ronin-exploits 0.1.1 → 0.2.0

data/lib/ronin/model/targets_arch.rb

@@ -0,0 +1,59 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/targeted_arch'
+
+module Ronin
+  module Model
+    module TargetsArch
+      def self.included(base)
+        base.module_eval do
+          # The payloads targeted architecture
+          belongs_to :arch,
+                     :child_key => [:arch_id],
+                     :class_name => 'Ronin::TargetedArch'
+
+          #
+          # Returns the current targeted arch if no _name_ is given. If a
+          # _name_ is given, a new TargetedArch object will be created
+          # with the given _name_ and associated with the target.
+          #
+          #   target.arch
+          #   # => nil
+          #
+          #   target.arch :i686
+          #   # => #<Ronin::TargetedArch type=Ronin::TargetedArch id=nil
+          #   # name="i686" endian="little" address_length=4>
+          #
+          def arch(name=nil)
+            if name
+              return self.arch = TargetedArch[name]
+            else
+              return arch_association
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ronin/model/targets_os.rb

@@ -0,0 +1,59 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/targeted_os'
+
+module Ronin
+  module Model
+    module TargetsOS
+      def self.included(base)
+        base.module_eval do
+          # The payloads targeted OS
+          belongs_to :os,
+                     :child_key => [:os_id],
+                     :class_name => 'Ronin::TargetedOS'
+
+          #
+          # Returns the current targeted OS if no _arguments_ are given. If
+          # _arguments_ are given, a new TargetedOS object will be created
+          # from the given _arguments_ and associated with the target.
+          #
+          #   target.os
+          #   # => nil
+          #
+          #   target.os(:name => 'FreeBSD', :version => '7.1')
+          #   # => #<Ronin::TargetedOS type=Ronin::TargetedOS id=nil
+          #   # name="FreeBSD" version="7.1">
+          #
+          def os(*arguments)
+            unless arguments.empty?
+              return self.os = TargetedOS.first_or_create(*arguments)
+            else
+              return os_association
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ronin/payloads.rb

@@ -21,13 +21,17 @@
 #++
 #
 
-require 'ronin/payloads/ability'
-require 'ronin/payloads/payload_author'
+require 'ronin/payloads/encoders'
 require 'ronin/payloads/payload'
 require 'ronin/payloads/binary_payload'
+require 'ronin/payloads/nops'
+require 'ronin/payloads/shellcode'
+require 'ronin/database'
 
 require 'reverse_require'
 
+require_for 'ronin-exploits', 'ronin/exploits'
+
 module Ronin
-  require_for 'ronin', 'ronin/payloads'
+  Database.update!
 end

data/lib/ronin/payloads/binary_payload.rb

@@ -22,18 +22,14 @@
 #
 
 require 'ronin/payloads/payload'
+require 'ronin/arch'
+require 'ronin/os'
 
 module Ronin
   module Payloads
     class BinaryPayload < Payload
 
-      objectify :ronin_binary_payload
-
-      # The payloads targeted architecture
-      belongs_to :arch
-
-      # The payloads targeted platform
-      belongs_to :platform
+      contextify :ronin_binary_payload
 
     end
   end

data/lib/ronin/payloads/{ability.rb → control.rb}

@@ -28,12 +28,17 @@ require 'ronin/model'
 
 module Ronin
   module Payloads
-    class Ability
+    class Control
 
       include Model
 
+      # The primary key of the control
+      property :id, Serial
+
       # The behavior the ability provides
-      belongs_to :behavior, :class_name => 'Vuln::Behavior'
+      belongs_to :behavior,
+                 :child_key => [:behavior_id],
+                 :class_name => 'Vuln::Behavior'
 
       # The payload which has this ability
       belongs_to :payload

data/lib/ronin/payloads/encoder.rb

@@ -0,0 +1,78 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/model/targets_arch'
+require 'ronin/model/targets_os'
+require 'ronin/cacheable'
+
+require 'parameters'
+
+module Ronin
+  module Payloads
+    class Encoder
+
+      include Parameters
+      include Cacheable
+      include Model::TargetsArch
+      include Model::TargetsOS
+
+      contextify :ronin_payload_encoder
+
+      # Primary key of the payload
+      property :id, Serial
+
+      # Name of the specific payload
+      property :name, String, :index => true
+
+      # Description of the payload
+      property :description, Text
+
+      # Validations
+      validates_present :name
+
+      #
+      # Finds all payloads with names like the specified _name_.
+      #
+      def self.named(name)
+        self.all(:name.like => "%#{name}%")
+      end
+
+      #
+      # Finds all payloads with descriptions like the specified
+      # _description_.
+      #
+      def self.describing(description)
+        self.all(:description.like => "%#{description}%")
+      end
+
+      #
+      # Default method which will encode the specified _data_.
+      # Returns the specified _data_ by default.
+      #
+      def call(data)
+        data
+      end
+
+    end
+  end
+end

data/lib/ronin/payloads/encoders.rb

@@ -0,0 +1,33 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/payloads/encoders/xor'
+require 'ronin/database'
+
+require 'reverse_require'
+
+require_for 'ronin-exploits', 'ronin/payloads/encoders'
+
+module Ronin
+  Database.update!
+end

data/lib/ronin/payloads/encoders/xor.rb

@@ -0,0 +1,81 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/payloads/encoder'
+
+require 'chars'
+
+module Ronin
+  module Payloads
+    module Encoders
+      class XOR < Encoder
+
+        # Set of characters to allow in the encoded data
+        attr_accessor :allow
+
+        #
+        # Creates a new XOR Encoder object using the given _options_.
+        # If a _block_ is given it will be passed the newly created
+        # Encoder object.
+        #
+        # _options_ may include the following keys:
+        # <tt>:allow</tt>:: The set of characters allowed in the encoded
+        #                   result. Defaults to <tt>(1..255)</tt>.
+        # <tt>:disallow</tt>:: The set of characters that are not allowed
+        #                      in the encoded result.
+        #
+        def initialize(options={},&block)
+          @allow = Chars::CharSet.new(options[:allow] || (1..255))
+
+          if options[:disallow]
+            @allow -= options[:disallow]
+          end
+
+          super(&block)
+        end
+
+        #
+        # XOR encodes the specified _data_ prefixing the XOR key to the
+        # encoded data.
+        #
+        def call(data)
+          alphabet = Chars.all.select { |b| data.include?(b.chr) }
+          excluded = (Chars.all - alphabet)
+
+          key = excluded.select { |b|
+            @allow.include?(b) && alphabet.all? { |i|
+              @allow.include?(i ^ b)
+            }
+          }.last
+
+          text = ''
+
+          text << key.chr
+          data.each_byte { |b| text << (b ^ key).chr }
+          return text
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/payloads/exceptions.rb

@@ -0,0 +1,24 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/payloads/exceptions/unknown_helper'

data/lib/ronin/payloads/exceptions/unknown_helper.rb

@@ -0,0 +1,29 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+module Ronin
+  module Payloads
+    class UnknownHelper < RuntimeError
+    end
+  end
+end

data/lib/ronin/payloads/helpers.rb

@@ -0,0 +1,26 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/payloads/helpers/file_system'
+require 'ronin/payloads/helpers/shell'
+require 'ronin/payloads/helpers/rpc'