ronin-web 0.2.1 → 0.3.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +4 -0
- data/.gemtest +0 -0
- data/.rspec +1 -0
- data/.yardopts +1 -0
- data/COPYING.txt +674 -0
- data/{History.txt → ChangeLog.md} +39 -8
- data/Gemfile +49 -0
- data/{README.txt → README.md} +56 -40
- data/Rakefile +25 -24
- data/bin/ronin-web +18 -5
- data/gemspec.yml +30 -0
- data/lib/ronin/network/{helpers → mixins}/web.rb +74 -39
- data/lib/ronin/web.rb +7 -6
- data/lib/ronin/web/extensions.rb +7 -6
- data/lib/ronin/web/extensions/nokogiri.rb +22 -0
- data/lib/ronin/web/extensions/nokogiri/xml.rb +22 -0
- data/lib/ronin/web/extensions/nokogiri/xml/attr.rb +35 -1
- data/lib/ronin/web/extensions/nokogiri/xml/document.rb +34 -4
- data/lib/ronin/web/extensions/nokogiri/xml/element.rb +36 -2
- data/lib/ronin/web/extensions/nokogiri/xml/node.rb +59 -20
- data/lib/ronin/web/extensions/nokogiri/xml/text.rb +36 -2
- data/lib/ronin/web/middleware.rb +27 -0
- data/lib/ronin/web/middleware/base.rb +144 -0
- data/lib/ronin/web/middleware/directories.rb +177 -0
- data/lib/ronin/web/middleware/files.rb +142 -0
- data/lib/ronin/web/middleware/filters.rb +28 -0
- data/lib/ronin/web/middleware/filters/campaign_filter.rb +77 -0
- data/lib/ronin/web/middleware/filters/ip_filter.rb +73 -0
- data/lib/ronin/web/middleware/filters/path_filter.rb +73 -0
- data/lib/ronin/web/middleware/filters/referer_filter.rb +71 -0
- data/lib/ronin/web/middleware/filters/user_agent_filter.rb +71 -0
- data/lib/ronin/web/middleware/filters/vhost_filter.rb +71 -0
- data/lib/ronin/web/middleware/helpers.rb +145 -0
- data/lib/ronin/web/middleware/proxy.rb +265 -0
- data/lib/ronin/web/middleware/proxy_request.rb +262 -0
- data/lib/ronin/web/middleware/request.rb +58 -0
- data/lib/ronin/web/middleware/response.rb +33 -0
- data/lib/ronin/web/middleware/router.rb +167 -0
- data/lib/ronin/web/middleware/rule.rb +103 -0
- data/lib/ronin/web/proxy.rb +7 -6
- data/lib/ronin/web/proxy/app.rb +7 -6
- data/lib/ronin/web/proxy/base.rb +14 -9
- data/lib/ronin/web/proxy/web.rb +9 -6
- data/lib/ronin/web/server.rb +7 -6
- data/lib/ronin/web/server/app.rb +7 -6
- data/lib/ronin/web/server/base.rb +209 -82
- data/lib/ronin/web/server/web.rb +10 -6
- data/lib/ronin/web/spider.rb +38 -26
- data/lib/ronin/web/version.rb +8 -7
- data/lib/ronin/web/web.rb +122 -80
- data/ronin-web.gemspec +15 -0
- data/spec/helpers/output.rb +3 -0
- data/spec/spec_helper.rb +2 -3
- data/spec/web/extensions/nokogiri_spec.rb +7 -7
- data/spec/web/{server/helpers/server.rb → helpers/rack_app.rb} +3 -14
- data/spec/web/helpers/root.rb +15 -0
- data/spec/web/helpers/root/test1.txt +1 -0
- data/spec/web/helpers/root/test1/index.html +1 -0
- data/spec/web/helpers/root/test1/test1.txt +1 -0
- data/spec/web/helpers/root/test2.txt +1 -0
- data/spec/web/helpers/root/test2/test2.txt +1 -0
- data/spec/web/helpers/root/test3.txt +1 -0
- data/spec/web/helpers/root/test3/test3.txt +1 -0
- data/spec/web/middleware/directories_spec.rb +86 -0
- data/spec/web/middleware/files_spec.rb +57 -0
- data/spec/web/middleware/filters/campaign_filter_spec.rb +30 -0
- data/spec/web/middleware/filters/ip_filter_spec.rb +25 -0
- data/spec/web/middleware/filters/path_filter_spec.rb +29 -0
- data/spec/web/middleware/filters/referer_filter_spec.rb +25 -0
- data/spec/web/middleware/filters/user_agent_filter_spec.rb +25 -0
- data/spec/web/middleware/filters/vhost_filter_spec.rb +23 -0
- data/spec/web/middleware/proxy_spec.rb +67 -0
- data/spec/web/middleware/response_spec.rb +20 -0
- data/spec/web/middleware/router_spec.rb +65 -0
- data/spec/web/middleware/rule_spec.rb +37 -0
- data/spec/web/proxy/base_spec.rb +1 -2
- data/spec/web/server/base_spec.rb +4 -13
- data/spec/web/server/classes/sub_app.rb +2 -2
- data/spec/web/server/classes/test_app.rb +1 -1
- data/spec/web/web_spec.rb +57 -67
- metadata +171 -146
- data.tar.gz.sig +0 -0
- data/Manifest.txt +0 -64
- data/lib/ronin/scanners/web.rb +0 -52
- data/lib/ronin/web/server/files.rb +0 -92
- data/lib/ronin/web/server/helpers.rb +0 -25
- data/lib/ronin/web/server/helpers/files.rb +0 -126
- data/lib/ronin/web/server/helpers/hosts.rb +0 -72
- data/lib/ronin/web/server/helpers/proxy.rb +0 -153
- data/lib/ronin/web/server/helpers/rendering.rb +0 -36
- data/lib/ronin/web/server/hosts.rb +0 -86
- data/lib/ronin/web/server/proxy.rb +0 -116
- data/spec/scanners/web_spec.rb +0 -24
- data/spec/web/helpers/root/index.html +0 -1
- data/spec/web/helpers/root/test.txt +0 -1
- data/spec/web/helpers/server.rb +0 -10
- data/spec/web/server/classes/files/dir/file.txt +0 -1
- data/spec/web/server/classes/files/dir/index.html +0 -1
- data/spec/web/server/classes/files/dir2/file2.txt +0 -1
- data/spec/web/server/classes/files/dir3/page.xml +0 -4
- data/spec/web/server/classes/files/file.txt +0 -1
- data/spec/web/server/classes/files_app.rb +0 -27
- data/spec/web/server/classes/hosts_app.rb +0 -40
- data/spec/web/server/classes/proxy_app.rb +0 -45
- data/spec/web/server/files_spec.rb +0 -74
- data/spec/web/server/hosts_spec.rb +0 -55
- data/spec/web/server/proxy_spec.rb +0 -49
- data/tasks/spec.rb +0 -10
- data/tasks/yard.rb +0 -13
- metadata.gz.sig +0 -3
data/ronin-web.gemspec
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
begin
|
4
|
+
Ore::Specification.new do |gemspec|
|
5
|
+
# custom logic here
|
6
|
+
end
|
7
|
+
rescue NameError
|
8
|
+
begin
|
9
|
+
require 'ore/specification'
|
10
|
+
retry
|
11
|
+
rescue LoadError
|
12
|
+
STDERR.puts "The '#{__FILE__}' file requires Ore."
|
13
|
+
STDERR.puts "Run `gem install ore-core` to install Ore."
|
14
|
+
end
|
15
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -1,27 +1,27 @@
|
|
1
|
+
require 'spec_helper'
|
1
2
|
require 'ronin/web/extensions/nokogiri'
|
2
3
|
|
3
|
-
require 'spec_helper'
|
4
4
|
require 'nokogiri'
|
5
5
|
|
6
6
|
describe Nokogiri::HTML do
|
7
7
|
before(:all) do
|
8
|
-
@doc = Nokogiri::HTML(%{<html><head><title>test</title></head><body><p><b>This is a test</b> html <i>page</i>.</p></
|
8
|
+
@doc = Nokogiri::HTML(%{<html><head><title>test</title></head><body><p><b>This is a test</b> html <i>page</i>.</p></body></html>})
|
9
9
|
|
10
|
-
@edited_doc = Nokogiri::HTML(%{<html><head><title>test</title></head><body><p><b>This is a test</b> html page.</p></
|
10
|
+
@edited_doc = Nokogiri::HTML(%{<html><head><title>test</title></head><body><p><b>This is a test</b> html page.</p></body></html>})
|
11
11
|
end
|
12
12
|
|
13
|
-
it "should be able to test if two elements are
|
13
|
+
it "should be able to test if two elements are equal" do
|
14
14
|
elem1 = @doc.at('b')
|
15
15
|
elem2 = @edited_doc.at('b')
|
16
16
|
|
17
|
-
elem1.
|
17
|
+
elem1.should == elem2
|
18
18
|
end
|
19
19
|
|
20
|
-
it "should be able to test if two elements are not
|
20
|
+
it "should be able to test if two elements are not equal" do
|
21
21
|
elem1 = @doc.at('p').children.last
|
22
22
|
elem2 = @edited_doc.at('b')
|
23
23
|
|
24
|
-
elem1.
|
24
|
+
elem1.should_not == elem2
|
25
25
|
end
|
26
26
|
|
27
27
|
it "should be able to traverse over every text node" do
|
@@ -1,12 +1,3 @@
|
|
1
|
-
begin
|
2
|
-
require 'spec/interop/test'
|
3
|
-
rescue Gem::LoadError => e
|
4
|
-
raise(e)
|
5
|
-
rescue ::LoadError
|
6
|
-
STDERR.puts "Error: please install the test-unit gem in order to run the spec tests"
|
7
|
-
exit -1
|
8
|
-
end
|
9
|
-
|
10
1
|
begin
|
11
2
|
require 'rack/test'
|
12
3
|
rescue Gem::LoadError => e
|
@@ -18,18 +9,16 @@ end
|
|
18
9
|
|
19
10
|
module Helpers
|
20
11
|
module Web
|
21
|
-
module
|
12
|
+
module RackApp
|
22
13
|
include Rack::Test::Methods
|
23
14
|
|
15
|
+
attr_reader :app
|
16
|
+
|
24
17
|
def app=(server)
|
25
18
|
@app = server
|
26
19
|
@app.set :environment, :test
|
27
20
|
end
|
28
21
|
|
29
|
-
def app
|
30
|
-
@app
|
31
|
-
end
|
32
|
-
|
33
22
|
def get_host(path,host,params={},headers={})
|
34
23
|
get(path,params,headers.merge('HTTP_HOST' => host))
|
35
24
|
end
|
@@ -0,0 +1 @@
|
|
1
|
+
test1
|
@@ -0,0 +1 @@
|
|
1
|
+
index1
|
@@ -0,0 +1 @@
|
|
1
|
+
test1
|
@@ -0,0 +1 @@
|
|
1
|
+
test2
|
@@ -0,0 +1 @@
|
|
1
|
+
test2
|
@@ -0,0 +1 @@
|
|
1
|
+
test3
|
@@ -0,0 +1 @@
|
|
1
|
+
test3
|
@@ -0,0 +1,86 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/directories'
|
3
|
+
|
4
|
+
require 'web/helpers/rack_app'
|
5
|
+
require 'web/helpers/root'
|
6
|
+
|
7
|
+
describe Web::Middleware::Directories do
|
8
|
+
include Helpers::Web::RackApp
|
9
|
+
|
10
|
+
before(:all) do
|
11
|
+
self.app = Class.new(Sinatra::Base) do
|
12
|
+
extend Helpers::Web::Root
|
13
|
+
|
14
|
+
use Ronin::Web::Middleware::Directories do |dirs|
|
15
|
+
dirs.map '/test', root_path('test1')
|
16
|
+
dirs.map '/test/sub', root_path('test2')
|
17
|
+
dirs.map '/test/overriden', root_path('test3')
|
18
|
+
dirs.map '/', root_path
|
19
|
+
end
|
20
|
+
|
21
|
+
get '/test/overriden/*' do
|
22
|
+
'should not receive this'
|
23
|
+
end
|
24
|
+
|
25
|
+
get '/test/other' do
|
26
|
+
'other'
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
describe "index_names" do
|
32
|
+
subject { Web::Middleware::Directories.index_names }
|
33
|
+
|
34
|
+
it { should include('index.html') }
|
35
|
+
it { should include('index.xhtml') }
|
36
|
+
it { should include('index.htm') }
|
37
|
+
end
|
38
|
+
|
39
|
+
it "should map remote directories to local directories" do
|
40
|
+
get '/test/test1.txt'
|
41
|
+
|
42
|
+
last_response.should be_ok
|
43
|
+
last_response.body.should == "test1\n"
|
44
|
+
end
|
45
|
+
|
46
|
+
it "should map remote directories to index files in local directories" do
|
47
|
+
get '/test/'
|
48
|
+
|
49
|
+
last_response.should be_ok
|
50
|
+
last_response.body.should == "index1\n"
|
51
|
+
end
|
52
|
+
|
53
|
+
it "should pass the request to the app if no index file exists" do
|
54
|
+
get '/test/sub/'
|
55
|
+
|
56
|
+
last_response.should_not be_ok
|
57
|
+
end
|
58
|
+
|
59
|
+
it "should match the whole remote path" do
|
60
|
+
get '/test/sub/test2.txt'
|
61
|
+
|
62
|
+
last_response.should be_ok
|
63
|
+
last_response.body.should == "test2\n"
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should map local directories to the root directory" do
|
67
|
+
get '/test1/test1.txt'
|
68
|
+
|
69
|
+
last_response.should be_ok
|
70
|
+
last_response.body.should == "test1\n"
|
71
|
+
end
|
72
|
+
|
73
|
+
it "should match requests before the app" do
|
74
|
+
get '/test/overriden/test3.txt'
|
75
|
+
|
76
|
+
last_response.should be_ok
|
77
|
+
last_response.body.should == "test3\n"
|
78
|
+
end
|
79
|
+
|
80
|
+
it "should still route un-matched requests to the app" do
|
81
|
+
get '/test/other'
|
82
|
+
|
83
|
+
last_response.should be_ok
|
84
|
+
last_response.body.should == 'other'
|
85
|
+
end
|
86
|
+
end
|
@@ -0,0 +1,57 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/files'
|
3
|
+
|
4
|
+
require 'web/helpers/rack_app'
|
5
|
+
require 'web/helpers/root'
|
6
|
+
|
7
|
+
describe Web::Middleware::Files do
|
8
|
+
include Helpers::Web::RackApp
|
9
|
+
|
10
|
+
before(:all) do
|
11
|
+
self.app = Class.new(Sinatra::Base) do
|
12
|
+
extend Helpers::Web::Root
|
13
|
+
|
14
|
+
use Ronin::Web::Middleware::Files do |files|
|
15
|
+
files.map '/test', root_path('test1.txt')
|
16
|
+
files.map '/test/sub', root_path('test2.txt')
|
17
|
+
files.map '/test/overriden', root_path('test3.txt')
|
18
|
+
end
|
19
|
+
|
20
|
+
get '/test/overriden' do
|
21
|
+
'should not receive this'
|
22
|
+
end
|
23
|
+
|
24
|
+
get '/test/other' do
|
25
|
+
'other'
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
it "should map remote files to local files" do
|
31
|
+
get '/test'
|
32
|
+
|
33
|
+
last_response.should be_ok
|
34
|
+
last_response.body.should == "test1\n"
|
35
|
+
end
|
36
|
+
|
37
|
+
it "should match the whole remote path" do
|
38
|
+
get '/test/sub'
|
39
|
+
|
40
|
+
last_response.should be_ok
|
41
|
+
last_response.body.should == "test2\n"
|
42
|
+
end
|
43
|
+
|
44
|
+
it "should match requests before the app" do
|
45
|
+
get '/test/overriden'
|
46
|
+
|
47
|
+
last_response.should be_ok
|
48
|
+
last_response.body.should == "test3\n"
|
49
|
+
end
|
50
|
+
|
51
|
+
it "should still route un-matched requests to the app" do
|
52
|
+
get '/test/other'
|
53
|
+
|
54
|
+
last_response.should be_ok
|
55
|
+
last_response.body.should == 'other'
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/filters/campaign_filter'
|
3
|
+
|
4
|
+
describe Web::Middleware::Filters::CampaignFilter do
|
5
|
+
subject { Web::Middleware::Filters::CampaignFilter }
|
6
|
+
|
7
|
+
let(:name) { 'Ronin::Web::Middleware' }
|
8
|
+
let(:ip) { '192.168.1.42' }
|
9
|
+
|
10
|
+
before(:all) do
|
11
|
+
campaign = Campaign.new(
|
12
|
+
:name => name,
|
13
|
+
:description => 'Campaign for Ronin::Web::Middleware::Rules::CampaignRule'
|
14
|
+
)
|
15
|
+
campaign.addresses << IPAddress.new(:address => ip)
|
16
|
+
|
17
|
+
campaign.save
|
18
|
+
end
|
19
|
+
|
20
|
+
before(:each) do
|
21
|
+
@request = mock('request')
|
22
|
+
@request.should_receive(:ip).and_return(ip)
|
23
|
+
end
|
24
|
+
|
25
|
+
it "should match requests by IP Address and targeting Campaign" do
|
26
|
+
filter = subject.new(name)
|
27
|
+
|
28
|
+
filter.match?(@request).should == true
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/filters/ip_filter'
|
3
|
+
|
4
|
+
describe Web::Middleware::Filters::IPFilter do
|
5
|
+
subject { Web::Middleware::Filters::IPFilter }
|
6
|
+
|
7
|
+
let(:ip) { '192.168.1.42' }
|
8
|
+
|
9
|
+
before(:each) do
|
10
|
+
@request = mock('request')
|
11
|
+
@request.should_receive(:ip).and_return(ip)
|
12
|
+
end
|
13
|
+
|
14
|
+
it "should match requests using an IPAddr" do
|
15
|
+
filter = subject.new(ip)
|
16
|
+
|
17
|
+
filter.match?(@request).should == true
|
18
|
+
end
|
19
|
+
|
20
|
+
it "should match requests using an IPAddr range" do
|
21
|
+
filter = subject.new('192.168.1.1/24')
|
22
|
+
|
23
|
+
filter.match?(@request).should == true
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/filters/path_filter'
|
3
|
+
|
4
|
+
describe Web::Middleware::Filters::PathFilter do
|
5
|
+
subject { Web::Middleware::Filters::PathFilter }
|
6
|
+
|
7
|
+
before(:each) do
|
8
|
+
@request = mock('request')
|
9
|
+
@request.should_receive(:path).and_return('/path/sub/dir')
|
10
|
+
end
|
11
|
+
|
12
|
+
it "should match requests using an absolute path" do
|
13
|
+
filter = subject.new('/path/sub')
|
14
|
+
|
15
|
+
filter.match?(@request).should == true
|
16
|
+
end
|
17
|
+
|
18
|
+
it "should match requests using an path fragment" do
|
19
|
+
filter = subject.new('sub/dir')
|
20
|
+
|
21
|
+
filter.match?(@request).should == true
|
22
|
+
end
|
23
|
+
|
24
|
+
it "should match requests using a Regexp" do
|
25
|
+
filter = subject.new(/\/sub\//)
|
26
|
+
|
27
|
+
filter.match?(@request).should == true
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/filters/referer_filter'
|
3
|
+
|
4
|
+
describe Web::Middleware::Filters::RefererFilter do
|
5
|
+
subject { Web::Middleware::Filters::RefererFilter }
|
6
|
+
|
7
|
+
let(:referer) { 'http://www.example.com/page.html' }
|
8
|
+
|
9
|
+
before(:each) do
|
10
|
+
@request = mock('request')
|
11
|
+
@request.should_receive(:referer).and_return(referer)
|
12
|
+
end
|
13
|
+
|
14
|
+
it "should match requests using a String" do
|
15
|
+
filter = subject.new(referer)
|
16
|
+
|
17
|
+
filter.match?(@request).should == true
|
18
|
+
end
|
19
|
+
|
20
|
+
it "should match requests using a Regexp" do
|
21
|
+
filter = subject.new(/example\.com/)
|
22
|
+
|
23
|
+
filter.match?(@request).should == true
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/filters/user_agent_filter'
|
3
|
+
|
4
|
+
describe Web::Middleware::Filters::UserAgentFilter do
|
5
|
+
subject { Web::Middleware::Filters::UserAgentFilter }
|
6
|
+
|
7
|
+
let(:user_agent) { 'Windows-RSS-Platform/1.0 (MSIE 7.0; Windows NT 5.1)' }
|
8
|
+
|
9
|
+
before(:each) do
|
10
|
+
@request = mock('request')
|
11
|
+
@request.should_receive(:user_agent).and_return(user_agent)
|
12
|
+
end
|
13
|
+
|
14
|
+
it "should match requests using a String" do
|
15
|
+
filter = subject.new(user_agent)
|
16
|
+
|
17
|
+
filter.match?(@request).should == true
|
18
|
+
end
|
19
|
+
|
20
|
+
it "should match requests using a Regexp" do
|
21
|
+
filter = subject.new(/(MSIE|Windows)/)
|
22
|
+
|
23
|
+
filter.match?(@request).should == true
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ronin/web/middleware/filters/vhost_filter'
|
3
|
+
|
4
|
+
describe Web::Middleware::Filters::VHostFilter do
|
5
|
+
subject { Web::Middleware::Filters::VHostFilter }
|
6
|
+
|
7
|
+
before(:each) do
|
8
|
+
@request = mock('request')
|
9
|
+
@request.should_receive(:host).and_return('domain.example.com')
|
10
|
+
end
|
11
|
+
|
12
|
+
it "should match requests using a String" do
|
13
|
+
filter = subject.new('domain.example.com')
|
14
|
+
|
15
|
+
filter.match?(@request).should == true
|
16
|
+
end
|
17
|
+
|
18
|
+
it "should match requests using a Regexp" do
|
19
|
+
filter = subject.new(/example\.com/)
|
20
|
+
|
21
|
+
filter.match?(@request).should == true
|
22
|
+
end
|
23
|
+
end
|