Class: Ronin::Masscan::CLI::Commands::Grep Private

Inherits:

Ronin::Masscan::CLI::Command

• Object
• Core::CLI::Command
• Ronin::Masscan::CLI::Command
• Ronin::Masscan::CLI::Commands::Grep

Includes:

CommandKit::Colors, CommandKit::Printing::Indent, FilteringOptions

Defined in:

lib/ronin/masscan/cli/commands/grep.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Greps the scanned services from masscan scan file(s) for the given pattern.

Usage

ronin-masscan grep [options] PATTERN MASSCAN_FILE [...]

Options

-P, --protocol tcp|udp           Filters the targets by protocol
    --ip IP                      Filters the targets by IP
    --ip-range CIDR              Filters the targets by IP range
    -p, --ports {PORT | PORT1-PORT2},...
                                 Filters targets by port number
    --with-app-protocol APP_PROTOCOL[,...]
                                 Filters targets with the app protocol
    --with-payload STRING        Filters targets containing the payload
    --with-payload-regex /REGEX/ Filters targets with the matching payload
-h, --help                       Print help information

Arguments

PATTERN                          The pattern to search for
MASSCAN_FILE ...                 The masscan scan file(s) to parse

Instance Attribute Summary

Attributes included from FilteringOptions

#ip_ranges, #ips, #ports, #protocols, #with_app_protocols, #with_payloads

Instance Method Summary

• #grep_records(output_file, pattern) ⇒ Object private

  Greps the masscan output file for the pattern.

• #highlight(text, pattern) ⇒ String private

  Highlights the pattern in the text.

• #highlight_banner_record(banner, pattern) ⇒ Object private

  Prints the masscan banner record with the pattern highlighted.

• #highlight_record(record, pattern) ⇒ Object private

  Prints the masscan record with the pattern highlighted.

• #highlight_records(records, pattern) ⇒ Object private

  Prints the open ports for the IP.

• #match_record(record, pattern) ⇒ Boolean private

  Determines if the masscan record includes the pattern.

• #run(pattern, *masscan_files) ⇒ Object private

  Runs the ronin-masscan grep command.

Methods included from FilteringOptions

#filter_banner_records, #filter_records, #filter_records_by_app_protocol, #filter_records_by_ip, #filter_records_by_ip_range, #filter_records_by_payload, #filter_records_by_port, #filter_records_by_protocol, #filter_status_records, included, #initialize

Instance Method Details

#grep_records(output_file, pattern) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Greps the masscan output file for the pattern.

Parameters:

• output_file (::Masscan::OutputFile) —

  The masscan output file to search.

• pattern (String) —

  The pattern to search for.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 115

def grep_records(output_file,pattern)
  records = filter_records(output_file)

  records.filter { |record| match_record(record,pattern) }
end

#highlight(text, pattern) ⇒ String

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Highlights the pattern in the text.

Parameters:

• text (String) —

  The text to modify.

• pattern (String) —

  The pattern to highlight.

Returns:

• (String) —

  The modified text.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 227

def highlight(text,pattern)
  text.to_s.gsub(pattern,colors.red(pattern))
end

#highlight_banner_record(banner, pattern) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the masscan banner record with the pattern highlighted.

Parameters:

• banner (::Masscan::Banner) —

  The masscan banner record to print.

• pattern (String) —

  The pattern to highlight.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 198

def highlight_banner_record(banner,pattern)
  payload      = highlight(banner.payload,pattern)
  app_protocol = highlight(banner.app_protocol,pattern)

  if payload.include?("\n") # multiline?
    puts app_protocol

    indent do
      payload.chomp.each_line(chomp: true) do |line|
        puts line
      end
    end
  else
    puts "#{app_protocol}\t#{payload}"
  end
end

#highlight_record(record, pattern) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the masscan record with the pattern highlighted.

Parameters:

• record (::Masscan:Status, ::Masscan::Banner) —

  The masscan record to print.

• pattern (String) —

  The pattern to highlight.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 182

def highlight_record(record,pattern)
  case record
  when ::Masscan::Banner
    highlight_banner_record(record,pattern)
  end
end

#highlight_records(records, pattern) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the open ports for the IP.

Parameters:

• records (Array<::Masscan::Status, ::Masscan::Banner>) —

  The masscan records to print.

• pattern (String) —

  The pattern to highlight.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 150

def highlight_records(records,pattern)
  records.group_by(&:ip).each do |ip,records_for_ip|
    puts "[ #{ip} ]"
    puts

    records_for_ip.group_by { |record|
      [record.port, record.protocol]
    }.each do |(port,protocol),records_for_port|
      indent do
        puts "#{port}/#{protocol}"

        indent do
          records_for_port.each do |record|
            highlight_record(record,pattern)
          end
        end
      end
    end

    puts
  end
end

#match_record(record, pattern) ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Determines if the masscan record includes the pattern.

Parameters:

• record (::Masscan::Status, ::Masscan::Banner) —

  The masscan record to search.

• pattern (String) —

  The pattern to search for.

Returns:

• (Boolean) —

  Indicates whether the masscan record contains the pattern.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 133

def match_record(record,pattern)
  case record
  when ::Masscan::Banner
    record.app_protocol.match(pattern) ||
      record.payload.match(pattern)
  end
end

#run(pattern, *masscan_files) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Runs the ronin-masscan grep command.

Parameters:

• pattern (String) —

  The pattern to search for.

• masscan_files (Array<String>) —

  The nmap .xml files to parse.

# File 'lib/ronin/masscan/cli/commands/grep.rb', line 86

def run(pattern,*masscan_files)
  masscan_files.each do |masscan_file|
    unless File.file?(masscan_file)
      print_error "no such file or directory: #{masscan_file}"
      next
    end

    output_file = begin
                    ::Masscan::OutputFile.new(masscan_file)
                  rescue ArgumentError => error
                    print_error(error.message)
                    exit(1)
                  end

    records = grep_records(output_file,pattern)

    highlight_records(records,pattern)
  end
end