Module: Ronin::Web::Dorks

Includes:

GScraper

Defined in:

lib/ronin/web/dorks/dorks.rb,
lib/ronin/web/dorks/index.rb,
lib/ronin/web/dorks/documents.rb

Class Method Summary

• .all_strings_intext(strings, options = {}, &block) ⇒ Object
• .all_strings_intitle(strings, options = {}, &block) ⇒ Object
• .all_strings_inurl(strings, options = {}, &block) ⇒ Object
• .allintext(pattern, options = {}, &block) ⇒ Object
• .allintitle(patterns, options = {}, &block) ⇒ Object
• .allinurl(patterns, options = {}, &block) ⇒ Object
• .cps(options = {}, &block) ⇒ Object
• .download_file(options = {}, &block) ⇒ Object
• .download_pdf(options = {}, &block) ⇒ Object
• .emails_xls(options = {}, &block) ⇒ Object
• .index_for_finances_xls(options = {}, &block) ⇒ Object
• .index_of(path = nil, options = {}, &block) ⇒ Object
• .index_of_cgi_bin(options = {}, &block) ⇒ Object
• .index_with_file(name, options = {}, &block) ⇒ Object
• .index_with_sql(options = {}, &block) ⇒ Object
• .intext(pattern, options = {}, &block) ⇒ Object
• .intitle(pattern, options = {}, &block) ⇒ Object
• .inurl(pattern, options = {}, &block) ⇒ Object
• .php_my_admin(options = {}, &block) ⇒ Object
• .qbw(options = {}, &block) ⇒ Object
• .receipts(options = {}, &block) ⇒ Object
• .robots_txt(options = {}, &block) ⇒ Object
• .search(options = {}, &block) ⇒ Object

  Creates either a GScraper::Search::WebQuery or a GScraper::Search::AJAXQuery with the given options.

• .sharepoint(options = {}, &block) ⇒ Object
• .sql_admin_dump(options = {}, &block) ⇒ Object
• .sql_dump(options = {}, &block) ⇒ Object
• .string_intext(string, options = {}, &block) ⇒ Object
• .string_intitle(string, options = {}, &block) ⇒ Object
• .string_inurl(string, options = {}, &block) ⇒ Object
• .vuln_report(options = {}, &block) ⇒ Object

Class Method Details

.all_strings_intext(strings, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 120

def Dorks.all_strings_intext(strings,options={},&block)
  Dorks.search(options.merge(:allintext => strings.map { |string|
    "'#{string}'"
  }),&block)
end

.all_strings_intitle(strings, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 138

def Dorks.all_strings_intitle(strings,options={},&block)
  Dorks.search(options.merge(:allintitle => strings.map { |string|
    "'#{string}'"
  }),&block)
end

.all_strings_inurl(strings, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 156

def Dorks.all_strings_inurl(strings,options={},&block)
  Dorks.search(options.merge(:allinurl => strings.map { |string|
    "'#{string}'"
  }),&block)
end

.allintext(pattern, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 112

def Dorks.allintext(pattern,options={},&block)
  Dorks.search(options.merge(:allintext => pattern),&block)
end

.allintitle(patterns, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 134

def Dorks.allintitle(patterns,options={},&block)
  Dorks.search(options.merge(:allintitle => patterns),&block)
end

.allinurl(patterns, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 152

def Dorks.allinurl(patterns,options={},&block)
  Dorks.search(options.merge(:allinurl => patterns),&block)
end

.cps(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/documents.rb', line 27

def Dorks.cps(options={},&block)
  Dorks.search(options.merge(
    :exact_phrase => 'Certificate Practice Statement',
    :inurl => '(PDF | DOC)'
  ),&block)
end

.download_file(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 202

def Dorks.download_file(options={},&block)
  Dorks.search(options.merge(
    :allinurl => ['download.php?', 'file']
  ),&block)
end

.download_pdf(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 208

def Dorks.download_pdf(options={},&block)
  Dorks.search(options.merge(
    :allinurl => [
      'download.php?',
      'file',
      '.pdf'
    ]
  ),&block)
end

.emails_xls(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/documents.rb', line 55

def Dorks.emails_xls(options={},&block)
  Dorks.search(options.merge(
    :filetype => 'xls',
    :inurl => '"email.xls"'
  ),&block)
end

.index_for_finances_xls(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/index.rb', line 49

def Dorks.index_for_finances_xls(options={},&block)
  Dorks.search(options.merge(
    :query => 'finances.xls',
    :intitle => '"Index of"'
  ),&block)
end

.index_of(path = nil, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/index.rb', line 27

def Dorks.index_of(path=nil,options={},&block)
  if path
    options = options.merge(:intitle => "\"Index of #{path}\"")
  else
    options = options.merge(:intitle => '"Index of"')
  end

  return Dorks.search(options,&block)
end

.index_of_cgi_bin(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/index.rb', line 37

def Dorks.index_of_cgi_bin(options={},&block)
  Dorks.index_of('/cgi-bin',&block)
end

.index_with_file(name, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/index.rb', line 41

def Dorks.index_with_file(name,options={},&block)
  Dorks.index_of(options.merge(:intext => "\"#{name}\""),&block)
end

.index_with_sql(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/index.rb', line 45

def Dorks.index_with_sql(options={},&block)
  Dorks.index_of(options.merge(:intext => '".sql"'),&block)
end

.intext(pattern, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 108

def Dorks.intext(pattern,options={},&block)
  Dorks.search(options.merge(:intext => pattern),&block)
end

.intitle(pattern, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 126

def Dorks.intitle(pattern,options={},&block)
  Dorks.search(options.merge(:intitle => pattern),&block)
end

.inurl(pattern, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 144

def Dorks.inurl(pattern,options={},&block)
  Dorks.search(options.merge(:inurl => pattern),&block)
end

.php_my_admin(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 194

def Dorks.php_my_admin(options={},&block)
  Dorks.search(options.merge(
    :with_words => ['phpMyAdmin'],
    :exact_phrase => 'running on',
    :inurl => 'main.php'
  ),&block)
end

.qbw(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/documents.rb', line 48

def Dorks.qbw(options={},&block)
  Dorks.search(options.merge(
    :query => 'qbw',
    :filetype => 'QBW'
  ),&block)
end

.receipts(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/documents.rb', line 40

def Dorks.receipts(options={},&block)
  Dorks.search(options.merge(
    :exact_phrase => 'Thank you for your order',
    :with_words => ['receipt'],
    :filetype => :pdf
  ),&block)
end

.robots_txt(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 186

def Dorks.robots_txt(options={},&block)
  Dorks.search(options.merge(
    :exact_phrase => 'robots.txt',
    :with_words => ['Disallow'],
    :filetype => :txt
  ),&block)
end

.search(options = {}, &block) ⇒ Object

Creates either a GScraper::Search::WebQuery or a GScraper::Search::AJAXQuery with the given options. If a block is given, it will be passed the newly created query object.

options may contain the following keys:

:ajax

Specifies wether or not to create a GScraper::Search::AJAXQuery.

:query

The search query.

:link

Search for results which link to the specified URI.

:related

Search for results which relate to the specified URI.

:info

Return information about the specified URI.

:site

Limit results to the specified site.

:filetype

Limit results to those with the specified file-type.

:allintitle

Search for results with all of the keywords appearing in the title.

:intitle

Search for results with the keyword appearing in the title.

:allintext

Search for results with all of the keywords appearing in the text.

:intext

Search for results with the keyword appearing in the text.

:allinanchor

Search for results with all of the keywords appearing in the text of links.

:inanchor

Search for results with the keyword appearing in the text of links.

:exact_phrase

Search for results containing the specified exact phrase.

:with_words

Search for results containing all of the specified words.

:without_words

Search for results not containing any of the specified words.

:numeric_range

Search for results contain numbers that fall within the specified Range.

:define

Search for results containing the definition of the specified keyword.

If the :ajax option is not specified, then options may contain the following additional keys:

:results_per_page

Specifies the number of results for each page.

:language

Search for results in the specified language.

:region

Search for results from the specified region.

:within_past_day

Search for results that were created within the past day.

:within_past_week

Search for results that were created within the past week.

:within_past_month

Search for results that were created within the past month.

:within_past_year

Search for results that were created within the past year.

:occurrs_within

:rights

Search for results licensed under the specified license.

:filtered

Specifies whether or not to use SafeSearch. Defaults to false, if not specified.

If the :ajax option is specified, then options may contain the following additional keys:

:language

The search language. Defaults to :en.

:sig

The search signature. Defaults to 582c1116317355adf613a6a843f19ece.

:key

The search key. Defaults to :notsupplied.

:version

The desired API version. Defaults to 1.0.

# File 'lib/ronin/web/dorks/dorks.rb', line 100

def Dorks.search(options={},&block)
  if options[:ajax] == true
    return Search.ajax_query(options,&block)
  else
    return Search.query(options,&block)
  end
end

.sharepoint(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 218

def Dorks.sharepoint(options={},&block)
  Dorks.search(options.merge(
    :exact_phrase => 'all site content'
  ),&block)
end

.sql_admin_dump(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 182

def Dorks.sql_admin_dump(options={},&block)
  Dorks.sql_dump(options.merge(:password => 'admin'),&block)
end

.sql_dump(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 162

def Dorks.sql_dump(options={},&block)
  query = []
  
  query << "Host: #{options[:host]}" if options[:host]
  query << "Database: #{options[:database]}" if options[:database]
  query << options[:version] if options[:version]

  query << "\"#{options[:sql]}\"" if options[:sql]

  if options[:password]
    query << Digest::MD5.hexdigest(options[:password].to_s)
  end

  return Dorks.search(options.merge(
    :query => query,
    :exact_phrase => '"SQL Dump"',
    :filetype => :sql
  ),&block)
end

.string_intext(string, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 116

def Dorks.string_intext(string,options={},&block)
  Dorks.intext("'#{string}'",options,&block)
end

.string_intitle(string, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 130

def Dorks.string_intitle(string,options={},&block)
  Dorks.intitle("'#{string}'",options,&block)
end

.string_inurl(string, options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/dorks.rb', line 148

def Dorks.string_inurl(string,options={},&block)
  Dorks.inurl("'#{string}'",options,&block)
end

.vuln_report(options = {}, &block) ⇒ Object

# File 'lib/ronin/web/dorks/documents.rb', line 34

def Dorks.vuln_report(options={},&block)
  Dorks.search(options.merge(
    :exact_phrase => 'Network Vulnerability Assessment'
  ),&block)
end