ronin 2.0.5 → 2.1.0.rc1

data/lib/ronin/cli/commands/completion.rb

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+#
+# Copyright (c) 2006-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# Ronin is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ronin is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ronin.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/core/cli/completion_command'
+require 'ronin/repos/cli/commands/completion'
+require 'ronin/wordlists/cli/commands/completion'
+require 'ronin/db/cli/commands/completion'
+require 'ronin/fuzzer/cli/commands/completion'
+require 'ronin/web/cli/commands/completion'
+require 'ronin/vulns/cli/commands/completion'
+require 'ronin/payloads/cli/commands/completion'
+require 'ronin/exploits/cli/commands/completion'
+require 'ronin/listener/cli/commands/completion'
+require 'ronin/nmap/cli/commands/completion'
+require 'ronin/masscan/cli/commands/completion'
+require 'ronin/recon/cli/commands/completion'
+require 'ronin/root'
+
+module Ronin
+  class CLI
+    module Commands
+      #
+      # Manages the shell completion rule for `ronin` and all other `ronin-*`
+      # commands.
+      #
+      # ## Usage
+      #
+      #     ronin completion [options]
+      #
+      # ## Options
+      #
+      #         --print                      Prints the shell completion file
+      #         --install                    Installs the shell completion file
+      #         --uninstall                  Uninstalls the shell completion file
+      #     -h, --help                       Print help information
+      #
+      # ## Examples
+      #
+      #     ronin completion --print
+      #     ronin completion --install
+      #     ronin completion --uninstall
+      #
+      # @since 2.1.0
+      #
+      class Completion < Core::CLI::CompletionCommand
+
+        man_dir File.join(ROOT,'man')
+        man_page 'ronin-completion.1'
+
+        description 'Manages the shell completion rules for ronin and all other ronin-* commands'
+
+        # All shell completion files for `ronin` and the other `ronin-*`
+        # commands.
+        COMPLETION_FILES = [
+          File.join(ROOT,'data','completions','ronin'),
+
+          Repos::CLI::Commands::Completion.completion_file,
+          Wordlists::CLI::Commands::Completion.completion_file,
+          DB::CLI::Commands::Completion.completion_file,
+          Fuzzer::CLI::Commands::Completion.completion_file,
+          Web::CLI::Commands::Completion.completion_file,
+          Vulns::CLI::Commands::Completion.completion_file,
+          Payloads::CLI::Commands::Completion.completion_file,
+          Exploits::CLI::Commands::Completion.completion_file,
+          Listener::CLI::Commands::Completion.completion_file,
+          Nmap::CLI::Commands::Completion.completion_file,
+          Masscan::CLI::Commands::Completion.completion_file,
+          Recon::CLI::Commands::Completion.completion_file
+        ]
+
+        #
+        # Prints all completion files.
+        #
+        def print_completion_file
+          COMPLETION_FILES.each do |completion_file|
+            super(completion_file)
+          end
+        end
+
+        #
+        # Installs all completion files.
+        #
+        def install_completion_file
+          COMPLETION_FILES.each do |completion_file|
+            super(completion_file)
+          end
+        end
+
+        #
+        # Uninstall all completion files.
+        #
+        def uninstall_completion_file
+          COMPLETION_FILES.each do |completion_file|
+            super(completion_file)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ronin/cli/commands/dns_proxy.rb

@@ -0,0 +1,235 @@
+# frozen_string_literal: true
+#
+# Copyright (c) 2006-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# Ronin is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ronin is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ronin.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/cli/command'
+require 'ronin/dns/proxy'
+
+module Ronin
+  class CLI
+    module Commands
+      #
+      # Starts a DNS proxy.
+      #
+      # ## Usage
+      #
+      #     ronin dns-proxy [options] [HOST] PORT
+      #
+      # ## Options
+      #
+      #     -n, --nameserver IP              The upstream nameserver IP to use
+      #     -r RECORD_TYPE:NAME:RESULT|RECORD_TYPE:/REGEXP/:RESULT,
+      #         --rule                       Adds a rule to the DNS proxy
+      #     -h, --help                       Print help information
+      #
+      # ## Arguments
+      #
+      #     [HOST]                           The host name to listen on.
+      #     PORT                             The port number to listen on.
+      #
+      # @since 2.1.0
+      #
+      class DnsProxy < Command
+
+        usage '[options] [HOST] PORT'
+
+        option :nameserver, short: '-n',
+                            value: {
+                              type:  String,
+                              usage: 'IP'
+                            },
+                            desc: 'The upstream nameserver IP to use' do |ip|
+                              @nameservers << ip
+                            end
+
+        option :rule, short: '-r',
+                      value: {
+                        type:  %r{\A[^:]+:(?:[^:]+|/[^/:]+/):.+\z},
+                        usage: 'RECORD_TYPE:NAME:RESULT|RECORD_TYPE:/REGEXP/:RESULT'
+                      },
+                      desc: 'Adds a rule to the DNS proxy' do |rule|
+                        @rules << parse_rule(rule)
+                      end
+
+        argument :host, required: false,
+                        desc:    'The host to listen on'
+
+        argument :port, required: true,
+                        desc:     'The port number to listen on'
+
+        description 'Starts a DNS proxy'
+
+        man_page 'ronin-dns-proxy.1'
+
+        # The upstream nameserver IP addresses to forward DNS queries to.
+        #
+        # @return [Array<String>]
+        attr_reader :nameservers
+
+        # The rules for the DNS proxy server.
+        #
+        # @return [Array<(Symbol, String, String), (Symbol, Regexp, String)>]
+        attr_reader :rules
+
+        #
+        # Initializes the `ronin dns-proxy` command.
+        #
+        # @param [Hash{Symbol => Object}] kwargs
+        #   Additional keyword arguments for the command.
+        #
+        def initialize(**kwargs)
+          super(**kwargs)
+
+          @nameservers = []
+          @rules       = []
+        end
+
+        #
+        # Runs the `ronin dns-proxy` command.
+        #
+        def run(host='127.0.0.1',port)
+          port = port.to_i
+
+          DNS::Proxy.run(host,port,**proxy_kwargs)
+        end
+
+        #
+        # The keyword arguments for `Ronin::DNS::Proxy.run`.
+        #
+        # @return [Hash{Symbol => Object}]
+        #
+        def proxy_kwargs
+          kwargs = {rules: @rules}
+
+          unless @nameservers.empty?
+            kwargs[:nameservers] = @nameservers
+          end
+
+          return kwargs
+        end
+
+        # Record types.
+        RECORD_TYPES = {
+          'A'     => :A,
+          'AAAA'  => :AAAA,
+          'ANY'   => :ANY,
+          'CNAME' => :CNAME,
+          'HINFO' => :HINFO,
+          'LOC'   => :LOC,
+          'MINFO' => :MINFO,
+          'MX'    => :MX,
+          'NS'    => :NS,
+          'PTR'   => :PTR,
+          'SOA'   => :SOA,
+          'SRV'   => :SRV,
+          'TXT'   => :TXT,
+          'WKS'   => :WKS
+        }
+
+        #
+        # Parses a record type name.
+        #
+        # @param [String] record_type
+        #   The record type to parse.
+        #
+        # @return [:A, :AAAA, :ANY, :CNAME, :HINFO, :LOC, :MINFO, :MX, :NS, :PTR, :SOA, :SRV, :TXT, :WKS]
+        #   The parsed record type.
+        #
+        # @raise [OptionParser::InvalidArgument]
+        #   The record type was unknown.
+        #
+        def parse_record_type(record_type)
+          RECORD_TYPES.fetch(record_type) do
+            raise(OptionParser::InvalidArgument,"invalid record type: #{record_type.inspect}")
+          end
+        end
+
+        #
+        # Parses the name field of a record.
+        #
+        # @param [String] name
+        #   The name field to parse.
+        #
+        # @return [String, Regex]
+        #   The parsed name. If the name field starts with a `/` and ends with a
+        #   `/`, then a Regexp will be returned.
+        #
+        # @raise [OptionParser::InvalidArgument]
+        #   The name field regex could not be parsed.
+        #
+        def parse_record_name(name)
+          if name.start_with?('/') && name.end_with?('/')
+            begin
+              Regexp.new(name[1..-2])
+            rescue RegexpError => error
+              raise(OptionParser::InvalidArgument,"invalid Regexp: #{error.message}")
+            end
+          else
+            name
+          end
+        end
+
+        # Error names.
+        ERROR_CODES = {
+          'NoError'  => :NoError,
+          'FormErr'  => :FormErr,
+          'ServFail' => :ServFail,
+          'NXDomain' => :NXDomain,
+          'NotImp'   => :NotImp,
+          'Refused'  => :Refused,
+          'NotAuth'  => :NotAuth
+        }
+
+        #
+        # Parses a result value.
+        #
+        # @param [String] result
+        #   A result value to parse.
+        #
+        # @return [String, :NoError, :FormErr, :ServFail, :NXDomain, :NotImp, :Refused, :NotAuth]
+        #   The parsed result value or a DNS error code.
+        #
+        def parse_rule_result(result)
+          ERROR_CODES.fetch(result,result)
+        end
+
+        #
+        # Parses a rule string.
+        #
+        # @param [String] rule
+        #   The string to parse.
+        #
+        # @return [(Symbol, String, String), (Symbol, Regexp, String)]
+        #   The parsed rule.
+        #
+        # @raise [OptionParser::InvalidArgument]
+        #   The rule string could not be parsed.
+        #
+        def parse_rule(rule)
+          record_type, name, result = rule.split(':',3)
+
+          [
+            parse_record_type(record_type),
+            parse_record_name(name),
+            parse_rule_result(result)
+          ]
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/cli/commands/http.rb

@@ -20,6 +20,7 @@ require 'ronin/cli/value_processor_command'
 require 'ronin/cli/printing/http'
 require 'ronin/cli/http_shell'
 require 'ronin/support/network/http'
+require 'ronin/support/network/http/cookie'
 
 require 'command_kit/options/verbose'
 require 'addressable/uri'
@@ -57,9 +58,11 @@ module Ronin
       #         --shell URL                  Open an interactive HTTP shell
       #     -P, --proxy URL                  The proxy to use
       #     -U, --user-agent-string STRING   The User-Agent string to use
-      #     -u chrome-linux|chrome-macos|chrome-windows|chrome-iphone|chrome-ipad|chrome-android|firefox-linux|firefox-macos|firefox-windows|firefox-iphone|firefox-ipad|firefox-android|safari-macos|safari-iphone|safari-ipad|edge,
-      #         --user-agent                 The User-Agent to use
+      #     -u random|chrome|firefox|safari|linux|macos|windows|iphone|ipad|android|chrome_linux|chrome_macos|chrome_windows|chrome_iphone|chrome_ipad|chrome_android|firefox_linux|firefox_macos|firefox_windows|firefox_iphone|firefox_ipad|firefox_android|safari_macos|safari_iphone|safari_ipad|edge,
+      #         --user-agent                 The User-Agent alias to use
       #     -H, --header "NAME: VALUE"       Adds a header to the request
+      #     -C, --cookie COOKIE              Sets the Cookie header
+      #     -c, --cookie-param NAME=VALUE    Sets an additional cookie param
       #     -B, --body STRING                The request body
       #     -F, --body-file FILE             Sends the file as the request body
       #     -f, --form-data NAME=VALUE       Adds a value to the form data
@@ -76,7 +79,7 @@ module Ronin
         include Printing::HTTP
 
         # `http://` and `https://` URL validation regex.
-        URL_REGEX = URI::DEFAULT_PARSER.make_regexp(%w[http https])
+        URL_REGEX = /\A#{URI::DEFAULT_PARSER.make_regexp(%w[http https])}\z/
 
         usage '[options] {URL [...] | --shell URL}'
 
@@ -178,13 +181,46 @@ module Ronin
                                      @user_agent = ua
                                    end
 
+        # Mapping of user-agent aliases.
+        USER_AGENT_ALIASES = {
+          'random'  => :random,
+          'chrome'  => :chrome,
+          'firefox' => :firefox,
+          'safari'  => :safari,
+          'linux'   => :linux,
+          'macos'   => :macos,
+          'windows' => :windows,
+          'iphone'  => :iphone,
+          'ipad'    => :ipad,
+          'android' => :android,
+
+          'chrome_linux'   => :chrome_linux,
+          'chrome_macos'   => :chrome_macos,
+          'chrome_windows' => :chrome_windows,
+          'chrome_iphone'  => :chrome_iphone,
+          'chrome_ipad'    => :chrome_ipad,
+          'chrome_android' => :chrome_android,
+
+          'firefox_linux'   => :firefox_linux,
+          'firefox_macos'   => :firefox_macos,
+          'firefox_windows' => :firefox_windows,
+          'firefox_iphone'  => :firefox_iphone,
+          'firefox_ipad'    => :firefox_ipad,
+
+          'firefox_android' => :firefox_android,
+
+          'safari_macos'  => :safari_macos,
+          'safari_iphone' => :safari_iphone,
+          'safari_ipad'   => :safari_ipad,
+
+          'edge' => :edge
+        }
+
         option :user_agent, short: '-u',
                             value: {
-                              type: Support::Network::HTTP::UserAgents::ALIASES.transform_keys { |key|
-                                key.to_s.tr('_','-')
-                              }
+                              type: USER_AGENT_ALIASES
                             },
-                            desc: 'The User-Agent to use' do |name|
+                            desc: 'The User-Agent alias to use' do |name|
                               @user_agent = name
                             end
 
@@ -199,6 +235,35 @@ module Ronin
                           @headers[name] = value
                         end
 
+        option :cookie, short: '-C',
+                        value: {
+                          type:  String,
+                          usage: 'COOKIE'
+                        },
+                        desc: 'Sets the Cookie header' do |cookie|
+                          cookie = Support::Network::HTTP::Cookie.parse(cookie)
+
+                          if @cookie
+                            @cookie.merge!(cookie)
+                          else
+                            @cookie = cookie
+                          end
+                        end
+
+        option :cookie_param, short: '-c',
+                              value: {
+                                type:  /[^\s=]+=\w+/,
+                                usage: 'NAME=VALUE'
+                              },
+                              desc: 'Sets an additional cookie param' do |param|
+                                name, value = param.split('=',2)
+
+                                # lazy initialize the cookie
+                                @cookie ||= Support::Network::HTTP::Cookie.new
+
+                                @cookie[name] = value
+                              end
+
         option :body, short: '-B',
                       value: {
                         type:  String,
@@ -262,9 +327,14 @@ module Ronin
         # @return [Hash{String => String}]
         attr_reader :headers
 
+        # The optional `Cookie` header to send.
+        #
+        # @return [Ronin::Support::Network::HTTP::Cookie, nil]
+        attr_reader :cookie
+
         # Optional `User-agent` string to use.
         #
-        # @return [String, nil]
+        # @return [String, Symbol, nil]
         attr_reader :user_agent
 
         # Additional URL query params.
@@ -294,6 +364,7 @@ module Ronin
           @proxy        = nil
           @http_method  = :get
           @headers      = {}
+          @cookie       = nil
           @user_agent   = nil
           @query_params = {}
           @form_data    = {}
@@ -347,6 +418,7 @@ module Ronin
           begin
             Support::Network::HTTP.request(
               @http_method, uri, proxy:        @proxy,
+                                 cookie:       @cookie,
                                  user_agent:   @user_agent,
                                  query_params: @query_params,
                                  headers:      @headers,

data/lib/ronin/cli/commands/ip.rb

@@ -19,6 +19,7 @@
 require 'ronin/cli/value_processor_command'
 require 'ronin/support/network/ip'
 require 'uri'
+require 'ipaddr'
 
 module Ronin
   class CLI
@@ -40,6 +41,10 @@ module Ronin
       #     -D, --decimal                    Converts the IP address to decimal format
       #     -O, --octal                      Converts the IP address to octal format
       #     -B, --binary                     Converts the IP address to binary format
+      #         --hex-octet                  Converts the IP address to hexadecimal format by octet
+      #         --octal-octet                Converts the IP address to octal format by octet
+      #         --ipv6-compat                Converts the IPv4 address to an IPv6 compatible address
+      #         --ipv6-expanded              Expands a shortened or compressed IPv6 address
       #     -C, --cidr NETMASK               Converts the IP address into a CIDR range
       #     -H, --host                       Converts the IP address to a host name
       #     -p, --port PORT                  Appends the port number to each IP
@@ -89,6 +94,16 @@ module Ronin
         option :binary, short: '-B',
                         desc:  'Converts the IP address to binary format'
 
+        option :hex_octet,
+               desc: 'Converts the IP address to hexadecimal format by octet'
+
+        option :octal_octet,
+               desc: 'Converts the IP address to octal format by octet'
+
+        option :ipv6_compat, desc: 'Converts the IPv4 address to an IPv6 compatible address'
+
+        option :ipv6_expanded, desc: 'Expands a shortened or compressed IPv6 address'
+
         option :cidr, short: '-C',
                       value: {
                         type:  String,
@@ -225,19 +240,105 @@ module Ronin
         #   The formatted IP address.
         #
         def format_ip(ip)
+          if ip.ipv4?
+            format_ipv4(ip)
+          else
+            format_ipv6(ip)
+          end
+        end
+
+        private
+
+        #
+        # Formats an IPv4 address.
+        #
+        # @param [Ronin::Support::Network::IP] ip
+        #   The IP address to format.
+        #
+        # @return [String]
+        #   The formatted IP address.
+        #
+        def format_ipv4(ip)
           if options[:hex]
             "0x%x" % ip.to_i
+          elsif options[:hex_octet]
+            ipv4_hex_octet(ip)
           elsif options[:decimal]
             "%u" % ip.to_i
           elsif options[:octal]
             "0%o" % ip.to_i
+          elsif options[:octal_octet]
+            ip.to_s.split(".").map { |octet| "0%o" % octet.to_i }.join(".")
+          elsif options[:binary]
+            "%b" % ip.to_i
+          elsif options[:ipv6_compat]
+            ip.ipv4_mapped.to_s
+          elsif options[:ipv6_expanded]
+            print_error "called with --ipv6-expanded for #{ip}"
+            exit(1)
+          else
+            ip.to_s
+          end
+        end
+
+        #
+        # Formats an IPv6 address.
+        #
+        # @param [Ronin::Support::Network::IP] ip
+        #   The IP address to format.
+        #
+        # @return [String]
+        #   The formatted IP address.
+        #
+        def format_ipv6(ip)
+          if options[:decimal]
+            "%u" % ip.to_i
+          elsif options[:hex]
+            "0x%x" % ip.to_i
+          elsif options[:octal]
+            "0%o" % ip.to_i
+          elsif options[:octal_octet]
+            print_error "called with --octal-octet for #{ip}"
+            exit(1)
+          elsif options[:hex_octet]
+            if ip.ipv4_mapped?
+              "::ffff:#{ipv4_hex_octet(ip.ipv4)}"
+            else
+              print_error "called with --hex-octet for #{ip}"
+              exit(1)
+            end
           elsif options[:binary]
             "%b" % ip.to_i
+          elsif options[:ipv6_expanded]
+            ip.canonical
+          elsif options[:ipv6_compat]
+            print_error "called with --ipv6-compat for #{ip}"
+            exit(1)
           else
             ip.to_s
           end
         end
 
+        #
+        # Converts the octets of an IP address to hex
+        #
+        # @param [Ronin::Support::Network::IP] ip
+        #   The IP address to convert.
+        #
+        # @return [String]
+        #   The formatted IP address.
+        #
+        def ipv4_hex_octet(ip)
+          ip_uint = ip.to_i
+
+          format(
+            "%<octet1>x.%<octet2>x.%<octet3>x.%<octet4>x",
+            octet1: (ip_uint & 0xff000000) >> 24,
+            octet2: (ip_uint & 0xff0000) >> 16,
+            octet3: (ip_uint & 0xff00) >> 8,
+            octet4: (ip_uint & 0xff)
+          )
+        end
       end
     end
   end

data/lib/ronin/cli/commands/iprange.rb

@@ -34,6 +34,7 @@ module Ronin
       #     -f, --file FILE                  Optional file to read values from
       #         --start IP                   Starting IP address
       #         --stop IP                    Stopping IP address
+      #     -s, --size                       Prints the size of the IP range
       #     -h, --help                       Print help information
       #
       # ## Arguments
@@ -68,6 +69,9 @@ module Ronin
                         @stop << ip
                       end
 
+        option :size, short: '-s',
+                      desc:  'Prints the size of the IP range'
+
         argument :ip_range, required: false,
                             repeats:  true,
                             desc:     'The IP Range to enumerate'
@@ -110,9 +114,7 @@ module Ronin
             @start.zip(@stop).each do |(start,stop)|
               range = Support::Network::IPRange::Range.new(start,stop)
 
-              range.each do |ip|
-                puts ip
-              end
+              process_ip_range(range)
             end
           else
             super(*ip_ranges)
@@ -122,13 +124,28 @@ module Ronin
         #
         # Processes an IP range.
         #
-        # @param [String] ip_range
+        # @param [String] string
         #
-        def process_value(ip_range)
-          ip_range = Support::Network::IPRange.new(ip_range)
+        def process_value(string)
+          range = Support::Network::IPRange.new(string)
+
+          process_ip_range(range)
+        end
 
-          ip_range.each do |ip|
-            puts ip
+        #
+        # Processes a parsed IP range object.
+        #
+        # @param [Ronin::Support::Network::IPRange,
+        #         Ronin::Support::Network::IPRange::Range] ip_range
+        #   The IP range to process.
+        #
+        def process_ip_range(ip_range)
+          if options[:size]
+            puts ip_range.size
+          else
+            ip_range.each do |ip|
+              puts ip
+            end
           end
         end