ronin-web 0.1.3 → 0.2.0

data/spec/web/server/proxy_spec.rb

@@ -0,0 +1,49 @@
+require 'ronin/web/server/helpers/proxy'
+
+require 'spec_helper'
+require 'web/server/helpers/server'
+require 'web/server/classes/proxy_app'
+
+describe Web::Server::Helpers::Proxy do
+  include Helpers::Web::Server
+
+  before(:all) do
+    self.app = ProxyApp
+  end
+
+  it "should allow the proxying of requests for certain routes" do
+    get_host '/', 'www.example.com'
+
+    last_response.should be_ok
+    last_response.body.should =~ /RFC\s+2606/
+  end
+
+  it "should allow overriding the headers of proxied requests" do
+    get '/reddit/erlang'
+
+    last_response.should be_ok
+    last_response.body.should =~ /Erlang/
+  end
+
+  it "should allow modification of proxied responses" do
+    get_host '/r/erlang', 'www.reddit.com'
+
+    last_response.should be_ok
+    last_response.body.should_not =~ /erlang/i
+    last_response.body.should =~ /Fixed Gear Bicycle/
+  end
+
+  it "should allow modification of proxied HTML documents" do
+    get_host '/r/ruby', 'www.reddit.com'
+
+    last_response.should be_ok
+    last_response.body.should_not =~ /rails/i
+  end
+
+  it "should allow modification of proxied XML documents" do
+    get_host '/rss.php', 'milw0rm.com'
+
+    last_response.should be_ok
+    last_response.body.should_not =~ /(XSS|SQLi|SQL\s+Injection)/i
+  end
+end

data/tasks/spec.rb

@@ -6,4 +6,5 @@ Spec::Rake::SpecTask.new(:spec) do |t|
   t.spec_opts = ['--colour', '--format', 'specdoc']
 end
 
+task :test => :spec
 task :default => :spec

data/tasks/yard.rb

@@ -0,0 +1,13 @@
+require 'ronin/yard/handlers'
+
+YARD::Rake::YardocTask.new do |t|
+  t.files   = ['lib/**/*.rb']
+  t.options = [
+    '--protected',
+    '--files', 'History.txt',
+    '--title', 'Ronin Web',
+    '--quiet'
+  ]
+end
+
+task :docs => :yardoc

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: ronin-web
 version: !ruby/object:Gem::Version 
-  version: 0.1.3
+  version: 0.2.0
 platform: ruby
 authors: 
 - Postmodern
@@ -30,7 +30,7 @@ cert_chain:
   pDj+ws7QjtH/Qcrr1l9jfN0ehDs=
   -----END CERTIFICATE-----
 
-date: 2009-07-08 00:00:00 -07:00
+date: 2009-09-25 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -41,7 +41,7 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 0.9.0
+        version: 0.9.3
     version: 
 - !ruby/object:Gem::Dependency 
   name: spidr
@@ -54,14 +54,14 @@ dependencies:
         version: 0.1.9
     version: 
 - !ruby/object:Gem::Dependency 
-  name: rack
+  name: sinatra
   type: :runtime
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 1.0.0
+        version: 0.9.4
     version: 
 - !ruby/object:Gem::Dependency 
   name: ronin
@@ -71,7 +71,37 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 0.2.4
+        version: 0.3.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.2.8
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: test-unit
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 1.2.3
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rack-test
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.4.1
     version: 
 - !ruby/object:Gem::Dependency 
   name: hoe
@@ -81,15 +111,15 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 2.3.2
+        version: 2.3.3
     version: 
 description: |-
   Ronin Web is a Ruby library for Ronin that provides support for web
   scraping and spidering functionality.
   
-  Ronin is a Ruby platform designed for information security and data
-  exploration tasks. Ronin allows for the rapid development and distribution
-  of code over many of the common Source-Code-Management (SCM) systems.
+  Ronin is a Ruby platform for exploit development and security research.
+  Ronin allows for the rapid development and distribution of code, exploits
+  or payloads over many common Source-Code-Management (SCM) systems.
 email: 
 - postmodern.mod3@gmail.com
 executables: 
@@ -100,15 +130,12 @@ extra_rdoc_files:
 - History.txt
 - Manifest.txt
 - README.txt
-- TODO.txt
 files: 
 - History.txt
 - Manifest.txt
 - README.txt
-- TODO.txt
 - Rakefile
 - bin/ronin-web
-- lib/ronin/sessions/web.rb
 - lib/ronin/web.rb
 - lib/ronin/web/extensions.rb
 - lib/ronin/web/extensions/nokogiri.rb
@@ -118,20 +145,52 @@ files:
 - lib/ronin/web/extensions/nokogiri/xml/attr.rb
 - lib/ronin/web/extensions/nokogiri/xml/element.rb
 - lib/ronin/web/extensions/nokogiri/xml/document.rb
-- lib/ronin/web/fingerprint.rb
 - lib/ronin/web/server.rb
+- lib/ronin/web/server/helpers.rb
+- lib/ronin/web/server/helpers/rendering.rb
+- lib/ronin/web/server/helpers/files.rb
+- lib/ronin/web/server/helpers/hosts.rb
+- lib/ronin/web/server/helpers/proxy.rb
+- lib/ronin/web/server/base.rb
+- lib/ronin/web/server/files.rb
+- lib/ronin/web/server/hosts.rb
+- lib/ronin/web/server/proxy.rb
+- lib/ronin/web/server/app.rb
+- lib/ronin/web/server/web.rb
 - lib/ronin/web/proxy.rb
+- lib/ronin/web/proxy/base.rb
+- lib/ronin/web/proxy/app.rb
+- lib/ronin/web/proxy/web.rb
 - lib/ronin/web/spider.rb
 - lib/ronin/web/web.rb
 - lib/ronin/web/version.rb
+- lib/ronin/network/helpers/web.rb
 - tasks/spec.rb
+- tasks/yard.rb
 - spec/spec_helper.rb
 - spec/web/helpers/server.rb
 - spec/web/helpers/root/index.html
 - spec/web/helpers/root/test.txt
 - spec/web/extensions/nokogiri_spec.rb
-- spec/web/server_spec.rb
-has_rdoc: true
+- spec/web/server/classes/public1/static1.txt
+- spec/web/server/classes/public2/static2.txt
+- spec/web/server/classes/files/dir/file.txt
+- spec/web/server/classes/files/dir/index.html
+- spec/web/server/classes/files/dir2/file2.txt
+- spec/web/server/classes/files/dir3/page.xml
+- spec/web/server/classes/files/file.txt
+- spec/web/server/classes/sub_app.rb
+- spec/web/server/classes/test_app.rb
+- spec/web/server/classes/files_app.rb
+- spec/web/server/classes/hosts_app.rb
+- spec/web/server/classes/proxy_app.rb
+- spec/web/server/helpers/server.rb
+- spec/web/server/base_spec.rb
+- spec/web/server/files_spec.rb
+- spec/web/server/hosts_spec.rb
+- spec/web/server/proxy_spec.rb
+- spec/web/proxy/base_spec.rb
+has_rdoc: yard
 homepage: http://ronin.rubyforge.org/web/
 licenses: []
 
@@ -156,7 +215,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: ronin
-rubygems_version: 1.3.4
+rubygems_version: 1.3.5
 signing_key: 
 specification_version: 3
 summary: Ronin Web is a Ruby library for Ronin that provides support for web scraping and spidering functionality

data/TODO.txt

@@ -1,7 +0,0 @@
-== TODO:
-
-=== Ronin Web 0.1.3:
-
-* Add configurable hooks to Web::Spider:
-  * Leverage for SQL Injection, LFI and RFI scanning.
-

data/lib/ronin/sessions/web.rb

@@ -1,80 +0,0 @@
-#
-#--
-# Ronin Web - A Ruby library for Ronin that provides support for web
-# scraping and spidering functionality.
-#
-# Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
-#
-
-require 'ronin/sessions/session'
-require 'ronin/web/web'
-
-module Ronin
-  module Sessions
-    module Web
-      include Session
-
-      setup_session do
-        parameter :web_proxy,
-                  :default => lambda { Ronin::Web.proxy },
-                  :description => 'Web Proxy'
-
-        parameter :web_user_agent,
-                  :default => lambda { Ronin::Web.user_agent },
-                  :description => 'Web User-Agent'
-      end
-
-      protected
-
-      def web_agent(options={},&block)
-        options[:proxy] ||= @web_proxy
-        options[:user_agent] ||= @web_user_agent
-
-        return Ronin::Web.agent(options,&block)
-      end
-
-      def web_get(uri,options={},&block)
-        page = web_agent(options).get(uri)
-
-        block.call(page) if block
-        return page
-      end
-
-      def web_get_body(uri,options={},&block)
-        body = web_agent(options).get(uri).body
-
-        block.call(body) if block
-        return body
-      end
-
-      def web_post(uri,options={},&block)
-        page = web_agent(options).post(uri)
-
-        block.call(page) if block
-        return page
-      end
-
-      def web_post_body(uri,options={},&block)
-        body = web_agent(options).post(uri).body
-
-        block.call(body) if block
-        return body
-      end
-    end
-  end
-end

data/lib/ronin/web/fingerprint.rb

@@ -1,76 +0,0 @@
-#
-#--
-# Ronin Web - A Ruby library for Ronin that provides support for web
-# scraping and spidering functionality.
-#
-# Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
-#
-
-module Ronin
-  module Web
-    module Fingerprint
-      #
-      # The Hash of web application identities and their associated
-      # fingerprint tests.
-      #
-      def Fingerprint.tests
-        @@ronin_web_fingerprints ||= Hash.new do |hash,key|
-          hash[key] ||= []
-        end
-      end
-
-      #
-      # Adds a test for the web application identity with the specified
-      # _name_ and _block_. When the _block_ is called, it will be passed
-      # the URL of the unknown web application.
-      #
-      #   Fingerprint.test_for('app') do |url|
-      #     url.path.include?('/app/')
-      #   end
-      #
-      def Fingerprint.test_for(name,&block)
-        Fingerprint.tests[name.to_sym] << block
-        return nil
-      end
-
-      #
-      # Identifies the web application represented by the specified _url_,
-      # returning the name of identified web application. If the
-      # web application cannot be identified, +nil+ will be returned.
-      #
-      def Fingerprint.identify(url)
-        unless url.kind_of?(URI)
-          url = URI(url.to_s)
-        end
-
-        matches = []
-
-        Fingerprint.tests.each do |name,blocks|
-          blocks.each do |block|
-            if block.call(url)
-              matches << name
-              break
-            end
-          end
-        end
-
-        return matches
-      end
-    end
-  end
-end

data/spec/web/server_spec.rb

@@ -1,142 +0,0 @@
-require 'ronin/web/server'
-
-require 'spec_helper'
-require 'web/helpers/server'
-
-describe Web::Server do
-  before(:all) do
-    @server = Web::Server.new do |server|
-      server.default do |env|
-        server.response('This is default.')
-      end
-
-      server.bind('/test/bind.xml') do |env|
-        server.response('<secret/>', :content_type => 'text/xml')
-      end
-
-      server.paths_like(/path_patterns\/secret\./) do |env|
-        server.response('No secrets here.')
-      end
-
-      server.map('/test/map') do |env|
-        server.response('mapped')
-      end
-
-      server.file('/test/file.txt',File.join(WEB_SERVER_ROOT,'test.txt'))
-
-      server.directory('/test/directory/',WEB_SERVER_ROOT)
-    end
-
-    @vhost = Web::Server.new do |vhost|
-      vhost.bind('/test/virtual_host.xml') do |env|
-        vhost.response('<virtual/>', :content_type => 'text/xml')
-      end
-    end
-
-    @server.host('virtual.host.com') do |vhost|
-      vhost.bind('/test/virtual_host.xml') do |env|
-        vhost.response('<virtual/>', :content_type => 'text/xml')
-      end
-    end
-
-    @server.hosts_like(/^virtual[0-9]\./) do |vhost|
-      vhost.bind('/test/virtual_host_patterns.xml') do |env|
-        vhost.response('<virtual-patterns/>', :content_type => 'text/xml')
-      end
-    end
-  end
-
-  it "should have a default host to listen on" do
-    Web::Server.default_host.should_not be_nil
-  end
-
-  it "should have a default port to listen on" do
-    Web::Server.default_port.should_not be_nil
-  end
-
-  it "should have built-in content types" do
-    Web::Server.content_types.should_not be_empty
-  end
-
-  it "should map file extensions to content-types" do
-    @server.content_type('html').should == 'text/html'
-  end
-
-  it "should have a default content-type for unknown files" do
-    @server.content_type('lol').should == 'application/x-unknown-content-type'
-  end
-
-  it "should find the index file for a directory" do
-    dir = WEB_SERVER_ROOT
-
-    @server.index_of(dir).should == File.join(dir,'index.html')
-  end
-
-  it "should have a default response for un-matched paths" do
-    path = '/test/default'
-
-    get_path(@server,path).body.should == ['This is default.']
-  end
-
-  it "should bind a path to a certain response" do
-    path = '/test/bind.xml'
-
-    get_path(@server,path).body.should == ['<secret/>']
-  end
-
-  it "should match paths with patterns" do
-    path = '/test/path_patterns/secret.pdf'
-
-    get_path(@server,path).body.should == ['No secrets here.']
-  end
-
-  it "should match paths to sub-directories" do
-    path = '/test/map/impossible.html'
-
-    get_path(@server,path).body.should == ['mapped']
-  end
-
-  it "should return a response for a file" do
-    path = '/test/file.txt'
-
-    get_path(@server,path).body.should == ["This is a test.\n"]
-  end
-
-  it "should return files from bound directories" do
-    path = '/test/directory/test.txt'
-
-    get_path(@server,path).body.should == ["This is a test.\n"]
-  end
-
-  it "should return the index file for a bound directory" do
-    path = '/test/directory/'
-
-    get_path(@server,path).body.should == ["Index of files.\n"]
-  end
-
-  it "should match virtual hosts" do
-    url = 'http://virtual.host.com/test/virtual_host.xml'
-
-    get_url(@server,url).body.should == ['<virtual/>']
-  end
-
-  it "should match virtual hosts with patterns" do
-    url = 'http://virtual0.host.com/test/virtual_host_patterns.xml'
-
-    get_url(@server,url).body.should == ['<virtual-patterns/>']
-  end
-
-  it "should provide access to servers via their host-names" do
-    virtual_host = @server.vhost('virtual.host.com')
-    url = 'http://virtual.host.com/test/virtual_host.xml'
-
-    get_url(virtual_host,url).body.should == ['<virtual/>']
-  end
-
-  it "should provide access to servers via their host-names that match virtual host patterns" do
-    virtual_host = @server.vhost('virtual1.host.com')
-    url = 'http://virtual0.host.com/test/virtual_host_patterns.xml'
-
-    get_url(virtual_host,url).body.should == ['<virtual-patterns/>']
-  end
-end