search

ronin-rb / ronin-recon

A micro-framework and tool for performing reconnaissance.
https://ronin-rb.dev
GNU Lesser General Public License v3.0
34 stars 9 forks source link

Change `Values::IPRange#range` to be a `Ronin::Support::Network::IPRange` #58

Closed postmodern closed 9 months ago

postmodern commented 1 year ago

Use Ronin::Support::Network::IPRange instead of IPAddr to parse the given IP range String. Ronin::Support::Network::IPRange supports both CIDR ranges (ex: 192.168.1.1/24) and nmap glob-ranges (ex: 192.168.1-4.*).

This will entail adding a Values::IPRange.parse method which accepts a String and passes it to Support::Network::IPRange.parse before calling new().

Value::Parser will also need to be updated to recognize both CIDR ranges and IP-glob ranges and call Values::IPRange.parse, instead of Values::IPRange.new.

AI-Mozi commented 1 year ago

Is it still something that you want to do by yourself or can I try to do it?

postmodern commented 1 year ago

@AI-Mozi I'm a little nervous about writing the regex to matching nmap style IP glob-ranges (ex: 1.2.3-4.*). That is going to be really hard.

AI-Mozi commented 1 year ago

Ok, I'll leave it to you then :D

postmodern commented 1 year ago

I wrote the Regexs to identify a glob range, however ran into some spec failures when changing Values::IPRange#range to be a Ronin::Support::Network::IPRange. Values::IPRange#=== may be given another Values::IPRange, in which case it has to identify if the other range is a sub-set of the Values::IPRange#range. However, Ronin::Support::Network::IPRange#include? expects to only be given an individual IP address, not another range. I may have to add a Ronin::Support::Network::IPRange#=== to determine if two IP ranges intersect? Trying to compare IP CIDR ranges with IP glob ranges might get complex or inefficient really fast.

postmodern commented 1 year ago

The only place where we actually compare one Values::IPRange to another Values::IPRange using Values::IPRange#=== is if the Engine is given a Values::IPRange value and Scope#ignore contains a different Values::IPRange to ignore.

postmodern commented 1 year ago

A general way to determine if one IP range is a sub-set of another IP range, would be range1.include?(range2.first) && range1.include?(range2.last). However, calling range2.last on a Ronin::Support::Network::IPRange::Glob would require enumerating the IP glob and generating each IP in the glob range.