violent_ruby 1.0.2 → 1.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +12 -0
  3. data/lib/violent_ruby/banner_grabber/README.md +66 -0
  4. data/lib/violent_ruby/banner_grabber/banner_grabber.rb +150 -0
  5. data/lib/violent_ruby/version.rb +1 -1
  6. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 78327ef750cd644b89bd5d50896b26c2ca5dd0b2
4
- data.tar.gz: '023914456dbb398ff1e69d7396d7449607ffc4e5'
3
+ metadata.gz: 36df46fac3b5e765196fd4c99a078c58205bec12
4
+ data.tar.gz: a74b82b5fa060d884c57eb4597ab8ee2cd53bbf2
5
5
  SHA512:
6
- metadata.gz: afeb2b8210ab525feb7aac6fb3aeb551d3658199269254844152dc9602fd768b87a24ac3ddb1f86e368a3f09040562b58e38092d1c1df46c70225c4d9bae7aae
7
- data.tar.gz: 06cf309dabfd9830956c243e59251ab5e63171e58b4efb3c7d8da88efbebb54a1f75d3aad88648051a2550a6426bd7ead4abb5d4592fa6411414c2e7f06e7587
6
+ metadata.gz: 0cc15bf5760f8c1ad417b4fe3c8a5a622042fb34c887d522eff189484cbd6f0c2d0f08fcece08c19f6098c1bec2ff70ee46b4a82dce4fd2ea398e06c7c8a6e2a
7
+ data.tar.gz: 951d7386d81bb0829220d2694dd64bbcfce3fd61ff5fdb03fb9b4fb771cb8dbefa1c94b9854c365772b50faab5af5974974a1c4f5d200f2d8edd57323b568de9
data/README.md CHANGED
@@ -16,6 +16,18 @@ Violent Ruby is a collection of tools for Hackers, Forensic Analysts, Penetratio
16
16
  require 'violent_ruby'
17
17
  ```
18
18
 
19
+ ### Banner Grabber
20
+
21
+ The banner grabber provides a simple interface to do a banner grab.
22
+
23
+ ```ruby
24
+ require 'violent_ruby'
25
+ banner_grabber = ViolentRuby::BannerGrabber.new(ip: 'localhost', port: 2222)
26
+ banner_grabber.grab do |result|
27
+ # do something with result
28
+ end
29
+ ```
30
+
19
31
  ### Vulnerability Scanner
20
32
 
21
33
  The vulnerability scanner is a banner grabber that can check banners on ports and check if they're known to be vulnerable. However, you will need to provide the list of known vulnerable banners yourself.
data/lib/violent_ruby/banner_grabber/README.md ADDED
@@ -0,0 +1,66 @@
1
+ # Vulnerability Scanner
2
+
3
+ The vulnerability scanner class provides a simple way to check if service banners match a list of known vulnerabilities.
4
+
5
+ ## Initialization
6
+
7
+ The Vulnerability Scanner scanner class can be setup in a few flexible ways.
8
+
9
+ ### Basic Setup
10
+
11
+ Provide no targets, ip addresses or ports.
12
+
13
+ ```ruby
14
+ require 'violent_ruby'
15
+ banner_grabber = ViolentRuby::BannerGrabber.new
16
+ ```
17
+
18
+ ### Provide Some IP Addresses with Setup
19
+
20
+ ```ruby
21
+ require 'violent_ruby'
22
+ banner_grabber = ViolentRuby::BannerGrabber.new(ips: ['10.0.0.2', '10.0.0.3'])
23
+ ```
24
+
25
+ ```ruby
26
+ require 'violent_ruby'
27
+ banner_grabber = ViolentRuby::BannerGrabber.new(ip: '10.0.0.2')
28
+ ```
29
+
30
+ ```ruby
31
+ require 'violent_ruby'
32
+ banner_grabber = ViolentRuby::BannerGrabber.new
33
+ banner_graber.ips = ['10.0.0.2', '10.0.0.3']
34
+ ```
35
+
36
+ ### Provide Some Ports with Setup
37
+
38
+ ```ruby
39
+ require 'violent_ruby'
40
+ banner_grabber = ViolentRuby::BannerGrabber.new(ports: [22, 2222])
41
+ ```
42
+
43
+ ```ruby
44
+ require 'violent_ruby'
45
+ banner_grabber = ViolentRuby::BannerGrabber.new(port: 2222)
46
+ ```
47
+
48
+ ```ruby
49
+ require 'violent_ruby'
50
+ banner_grabber = ViolentRuby::BannerGrabber.new
51
+ banner_grabber.ports = [22, 2222]
52
+ ```
53
+
54
+ ## Banner Grabbing
55
+
56
+ ```ruby
57
+ require 'violent_ruby'
58
+ banner_grabber = ViolentRuby::BannerGrabber.new(ip: 'localhost', port: 2222)
59
+ banner_grabber.grab do |result|
60
+ # do something with result
61
+ ip_address = result[:ip]
62
+ port = result[:port]
63
+ banner = result[:banner]
64
+ puts "#{ip}:#{port} --> #{banner}" if result[:open] and result[:banner]
65
+ end
66
+ ```
data/lib/violent_ruby/banner_grabber/banner_grabber.rb ADDED
@@ -0,0 +1,150 @@
1
+ require 'socket'
2
+
3
+ module ViolentRuby
4
+ # This Banner Grabber class is meant to provide a simple
5
+ # interface to, well... grab banners from services running
6
+ # on a target to determine the potential attack vectors
7
+ # avaialable to you.
8
+ # @author Kent 'picat' Gruber
9
+ #
10
+ # @example Basic Usage
11
+ # BannerGrabber.new(ip: 'localhost', port: 22).grab do |result|
12
+ # puts result
13
+ # # => {:ip=>"localhost", :port=>22, :open=>false}
14
+ # end
15
+ #
16
+ # @example Basic Usage with HTTP Connection
17
+ # BannerGrabber.new(ip: '0.0.0.0', port: 4567 http: true).grab do |result|
18
+ # puts result
19
+ # # => => {:ip=>"0.0.0.0", :port=>4567, :open=>true, :banner=>""}
20
+ # end
21
+ #
22
+ # @example Advanced Usage
23
+ # banner_grabber = BannerGrabber.new
24
+ # banner_grabber.ips = ['192.168.0.2', '192.168.0.3']
25
+ # banner_grabber.ports = [22, 2222]
26
+ # banner_grabber.grab do |result|
27
+ # puts result
28
+ # # => {:ip=>"192.168.0.2", :port=>22, :open=>true, :banner=>"SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3\r\n"}
29
+ # end
30
+ #
31
+ class BannerGrabber
32
+ # @attr ips [Arrray<String>, nil] Target IP Addresses.
33
+ attr_accessor :ips
34
+ # @attr ports [Arrray<Integer>, nil] Target ports.
35
+ attr_accessor :ports
36
+
37
+ # Create a new Banner Grabber. If a block if given,
38
+ # @param args [Hash]
39
+ # @option args [String] :ip IP address to connect to.
40
+ # @option args [Array<String>] :ips An array of IP address to connect to.
41
+ # @option args [Integer] :port Port to connect to.
42
+ # @option args [Array<Integer>] :ports An array of ports to connect to.
43
+ # @see use_ips
44
+ # @see use_ports
45
+ # @return [void]
46
+ # @yield [Hash]
47
+ def initialize(args = {})
48
+ @ips = use_ips(args) if args[:ips] || args[:ip]
49
+ @ports = use_ports(args) if args[:ports] || args[:port]
50
+ end
51
+
52
+ # Attempt to grab the banner. Optionally, an HTTP option
53
+ # can help simulate HTTP GET requests to a webserver.
54
+ # @param args [Hash]
55
+ # @option args [Boolean] :http Perform an HTTP GET request.
56
+ # @see use_ips
57
+ # @see use_ports
58
+ # @yield [Hash]
59
+ def grab(args = {})
60
+ ips = use_ips(args)
61
+ ports = use_ports(args)
62
+ ips.each do |ip|
63
+ ports.each do |port|
64
+ if socket = connect(ip, port)
65
+ if args[:http]
66
+ socket.puts("GET / HTTP/1.1\r\nHost:3.1.3.3.7\r\n\r\n")
67
+ end
68
+ unless banner = socket.recv(1024)
69
+ banner = false
70
+ end
71
+ end
72
+ if socket
73
+ yield format_result(ip, port, true, banner)
74
+ socket.close
75
+ else
76
+ yield format_result(ip, port, false)
77
+ end
78
+ end
79
+ end
80
+ end
81
+
82
+ # Because sometimes you need to say it with more emphasis!
83
+ alias grab! grab
84
+
85
+ # Connect to a given IP address and port.
86
+ # @param ip [String]
87
+ # @param port [Integer]
88
+ # @return [TCPSocket, false]
89
+ def connect(ip, port)
90
+ TCPSocket.new(ip, port)
91
+ rescue
92
+ false
93
+ end
94
+
95
+ private
96
+
97
+ # @api private
98
+ # Format the result for a banner grab.
99
+ # @param ip [String] IP address associated with the result.
100
+ # @param port [Integer] Port associated with the result.
101
+ # @param open [Boolean] If the port/connection was open to connect to.
102
+ # @param banner [String, Boolean] If a banner was able to be retrieved.
103
+ # @see grab
104
+ # @return [Hash]
105
+ def format_result(ip, port, open = false, banner = false)
106
+ result = { ip: ip, port: port }
107
+ result[:open] = open
108
+ result[:banner] = banner if banner
109
+ result
110
+ end
111
+
112
+ # @api private
113
+ # Determine what IP address(es) to use from a given arguments hash.
114
+ # @param args [Hash]
115
+ # @option args [String] :ip IP address to connect to.
116
+ # @option args [Array<String>] :ips An array of IP address to connect to.
117
+ # @return [Array<String>]
118
+ # @raise [StandardError] If no IP address(es) can be determined.
119
+ def use_ips(args)
120
+ if args[:ips]
121
+ args[:ips]
122
+ elsif args[:ip]
123
+ [args[:ip]]
124
+ elsif @ips
125
+ @ips
126
+ else
127
+ raise 'No IP address(es) given!'
128
+ end
129
+ end
130
+
131
+ # @api private
132
+ # Determine what port(s) to use from a given arguments hash.
133
+ # @param args [Hash]
134
+ # @option args [Integer] :port Port to connect to.
135
+ # @option args [Array<Integer>] :ports An array of ports to connect to.
136
+ # @return [Array<Integer>]
137
+ # @raise [StandardError] If no ports(s) can be determined.
138
+ def use_ports(args)
139
+ if args[:ports]
140
+ args[:ports]
141
+ elsif args[:port]
142
+ [args[:port]]
143
+ elsif @ports
144
+ @ports
145
+ else
146
+ raise 'No port(s) given!'
147
+ end
148
+ end
149
+ end
150
+ end
data/lib/violent_ruby/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ViolentRuby
2
- VERSION = "1.0.2"
2
+ VERSION = "1.0.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: violent_ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kent Gruber
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-04-08 00:00:00.000000000 Z
11
+ date: 2017-04-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: net-ssh
@@ -99,6 +99,8 @@ files:
99
99
  - Rakefile
100
100
  - bin/python_sucks
101
101
  - lib/violent_ruby.rb
102
+ - lib/violent_ruby/banner_grabber/README.md
103
+ - lib/violent_ruby/banner_grabber/banner_grabber.rb
102
104
  - lib/violent_ruby/ftp_brute_forcer/README.md
103
105
  - lib/violent_ruby/ftp_brute_forcer/Vagrantfile
104
106
  - lib/violent_ruby/ftp_brute_forcer/ftp_brute_forcer.rb