ronin-exploits 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. data/COPYING.txt +339 -0
  2. data/History.txt +18 -0
  3. data/Manifest.txt +42 -0
  4. data/README.txt +69 -0
  5. data/Rakefile +15 -0
  6. data/TODO.txt +25 -0
  7. data/lib/ronin/exploits.rb +39 -0
  8. data/lib/ronin/exploits/binary_exploit.rb +133 -0
  9. data/lib/ronin/exploits/buffer_overflow.rb +76 -0
  10. data/lib/ronin/exploits/buffer_overflow_target.rb +46 -0
  11. data/lib/ronin/exploits/exceptions.rb +25 -0
  12. data/lib/ronin/exploits/exceptions/exploit_not_built.rb +29 -0
  13. data/lib/ronin/exploits/exceptions/restricted_char.rb +29 -0
  14. data/lib/ronin/exploits/exploit.rb +263 -0
  15. data/lib/ronin/exploits/exploit_author.rb +34 -0
  16. data/lib/ronin/exploits/exploit_target.rb +48 -0
  17. data/lib/ronin/exploits/exploitable.rb +77 -0
  18. data/lib/ronin/exploits/format_string.rb +84 -0
  19. data/lib/ronin/exploits/format_string_target.rb +43 -0
  20. data/lib/ronin/exploits/impact.rb +46 -0
  21. data/lib/ronin/exploits/requirement.rb +46 -0
  22. data/lib/ronin/exploits/version.rb +29 -0
  23. data/lib/ronin/exploits/web_exploit.rb +77 -0
  24. data/lib/ronin/models.rb +38 -0
  25. data/lib/ronin/payloads.rb +33 -0
  26. data/lib/ronin/payloads/ability.rb +46 -0
  27. data/lib/ronin/payloads/binary_payload.rb +40 -0
  28. data/lib/ronin/payloads/payload.rb +203 -0
  29. data/lib/ronin/payloads/payload_author.rb +34 -0
  30. data/lib/ronin/payloads/shellcode.rb +34 -0
  31. data/lib/ronin/payloads/web_payload.rb +34 -0
  32. data/lib/ronin/translators/xor.rb +96 -0
  33. data/lib/ronin/vuln/behavior.rb +92 -0
  34. data/spec/exploits/exploit_spec.rb +80 -0
  35. data/spec/exploits/exploitable_spec.rb +21 -0
  36. data/spec/exploits/web_exploit_spec.rb +29 -0
  37. data/spec/exploits_spec.rb +9 -0
  38. data/spec/payloads/payload_spec.rb +60 -0
  39. data/spec/spec_helper.rb +11 -0
  40. data/spec/translators/xor_spec.rb +26 -0
  41. data/spec/vuln/behavior_spec.rb +15 -0
  42. data/tasks/spec.rb +9 -0
  43. metadata +119 -0
@@ -0,0 +1,38 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/vuln/behavior'
25
+ require 'ronin/exploits/requirement'
26
+ require 'ronin/exploits/impact'
27
+ require 'ronin/exploits/exploit_author'
28
+ require 'ronin/exploits/exploit_target'
29
+ require 'ronin/exploits/exploit'
30
+ require 'ronin/exploits/binary_exploit'
31
+ require 'ronin/exploits/buffer_overflow_target'
32
+ require 'ronin/exploits/buffer_overflow'
33
+ require 'ronin/exploits/format_string_target'
34
+ require 'ronin/exploits/format_string'
35
+ require 'ronin/payloads/ability'
36
+ require 'ronin/payloads/payload_author'
37
+ require 'ronin/payloads/payload'
38
+ require 'ronin/payloads/binary_payload'
@@ -0,0 +1,33 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/payloads/ability'
25
+ require 'ronin/payloads/payload_author'
26
+ require 'ronin/payloads/payload'
27
+ require 'ronin/payloads/binary_payload'
28
+
29
+ require 'reverse_require'
30
+
31
+ module Ronin
32
+ require_for 'ronin', 'ronin/payloads'
33
+ end
@@ -0,0 +1,46 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/vulnerability/behavior'
25
+ require 'ronin/payloads/payload'
26
+
27
+ require 'ronin/model'
28
+
29
+ module Ronin
30
+ module Payloads
31
+ class Ability
32
+
33
+ include Model
34
+
35
+ # The behavior the ability provides
36
+ belongs_to :behavior, :class_name => 'Vulnerability::Behavior'
37
+
38
+ # The payload which has this ability
39
+ belongs_to :payload
40
+
41
+ # Feature validations
42
+ validates_present :behavior_id, :payload_id
43
+
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,40 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/payloads/payload'
25
+
26
+ module Ronin
27
+ module Payloads
28
+ class BinaryPayload < Payload
29
+
30
+ objectify :ronin_binary_payload
31
+
32
+ # The payloads targeted architecture
33
+ belongs_to :arch
34
+
35
+ # The payloads targeted platform
36
+ belongs_to :platform
37
+
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,203 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/payloads/ability'
25
+ require 'ronin/payloads/payload_author'
26
+ require 'ronin/objectify'
27
+ require 'ronin/has_license'
28
+
29
+ module Ronin
30
+ module Payloads
31
+ class Payload
32
+
33
+ include Objectify
34
+ include HasLicense
35
+
36
+ objectify :ronin_payload
37
+
38
+ # Primary key of the payload
39
+ property :id, Serial
40
+
41
+ # Name of the specific payload
42
+ property :name, String, :index => true
43
+
44
+ # Version of the payload
45
+ property :version, String, :default => '0.1', :index => true
46
+
47
+ # Description of the payload
48
+ property :description, Text
49
+
50
+ # Author(s) of the payload
51
+ has n, :authors, :class_name => 'PayloadAuthor'
52
+
53
+ # Abilities the payload provides
54
+ has n, :abilities
55
+
56
+ # Validations
57
+ validates_present :name
58
+ validates_is_unique :version, :scope => [:name]
59
+
60
+ # Encoders to apply to the payload
61
+ attr_reader :encoders
62
+
63
+ # The built and encoded payload
64
+ attr_accessor :payload
65
+
66
+ #
67
+ # Creates a new Payload object with the given _attributes_. If a
68
+ # _block_ is given, it will be passed the newly created Payload
69
+ # object.
70
+ #
71
+ def initialize(attributes={},&block)
72
+ super(attributes)
73
+
74
+ @encoders = []
75
+ @built = false
76
+
77
+ instance_eval(&block) if block
78
+ end
79
+
80
+ #
81
+ # Finds all payloads with names like the specified _name_.
82
+ #
83
+ def self.named(name)
84
+ self.all(:name.like => "%#{name}%")
85
+ end
86
+
87
+ #
88
+ # Finds all payloads with descriptions like the specified
89
+ # _description_.
90
+ #
91
+ def self.describing(description)
92
+ self.all(:description.like => "%#{description}%")
93
+ end
94
+
95
+ #
96
+ # Finds the payload with the most recent vesion.
97
+ #
98
+ def self.latest
99
+ self.first(:order => [:version.desc])
100
+ end
101
+
102
+ #
103
+ # Adds a new Ability to the payload that provides the behavior
104
+ # with the specified _name_.
105
+ #
106
+ def provides(name)
107
+ self.abilities << Ability.new(
108
+ :behavior => Vulnerability::Behavior.first_or_create(
109
+ :name => name.to_s
110
+ ),
111
+ :payload => self
112
+ )
113
+ end
114
+
115
+ #
116
+ # Adds a new PayloadAuthor with the given _attributes_ and _block_.
117
+ #
118
+ def author(attributes={},&block)
119
+ authors << PayloadAuthor.first_or_create(attributes,&block)
120
+ end
121
+
122
+ #
123
+ # Add the specified _encoder_object_ to the encoders.
124
+ #
125
+ def encoder(encoder_object)
126
+ @encoders << encoder_object
127
+ end
128
+
129
+ #
130
+ # Default builder method.
131
+ #
132
+ def builder
133
+ end
134
+
135
+ #
136
+ # Returns +true+ if the payload is built, returns +false+ otherwise.
137
+ #
138
+ def built?
139
+ @built == true
140
+ end
141
+
142
+ #
143
+ # Performs a clean build of the payload with the given _params_.
144
+ # If a _block_ is given, it will be passed the built and encoded
145
+ # payload.
146
+ #
147
+ def build(params={},&block)
148
+ self.params = params
149
+
150
+ @built = false
151
+ @payload = ''
152
+
153
+ builder()
154
+
155
+ @built = true
156
+
157
+ @encoders.each do |encoder|
158
+ @payload = encoder.encode(@payload)
159
+ end
160
+
161
+ block.call(@payload) if block
162
+ return @payload
163
+ end
164
+
165
+ #
166
+ # Default payload verifier method.
167
+ #
168
+ def verifier
169
+ end
170
+
171
+ #
172
+ # Default verify method, calls verifier by default.
173
+ #
174
+ def verify
175
+ verifier
176
+ end
177
+
178
+ #
179
+ # Default payload deployer method.
180
+ #
181
+ def deployer(&block)
182
+ block.call(self) if block
183
+ end
184
+
185
+ #
186
+ # Default method to call after the payload has been deployed.
187
+ #
188
+ def deploy(&block)
189
+ verify
190
+
191
+ return deployer(&block)
192
+ end
193
+
194
+ #
195
+ # Returns the built payload.
196
+ #
197
+ def to_s
198
+ build
199
+ end
200
+
201
+ end
202
+ end
203
+ end
@@ -0,0 +1,34 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/author'
25
+
26
+ module Ronin
27
+ module Payloads
28
+ class PayloadAuthor < Author
29
+
30
+ belongs_to :payload
31
+
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,34 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/payloads/binary_payload'
25
+
26
+ module Ronin
27
+ module Payloads
28
+ class Shellcode < BinaryPayload
29
+
30
+ objectify :ronin_shellcode
31
+
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,34 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/payloads/payload'
25
+
26
+ module Ronin
27
+ module Payloads
28
+ class WebPayload < Payload
29
+
30
+ objectify :ronin_web_payload
31
+
32
+ end
33
+ end
34
+ end