ronin-exploits 0.1.0 → 0.1.1

data/History.txt

@@ -1,3 +1,14 @@
+== 0.1.1 / 2009-01-22
+
+* Removed old references to the <tt>ronin/vulnerability</tt> directory.
+* Removed old references to the Ronin::Vulnerability namespace.
+* Removed past usage of the <tt>:value</tt> option with parameters.
+  * Parametes now uses the <tt>:default</tt> option, for specifying the
+    default value of parameters.
+* Added the missing Ronin::Exploits::PayloadSize exception.
+* Reduce usage of first_or_create.
+* Updated target methods.
+
 == 0.1.0 / 2008-01-08
 
 * Initial release.

data/Manifest.txt

@@ -9,6 +9,7 @@ lib/ronin/exploits.rb
 lib/ronin/exploits/exceptions.rb
 lib/ronin/exploits/exceptions/exploit_not_built.rb
 lib/ronin/exploits/exceptions/restricted_char.rb
+lib/ronin/exploits/exceptions/payload_size.rb
 lib/ronin/exploits/exploitable.rb
 lib/ronin/exploits/requirement.rb
 lib/ronin/exploits/impact.rb

data/README.txt

@@ -41,7 +41,7 @@ of Ronin.
 
 == REQUIREMENTS:
 
-* Ronin >= 0.1.1
+* ronin >= 0.1.3
 
 == INSTALL:
 

data/TODO.txt

@@ -1,11 +1,5 @@
 == TODO:
 
-=== Ronin Exploits 0.1.0:
-
-* Complete exploit/payload taxonomy code.
-  * Add dm-scope methods for finding exploits based on their taxonomy
-    relations.
-
 === Ronin Exploits 0.1.1:
 
 * Add more dm-scope methods for finding exploits and payloads based:
@@ -16,7 +10,7 @@
 * Spec exploit/payload relations and dm-scope methods.
 * Add methods for chaining exploits.
 
-=== Ronin Exploits 0.1.2:
+=== Ronin Exploits 0.2.0:
 
 * Design a basic Vulnerability Scanner class:
   * Scan networks of hosts.

data/lib/ronin/exploits/binary_exploit.rb

@@ -39,14 +39,16 @@ module Ronin
 
       # Target index to use
       parameter :target_index,
-                :value => 0,
+                :default => 0,
                 :description => 'default target index'
 
       # Custom target to use
       parameter :custom_target, :description => 'custom target'
 
       # String to pad extra space with
-      parameter :pad, :value => 'A', :description => 'padding string'
+      parameter :pad,
+                :default => 'A',
+                :description => 'padding string'
 
       # Restricted characters that may not occurr in the built exploit
       attr_accessor :restricted
@@ -65,10 +67,14 @@ module Ronin
 
       #
       # Adds an ExploitTarget with the given _attributes_. If a _block_ is
-      # given, it will be passed the ExploitTarget.
+      # given, it will be passed to the newly created ExploitTarget
+      # object.
       #
       def target(attributes={},&block)
-        @targets << ExploitTarget.first_or_create(attributes,&block)
+        self.targets << ExploitTarget.new(
+          attributes.merge(:exploit => self),
+          &block
+        )
       end
 
       #

data/lib/ronin/exploits/buffer_overflow.rb

@@ -21,6 +21,7 @@
 #++
 #
 
+require 'ronin/exploits/exceptions/payload_size'
 require 'ronin/exploits/buffer_overflow_target'
 require 'ronin/exploits/binary_exploit'
 
@@ -37,8 +38,11 @@ module Ronin
       # Adds a new BufferOverflowTarget with the given _attributes_. If a
       # _block_ is given, it will be passed the BufferOverflowTarget object.
       #
-      def target(options={},&block)
-        @targets << BufferOverflowTarget.new(options,&block)
+      def target(attributes={},&block)
+        self.targets << BufferOverflowTarget.new(
+          attributes.merge(:exploit => self),
+          &block
+        )
       end
 
       #
@@ -68,7 +72,7 @@ module Ronin
       # Default builder method which simply calls build_buffer.
       #
       def builder
-        @package = build_buffer
+        @exploit = build_buffer
       end
 
     end

data/lib/ronin/exploits/exceptions.rb

@@ -23,3 +23,4 @@
 
 require 'ronin/exploits/exceptions/exploit_not_built'
 require 'ronin/exploits/exceptions/restricted_char'
+require 'ronin/exploits/exceptions/payload_size'

data/lib/ronin/exploits/exceptions/payload_size.rb

@@ -0,0 +1,29 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+module Ronin
+  module Exploits
+    class PayloadSize < RuntimeError
+    end
+  end
+end

data/lib/ronin/exploits/exploit.rb

@@ -24,7 +24,7 @@
 require 'ronin/exploits/requirement'
 require 'ronin/exploits/impact'
 require 'ronin/exploits/exploit_author'
-require 'ronin/vulnerability/behavior'
+require 'ronin/vuln/behavior'
 require 'ronin/objectify'
 require 'ronin/has_license'
 
@@ -100,15 +100,18 @@ module Ronin
 
       #
       # Adds an ExploitAuthor with the given _attributes_ to the exploit.
-      # If a _block_ is given, it will be passed the ExploitAuthro object.
+      # If a _block_ is given, it will be passed to the newly created
+      # ExploitAuthor object.
       #
       def author(attributes={},&block)
-        self.authors << ExploitAuthor.first_or_create(attributes,&block)
+        self.authors << ExploitAuthor.new(
+          attributes.merge(:exploit => self),
+          &block
+        )
       end
 
       #
-      # Adds a new Requirement for the Ability with the specified
-      # _behavior_.
+      # Adds a new Requirement for the specified _behavior_.
       #
       def requires(behavior)
         self.requirements << Requirement.new(

data/lib/ronin/exploits/format_string.rb

@@ -34,11 +34,15 @@ module Ronin
       has n, :targets, :class_name => 'FormatStringTarget'
 
       #
-      # Adds a new FormatStringTarget with the given _options_. If a _block_
-      # is given, it will be passed the new FormatStringTarget object.
+      # Adds a new FormatStringTarget with the given _attributes_. If a
+      # _block_ is given, it will be passed the new FormatStringTarget
+      # object.
       #
-      def target(options={},&block)
-        self.targets << FormatStringTarget.new(options,&block)
+      def target(attributes={},&block)
+        self.targets << FormatStringTarget.new(
+          attributes.merge(:exploit => self),
+          &block
+        )
       end
 
       #
@@ -76,7 +80,7 @@ module Ronin
       # The default builder method, simply calls build_format_string.
       #
       def builder
-        @package = build_format_string
+        @exploit = build_format_string
       end
 
     end

data/lib/ronin/exploits/impact.rb

@@ -21,7 +21,7 @@
 #++
 #
 
-require 'ronin/vulnerability/behavior'
+require 'ronin/vuln/behavior'
 require 'ronin/exploits/exploit'
 
 require 'ronin/model'
@@ -33,7 +33,7 @@ module Ronin
       include Model
 
       # The behavior which the impact allows
-      belongs_to :behavior, :class_name => 'Vulnerability::Behavior'
+      belongs_to :behavior, :class_name => 'Vuln::Behavior'
 
       # The exploit which facilitates the impact
       belongs_to :exploit

data/lib/ronin/exploits/requirement.rb

@@ -21,7 +21,7 @@
 #++
 #
 
-require 'ronin/vulnerability/behavior'
+require 'ronin/vuln/behavior'
 require 'ronin/exploits/exploit'
 
 require 'ronin/model'
@@ -33,7 +33,7 @@ module Ronin
       include Model
 
       # The behavior which is required
-      belongs_to :behavior, :class_name => 'Vulnerability::Behavior'
+      belongs_to :behavior, :class_name => 'Vuln::Behavior'
 
       # The exploit which requires the behavior
       belongs_to :exploit

data/lib/ronin/exploits/version.rb

@@ -24,6 +24,6 @@
 module Ronin
   module Exploits
     # Ronin Exploits version
-    VERSION = '0.1.0'
+    VERSION = '0.1.1'
   end
 end

data/lib/ronin/payloads/ability.rb

@@ -21,7 +21,7 @@
 #++
 #
 
-require 'ronin/vulnerability/behavior'
+require 'ronin/vuln/behavior'
 require 'ronin/payloads/payload'
 
 require 'ronin/model'
@@ -33,7 +33,7 @@ module Ronin
       include Model
 
       # The behavior the ability provides
-      belongs_to :behavior, :class_name => 'Vulnerability::Behavior'
+      belongs_to :behavior, :class_name => 'Vuln::Behavior'
 
       # The payload which has this ability
       belongs_to :payload

data/lib/ronin/payloads/payload.rb

@@ -100,23 +100,26 @@ module Ronin
       end
 
       #
-      # Adds a new Ability to the payload that provides the behavior
-      # with the specified _name_.
+      # Adds a new Ability to the payload that provides the specified
+      # _behavior_.
       #
-      def provides(name)
+      def provides(behavior)
         self.abilities << Ability.new(
-          :behavior => Vulnerability::Behavior.first_or_create(
-            :name => name.to_s
-          ),
+          :behavior => behavior,
           :payload => self
         )
       end
 
       #
-      # Adds a new PayloadAuthor with the given _attributes_ and _block_.
+      # Adds a new PayloadAuthor with the given _attributes_. If a _block_
+      # is given, it will be passed to the newly created PayloadAuthor
+      # object.
       #
       def author(attributes={},&block)
-        authors << PayloadAuthor.first_or_create(attributes,&block)
+        authors << PayloadAuthor.new(
+          attributes.merge(:payload => self),
+          &block
+        )
       end
 
       #

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: ronin-exploits
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors: 
 - Postmodern
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-01-08 00:00:00 -08:00
+date: 2009-01-22 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -30,7 +30,7 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 1.8.2
+        version: 1.8.3
     version: 
 description: Ronin Exploits is a Ruby library for Ronin that provides exploitation and payload crafting functionality.  Ronin is a Ruby platform designed for information security and data exploration tasks. Ronin allows for the rapid development and distribution of code over many of the common Source-Code-Management (SCM) systems.
 email: 
@@ -57,6 +57,7 @@ files:
 - lib/ronin/exploits/exceptions.rb
 - lib/ronin/exploits/exceptions/exploit_not_built.rb
 - lib/ronin/exploits/exceptions/restricted_char.rb
+- lib/ronin/exploits/exceptions/payload_size.rb
 - lib/ronin/exploits/exploitable.rb
 - lib/ronin/exploits/requirement.rb
 - lib/ronin/exploits/impact.rb