ronin-rb / ronin-app Goto Github PK

Add a route and view for displaying metadata for a specific encoder.

Add systemd service files for running ronin-app. foreman export systemd can export the files. They must also depend on the redis.service service.

Add the typical red asterisk to all required form fields.

Could add this as a CSS class.

.label.is-required::after {
  content: ' *';
  color: red;
}

Would also need to add the usual blurb text " means a required field" to the forms.

Add every Nmap::Command scan option to the /nmap form and Schemas::NmapParams.

Add a POST /vulns route which will enqueue a job for scanning a URL for web vulnerabilities using ronin-vulns.

Flush out the /db/ routes and views. Must provide access to all other database models (ex: OpenPort, Port, ASN, Credential, etc) with links to other routes.

• /db/urls
• /db/urls/:id
• /db/url_schemes
• /db/url_schemes/:id
• /db/url_query_param_names
• /db/url_query_param_names/:id
• /db/mac_addresses
• /db/mac_address/:id
• /db/open_ports
• /db/open_port/:id
• /db/services
• /db/service/:id
• /db/ports
• /db/port/:id
• /db/oses
• /db/oses/:id
• /db/asns
• /db/asn/:id
• /db/passwords
• /db/password/:id
• /db/user_names
• /db/user_name/:id
• /db/email_addresses
• /db/email_address/:id
• /db/credentials
• /db/credential/:id
• /db/software
• /db/software/:id
• /db/software_vendors
• /db/software_vendors/:id
• /db/advisories
• /db/advisory/:id

Since the app uses ronin-db and [roin-db] supports configuring multiple databases, it should be possible to switch to another database as the app is running. Possibly the current database name would be stored in the session cookie or sent to Sidekiq workers which import data into the database? I'm not sure how we would tell ActiveRecord to use another database, or whether we'd simply call ActiveRecord.establish_connection again to switch to another database?

Add a GET /vulns route and form for scanning a URL for web vulnerabilities using ronin-vulns.

Add a /network/dns route and form for performing arbitrary DNS queries. It should use JavaScript to send another HTTP request to another route (ex: /network/dns/query), which would send the DNS query using Ronin::Support::Network::DNS::Resolver and return the response object as JSON, which would then be parsed and rendered by the JavaScript.

There should also be an Import checkbox that causes both the DNS query and response as Ronin::DB::DNSQuery and Ronin::DB::DNSRecord records.

Implement a vanilla JavaScript component for auto-completing local paths using a Bulma dropdown menu. The JavaScript should make background requests to the server, which would then attempt to lookup the path and return possible matches.

Example Bulma CSS + JavaScript auto-complete code: https://github.com/mattmezza/bulmahead

Note that all JavaScript must be vanilla ES6+ JavaScript. JavaScript frameworks or React are not allowed.

Add a Nix build file so users can run nix shell and have all of the dependencies installed within a nix environment. I'm not a NixOS user and know little about it, so I'll need help on this one.

Package ronin-app as a gem. Add gemspec.yml and ronin-app.gemspec files. This will allow easily installing ronin-app as a gem, or being added as a dependency.

For some reason ActiveRecord randomly times out when accessing the sqlite3 database. Not sure if we need to configure ActiveRecord to somehow avoid this?

ActiveRecord::ConnectionTimeoutError - could not obtain a connection from the pool within 5.000 seconds (waited 5.003 seconds); all pooled connections were in use:

We need to clear the ActiveRecord connection pool or obtain/release an individual connection for the app routes and the SideKiq workers.

• App
• SideKiq workers

ronin-db-activerecord 0.2.0 added an notes association to IPAddress, HostName, MACAddress, EmailAddress, URL, etc. All /db/ show.erb views should display notes as Notes. Also add a _notes.erb partial template for rendering a notes Array.

Change the Docker config/image to mount ~/.local/share/ronin-db/ as a volume. This can be done using the VOLUME keyword. This should allow users to pull down the ronin-app docker image and quickly run it with docker, and not have to use docker-compose or pass in complex options to docker run.

Add routes for listing Ronin::Exploits, loading and displaying an exploit's metadata. Will need to figure out how to execute an exploit from the backend and provide a shell-like interface on the frontend similar to ronin-exploits run's post-exploitation shell.

Add routes for accessing Ronin::Repos::CacheDir. It should list installed repos, allow installing a repo from a git URI, updating repo(s), or uninstalling a repo.

Sidekiq::Web is mounted on /sidekiq, separate from the App, but wants a rack.session cookie.

Add an "Advanced Options" link which shows/hides the advanced options on forms.

Use the DATABASE_NAME env variable to select the database to connect to by name in config/database.rb.

Add a route for importing nmap XML files. Also add a Sidekiq worker for importing nmap XML files. The "upload" form should use a <input type="filePath"> input to only upload the file path, which will then be passed to the Sidekiq worker.

Once the app stabilizes take some screenshots of the various pages and add them to the README.

Honor the DATABASE_URL env variable when connecting to the database.

Add a route for importing masscan scan files. Also add a Sidekiq worker for importing masscan scan files. The "upload" form should use a <input type="filePath"> input to only upload the file path, which will then be passed to the Sidekiq worker.

Listen on localhost by default. Only listen on 0.0.0.0 when within docker.

Add validations to Validations::SpiderParams to validate that the host is roughly a host-name and that the domain is roughly a domain-name, and not say a URI.

Add a Workers::Vulns sidekiq worker class that scans a URL for web vulnerabilities using Ronin::Vulns::URLScanner. It must create a report of found vulnerabilities that is somehow passed back to the frontend.

Add a route for updating a repo.

Add a ronin-app command which can start the app.

Add a /recon route and Workers::Recon worker class that calls the ronin-recon library.

Add a route for displaying information about a specific repo.

Add a /jobs or /queue route which inspects Sidekiq::API and shows current running jobs.

Add every Spidr::Agent#initialize option to the /spider form and Validations::SpiderParams.

Add a route for deleting a repo.

Publish a pre-built ronin-app docker image that uses it's own database on a separate volume (see #40).

Add a route and a view for running a payload encoder with given input data and displaying the output.

Add a route for listing all payload encoders in Ronin::Payloads::Encoders.

Add a fancy D3 network graph visualization that can visualize a single IP, Host, or URL, then show related database records as connected nodes. When the user clicks on another node, load that node's related database records and render them as additional connected nodes. This will allow the user to explore the database without loading ALL of the data into the browser at once.

Add every Masscan::Command scan option to the /masscan form and Schemas::MasscanParams.

Add a dark-mode switch to change the --bg-color to a dark midnight blue color. See the minimal JavaScript on my blog as an example.

Add routes for listing Ronin::Payloads, loading and viewing metadata about a specific payload, or building a payload.

The menu and logo is currently left-justified and doesn't look correct. They should be horizontally centered.

Note: the app uses Bulma CSS's .hero and .container CSS helper classes for the logo and menu.

Add a "Add Note" text area and form to all /db/``show.erb views to allow adding a new comment to the notes association of the record. This may also require adding a _add_note.erb partial template.

The Advanced Options section on the /nmap form is very long and needs better grouping/organization.

As the number of IPAddresses, HostNames, and URLs increase in the database, there should be pagination on the views/db/*.erb views which list the records.

Available Options

• sinatra-paginate
• pagy
• kaminari-sinatra