ronin 0.2.3 → 0.2.4

data/lib/ronin/network/http.rb

@@ -79,6 +79,42 @@ module Ronin
         @@http_user_agent = agent
       end
 
+      #
+      # Expands the given HTTP _options_.
+      #
+      def HTTP.expand_options(options={})
+        new_options = options.dup
+
+        if new_options[:url]
+          url = URI(new_options.delete(:url).to_s)
+
+          new_options[:host] = url.host
+          new_options[:port] = url.port
+
+          new_options[:user] = url.user if url.user
+          new_options[:password] = url.password if url.password
+
+          unless url.path.empty?
+            new_options[:path] = url.path
+          else
+            new_options[:path] = '/'
+          end
+
+          new_options[:path] << "?#{url.query}" if url.query
+        else
+          new_options[:port] ||= ::Net::HTTP.default_port
+          new_options[:path] ||= '/'
+        end
+
+        if (proxy = new_options[:proxy])
+          proxy[:port] ||= Ronin::Network::HTTP.default_proxy_port
+        else
+          new_options[:proxy] = Ronin::Network::HTTP.proxy
+        end
+
+        return new_options
+      end
+
       #
       # Returns Ronin HTTP headers created from the given _options_.
       #
@@ -91,7 +127,7 @@ module Ronin
 
         if options
           options.each do |name,value|
-            header_name = name.to_s.split('_').map { |word|
+            header_name = name.to_s.split(/[\s+_-]/).map { |word|
               word.capitalize
             }.join('-')
 
@@ -107,18 +143,30 @@ module Ronin
       # given _options_. If type does not represent the name of an Net:HTTP
       # Request Class an UnknownRequest exception will be raised.
       #
-      def HTTP.request(type,options={})
-        name = type.to_s.capitalize
+      def HTTP.request(options={})
+        unless options[:method]
+          raise(ArgumentError,"the :method option must be specified",caller)
+        end
+
+        name = options[:method].to_s.capitalize
 
         unless Net::HTTP.const_defined?(name)
           raise(UnknownRequest,"unknown HTTP request type #{name.dump}",caller)
         end
 
         headers = HTTP.headers(options[:headers])
-        request = Net::HTTP.const_get(name).new(options[:path].to_s,headers)
+        path = (options[:path] || '/').to_s
+
+        request = Net::HTTP.const_get(name).new(path,headers)
+
+        if (user = options.delete(:user))
+          user = user.to_s
+
+          if (password = options.delete(:password))
+            password = password.to_s
+          end
 
-        if options[:user]
-          request.basic_auth(options[:user].to_s,options[:password].to_s)
+          request.basic_auth(user,password)
         end
 
         return request

data/lib/ronin/os.rb

@@ -41,7 +41,7 @@ module Ronin
     property :version, String, :index => true
 
     # Validates
-    validates_present :name, :version
+    validates_present :name
 
     #
     # Returns the String form of the os.
@@ -66,12 +66,12 @@ module Ronin
       name = name.to_s
       method_name = name.snake_case
 
-      meta_def(method_name) do
-        OS.new(:name => name)
-      end
-
-      meta_def("#{method_name}_version") do |version|
-        OS.first_or_create(:name => name, :version => version.to_s)
+      meta_def(method_name) do |*arguments|
+        if (version = arguments.first)
+          OS.first_or_create(:name => name, :version => version.to_s)
+        else
+          OS.new(:name => name)
+        end
       end
 
       return nil

data/lib/ronin/platform/extension.rb

@@ -24,7 +24,9 @@
 require 'ronin/platform/exceptions/extension_not_found'
 require 'ronin/platform/extension_cache'
 require 'ronin/platform/platform'
+require 'ronin/extensions/kernel'
 require 'ronin/static/finders'
+require 'ronin/ui/diagnostics'
 
 require 'contextify'
 
@@ -34,6 +36,7 @@ module Ronin
 
       include Contextify
       include Static::Finders
+      include UI::Diagnostics
 
       contextify :ronin_extension
 
@@ -141,12 +144,7 @@ module Ronin
           context_block = Extension.load_context_block(extension_file)
 
           if context_block
-            begin
-              instance_eval(&context_block)
-            rescue SyntaxError, RuntimeError, StandardError => e
-              STDERR.puts "#{e.class}: #{e}"
-              e.backtrace.each { |trace| STDERR.puts "\t#{trace}" }
-            end
+            catch_all { instance_eval(&context_block) }
           end
         end
 

data/lib/ronin/platform/maintainer.rb

@@ -54,7 +54,7 @@ module Ronin
       # Inspects the maintainer object.
       #
       def inspect
-        "#<#{self.class.name}: #{self}"
+        "#<#{self.class.name}: #{self}>"
       end
 
     end

data/lib/ronin/platform/object_cache.rb

@@ -21,7 +21,9 @@
 #++
 #
 
+require 'ronin/database'
 require 'ronin/cacheable'
+require 'ronin/extensions/kernel'
 
 module Ronin
   module Platform
@@ -56,8 +58,10 @@ module Ronin
       # _directory_.
       #
       def ObjectCache.cache(directory)
+        Database.setup unless Database.setup?
+
         ObjectCache.paths(directory).each do |path|
-          Cacheable.cache(path)
+          catch_all { Cacheable.cache_all(path) }
         end
 
         return true
@@ -71,10 +75,12 @@ module Ronin
       def ObjectCache.sync(directory)
         new_paths = ObjectCache.paths(directory)
 
+        Database.setup unless Database.setup?
+
         ObjectCache.each(directory) do |obj|
           new_paths.delete(obj.cached_path)
 
-          obj.sync!
+          catch_all { obj.sync! }
         end
 
         # cache the remaining new paths
@@ -87,6 +93,8 @@ module Ronin
       # _directory_.
       #
       def ObjectCache.clean(directory)
+        Database.setup unless Database.setup?
+
         ObjectCache.each(directory) { |obj| obj.destroy }
         return true
       end

data/lib/ronin/platform/overlay_cache.rb

@@ -271,7 +271,7 @@ module Ronin
       #   end
       #
       def uninstall(name,&block)
-        remove do |overlay|
+        remove(name) do |overlay|
           overlay.uninstall(&block)
         end
       end

data/lib/ronin/platform/platform.rb

@@ -26,6 +26,8 @@ require 'ronin/platform/overlay_cache'
 require 'ronin/platform/object_cache'
 require 'ronin/platform/extension_cache'
 
+require 'uri'
+
 module Ronin
   module Platform
     #
@@ -145,11 +147,11 @@ module Ronin
     # has been uninstalled.
     #
     def Platform.uninstall(name,&block)
-      Platform.remove(name) do |overlay|
-        ObjectCache.expunge(overlay.objects_dir)
+      Platform.overlays.uninstall(name) do |overlay|
+        ObjectCache.clean(overlay.objects_dir)
       end
 
-      block.call if block
+      block.call() if block
       return nil
     end
 

data/lib/ronin/platform/ronin.rb

@@ -48,14 +48,14 @@ module Ronin
   #
   # Provides transparent access to Platform.extension via methods.
   #
-  #   Ronin.shellcode
+  #   shellcode
   #   # => #<Ronin::Platform::Extension: ...>
   #
-  #   Ronin.shellcode do |ext|
+  #   shellcode do |ext|
   #     ...
   #   end
   #
-  def Ronin.method_missing(sym,*args,&block)
+  def method_missing(sym,*args,&block)
     if args.length == 0
       name = sym.id2name
 

data/lib/ronin/scanners.rb

@@ -0,0 +1,25 @@
+#
+#--
+# Ronin - A Ruby platform designed for information security and data
+# exploration tasks.
+#
+# Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/scanners/exceptions'
+require 'ronin/scanners/scanner'

data/lib/ronin/scanners/exceptions.rb

@@ -0,0 +1,24 @@
+#
+#--
+# Ronin - A Ruby platform designed for information security and data
+# exploration tasks.
+#
+# Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/scanners/exceptions/unknown_category'

data/lib/ronin/scanners/exceptions/unknown_category.rb

@@ -0,0 +1,29 @@
+#
+#--
+# Ronin - A Ruby platform designed for information security and data
+# exploration tasks.
+#
+# Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+module Ronin
+  module Scanners
+    class UnknownCategory < StandardError
+    end
+  end
+end

data/lib/ronin/scanners/scanner.rb

@@ -0,0 +1,239 @@
+#
+#--
+# Ronin - A Ruby platform designed for information security and data
+# exploration tasks.
+#
+# Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/scanners/exceptions/unknown_category'
+require 'ronin/extensions/meta'
+
+require 'set'
+
+module Ronin
+  module Scanners
+    module Scanner
+      def self.included(base)
+        base.metaclass_eval do
+          #
+          # Returns the +Hash+ of the categories and the scanners defined
+          # for the class.
+          #
+          def scanners
+            @scanners ||= {}
+          end
+
+          #
+          # Returns the category names of all defined scanners.
+          #
+          def scans_for
+            names = Set[]
+
+            ancestors.each do |ancestor|
+              if ancestor.include?(Ronin::Scanners::Scanner)
+                names += ancestor.scanners.keys
+              end
+            end
+
+            return names
+          end
+
+          #
+          # Returns +true+ if there is a scanner with the specified category
+          # _name_ was defined, returns +false+ otherwise.
+          #
+          def scans_for?(name)
+            name = name.to_sym
+
+            ancestors.each do |ancestor|
+              if ancestor.include?(Ronin::Scanners::Scanner)
+                return true if ancestor.scanners.has_key?(name)
+              end
+            end
+
+            return false
+          end
+
+          #
+          # Returns all scanner tests in the specified _category_.
+          #
+          def scanners_in(name)
+            name = name.to_sym
+
+            unless scans_for?(name)
+              raise(Ronin::Scanners::UnknownCategory,"unknown scanner category #{name}",caller)
+            end
+
+            tests = []
+
+            ancestors.each do |ancestor|
+              if ancestor.include?(Ronin::Scanners::Scanner)
+                if ancestor.scanners.has_key?(name)
+                  tests += ancestor.scanners[name]
+                end
+              end
+            end
+
+            return tests
+          end
+
+          #
+          # Defines a scanner with the specified category _name_ and
+          # _block_.
+          #
+          # When scanning against a target, a callback for saving results
+          # and the target object to be scanned will be passed to the
+          # _block_.
+          #
+          #   scanner(:lfi) do |url,results|
+          #     ...
+          #   end
+          #
+          # If the scanner accepts a 3rd argument, it will be passed a
+          # +Hash+ of configuration options when the scanner is called.
+          #
+          #   scanner(:sqli) do |url,results,options|
+          #     ...
+          #   end
+          #
+          def scanner(name,&block)
+            method_name = name.to_s.downcase.gsub(/[\s\._-]+/,'_')
+            name = name.to_sym
+
+            (scanners[name] ||= []) << block
+
+            class_def("first_#{method_name}") do |*arguments|
+              options = case arguments.length
+                        when 1
+                          arguments.first
+                        when 0
+                          true
+                        else
+                          raise(ArgumentError,"wrong number of arguments (#{arguments.length} for 1)",caller)
+                        end
+
+              first_result = nil
+
+              scan(name => options) do |category,result|
+                first_result = result
+                break
+              end
+
+              return first_result
+            end
+
+            class_def("has_#{method_name}?") do |*arguments|
+              !(self.send("first_#{method_name}",*arguments).nil?)
+            end
+
+            name = name.to_s
+
+            module_eval %{
+              def #{method_name}_scan(options=true,&block)
+                results = scan(:#{name.dump} => options) do |category,result|
+                  block.call(result) if block
+                end
+
+                return results[:#{name.dump}]
+              end
+            }
+
+            return true
+          end
+        end
+      end
+
+      #
+      # Runs the scanners in the given _categories_ against each_target.
+      # If _categories_ is not specified, all categories will be ran
+      # against each_target. Returns a +Hash+ of results grouped by
+      # scanner category.
+      #
+      # If a _block_ is given, it will be passed each result and the
+      # category the result belongs to.
+      #
+      #   url.scan(:rfi => true)
+      #
+      #   url.scan(:lfi => true, :sqli => {:params => ['id', 'catid']})
+      #
+      #   url.scan(:lfi => true, :rfi => true) do |category,result|
+      #     puts "[#{category}] #{result.inspect}"
+      #   end
+      #
+      def scan(categories={},&block)
+        tests = {}
+        options = {}
+        results = {}
+
+        if categories.empty?
+          self.class.scans_for.each { |name| categories[name] = true }
+        end
+
+        categories.each do |name,opts|
+          name = name.to_sym
+
+          if opts
+            tests[name] = self.class.scanners_in(name)
+
+            options[name] = if opts.kind_of?(Hash)
+              opts
+            else
+              {}
+            end
+
+            results[name] = []
+          end
+        end
+
+        current_category = nil
+        result_callback = lambda { |result|
+          results[current_category] << result
+          block.call(current_category,result) if block
+        }
+
+        each_target do |target|
+          tests.each do |name,scanners|
+            current_category = name
+
+            scanners.each do |scanner|
+              if scanner.arity == 3
+                scanner.call(target,result_callback,options[name])
+              else
+                scanner.call(target,result_callback)
+              end
+            end
+          end
+        end
+
+        return results
+      end
+
+      protected
+
+      #
+      # A place holder method which will call the specified _block_ with
+      # each target object to be scanned. By default, the method will call
+      # the specified _block_ once, simply passing it the +self+ object.
+      #
+      def each_target(&block)
+        block.call(self)
+      end
+    end
+  end
+end