ronin-scanners 0.1.4 → 1.0.0.pre1

data/lib/ronin/scanners/{nikto.rb → scanners.rb}

@@ -1,9 +1,8 @@
 #
-#--
 # Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
 # various third-party security scanners.
 #
-# Copyright (c) 2008-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -18,8 +17,12 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
-require 'ronin/scanners/nikto/nikto_task'
-require 'ronin/scanners/nikto/nikto'
+require 'ronin/auto_load'
+
+module Ronin
+  module Scanners
+    include AutoLoad
+  end
+end

data/lib/ronin/scanners/site_map.rb

@@ -0,0 +1,62 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/scanners/url_scanner'
+require 'ronin/network/mixins/http'
+
+require 'nokogiri'
+
+module Ronin
+  module Scanners
+    #
+    # The {SiteMap} scans the URLs listed in a websites `sitemap.xml` file.
+    #
+    class SiteMap < URLScanner
+
+      include Network::Mixins::HTTP
+
+      # The path to the sitemap
+      SITEMAP_PATH = '/sitemap.xml'
+
+      protected
+
+      #
+      # Requests `sitemap.xml` from a host and parses the URLs.
+      #
+      # @yield [url]
+      #   The given block will be passed every URL within the sitemap.
+      #
+      # @yieldparam [String] url
+      #   One of the URLs from the sitemap.
+      #
+      # @since 1.0.0
+      #
+      def scan(&block)
+        sitemap = Nokogiri::XML(http_get_body(:path => SITEMAP_PATH))
+
+        sitemap.search('/urlset/url/loc/.').each do |url|
+          yield url
+        end
+      end
+
+    end
+  end
+end

data/lib/ronin/scanners/spider.rb

@@ -0,0 +1,117 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2006-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/scanners/url_scanner'
+require 'ronin/network/http'
+
+require 'spidr/agent'
+
+module Ronin
+  module Scanners
+    #
+    # The {Spider} class represents a scanner that spider web pages,
+    # yielding `Spidr::Page` results and `URL` resources.
+    #
+    class Spider < URLScanner
+
+      # The URL to start spidering at.
+      parameter :start_at, :description => 'The URI to start scanning at'
+
+      # The hosts to spider.
+      parameter :hosts, :default => Set[],
+                        :description => 'The hosts to scan'
+
+      #
+      # Creates a new web spider agent.
+      #
+      # @yield [agent]
+      #   The given block will be passed the newly created web spider
+      #   agent.
+      #
+      # @yieldparam [Spidr::Agent] agent
+      #   The newly created web spider agent to configure.
+      #
+      # @return [Spidr::Agent]
+      #   The newly created web spider agent.
+      #
+      # @since 1.0.0
+      #   
+      def agent(&block)
+        options = {
+          :proxy => Network::HTTP.proxy,
+          :user_agent => Network::HTTP.user_agent
+        }
+
+        return Spidr::Agent.new(options,&block)
+      end
+
+      protected
+
+      #
+      # Begins spidering web pages.
+      #
+      # @yield [page]
+      #   The given block will be passed each spidered web page.
+      #
+      # @yieldparam [Spidr::Page] page
+      #   A page visited by the web spider.
+      #
+      # @since 1.0.0
+      #
+      def scan(&block)
+        spider = agent()
+
+        spider.start_at(self.start_at,&block)
+      end
+
+      #
+      # Normalizes a visited web page.
+      #
+      # @param [Spidr::Page] page
+      #   A visited web page.
+      #
+      # @return [Spidr::Page]
+      #   The visited web page.
+      #
+      # @since 1.0.0
+      #
+      def normalize_result(page)
+        page
+      end
+
+      #
+      # Converts a visited web page into a URL resource.
+      #
+      # @param [Spidr::Page] page
+      #   A visited web page.
+      #
+      # @return [URL]
+      #   The URL resource for the web page.
+      #
+      # @since 1.0.0
+      #
+      def new_resource(page)
+        super(page.uri)
+      end
+
+    end
+  end
+end

data/lib/ronin/scanners/tcp_port_scanner.rb

@@ -0,0 +1,72 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/scanners/scanner'
+require 'ronin/open_port'
+
+module Ronin
+  module Scanners
+    #
+    # The {TCPPortScanner} class represents scanners that yield TCP port
+    # number results and `OpenPort` resources.
+    #
+    class TCPPortScanner < Scanner
+
+      protected
+
+      #
+      # Normalizes the port number.
+      #
+      # @param [String, Integer] result
+      #   The incoming port number.
+      #
+      # @return [Integer]
+      #   The normalized port number.
+      #
+      # @since 1.0.0
+      #
+      def normalize_result(result)
+        result.to_i
+      end
+
+      #
+      # Queries or creates a new open-port resource for the given result.
+      #
+      # @param [Integer] result
+      #   The port number.
+      #
+      # @return [OpenPort]
+      #   The open port resource from the Database.
+      #
+      # @since 1.0.0
+      #
+      def new_resource(result)
+        OpenPort.first_or_new(
+          :port => Port.first_or_new(
+            :protocol => 'tcp',
+            :number   => result
+          )
+        )
+      end
+
+    end
+  end
+end

data/lib/ronin/scanners/udp_port_scanner.rb

@@ -0,0 +1,72 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/scanners/scanner'
+require 'ronin/open_port'
+
+module Ronin
+  module Scanners
+    #
+    # The {UDPPortScanner} class represents scanners that yield UDP port
+    # number results and `OpenPort` resources.
+    #
+    class UDPPortScanner < Scanner
+
+      protected
+
+      #
+      # Normalizes the port number.
+      #
+      # @param [String, Integer] result
+      #   The incoming port number.
+      #
+      # @return [Integer]
+      #   The normalized port number.
+      #
+      # @since 0.2.0
+      #
+      def normalize_result(result)
+        result.to_i
+      end
+
+      #
+      # Queries or creates a new open-port resource for the given result.
+      #
+      # @param [Integer] result
+      #   The port number.
+      #
+      # @return [OpenPort]
+      #   The open port resource from the Database.
+      #
+      # @since 0.2.0
+      #
+      def new_resource(result)
+        OpenPort.first_or_new(
+          :port => Port.first_or_new(
+            :protocol => 'udp',
+            :number   => result
+          )
+        )
+      end
+
+    end
+  end
+end

data/lib/ronin/scanners/url_scanner.rb

@@ -0,0 +1,79 @@
+#
+# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
+# various third-party security scanners.
+#
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/scanners/scanner'
+require 'ronin/url'
+
+require 'uri'
+
+module Ronin
+  module Scanners
+    #
+    # The {URLScanner} class represents scanners that yield `URI` results
+    # and `URL` resources.
+    #
+    class URLScanner < Scanner
+
+      protected
+
+      #
+      # Normalizes the URL.
+      #
+      # @param [String, URI::Generic] result
+      #   The incoming URL.
+      #
+      # @return [URI::Generic]
+      #   The normalized URI.
+      #
+      # @since 1.0.0
+      #
+      def normalize_result(result)
+        unless result.kind_of?(::URI::Generic)
+          begin
+            URI.parse(result.to_s)
+          rescue URI::InvalidURIError, URI::InvalidComponentError
+          end
+        else
+          result
+        end
+      end
+
+      #
+      # Queries or creates a new Url resource for the given result.
+      #
+      # @param [URI::Generic] result
+      #   The URL.
+      #
+      # @return [Url]
+      #   The Url resource from the Database.
+      #
+      # @since 1.0.0
+      #
+      def new_resource(result)
+        new_url = URL.from(result)
+
+        new_url.last_scanned_at = Time.now
+        return new_url
+      end
+
+    end
+  end
+end

data/lib/ronin/scanners/version.rb

@@ -1,9 +1,8 @@
 #
-#--
 # Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
 # various third-party security scanners.
 #
-# Copyright (c) 2008-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -18,11 +17,11 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
 module Ronin
   module Scanners
-    VERSION = '0.1.4'
+    # ronin-scanners version
+    VERSION = '1.0.0.pre1'
   end
 end