Module: Ronin::Web::Server::Conditions::ClassMethods

Defined in:
lib/ronin/web/server/conditions.rb

Overview

Class methods to be added to the application base class.

Instance Method Summary collapse

Instance Method Details

#asn(number) ⇒ Object (protected)

Condition to match the AS number of the client's IP address.

Examples:

get '/path', asn: 13335 do
  # ...
end

Parameters:

  • number (Integer)

    The AS number to match.



83
84
85
86
87
88
89
 
# File 'lib/ronin/web/server/conditions.rb', line 83

def asn(number)
  condition do
    if (record = Support::Network::ASN.query(request.ip))
      record.number == number
    end
  end
end

#asn_name(name) ⇒ Object (protected)

Condition to match the company/ISP name of the ASN information for the client's IP address.

Examples:

get '/path', asn_name: 'CLOUDFLARENET' do
  # ...
end

Parameters:

  • name (String)

    The name of the company/ISP that the ASN is assigned to.



123
124
125
126
127
128
129
 
# File 'lib/ronin/web/server/conditions.rb', line 123

def asn_name(name)
  condition do
    if (record = Support::Network::ASN.query(request.ip))
      record.name == name
    end
  end
end

#browser(matcher) ⇒ Object (protected)

Condition to match the browser name from the User-Agent header of the request.

Examples:

Match the exact browser name:

get '/path', browser: "Foo" do
  # ...
end

Match any browser name matching the Regexp:

get '/path', browser: /googlebot/i do
  # ...
end

Match all Chrome browsers:

get '/path', browser: :chrome do
  # ...
end

Match all Firefox browsers:

get '/path', browser: :firefox do
  # ...
end

Parameters:

  • matcher (:chrome, :firefox, Regexp, String, Proc, #===)

    Regular expression, exact String, Proc, or any other object which defines an #=== method.



225
226
227
228
229
230
231
232
233
234
235
236
237
238
 
# File 'lib/ronin/web/server/conditions.rb', line 225

def browser(matcher)
  case matcher
  when :chrome
    condition { request.browser == 'Chrome' }
  when :firefox
    condition { request.browser == 'Firefox' }
  else
    condition do
      if (browser = request.browser)
        matcher === browser
      end
    end
  end
end

#browser_vendor(matcher) ⇒ Object (protected)

Condition to match the browser vendor from the User-Agent header of the request.

Examples:

Match the browser vendor:

get '/path', browser_vendor: 'Google' do
  # ...
end

Parameters:

  • matcher (Regexp, String, Proc, #===)

    Regular expression, exact String, Proc, or any other object which defines an #=== method.



253
254
255
256
257
258
259
 
# File 'lib/ronin/web/server/conditions.rb', line 253

def browser_vendor(matcher)
  condition do
    if (browser_vendor = request.browser_vendor)
      matcher === browser_vendor
    end
  end
end

#browser_version(matcher) ⇒ Object (protected)

Condition to match the browser version from the User-Agent header of the request.

Regular expression, exact String, Proc, or any other object which defines an #=== method.

Examples:

Match an exact version of Chrome:

get '/path', browser: :chrome, browser_version: '99.100.4844.27' do
  # ...
end

Match all Chrome versions in the 99.x version family:

get '/path', browser: :chrome, browser_version: /^99\./ do
  # ...
end

Match versions of Chrome with known vulnerabilities:

vuln_versions = File.readlines('chrome_versions.txt', chomp: true)

get '/path', browser: :chrome, browser_version: vuln_versions do
  # ...
end

Parameters:

  • matcher (Array<String>, Set<String>, Regexp, String, Proc, #===) 


287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
 
# File 'lib/ronin/web/server/conditions.rb', line 287

def browser_version(matcher)
  case matcher
  when Array, Set
    condition do
      if (browser_version = request.browser_version)
        matcher.include?(browser_version)
      end
    end
  else
    condition do
      if (browser_version = request.browser_version)
        matcher === browser_version
      end
    end
  end
end

#client_ip(matcher) ⇒ Object (protected)

Condition to match the client IP Address that sent the request.

Examples:

Only allow the exact IP:

get '/path', client_ip: '10.1.1.1' do
  # ...
end

Allow all IPs from the IP range:

get '/path', client_ip: IPAddr.new('10.1.1.1/24') do
  # ...
end

Parameters:

  • matcher (IPAddr, String, Proc, #===)

    The IP address or range of addresses to match against.



68
69
70
 
# File 'lib/ronin/web/server/conditions.rb', line 68

def client_ip(matcher)
  condition { matcher === request.ip }
end

#country_code(code) ⇒ Object (protected)

Condition to match the country code of the ASN information for the client's IP address.

Examples:

get '/path', country_code: 'US' do
  # ...
end

Parameters:

  • code (String)

    The two letter country code to match for.



103
104
105
106
107
108
109
 
# File 'lib/ronin/web/server/conditions.rb', line 103

def country_code(code)
  condition do
    if (record = Support::Network::ASN.query(request.ip))
      record.country_code == country_code
    end
  end
end

#device_type(matcher) ⇒ Object (protected)

Condition to match the device type of the User-Agent header of the request.

Array of device type Symbols, the exact devicde type Symbol, Proc, or any other object which defines an #=== method.

Examples:

Match a specific device type:

get '/path', device_type: :crawler do
  halt 404
end

Match multiple device types:

get '/path', device_type: [:smartphone, :appliance] do
  # ...
end

Parameters:

  • matcher (Array<:pc, :smartphone, :mobilephone, :appliance, :crawler>, :pc, :smartphone, :mobilephone, :appliance, :crawler, Proc, #===) 


324
325
326
327
328
329
330
331
332
333
 
# File 'lib/ronin/web/server/conditions.rb', line 324

def device_type(matcher)
  condition do
    if (device_type = request.device_type)
      case matcher
      when Array then matcher.include?(device_type)
      else            matcher === device_type
      end
    end
  end
end

#host(matcher) ⇒ Object (protected)

Condition for matching the Host header.

Examples:

Match the exact Host header:

get '/path', host: 'example.com' do
  # ...
end

Match any Host header ending in .example.com:

get '/path', host: /\.example\.com$/ do
  # ...
end

Parameters:

  • matcher (Regexp, String, Proc, #===)

    The host to match against.



147
148
149
 
# File 'lib/ronin/web/server/conditions.rb', line 147

def host(matcher)
  condition { matcher === request.host }
end

#os(matcher) ⇒ Object (protected)

Condition to match the OS from the User-Agent header of the request.

Regular expression, exact String, Proc, or any other object which defines an #=== method.

Examples:

Match all Android devices:

get '/path', os: :android do
  # ...
end

Match all iOS devices:

get '/path', os: :ios do
  # ...
end

Match all Linux systems:

get '/path', os: :linux do
  # ...
end

Match all Windows systems:

get '/path', os: :windows do
  # ...
end

Match a specific OS:

get '/path', os: 'Windows 10' do
  # ...
end

Match any OS that matches the Regexp:

get '/path', os: /^Windows (?:7|8|10)/ do
  # ...
end

Parameters:

  • matcher (:android, :ios, :linux, :windows, Regexp, String, Proc, #===) 


374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
 
# File 'lib/ronin/web/server/conditions.rb', line 374

def os(matcher)
  case matcher
  when :android
    condition { request.from_android_os? }
  when :ios
    condition { request.from_ios? }
  when :linux
    condition { request.os == 'Linux' }
  when :windows
    condition do
      if (os = request.os)
        os.start_with?('Windows')
      end
    end
  else
    condition do
      if (os = request.os)
        matcher === os
      end
    end
  end
end

#os_version(matcher) ⇒ Object (protected)

Condition to match the OS version from the User-Agent header of the request.

Regular expression, exact String, Proc, or any other object which defines an #=== method.

Examples:

Match a specific Android OS version:

get '/path', os: :android, os_version: '8.1.0' do
  # ...
end

Match all Android OS versions that match a Regexp:

get '/path', os: :android, os_version: /^8\.1\./ do
  # ...
end

Match versions of Android with known vulnerabilities:

vuln_versions = File.readlines('android_versions.txt', chomp: true)

get '/path', os: :android, os_version: vuln_versions do
  # ...
end

Parameters:

  • matcher (Array<String>, Set<String>, Regexp, String, Proc, #===) 


423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
 
# File 'lib/ronin/web/server/conditions.rb', line 423

def os_version(matcher)
  case matcher
  when Array, Set
    condition do
      if (os_version = request.os_version)
        matcher.include?(os_version)
      end
    end
  else
    condition do
      if (os_version = request.os_version)
        matcher === os_version
      end
    end
  end
end

#referer(matcher) ⇒ Object (protected) Also known as: referrer

Condition to match the Referer header of the request.

Examples:

Match the exact Referer URI:

get '/path', referer: 'https://example.com/signin' do
  # ...
end

Match any Referer URI matching the Regexp:

get '/path', referer: /^http:\/\// do
  # ...
end

Parameters:

  • matcher (Regexp, String, Proc, #===)

    Regular expression or exact Referer header to match against.



167
168
169
170
171
172
173
 
# File 'lib/ronin/web/server/conditions.rb', line 167

def referer(matcher)
  condition do
    if (referer = request.referer)
      matcher === referer
    end
  end
end

#user_agent(matcher) ⇒ Object (protected)

Condition to match the User-Agent header of the request.

Examples:

Match any User-Agent with Intel Mac OSX in it:

get '/path', user_agent: /Intel Mac OSX/ do
  # ...
end

Parameters:

  • matcher (Regexp, String, Proc, #===)

    Regular expression, exact String, Proc, or any other object which defines an #=== method.



189
190
191
192
193
194
195
 
# File 'lib/ronin/web/server/conditions.rb', line 189

def user_agent(matcher)
  condition do
    if (user_agent = request.user_agent)
      matcher === user_agent
    end
  end
end