ronin-support 0.5.0.rc1 → 0.5.0.rc2

data/lib/ronin/support/version.rb

@@ -20,6 +20,6 @@
 module Ronin
   module Support
     # ronin-support version
-    VERSION = '0.5.0.rc1'
+    VERSION = '0.5.0.rc2'
   end
 end

data/lib/ronin/wordlist.rb

@@ -17,8 +17,9 @@
 # along with Ronin Support.  If not, see <http://www.gnu.org/licenses/>.
 #
 
+require 'ronin/fuzzing/template'
+require 'ronin/fuzzing/mutator'
 require 'ronin/extensions/regexp'
-require 'ronin/fuzzing/extensions'
 
 require 'set'
 
@@ -224,12 +225,16 @@ module Ronin
     def each(&block)
       return enum_for(:each) unless block
 
+      mutator = unless @mutations.empty?
+                  Fuzzing::Mutator.new(@mutations)
+                end
+
       each_word do |word|
         yield word
 
-        unless @mutations.empty?
+        if mutator
           # perform additional mutations
-          word.mutate(@mutations,&block)
+          mutator.each(word,&block)
         end
       end
     end
@@ -252,7 +257,7 @@ module Ronin
     # @api public
     #
     def each_n_words(n,&block)
-      String.generate([each, n],&block)
+      Fuzzing::Template[[each, n]].each(&block)
     end
 
     #

data/spec/fuzzing/extensions/string_spec.rb

@@ -0,0 +1,87 @@
+require 'spec_helper'
+require 'ronin/fuzzing/extensions/string'
+
+describe String do
+  it "should provide String.generate" do
+    described_class.should respond_to(:generate)
+  end
+
+  it "should provide String#repeating" do
+    subject.should respond_to(:repeating)
+  end
+
+  it "should provide String#fuzz" do
+    subject.should respond_to(:fuzz)
+  end
+
+  it "should provide String#mutate" do
+    subject.should respond_to(:mutate)
+  end
+
+  describe "generate" do
+    subject { described_class }
+
+    it "should generate Strings from a template" do
+      strings = subject.generate([:numeric, 2]).to_a
+
+      strings.grep(/^[0-9]{2}$/).should == strings
+    end
+  end
+
+  describe "#repeating" do
+    subject { 'A' }
+
+    context "when n is an Integer" do
+      let(:n) { 100 }
+
+      it "should multiply the String by n" do
+        subject.repeating(n).should == (subject * n)
+      end
+    end
+
+    context "when n is Enumerable" do
+      let(:n) { [128, 512, 1024] }
+
+      it "should repeat the String by each length" do
+        strings = subject.repeating(n).to_a
+
+        strings.should == n.map { |length| subject * length }
+      end
+    end
+  end
+
+  describe "#fuzz" do
+    subject { "foo bar" }
+
+    it "should apply each fuzzing rule individually" do
+      strings = subject.fuzz(/o/ => ['O', '0'], /a/ => ['A', '@']).to_a
+      
+      strings.should =~ [
+        "fOo bar",
+        "f0o bar",
+        "foO bar",
+        "fo0 bar",
+        "foo bAr",
+        "foo b@r"
+      ]
+    end
+  end
+
+  describe "#mutate" do
+    subject { "foo bar" }
+
+    it "should apply every combination of mutation rules" do
+      strings = subject.mutate(/o/ => ['0'], /a/ => ['@']).to_a
+
+      strings.should =~ [
+        "f0o bar",
+        "fo0 bar",
+        "f00 bar",
+        "foo b@r",
+        "f0o b@r",
+        "fo0 b@r",
+        "f00 b@r"
+      ]
+    end
+  end
+end

data/spec/fuzzing/fuzzer_spec.rb

@@ -0,0 +1,109 @@
+require 'spec_helper'
+require 'ronin/fuzzing/fuzzer'
+
+describe Fuzzing::Fuzzer do
+  let(:string) { 'GET /one/two/three' }
+
+  describe "#initialize" do
+    subject { described_class }
+
+    context "patterns" do
+      let(:substitutions) { ['bar'] }
+
+      it "should accept Regexps" do
+        fuzzer = subject.new(/foo/ => substitutions)
+
+        fuzzer.rules.should have_key(/foo/)
+      end
+
+      context "when given Strings" do
+        subject { described_class.new('foo' => substitutions) }
+
+        it "should convert to Regexp" do
+          subject.rules.should have_key(/foo/)
+        end
+      end
+
+      context "when given Symbols" do
+        subject { described_class.new(:word => substitutions) }
+
+        it "should lookup the Regexp constant" do
+          subject.rules.should have_key(Regexp::WORD)
+        end
+      end
+
+      context "otherwise" do
+        it "should raise a TypeError" do
+          lambda {
+            subject.new(Object.new => substitutions)
+          }.should raise_error(TypeError)
+        end
+      end
+    end
+
+    context "substitutions" do
+      let(:pattern) { /foo/ }
+
+      it "should accept Enumerable values" do
+        fuzzer = subject.new(pattern => ['bar'])
+
+        fuzzer.rules[pattern].should == ['bar']
+      end
+
+      context "when given Symbols" do
+        subject { described_class.new(pattern => :bad_strings) }
+
+        it "should map to an Enumerator for a Fuzzing method" do
+          subject.rules[pattern].should be_kind_of(Enumerable)
+        end
+      end
+
+      context "otherwise" do
+        it "should raise a TypeError" do
+          lambda {
+            subject.new(pattern => Object.new)
+          }.should raise_error(TypeError)
+        end
+      end
+    end
+  end
+
+  describe "#each" do
+    let(:string) { "foo bar" }
+
+    subject { described_class.new(/o/ => ['O', '0'], /a/ => ['A', '@']) }
+
+    it "should apply each fuzzing rule individually" do
+      subject.each(string).to_a.should =~ [
+        "fOo bar",
+        "f0o bar",
+        "foO bar",
+        "fo0 bar",
+        "foo bAr",
+        "foo b@r"
+      ]
+    end
+
+    context "when mutations contain Integers" do
+      subject { described_class.new(/o/ => [48]) }
+
+      it "should convert them to characters" do
+        subject.each(string).to_a.should =~ [
+          "f0o bar",
+          "fo0 bar"
+        ]
+      end
+    end
+
+    context "when mutations contain Procs" do
+      subject { described_class.new(/o/ => [lambda { |str| str.upcase }]) }
+
+      it "should call them with the matched String" do
+        subject.each(string).to_a.should =~ [
+          "fOo bar",
+          "foO bar"
+        ]
+      end
+    end
+  end
+end

data/spec/fuzzing/fuzzing_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+require 'ronin/fuzzing/fuzzing'
+
+describe Fuzzing do
+  describe "[]" do
+    let(:method) { :bad_strings }
+
+    it "should return Enumerators for fuzzing methods" do
+      subject[method].should be_kind_of(Enumerable)
+    end
+
+    it "should raise NoMethodError for unknown methods" do
+      lambda {
+        subject[:foo]
+      }.should raise_error(NoMethodError)
+    end
+
+    it "should not allow accessing inherited methods" do
+      lambda {
+        subject[:instance_eval]
+      }.should raise_error(NoMethodError)
+    end
+  end
+end

data/spec/fuzzing/mutator_spec.rb

@@ -0,0 +1,112 @@
+require 'spec_helper'
+require 'ronin/fuzzing/mutator'
+
+describe Fuzzing::Mutator do
+  let(:string) { 'GET /one/two/three' }
+
+  describe "#initialize" do
+    subject { described_class }
+
+    context "patterns" do
+      let(:substitutions) { ['bar'] }
+
+      it "should accept Regexps" do
+        fuzzer = subject.new(/foo/ => substitutions)
+
+        fuzzer.rules.should have_key(/foo/)
+      end
+
+      context "when given Strings" do
+        subject { described_class.new('foo' => substitutions) }
+
+        it "should convert to Regexp" do
+          subject.rules.should have_key(/foo/)
+        end
+      end
+
+      context "when given Symbols" do
+        subject { described_class.new(:word => substitutions) }
+
+        it "should lookup the Regexp constant" do
+          subject.rules.should have_key(Regexp::WORD)
+        end
+      end
+
+      context "otherwise" do
+        it "should raise a TypeError" do
+          lambda {
+            subject.new(Object.new => substitutions)
+          }.should raise_error(TypeError)
+        end
+      end
+    end
+
+    context "mutations" do
+      let(:pattern) { /foo/ }
+
+      it "should accept Enumerable values" do
+        fuzzer = subject.new(pattern => ['bar'])
+
+        fuzzer.rules[pattern].should == ['bar']
+      end
+
+      context "when given Symbols" do
+        subject { described_class.new(pattern => :bad_strings) }
+
+        it "should map to an Enumerator for a Fuzzing method" do
+          subject.rules[pattern].should be_kind_of(Enumerable)
+        end
+      end
+
+      context "otherwise" do
+        it "should raise a TypeError" do
+          lambda {
+            subject.new(pattern => Object.new)
+          }.should raise_error(TypeError)
+        end
+      end
+    end
+  end
+
+  describe "#each" do
+    let(:string) { "foo bar" }
+
+    subject { described_class.new(/o/ => ['0'], /a/ => ['@']) }
+
+    it "should apply every combination of mutation rules" do
+      subject.each(string).to_a.should =~ [
+        "f0o bar",
+        "fo0 bar",
+        "f00 bar",
+        "foo b@r",
+        "f0o b@r",
+        "fo0 b@r",
+        "f00 b@r"
+      ]
+    end
+
+    context "when mutations contain Integers" do
+      subject { described_class.new(/o/ => [48]) }
+
+      it "should convert them to characters" do
+        subject.each(string).to_a.should =~ [
+          "f0o bar",
+          "fo0 bar",
+          "f00 bar"
+        ]
+      end
+    end
+
+    context "when mutations contain Procs" do
+      subject { described_class.new(/o/ => [lambda { |str| str.upcase }]) }
+
+      it "should call them with the matched String" do
+        subject.each(string).to_a.should =~ [
+          "fOo bar",
+          "foO bar",
+          "fOO bar"
+        ]
+      end
+    end
+  end
+end

data/spec/fuzzing/repeater_spec.rb

@@ -0,0 +1,57 @@
+require 'spec_helper'
+require 'ronin/fuzzing/repeater'
+
+describe Fuzzing::Repeater do
+  describe "#initialize" do
+    subject { described_class }
+
+    context "when lengths is an Integer" do
+      it "should coerce lengths to an Enumerable" do
+        repeator = subject.new(10)
+
+        repeator.lengths.should be_kind_of(Enumerable)
+      end
+    end
+
+    context "when lengths is not Enumerable or an Integer" do
+      it "should raise a TypeError" do
+        lambda {
+          subject.new(Object.new)
+        }.should raise_error(TypeError)
+      end
+    end
+  end
+
+  describe "#each" do
+    let(:repeatable) { 'A' }
+
+    context "when lengths was an Integer" do
+      let(:length) { 10 }
+
+      subject { described_class.new(length) }
+
+      it "should yield one repeated value" do
+        values = subject.each(repeatable).to_a
+        
+        values.should == [repeatable * length]
+      end
+    end
+
+    context "when lengths was Enumerable" do
+      let(:lengths) { (1..4) }
+
+      subject { described_class.new(lengths) }
+
+      it "should yield repeated values for each length" do
+        values = subject.each(repeatable).to_a.should
+
+        values.should == [
+          repeatable * 1,
+          repeatable * 2,
+          repeatable * 3,
+          repeatable * 4
+        ]
+      end
+    end
+  end
+end

data/spec/fuzzing/template_spec.rb

@@ -0,0 +1,54 @@
+require 'spec_helper'
+require 'ronin/fuzzing/template'
+
+describe Fuzzing::Template do
+  subject { described_class }
+
+  it "should generate Strings from CharSets" do
+    strings = subject.new([:lowercase_hexadecimal, :numeric]).to_a
+
+    strings.grep(/^[0-9a-f][0-9]$/).should == strings
+  end
+
+  it "should generate Strings from lengths of CharSets" do
+    strings = subject.new([[:numeric, 2]]).to_a
+
+    strings.grep(/^[0-9]{2}$/).should == strings
+  end
+
+  it "should generate Strings from varying lengths of CharSets" do
+    strings = subject.new([[:numeric, 1..2]]).to_a
+
+    strings.grep(/^[0-9]{1,2}$/).should == strings
+  end
+
+  it "should generate Strings from custom CharSets" do
+    strings = subject.new([[%w[a b c], 2]]).to_a
+
+    strings.grep(/^[abc]{2}$/).should == strings
+  end
+
+  it "should generate Strings containing known Strings" do
+    strings = subject.new(['foo', [%w[a b c], 2]]).to_a
+
+    strings.grep(/^foo[abc]{2}$/).should == strings
+  end
+
+  it "should raise a TypeError for non String, Symbol, Enumerable CharSets" do
+    lambda {
+      subject.new([[Object.new, 2]]).to_a
+    }.should raise_error(TypeError)
+  end
+
+  it "should raise an ArgumentError for unknown CharSets" do
+    lambda {
+      subject.new([[:foo_bar, 2]]).to_a
+    }.should raise_error(ArgumentError)
+  end
+
+  it "should raise a TypeError for non Integer,Array,Range lengths" do
+    lambda {
+      subject.new([[:numeric, 'foo']]).to_a
+    }.should raise_error(TypeError)
+  end
+end