Class: Snackhack2::BannerGrabber

Inherits:
Object
  • Object
show all
Defined in:
lib/snackhack2/bannergrabber.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(port: 443, save_file: true) ⇒ BannerGrabber

Returns a new instance of BannerGrabber.



7
8
9
10
11
 
# File 'lib/snackhack2/bannergrabber.rb', line 7

def initialize(port: 443, save_file: true)
  @site    = site
  @port    = port
  @save_file = save_file
end

Instance Attribute Details

#portObject

Returns the value of attribute port.



5
6
7
 
# File 'lib/snackhack2/bannergrabber.rb', line 5

def port
  @port
end

#save_fileObject

Returns the value of attribute save_file.



5
6
7
 
# File 'lib/snackhack2/bannergrabber.rb', line 5

def save_file
  @save_file
end

#siteObject

Returns the value of attribute site.



5
6
7
 
# File 'lib/snackhack2/bannergrabber.rb', line 5

def site
  @site
end

Instance Method Details

#apache2Object 



48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/snackhack2/bannergrabber.rb', line 48

def apache2
  if headers['server'].match(/Apache/)
    puts "[+] Server is running Apache2... Now checking #{File.join(@site, 'server-status')}..."
    apache = Snackhack2.get(File.join(@site, 'server-status'))
    # status code 200 means the request was successful.

    if apache.code == 200
      puts "Check #{@site}/server-status"
    else
      puts "[+] Response Code: #{apache.code}...\n\n"
    end
  else
    puts "Apache2 is not found...\n\n"
  end
end

#cloudflare(print_status: true) ⇒ Object 



88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
# File 'lib/snackhack2/bannergrabber.rb', line 88

def cloudflare(print_status: true)
  # the purpose of this method is to 

  # check to see if a site has 

  # cloudflare in the headers


  cf_status = false
  cf_count  = 0

  # access the 'types' hash to get the cloudflare strings. 

  cf = types[:"cloudflare"]

  # make a single get request to the site defined at '@site'

  find_headers.each do |k,v|
    # if the key is in the array cf

    if cf.include?(k)
      cf_status = true
      cf_count += 1
    end
  end
  if print_status
    # cf_status[0] : the status if cloudflare was found

    # cf_count[1]  : the number of found elements in the 'cloudflare' hash. 

    return [cf_status, cf_count]
  else
    if cf_status
      puts "Cloudflare was found. The count is: #{cf_count}"
    else
      puts "Cloudflare was NOT found. The count is #{cf_count}"
    end
  end
end

#curlObject 



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/snackhack2/bannergrabber.rb', line 32

def curl
  servers = ''
  # rus the curl command to get the headers of the given site. 

  cmd = `curl -s -I #{@site.gsub('https://', '')}`
  # extracts the server header from the curl results

  version = cmd.split('Server: ')[1].split("\n")[0].strip
  if @save_file
    servers += version.to_s
  else
    puts "Banner: #{cmd.split('Server: ')[1].split("\n")[0]}"
  end

  # saves the results if '@save_file' is set to true.

  Snackhack2.file_save(@site, 'serverversion', servers) if @save_file
end

#detect_header(return_status: true) ⇒ Object 



119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
 
# File 'lib/snackhack2/bannergrabber.rb', line 119

def detect_header(return_status: true)
  # stores the data found in 

  # the headers.

  data = {}
  # loops through the hash stored in the 'types' method.

  # the t_k is the KEY of the hash

  # the t_v is the VALUE of the hash.

  types.each do |t_k, t_v|
    # make a single get request to the site 

    # to get the headers.

    find_headers.each do |fh_k, fh_v|
      # Get the keys from the 'types' method

      # which is basicly a hash

      type_key = t_k
      # uses the key of the 'types' hash 

      # to see if includes the string found in 'fh_k'

      if types[type_key].include?(fh_k)
        if data.has_key?(type_key)
          data[type_key] <<  fh_k
        else
          data[type_key] = [fh_k]
        end
      end
    end
  end
  if return_status
    return data
  else
    data.each do |k,v|
      puts "K:#{k}"
      puts "V: #{v}"
    end
  end
end

#get_tcp_info(ports: "") ⇒ Object 



80
81
82
83
84
85
86
87
 
# File 'lib/snackhack2/bannergrabber.rb', line 80

def get_tcp_info(ports: "")
  ports = 22 if ports.empty?
  begin
    TCPSocket.new(@site, ports).recv(1024)
  rescue => e
    puts "ERROR OCCURRED"
  end
end

#headersObject 



19
20
21
 
# File 'lib/snackhack2/bannergrabber.rb', line 19

def headers
  @headers = Snackhack2.get(@site).headers
end

#nginxObject 



22
23
24
25
26
27
28
29
30
 
# File 'lib/snackhack2/bannergrabber.rb', line 22

def nginx
  puts "[+] Server is running NGINX... Now checking if #{File.join(@site, 'nginx_status')} is valid..."
  nginx = Snackhack2.get(File.join(@site, 'nginx_status'))
  if nginx.code == 200
    puts "Check #{@site}/nginx_status"
  else
    puts "Response code: #{nginx.code}"
  end
end

#runObject 



13
14
15
16
17
18
 
# File 'lib/snackhack2/bannergrabber.rb', line 13

def run
  nginx
  apache2
  wordpress
  get_ssh_info
end

#serverObject 



153
154
155
 
# File 'lib/snackhack2/bannergrabber.rb', line 153

def server
  @headers['server']
end

#typesObject 



69
70
71
72
73
74
 
# File 'lib/snackhack2/bannergrabber.rb', line 69

def types
  {
    "cloudflare": [ "cf-cache-status", "cf-ray", "cloudflare"],
    "aws CloudFront": [ "X-Amz-Cf-Pop", "X-Amz-Cf-Id", "CloudFront", "x-amz-cf-pop", "x-amz-cf-id", "cloudfront.net"] 
  }
end

#wordpressObject 



63
64
65
66
67
68
 
# File 'lib/snackhack2/bannergrabber.rb', line 63

def wordpress
  wp = Snackhack2.get(@site).body
  return unless wp.match(/wp-content/)

  puts "[+] Wordpress found [+]\n\n\n"
end