violent_ruby 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +12 -0
- data/lib/violent_ruby/banner_grabber/README.md +66 -0
- data/lib/violent_ruby/banner_grabber/banner_grabber.rb +150 -0
- data/lib/violent_ruby/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 36df46fac3b5e765196fd4c99a078c58205bec12
|
4
|
+
data.tar.gz: a74b82b5fa060d884c57eb4597ab8ee2cd53bbf2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0cc15bf5760f8c1ad417b4fe3c8a5a622042fb34c887d522eff189484cbd6f0c2d0f08fcece08c19f6098c1bec2ff70ee46b4a82dce4fd2ea398e06c7c8a6e2a
|
7
|
+
data.tar.gz: 951d7386d81bb0829220d2694dd64bbcfce3fd61ff5fdb03fb9b4fb771cb8dbefa1c94b9854c365772b50faab5af5974974a1c4f5d200f2d8edd57323b568de9
|
data/README.md
CHANGED
@@ -16,6 +16,18 @@ Violent Ruby is a collection of tools for Hackers, Forensic Analysts, Penetratio
|
|
16
16
|
require 'violent_ruby'
|
17
17
|
```
|
18
18
|
|
19
|
+
### Banner Grabber
|
20
|
+
|
21
|
+
The banner grabber provides a simple interface to do a banner grab.
|
22
|
+
|
23
|
+
```ruby
|
24
|
+
require 'violent_ruby'
|
25
|
+
banner_grabber = ViolentRuby::BannerGrabber.new(ip: 'localhost', port: 2222)
|
26
|
+
banner_grabber.grab do |result|
|
27
|
+
# do something with result
|
28
|
+
end
|
29
|
+
```
|
30
|
+
|
19
31
|
### Vulnerability Scanner
|
20
32
|
|
21
33
|
The vulnerability scanner is a banner grabber that can check banners on ports and check if they're known to be vulnerable. However, you will need to provide the list of known vulnerable banners yourself.
|
@@ -0,0 +1,66 @@
|
|
1
|
+
# Vulnerability Scanner
|
2
|
+
|
3
|
+
The vulnerability scanner class provides a simple way to check if service banners match a list of known vulnerabilities.
|
4
|
+
|
5
|
+
## Initialization
|
6
|
+
|
7
|
+
The Vulnerability Scanner scanner class can be setup in a few flexible ways.
|
8
|
+
|
9
|
+
### Basic Setup
|
10
|
+
|
11
|
+
Provide no targets, ip addresses or ports.
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
require 'violent_ruby'
|
15
|
+
banner_grabber = ViolentRuby::BannerGrabber.new
|
16
|
+
```
|
17
|
+
|
18
|
+
### Provide Some IP Addresses with Setup
|
19
|
+
|
20
|
+
```ruby
|
21
|
+
require 'violent_ruby'
|
22
|
+
banner_grabber = ViolentRuby::BannerGrabber.new(ips: ['10.0.0.2', '10.0.0.3'])
|
23
|
+
```
|
24
|
+
|
25
|
+
```ruby
|
26
|
+
require 'violent_ruby'
|
27
|
+
banner_grabber = ViolentRuby::BannerGrabber.new(ip: '10.0.0.2')
|
28
|
+
```
|
29
|
+
|
30
|
+
```ruby
|
31
|
+
require 'violent_ruby'
|
32
|
+
banner_grabber = ViolentRuby::BannerGrabber.new
|
33
|
+
banner_graber.ips = ['10.0.0.2', '10.0.0.3']
|
34
|
+
```
|
35
|
+
|
36
|
+
### Provide Some Ports with Setup
|
37
|
+
|
38
|
+
```ruby
|
39
|
+
require 'violent_ruby'
|
40
|
+
banner_grabber = ViolentRuby::BannerGrabber.new(ports: [22, 2222])
|
41
|
+
```
|
42
|
+
|
43
|
+
```ruby
|
44
|
+
require 'violent_ruby'
|
45
|
+
banner_grabber = ViolentRuby::BannerGrabber.new(port: 2222)
|
46
|
+
```
|
47
|
+
|
48
|
+
```ruby
|
49
|
+
require 'violent_ruby'
|
50
|
+
banner_grabber = ViolentRuby::BannerGrabber.new
|
51
|
+
banner_grabber.ports = [22, 2222]
|
52
|
+
```
|
53
|
+
|
54
|
+
## Banner Grabbing
|
55
|
+
|
56
|
+
```ruby
|
57
|
+
require 'violent_ruby'
|
58
|
+
banner_grabber = ViolentRuby::BannerGrabber.new(ip: 'localhost', port: 2222)
|
59
|
+
banner_grabber.grab do |result|
|
60
|
+
# do something with result
|
61
|
+
ip_address = result[:ip]
|
62
|
+
port = result[:port]
|
63
|
+
banner = result[:banner]
|
64
|
+
puts "#{ip}:#{port} --> #{banner}" if result[:open] and result[:banner]
|
65
|
+
end
|
66
|
+
```
|
@@ -0,0 +1,150 @@
|
|
1
|
+
require 'socket'
|
2
|
+
|
3
|
+
module ViolentRuby
|
4
|
+
# This Banner Grabber class is meant to provide a simple
|
5
|
+
# interface to, well... grab banners from services running
|
6
|
+
# on a target to determine the potential attack vectors
|
7
|
+
# avaialable to you.
|
8
|
+
# @author Kent 'picat' Gruber
|
9
|
+
#
|
10
|
+
# @example Basic Usage
|
11
|
+
# BannerGrabber.new(ip: 'localhost', port: 22).grab do |result|
|
12
|
+
# puts result
|
13
|
+
# # => {:ip=>"localhost", :port=>22, :open=>false}
|
14
|
+
# end
|
15
|
+
#
|
16
|
+
# @example Basic Usage with HTTP Connection
|
17
|
+
# BannerGrabber.new(ip: '0.0.0.0', port: 4567 http: true).grab do |result|
|
18
|
+
# puts result
|
19
|
+
# # => => {:ip=>"0.0.0.0", :port=>4567, :open=>true, :banner=>""}
|
20
|
+
# end
|
21
|
+
#
|
22
|
+
# @example Advanced Usage
|
23
|
+
# banner_grabber = BannerGrabber.new
|
24
|
+
# banner_grabber.ips = ['192.168.0.2', '192.168.0.3']
|
25
|
+
# banner_grabber.ports = [22, 2222]
|
26
|
+
# banner_grabber.grab do |result|
|
27
|
+
# puts result
|
28
|
+
# # => {:ip=>"192.168.0.2", :port=>22, :open=>true, :banner=>"SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3\r\n"}
|
29
|
+
# end
|
30
|
+
#
|
31
|
+
class BannerGrabber
|
32
|
+
# @attr ips [Arrray<String>, nil] Target IP Addresses.
|
33
|
+
attr_accessor :ips
|
34
|
+
# @attr ports [Arrray<Integer>, nil] Target ports.
|
35
|
+
attr_accessor :ports
|
36
|
+
|
37
|
+
# Create a new Banner Grabber. If a block if given,
|
38
|
+
# @param args [Hash]
|
39
|
+
# @option args [String] :ip IP address to connect to.
|
40
|
+
# @option args [Array<String>] :ips An array of IP address to connect to.
|
41
|
+
# @option args [Integer] :port Port to connect to.
|
42
|
+
# @option args [Array<Integer>] :ports An array of ports to connect to.
|
43
|
+
# @see use_ips
|
44
|
+
# @see use_ports
|
45
|
+
# @return [void]
|
46
|
+
# @yield [Hash]
|
47
|
+
def initialize(args = {})
|
48
|
+
@ips = use_ips(args) if args[:ips] || args[:ip]
|
49
|
+
@ports = use_ports(args) if args[:ports] || args[:port]
|
50
|
+
end
|
51
|
+
|
52
|
+
# Attempt to grab the banner. Optionally, an HTTP option
|
53
|
+
# can help simulate HTTP GET requests to a webserver.
|
54
|
+
# @param args [Hash]
|
55
|
+
# @option args [Boolean] :http Perform an HTTP GET request.
|
56
|
+
# @see use_ips
|
57
|
+
# @see use_ports
|
58
|
+
# @yield [Hash]
|
59
|
+
def grab(args = {})
|
60
|
+
ips = use_ips(args)
|
61
|
+
ports = use_ports(args)
|
62
|
+
ips.each do |ip|
|
63
|
+
ports.each do |port|
|
64
|
+
if socket = connect(ip, port)
|
65
|
+
if args[:http]
|
66
|
+
socket.puts("GET / HTTP/1.1\r\nHost:3.1.3.3.7\r\n\r\n")
|
67
|
+
end
|
68
|
+
unless banner = socket.recv(1024)
|
69
|
+
banner = false
|
70
|
+
end
|
71
|
+
end
|
72
|
+
if socket
|
73
|
+
yield format_result(ip, port, true, banner)
|
74
|
+
socket.close
|
75
|
+
else
|
76
|
+
yield format_result(ip, port, false)
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
# Because sometimes you need to say it with more emphasis!
|
83
|
+
alias grab! grab
|
84
|
+
|
85
|
+
# Connect to a given IP address and port.
|
86
|
+
# @param ip [String]
|
87
|
+
# @param port [Integer]
|
88
|
+
# @return [TCPSocket, false]
|
89
|
+
def connect(ip, port)
|
90
|
+
TCPSocket.new(ip, port)
|
91
|
+
rescue
|
92
|
+
false
|
93
|
+
end
|
94
|
+
|
95
|
+
private
|
96
|
+
|
97
|
+
# @api private
|
98
|
+
# Format the result for a banner grab.
|
99
|
+
# @param ip [String] IP address associated with the result.
|
100
|
+
# @param port [Integer] Port associated with the result.
|
101
|
+
# @param open [Boolean] If the port/connection was open to connect to.
|
102
|
+
# @param banner [String, Boolean] If a banner was able to be retrieved.
|
103
|
+
# @see grab
|
104
|
+
# @return [Hash]
|
105
|
+
def format_result(ip, port, open = false, banner = false)
|
106
|
+
result = { ip: ip, port: port }
|
107
|
+
result[:open] = open
|
108
|
+
result[:banner] = banner if banner
|
109
|
+
result
|
110
|
+
end
|
111
|
+
|
112
|
+
# @api private
|
113
|
+
# Determine what IP address(es) to use from a given arguments hash.
|
114
|
+
# @param args [Hash]
|
115
|
+
# @option args [String] :ip IP address to connect to.
|
116
|
+
# @option args [Array<String>] :ips An array of IP address to connect to.
|
117
|
+
# @return [Array<String>]
|
118
|
+
# @raise [StandardError] If no IP address(es) can be determined.
|
119
|
+
def use_ips(args)
|
120
|
+
if args[:ips]
|
121
|
+
args[:ips]
|
122
|
+
elsif args[:ip]
|
123
|
+
[args[:ip]]
|
124
|
+
elsif @ips
|
125
|
+
@ips
|
126
|
+
else
|
127
|
+
raise 'No IP address(es) given!'
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
# @api private
|
132
|
+
# Determine what port(s) to use from a given arguments hash.
|
133
|
+
# @param args [Hash]
|
134
|
+
# @option args [Integer] :port Port to connect to.
|
135
|
+
# @option args [Array<Integer>] :ports An array of ports to connect to.
|
136
|
+
# @return [Array<Integer>]
|
137
|
+
# @raise [StandardError] If no ports(s) can be determined.
|
138
|
+
def use_ports(args)
|
139
|
+
if args[:ports]
|
140
|
+
args[:ports]
|
141
|
+
elsif args[:port]
|
142
|
+
[args[:port]]
|
143
|
+
elsif @ports
|
144
|
+
@ports
|
145
|
+
else
|
146
|
+
raise 'No port(s) given!'
|
147
|
+
end
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
data/lib/violent_ruby/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: violent_ruby
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Kent Gruber
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-04-
|
11
|
+
date: 2017-04-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: net-ssh
|
@@ -99,6 +99,8 @@ files:
|
|
99
99
|
- Rakefile
|
100
100
|
- bin/python_sucks
|
101
101
|
- lib/violent_ruby.rb
|
102
|
+
- lib/violent_ruby/banner_grabber/README.md
|
103
|
+
- lib/violent_ruby/banner_grabber/banner_grabber.rb
|
102
104
|
- lib/violent_ruby/ftp_brute_forcer/README.md
|
103
105
|
- lib/violent_ruby/ftp_brute_forcer/Vagrantfile
|
104
106
|
- lib/violent_ruby/ftp_brute_forcer/ftp_brute_forcer.rb
|