ronin-support 0.3.0 → 0.4.0.rc1

data/lib/ronin/templates/erb.rb

@@ -29,6 +29,7 @@ module Ronin
     #
     module Erb
       include Template
+
       #
       # Renders the inline ERB template in the scope of the object.
       #
@@ -50,7 +51,7 @@ module Ronin
       # @api public
       #
       def erb(template)
-        ERB.new(template).result(binding)
+        ERB.new(template,nil,'-').result(binding)
       end
 
       #

data/lib/ronin/ui/output/helpers.rb

@@ -184,7 +184,7 @@ module Ronin
         # @api public
         #
         def print_warning(*message)
-          if (Output.verbose? && !(Output.silent?))
+          unless Output.silent?
             Output.handler.print_warning(format_message(message))
             return true
           end
@@ -220,6 +220,40 @@ module Ronin
           return false
         end
 
+        #
+        # Prints an exception.
+        #
+        # @param [Exception] exception
+        #   The exception to print.
+        #
+        # @return [Boolean]
+        #   Specifies whether the exception was printed or not.
+        #
+        # @example
+        #   begin
+        #     socket.write(buffer)
+        #   rescue => e
+        #     print_exception(e)
+        #   end
+        #
+        # @since 0.4.0
+        #
+        # @api public
+        #
+        def print_exception(exception)
+          return false if Output.silent?
+
+          print_error "#{exception.class}: #{exception.message}"
+
+          if Output.verbose?
+            exception.backtrace[0,5].each do |line|
+              print_error "  #{line}"
+            end
+          end
+
+          return true
+        end
+
         protected
 
         #

data/lib/ronin/ui/shell.rb

@@ -74,7 +74,15 @@ module Ronin
         @prompt   = options.fetch(:prompt,DEFAULT_PROMPT)
 
         @commands = Set[:help, :exit]
-        @commands += protected_methods.map { |name| name.to_sym }
+
+        self.class.ancestors.each do |subclass|
+          if subclass < Shell
+            subclass.protected_instance_methods(false).each do |name|
+              @commands << name.to_sym
+            end
+          end
+        end
+
 
         @input_handler = block
       end
@@ -126,7 +134,7 @@ module Ronin
             history_rollback += 1
 
             begin
-              handler(line)
+              call(line)
             rescue => e
               print_error "#{e.class.name}: #{e.message}"
             end
@@ -169,6 +177,8 @@ module Ronin
         end
       end
 
+      alias << write
+
       protected
 
       #

data/lib/ronin/wordlist.rb

@@ -0,0 +1,157 @@
+#
+# Copyright (c) 2006-2011 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This file is part of Ronin Support.
+#
+# Ronin Support is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ronin Support is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with Ronin Support.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'ronin/fuzzing/extensions'
+
+module Ronin
+  #
+  # An Enumerable class for iterating over wordlist files or lists of words.
+  #
+  # @since 0.4.0
+  #
+  class Wordlist
+
+    include Enumerable
+
+    # The path to the wordlist file or a list of words
+    attr_accessor :list
+
+    # Mutation rules to apply to every word in the list
+    attr_reader :mutations
+
+    #
+    # Initializes the wordlist.
+    #
+    # @param [String, Enumerable] list
+    #   The path of the wordlist or list of words.
+    #
+    # @param [Hash{Regexp,String,Symbol => Symbol,#each}] mutations
+    #   Additional mutation rules to perform on each word in the list.
+    #
+    # @yield [wordlist]
+    #   The given block will be passed the new wordlist.
+    #
+    # @yieldparam [Wordlist] wordlist
+    #   The new wordlist object.
+    #
+    # @example Use a file wordlist
+    #   wordlist = Wordlist.new('passwords.txt')
+    #
+    # @example Use a range of Strings
+    #   wordlist = Wordlist.new('aaaa'..'zzzz')
+    #
+    # @example Specify mutation rules
+    #   wordlist = Wordlist.new('passwords.txt', /e/ => ['E', '3'])
+    #
+    # @see String#mutate
+    #
+    # @api public
+    #
+    def initialize(list,mutations={})
+      @list      = list
+      @mutations = {}
+      @mutations.merge!(mutations)
+
+      yield self if block_given?
+    end
+
+    #
+    # Iterates over each word in the list.
+    #
+    # @yield [word]
+    #   The given block will be passed each word.
+    #
+    # @yieldparam [String] word
+    #   A word from the list.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    # @raise [TypeError]
+    #   The list was not a path to a wordlist file, nor a list of words.
+    #
+    # @api public
+    #
+    def each_word(&block)
+      return enum_for(:each_word) unless block
+
+      case @list
+      when String
+        File.open(@list) do |file|
+          file.each_line do |line|
+            yield line.chomp
+          end
+        end
+      when Enumerable
+        @list.each(&block)
+      else
+        raise(TypeError,"list must be a path or Enumerable")
+      end
+    end
+
+    #
+    # Iterates over each word, and each mutation, from the list.
+    #
+    # @yield [word]
+    #   The given block will be passed each word.
+    #
+    # @yieldparam [String] word
+    #   A word from the list.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    # @api public
+    #
+    def each(&block)
+      return enum_for(:each) unless block
+
+      each_word do |word|
+        yield word
+
+        unless @mutations.empty?
+          # perform additional mutations
+          word.mutate(@mutations,&block)
+        end
+      end
+    end
+
+    #
+    # Iterates over every n words.
+    #
+    # @param [Integer, Range, Array] n
+    #   The number of words to combine.
+    #
+    # @yield [words]
+    #   The given block will be passed every combination of `n` words.
+    #
+    # @yieldparam [String]
+    #    The combination of `n` words.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    # @api public
+    #
+    def each_n_words(n,&block)
+      String.generate([each, n],&block)
+    end
+
+  end
+end

data/spec/extensions/regexp_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper'
+require 'ronin/extensions/regexp'
+
+describe Regexp do
+  describe Regexp::IPv4 do
+    subject { Regexp::IPv4 }
+
+    it "should match valid addresses" do
+      ip = '127.0.0.1'
+
+      subject.match(ip)[0].should == ip
+    end
+
+    it "should match the Any address" do
+      ip = '0.0.0.0'
+
+      subject.match(ip)[0].should == ip
+    end
+
+    it "should match the broadcast address" do
+      ip = '255.255.255.255'
+
+      subject.match(ip)[0].should == ip
+    end
+
+    it "should not match addresses with octets > 255" do
+      ip = '10.1.256.1'
+
+      subject.match(ip).should be_nil
+    end
+
+    it "should not match addresses with more than three digits per octet" do
+      ip = '10.1111.1.1'
+
+      subject.match(ip).should be_nil
+    end
+  end
+end

data/spec/formatting/html/string_spec.rb

@@ -74,7 +74,7 @@ describe String do
       "%u006F%u006E%u0065%u0020%u0026%u0020%u0074%u0077%u006F"
     end
     let(:js_hex) { "%6F%6E%65%20%26%20%74%77%6F" }
-    let(:js_mixed) { "one %26 two" }
+    let(:js_mixed) { "%u6F%u6E%u65 %26 two" }
 
     it "should unescape JavaScript unicode characters" do
       js_unicode.js_unescape.should == subject

data/spec/formatting/sql/string_spec.rb

@@ -20,7 +20,7 @@ describe String do
     @string.should respond_to(:sql_decode)
   end
 
-  describe "SQL escaping" do
+  describe "#sql_escape" do
     it "should be able to single-quote escape" do
       @string_with_quotes.sql_escape(:single).should == %{'"O''Brian"'}
     end
@@ -30,7 +30,7 @@ describe String do
     end
   end
 
-  describe "SQL-hex encoding" do
+  describe "#sql_encode" do
     it "should be able to be SQL-hex encoded" do
       @string.sql_encode.should == @sql_encoded
     end
@@ -40,7 +40,7 @@ describe String do
     end
   end
 
-  describe "SQL-hex decoding" do
+  describe "#sql_decode" do
     it "should be able to be SQL-hex decoded" do
       encoded = @string.sql_encode
 
@@ -52,4 +52,24 @@ describe String do
       "'Conan O''Brian'".sql_decode.should == "Conan O'Brian"
     end
   end
+
+  describe "#sql_inject" do
+    context "when there is a leading quote character" do
+      it "should remove the first and last quote character" do
+        "'1' OR '1'='1'".sql_inject.should == "1' OR '1'='1"
+      end
+
+      context "when there is no matching leading/trailing quote characters" do
+        it "should comment-terminate the String" do
+          "'1' OR 1=1".sql_inject.should == "1' OR 1=1--"
+        end
+      end
+    end
+
+    context "when there is no leading quote character" do
+      it "should not modify the String" do
+        "1 OR 1=1".sql_inject.should == "1 OR 1=1"
+      end
+    end
+  end
 end

data/spec/formatting/text/string_spec.rb

@@ -4,10 +4,6 @@ require 'ronin/formatting/text'
 describe String do
   subject { "hello" }
 
-  it "should provide String.generate" do
-    described_class.should respond_to(:generate)
-  end
-
   it "should provide String#format_chars" do
     should respond_to(:format_chars)
   end
@@ -28,112 +24,6 @@ describe String do
     should respond_to(:insert_after)
   end
 
-  describe "generate" do
-    subject { described_class }
-
-    it "should generate Strings from CharSets" do
-      strings = subject.generate(:lowercase_hexadecimal, :numeric).to_a
-
-      strings.grep(/^[0-9a-f][0-9]$/).should == strings
-    end
-
-    it "should generate Strings from lengths of CharSets" do
-      strings = subject.generate([:numeric, 2]).to_a
-
-      strings.grep(/^[0-9]{2}$/).should == strings
-    end
-
-    it "should generate Strings from varying lengths of CharSets" do
-      strings = subject.generate([:numeric, 1..2]).to_a
-
-      strings.grep(/^[0-9]{1,2}$/).should == strings
-    end
-
-    it "should generate Strings from custom CharSets" do
-      strings = subject.generate([%w[a b c], 2]).to_a
-
-      strings.grep(/^[abc]{2}$/).should == strings
-    end
-
-    it "should generate Strings containing known Strings" do
-      strings = subject.generate('foo', [%w[a b c], 2]).to_a
-
-      strings.grep(/^foo[abc]{2}$/).should == strings
-    end
-
-    it "should raise a TypeError for non String, Symbol, Enumerable CharSets" do
-      lambda {
-        subject.generate([Object.new, 2]).to_a
-      }.should raise_error(TypeError)
-    end
-
-    it "should raise an ArgumentError for unknown CharSets" do
-      lambda {
-        subject.generate([:foo_bar, 2]).to_a
-      }.should raise_error(ArgumentError)
-    end
-
-    it "should raise a TypeError for non Integer,Array,Range lengths" do
-      lambda {
-        subject.generate([:numeric, 'foo']).to_a
-      }.should raise_error(TypeError)
-    end
-  end
-
-  describe "#fuzz" do
-    subject { 'GET /one/two/three' }
-
-    it "should match Regexps" do
-      fuzzed = subject.fuzz(/GET/ => ['get']).to_a
-
-      fuzzed.should == ['get /one/two/three']
-    end
-
-    it "should match Strings" do
-      fuzzed = subject.fuzz('GET' => ['get']).to_a
-
-      fuzzed.should == ['get /one/two/three']
-    end
-
-    it "should match Integers" do
-      fuzzed = subject.fuzz(0x20 => ["\t"]).to_a
-
-      fuzzed.should == ["GET\t/one/two/three"]
-    end
-
-    it "should substitute using Procs" do
-      fuzzed = subject.fuzz('GET' => [lambda { |s| s.downcase }]).to_a
-
-      fuzzed.should == ['get /one/two/three']
-    end
-
-    it "should substitute using Integers" do
-      fuzzed = subject.fuzz(' ' => [0x09]).to_a
-
-      fuzzed.should == ["GET\t/one/two/three"]
-    end
-
-    it "should incrementally replace each occurrence" do
-      fuzzed = subject.fuzz('/' => ["\n\r"]).to_a
-
-      fuzzed.should == [
-        "GET \n\rone/two/three",
-        "GET /one\n\rtwo/three",
-        "GET /one/two\n\rthree"
-      ]
-    end
-
-    it "should replace each occurrence with each substitution" do
-      fuzzed = subject.fuzz('GET' => ["\n\rGET", "G\n\rET", "GET\n\r"]).to_a
-
-      fuzzed.should == [
-        "\n\rGET /one/two/three",
-        "G\n\rET /one/two/three",
-        "GET\n\r /one/two/three"
-      ]
-    end
-  end
-
   describe "#format_bytes" do
     it "should format each byte in the String" do
       subject.format_bytes { |b|