ronin-exploits 0.2.0 → 0.2.1

data/lib/ronin/payloads/helpers/shell.rb

@@ -21,7 +21,7 @@
 #++
 #
 
-require 'ronin/payloads/helpers/exceptions/unimplemented'
+require 'ronin/payloads/helpers/exceptions/not_implemented'
 require 'ronin/payloads/helpers/exceptions/program_not_found'
 
 module Ronin
@@ -40,7 +40,7 @@ module Ronin
         # Executes the specified _command_ with the given _arguments_.
         #
         def exec(command,*arguments)
-          raise(Unimplemented,"the exec method has not been implemented",caller)
+          raise(NotImplemented,"the exec method has not been implemented",caller)
         end
 
         #

data/lib/ronin/payloads/license.rb

@@ -0,0 +1,34 @@
+#
+#--
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/license'
+
+module Ronin
+  class License
+
+    # The payloads under the license
+    has n, :payloads,
+           :class_name => 'Ronin::Payloads::Payload'
+
+  end
+end

data/lib/ronin/payloads/nops.rb

@@ -21,9 +21,11 @@
 #++
 #
 
+require 'ronin/payloads/asm_payload'
+
 module Ronin
   module Payloads
-    class Nops < BinaryPayload
+    class Nops < ASMPayload
 
       contextify :ronin_nops
 

data/lib/ronin/{targeted_os.rb → payloads/os.rb}

@@ -24,11 +24,7 @@
 require 'ronin/os'
 
 module Ronin
-  class TargetedOS < OS
-
-    # The exploit targets for the OS
-    has n, :targets,
-           :class_name => 'Ronin::Exploits::Target'
+  class OS
 
     # The payloads which target the OS
     has n, :payloads,

data/lib/ronin/payloads/payload.rb

@@ -22,12 +22,19 @@
 #
 
 require 'ronin/payloads/exceptions/unknown_helper'
+require 'ronin/payloads/license'
+require 'ronin/payloads/arch'
+require 'ronin/payloads/os'
 require 'ronin/payloads/payload_author'
 require 'ronin/payloads/control'
 require 'ronin/model/targets_arch'
 require 'ronin/model/targets_os'
+require 'ronin/model/has_name'
+require 'ronin/model/has_description'
+require 'ronin/model/has_version'
+require 'ronin/model/has_license'
+require 'ronin/ui/diagnostics'
 require 'ronin/cacheable'
-require 'ronin/has_license'
 
 require 'parameters'
 
@@ -37,24 +44,19 @@ module Ronin
 
       include Parameters
       include Cacheable
+      include Model::HasName
+      include Model::HasDescription
+      include Model::HasVersion
+      include Model::HasLicense
       include Model::TargetsArch
       include Model::TargetsOS
-      include HasLicense
+      include UI::Diagnostics
 
       contextify :ronin_payload
 
       # Primary key of the payload
       property :id, Serial
 
-      # Name of the specific payload
-      property :name, String, :index => true
-
-      # Version of the payload
-      property :version, String, :default => '0.1', :index => true
-
-      # Description of the payload
-      property :description, Text
-
       # Author(s) of the payload
       has n, :authors, :class_name => 'Ronin::Payloads::PayloadAuthor'
 
@@ -65,6 +67,9 @@ module Ronin
       validates_present :name
       validates_is_unique :version, :scope => [:name]
 
+      # The exploit to deploy with
+      attr_accessor :exploit
+
       # The built and encoded payload
       attr_accessor :payload
 
@@ -76,33 +81,14 @@ module Ronin
       def initialize(attributes={},&block)
         super(attributes)
 
+        initialize_params(attributes)
+
         @built = false
+        @deployed = false
 
         instance_eval(&block) if block
       end
 
-      #
-      # Finds all payloads with names like the specified _name_.
-      #
-      def self.named(name)
-        self.all(:name.like => "%#{name}%")
-      end
-
-      #
-      # Finds all payloads with descriptions like the specified
-      # _description_.
-      #
-      def self.describing(description)
-        self.all(:description.like => "%#{description}%")
-      end
-
-      #
-      # Finds the payload with the most recent vesion.
-      #
-      def self.latest
-        self.first(:order => [:version.desc])
-      end
-
       #
       # Adds a new PayloadAuthor with the given _attributes_. If a _block_
       # is given, it will be passed to the newly created PayloadAuthor
@@ -117,13 +103,20 @@ module Ronin
       end
 
       #
-      # Adds a new Control to the payload that provides the specified
-      # _behavior_.
+      # Adds a new Control to the payload that controls the specified
+      # _behaviors_.
       #
-      #   controlling :code_exec
+      #   controlling :code_exec.
+      #               :file_read,
+      #               :file_write,
+      #               :file_create
       #
-      def controlling(behavior)
-        self.controls << Control.new(:behavior => Vuln::Behavior[behavior])
+      def controlling(*behaviors)
+        behaviors.each do |behavior|
+          self.controls << Control.new(
+            :behavior => Vuln::Behavior[behavior]
+          )
+        end
       end
 
       #
@@ -168,16 +161,59 @@ module Ronin
       end
 
       #
-      # Default method to call after the payload has been deployed.
+      # Returns +true+ if the payload has previously been deployed,
+      # returns +false+ otherwise.
+      #
+      def deployed?
+        @deployed == true
+      end
+
+      #
+      # Verifies the built payload and deploys the payload. If a _block_
+      # is given, it will be passed the deployed payload object. If 
+      # an exploit is given, it will be called with the given _options_
+      # and the built payload before the payload is deployed.
       #
-      def deploy!(&block)
+      def deploy!(options={},&block)
+        # verify the payload
         verify!
+
+        if @exploit
+          # build, verify and deploy the exploit with the built payload
+          @exploit.call(options.merge(:payload => @payload))
+        end
+
+        @deployed = false
+
         deploy()
+
+        @deployed = true
         
         block.call(self) if block
         return self
       end
 
+      #
+      # Builds the payload with the given _options_ and deploys it with
+      # the given _block_. If a _block_ is given, it will be passed the
+      # deployed payload object.
+      #
+      # _options_ may contain the following keys:
+      # <tt>:exploit</tt>:: The exploit object to use with the payload.
+      #
+      def call(options={},&block)
+        if options[:exploit]
+          # set the exploit if one is given
+          @exploit = options.delete(:exploit)
+        end
+
+        # build the payload
+        build!(options)
+
+        # deploy the payload
+        return deploy!(options,&block)
+      end
+
       #
       # Returns the name and version of the payload.
       #
@@ -185,6 +221,16 @@ module Ronin
         "#{self.name} #{self.version}"
       end
 
+      #
+      # Inspects the contents of the payload.
+      #
+      def inspect
+        str = "#{self.class}: #{self}"
+        str << " #{self.params.inspect}" unless self.params.empty?
+
+        return "#<#{str}>"
+      end
+
       protected
 
       #
@@ -202,7 +248,9 @@ module Ronin
 
         begin
           require File.join('ronin','payloads','helpers',name)
-        rescue LoadError
+        rescue Gem::LoadError => e
+          raise(e)
+        rescue ::LoadError
           raise(UnknownHelper,"unknown helper #{name.dump}",caller)
         end
 

data/lib/ronin/payloads/shellcode.rb

@@ -22,10 +22,13 @@
 #
 
 require 'ronin/payloads/binary_payload'
+require 'ronin/payloads/helpers/shell'
 
 module Ronin
   module Payloads
-    class Shellcode < BinaryPayload
+    class Shellcode < ASMPayload
+
+      include Helpers::Shell
 
       contextify :ronin_shellcode
 

data/lib/ronin/ui/command_line/commands/exploits.rb

@@ -59,7 +59,7 @@ module Ronin
           end
 
           def arguments(*args)
-            Database.setup!
+            Database.setup
 
             exploits = Ronin::Exploits::Exploit.all(@query)
 

data/lib/ronin/ui/command_line/commands/payload.rb

@@ -77,7 +77,7 @@ module Ronin
           end
 
           def arguments(*args)
-            Database.setup!
+            Database.setup
 
             # Load the payload
             if @path
@@ -85,7 +85,7 @@ module Ronin
             elsif args.length >= 1
               @query[:name] = args.first
 
-              unless (payload = Payloads::Payload.first(@query))
+              unless (payload = Payloads::Payload.load_first(@query))
                 fail("could not find the specified payload")
               end
             else

data/lib/ronin/ui/command_line/commands/payloads.rb

@@ -55,7 +55,7 @@ module Ronin
           end
 
           def arguments(*args)
-            Database.setup!
+            Database.setup
 
             payloads = Ronin::Payloads::Payload.all(@query)
 

data/spec/exploits/exploit_spec.rb

@@ -6,7 +6,6 @@ require 'helpers/objects'
 describe Exploits::Exploit do
   before(:each) do
     @exploit = load_exploit('test')
-    @payload = load_payload('example')
   end
 
   it "should require a name attribute" do
@@ -42,9 +41,12 @@ describe Exploits::Exploit do
   end
 
   it "should specify the behaviors allowed by the exploit" do
-    @exploit.allowing :memory_read
+    @exploit.allowing :memory_read, :memory_write
 
-    @exploit.behaviors.first.should == Vuln::Behavior[:memory_read]
+    @exploit.behaviors.should == [
+      Vuln::Behavior[:memory_read],
+      Vuln::Behavior[:memory_write]
+    ]
   end
 
   it "should allow for the extending of Helper modules" do
@@ -63,8 +65,8 @@ describe Exploits::Exploit do
 
   it "should have targeted OSes" do
     @exploit.targeted_oses.should == [
-      OS.linux_version('2.6.23'),
-      OS.windows_version('7.1')
+      OS.linux('2.6.23'),
+      OS.windows('7.1')
     ]
   end
 
@@ -94,7 +96,7 @@ describe Exploits::Exploit do
   end
 
   it "should have a default targeted OS" do
-    @exploit.os.should == OS.linux_version('2.6.23')
+    @exploit.os.should == OS.linux('2.6.23')
   end
 
   it "should have a default targeted Product" do
@@ -102,30 +104,6 @@ describe Exploits::Exploit do
     @exploit.product.version.should == '1.5'
   end
 
-  it "should be able to switch between payloads" do
-    @exploit.payload = @payload
-
-    @exploit.switch_payload('other_payload') do
-      @exploit.payload.should == 'other_payload'
-    end
-
-    @exploit.payload.should == @payload
-  end
-
-  it "should build the payload if it is a kind of Payloads::Payload" do
-    @exploit.payload = @payload
-    @exploit.encode_payload!
-
-    @exploit.payload.should be_built
-  end
-
-  it "should share parameters with the payload if it is a kind of Payloads::Payload" do
-    @exploit.payload = @payload
-    @exploit.encode_payload!
-
-    @payload.var.should == @exploit.var
-  end
-
   it "should encode a String payload" do
     @exploit.payload = 'data'
 
@@ -174,4 +152,8 @@ describe Exploits::Exploit do
   it "should return the name and the version when calling to_s" do
     @exploit.to_s.should == 'test 0.2'
   end
+
+  it "should have a custom inspect method" do
+    @exploit.inspect.should == '#<Ronin::Exploits::Exploit: test 0.2>'
+  end
 end

data/spec/exploits/file_based_exploit_spec.rb

@@ -0,0 +1,39 @@
+require 'ronin/exploits/local'
+require 'ronin/exploits/helpers/file_based'
+
+require 'spec_helper'
+
+describe Exploits::Helpers::FileBased do
+  before(:all) do
+    @exploit = Exploits::Local.new do
+      helper :file_based
+
+      self.name = 'file exploit'
+      self.file_name = 'file_exploit.dat'
+
+      def build
+        file_open do |file|
+          file << 'some data'
+        end
+      end
+    end
+  end
+
+  it "should have an absolute path for the file to be built" do
+    @exploit.file_path.should_not be_empty
+  end
+
+  it "should have a default output directory" do
+    @exploit.output_dir.should == Ronin::Config::TMP_DIR
+  end
+
+  it "should have a default file name, derived from the exploit name" do
+    @exploit.file_name.should == 'file_exploit.dat'
+  end
+
+  it "should build a file" do
+    @exploit.build!
+
+    File.read(@exploit.file_path).should == 'some data'
+  end
+end