ronin-scanners 0.1.4 → 1.0.0.pre1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.document +4 -0
- data/.gemtest +0 -0
- data/.gitignore +11 -0
- data/.rspec +1 -0
- data/.yardopts +2 -0
- data/COPYING.txt +339 -0
- data/{History.txt → ChangeLog.md} +7 -7
- data/Gemfile +45 -0
- data/README.md +125 -0
- data/Rakefile +39 -14
- data/bin/ronin-scan-dork +20 -0
- data/bin/ronin-scan-nmap +20 -0
- data/bin/ronin-scan-proxies +20 -0
- data/bin/ronin-scan-spider +20 -0
- data/bin/ronin-scanner +20 -0
- data/bin/ronin-scanners +13 -5
- data/gemspec.yml +31 -0
- data/lib/ronin/database/migrations/scanners.rb +25 -0
- data/lib/ronin/database/migrations/scanners/1.0.0.rb +51 -0
- data/lib/ronin/scanners.rb +7 -5
- data/lib/ronin/scanners/dork.rb +173 -0
- data/lib/ronin/scanners/host_name_scanner.rb +67 -0
- data/lib/ronin/scanners/http_scanner.rb +195 -0
- data/lib/ronin/scanners/ip_scanner.rb +75 -0
- data/lib/ronin/scanners/nmap.rb +303 -5
- data/lib/ronin/scanners/{nikto/nikto.rb → proxies.rb} +11 -26
- data/lib/ronin/scanners/resolv_scanner.rb +73 -0
- data/lib/ronin/scanners/reverse_lookup_scanner.rb +76 -0
- data/lib/ronin/scanners/scanner.rb +371 -0
- data/lib/ronin/scanners/{nikto.rb → scanners.rb} +8 -5
- data/lib/ronin/scanners/site_map.rb +62 -0
- data/lib/ronin/scanners/spider.rb +117 -0
- data/lib/ronin/scanners/tcp_port_scanner.rb +72 -0
- data/lib/ronin/scanners/udp_port_scanner.rb +72 -0
- data/lib/ronin/scanners/url_scanner.rb +79 -0
- data/lib/ronin/scanners/version.rb +3 -4
- data/lib/ronin/ui/cli/commands/scan/dork.rb +39 -0
- data/lib/ronin/ui/cli/commands/scan/nmap.rb +105 -0
- data/lib/ronin/ui/cli/commands/scan/proxies.rb +82 -0
- data/lib/ronin/ui/cli/commands/scan/spider.rb +71 -0
- data/lib/ronin/ui/cli/commands/scanner.rb +43 -0
- data/lib/ronin/ui/cli/scanner_command.rb +118 -0
- data/ronin-scanners.gemspec +60 -0
- data/spec/scanners/host_name_scanner_spec.rb +24 -0
- data/spec/scanners/ip_scanner_spec.rb +24 -0
- data/spec/scanners/resolv_scanner_spec.rb +26 -0
- data/spec/scanners/reverse_lookup_scanner_spec.rb +26 -0
- data/spec/scanners/scanner_spec.rb +89 -0
- data/spec/scanners/scanners_spec.rb +9 -0
- data/spec/scanners/tcp_port_scanner_spec.rb +27 -0
- data/spec/scanners/udp_port_scanner_spec.rb +27 -0
- data/spec/scanners/url_scanner_spec.rb +37 -0
- data/spec/spec_helper.rb +4 -3
- metadata +261 -116
- data.tar.gz.sig +0 -1
- data/Manifest.txt +0 -16
- data/README.txt +0 -106
- data/lib/ronin/scanners/nikto/nikto_task.rb +0 -183
- data/lib/ronin/scanners/nmap/nmap.rb +0 -74
- data/lib/ronin/scanners/nmap/nmap_task.rb +0 -290
- data/spec/scanners_spec.rb +0 -11
- data/tasks/spec.rb +0 -9
- metadata.gz.sig +0 -0
@@ -0,0 +1,39 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/dork'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Dork < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Performs Google Dorks'
|
33
|
+
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,105 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/nmap'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Nmap < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Automates nmap scans and imports them into the Database'
|
33
|
+
|
34
|
+
#
|
35
|
+
# Runs the {Ronin::Scanners::Nmap} scanner.
|
36
|
+
#
|
37
|
+
# @since 1.0.0
|
38
|
+
#
|
39
|
+
def execute
|
40
|
+
print_info 'Saving scanned hosts and ports ...' if import?
|
41
|
+
|
42
|
+
scan
|
43
|
+
|
44
|
+
print_info 'All scanned hosts and ports saved.' if import?
|
45
|
+
end
|
46
|
+
|
47
|
+
protected
|
48
|
+
|
49
|
+
#
|
50
|
+
# Prints a scanned host result.
|
51
|
+
#
|
52
|
+
# @param [Nmap::Host] host
|
53
|
+
# A scanned host.
|
54
|
+
#
|
55
|
+
# @since 1.0.0
|
56
|
+
#
|
57
|
+
def print_result(host)
|
58
|
+
puts
|
59
|
+
|
60
|
+
print_hash({
|
61
|
+
:started => host.start_time,
|
62
|
+
:ended => host.end_time,
|
63
|
+
:status => "#{host.status.state} (#{host.status.reason})"
|
64
|
+
}, :title => host)
|
65
|
+
|
66
|
+
indent do
|
67
|
+
if options.verbose?
|
68
|
+
print_array host.each_address, :title => 'Addresses'
|
69
|
+
print_array host.each_hostname, :title => 'Hostname'
|
70
|
+
end
|
71
|
+
|
72
|
+
puts "[ Port ]\t[ State ]\t[ Service/Version ]\n"
|
73
|
+
|
74
|
+
host.each_port do |port|
|
75
|
+
puts " #{port}/#{port.protocol}\t #{port.state}\t #{port.service}"
|
76
|
+
end
|
77
|
+
puts
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
#
|
82
|
+
# Prints a saved host.
|
83
|
+
#
|
84
|
+
# @param [IPAddress] host
|
85
|
+
# A saved host.
|
86
|
+
#
|
87
|
+
# @since 1.0.0
|
88
|
+
#
|
89
|
+
def print_resource(host)
|
90
|
+
print_info "Saving #{host}:"
|
91
|
+
print_info 'Addresses:'
|
92
|
+
|
93
|
+
print_array host.addresses.select(&:new?),
|
94
|
+
:title => 'Addresses'
|
95
|
+
|
96
|
+
print_array host.ports.select(&:new?),
|
97
|
+
:title => 'Ports'
|
98
|
+
end
|
99
|
+
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
@@ -0,0 +1,82 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/proxies'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Proxies < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Scans for proxies and saves them into the Database'
|
33
|
+
|
34
|
+
#
|
35
|
+
# Runs the nmap scanner.
|
36
|
+
#
|
37
|
+
# @since 1.0.0
|
38
|
+
#
|
39
|
+
def execute
|
40
|
+
print_info 'Saving scanned proxies ...' if import?
|
41
|
+
|
42
|
+
scan
|
43
|
+
|
44
|
+
print_info 'All scanned proxies saved.' if import?
|
45
|
+
end
|
46
|
+
|
47
|
+
protected
|
48
|
+
|
49
|
+
#
|
50
|
+
# Prints a scanned proxy.
|
51
|
+
#
|
52
|
+
# @param [Proxy] proxy
|
53
|
+
# A scanned proxy.
|
54
|
+
#
|
55
|
+
# @since 1.0.0
|
56
|
+
#
|
57
|
+
def print_result(proxy)
|
58
|
+
print_hash({
|
59
|
+
:type => proxy.type,
|
60
|
+
:anonymous => proxy.anonymous?,
|
61
|
+
:latency => proxy.latency
|
62
|
+
}, :title => proxy.ip_address)
|
63
|
+
end
|
64
|
+
|
65
|
+
#
|
66
|
+
# Prints a saved proxy.
|
67
|
+
#
|
68
|
+
# @param [Proxy] proxy
|
69
|
+
# A saved proxy.
|
70
|
+
#
|
71
|
+
# @since 1.0.0
|
72
|
+
#
|
73
|
+
def print_resource(proxy)
|
74
|
+
print_result(proxy)
|
75
|
+
end
|
76
|
+
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/scanner_command'
|
23
|
+
require 'ronin/scanners/spider'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
module Scan
|
30
|
+
class Spider < ScannerCommand
|
31
|
+
|
32
|
+
summary 'Spiders a website and saves URLs into the Database'
|
33
|
+
|
34
|
+
#
|
35
|
+
# Spider one or more websites.
|
36
|
+
#
|
37
|
+
# @since 1.0.0
|
38
|
+
#
|
39
|
+
def execute
|
40
|
+
print_info 'Saving spidered URLs ...' if import?
|
41
|
+
|
42
|
+
scan
|
43
|
+
|
44
|
+
print_info 'All spidered URLs saved.' if import?
|
45
|
+
end
|
46
|
+
|
47
|
+
protected
|
48
|
+
|
49
|
+
#
|
50
|
+
# Prints a spidered page.
|
51
|
+
#
|
52
|
+
# @param [Spidr::Page] page
|
53
|
+
# A spidered page.
|
54
|
+
#
|
55
|
+
# @since 1.0.0
|
56
|
+
#
|
57
|
+
def print_result(page)
|
58
|
+
print_info page.url
|
59
|
+
|
60
|
+
if verbose?
|
61
|
+
print_hash page.headers
|
62
|
+
puts page.body
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/script_command'
|
23
|
+
require 'ronin/scanners/scanner'
|
24
|
+
|
25
|
+
module Ronin
|
26
|
+
module UI
|
27
|
+
module CLI
|
28
|
+
module Commands
|
29
|
+
class Scanner < ScriptCommand
|
30
|
+
|
31
|
+
summary 'Loads and runs a scanner'
|
32
|
+
|
33
|
+
script_class Ronin::Scanners::Scanner
|
34
|
+
|
35
|
+
# scanner options
|
36
|
+
option :first, :type => Integer, :flag => '-N'
|
37
|
+
option :import, :type => true, :flag => '-I'
|
38
|
+
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,118 @@
|
|
1
|
+
#
|
2
|
+
# Ronin Scanners - A Ruby library for Ronin that provides Ruby interfaces to
|
3
|
+
# various third-party security scanners.
|
4
|
+
#
|
5
|
+
# Copyright (c) 2008-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
|
6
|
+
#
|
7
|
+
# This program is free software; you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation; either version 2 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
#
|
12
|
+
# This program is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
#
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with this program; if not, write to the Free Software
|
19
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
20
|
+
#
|
21
|
+
|
22
|
+
require 'ronin/ui/cli/class_command'
|
23
|
+
require 'ronin/scanners'
|
24
|
+
require 'ronin/database'
|
25
|
+
|
26
|
+
module Ronin
|
27
|
+
module UI
|
28
|
+
module CLI
|
29
|
+
class ScannerCommand < ClassCommand
|
30
|
+
|
31
|
+
class_namespace Scanners
|
32
|
+
|
33
|
+
option :database, :type => String, :flag => '-D'
|
34
|
+
option :first, :type => Integer, :flag => '-N'
|
35
|
+
option :import, :type => true, :flag => '-I'
|
36
|
+
|
37
|
+
alias scanner object
|
38
|
+
|
39
|
+
#
|
40
|
+
# Invokes the scanner.
|
41
|
+
#
|
42
|
+
# @see #scan!
|
43
|
+
#
|
44
|
+
# @api semipublic
|
45
|
+
#
|
46
|
+
def execute
|
47
|
+
scan
|
48
|
+
end
|
49
|
+
|
50
|
+
protected
|
51
|
+
|
52
|
+
#
|
53
|
+
# Sets up the scanner command.
|
54
|
+
#
|
55
|
+
# @api semipublic
|
56
|
+
#
|
57
|
+
def setup(*arguments)
|
58
|
+
if database?
|
59
|
+
Database.repositories[:default] = @database
|
60
|
+
end
|
61
|
+
|
62
|
+
Database.setup
|
63
|
+
|
64
|
+
super(*arguments)
|
65
|
+
end
|
66
|
+
|
67
|
+
#
|
68
|
+
# Performs a scan using the `@scanner` instance variable.
|
69
|
+
#
|
70
|
+
# @since 1.0.0
|
71
|
+
#
|
72
|
+
def scan
|
73
|
+
enum, printer = if import?
|
74
|
+
[scanner.import, method(:print_resource)]
|
75
|
+
else
|
76
|
+
[scanner.each, method(:print_result)]
|
77
|
+
end
|
78
|
+
|
79
|
+
first_n = (@first || Float::INFINITY)
|
80
|
+
count = 0
|
81
|
+
|
82
|
+
enum.each do |result|
|
83
|
+
count += 1
|
84
|
+
|
85
|
+
printer.call(result)
|
86
|
+
|
87
|
+
break if count >= first_n
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
#
|
92
|
+
# Displays a result from the scanner.
|
93
|
+
#
|
94
|
+
# @param [Object] result
|
95
|
+
# A result yielded from the scanner.
|
96
|
+
#
|
97
|
+
# @since 1.0.0
|
98
|
+
#
|
99
|
+
def print_result(result)
|
100
|
+
puts result
|
101
|
+
end
|
102
|
+
|
103
|
+
#
|
104
|
+
# Displays a resource from the scanner.
|
105
|
+
#
|
106
|
+
# @param [Model] resource
|
107
|
+
# A resource yielded from the scanner.
|
108
|
+
#
|
109
|
+
# @since 1.0.0
|
110
|
+
#
|
111
|
+
def print_resource(resource)
|
112
|
+
puts resource
|
113
|
+
end
|
114
|
+
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|