ruby-ncrack 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 5d557db457c900d9035f4910a4a2cdbd99082839407ae849f8322ed2d0fcdca5
4
+ data.tar.gz: 9ddfdf7cb39a40693f1bb4a3ceb6b49ca34b7a07eec9f8991ac539e2e2670c33
5
+ SHA512:
6
+ metadata.gz: 5d6e4b947e387c129d9acfc3cfc0aff17a243364adc554b4714b95a9e26e4a660a2663a8258a25879994729ae0aab3b381ae38944b5c477e57480acfa93474e1
7
+ data.tar.gz: 42c1d50c38ab660d6d6b5eb46994f824337571759f22abbbb51e9323720815746dd63590b4b6bf482338f3297a75f645cc96309eb2ffb83b3181abba8d92dfd5
data/.document ADDED
@@ -0,0 +1,3 @@
1
+ -
2
+ ChangeLog.*
3
+ LICENSE.txt
data/.editorconfig ADDED
@@ -0,0 +1,11 @@
1
+ root = true
2
+
3
+ [*]
4
+ end_of_line = lf
5
+ insert_final_newline = true
6
+ tab_width = 8
7
+ trim_trailing_whitespace = true
8
+
9
+ [{Gemfile,Rakefile,*.rb,*.gemspec,*.yml}]
10
+ indent_style = space
11
+ indent_size = 2
@@ -0,0 +1,31 @@
1
+ name: CI
2
+
3
+ on: [ push, pull_request ]
4
+
5
+ jobs:
6
+ tests:
7
+ runs-on: ubuntu-latest
8
+ strategy:
9
+ fail-fast: false
10
+ matrix:
11
+ ruby:
12
+ - 2.6
13
+ - 2.7
14
+ - 3.0
15
+ - jruby
16
+ - truffleruby
17
+ name: Ruby ${{ matrix.ruby }}
18
+ steps:
19
+ - uses: actions/checkout@v2
20
+ - name: Set up Ruby
21
+ uses: ruby/setup-ruby@v1
22
+ with:
23
+ ruby-version: ${{ matrix.ruby }}
24
+ - name: Install libxml2-dev and libxslt1-dev
25
+ run: |
26
+ sudo apt update -y && \
27
+ sudo apt install -y --no-install-recommends --no-install-suggests libxml2-dev libxslt1-dev
28
+ - name: Install dependencies
29
+ run: bundle install --jobs 4 --retry 3
30
+ - name: Run tests
31
+ run: bundle exec rake test
data/.gitignore ADDED
@@ -0,0 +1,9 @@
1
+ /Gemfile.lock
2
+ /doc
3
+ /pkg
4
+ .DS_Store
5
+ .yardoc
6
+ *.db
7
+ *.log
8
+ *.swp
9
+ *~
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --colour --format documentation
data/.yardopts ADDED
@@ -0,0 +1 @@
1
+ --markup markdown --title "ruby-ncrack Documentation" --protected
data/ChangeLog.md ADDED
@@ -0,0 +1,10 @@
1
+ ### 0.1.0 / 2021-11-30
2
+
3
+ * Initial release:
4
+ * Added {Ncrack::Command}.
5
+ * Added {Ncrack::XML}.
6
+ * Added {Ncrack::XML::Service}.
7
+ * Added {Ncrack::XML::Address}.
8
+ * Added {Ncrack::XML::Port}.
9
+ * Added {Ncrack::XML::Credentials}.
10
+
data/Gemfile ADDED
@@ -0,0 +1,16 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gemspec
4
+
5
+ # gem 'command_mapper', '~> 0.1.1', github: 'postmodern/command_mapper.rb'
6
+
7
+ group :development do
8
+ gem 'rake'
9
+ gem 'rubygems-tasks', '~> 0.2'
10
+ gem 'rspec', '~> 3.0'
11
+ gem 'simplecov', '~> 0.7'
12
+
13
+ gem 'kramdown'
14
+ gem 'yard', '~> 0.9'
15
+ gem 'yard-spellcheck', require: false
16
+ end
data/LICENSE.txt ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2011-2021 Hal Brodigan
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,84 @@
1
+ # ruby-ncrack
2
+
3
+ [![CI](https://github.com/postmodern/ruby-ncrack/actions/workflows/ruby.yml/badge.svg)](https://github.com/postmodern/ruby-ncrack/actions/workflows/ruby.yml)
4
+ [![Gem Version](https://badge.fury.io/rb/ruby-ncrack.svg)](https://badge.fury.io/rb/ruby-ncrack)
5
+
6
+ * [Source](http://github.com/postmodern/ruby-ncrack)
7
+ * [Issues](http://github.com/postmodern/ruby-ncrack/issues)
8
+ * [Documentation](http://rubydoc.info/gems/ruby-ncrack/frames)
9
+
10
+ ## Description
11
+
12
+ A Ruby interface to [ncrack], Network authentication cracking tool.
13
+
14
+ ## Features
15
+
16
+ * Provides a [Ruby interface][Ncrack::Command] for running the `ncrack` utility.
17
+ * Provides a [parser][Ncrack::XML] for enumerating Ncrack XML output files.
18
+
19
+ [Ncrack::Command]: https://rubydoc.info/gems/ruby-ncrack/Ncrack/Command
20
+ [Ncrack::XML]: https://rubydoc.info/gems/ruby-ncrack/Ncrack/XML
21
+
22
+ ## Examples
23
+
24
+ Running `ncrack` from Ruby:
25
+
26
+ ```ruby
27
+ require 'ncrack/command'
28
+
29
+ Ncrack::Command.run(targets: %w[10.0.0.130:21 192.168.1.2:22], output_xml: 'ncrack.xml')
30
+ ```
31
+
32
+ Parsing `ncrack` XML files:
33
+
34
+ ```ruby
35
+ require 'ncrack/xml'
36
+
37
+ Ncrack::XML.open('ncrack.xml') do |xml|
38
+ xml.each_service do |service|
39
+ puts "#{service.address} #{service.port.number}/#{service.port.name}:"
40
+
41
+ service.each_credentials.each do |credentials|
42
+ puts " #{credentials}"
43
+ end
44
+ end
45
+ end
46
+ ```
47
+
48
+ ```
49
+ 127.0.0.1 4567/http:
50
+ admin:swordfish
51
+ bob:hunter
52
+ ```
53
+
54
+ ## Requirements
55
+
56
+ * [ncrack] >= 0.7
57
+ * [command_mapper](http://github.com/postmodern/command_mapper.rb#readme) ~> 0.1
58
+ * [nokogiri](https://github.com/sparklemotion/nokogiri#readme) ~> 1.0
59
+
60
+ ## Install
61
+
62
+ ```shell
63
+ $ gem install ruby-ncrack
64
+ ```
65
+
66
+ ### gemspec
67
+
68
+ ```ruby
69
+ gemspec.add_dependency 'ruby-ncrack', '~> 0.1'
70
+ ```
71
+
72
+ ### Gemfile
73
+
74
+ ```ruby
75
+ gem 'ruby-ncrack', '~> 0.1'
76
+ ```
77
+
78
+ ## Copyright
79
+
80
+ Copyright (c) 2011-2021 Hal Brodigan
81
+
82
+ See {file:LICENSE.txt} for details.
83
+
84
+ [ncrack]: https://nmap.org/ncrack/
data/Rakefile ADDED
@@ -0,0 +1,12 @@
1
+ require 'rake'
2
+ require 'rubygems/tasks'
3
+ Gem::Tasks.new
4
+
5
+ require 'rspec/core/rake_task'
6
+ RSpec::Core::RakeTask.new
7
+ task :test => :spec
8
+ task :default => :spec
9
+
10
+ require 'yard'
11
+ YARD::Rake::YardocTask.new
12
+ task :doc => :yard
data/gemspec.yml ADDED
@@ -0,0 +1,26 @@
1
+ name: ruby-ncrack
2
+ summary: A Ruby interface to Ncrack.
3
+ description:
4
+ A Ruby interface to Ncrack, Network authentication cracking tool.
5
+
6
+ license: MIT
7
+ authors: Postmodern
8
+ email: postmodern.mod3@gmail.com
9
+ homepage: http://github.com/postmodern/ruby-ncrack#readme
10
+ has_yard: true
11
+
12
+ metadata:
13
+ documentation_uri: https://rubydoc.info/gems/ruby-ncrack
14
+ source_code_uri: https://github.com/postmodern/ruby-ncrack
15
+ bug_tracker_uri: https://github.com/postmodern/ruby-ncrack/issues
16
+ changelog_uri: https://github.com/postmodern/ruby-ncrack/blob/master/ChangeLog.md
17
+ rubygems_mfa_required: 'true'
18
+
19
+ requirements: "ncrack >= 0.7"
20
+
21
+ dependencies:
22
+ command_mapper: ~> 0.1
23
+ nokogiri: ~> 1.0
24
+
25
+ development_dependencies:
26
+ bundler: ~> 2.0
@@ -0,0 +1,108 @@
1
+ require 'command_mapper/command'
2
+
3
+ module Ncrack
4
+ #
5
+ # Provides an interface for invoking the `ncrack` utility.
6
+ #
7
+ # ## Example
8
+ #
9
+ # require 'ncrack'
10
+ #
11
+ # Ncrack::Command.run(targets: %w[10.0.0.130:21 192.168.1.2:22], output_xml: 'ncrack.xml')
12
+ #
13
+ # ## `ncrack` options:
14
+ #
15
+ # * `-iX` - `ncrack.input_xml`
16
+ # * `-iN` - `ncrack.input_normal`
17
+ # * `-iL` - `ncrack.input_list`
18
+ # * `--exclude` - `ncrack.exclude`
19
+ # * `--excludefile` - `ncrack.exclude_file`
20
+ # * `-p` - `ncrack.ports`
21
+ # * `-m` - `ncrack.service_options`
22
+ # * `-g` - `ncrack.global_options`
23
+ # * `-T` - `ncrack.timing`
24
+ # * `--connection-limit` - `ncrack.connection_limit`
25
+ # * `--stealth-linear` - `ncrack.stealth_linear`
26
+ # * `-U` - `ncrack.username_file`
27
+ # * `-P` - `ncrack.password_file`
28
+ # * `--user` - `ncrack.user`
29
+ # * `--pass` - `ncrack.pass`
30
+ # * `--passwords-first` - `ncrack.passwords_first`
31
+ # * `--pairwise` - `ncrack.pairwise`
32
+ # * `-oN` - `ncrack.output_normal`
33
+ # * `-oX` - `ncrack.output_xml`
34
+ # * `-oA` - `ncrack.output_all`
35
+ # * `-v` - `ncrack.verbose`
36
+ # * `-d` - `ncrack.debug`
37
+ # * `--nsock-trace` - `ncrack.nsock_trace`
38
+ # * `--log-errors` - `ncrack.log_errors`
39
+ # * `--append-output` - `ncrack.append_output`
40
+ # * `--resume` - `ncrack.resume`
41
+ # * `--save` - `ncrack.save`
42
+ # * `-f` - `ncrack.first`
43
+ # * `-6` - `ncrack.ipv4`
44
+ # * `-sL` - `ncrack.list`
45
+ # * `--datadir` - `ncrack.datadir`
46
+ # * `-V` - `ncrack.version`
47
+ # * `-h` - `ncrack.help`
48
+ #
49
+ class Command < CommandMapper::Command
50
+
51
+ command 'ncrack' do
52
+ # Target Specification
53
+ option '-iX', name: :input_xml, value: {type: InputFile.new}
54
+ option '-iN', name: :input_normal, value: {type: InputFile.new}
55
+ option '-iL', name: :input_list, value: {type: InputFile.new}
56
+ option '--exclude', value: {type: List.new}
57
+ option '--excludefile', name: :exclude_file, value: {type: InputFile.new}
58
+
59
+ # Service Specification
60
+ option '-p', name: :ports, value: {type: List.new}
61
+ option '-m', name: :service_options, value: {type: List.new}
62
+ option '-g', name: :global_options, value: {type: List.new}
63
+
64
+ # Timing and Performance
65
+ option '-T', name: :timing, value: {type: Num.new}
66
+ option '--connection-limit', value: {type: Num.new}
67
+ option '--stealth-linear'
68
+
69
+ # Authentication
70
+ option '-U', name: :username_file, value: {type: InputFile.new}
71
+ option '-P', name: :password_file, value: {type: InputFile.new}
72
+ option '--user', value: {type: List.new}
73
+ option '--pass', value: {type: List.new}
74
+ option '--passwords-first'
75
+ option '--pairwise'
76
+
77
+ # Output
78
+ option '-oN', name: :output_normal, value: true
79
+ option '-oX', name: :output_xml, value: true
80
+ option '-oA', name: :output_all, value: true
81
+ option '-v', name: :verbose
82
+ option '-d', name: :debug
83
+ option '--nsock-trace', value: {type: Num.new}
84
+ option '--log-errors'
85
+ option '--append-output'
86
+
87
+ # Misc
88
+ option '--resume', value: {type: InputFile.new}
89
+ option '--save', value: true
90
+ option '-f', name: :first
91
+ option '-6', name: :ipv4
92
+ option '-sL', name: :list
93
+ option '--datadir', value: {type: InputDir.new}
94
+ option '-V', name: :version
95
+ option '-h', name: :help
96
+
97
+ argument :targets, repeats: true
98
+
99
+ end
100
+
101
+ alias usernames user
102
+ alias usernames= user=
103
+
104
+ alias passwords pass
105
+ alias passwords= pass=
106
+
107
+ end
108
+ end
@@ -0,0 +1,4 @@
1
+ module Ncrack
2
+ # ruby-ncrack version
3
+ VERSION = "0.1.0"
4
+ end
@@ -0,0 +1,79 @@
1
+ module Ncrack
2
+ class XML
3
+ #
4
+ # Represents a `address` XML element.
5
+ #
6
+ class Address
7
+
8
+ #
9
+ # Initializes the address object.
10
+ #
11
+ # @param [Nokogiri::XML::Node] node
12
+ # The XML node for the `address` XML element.
13
+ #
14
+ # @api private
15
+ #
16
+ def initialize(node)
17
+ @node = node
18
+ end
19
+
20
+ #
21
+ # The IP of the address.
22
+ #
23
+ # @return [String]
24
+ # The value of the `addr` attribute.
25
+ #
26
+ def addr
27
+ @addr ||= @node['addr']
28
+ end
29
+
30
+ # Mapping of `addrtype` values to Symbols.
31
+ TYPES = {
32
+ 'ipv4' => :ipv4,
33
+ 'ipv6' => :ipv6
34
+ }
35
+
36
+ #
37
+ # The IP address type.
38
+ #
39
+ # @return [:ipv4, :ipv6, String]
40
+ # The value of the `addrtype` attribute.
41
+ #
42
+ def type
43
+ @type ||= (
44
+ addrtype = @node['addrtype']
45
+ TYPES.fetch(addrtype,addrtype)
46
+ )
47
+ end
48
+
49
+ #
50
+ # Determines whether the address is IPv4 or IPv6.
51
+ #
52
+ # @return [Boolean]
53
+ #
54
+ def ipv4?
55
+ type == :ipv4
56
+ end
57
+
58
+ #
59
+ # Determines whether the address is IPv6 or IPv4.
60
+ #
61
+ # @return [Boolean]
62
+ #
63
+ def ipv6?
64
+ type == :ipv6
65
+ end
66
+
67
+ #
68
+ # Converts the address to a String.
69
+ #
70
+ # @return [String]
71
+ # The IP of the address.
72
+ #
73
+ def to_s
74
+ addr.to_s
75
+ end
76
+
77
+ end
78
+ end
79
+ end
@@ -0,0 +1,64 @@
1
+ module Ncrack
2
+ class XML
3
+ #
4
+ # Represents a `credentials` XML element.
5
+ #
6
+ class Credentials
7
+
8
+ #
9
+ # Initializes the credentials object.
10
+ #
11
+ # @param [Nokogiri::XML::Node] node
12
+ # The XML node for the `credentials` XML element.
13
+ #
14
+ # @api private
15
+ #
16
+ def initialize(node)
17
+ @node = node
18
+ end
19
+
20
+ #
21
+ # The successfully bruteforced username.
22
+ #
23
+ # @return [String]
24
+ # The value of the `username` attribute.
25
+ #
26
+ def username
27
+ @username ||= @node['username']
28
+ end
29
+
30
+ alias user_name username
31
+
32
+ #
33
+ # The successfully bruteforced password.
34
+ #
35
+ # @return [String]
36
+ # The value of the `password` attribute.
37
+ #
38
+ def password
39
+ @password ||= @node['password']
40
+ end
41
+
42
+ #
43
+ # Converts the credentials to a String.
44
+ #
45
+ # @return [String]
46
+ # Returns a `"username:password"` String.
47
+ #
48
+ def to_s
49
+ "#{username}:#{password}"
50
+ end
51
+
52
+ #
53
+ # Converts the credentials to a String.
54
+ #
55
+ # @return [(String, String)]
56
+ # Returns a tuple of the {#username} and {#password}.
57
+ #
58
+ def to_a
59
+ [username, password]
60
+ end
61
+
62
+ end
63
+ end
64
+ end
@@ -0,0 +1,82 @@
1
+ module Ncrack
2
+ class XML
3
+ #
4
+ # Represents a `port` XML element.
5
+ #
6
+ class Port
7
+
8
+ #
9
+ # Initializes the port object.
10
+ #
11
+ # @param [Nokogiri::XML::Node] node
12
+ # The XML node for the `port` XML element.
13
+ #
14
+ # @api private
15
+ #
16
+ def initialize(node)
17
+ @node = node
18
+ end
19
+
20
+ # Mapping of the `protocol` attribute values to Symbols.
21
+ PROTOCOLS = {
22
+ 'tcp' => :tcp,
23
+ 'udp' => :udp
24
+ }
25
+
26
+ #
27
+ # The protocol of the port.
28
+ #
29
+ # @return [:tcp, :udp, String]
30
+ # The value of the `protocol` attribute.
31
+ #
32
+ def protocol
33
+ @protocl ||= (
34
+ protocol = @node['protocol']
35
+
36
+ PROTOCOLS.fetch(protocol,protocol)
37
+ )
38
+ end
39
+
40
+ #
41
+ # The port number.
42
+ #
43
+ # @return [Integer]
44
+ # The parsed value of the `portid` attribute.
45
+ #
46
+ def number
47
+ @number ||= @node['portid'].to_i
48
+ end
49
+
50
+ #
51
+ # The name associated with the port.
52
+ #
53
+ # @return [String]
54
+ # The value of the `name` attribute.
55
+ #
56
+ def name
57
+ @name ||= @node['name']
58
+ end
59
+
60
+ #
61
+ # Converts the port to an Integer.
62
+ #
63
+ # @return [Integer]
64
+ # Returns the {#number}.
65
+ #
66
+ def to_i
67
+ number.to_i
68
+ end
69
+
70
+ #
71
+ # Converts the port to a String.
72
+ #
73
+ # @return [String]
74
+ # Returns the {#name}.
75
+ #
76
+ def to_s
77
+ name.to_s
78
+ end
79
+
80
+ end
81
+ end
82
+ end
@@ -0,0 +1,104 @@
1
+ require 'ncrack/xml/address'
2
+ require 'ncrack/xml/port'
3
+ require 'ncrack/xml/credentials'
4
+
5
+ module Ncrack
6
+ class XML
7
+ #
8
+ # Represents a `service` XML element.
9
+ #
10
+ class Service
11
+
12
+ #
13
+ # Initializes the service object.
14
+ #
15
+ # @param [Nokogiri::XML::Node] node
16
+ # The XML node for the `service` XML element.
17
+ #
18
+ # @api private
19
+ #
20
+ def initialize(node)
21
+ @node = node
22
+ end
23
+
24
+ #
25
+ # When bruteforcing of the service begin.
26
+ #
27
+ # @return [Time]
28
+ # The parsed value of the `starttime` attribute.
29
+ #
30
+ def start_time
31
+ @start_time ||= Time.at(@node['starttime'].to_i)
32
+ end
33
+
34
+ #
35
+ # When bruteforcing of the service stopped.
36
+ #
37
+ # @return [Time]
38
+ # The parsed value of the `endtime` attribute.
39
+ #
40
+ def end_time
41
+ @end_time ||= Time.at(@node['endtime'].to_i)
42
+ end
43
+
44
+ #
45
+ # The address information of the service.
46
+ #
47
+ # @return [Address]
48
+ # The `address` XML child element.
49
+ #
50
+ def address
51
+ @address ||= Address.new(@node.at_xpath('address'))
52
+ end
53
+
54
+ #
55
+ # The port information of the service.
56
+ #
57
+ # @return [Port]
58
+ # The `port` XML child element.
59
+ #
60
+ def port
61
+ @port ||= Port.new(@node.at_xpath('port'))
62
+ end
63
+
64
+ #
65
+ # Enumerates over every bruteforced credential.
66
+ #
67
+ # @yield [credential]
68
+ # If a block is given it will be passed each bruteforced credential.
69
+ #
70
+ # @yieldparam [Credential] credential
71
+ # A bruteforced credential.
72
+ #
73
+ # @return [Enumerator]
74
+ # If no block is given, an Enumerator will be returned.
75
+ #
76
+ def each_credentials
77
+ return enum_for(__method__) unless block_given?
78
+
79
+ @node.xpath('credentials').each do |node|
80
+ yield Credentials.new(node)
81
+ end
82
+ end
83
+
84
+ #
85
+ # The bruteforced credentials.
86
+ #
87
+ # @return [Array<Credential>]
88
+ #
89
+ def credentials
90
+ each_credentials.to_a
91
+ end
92
+
93
+ #
94
+ # The first bruteforced credential.
95
+ #
96
+ # @return [Credential, nil]
97
+ #
98
+ def credential
99
+ each_credentials.first
100
+ end
101
+
102
+ end
103
+ end
104
+ end