ronin-scanners 0.1.4 → 1.0.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +4 -0
- data/.gemtest +0 -0
- data/.gitignore +11 -0
- data/.rspec +1 -0
- data/.yardopts +2 -0
- data/COPYING.txt +339 -0
- data/{History.txt → ChangeLog.md} +7 -7
- data/Gemfile +45 -0
- data/README.md +125 -0
- data/Rakefile +39 -14
- data/bin/ronin-scan-dork +20 -0
- data/bin/ronin-scan-nmap +20 -0
- data/bin/ronin-scan-proxies +20 -0
- data/bin/ronin-scan-spider +20 -0
- data/bin/ronin-scanner +20 -0
- data/bin/ronin-scanners +13 -5
- data/gemspec.yml +31 -0
- data/lib/ronin/database/migrations/scanners.rb +25 -0
- data/lib/ronin/database/migrations/scanners/1.0.0.rb +51 -0
- data/lib/ronin/scanners.rb +7 -5
- data/lib/ronin/scanners/dork.rb +173 -0
- data/lib/ronin/scanners/host_name_scanner.rb +67 -0
- data/lib/ronin/scanners/http_scanner.rb +195 -0
- data/lib/ronin/scanners/ip_scanner.rb +75 -0
- data/lib/ronin/scanners/nmap.rb +303 -5
- data/lib/ronin/scanners/{nikto/nikto.rb → proxies.rb} +11 -26
- data/lib/ronin/scanners/resolv_scanner.rb +73 -0
- data/lib/ronin/scanners/reverse_lookup_scanner.rb +76 -0
- data/lib/ronin/scanners/scanner.rb +371 -0
- data/lib/ronin/scanners/{nikto.rb → scanners.rb} +8 -5
- data/lib/ronin/scanners/site_map.rb +62 -0
- data/lib/ronin/scanners/spider.rb +117 -0
- data/lib/ronin/scanners/tcp_port_scanner.rb +72 -0
- data/lib/ronin/scanners/udp_port_scanner.rb +72 -0
- data/lib/ronin/scanners/url_scanner.rb +79 -0
- data/lib/ronin/scanners/version.rb +3 -4
- data/lib/ronin/ui/cli/commands/scan/dork.rb +39 -0
- data/lib/ronin/ui/cli/commands/scan/nmap.rb +105 -0
- data/lib/ronin/ui/cli/commands/scan/proxies.rb +82 -0
- data/lib/ronin/ui/cli/commands/scan/spider.rb +71 -0
- data/lib/ronin/ui/cli/commands/scanner.rb +43 -0
- data/lib/ronin/ui/cli/scanner_command.rb +118 -0
- data/ronin-scanners.gemspec +60 -0
- data/spec/scanners/host_name_scanner_spec.rb +24 -0
- data/spec/scanners/ip_scanner_spec.rb +24 -0
- data/spec/scanners/resolv_scanner_spec.rb +26 -0
- data/spec/scanners/reverse_lookup_scanner_spec.rb +26 -0
- data/spec/scanners/scanner_spec.rb +89 -0
- data/spec/scanners/scanners_spec.rb +9 -0
- data/spec/scanners/tcp_port_scanner_spec.rb +27 -0
- data/spec/scanners/udp_port_scanner_spec.rb +27 -0
- data/spec/scanners/url_scanner_spec.rb +37 -0
- data/spec/spec_helper.rb +4 -3
- metadata +261 -116
- data.tar.gz.sig +0 -1
- data/Manifest.txt +0 -16
- data/README.txt +0 -106
- data/lib/ronin/scanners/nikto/nikto_task.rb +0 -183
- data/lib/ronin/scanners/nmap/nmap.rb +0 -74
- data/lib/ronin/scanners/nmap/nmap_task.rb +0 -290
- data/spec/scanners_spec.rb +0 -11
- data/tasks/spec.rb +0 -9
- metadata.gz.sig +0 -0
@@ -0,0 +1,39 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/dork'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Dork < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Performs Google Dorks'
|
33
|
+
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,105 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/nmap'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Nmap < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Automates nmap scans and imports them into the Database'
|
33
|
+
|
34
|
+
#
|
35
|
+
# Runs the {Ronin::Scanners::Nmap} scanner.
|
36
|
+
#
|
37
|
+
# @since 1.0.0
|
38
|
+
#
|
39
|
+
def execute
|
40
|
+
print_info 'Saving scanned hosts and ports ...' if import?
|
41
|
+
|
42
|
+
scan
|
43
|
+
|
44
|
+
print_info 'All scanned hosts and ports saved.' if import?
|
45
|
+
end
|
46
|
+
|
47
|
+
protected
|
48
|
+
|
49
|
+
#
|
50
|
+
# Prints a scanned host result.
|
51
|
+
#
|
52
|
+
# @param [Nmap::Host] host
|
53
|
+
# A scanned host.
|
54
|
+
#
|
55
|
+
# @since 1.0.0
|
56
|
+
#
|
57
|
+
def print_result(host)
|
58
|
+
puts
|
59
|
+
|
60
|
+
print_hash({
|
61
|
+
:started => host.start_time,
|
62
|
+
:ended => host.end_time,
|
63
|
+
:status => "#{host.status.state} (#{host.status.reason})"
|
64
|
+
}, :title => host)
|
65
|
+
|
66
|
+
indent do
|
67
|
+
if options.verbose?
|
68
|
+
print_array host.each_address, :title => 'Addresses'
|
69
|
+
print_array host.each_hostname, :title => 'Hostname'
|
70
|
+
end
|
71
|
+
|
72
|
+
puts "[ Port ]\t[ State ]\t[ Service/Version ]\n"
|
73
|
+
|
74
|
+
host.each_port do |port|
|
75
|
+
puts " #{port}/#{port.protocol}\t #{port.state}\t #{port.service}"
|
76
|
+
end
|
77
|
+
puts
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
#
|
82
|
+
# Prints a saved host.
|
83
|
+
#
|
84
|
+
# @param [IPAddress] host
|
85
|
+
# A saved host.
|
86
|
+
#
|
87
|
+
# @since 1.0.0
|
88
|
+
#
|
89
|
+
def print_resource(host)
|
90
|
+
print_info "Saving #{host}:"
|
91
|
+
print_info 'Addresses:'
|
92
|
+
|
93
|
+
print_array host.addresses.select(&:new?),
|
94
|
+
:title => 'Addresses'
|
95
|
+
|
96
|
+
print_array host.ports.select(&:new?),
|
97
|
+
:title => 'Ports'
|
98
|
+
end
|
99
|
+
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
@@ -0,0 +1,82 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/proxies'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Proxies < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Scans for proxies and saves them into the Database'
|
33
|
+
|
34
|
+
#
|
35
|
+
# Runs the nmap scanner.
|
36
|
+
#
|
37
|
+
# @since 1.0.0
|
38
|
+
#
|
39
|
+
def execute
|
40
|
+
print_info 'Saving scanned proxies ...' if import?
|
41
|
+
|
42
|
+
scan
|
43
|
+
|
44
|
+
print_info 'All scanned proxies saved.' if import?
|
45
|
+
end
|
46
|
+
|
47
|
+
protected
|
48
|
+
|
49
|
+
#
|
50
|
+
# Prints a scanned proxy.
|
51
|
+
#
|
52
|
+
# @param [Proxy] proxy
|
53
|
+
# A scanned proxy.
|
54
|
+
#
|
55
|
+
# @since 1.0.0
|
56
|
+
#
|
57
|
+
def print_result(proxy)
|
58
|
+
print_hash({
|
59
|
+
:type => proxy.type,
|
60
|
+
:anonymous => proxy.anonymous?,
|
61
|
+
:latency => proxy.latency
|
62
|
+
}, :title => proxy.ip_address)
|
63
|
+
end
|
64
|
+
|
65
|
+
#
|
66
|
+
# Prints a saved proxy.
|
67
|
+
#
|
68
|
+
# @param [Proxy] proxy
|
69
|
+
# A saved proxy.
|
70
|
+
#
|
71
|
+
# @since 1.0.0
|
72
|
+
#
|
73
|
+
def print_resource(proxy)
|
74
|
+
print_result(proxy)
|
75
|
+
end
|
76
|
+
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/spider'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Spider < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Spiders a website and saves URLs into the Database'
|
33
|
+
|
34
|
+
#
|
35
|
+
# Spider one or more websites.
|
36
|
+
#
|
37
|
+
# @since 1.0.0
|
38
|
+
#
|
39
|
+
def execute
|
40
|
+
print_info 'Saving spidered URLs ...' if import?
|
41
|
+
|
42
|
+
scan
|
43
|
+
|
44
|
+
print_info 'All spidered URLs saved.' if import?
|
45
|
+
end
|
46
|
+
|
47
|
+
protected
|
48
|
+
|
49
|
+
#
|
50
|
+
# Prints a spidered page.
|
51
|
+
#
|
52
|
+
# @param [Spidr::Page] page
|
53
|
+
# A spidered page.
|
54
|
+
#
|
55
|
+
# @since 1.0.0
|
56
|
+
#
|
57
|
+
def print_result(page)
|
58
|
+
print_info page.url
|
59
|
+
|
60
|
+
if verbose?
|
61
|
+
print_hash page.headers
|
62
|
+
puts page.body
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/script_command'
|
23
|
+
require 'ronin/scanners/scanner'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
class Scanner < ScriptCommand
|
30
|
+
|
31
|
+
summary 'Loads and runs a scanner'
|
32
|
+
|
33
|
+
script_class Ronin::Scanners::Scanner
|
34
|
+
|
35
|
+
# scanner options
|
36
|
+
option :first, :type => Integer, :flag => '-N'
|
37
|
+
option :import, :type => true, :flag => '-I'
|
38
|
+
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,118 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/class_command'
|
23
|
+
require 'ronin/scanners'
|
24
|
+
require 'ronin/database'
|
25
|
+
|
26
|
+
module Ronin
|
27
|
+
module UI
|
28
|
+
module CLI
|
29
|
+
class ScannerCommand < ClassCommand
|
30
|
+
|
31
|
+
class_namespace Scanners
|
32
|
+
|
33
|
+
option :database, :type => String, :flag => '-D'
|
34
|
+
option :first, :type => Integer, :flag => '-N'
|
35
|
+
option :import, :type => true, :flag => '-I'
|
36
|
+
|
37
|
+
alias scanner object
|
38
|
+
|
39
|
+
#
|
40
|
+
# Invokes the scanner.
|
41
|
+
#
|
42
|
+
# @see #scan!
|
43
|
+
#
|
44
|
+
# @api semipublic
|
45
|
+
#
|
46
|
+
def execute
|
47
|
+
scan
|
48
|
+
end
|
49
|
+
|
50
|
+
protected
|
51
|
+
|
52
|
+
#
|
53
|
+
# Sets up the scanner command.
|
54
|
+
#
|
55
|
+
# @api semipublic
|
56
|
+
#
|
57
|
+
def setup(*arguments)
|
58
|
+
if database?
|
59
|
+
Database.repositories[:default] = @database
|
60
|
+
end
|
61
|
+
|
62
|
+
Database.setup
|
63
|
+
|
64
|
+
super(*arguments)
|
65
|
+
end
|
66
|
+
|
67
|
+
#
|
68
|
+
# Performs a scan using the `@scanner` instance variable.
|
69
|
+
#
|
70
|
+
# @since 1.0.0
|
71
|
+
#
|
72
|
+
def scan
|
73
|
+
enum, printer = if import?
|
74
|
+
[scanner.import, method(:print_resource)]
|
75
|
+
else
|
76
|
+
[scanner.each, method(:print_result)]
|
77
|
+
end
|
78
|
+
|
79
|
+
first_n = (@first || Float::INFINITY)
|
80
|
+
count = 0
|
81
|
+
|
82
|
+
enum.each do |result|
|
83
|
+
count += 1
|
84
|
+
|
85
|
+
printer.call(result)
|
86
|
+
|
87
|
+
break if count >= first_n
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
#
|
92
|
+
# Displays a result from the scanner.
|
93
|
+
#
|
94
|
+
# @param [Object] result
|
95
|
+
# A result yielded from the scanner.
|
96
|
+
#
|
97
|
+
# @since 1.0.0
|
98
|
+
#
|
99
|
+
def print_result(result)
|
100
|
+
puts result
|
101
|
+
end
|
102
|
+
|
103
|
+
#
|
104
|
+
# Displays a resource from the scanner.
|
105
|
+
#
|
106
|
+
# @param [Model] resource
|
107
|
+
# A resource yielded from the scanner.
|
108
|
+
#
|
109
|
+
# @since 1.0.0
|
110
|
+
#
|
111
|
+
def print_resource(resource)
|
112
|
+
puts resource
|
113
|
+
end
|
114
|
+
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|