration(
+        :create_scanners_table,
+        :needs => [:create_licenses_table, :create_script_paths_table]
+      ) do
+        up do
+          create_table :ronin_scanners_scanners do
+            column :id, Integer, :serial => true
+            column :type, String, :not_null => true
+            column :name, String, :not_null => true
+            column :version, String, :default => '0.1'
+            column :description, Text
+            column :license_id, Integer
+            column :script_path_id, Integer
+          end
+
+          create_index :ronin_scanners_scanners, :name
+        end
+
+        down do
+          drop_table :ronin_scanners_scanners
+        end
+      end
+    end
+  end
+end

data/lib/ronin/scanners.rb

@@ -1,9 +1,8 @@
 #
-#--
 # Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
 # various third-party security scanners.
 #
-# Copyright (c) 2008-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -18,9 +17,12 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
-require 'ronin/scanners/nmap'
-require 'ronin/scanners/nikto'
+require 'ronin/database/migrations/scanners'
+
+require 'ronin/scanners/scanners'
 require 'ronin/scanners/version'
+require 'ronin/config'
+
+Ronin::Config.load :scanners

data/lib/ronin/scanners/dork.rb

@@ -0,0 +1,173 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/scanners/url_scanner'
+
+require 'gscraper/search'
+
+module Ronin
+  module Scanners
+    class Dork < URLScanner
+
+      # The query types and their `GScraper::Search::Query` classes
+      QUERY_TYPES = {
+        :web  => GScraper::Search::WebQuery,
+        :ajax => GScraper::Search::AJAXQuery
+      }
+
+      # The host to submit queries to
+      parameter :search_host, :type => String,
+                              :default => GScraper::Search::Query::DEFAULT_HOST,
+                              :description => 'The host to submit queries to'
+
+      # The type of query to perform (`:web` or `:ajax`)
+      parameter :query_type, :type => Symbol,
+                             :default => :web,
+                             :description => "The type of query to perform ('web' or 'ajax')"
+
+      # Number of seconds to pause between queries
+      parameter :query_pause, :type => Integer,
+                              :default => 2,
+                              :description => 'Number of seconds to pause between queries'
+
+      # The raw query
+      parameter :raw_query, :type => String,
+                            :description => 'The raw query'
+
+      # The search language
+      parameter :language, :type => String,
+                           :description => 'The search language'
+
+      # Search 'link' modifier
+      parameter :link, :type => String,
+                       :description => "Search 'link' modifier"
+
+      # Search 'related' modifier
+      parameter :related, :type => String,
+                          :description => "Search 'related' modifier"
+
+      # Search 'info' modifier
+      parameter :info, :type => String,
+                       :description => "Search 'info' modifier"
+
+      # Search 'site' modifier
+      parameter :site, :type => String,
+                       :description => "Search 'site' modifier"
+
+      # Search 'filetype' modifier
+      parameter :filetype, :type => String,
+                           :description => "Search 'filetype' modifier"
+
+      # Search 'allintitle' modifier
+      parameter :allintitle, :type => Array[String],
+                             :description => "Search 'allintitle' modifier"
+
+      # Search 'intitle' modifier
+      parameter :intitle, :type => String,
+                          :description => "Search 'intitle' modifier"
+
+      # Search 'allinurl' modifier
+      parameter :allinurl, :type => Array[String],
+                           :description => "Search 'allinurl' modifier"
+
+      # Search 'inurl' modifier
+      parameter :inurl, :type => String,
+                        :description => "Search 'inurl' modifier"
+
+      # Search 'allintext' modifier
+      parameter :allintext, :type => Array[String],
+                            :description => "Search 'allintext' modifier"
+
+      # Search 'intext' modifier
+      parameter :intext, :type => String,
+                         :description => "Search 'intext' modifier"
+
+      # Search for results containing the exact phrase
+      parameter :exact_phrase, :type => String,
+                               :description => 'Search for results containing the exact phrase'
+
+      # Search for results with the words
+      parameter :with_words, :type => Array[String],
+                             :description => 'Search for results with the words'
+
+      # Search for results with-out the words
+      parameter :without_words, :type => Array[String],
+                                :description => 'Search for results with-out the words'
+
+      # Search for results containing the definitions of the keywords
+      parameter :define, :type => String,
+                         :description => 'Search for results containing the definitions of the keywords'
+
+      # Search for results containing numbers between the range
+      parameter :numeric_range, :type => String,
+                                :description => 'Search for results containing numbers between the range'
+
+      protected
+
+      def search_options
+        {
+          :search_host   => self.search_host,
+          :query         => self.raw_query,
+          :language      => self.language,
+          :link          => self.link,
+          :related       => self.related,
+          :info          => self.info,
+          :site          => self.site,
+          :filetype      => self.filetype,
+          :allintitle    => self.allintitle,
+          :intitle       => self.intitle,
+          :allinurl      => self.allinurl,
+          :inurl         => self.inurl,
+          :allintext     => self.allintext,
+          :intext        => self.intext,
+          :exact_phrase  => self.exact_phrase,
+          :with_words    => self.with_words,
+          :without_words => self.without_words,
+          :define        => self.without_words,
+          :numeric_range => self.numeric_range
+        }
+      end
+
+      #
+      # Performs the Google Dork and passes back every URL from the search
+      # results.
+      #
+      # @yield [url]
+      #   Every URL from every Page.
+      #
+      # @yieldparam [URI::HTTP] url
+      #   A URL from the search results.
+      #
+      # @see http://rubydoc.info/gems/gscraper
+      #
+      def scan(&block)
+        QUERY_TYPES.fetch(self.query_type).new(search_options) do |search|
+          search.each do |page|
+            page.each_url(&block)
+
+            sleep(self.query_pause)
+          end
+        end
+      end
+
+    end
+  end
+end