ronin-exploits 0.3.1 → 1.0.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (338) hide show
  1. checksums.yaml +7 -0
  2. data/.document +4 -0
  3. data/.editorconfig +11 -0
  4. data/.github/workflows/ruby.yml +31 -0
  5. data/.gitignore +13 -0
  6. data/.mailmap +1 -0
  7. data/.rspec +1 -0
  8. data/.ruby-version +1 -0
  9. data/.yardopts +1 -0
  10. data/COPYING.txt +161 -335
  11. data/{History.txt → ChangeLog.md} +119 -16
  12. data/Gemfile +50 -0
  13. data/README.md +454 -0
  14. data/Rakefile +37 -23
  15. data/bin/ronin-exploits +13 -6
  16. data/data/new/exploit.rb.erb +158 -0
  17. data/gemspec.yml +37 -0
  18. data/lib/ronin/exploits/advisory.rb +84 -0
  19. data/lib/ronin/exploits/cli/command.rb +39 -0
  20. data/lib/ronin/exploits/cli/commands/irb.rb +57 -0
  21. data/lib/ronin/exploits/cli/commands/list.rb +80 -0
  22. data/lib/ronin/exploits/cli/commands/new.rb +332 -0
  23. data/lib/ronin/exploits/cli/commands/run.rb +396 -0
  24. data/lib/ronin/exploits/cli/commands/show.rb +264 -0
  25. data/lib/ronin/exploits/cli/exploit_command.rb +114 -0
  26. data/lib/ronin/exploits/cli/exploit_methods.rb +114 -0
  27. data/lib/ronin/exploits/cli/ruby_shell.rb +51 -0
  28. data/lib/ronin/exploits/cli.rb +46 -0
  29. data/lib/ronin/exploits/client_side_web_vuln.rb +69 -0
  30. data/lib/ronin/exploits/exceptions.rb +27 -17
  31. data/lib/ronin/exploits/exploit.rb +501 -582
  32. data/lib/ronin/exploits/heap_overflow.rb +50 -0
  33. data/lib/ronin/exploits/lfi.rb +141 -0
  34. data/lib/ronin/exploits/loot/file.rb +113 -0
  35. data/lib/ronin/exploits/loot.rb +119 -0
  36. data/lib/ronin/exploits/memory_corruption.rb +53 -0
  37. data/lib/ronin/exploits/metadata/arch.rb +83 -0
  38. data/lib/ronin/exploits/metadata/cookie_param.rb +80 -0
  39. data/lib/ronin/exploits/metadata/default_filename.rb +69 -0
  40. data/lib/ronin/exploits/metadata/default_port.rb +69 -0
  41. data/lib/ronin/exploits/metadata/header_name.rb +80 -0
  42. data/lib/ronin/exploits/metadata/os.rb +117 -0
  43. data/lib/ronin/exploits/metadata/shouts.rb +85 -0
  44. data/lib/ronin/exploits/metadata/url_path.rb +82 -0
  45. data/lib/ronin/exploits/metadata/url_query_param.rb +80 -0
  46. data/lib/ronin/exploits/mixins/binary.rb +106 -0
  47. data/lib/ronin/exploits/mixins/build_dir.rb +61 -0
  48. data/lib/ronin/exploits/mixins/file_builder.rb +102 -0
  49. data/lib/ronin/exploits/mixins/format_string.rb +87 -0
  50. data/lib/ronin/exploits/mixins/has_payload.rb +202 -0
  51. data/lib/ronin/exploits/mixins/has_targets.rb +297 -0
  52. data/lib/ronin/exploits/mixins/html.rb +213 -0
  53. data/lib/ronin/exploits/mixins/http.rb +866 -0
  54. data/lib/ronin/exploits/mixins/loot.rb +84 -0
  55. data/lib/ronin/exploits/mixins/nops.rb +121 -0
  56. data/lib/ronin/exploits/mixins/remote_tcp.rb +272 -0
  57. data/lib/ronin/exploits/mixins/remote_udp.rb +264 -0
  58. data/lib/ronin/exploits/mixins/seh.rb +136 -0
  59. data/lib/ronin/exploits/mixins/stack_overflow.rb +124 -0
  60. data/lib/ronin/exploits/mixins/text.rb +65 -0
  61. data/lib/ronin/exploits/mixins.rb +32 -0
  62. data/lib/ronin/exploits/open_redirect.rb +103 -0
  63. data/lib/ronin/exploits/params/base_url.rb +84 -0
  64. data/lib/ronin/exploits/params/bind_host.rb +53 -0
  65. data/lib/ronin/exploits/params/bind_port.rb +53 -0
  66. data/lib/ronin/exploits/params/filename.rb +71 -0
  67. data/lib/ronin/exploits/params/host.rb +56 -0
  68. data/lib/ronin/exploits/params/port.rb +71 -0
  69. data/lib/ronin/exploits/registry.rb +32 -0
  70. data/lib/ronin/exploits/rfi.rb +106 -0
  71. data/lib/ronin/exploits/root.rb +28 -0
  72. data/lib/ronin/exploits/seh_overflow.rb +90 -0
  73. data/lib/ronin/exploits/sqli.rb +172 -0
  74. data/lib/ronin/exploits/ssti.rb +108 -0
  75. data/lib/ronin/exploits/stack_overflow.rb +90 -0
  76. data/lib/ronin/exploits/target.rb +63 -103
  77. data/lib/ronin/exploits/test_result.rb +80 -0
  78. data/lib/ronin/exploits/use_after_free.rb +50 -0
  79. data/lib/ronin/exploits/version.rb +11 -12
  80. data/lib/ronin/exploits/web.rb +18 -89
  81. data/lib/ronin/exploits/web_vuln.rb +378 -0
  82. data/lib/ronin/exploits/xss.rb +102 -0
  83. data/lib/ronin/exploits.rb +19 -26
  84. data/man/ronin-exploits-irb.1 +31 -0
  85. data/man/ronin-exploits-irb.1.md +22 -0
  86. data/man/ronin-exploits-list.1 +37 -0
  87. data/man/ronin-exploits-list.1.md +27 -0
  88. data/man/ronin-exploits-new.1 +98 -0
  89. data/man/ronin-exploits-new.1.md +73 -0
  90. data/man/ronin-exploits-run.1 +117 -0
  91. data/man/ronin-exploits-run.1.md +87 -0
  92. data/man/ronin-exploits-show.1 +45 -0
  93. data/man/ronin-exploits-show.1.md +33 -0
  94. data/man/ronin-exploits.1 +55 -0
  95. data/man/ronin-exploits.1.md +41 -0
  96. data/ronin-exploits.gemspec +62 -0
  97. data/spec/advisory_spec.rb +71 -0
  98. data/spec/cli/exploit_command_spec.rb +68 -0
  99. data/spec/cli/exploit_methods_spec.rb +208 -0
  100. data/spec/cli/ruby_shell_spec.rb +14 -0
  101. data/spec/client_side_web_vuln_spec.rb +117 -0
  102. data/spec/exploit_spec.rb +538 -0
  103. data/spec/exploits_spec.rb +3 -4
  104. data/spec/heap_overflow_spec.rb +14 -0
  105. data/spec/lfi_spec.rb +162 -0
  106. data/spec/loot/file_spec.rb +131 -0
  107. data/spec/loot_spec.rb +138 -0
  108. data/spec/memory_corruption_spec.rb +22 -0
  109. data/spec/metadata/arch_spec.rb +82 -0
  110. data/spec/metadata/cookie_param_spec.rb +67 -0
  111. data/spec/metadata/default_filename_spec.rb +62 -0
  112. data/spec/metadata/default_port_spec.rb +62 -0
  113. data/spec/metadata/header_name_spec.rb +67 -0
  114. data/spec/metadata/os_spec.rb +164 -0
  115. data/spec/metadata/shouts_spec.rb +100 -0
  116. data/spec/metadata/url_path_spec.rb +67 -0
  117. data/spec/metadata/url_query_param_spec.rb +67 -0
  118. data/spec/mixins/binary_spec.rb +129 -0
  119. data/spec/mixins/build_dir.rb +66 -0
  120. data/spec/mixins/file_builder_spec.rb +67 -0
  121. data/spec/mixins/format_string_spec.rb +44 -0
  122. data/spec/mixins/has_payload_spec.rb +333 -0
  123. data/spec/mixins/has_targets_spec.rb +434 -0
  124. data/spec/mixins/html_spec.rb +772 -0
  125. data/spec/mixins/http_spec.rb +1227 -0
  126. data/spec/mixins/loot_spec.rb +20 -0
  127. data/spec/mixins/nops_spec.rb +165 -0
  128. data/spec/mixins/remote_tcp_spec.rb +217 -0
  129. data/spec/mixins/remote_udp_spec.rb +217 -0
  130. data/spec/mixins/seh_spec.rb +89 -0
  131. data/spec/mixins/stack_overflow_spec.rb +87 -0
  132. data/spec/mixins/text_spec.rb +43 -0
  133. data/spec/open_redirect_spec.rb +71 -0
  134. data/spec/params/base_url_spec.rb +71 -0
  135. data/spec/params/bind_host_spec.rb +34 -0
  136. data/spec/params/bind_port_spec.rb +35 -0
  137. data/spec/params/filename_spec.rb +77 -0
  138. data/spec/params/host_spec.rb +34 -0
  139. data/spec/params/port_spec.rb +77 -0
  140. data/spec/rfi_spec.rb +107 -0
  141. data/spec/seh_overflow_spec.rb +18 -0
  142. data/spec/spec_helper.rb +6 -10
  143. data/spec/sqli_spec.rb +306 -0
  144. data/spec/ssti_spec.rb +121 -0
  145. data/spec/stack_overflow_spec.rb +18 -0
  146. data/spec/target_spec.rb +92 -0
  147. data/spec/test_result_spec.rb +32 -0
  148. data/spec/use_after_free_spec.rb +14 -0
  149. data/spec/web_spec.rb +12 -0
  150. data/spec/web_vuln_spec.rb +854 -0
  151. data/spec/xss_spec.rb +69 -0
  152. metadata +356 -324
  153. data/Manifest.txt +0 -196
  154. data/README.txt +0 -274
  155. data/bin/ronin-exploit +0 -12
  156. data/bin/ronin-gen-binary-payload +0 -12
  157. data/bin/ronin-gen-exploit +0 -12
  158. data/bin/ronin-gen-ftp-exploit +0 -12
  159. data/bin/ronin-gen-http-exploit +0 -12
  160. data/bin/ronin-gen-local-exploit +0 -12
  161. data/bin/ronin-gen-nops +0 -12
  162. data/bin/ronin-gen-payload +0 -12
  163. data/bin/ronin-gen-remote-exploit +0 -12
  164. data/bin/ronin-gen-remote-tcp-exploit +0 -12
  165. data/bin/ronin-gen-remote-udp-exploit +0 -12
  166. data/bin/ronin-gen-shellcode +0 -12
  167. data/bin/ronin-gen-web-exploit +0 -12
  168. data/bin/ronin-payload +0 -12
  169. data/bin/ronin-payloads +0 -12
  170. data/lib/ronin/controls/behaviors.rb +0 -133
  171. data/lib/ronin/controls/exceptions/not_implemented.rb +0 -27
  172. data/lib/ronin/controls/exceptions/program_not_found.rb +0 -27
  173. data/lib/ronin/controls/exceptions.rb +0 -23
  174. data/lib/ronin/controls/file_system.rb +0 -145
  175. data/lib/ronin/controls/helpers/command_exec.rb +0 -143
  176. data/lib/ronin/controls/helpers/dir_create.rb +0 -42
  177. data/lib/ronin/controls/helpers/dir_listing.rb +0 -62
  178. data/lib/ronin/controls/helpers/dir_remove.rb +0 -42
  179. data/lib/ronin/controls/helpers/file_ctime.rb +0 -52
  180. data/lib/ronin/controls/helpers/file_mtime.rb +0 -53
  181. data/lib/ronin/controls/helpers/file_ownership.rb +0 -53
  182. data/lib/ronin/controls/helpers/file_read.rb +0 -62
  183. data/lib/ronin/controls/helpers/file_remove.rb +0 -51
  184. data/lib/ronin/controls/helpers/file_write.rb +0 -62
  185. data/lib/ronin/controls/helpers/memory_read.rb +0 -39
  186. data/lib/ronin/controls/helpers/memory_write.rb +0 -39
  187. data/lib/ronin/controls/helpers.rb +0 -33
  188. data/lib/ronin/controls.rb +0 -23
  189. data/lib/ronin/exploits/control.rb +0 -47
  190. data/lib/ronin/exploits/exceptions/exception.rb +0 -27
  191. data/lib/ronin/exploits/exceptions/exploit_not_built.rb +0 -29
  192. data/lib/ronin/exploits/exceptions/payload_size.rb +0 -29
  193. data/lib/ronin/exploits/exceptions/restricted_char.rb +0 -29
  194. data/lib/ronin/exploits/exceptions/target_data_missing.rb +0 -29
  195. data/lib/ronin/exploits/exceptions/target_unspecified.rb +0 -29
  196. data/lib/ronin/exploits/exceptions/unknown_helper.rb +0 -29
  197. data/lib/ronin/exploits/exploit_author.rb +0 -33
  198. data/lib/ronin/exploits/ftp.rb +0 -42
  199. data/lib/ronin/exploits/helpers/binary.rb +0 -50
  200. data/lib/ronin/exploits/helpers/buffer_overflow.rb +0 -115
  201. data/lib/ronin/exploits/helpers/file_based.rb +0 -112
  202. data/lib/ronin/exploits/helpers/format_string.rb +0 -117
  203. data/lib/ronin/exploits/helpers/padding.rb +0 -101
  204. data/lib/ronin/exploits/helpers.rb +0 -26
  205. data/lib/ronin/exploits/http.rb +0 -49
  206. data/lib/ronin/exploits/local.rb +0 -40
  207. data/lib/ronin/exploits/remote.rb +0 -40
  208. data/lib/ronin/exploits/remote_tcp.rb +0 -87
  209. data/lib/ronin/exploits/remote_udp.rb +0 -87
  210. data/lib/ronin/exploits/targets/buffer_overflow.rb +0 -46
  211. data/lib/ronin/exploits/targets/format_string.rb +0 -43
  212. data/lib/ronin/exploits/targets.rb +0 -27
  213. data/lib/ronin/exploits/verifiers.rb +0 -121
  214. data/lib/ronin/generators/exploits/exploit.rb +0 -70
  215. data/lib/ronin/generators/exploits/ftp.rb +0 -42
  216. data/lib/ronin/generators/exploits/http.rb +0 -42
  217. data/lib/ronin/generators/exploits/local.rb +0 -42
  218. data/lib/ronin/generators/exploits/remote.rb +0 -42
  219. data/lib/ronin/generators/exploits/remote_tcp.rb +0 -44
  220. data/lib/ronin/generators/exploits/remote_udp.rb +0 -44
  221. data/lib/ronin/generators/exploits/static.rb +0 -30
  222. data/lib/ronin/generators/exploits/web.rb +0 -45
  223. data/lib/ronin/generators/exploits.rb +0 -23
  224. data/lib/ronin/generators/payloads/binary_payload.rb +0 -42
  225. data/lib/ronin/generators/payloads/nops.rb +0 -42
  226. data/lib/ronin/generators/payloads/payload.rb +0 -66
  227. data/lib/ronin/generators/payloads/shellcode.rb +0 -42
  228. data/lib/ronin/generators/payloads/static.rb +0 -30
  229. data/lib/ronin/generators/payloads.rb +0 -23
  230. data/lib/ronin/model/has_default_port.rb +0 -54
  231. data/lib/ronin/model/targets_arch.rb +0 -68
  232. data/lib/ronin/model/targets_os.rb +0 -69
  233. data/lib/ronin/model/targets_product.rb +0 -68
  234. data/lib/ronin/payloads/asm_payload.rb +0 -40
  235. data/lib/ronin/payloads/binary_payload.rb +0 -42
  236. data/lib/ronin/payloads/control.rb +0 -47
  237. data/lib/ronin/payloads/encoders/encoder.rb +0 -92
  238. data/lib/ronin/payloads/encoders/xor.rb +0 -79
  239. data/lib/ronin/payloads/encoders.rb +0 -32
  240. data/lib/ronin/payloads/exceptions/exception.rb +0 -27
  241. data/lib/ronin/payloads/exceptions/not_implemented.rb +0 -29
  242. data/lib/ronin/payloads/exceptions/unknown_helper.rb +0 -29
  243. data/lib/ronin/payloads/exceptions.rb +0 -23
  244. data/lib/ronin/payloads/has_payload.rb +0 -111
  245. data/lib/ronin/payloads/helpers/chained.rb +0 -61
  246. data/lib/ronin/payloads/helpers/rpc.rb +0 -93
  247. data/lib/ronin/payloads/helpers.rb +0 -23
  248. data/lib/ronin/payloads/nops.rb +0 -39
  249. data/lib/ronin/payloads/payload.rb +0 -350
  250. data/lib/ronin/payloads/payload_author.rb +0 -33
  251. data/lib/ronin/payloads/shellcode.rb +0 -40
  252. data/lib/ronin/payloads/web_payload.rb +0 -41
  253. data/lib/ronin/payloads.rb +0 -36
  254. data/lib/ronin/ui/command_line/commands/exploit.rb +0 -193
  255. data/lib/ronin/ui/command_line/commands/exploits.rb +0 -154
  256. data/lib/ronin/ui/command_line/commands/gen_binary_payload.rb +0 -34
  257. data/lib/ronin/ui/command_line/commands/gen_exploit.rb +0 -34
  258. data/lib/ronin/ui/command_line/commands/gen_ftp_exploit.rb +0 -34
  259. data/lib/ronin/ui/command_line/commands/gen_http_exploit.rb +0 -34
  260. data/lib/ronin/ui/command_line/commands/gen_local_exploit.rb +0 -34
  261. data/lib/ronin/ui/command_line/commands/gen_nops.rb +0 -34
  262. data/lib/ronin/ui/command_line/commands/gen_payload.rb +0 -34
  263. data/lib/ronin/ui/command_line/commands/gen_remote_exploit.rb +0 -34
  264. data/lib/ronin/ui/command_line/commands/gen_remote_tcp_exploit.rb +0 -34
  265. data/lib/ronin/ui/command_line/commands/gen_remote_udp_exploit.rb +0 -34
  266. data/lib/ronin/ui/command_line/commands/gen_shellcode.rb +0 -34
  267. data/lib/ronin/ui/command_line/commands/gen_web_exploit.rb +0 -34
  268. data/lib/ronin/ui/command_line/commands/payload.rb +0 -129
  269. data/lib/ronin/ui/command_line/commands/payloads.rb +0 -128
  270. data/lib/ronin/vuln/behavior.rb +0 -165
  271. data/spec/controls/behaviors_examples.rb +0 -38
  272. data/spec/exploits/binary_exploit_spec.rb +0 -44
  273. data/spec/exploits/buffer_overflow_exploit_spec.rb +0 -70
  274. data/spec/exploits/exploit_spec.rb +0 -313
  275. data/spec/exploits/file_based_exploit_spec.rb +0 -48
  276. data/spec/exploits/format_string_exploit_spec.rb +0 -32
  277. data/spec/exploits/ftp_spec.rb +0 -13
  278. data/spec/exploits/http_spec.rb +0 -17
  279. data/spec/exploits/padding_exploit_spec.rb +0 -44
  280. data/spec/exploits/remote_tcp_spec.rb +0 -28
  281. data/spec/exploits/remote_udp_spec.rb +0 -28
  282. data/spec/exploits/target_spec.rb +0 -98
  283. data/spec/exploits/targets/buffer_overflow_spec.rb +0 -22
  284. data/spec/exploits/web_spec.rb +0 -35
  285. data/spec/generators/exploits/exploit_examples.rb +0 -24
  286. data/spec/generators/exploits/exploit_spec.rb +0 -42
  287. data/spec/generators/exploits/ftp_spec.rb +0 -42
  288. data/spec/generators/exploits/http_spec.rb +0 -42
  289. data/spec/generators/exploits/local_spec.rb +0 -42
  290. data/spec/generators/exploits/remote_spec.rb +0 -42
  291. data/spec/generators/exploits/remote_tcp_spec.rb +0 -47
  292. data/spec/generators/exploits/remote_udp_spec.rb +0 -47
  293. data/spec/generators/exploits/web_spec.rb +0 -52
  294. data/spec/generators/payloads/binary_payload_spec.rb +0 -31
  295. data/spec/generators/payloads/nops_spec.rb +0 -31
  296. data/spec/generators/payloads/payload_examples.rb +0 -16
  297. data/spec/generators/payloads/payload_spec.rb +0 -31
  298. data/spec/generators/payloads/shellcode_spec.rb +0 -31
  299. data/spec/helpers/database.rb +0 -5
  300. data/spec/helpers/objects.rb +0 -22
  301. data/spec/model/has_default_port_spec.rb +0 -27
  302. data/spec/model/models/default_port_model.rb +0 -13
  303. data/spec/model/models/non_default_port_model.rb +0 -11
  304. data/spec/model/models/targets_arch_model.rb +0 -11
  305. data/spec/model/models/targets_os_model.rb +0 -11
  306. data/spec/model/models/targets_product_model.rb +0 -11
  307. data/spec/model/targets_arch_spec.rb +0 -32
  308. data/spec/model/targets_os_spec.rb +0 -33
  309. data/spec/model/targets_product_spec.rb +0 -35
  310. data/spec/objects/exploits/example.rb +0 -25
  311. data/spec/objects/exploits/simple.rb +0 -24
  312. data/spec/objects/payloads/simple.rb +0 -19
  313. data/spec/payloads/encoders/encoder_spec.rb +0 -30
  314. data/spec/payloads/encoders/xor_spec.rb +0 -20
  315. data/spec/payloads/payload_spec.rb +0 -156
  316. data/spec/vuln/behavior_spec.rb +0 -15
  317. data/static/ronin/generators/exploits/_cache.erb +0 -14
  318. data/static/ronin/generators/exploits/_header.erb +0 -1
  319. data/static/ronin/generators/exploits/_helpers.erb +0 -4
  320. data/static/ronin/generators/exploits/exploit.erb +0 -24
  321. data/static/ronin/generators/exploits/ftp.erb +0 -24
  322. data/static/ronin/generators/exploits/http.erb +0 -26
  323. data/static/ronin/generators/exploits/local.erb +0 -24
  324. data/static/ronin/generators/exploits/remote.erb +0 -24
  325. data/static/ronin/generators/exploits/remote_tcp.erb +0 -26
  326. data/static/ronin/generators/exploits/remote_udp.erb +0 -26
  327. data/static/ronin/generators/exploits/web.erb +0 -28
  328. data/static/ronin/generators/payloads/_cache.erb +0 -10
  329. data/static/ronin/generators/payloads/_header.erb +0 -1
  330. data/static/ronin/generators/payloads/_helpers.erb +0 -2
  331. data/static/ronin/generators/payloads/binary_payload.erb +0 -25
  332. data/static/ronin/generators/payloads/nops.erb +0 -19
  333. data/static/ronin/generators/payloads/payload.erb +0 -25
  334. data/static/ronin/generators/payloads/shellcode.erb +0 -25
  335. data/tasks/spec.rb +0 -10
  336. data/tasks/yard.rb +0 -13
  337. data.tar.gz.sig +0 -0
  338. metadata.gz.sig +0 -0
@@ -1,9 +1,104 @@
1
- === 0.3.1 / 2009-10-01
1
+ ### 1.0.0 / 2023-XX-XX
2
2
 
3
- * Removed duplicate +default_port+ properties from Ronin::Exploits::FTP
3
+ * Upgraded to the LGPL-3 license.
4
+ * Require `ruby` >= 3.0.0.
5
+ * Added [ronin-support] ~> 1.0 as a dependency.
6
+ * Added [ronin-post_ex] ~> 0.1 as a dependency.
7
+ * Added [ronin-payloads] ~> 0.1 as a dependency.
8
+ * Added [ronin-vulns] ~> 0.1 as a dependency.
9
+ * Added [ronin-core] ~> 0.1 as a dependency.
10
+ * Added [ronin-repos] ~> 0.1 as a dependency.
11
+ * Added {Ronin::Exploits::Advisory}.
12
+ * Added {Ronin::Exploits::Loot}.
13
+ * Added {Ronin::Exploits::Loot::File}.
14
+ * Added {Ronin::Exploits::TestResult}.
15
+ * Added {Ronin::Exploits::Exploit.exploit}.
16
+ * Added {Ronin::Exploits::Exploit#perform_test}.
17
+ * Added {Ronin::Exploits::Exploit#perform_build}.
18
+ * Added {Ronin::Exploits::Exploit#perform_launch}.
19
+ * Added {Ronin::Exploits::Exploit#perform_cleanup}.
20
+ * Added {Ronin::Exploits::Exploit#exploit}.
21
+ * Added {Ronin::Exploits::Exploit#validate}.
22
+ * Added {Ronin::Exploits::Exploit#Vulnerable}.
23
+ * Added {Ronin::Exploits::Exploit#NotVulnerable}.
24
+ * Added {Ronin::Exploits::Exploit#Unknown}.
25
+ * Added {Ronin::Exploits::Exploit#test}.
26
+ * Added {Ronin::Exploits::Exploit#build}.
27
+ * Added {Ronin::Exploits::Exploit#launch}.
28
+ * Added {Ronin::Exploits::Exploit#cleanup}.
29
+ * Added {Ronin::Exploits::MemoryCorruption}.
30
+ * Added {Ronin::Exploits::StackOverflow}.
31
+ * Added {Ronin::Exploits::SEHOverflow}.
32
+ * Added {Ronin::Exploits::HeapOverflow}.
33
+ * Added {Ronin::Exploits::UseAfterFree}.
34
+ * Added {Ronin::Exploits::WebVuln}.
35
+ * Added {Ronin::Exploits::OpenRedirect}.
36
+ * Added {Ronin::Exploits::LFI}.
37
+ * Added {Ronin::Exploits::RFI}.
38
+ * Added {Ronin::Exploits::SQLI}.
39
+ * Added {Ronin::Exploits::SSTI}.
40
+ * Added {Ronin::Exploits::XSS}.
41
+ * Added {Ronin::Exploits::ClientSideWebVuln}.
42
+ * Added {Ronin::Exploits::Mixins::Binary}.
43
+ * Added {Ronin::Exploits::Mixins::FileBuilder}.
44
+ * Added {Ronin::Exploits::Mixins::FormatString}.
45
+ * Added {Ronin::Exploits::Mixins::HasTargets}.
46
+ * Added {Ronin::Exploits::Mixins::HasTargets}.
47
+ * Added {Ronin::Exploits::Mixins::HasPayload}.
48
+ * Added {Ronin::Exploits::Mixins::HTTP}.
49
+ * Added {Ronin::Exploits::Mixins::Loot}.
50
+ * Added {Ronin::Exploits::Mixins::NOPS}.
51
+ * Added {Ronin::Exploits::Mixins::RemoteTCP}.
52
+ * Added {Ronin::Exploits::Mixins::RemoteUDP}.
53
+ * Added {Ronin::Exploits::Mixins::SEH}.
54
+ * Added {Ronin::Exploits::Mixins::StackOverflow}.
55
+ * Added {Ronin::Exploits::Mixins::Text}.
56
+ * Added {Ronin::Exploits::Params::BaseURL}.
57
+ * Added {Ronin::Exploits::Params::BindHost}.
58
+ * Added {Ronin::Exploits::Params::BindPort}.
59
+ * Added {Ronin::Exploits::Params::Filename}.
60
+ * Added {Ronin::Exploits::Params::Host}.
61
+ * Added {Ronin::Exploits::Params::Port}.
62
+ * Renamed `ronin/exploits/helpers` to `ronin/exploits/mixins`.
63
+ * Extracted `Ronin::Payloads` into [ronin-payloads].
64
+ * Extracted agent payloads into separate `ronin-agent-` repos.
65
+ * [ronin-agent-php](https://github.com/ronin-rb/ronin-agent-php#readme)
66
+ * [ronin-agent-ruby](https://github.com/ronin-rb/ronin-agent-ruby#readme)
67
+ * [ronin-agent-nodejs](https://github.com/ronin-rb/ronin-agent-nodejs#readme)
68
+ * Refactored the `ronin-exploit` command into the `ronin-exploits run` command.
69
+ * Refactored {Ronin::Exploits::Exploit} as a Plain Old Ruby Class that defines
70
+ method data, params, and the `build`, `launch`, and `cleanup` methods.
71
+ * Refactored `Ronin::UI` into {Ronin::Exploits::CLI}.
72
+ * Removed the `open_namespace` dependency.
73
+ * Removed the `data_paths` dependency.
74
+ * Removed the `ronin-gen` dependency.
75
+ * Removed the `ronin` dependency; `ronin` now requires `ronin-exploits` and all
76
+ other `ronin-` gems.
77
+ * Removed `Ronin::Exploits::Controls`.
78
+ * Removed `Ronin::Exploits::Generators` in favor of the `ronin-exploits new`
79
+ command.
80
+ * Removed `Ronin::Exploits::UnknownHelper`.
81
+ * Removed `Ronin::Exploits::Helpers::Padding` in favor of calling `String#pad`.
82
+ * Removed `Ronin::Exploits::Exploit#helpers` in favor of `included_modules`.
83
+ * Removed `Ronin::Exploits::Exploit#helper` in favor of including
84
+ {Ronin::Exploits::Mixins} modules.
85
+ * Removed `Ronin::Exploits::Local`.
86
+ * Removed `Ronin::Exploits::Remote`.
87
+ * Removed `Ronin::Exploits::RemoteTCP` in favor of including
88
+ {Ronin::Exploits::Mixins::RemoteTCP}.
89
+ * Removed `Ronin::Exploits::RemoteUDP` in favor of including
90
+ {Ronin::Exploits::Mixins::RemoteUDP}.
91
+ * Removed `Ronin::Exploits::HTTP` in favor of including
92
+ {Ronin::Exploits::Mixins::HTTP}.
93
+ * Removed `Ronin::Exploits::FTP`.
94
+ * Removed all database models and code in favor of Plain Old Ruby Classes.
95
+
96
+ ### 0.3.1 / 2009-10-01
97
+
98
+ * Removed duplicate `default_port` properties from Ronin::Exploits::FTP
4
99
  and Ronin::Exploits::HTTP, which were causing dm-core 0.10.1 to crash.
5
100
 
6
- === 0.3.0 / 2009-09-24
101
+ ### 0.3.0 / 2009-09-24
7
102
 
8
103
  * Require ronin >= 0.3.0.
9
104
  * Require ronin-gen >= 0.2.0.
@@ -89,7 +184,7 @@
89
184
  * Removed Ronin::Payloads::Payload#payload to raw_payload.
90
185
  * Removed Ronin::Payloads::Payload#call.
91
186
  * Moved to YARD based documentation.
92
- * Updated the project summary and 3-point description for Ronin Exploits.
187
+ * Updated the project summary and 3-point description for ronin-exploits.
93
188
  * Ronin::Model::TargetsArch now auto-defines a relationship with Arch.
94
189
  * Ronin::Model::TargetsOS now auto-defines a relationship with OS.
95
190
  * Ronin::Model::TargetsProduct now auto-defines a relationship with Product.
@@ -125,7 +220,7 @@
125
220
  * Made Ronin::Payloads::Payload#to_s more robust.
126
221
  * Safely load payload helpers using the new require_within method.
127
222
 
128
- === 0.2.1 / 2009-07-02
223
+ ### 0.2.1 / 2009-07-02
129
224
 
130
225
  * Use Hoe >= 2.0.0.
131
226
  * Require ronin >= 0.2.4.
@@ -152,7 +247,7 @@
152
247
  * Allow Payload#controlling to accept multiple behaviors.
153
248
  * Added more specs.
154
249
 
155
- === 0.2.0 / 2009-04-11
250
+ ### 0.2.0 / 2009-04-11
156
251
 
157
252
  * Added Ronin::TargetedArch.
158
253
  * Added Ronin::TargetedOS.
@@ -177,12 +272,12 @@
177
272
  * Removed the Ronin::Exploits::Requirement.
178
273
  * Rewrote Ronin::Exploits::Exploit:
179
274
  * Use the new Ronin::Cacheable module.
180
- * Added a status property, which may be either <tt>:potential</tt>,
181
- <tt>:proven</tt>, <tt>:weaponized</tt>, but will default to
182
- <tt>:potential</tt>.
275
+ * Added a status property, which may be either `:potential`,
276
+ `:proven`, `:weaponized`, but will default to
277
+ `:potential`.
183
278
  * Added a disclosure property, which can be a combination of
184
- <tt>:private</tt>, <tt>:in_wild</tt>, <tt>:vendor_aware</tt>
185
- or <tt>:public</tt>.
279
+ `:private`, `:in_wild`, `:vendor_aware`
280
+ or `:public`.
186
281
  * Added Exploit#helper, which will extend the Exploit object with the
187
282
  Helper module with the similar name.
188
283
  * Added the Exploit#build!, Exploit#verify!, Exploit#deploy!
@@ -230,18 +325,18 @@
230
325
  * Removed encoders from the Payload class.
231
326
  * Added specs.
232
327
 
233
- === 0.1.1 / 2009-01-22
328
+ ### 0.1.1 / 2009-01-22
234
329
 
235
- * Removed old references to the <tt>ronin/vulnerability</tt> directory.
330
+ * Removed old references to the `ronin/vulnerability` directory.
236
331
  * Removed old references to the Ronin::Vulnerability namespace.
237
- * Removed past usage of the <tt>:value</tt> option with parameters.
238
- * Parametes now uses the <tt>:default</tt> option, for specifying the
332
+ * Removed past usage of the `:value` option with parameters.
333
+ * Parametes now uses the `:default` option, for specifying the
239
334
  default value of parameters.
240
335
  * Added the missing Ronin::Exploits::PayloadSize exception.
241
336
  * Reduce usage of first_or_create.
242
337
  * Updated target methods.
243
338
 
244
- === 0.1.0 / 2008-01-08
339
+ ### 0.1.0 / 2008-01-08
245
340
 
246
341
  * Initial release.
247
342
  * Supports many basic exploit types:
@@ -259,3 +354,11 @@
259
354
  with Exploits and Payloads.
260
355
  * Provides a semi-intelligent XOR translator (Ronin::Translators::XOR).
261
356
 
357
+ [uri-query_params]: https://github.com/postmodern/uri-query_params#readme
358
+ [ronin-support]: https://github.com/ronin-rb/ronin-support#readme
359
+ [ronin-code-sql]: https://github.com/ronin-rb/ronin-code-sql#readme
360
+ [ronin-core]: https://github.com/ronin-rb/ronin-core#readme
361
+ [ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
362
+ [ronin-payloads]: https://github.com/ronin-rb/ronin-payloads#readme
363
+ [ronin-post_ex]: https://github.com/ronin-rb/ronin-post_ex#readme
364
+ [ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme
data/Gemfile ADDED
@@ -0,0 +1,50 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gemspec
4
+
5
+ platforms :jruby do
6
+ gem 'jruby-openssl', '~> 0.7'
7
+ end
8
+
9
+ # gem 'fake_io', '~> 0.1', github: 'postmodern/fake_io.rb',
10
+ # branch: 'main'
11
+
12
+ # gem 'command_kit', '~> 0.4', github: 'postmodern/command_kit.rb',
13
+ # branch: 'main'
14
+
15
+ # Ronin dependencies
16
+ # gem 'ronin-support', '~> 1.0', github: "ronin-rb/ronin-support",
17
+ # branch: 'main'
18
+ # gem 'ronin-payloads', '~> 0.1', github: "ronin-rb/ronin-payloads",
19
+ # branch: 'main'
20
+ # gem 'ronin-vulns', '~> 0.1', github: "ronin-rb/ronin-vulns",
21
+ # branch: 'main'
22
+ # gem 'ronin-post_ex', '~> 0.1', github: "ronin-rb/ronin-post_ex",
23
+ # branch: 'main'
24
+ # gem 'ronin-core', '~> 0.1', github: "ronin-rb/ronin-core",
25
+ # branch: 'main'
26
+ # gem 'ronin-repos', '~> 0.1', github: "ronin-rb/ronin-repos",
27
+ # branch: 'main'
28
+ # gem 'ronin-code-asm', '~> 1.0', github: "ronin-rb/ronin-code-asm",
29
+ # branch: 'main'
30
+ # gem 'ronin-code-sql', '~> 2.0', github: "ronin-rb/ronin-code-sql",
31
+ # branch: 'main'
32
+
33
+ group :development do
34
+ gem 'rake'
35
+
36
+ gem 'rubygems-tasks', '~> 0.1'
37
+ gem 'rspec', '~> 3.0'
38
+ gem 'simplecov', '~> 0.20'
39
+
40
+ gem 'kramdown', '~> 2.0'
41
+ gem 'kramdown-man', '~> 0.1'
42
+
43
+ gem 'redcarpet', platform: :mri
44
+ gem 'yard', '~> 0.9'
45
+ gem 'yard-spellcheck', require: false
46
+
47
+ gem 'dead_end', require: false
48
+ gem 'sord', require: false, platform: :mri
49
+ gem 'stackprof', require: false, platform: :mri
50
+ end
data/README.md ADDED
@@ -0,0 +1,454 @@
1
+ # ronin-exploits
2
+
3
+ [![CI](https://github.com/ronin-rb/ronin-exploits/actions/workflows/ruby.yml/badge.svg)](https://github.com/ronin-rb/ronin-exploits/actions/workflows/ruby.yml)
4
+ [![Code Climate](https://codeclimate.com/github/ronin-rb/ronin-exploits.svg)](https://codeclimate.com/github/ronin-rb/ronin-exploits)
5
+
6
+ * [Source](https://github.com/ronin-rb/ronin-exploits)
7
+ * [Issues](https://github.com/ronin-rb/ronin-exploits/issues)
8
+ * [Documentation](https://rubydoc.info/github/ronin-rb/ronin-exploits/frames)
9
+ * [Discord](https://discord.gg/6WAb3PsVX9) |
10
+ [Twitter](https://twitter.com/ronin_rb) |
11
+ [Mastodon](https://infosec.exchange/@ronin_rb)
12
+
13
+ ## Description
14
+
15
+ ronin-exploits is a Ruby micro-framework for writing and running exploits.
16
+ ronin-exploits allows one to write exploits as plain old Ruby classes.
17
+ ronin-exploits can be distributed as Ruby files or as git repositories that can
18
+ be installed using [ronin-repos].
19
+
20
+ ronin-exploits is part of the [ronin-rb] project, a [Ruby] toolkit for security
21
+ research and development.
22
+
23
+ ## Features
24
+
25
+ * Provides a succinct syntax and API for writing exploits in as few lines as
26
+ possible.
27
+ * Supports defining exploits as plain old Ruby classes.
28
+ * Supports loading exploits from Ruby files or from installed 3rd-party
29
+ git repositories.
30
+ * Provides base classes and mixin modules for a variety of exploit types:
31
+ * Stack Overflows
32
+ * SEH Overflows
33
+ * Heap Overflows
34
+ * Use After Free (UAF)
35
+ * Open Redirect
36
+ * Local File Inclusions (LFI)
37
+ * Remote File Inclusions (RFI)
38
+ * SQL injections (SQLi)
39
+ * Cross-Site Scripting (XSS)
40
+ * Server-Side Template Injection (SSTI)
41
+ * Uses the [ronin-payloads] library for exploit payloads.
42
+ * Uses the [ronin-post_ex] library for post-exploitation.
43
+ * Provides a simple CLI for listing, displaying, running, and generating new
44
+ exploits.
45
+ * Has 9%% test coverage.
46
+ * Has 86% documentation coverage.
47
+ * Small memory footprint (~47Kb).
48
+
49
+ ## Anti-Features
50
+
51
+ * No magic: exploits are defined as classes in files.
52
+ * No global state that could cause memory leaks.
53
+ * Not a big bulky framework, just a library.
54
+ * Not a central repository. Additional Ronin exploits can be hosted in other
55
+ git repositories. This prevents censorship of exploit research.
56
+ * Does not contain any pre-written exploits. This prevents ronin-exploits from
57
+ being taken down or censored.
58
+
59
+ ## Synopsis
60
+
61
+ ```
62
+ Usage: ronin-exploits [options] [COMMAND [ARGS...]]
63
+
64
+ Options:
65
+ -h, --help Print help information
66
+
67
+ Arguments:
68
+ [COMMAND] The command name to run
69
+ [ARGS ...] Additional arguments for the command
70
+
71
+ Commands:
72
+ help
73
+ irb
74
+ list, ls
75
+ new
76
+ run
77
+ show, info
78
+ ```
79
+
80
+ Generate a new exploit file:
81
+
82
+ ```shell
83
+ $ ronin-exploits new example_exploit.rb --type stack_overflow \
84
+ --arch x86 --os linux --software ExampleWare --software-version 1.2.3 \
85
+ --author Postmodern --author-email "postmodern.mod3@gmail.com" \
86
+ --summary "Example exploit" --description "This is an example."
87
+ ```
88
+
89
+ Install a 3rd-party repository of exploits:
90
+
91
+ ```shell
92
+ $ ronin-repos install https://github.com/user/exploits.git
93
+ ```
94
+
95
+ List available exploits:
96
+
97
+ ```shell
98
+ $ ronin-exploits list
99
+ ```
100
+
101
+ Print information about an exploit:
102
+
103
+ ```shell
104
+ $ ronin-exploits show NAME
105
+ ```
106
+
107
+ Print information about an exploit from a file:
108
+
109
+ ```shell
110
+ $ ronin-exploits show -f path/to/exploit.rb
111
+ ```
112
+
113
+ Run an exploit:
114
+
115
+ ```shell
116
+ $ ronin-exploits run my_exploit --param host=example.com --param port=9999
117
+ ```
118
+
119
+ Load an exploit from a specific file, then run it:
120
+
121
+ ```shell
122
+ $ ronin-exploits run -f path/to/my_exploit.rb --param host=example.com --param port=9999
123
+ ```
124
+
125
+ Run an exploit with a raw payload:
126
+
127
+ ```shell
128
+ $ ronin-exploits run my_exploit --param host=example.com --param port=9999 \
129
+ --payload-string $'\x66\x31\xc0\xfe\xc0\xb3\xff\xcd\x80'
130
+ ```
131
+
132
+ Read a raw payload from a file:
133
+
134
+ ```shell
135
+ $ ronin-exploits run my_exploit --param host=example.com --param port=9999 \
136
+ --read-payload shellcode.bin
137
+ ```
138
+
139
+ Generate a ronin repository of your own exploits (and/or payloads):
140
+
141
+ ```shell
142
+ $ ronin-repos new my-exploits
143
+ $ cd my-exploits/
144
+ $ mkdir exploits
145
+ $ ronin-exploits new exploits/my_exploit.rb --type stack_overflow \
146
+ --arch x86 --os linux --software ExampleWare --software-version 1.2.3 \
147
+ --author You --author-email "you@example.com" \
148
+ --summary "My exploit" --description "This is my example."
149
+ $ vim exploits/my_exploit.rb
150
+ $ git add exploits/my_exploit.rb
151
+ $ git commit
152
+ $ git push
153
+ ```
154
+
155
+ ## Examples
156
+
157
+ Define a basic remote TCP exploit:
158
+
159
+ ```ruby
160
+ require 'ronin/exploits/exploit'
161
+ require 'ronin/exploits/mixins/remote_tcp'
162
+
163
+ module Ronin
164
+ module Exploits
165
+ class MyExploit < Exploit
166
+
167
+ include Mixins::RemoteTCP
168
+
169
+ register 'my_exploit'
170
+
171
+ summary 'My first exploit'
172
+ description <<~EOS
173
+ This is my first exploit.
174
+ Bla bla bla bla.
175
+ EOS
176
+
177
+ author '...'
178
+ author '...', email: '...', twitter: '...'
179
+
180
+ disclosure_date 'YYY-MM-DD'
181
+ release_date 'YYYY-MM-DD'
182
+
183
+ advisory 'CVE-YYYY-NNNN'
184
+ advisory 'GHSA-XXXXXX'
185
+ software 'TestHTTP'
186
+ software_versions '1.0.0'..'1.5.4'
187
+
188
+ param :cmd, desc: 'The command to run'
189
+
190
+ def test
191
+ # ...
192
+ end
193
+
194
+ def build
195
+ # ...
196
+ end
197
+
198
+ def launch
199
+ # ...
200
+ end
201
+
202
+ def cleanup
203
+ # ...
204
+ end
205
+
206
+ end
207
+ end
208
+ end
209
+ ```
210
+
211
+ Define a Stack Overflow exploit:
212
+
213
+ ```ruby
214
+ require 'ronin/exploits/stack_overflow'
215
+ require 'ronin/exploits/mixins/remote_tcp'
216
+
217
+ module Ronin
218
+ module Exploits
219
+ class MyExploit < StackOverflow
220
+
221
+ register 'my_exploit'
222
+
223
+ include Mixins::RemoteTCP
224
+
225
+ def build
226
+ ebp = 0x06eb9090
227
+ eip = 0x1001ae86
228
+
229
+ @buffer = buffer_overflow(length: 1024, nops: 16, payload: payload, bp: ebp, ip: eip)
230
+ end
231
+
232
+ def launch
233
+ tcp_send "USER #{@buffer}"
234
+ end
235
+
236
+ end
237
+ end
238
+ end
239
+ ```
240
+
241
+ Define a SEH Overflow exploit:
242
+
243
+ ```ruby
244
+ require 'ronin/exploits/seh_overflow'
245
+ require 'ronin/exploits/mixins/remote_tcp'
246
+
247
+ module Ronin
248
+ module Exploits
249
+ class MyExploit < SEHOverflow
250
+
251
+ register 'my_exploit'
252
+
253
+ include Mixins::RemoteTCP
254
+
255
+ def build
256
+ nseh = 0x06eb9090 # short jump 6 bytes
257
+ seh = 0x1001ae86 # pop pop ret 1001AE86 SSLEAY32.DLL
258
+
259
+ @buffer = seh_buffer_overflow(length: 1024, nops: 16, payload: payload, nseh: nseh, seh: seh)
260
+ end
261
+
262
+ def launch
263
+ tcp_send "USER #{@buffer}"
264
+ end
265
+
266
+ end
267
+ end
268
+ end
269
+ ```
270
+
271
+ Define an Open Redirect exploit:
272
+
273
+ ```ruby
274
+ require 'ronin/exploits/open_redirect'
275
+
276
+ module Ronin
277
+ module Exploits
278
+ class MyExploit < OpenRedirect
279
+
280
+ register 'my_exploit'
281
+
282
+ base_path '/path/to/page.php'
283
+ query_param 'url'
284
+
285
+ end
286
+ end
287
+ end
288
+ ```
289
+
290
+ Define a Local File Inclusion (LFI) exploit:
291
+
292
+ ```ruby
293
+ require 'ronin/exploits/lfi'
294
+
295
+ module Ronin
296
+ module Exploits
297
+ class MyExploit < LFI
298
+
299
+ register 'my_exploit'
300
+
301
+ base_path '/path/to/page.php'
302
+ query_param 'template'
303
+ depth 7
304
+
305
+ end
306
+ end
307
+ end
308
+ ```
309
+
310
+ Define a Remote File Inclusion (RFI) exploit:
311
+
312
+ ```ruby
313
+ require 'ronin/exploits/rfi'
314
+
315
+ module Ronin
316
+ module Exploits
317
+ class MyExploit < RFI
318
+
319
+ register 'my_exploit'
320
+
321
+ base_path '/path/to/page.php'
322
+ query_param 'template'
323
+
324
+ end
325
+ end
326
+ end
327
+ ```
328
+
329
+ Define a SQL injection (SQLi) exploit:
330
+
331
+ ```ruby
332
+ require 'ronin/exploits/sqli'
333
+
334
+ module Ronin
335
+ module Exploits
336
+ class MyExploit < SQLI
337
+
338
+ register 'my_exploit'
339
+
340
+ base_path '/path/to/page.php'
341
+ query_param 'id'
342
+ escape_quote true
343
+
344
+ end
345
+ end
346
+ end
347
+ ```
348
+
349
+ Define a Server-Side Template Injection (SSTI) exploit:
350
+
351
+ ```ruby
352
+ require 'ronin/exploits/ssti'
353
+
354
+ module Ronin
355
+ module Exploits
356
+ class MyExploit < SSTI
357
+
358
+ register 'my_exploit'
359
+
360
+ base_path '/path/to/page.php'
361
+ query_param 'name'
362
+ escape_expr ->(expr) { "${{#{expr}}}" }
363
+
364
+ end
365
+ end
366
+ end
367
+ ```
368
+
369
+ Define a Cross-Site Scripting (XSS) exploit:
370
+
371
+ ```ruby
372
+ require 'ronin/exploits/xss'
373
+
374
+ module Ronin
375
+ module Exploits
376
+ class MyExploit < XSS
377
+
378
+ register 'my_exploit'
379
+
380
+ base_path '/path/to/page.php'
381
+ query_param 'title'
382
+
383
+ end
384
+ end
385
+ end
386
+ ```
387
+
388
+ ## Requirements
389
+
390
+ * [Ruby] >= 3.0.0
391
+ * [uri-query_params] ~> 0.6
392
+ * [ronin-support] ~> 1.0
393
+ * [ronin-code-sql] ~> 2.0
394
+ * [ronin-core] ~> 0.1
395
+ * [ronin-repos] ~> 0.1
396
+ * [ronin-payloads] ~> 0.1
397
+ * [ronin-vulns] ~> 0.1
398
+ * [ronin-post_ex] ~> 0.1
399
+
400
+ ## Install
401
+
402
+ ```shell
403
+ $ gem install ronin-exploits
404
+ ```
405
+
406
+ ## Development
407
+
408
+ 1. [Fork It!](https://github.com/ronin-rb/ronin-exploits/fork)
409
+ 2. Clone It!
410
+ 3. `cd ronin-exploits`
411
+ 4. `bundle install`
412
+ 5. `git checkout -b my_feature`
413
+ 6. Code It!
414
+ 7. `bundle exec rake spec`
415
+ 8. `git push origin my_feature`
416
+
417
+ ## Disclaimer
418
+
419
+ ronin-exploits **does not** contain any exploits of it's own,
420
+ but is a library for writing and running 3rd party exploits.
421
+ Therefor, ronin-exploits **must not** and **should not** be considered
422
+ to be malicious software (malware) or malicious in nature.
423
+
424
+ ## License
425
+
426
+ ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
427
+ payload crafting functionality.
428
+
429
+ Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
430
+
431
+ ronin-exploits is free software: you can redistribute it and/or modify
432
+ it under the terms of the GNU Lesser General Public License as published
433
+ by the Free Software Foundation, either version 3 of the License, or
434
+ (at your option) any later version.
435
+
436
+ ronin-exploits is distributed in the hope that it will be useful,
437
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
438
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
439
+ GNU Lesser General Public License for more details.
440
+
441
+ You should have received a copy of the GNU Lesser General Public License
442
+ along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
443
+
444
+ [Ruby]: https://www.ruby-lang.org
445
+ [ronin-rb]: https://ronin-rb.dev
446
+
447
+ [uri-query_params]: https://github.com/postmodern/uri-query_params#readme
448
+ [ronin-support]: https://github.com/ronin-rb/ronin-support#readme
449
+ [ronin-code-sql]: https://github.com/ronin-rb/ronin-code-sql#readme
450
+ [ronin-core]: https://github.com/ronin-rb/ronin-core#readme
451
+ [ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
452
+ [ronin-payloads]: https://github.com/ronin-rb/ronin-payloads#readme
453
+ [ronin-post_ex]: https://github.com/ronin-rb/ronin-post_ex#readme
454
+ [ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme