Module: Wmap

Defined in:

lib/wmap/utils/utils.rb,
lib/wmap.rb,
lib/wmap/utils/logger.rb,
lib/wmap/utils/url_magic.rb,
lib/wmap/utils/domain_root.rb,
lib/wmap/url_crawler/adware_tag.rb,
lib/wmap/domain_tracker/sub_domain.rb,
lib/wmap/host_tracker/primary_host.rb,
lib/wmap/site_tracker/deactivated_site.rb

Overview

Class to trace de-activated site. This is need for basic state tracking for our sites.

Defined Under Namespace

Modules: Utils Classes: CidrTracker, DnsBruter, DomainTracker, GeoIPTracker, GoogleSearchScraper, HostTracker, NetworkProfiler, PortScanner, SiteTracker, UrlChecker, UrlCrawler, Whois, WpTracker

Constant Summary

NAME =

"Wmap"

GEM =

"wmap"

VERSION =

File.dirname(__FILE__) + "/../version.txt"

Class Attribute Summary

• .known_internet_domains ⇒ Object

  Returns the value of attribute known_internet_domains.

• .verbose ⇒ Object writeonly

  Sets the attribute verbose.

Class Method Summary

• .banner ⇒ Object

  Project banner in ASCII Art ‘soft’ format, courtesy to patorjk.com/software/taag/.

• .check(url) ⇒ Object

  URL checker - check the status of the remote URL.

• .crawl(url) ⇒ Object

  Crawler to search url contents for new sites.

• .data_dir(data_path) ⇒ Object
• .dns_brute(domain) ⇒ Object

  DNS Brute Forcer.

• .domain_known?(domain) ⇒ Boolean

  Domain Tracking - check with the trust domain seed file locally, to determine if it’s a new internet domain NOT to confuse with the Internet ‘whois’ lookup.

• .domain_root(host) ⇒ Object

  Retrieve root domain from a host.

• .dump(file) ⇒ Object

  Dump out the unique sites into a plain file.

• .dump_xml(file) ⇒ Object

  Dump out the unique sites into a XML file.

• .geoip(host) ⇒ Object

  GeoIP Tracking - check the host / IP against the GeoIP data repository, return the Geographic information if found.

• .google ⇒ Object

  Search the Google engines and sort out sites known by Google.

• .host_known?(host) ⇒ Boolean

  Host Tracking - check local hosts file to see if this is a hostname known from the host seed file NOT to confuse with a regular DNS lookup over the internet.

• .ip_known?(ip) ⇒ Boolean

  IP Tracking - check local hosts file to see if this is an IP known from the seed file NOT to confuse with a regular reverse DNS lookup over the internet.

• .ip_trusted?(ip) ⇒ Boolean

  Check if the IP is within the range of the known CIDR blocks.

• .mutation(host) ⇒ Object

  Host-name mutation for catch easily guessable hostname, i.e.

• .print(site) ⇒ Object

  Print a site’s full information from the repository.

• .print_all ⇒ Object

  Print a site’s full information from the repository.

• .read_ver ⇒ Object

  Simple parser for the project version file.

• .refresh(site) ⇒ Object

  Refresh the site information in the local data repository.

• .refresh_all ⇒ Object

  Refresh the site information in the local data repository.

• .response_code(url) ⇒ Object

  Check URL/Site response code.

• .scan(host) ⇒ Object

  Fast tcp port scanner on a single host or IP.

• .scans(target_list) ⇒ Object

  Fast multi-processes tcp port scanner on a list of targets.

• .search(pattern) ⇒ Object

  Search the site repository for all entries that match the pattern.

• .sub_domain_known?(host) ⇒ Boolean

  Sub-domain tracking - check local hosts file to see if the sub-domain is already known.

• .track(host) ⇒ Object

  CIDR Tracking - check the host against the local CIDR seed file, return the CIDR tracking path if found.

• .whois(domain) ⇒ Object

  whois query and sort the result into structured data.

• .wlog(msg, agent, log_file) ⇒ Object

  Log the information into file.

• .wmap(seed) ⇒ Object

  Explorer to discover and inventory web application / service automatically.

Class Attribute Details

.known_internet_domains ⇒ Object

Returns the value of attribute known_internet_domains.

# File 'lib/wmap.rb', line 37

def known_internet_domains
  @known_internet_domains
end

.verbose=(value) ⇒ Object (writeonly)

Sets the attribute verbose

Parameters:

• value —

  the value to set the attribute verbose to.

# File 'lib/wmap.rb', line 38

def verbose=(value)
  @verbose = value
end

Class Method Details

.banner ⇒ Object

Project banner in ASCII Art ‘soft’ format, courtesy to patorjk.com/software/taag/

# File 'lib/wmap.rb', line 59

def banner
	ver=read_ver
	art=",--.   ,--.       ,--.       ,--.   ,--.
|  |   |  | ,---. |  |-.     |   `.'   | ,--,--. ,---.  ,---.  ,---. ,--.--.
|  |.'.|  || .-. :| .-. '    |  |'.'|  |' ,-.  || .-. || .-. || .-. :|  .--'
|   ,'.   |\   --.| `-' |    |  |   |  |\ '-'  || '-' '| '-' '\   --.|  |
'--'   '--' `----' `---'     `--'   `--' `--`--'|  |-' |  |-'  `----'`--'
                                               `--'   `--'                  "
	string = "-"*80 + "\n" + art + "\n" + "Version: " + ver["version"] + "\tRelease Date: " + ver["date"] + "\nDesigned and developed by: " + ver["author"] + "\nEmail: " + ver["email"] + "\tLinkedIn: " + ver["linkedin"] + "\n" + "-"*80
end

.check(url) ⇒ Object

URL checker - check the status of the remote URL

# File 'lib/wmap.rb', line 121

def check(url)
	checker=Wmap::UrlChecker.new(:verbose=>false)
	checker.url_worker(url)
end

.crawl(url) ⇒ Object

Crawler to search url contents for new sites

# File 'lib/wmap.rb', line 85

def crawl(url)
	crawler=Wmap::UrlCrawler.new
	crawler.crawl(url)
end

.data_dir(data_path) ⇒ Object

# File 'lib/wmap.rb', line 70

def data_dir(data_path)
  @data_dir=data_path.to_s
end

.dns_brute(domain) ⇒ Object

DNS Brute Forcer

# File 'lib/wmap.rb', line 185

def dns_brute(domain)
	bruter=Wmap::DnsBruter.new
	bruter.query(domain)
end

.domain_known?(domain) ⇒ Boolean

Domain Tracking - check with the trust domain seed file locally, to determine if it’s a new internet domain NOT to confuse with the Internet ‘whois’ lookup

Returns:

• (Boolean)

# File 'lib/wmap.rb', line 139

def domain_known?(domain)
	tracker=Wmap::DomainTracker.instance
   if @data_dir
     tracker.data_dir=@data_dir
     tracker.domains_file=tracker.data_dir + "/" + "domains"
     tracker.load_domains_from_file(tracker.domains_file)
   end
	tracker.domain_known?(domain)
end

.domain_root(host) ⇒ Object

Retrieve root domain from a host

# File 'lib/wmap.rb', line 191

def domain_root(host)
	Wmap::Utils.get_domain_root(host)
end

.dump(file) ⇒ Object

Dump out the unique sites into a plain file

# File 'lib/wmap.rb', line 223

def dump(file)
		store=Wmap::SiteTracker.instance
     if @data_dir
       store.data_dir = @data_dir
       store.sites_file = searcher.data_dir + "/" + "sites"
       store.load_site_stores_from_file(searcher.sites_file)
     end
		store.save_uniq_sites(file)
end

.dump_xml(file) ⇒ Object

Dump out the unique sites into a XML file

# File 'lib/wmap.rb', line 234

def dump_xml(file)
		store=Wmap::SiteTracker.instance
     if @data_dir
       store.data_dir = @data_dir
       store.sites_file = searcher.data_dir + "/" + "sites"
       store.load_site_stores_from_file(searcher.sites_file)
     end
     store.save_uniq_sites_xml(file)
end

.geoip(host) ⇒ Object

GeoIP Tracking - check the host / IP against the GeoIP data repository, return the Geographic information if found

# File 'lib/wmap.rb', line 115

def geoip(host)
	tracker=Wmap::GeoIPTracker.new
	tracker.query(host)
end

.google ⇒ Object

Search the Google engines and sort out sites known by Google

# File 'lib/wmap.rb', line 269

def google
	sites=Wmap::GoogleSearchScraper.new.workers.keys
end

.host_known?(host) ⇒ Boolean

Host Tracking - check local hosts file to see if this is a hostname known from the host seed file NOT to confuse with a regular DNS lookup over the internet

Returns:

• (Boolean)

# File 'lib/wmap.rb', line 151

def host_known?(host)
	tracker=Wmap::HostTracker.instance
   if @data_dir
     tracker.data_dir = data_dir
     tracker.hosts_file = tracker.data_dir + "/" + "hosts"
     tracker.load_known_hosts_from_file(tracker.hosts_file)
   end
   tracker.host_known?(host)
end

.ip_known?(ip) ⇒ Boolean

IP Tracking - check local hosts file to see if this is an IP known from the seed file NOT to confuse with a regular reverse DNS lookup over the internet

Returns:

• (Boolean)

# File 'lib/wmap.rb', line 174

def ip_known?(ip)
	tracker=Wmap::HostTracker.instance
   if @data_dir
     tracker.data_dir = data_dir
     tracker.hosts_file = tracker.data_dir + "/" + "hosts"
     tracker.load_known_hosts_from_file(tracker.hosts_file)
   end
   tracker.ip_known?(ip)
end

.ip_trusted?(ip) ⇒ Boolean

Check if the IP is within the range of the known CIDR blocks

Returns:

• (Boolean)

# File 'lib/wmap.rb', line 127

def ip_trusted?(ip)
	tracker=Wmap::CidrTracker.new
   if @data_dir
     tracker.data_dir=@data_dir
     tracker.cidr_seeds=tracker.data_dir + "/" + "cidrs"
     tracker.load_cidr_blks_from_file(tracker.cidr_seeds)
   end
	tracker.ip_trusted?(ip)
end

.mutation(host) ⇒ Object

Host-name mutation for catch easily guessable hostname, i.e. “ww1.example.com” => [“ww1,example.com”,“ww2.example.com”,…]

# File 'lib/wmap.rb', line 201

def mutation (host)
	Wmap::DnsBruter.new.hostname_mutation(host)
end

.print(site) ⇒ Object

Print a site’s full information from the repository

# File 'lib/wmap.rb', line 274

def print(site)
	searcher=Wmap::SiteTracker.instance
	searcher.print_site(site)
end

.print_all ⇒ Object

Print a site’s full information from the repository

# File 'lib/wmap.rb', line 280

def print_all
	searcher=Wmap::SiteTracker.instance
   if @data_dir
     searcher.data_dir = @data_dir
     searcher.sites_file = searcher.data_dir + "/" + "sites"
     searcher.load_site_stores_from_file(searcher.sites_file)
   end
   searcher.print_all_sites
end

.read_ver ⇒ Object

Simple parser for the project version file

# File 'lib/wmap.rb', line 41

def read_ver
	ver=Hash.new
	f=File.open(VERSION,'r')
	f.each do |line|
		line.chomp!
		case line
		when /^(\s)*#/
			next
		when /\=/
			entry=line.split("=").map! {|x| x.strip}
			ver[entry[0]]=entry[1]
		end
	end
	f.close
	return ver
end

.refresh(site) ⇒ Object

Refresh the site information in the local data repository

# File 'lib/wmap.rb', line 245

def refresh(site)
		store=Wmap::SiteTracker.instance
     if @data_dir
       store.data_dir = @data_dir
       store.sites_file = searcher.data_dir + "/" + "sites"
       store.load_site_stores_from_file(searcher.sites_file)
     end
		store.refresh(site)
		store.save!
end

.refresh_all ⇒ Object

Refresh the site information in the local data repository

# File 'lib/wmap.rb', line 257

def refresh_all
		store=Wmap::SiteTracker.instance
     if @data_dir
       store.data_dir = @data_dir
       store.sites_file = searcher.data_dir + "/" + "sites"
       store.load_site_stores_from_file(searcher.sites_file)
     end
		store.refresh_all
		store.save!
end

.response_code(url) ⇒ Object

Check URL/Site response code

# File 'lib/wmap.rb', line 206

def response_code(url)
	checker=Wmap::UrlChecker.new
	checker.response_code(url)
end

.scan(host) ⇒ Object

Fast tcp port scanner on a single host or IP

# File 'lib/wmap.rb', line 97

def scan(host)
	scanner=Wmap::PortScanner.new
	scanner.scan(host)
end

.scans(target_list) ⇒ Object

Fast multi-processes tcp port scanner on a list of targets

# File 'lib/wmap.rb', line 103

def scans(target_list)
	scanner=Wmap::PortScanner.new
	scanner.scans(target_list)
end

.search(pattern) ⇒ Object

Search the site repository for all entries that match the pattern

# File 'lib/wmap.rb', line 212

def search(pattern)
	searcher=Wmap::SiteTracker.instance
   if @data_dir
     searcher.data_dir = @data_dir
     searcher.sites_file = searcher.data_dir + "/" + "sites"
     searcher.load_site_stores_from_file(searcher.sites_file)
   end
	searcher.search(pattern)
end

.sub_domain_known?(host) ⇒ Boolean

Sub-domain tracking - check local hosts file to see if the sub-domain is already known

Returns:

• (Boolean)

# File 'lib/wmap.rb', line 162

def sub_domain_known?(host)
	tracker=Wmap::HostTracker.instance
   if @data_dir
     tracker.data_dir = data_dir
     tracker.hosts_file = tracker.data_dir + "/" + "hosts"
     tracker.load_known_hosts_from_file(tracker.hosts_file)
   end
   tracker.sub_domain_known?(host)
end

.track(host) ⇒ Object

CIDR Tracking - check the host against the local CIDR seed file, return the CIDR tracking path if found

# File 'lib/wmap.rb', line 109

def track(host)
	tracker=Wmap::CidrTracker.new
	tracker.cidr_worker(host)
end

.whois(domain) ⇒ Object

whois query and sort the result into structured data

# File 'lib/wmap.rb', line 91

def whois(domain)
	whois=Wmap::Whois.new(:verbose=>false)
	whois.query(domain)
end

.wlog(msg, agent, log_file) ⇒ Object

Log the information into file

# File 'lib/wmap.rb', line 196

def wlog(msg,agent,log_file)
	Wmap::Utils.wlog(msg,agent,log_file)
end

.wmap(seed) ⇒ Object

Explorer to discover and inventory web application / service automatically

# File 'lib/wmap.rb', line 75

def wmap(seed)
   if @data_dir
     cmd = "bin/wmap" + " -d " + @data_dir + " -t " + seed
   else
	    cmd="bin/wmap" + " -t " + seed
   end
	system(cmd)
end