ronin-exploits 0.2.1 → 0.3.0

data/lib/ronin/exploits/exceptions.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,9 +17,9 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
 require 'ronin/exploits/exceptions/unknown_helper'
 require 'ronin/exploits/exceptions/target_unspecified'
 require 'ronin/exploits/exceptions/target_data_missing'

data/lib/ronin/exploits/exceptions/exception.rb

@@ -0,0 +1,27 @@
+#
+# Ronin Exploits - A Ruby library for Ronin that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+module Ronin
+  module Exploits
+    class Exception < RuntimeError
+    end
+  end
+end

data/lib/ronin/exploits/exceptions/exploit_not_built.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
+
 module Ronin
   module Exploits
-    class ExploitNotBuilt < RuntimeError
+    class ExploitNotBuilt < Exception
     end
   end
 end

data/lib/ronin/exploits/exceptions/payload_size.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
+
 module Ronin
   module Exploits
-    class PayloadSize < RuntimeError
+    class PayloadSize < Exception
     end
   end
 end

data/lib/ronin/exploits/exceptions/restricted_char.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
+
 module Ronin
   module Exploits
-    class RestrictedChar < RuntimeError
+    class RestrictedChar < Exception
     end
   end
 end

data/lib/ronin/exploits/exceptions/target_data_missing.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
+
 module Ronin
   module Exploits
-    class TargetDataMissing < RuntimeError
+    class TargetDataMissing < Exception
     end
   end
 end

data/lib/ronin/exploits/exceptions/target_unspecified.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
+
 module Ronin
   module Exploits
-    class TargetUnspecified < RuntimeError
+    class TargetUnspecified < Exception
     end
   end
 end

data/lib/ronin/exploits/exceptions/unknown_helper.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
+require 'ronin/exploits/exceptions/exception'
+
 module Ronin
   module Exploits
-    class UnknownHelper < RuntimeError
+    class UnknownHelper < Exception
     end
   end
 end

data/lib/ronin/exploits/exploit.rb

@@ -1,5 +1,4 @@
 #
-#--
 # Ronin Exploits - A Ruby library for Ronin that provides exploitation and
 # payload crafting functionality.
 #
@@ -18,7 +17,6 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#++
 #
 
 require 'ronin/exploits/exceptions/unknown_helper'
@@ -26,18 +24,20 @@ require 'ronin/exploits/exceptions/target_unspecified'
 require 'ronin/exploits/exceptions/target_data_missing'
 require 'ronin/exploits/exceptions/restricted_char'
 require 'ronin/exploits/exceptions/exploit_not_built'
-require 'ronin/exploits/license'
 require 'ronin/exploits/verifiers'
 require 'ronin/exploits/exploit_author'
 require 'ronin/exploits/target'
-require 'ronin/exploits/allow'
-require 'ronin/vuln/behavior'
+require 'ronin/exploits/control'
+require 'ronin/payloads/has_payload'
+require 'ronin/payloads/payload'
+require 'ronin/controls/behaviors'
 require 'ronin/cacheable'
 require 'ronin/model/has_name'
 require 'ronin/model/has_description'
 require 'ronin/model/has_version'
 require 'ronin/model/has_license'
-require 'ronin/ui/diagnostics'
+require 'ronin/ui/output/helpers'
+require 'ronin/extensions/kernel'
 
 require 'parameters'
 require 'chars/char_set'
@@ -52,9 +52,19 @@ module Ronin
       include Model::HasDescription
       include Model::HasVersion
       include Model::HasLicense
-      include UI::Diagnostics
+      include Payloads::HasPayload
+      include Controls::Behaviors
+      include UI::Output::Helpers
       include Verifiers
 
+      #
+      # Creates a new Ronin::Exploits::Exploit object using the given
+      # _block_.
+      #
+      #   ronin_exploit do
+      #     ...
+      #   end
+      #
       contextify :ronin_exploit
       
       # Primary key of the exploit
@@ -78,10 +88,10 @@ module Ronin
       ]
 
       # Author(s) of the exploit
-      has n, :authors, :class_name => 'Ronin::Exploits::ExploitAuthor'
+      has n, :authors, :model => 'Ronin::Exploits::ExploitAuthor'
 
       # Behaviors that the exploit allows
-      has n, :allows
+      has n, :controls, :model => 'Ronin::Exploits::Control'
 
       # Targets for the exploit
       has n, :targets
@@ -91,10 +101,7 @@ module Ronin
       validates_is_unique :version, :scope => [:name]
 
       # Exploit target
-      attr_accessor :target
-
-      # Exploit payload
-      attr_accessor :payload
+      attr_writer :target
 
       # Characters to restrict
       attr_reader :restricted_chars
@@ -102,11 +109,22 @@ module Ronin
       # Encoders to run on the payload
       attr_reader :encoders
 
+      # The raw unencoded payload
+      attr_reader :raw_payload
+
       # The encoded payload
       attr_reader :encoded_payload
 
       #
-      # Creates a new Exploit object with the given _attributes_.
+      # Creates a new Exploit object.
+      #
+      # @param [Hash] attributes
+      #   Additional attributes used to initialize the exploit's model
+      #   attributes and parameters.
+      #
+      # @yield []
+      #   If a block is given, it will be evaluated in the newly created
+      #   Exploit object.
       #
       def initialize(attributes={},&block)
         super(attributes)
@@ -124,10 +142,84 @@ module Ronin
       end
 
       #
-      # Adds an ExploitAuthor with the given _attributes_ to the exploit.
-      # If a _block_ is given, it will be passed to the newly created
-      # ExploitAuthor object.
+      # Finds all exploits written by a specific author.
+      #
+      # @param [String] name
+      #   The name of the author.
+      #
+      # @return [Array<Exploit>]
+      #   The exploits written by the author.
+      #
+      def self.written_by(name)
+        all(self.authors.name.like => "%#{name}%")
+      end
+
+      #
+      # Finds all exploits written for a specific organization.
+      #
+      # @param [String] name
+      #   The name of the organization.
+      #
+      # @return [Array<Exploit>]
+      #   The exploits written for the organization.
+      #
+      def self.written_for(name)
+        all(self.authors.organization.like => "%#{name}%")
+      end
+
+      #
+      # Finds all exploits which target a given architecture.
+      #
+      # @param [String, Symbol] name
+      #   The name of the architecture.
+      #
+      # @return [Array<Exploit>]
+      #   The exploits targeting the architecture.
+      #
+      def self.targeting_arch(name)
+        all(self.targets.arch.name => name.to_s)
+      end
+
+      #
+      # Finds all exploits which target a given OS.
+      #
+      # @param [String, Symbol] name
+      #   The name of the OS.
+      #
+      # @return [Array<Exploit>]
+      #   The exploits targeting the OS.
+      #
+      def self.targeting_os(name)
+        all(self.targets.os.name => name.to_s)
+      end
+
+      #
+      # Finds all exploits which target a given product.
+      #
+      # @param [String, Symbol] name
+      #   The name of the product.
+      #
+      # @return [Array<Exploit>]
+      #   The exploits targeting the product.
+      #
+      def self.targeting_product(name)
+        all(self.targets.product.name => "%#{name}%")
+      end
+
+      #
+      # Adds a new author to the exploit.
+      #
+      # @param [Hash] attributes
+      #   Additional attributes to create the ExploitAuthor object with.
       #
+      # @yield [author]
+      #   If a block is given, it will be passed the newly created author
+      #   object.
+      #
+      # @yieldparam [ExploitAuthor] author
+      #   The author object tied to the exploit.
+      #
+      # @example
       #   author :name => 'Anonymous',
       #          :email => 'anon@example.com',
       #          :organization => 'Anonymous LLC'
@@ -137,19 +229,18 @@ module Ronin
       end
 
       #
-      # Adds a new Allow object granting the specified _behaviors_.
+      # Adds a new target to the exploit.
       #
-      #   allowing :code_exec, :auth_bypass
+      # @param [Hash] attributes
+      #   Additional attributes to create the target with.
       #
-      def allowing(*behaviors)
-        behaviors.each do |behavior|
-          self.allows << Allow.new(:behavior => Vuln::Behavior[behavior])
-        end
-      end
-
+      # @yield [target]
+      #   If a block is given, it will be passed the newly created target.
       #
-      # Adds a new Target with the given _attributes_ and _block_.
+      # @yieldparam [Target] target
+      #   The newly created target.
       #
+      # @example
       #   targeting do |target|
       #     target.arch :i686
       #     target.os :name => 'Linux'
@@ -160,8 +251,15 @@ module Ronin
       end
 
       #
-      # Adds the given _chars_ to the restricted list of characters.
+      # Adds new characters to the list of restricted characters.
       #
+      # @param [Array<String>] chars
+      #   The character to restrict.
+      #
+      # @return [Array<String>]
+      #   The new list of restricted characters.
+      #
+      # @example
       #   restrict 0x00, "\n"
       #   # => #<Chars::CharSet: {"\0", "\n"}>
       #
@@ -170,189 +268,421 @@ module Ronin
       end
 
       #
-      # Adds the specified _encoder_ to the list of encoders to use on the
+      # Adds a new encoder to the list of encoders to use for encoding the
       # payload.
       #
-      def encode_with(encoder)
-        @encoders << encoder
+      # @param [#encode] encoder
+      #   The payload encoder object to use.
+      #   Must provide an encode method.
+      #
+      # @yield [payload]
+      #   If a block is given, and an encoder object is not, the block will
+      #   be used to encode the payload.
+      #
+      # @yieldparam [String] payload
+      #   The payload to be encoded.
+      #
+      # @return [Array]
+      #   The new list of encoders to use to encode the payload.
+      #
+      # @raise [RuntimeError]
+      #   The payload encoder object does not provide an encode method.
+      #
+      # @raise [ArgumentError]
+      #   Either a payload encoder object or a block can be given.
+      #
+      # @example
+      #   exploit.encode_payload(some_encoder)
+      #
+      # @example
+      #   exploit.encode_payload do |payload|
+      #     # ...
+      #   end
+      #
+      def encode_payload(encoder=nil,&block)
+        if encoder
+          unless encoder.respond_to?(:encode)
+            raise(RuntimeError,"The payload encoder must provide an encode method",caller)
+          end
+
+          @encoders << encoder
+        elsif (encoder.nil? && block)
+          @encoders << block
+        else
+          raise(ArgumentError,"either a payload encoder or a block can be given",caller)
+        end
+      end
+
+      #
+      # Lists the behaviors controlled by the exploit and the payload, if
+      # one is being used.
+      #
+      # @return [Array<Symbol>]
+      #   The combined behaviors controlled by the exploit.
+      #
+      def behaviors
+        total_behaviors = super
+
+        if @payload
+          total_behaviors = (total_behaviors + @payload.behaviors).uniq
+        end
+
+        return total_behaviors
       end
 
       #
-      # Returns the Array of targeted architectures.
+      # @return [Array<Arch>]
+      #   The targeted architectures.
       #
       def targeted_archs
         self.targets.map { |target| target.arch }.compact
       end
 
       #
-      # Returns the Array of targeted OSes.
+      # @return [Array<OS>]
+      #   The targeted OSes.
       #
       def targeted_oses
         self.targets.map { |target| target.os }.compact
       end
 
       #
-      # Returns the Array of targeted Products.
+      # @return [Array<Product>]
+      #   The targeted Products.
       #
       def targeted_products
         self.targets.map { |target| target.product }.compact
       end
 
       #
-      # Explicitly selects the first target that matches the specified
-      # _block_.
+      # Selects a target to use in exploitation.
       #
-      #   select_target { |target| target.arch == Arch.i686 }
+      # @param [Integer, Hash] index_or_query
+      #   The index within #targets or a query to select the target.
       #
-      def select_target(&block)
-        @target = self.targets.first(&block)
+      # @yield [target]
+      #   If a block is given, it will be used to select the desired
+      #   target from #targets.
+      #
+      # @yieldparam [Target] target
+      #   The potential target to review.
+      #
+      # @example
+      #   use_target!(2)
+      #
+      # @example
+      #   use_target!(Target.arch.name => 'i686')
+      #
+      # @example
+      #   use_target! { |target| target.arch == Arch.i686 }
+      #
+      # @since 0.3.0
+      #
+      def use_target!(index_or_query=0,&block)
+        @target = if block
+                    self.targets.find(&block)
+                  elsif index_or_query.kind_of?(Hash)
+                    self.targets.first(index_or_query)
+                  elsif index_or_query.kind_of?(Integer)
+                    self.targets[index_or_query]
+                  end
       end
 
       #
-      # Returns the current target.
+      # @return [Target]
+      #   The current target to use in exploitation.
       #
       def target
         @target ||= self.targets.first
       end
 
       #
-      # Returns the currently targeted architecture.
+      # @return [Arch]
+      #   The current targeted architecture.
       #
       def arch
         target.arch if target
       end
 
       #
-      # Returns the currently targeted OS.
+      # @return [OS]
+      #   The current targeted OS.
       #
       def os
         target.os if target
       end
 
       #
-      # Returns the currently targeted Product.
+      # @return [Product]
+      #   The current targeted product.
       #
       def product
         target.product if target
       end
 
       #
-      # Returns the behaviors allowed by the exploit.
+      # Associates a payload with the exploit, and the exploit with the
+      # payload.
       #
-      def behaviors
-        self.allows.map { |allow| allow.behavior }
+      # @param [Payload] new_payload
+      #   The new payload to associate with the exploit.
+      #
+      # @return [Payload]
+      #   The new payload.
+      #
+      # @since 0.3.0
+      #
+      def payload=(new_payload)
+        if (@payload && new_payload.nil?)
+          @payload.exploit = nil
+        end
+
+        super(new_payload)
+
+        if @payload
+          print_info "Using payload: #{new_payload}"
+
+          @payload.exploit = self
+        end
+
+        return @payload
       end
 
       #
-      # Encodes the current payload, returning the encoded payload in
-      # String form.
+      # Sets the raw payload to use with the exploit.
       #
-      def encode_payload!
-        @encoded_payload = ''
+      # @param [String, #to_s] new_raw_payload
+      #   The new raw payload to use with the exploit.
+      #
+      # @return [String]
+      #   The new raw payload of the exploit.
+      #
+      def raw_payload=(new_raw_payload)
+        new_raw_payload = new_raw_payload.to_s
+
+        print_debug "Using raw payload: #{new_raw_payload.dump}"
 
+        @raw_payload = new_raw_payload
+      end
+
+      #
+      # Builds the current payload, saving the result to the +@raw_payload+
+      # instance variable.
+      #
+      # @param [Hash] options
+      #   Additional options to build the paylod with.
+      #
+      # @return [String]
+      #   The built payload.
+      #
+      # @see Payload#build!
+      # @since 0.3.0
+      #
+      def build_payload!(options={})
         if @payload
-          @encoded_payload = @payload.to_s
+          @raw_payload = ''
 
-          @encoders.each do |encoder|
-            if (new_payload = encoder.call(@encoded_payload))
-              @encoded_payload = new_payload
-            end
-          end
+          @payload.build!(options)
+          @raw_payload = @payload.raw_payload
+        else
+          @raw_payload ||= ''
+        end
+
+        return @raw_payload
+      end
+
+      #
+      # Encodes the current payload and saves the result in the
+      # +@encoded_payload+ instance variable.
+      #
+      # @return [String]
+      #   The encoded payload.
+      #
+      def encode_payload!
+        @encoded_payload = @raw_payload.to_s
+
+        @encoders.each do |encoder|
+          print_debug "Encoding payload: #{@encoded_payload.dump}"
+
+          new_payload = if encoder.respond_to?(:encode)
+                          encoder.encode(@encoded_payload)
+                        elsif encoder.respond_to?(:call)
+                          encoder.call(@encoded_payload)
+                        end
+
+          @encoded_payload = (new_payload || @encoded_payload).to_s
         end
 
         return @encoded_payload
       end
 
       #
-      # Returns +true+ if the exploit is built, returns +false+ otherwise.
+      # @return [Boolean]
+      #   Specifies whether the exploit is built.
       #
       def built?
         @built == true
       end
 
       #
-      # Builds the exploit with the given _options_ and checks for
-      # restricted characters or patterns. If any restricted characters or
-      # patterns are found in the built exploit, a RestrictedText exception
-      # will be raised.
+      # Builds the exploit and checks for restricted characters or patterns.
       #
-      def build!(options={})
-        if options[:payload]
-          @payload = options.delete(:payload)
-        end
-
+      # @param [Hash] options
+      #   Additional options to also use as parameters.
+      #
+      def build!(options={},&block)
         self.params = options
 
+        print_debug "Exploit parameters: #{self.params.inspect}"
+
         @built = false
 
+        build_payload!(options)
         encode_payload!
-        result = build
+
+        print_info "Building exploit ..."
+
+        build
+        
+        print_info "Exploit built!"
 
         @built = true
-        return result
+
+        if block
+          if block.arity == 1
+            block.call(self)
+          else
+            block.call()
+          end
+        end
+
+        return self
       end
 
       #
-      # Verifies the exploit is properly configured, built and ready to be
-      # deployed. An exception should be raised if the exploit is not ready
-      # to be deployed, returns +true+ otherwise.
+      # Verifies the exploit is built, properly configured, built and
+      # ready deployment.
+      #
+      # @return [true]
+      #   The exploit is built and ready for deployment.
+      #
+      # @raise [ExploitNotBuilt]
+      #   The exploit has not been built, and cannot be deployed.
       #
       def verify!
         unless built?
           raise(ExploitNotBuilt,"cannot deploy an unbuilt exploit",caller)
         end
 
+        print_info "Verifying exploit ..."
+
         verify
+
+        print_info "Exploit verified!"
         return true
       end
 
       #
-      # Returns +true+ if the exploit has previously been deployed, returns
-      # +false+ otherwise.
+      # @return [Boolean]
+      #   Specifies whether the exploit has previously been deployed.
       #
       def deployed?
         @deployed == true
       end
 
       #
-      # Verifies then deploys the exploit with the given _block_. If a
-      # _block_ is given, it will be passed the deployed exploit. If the
-      # exploit has not been previously built, an ExploitNotBuilt exception
-      # will be raised.
+      # Verifies then deploys the exploit. If a payload has been set,
+      # the payload will also be deployed.
+      #
+      # @yield [exploit]
+      #   If a block is given, it will be passed the deployed exploit.
+      #
+      # @yieldparam [Exploit] exploit
+      #   The deployed exploit.
+      #
+      # @return [Exploit]
+      #   The deployed exploit.
+      #
+      # @raise [ExploitNotBuilt]
+      #   The exploit has not been built, and cannot be deployed.
       #
       def deploy!(&block)
         verify!
 
+        print_info "Deploying exploit ..."
         @deployed = false
 
         deploy()
 
+        print_info "Exploit deployed!"
         @deployed = true
 
-        block.call(self) if block
+        @payload.deploy!() if @payload
+
+        if block
+          if block.arity == 1
+            block.call(self)
+          else
+            block.call()
+          end
+        end
+
         return self
       end
 
       #
-      # Builds the exploit with the given _options_, then deploys the
-      # exploit with the given _block_.
+      # Builds, verified and then deploys the exploit.
+      #
+      # @param [Hash] options
+      #   Additional options to build the exploit with.
+      #
+      # @option options [Boolean] :dry_run (false)
+      #   Specifies whether to do a dry-run of the exploit, where the
+      #   exploit will be built, verified but *not* deployed.
+      #
+      # @yieldparam [Exploit] exploit
+      #   The deployed exploit.
+      #
+      # @return [Exploit]
+      #   The deployed exploit.
+      #
+      # @return [Exploit]
+      #   The deployed exploit.
       #
-      def call(options={},&block)
+      # @since 0.3.0
+      #
+      def exploit!(options={},&block)
         build!(options)
 
-        return deploy!(&block)
+        unless options[:dry_run]
+          deploy!(&block)
+        end
+
+        return self
       end
 
       #
-      # Returns the name and version of the exploit.
+      # Converts the exploit to a String.
+      #
+      # @return [String]
+      #   The name and version of the exploit.
       #
       def to_s
-        "#{self.name} #{self.version}"
+        if (self.name && self.version)
+          "#{self.name} #{self.version}"
+        elsif self.name
+          self.name
+        elsif self.version
+          self.version
+        end
       end
 
       #
       # Inspects the contents of the exploit.
       #
+      # @return [String]
+      #   The inspected exploit.
+      #
       def inspect
         str = "#{self.class}: #{self}"
         str << " #{self.params.inspect}" unless self.params.empty?
@@ -364,11 +694,20 @@ module Ronin
 
       #
       # Extends the exploit with the helper module defined in
-      # Ronin::Exploits::Helpers that has the similar specified
-      # _name_. If no module can be found within
-      # Ronin::Exploits::Helpers with the similar _name_, an
-      # UnknownHelper exception will be raised.
+      # Ronin::Exploits::Helpers that has the similar name.
+      #
+      # @param [Symbol, String] name
+      #   The snake-case name of the exploit helper to load and extend the
+      #   exploit with.
+      #
+      # @return [true]
+      #   The exploit helper was successfully loaded.
+      #
+      # @raise [UnknownHelper]
+      #   No valid helper module could be found or loaded with the similar
+      #   name.
       #
+      # @example
       #   helper :buffer_overflow
       #
       def helper(name)
@@ -376,7 +715,7 @@ module Ronin
         module_name = name.to_const_string
 
         begin
-          require File.join('ronin','exploits','helpers',name)
+          require_within File.join('ronin','exploits','helpers'), name
         rescue Gem::LoadError => e
           raise(e)
         rescue ::LoadError
@@ -398,8 +737,13 @@ module Ronin
       end
 
       #
-      # Returns +true+ if the specified _text_ contains any restricted
-      # characters, returns +false+ otherwise.
+      # Reviews the text for restricted characters.
+      #
+      # @param [String] text
+      #   The text to check for restricted characters within.
+      #
+      # @return [Boolean]
+      #   Specifies whether the text contains any restricted characters.
       #
       def is_restricted?(text)
         text.each_byte do |b|
@@ -422,13 +766,26 @@ module Ronin
       end
 
       #
-      # Default exploit deploy method, passes the exploit object to the
-      # given _block_ by default.
+      # Default exploit deploy method.
       #
       def deploy(&block)
         block.call(self) if block
       end
 
+      #
+      # Relays method calls to the payload, if the payload is a kind of 
+      # Ronin::Payloads::Payload.
+      #
+      # @since 0.3.0
+      #
+      def method_missing(name,*arguments,&block)
+        if @payload.kind_of?(Ronin::Payloads::Payload)
+          return @payload.send(name,*arguments,&block)
+        end
+
+        super(name,*arguments,&block)
+      end
+
     end
   end
 end