ronin-exploits 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. data.tar.gz.sig +0 -0
  2. data/History.txt +27 -0
  3. data/Manifest.txt +21 -5
  4. data/README.txt +40 -3
  5. data/Rakefile +6 -6
  6. data/TODO.txt +12 -9
  7. data/lib/ronin/exploits/allow.rb +1 -1
  8. data/lib/ronin/{targeted_arch.rb → exploits/arch.rb} +1 -5
  9. data/lib/ronin/exploits/exploit.rb +59 -144
  10. data/lib/ronin/exploits/ftp.rb +4 -1
  11. data/lib/ronin/exploits/helpers.rb +1 -0
  12. data/lib/ronin/exploits/helpers/file_based.rb +113 -0
  13. data/lib/ronin/exploits/http.rb +10 -0
  14. data/lib/ronin/exploits/license.rb +34 -0
  15. data/lib/ronin/exploits/os.rb +34 -0
  16. data/lib/ronin/{targeted_product.rb → exploits/product.rb} +1 -1
  17. data/lib/ronin/exploits/remote_tcp.rb +2 -3
  18. data/lib/ronin/exploits/remote_udp.rb +2 -3
  19. data/lib/ronin/exploits/target.rb +8 -10
  20. data/lib/ronin/exploits/verifiers.rb +92 -0
  21. data/lib/ronin/exploits/version.rb +1 -1
  22. data/lib/ronin/exploits/web.rb +21 -1
  23. data/lib/ronin/model/has_default_port.rb +54 -0
  24. data/lib/ronin/model/targets_arch.rb +8 -10
  25. data/lib/ronin/model/targets_os.rb +9 -9
  26. data/lib/ronin/payloads.rb +1 -0
  27. data/lib/ronin/payloads/arch.rb +32 -0
  28. data/lib/ronin/payloads/asm_payload.rb +34 -0
  29. data/lib/ronin/payloads/encoder.rb +24 -18
  30. data/lib/ronin/payloads/helpers/exceptions.rb +2 -1
  31. data/lib/ronin/payloads/helpers/exceptions/{unimplemented.rb → not_implemented.rb} +1 -1
  32. data/lib/ronin/payloads/helpers/file_system.rb +12 -12
  33. data/lib/ronin/payloads/helpers/rpc.rb +7 -7
  34. data/lib/ronin/payloads/helpers/shell.rb +2 -2
  35. data/lib/ronin/payloads/license.rb +34 -0
  36. data/lib/ronin/payloads/nops.rb +3 -1
  37. data/lib/ronin/{targeted_os.rb → payloads/os.rb} +1 -5
  38. data/lib/ronin/payloads/payload.rb +89 -41
  39. data/lib/ronin/payloads/shellcode.rb +4 -1
  40. data/lib/ronin/ui/command_line/commands/exploits.rb +1 -1
  41. data/lib/ronin/ui/command_line/commands/payload.rb +2 -2
  42. data/lib/ronin/ui/command_line/commands/payloads.rb +1 -1
  43. data/spec/exploits/exploit_spec.rb +12 -30
  44. data/spec/exploits/file_based_exploit_spec.rb +39 -0
  45. data/spec/exploits/ftp_spec.rb +1 -5
  46. data/spec/exploits/http_spec.rb +4 -4
  47. data/spec/exploits/remote_tcp_spec.rb +7 -3
  48. data/spec/exploits/remote_udp_spec.rb +7 -3
  49. data/spec/exploits/target_spec.rb +9 -2
  50. data/spec/exploits/targets/buffer_overflow_spec.rb +6 -2
  51. data/spec/exploits/web_spec.rb +6 -0
  52. data/spec/model/has_default_port_spec.rb +27 -0
  53. data/spec/model/models/default_port_model.rb +13 -0
  54. data/spec/model/models/non_default_port_model.rb +11 -0
  55. data/spec/model/models/targets_arch_model.rb +11 -0
  56. data/spec/model/models/targets_os_model.rb +11 -0
  57. data/spec/model/targets_arch_spec.rb +22 -0
  58. data/spec/model/targets_os_spec.rb +23 -0
  59. data/spec/objects/exploits/example.rb +25 -0
  60. data/spec/objects/exploits/test.rb +0 -4
  61. data/spec/objects/payloads/test.rb +5 -1
  62. data/spec/payloads/encoder_spec.rb +5 -1
  63. data/spec/payloads/payload_spec.rb +77 -14
  64. metadata +58 -13
  65. metadata.gz.sig +0 -0
  66. data/spec/objects/payloads/example.rb +0 -19
@@ -0,0 +1,54 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'dm-core'
25
+
26
+ module Ronin
27
+ module Model
28
+ module HasDefaultPort
29
+ def self.included(base)
30
+ base.module_eval do
31
+ # Default port to use
32
+ property :default_port, Integer
33
+
34
+ validates_present :default_port
35
+ end
36
+ end
37
+
38
+ #
39
+ # Creates a new Model with the given _attributes_ and given _block_.
40
+ #
41
+ # _attributes_ may contain the following keys:
42
+ # <tt>:default_port</tt>:: The default port to use, defaults to the
43
+ # +DEFAULT_PORT+ constant.
44
+ #
45
+ def initialize(attributes={},&block)
46
+ if self.class.const_defined?('DEFAULT_PORT')
47
+ attributes = {:default_port => self.class.const_get('DEFAULT_PORT')}.merge(attributes)
48
+ end
49
+
50
+ super(attributes,&block)
51
+ end
52
+ end
53
+ end
54
+ end
@@ -21,33 +21,31 @@
21
21
  #++
22
22
  #
23
23
 
24
- require 'ronin/targeted_arch'
24
+ require 'ronin/arch'
25
25
 
26
26
  module Ronin
27
27
  module Model
28
28
  module TargetsArch
29
29
  def self.included(base)
30
30
  base.module_eval do
31
- # The payloads targeted architecture
32
- belongs_to :arch,
33
- :child_key => [:arch_id],
34
- :class_name => 'Ronin::TargetedArch'
31
+ # The targeted architecture
32
+ belongs_to :arch
35
33
 
36
34
  #
37
35
  # Returns the current targeted arch if no _name_ is given. If a
38
- # _name_ is given, a new TargetedArch object will be created
39
- # with the given _name_ and associated with the target.
36
+ # _name_ is given, a new Arch object will be created with the
37
+ # given _name_ and associated with the target.
40
38
  #
41
39
  # target.arch
42
40
  # # => nil
43
41
  #
44
42
  # target.arch :i686
45
- # # => #<Ronin::TargetedArch type=Ronin::TargetedArch id=nil
46
- # # name="i686" endian="little" address_length=4>
43
+ # # => #<Ronin::Arch type=Ronin::Arch id=nil name="i686"
44
+ # # endian="little" address_length=4>
47
45
  #
48
46
  def arch(name=nil)
49
47
  if name
50
- return self.arch = TargetedArch[name]
48
+ return self.arch = Arch[name]
51
49
  else
52
50
  return arch_association
53
51
  end
@@ -21,33 +21,33 @@
21
21
  #++
22
22
  #
23
23
 
24
- require 'ronin/targeted_os'
24
+ require 'ronin/os'
25
25
 
26
26
  module Ronin
27
27
  module Model
28
28
  module TargetsOS
29
29
  def self.included(base)
30
30
  base.module_eval do
31
- # The payloads targeted OS
31
+ # The targeted OS
32
32
  belongs_to :os,
33
- :child_key => [:os_id],
34
- :class_name => 'Ronin::TargetedOS'
33
+ :child_key => [:od_id],
34
+ :class_name => 'Ronin::OS'
35
35
 
36
36
  #
37
37
  # Returns the current targeted OS if no _arguments_ are given. If
38
- # _arguments_ are given, a new TargetedOS object will be created
39
- # from the given _arguments_ and associated with the target.
38
+ # _arguments_ are given, a new OS object will be created from the
39
+ # given _arguments_ and associated with the target.
40
40
  #
41
41
  # target.os
42
42
  # # => nil
43
43
  #
44
44
  # target.os(:name => 'FreeBSD', :version => '7.1')
45
- # # => #<Ronin::TargetedOS type=Ronin::TargetedOS id=nil
46
- # # name="FreeBSD" version="7.1">
45
+ # # => #<Ronin::OS type=Ronin::OS id=nil name="FreeBSD"
46
+ # # version="7.1">
47
47
  #
48
48
  def os(*arguments)
49
49
  unless arguments.empty?
50
- return self.os = TargetedOS.first_or_create(*arguments)
50
+ return self.os = OS.first_or_create(*arguments)
51
51
  else
52
52
  return os_association
53
53
  end
@@ -24,6 +24,7 @@
24
24
  require 'ronin/payloads/encoders'
25
25
  require 'ronin/payloads/payload'
26
26
  require 'ronin/payloads/binary_payload'
27
+ require 'ronin/payloads/asm_payload'
27
28
  require 'ronin/payloads/nops'
28
29
  require 'ronin/payloads/shellcode'
29
30
  require 'ronin/database'
@@ -0,0 +1,32 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ module Ronin
25
+ class Arch
26
+
27
+ # The payloads which target the Arch
28
+ has n, :payloads,
29
+ :class_name => 'Ronin::Payloads::Payload'
30
+
31
+ end
32
+ end
@@ -0,0 +1,34 @@
1
+ #
2
+ #--
3
+ # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
4
+ # payload crafting functionality.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/payloads/binary_payload'
25
+
26
+ module Ronin
27
+ module Payloads
28
+ class ASMPayload < BinaryPayload
29
+
30
+ contextify :ronin_asm_payload
31
+
32
+ end
33
+ end
34
+ end
@@ -21,6 +21,8 @@
21
21
  #++
22
22
  #
23
23
 
24
+ require 'ronin/model/has_name'
25
+ require 'ronin/model/has_description'
24
26
  require 'ronin/model/targets_arch'
25
27
  require 'ronin/model/targets_os'
26
28
  require 'ronin/cacheable'
@@ -33,6 +35,8 @@ module Ronin
33
35
 
34
36
  include Parameters
35
37
  include Cacheable
38
+ include Model::HasName
39
+ include Model::HasDescription
36
40
  include Model::TargetsArch
37
41
  include Model::TargetsOS
38
42
 
@@ -41,36 +45,38 @@ module Ronin
41
45
  # Primary key of the payload
42
46
  property :id, Serial
43
47
 
44
- # Name of the specific payload
45
- property :name, String, :index => true
46
-
47
- # Description of the payload
48
- property :description, Text
48
+ #
49
+ # Creates a new Encoder object with the given _arguments_.
50
+ #
51
+ def initialize(*arguments)
52
+ super(*arguments)
49
53
 
50
- # Validations
51
- validates_present :name
54
+ initialize_params(*arguments)
55
+ end
52
56
 
53
57
  #
54
- # Finds all payloads with names like the specified _name_.
58
+ # Default method which will encode the specified _data_.
59
+ # Returns the specified _data_ by default.
55
60
  #
56
- def self.named(name)
57
- self.all(:name.like => "%#{name}%")
61
+ def call(data)
62
+ data
58
63
  end
59
64
 
60
65
  #
61
- # Finds all payloads with descriptions like the specified
62
- # _description_.
66
+ # Returns the name of the payload encoder.
63
67
  #
64
- def self.describing(description)
65
- self.all(:description.like => "%#{description}%")
68
+ def to_s
69
+ self.name.to_s
66
70
  end
67
71
 
68
72
  #
69
- # Default method which will encode the specified _data_.
70
- # Returns the specified _data_ by default.
73
+ # Inspects the contents of the payload encoder.
71
74
  #
72
- def call(data)
73
- data
75
+ def inspect
76
+ str = "#{self.class}: #{self}"
77
+ str << " #{self.params.inspect}" unless self.params.empty?
78
+
79
+ return "#<#{str}>"
74
80
  end
75
81
 
76
82
  end
@@ -21,4 +21,5 @@
21
21
  #++
22
22
  #
23
23
 
24
- require 'ronin/payloads/exceptions/unimplemented'
24
+ require 'ronin/payloads/exceptions/not_implemented'
25
+ require 'ronin/payloads/exceptions/program_not_found'
@@ -24,7 +24,7 @@
24
24
  module Ronin
25
25
  module Payloads
26
26
  module Helpers
27
- class Unimplemented < RuntimeError
27
+ class NotImplemented < RuntimeError
28
28
  end
29
29
  end
30
30
  end
@@ -21,7 +21,7 @@
21
21
  #++
22
22
  #
23
23
 
24
- require 'ronin/payloads/helpers/exceptions/unimplemented'
24
+ require 'ronin/payloads/helpers/exceptions/not_implemented'
25
25
 
26
26
  module Ronin
27
27
  module Payloads
@@ -32,7 +32,7 @@ module Ronin
32
32
  # otherwise.
33
33
  #
34
34
  def exists?(path)
35
- raise(Unimplemented,"the exists? method has not been implemented",caller)
35
+ raise(NotImplemented,"the exists? method has not been implemented",caller)
36
36
  end
37
37
 
38
38
  #
@@ -40,7 +40,7 @@ module Ronin
40
40
  # otherwise.
41
41
  #
42
42
  def file?(path)
43
- raise(Unimplemented,"the file? method has not been implemented",caller)
43
+ raise(NotImplemented,"the file? method has not been implemented",caller)
44
44
  end
45
45
 
46
46
  #
@@ -48,21 +48,21 @@ module Ronin
48
48
  # +false+ otherwise.
49
49
  #
50
50
  def dir?(path)
51
- raise(Unimplemented,"the dir? method has not been implemented",caller)
51
+ raise(NotImplemented,"the dir? method has not been implemented",caller)
52
52
  end
53
53
 
54
54
  #
55
55
  # Returns the contents of the directory at the specified _path_.
56
56
  #
57
57
  def dir(path)
58
- raise(Unimplemented,"the dir method has not been implemented",caller)
58
+ raise(NotImplemented,"the dir method has not been implemented",caller)
59
59
  end
60
60
 
61
61
  #
62
62
  # Returns all the paths matching the specified globbed _pattern_.
63
63
  #
64
64
  def glob(pattern)
65
- raise(Unimplemented,"the glob method has not been implemented",caller)
65
+ raise(NotImplemented,"the glob method has not been implemented",caller)
66
66
  end
67
67
 
68
68
  #
@@ -90,7 +90,7 @@ module Ronin
90
90
  # Returns the contents of the file at the specified _path_.
91
91
  #
92
92
  def read_file(path)
93
- raise(Unimplemented,"the read_file method has not been implemented",caller)
93
+ raise(NotImplemented,"the read_file method has not been implemented",caller)
94
94
  end
95
95
 
96
96
  #
@@ -98,7 +98,7 @@ module Ronin
98
98
  # _path_.
99
99
  #
100
100
  def write_file(path,contents)
101
- raise(Unimplemented,"the write_file method has not been implemented",caller)
101
+ raise(NotImplemented,"the write_file method has not been implemented",caller)
102
102
  end
103
103
 
104
104
  #
@@ -106,7 +106,7 @@ module Ronin
106
106
  # _path_.
107
107
  #
108
108
  def append_file(path,contents)
109
- raise(Unimplemented,"the append_file method has not been implemented",caller)
109
+ raise(NotImplemented,"the append_file method has not been implemented",caller)
110
110
  end
111
111
 
112
112
  #
@@ -120,21 +120,21 @@ module Ronin
120
120
  # Removes the file at the specified _path_.
121
121
  #
122
122
  def rm(path)
123
- raise(Unimplemented,"the rm method has not been implemented",caller)
123
+ raise(NotImplemented,"the rm method has not been implemented",caller)
124
124
  end
125
125
 
126
126
  #
127
127
  # Removes the directory at the specified _path_.
128
128
  #
129
129
  def rmdir(path)
130
- raise(Unimplemented,"the rmdir method has not been implemented",caller)
130
+ raise(NotImplemented,"the rmdir method has not been implemented",caller)
131
131
  end
132
132
 
133
133
  #
134
134
  # Recursively removes the file or directory at the specified _path_.
135
135
  #
136
136
  def rm_r(path)
137
- raise(Unimplemented,"the rm_r method has not been implemented",caller)
137
+ raise(NotImplemented,"the rm_r method has not been implemented",caller)
138
138
  end
139
139
 
140
140
  protected
@@ -21,7 +21,7 @@
21
21
  #++
22
22
  #
23
23
 
24
- require 'ronin/payloads/helpers/exceptions/unimplemented'
24
+ require 'ronin/payloads/helpers/exceptions/not_implemented'
25
25
 
26
26
  module Ronin
27
27
  module Payloads
@@ -34,7 +34,7 @@ module Ronin
34
34
  #
35
35
  def self.expose_method(name)
36
36
  define_method(name) do |*arguments|
37
- call(name,*arguments)
37
+ call_method(name,*arguments)
38
38
  end
39
39
  end
40
40
  end
@@ -44,22 +44,22 @@ module Ronin
44
44
  # Calls the specified _method_ with the given _arguments_.
45
45
  # Returns the return-value of the method-call.
46
46
  #
47
- def call(method,*arguments)
48
- raise(Unimplemented,"the call method is unimplemented",caller)
47
+ def call_method(method,*arguments)
48
+ raise(NotImplemented,"the call method is unimplemented",caller)
49
49
  end
50
50
 
51
51
  #
52
52
  # Evaluates the specified _code_.
53
53
  #
54
54
  def eval(code)
55
- call(:eval,code)
55
+ call_method(:eval,code)
56
56
  end
57
57
 
58
58
  #
59
59
  # Exits with the given _status_.
60
60
  #
61
61
  def exit(status=0)
62
- call(:exit,status)
62
+ call_method(:exit,status)
63
63
  end
64
64
 
65
65
  protected
@@ -72,7 +72,7 @@ module Ronin
72
72
  name = name.to_s
73
73
 
74
74
  if (name[-1..-1] != '=' && block.nil?)
75
- return call(name,*arguments)
75
+ return call_method(name,*arguments)
76
76
  end
77
77
 
78
78
  return super(name,*arguments,&block)