RubyGems - ronin-exploits - Versions diffs - 1.0.0.beta2 → 1.0.0.beta3 - Mend

ronin-exploits 1.0.0.beta2 → 1.0.0.beta3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

checksums.yaml +4 -4
data/.github/workflows/ruby.yml +1 -0
data/README.md +4 -0
data/gemspec.yml +3 -1
data/lib/ronin/exploits/cli/commands/run.rb +55 -5
data/lib/ronin/exploits/version.rb +1 -1
data/ronin-exploits.gemspec +2 -1
metadata +10 -115
data/spec/advisory_spec.rb +0 -71
data/spec/cli/exploit_command_spec.rb +0 -68
data/spec/cli/exploit_methods_spec.rb +0 -208
data/spec/cli/ruby_shell_spec.rb +0 -14
data/spec/client_side_web_vuln_spec.rb +0 -117
data/spec/exploit_spec.rb +0 -538
data/spec/exploits_spec.rb +0 -8
data/spec/heap_overflow_spec.rb +0 -14
data/spec/lfi_spec.rb +0 -162
data/spec/loot/file_spec.rb +0 -131
data/spec/loot_spec.rb +0 -138
data/spec/memory_corruption_spec.rb +0 -22
data/spec/metadata/arch_spec.rb +0 -82
data/spec/metadata/cookie_param_spec.rb +0 -67
data/spec/metadata/default_filename_spec.rb +0 -62
data/spec/metadata/default_port_spec.rb +0 -62
data/spec/metadata/header_name_spec.rb +0 -67
data/spec/metadata/os_spec.rb +0 -164
data/spec/metadata/shouts_spec.rb +0 -100
data/spec/metadata/url_path_spec.rb +0 -67
data/spec/metadata/url_query_param_spec.rb +0 -67
data/spec/mixins/binary_spec.rb +0 -129
data/spec/mixins/build_dir.rb +0 -66
data/spec/mixins/file_builder_spec.rb +0 -67
data/spec/mixins/format_string_spec.rb +0 -44
data/spec/mixins/has_payload_spec.rb +0 -333
data/spec/mixins/has_targets_spec.rb +0 -434
data/spec/mixins/html_spec.rb +0 -772
data/spec/mixins/http_spec.rb +0 -1227
data/spec/mixins/loot_spec.rb +0 -20
data/spec/mixins/nops_spec.rb +0 -165
data/spec/mixins/remote_tcp_spec.rb +0 -217
data/spec/mixins/remote_udp_spec.rb +0 -217
data/spec/mixins/seh_spec.rb +0 -89
data/spec/mixins/stack_overflow_spec.rb +0 -87
data/spec/mixins/text_spec.rb +0 -43
data/spec/open_redirect_spec.rb +0 -71
data/spec/params/base_url_spec.rb +0 -71
data/spec/params/bind_host_spec.rb +0 -34
data/spec/params/bind_port_spec.rb +0 -35
data/spec/params/filename_spec.rb +0 -77
data/spec/params/host_spec.rb +0 -34
data/spec/params/port_spec.rb +0 -77
data/spec/rfi_spec.rb +0 -107
data/spec/seh_overflow_spec.rb +0 -18
data/spec/spec_helper.rb +0 -8
data/spec/sqli_spec.rb +0 -306
data/spec/ssti_spec.rb +0 -121
data/spec/stack_overflow_spec.rb +0 -18
data/spec/target_spec.rb +0 -92
data/spec/test_result_spec.rb +0 -32
data/spec/use_after_free_spec.rb +0 -14
data/spec/web_spec.rb +0 -12
data/spec/web_vuln_spec.rb +0 -854
data/spec/xss_spec.rb +0 -69

data/spec/cli/exploit_methods_spec.rb DELETED Viewed

@@ -1,208 +0,0 @@
-require 'spec_helper'
-require 'ronin/exploits/cli/exploit_methods'
-require 'ronin/exploits/cli/command'
-describe Ronin::Exploits::CLI::ExploitMethods do
-  module TestExploitMethods
-    class TestCommand < Ronin::Exploits::CLI::Command
-      include Ronin::Exploits::CLI::ExploitMethods
-    end
-  end
-  let(:command_class) { TestExploitMethods::TestCommand }
-  subject { command_class.new }
-  describe "#load_exploit" do
-    let(:exploit_id) { 'html/encode' }
-    it "must call Exploits.load_class with the given ID" do
-      expect(Ronin::Exploits).to receive(:load_class).with(exploit_id)
-      expect(subject).to_not receive(:exit)
-      subject.load_exploit(exploit_id)
-    end
-    context "when Ronin::Exploits::ClassNotfound is raised" do
-      let(:message) { "class not found" }
-      let(:exception) do
-        Ronin::Exploits::ClassNotFound.new(message)
-      end
-      it "must print an error message and exit with an error code" do
-        expect(Ronin::Exploits).to receive(:load_class).with(exploit_id).and_raise(exception)
-        expect(subject).to receive(:exit).with(1)
-        expect {
-          subject.load_exploit(exploit_id)
-        }.to output("#{subject.command_name}: #{message}#{$/}").to_stderr
-      end
-    end
-    context "when another type of exception is raised" do
-      let(:message)   { "unexpected error" }
-      let(:exception) { RuntimeError.new(message) }
-      it "must print the exception, an error message, and exit with -1" do
-        expect(Ronin::Exploits).to receive(:load_class).with(exploit_id).and_raise(exception)
-        expect(subject).to receive(:print_exception).with(exception)
-        expect(subject).to receive(:exit).with(-1)
-        expect {
-          subject.load_exploit(exploit_id)
-        }.to output("#{subject.command_name}: an unhandled exception occurred while loading exploit #{exploit_id}#{$/}").to_stderr
-      end
-    end
-  end
-  describe "#load_exploit_from" do
-    let(:file) { '/path/to/html/encode.rb' }
-    it "must call Exploits.load_class with the given ID and file" do
-      expect(Ronin::Exploits).to receive(:load_class_from_file).with(file)
-      expect(subject).to_not receive(:exit)
-      subject.load_exploit_from(file)
-    end
-    context "when Ronin::Exploits::ClassNotfound is raised" do
-      let(:message) { "class not found" }
-      let(:exception) do
-        Ronin::Exploits::ClassNotFound.new(message)
-      end
-      it "must print an error message and exit with an error code" do
-        expect(Ronin::Exploits).to receive(:load_class_from_file).with(file).and_raise(exception)
-        expect(subject).to receive(:exit).with(1)
-        expect {
-          subject.load_exploit_from(file)
-        }.to output("#{subject.command_name}: #{message}#{$/}").to_stderr
-      end
-    end
-    context "when another type of exception is raised" do
-      let(:message)   { "unexpected error" }
-      let(:exception) { RuntimeError.new(message) }
-      it "must print the exception, an error message, and exit with -1" do
-        expect(Ronin::Exploits).to receive(:load_class_from_file).with(file).and_raise(exception)
-        expect(subject).to receive(:print_exception).with(exception)
-        expect(subject).to receive(:exit).with(-1)
-        expect {
-          subject.load_exploit_from(file)
-        }.to output(
-          "#{subject.command_name}: an unhandled exception occurred while loading exploit from file #{file}#{$/}"
-        ).to_stderr
-      end
-    end
-  end
-  describe "#initialie_exploit" do
-    let(:exploit_id)    { 'test' }
-    let(:exploit_class) { double('Encoder class', id: exploit_id) }
-    it "must return a new instance of the given exploit class" do
-      expect(exploit_class).to receive(:new)
-      subject.initialize_exploit(exploit_class)
-    end
-    context "when additional keyword arguments are given" do
-      let(:kwargs) do
-        {foo: 1, bar: 2}
-      end
-      it "must pass them to new()" do
-        expect(exploit_class).to receive(:new).with(**kwargs)
-        subject.initialize_exploit(exploit_class,**kwargs)
-      end
-    end
-    context "when a Core::Params::ParamError is raised" do
-      let(:message)   { "param foo was not set" }
-      let(:exception) { Ronin::Core::Params::RequiredParam.new(message) }
-      it "must print an error message and exit with 1" do
-        expect(exploit_class).to receive(:new).and_raise(exception)
-        expect(subject).to receive(:exit).with(1)
-        expect {
-          subject.initialize_exploit(exploit_class)
-        }.to output("#{subject.command_name}: #{message}#{$/}").to_stderr
-      end
-    end
-    context "when another type of exception is raised" do
-      let(:message)   { "unexpected error" }
-      let(:exception) { RuntimeError.new(message) }
-      it "must print the exception, an error message, and exit with -1" do
-        expect(exploit_class).to receive(:new).and_raise(exception)
-        expect(subject).to receive(:print_exception).with(exception)
-        expect(subject).to receive(:exit).with(-1)
-        expect {
-          subject.initialize_exploit(exploit_class)
-        }.to output("#{subject.command_name}: an unhandled exception occurred while initializing exploit #{exploit_id}#{$/}").to_stderr
-      end
-    end
-  end
-  describe "#validate_exploit" do
-    let(:exploit_id) { 'test' }
-    let(:exploit)    { double('Encoder instance', class_id: exploit_id) }
-    it "must call #perform_validate on #exploit" do
-      expect(exploit).to receive(:perform_validate)
-      subject.validate_exploit(exploit)
-    end
-    context "when a Core::Params::ParamError is raised" do
-      let(:message)   { "param foo was not set" }
-      let(:exception) { Ronin::Core::Params::RequiredParam.new(message) }
-      it "must print an error message and exit with 1" do
-        expect(exploit).to receive(:perform_validate).and_raise(exception)
-        expect(subject).to receive(:exit).with(1)
-        expect {
-          subject.validate_exploit(exploit)
-        }.to output("#{subject.command_name}: failed to validate the exploit #{exploit_id}: #{message}#{$/}").to_stderr
-      end
-    end
-    context "when a Ronin::Exploits::ValidationError is raised" do
-      let(:message)   { "param foo was not set" }
-      let(:exception) do
-        Ronin::Exploits::ValidationError.new(message)
-      end
-      it "must print an error message and exit with 1" do
-        expect(exploit).to receive(:perform_validate).and_raise(exception)
-        expect(subject).to receive(:exit).with(1)
-        expect {
-          subject.validate_exploit(exploit)
-        }.to output("#{subject.command_name}: failed to validate the exploit #{exploit_id}: #{message}#{$/}").to_stderr
-      end
-    end
-    context "when another type of exception is raised" do
-      let(:message)   { "unexpected error" }
-      let(:exception) { RuntimeError.new(message) }
-      it "must print the exception, an error message, and exit with -1" do
-        expect(exploit).to receive(:perform_validate).and_raise(exception)
-        expect(subject).to receive(:print_exception).with(exception)
-        expect(subject).to receive(:exit).with(-1)
-        expect {
-          subject.validate_exploit(exploit)
-        }.to output("#{subject.command_name}: an unhandled exception occurred while validating the exploit #{exploit_id}#{$/}").to_stderr
-      end
-    end
-  end
-end

data/spec/cli/ruby_shell_spec.rb DELETED Viewed

@@ -1,14 +0,0 @@
-require 'spec_helper'
-require 'ronin/exploits/cli/ruby_shell'
-describe Ronin::Exploits::CLI::RubyShell do
-  describe "#initialize" do
-    it "must default #name to 'ronin-exploits'" do
-      expect(subject.name).to eq('ronin-exploits')
-    end
-    it "must default #context to Ronin::Exploits" do
-      expect(subject.context).to be(Ronin::Exploits)
-    end
-  end
-end

data/spec/client_side_web_vuln_spec.rb DELETED Viewed

@@ -1,117 +0,0 @@
-require 'spec_helper'
-require 'ronin/exploits/client_side_web_vuln'
-require 'ronin/vulns/web_vuln'
-describe Ronin::Exploits::ClientSideWebVuln do
-  module TestClientSideWebVuln
-    class TestExploit < Ronin::Exploits::ClientSideWebVuln
-      base_path   '/Templatize.asp'
-      query_param 'item'
-      def vuln
-        @vuln ||= Ronin::Vulns::WebVuln.new(url, **web_vuln_kwargs)
-      end
-    end
-  end
-  let(:exploit_class) { TestClientSideWebVuln::TestExploit }
-  let(:base_url)      { 'http://testasp.vulnweb.com/' }
-  let(:query)         { 'item=html/about.html' }
-  let(:query_param)   { 'item' }
-  let(:payload)       { 'test payload' }
-  subject do
-    exploit_class.new(
-      payload: payload,
-      params: {
-        base_url: base_url
-      }
-    )
-  end
-  it "must define a 'format' param" do
-    expect(described_class.params[:format]).to_not be(nil)
-    expect(described_class.params[:format].type).to be_kind_of(Ronin::Core::Params::Types::Enum)
-    expect(described_class.params[:format].type.values).to eq([:http, :curl])
-    expect(described_class.params[:format].desc).to eq('Output format')
-  end
-  describe "#format_exploit" do
-    context "when the 'format' param is :http" do
-      subject do
-        exploit_class.new(
-          payload: payload,
-          params: {
-            base_url: base_url,
-            format:   :http
-          }
-        )
-      end
-      it "must call #to_http on the #vuln object" do
-        expect(subject.format_exploit).to eq(subject.vuln.to_http(payload))
-      end
-    end
-    context "when the 'format' param is :curl" do
-      subject do
-        exploit_class.new(
-          payload: payload,
-          params: {
-            base_url: base_url,
-            format:   :curl
-          }
-        )
-      end
-      it "must call #to_curl on the #vuln object" do
-        expect(subject.format_exploit).to eq(subject.vuln.to_curl(payload))
-      end
-    end
-  end
-  describe "#launch" do
-    context "when the 'format' param is :http" do
-      subject do
-        exploit_class.new(
-          payload: payload,
-          params: {
-            base_url: base_url,
-            format:   :http
-          }
-        )
-      end
-      it "must print out a message and the exploit formatted as an HTTP request" do
-        expect(subject).to receive(:print_info).with("Copy and paste the following exploit:")
-        expect(subject).to receive(:puts)
-        expect(subject).to receive(:puts).with(subject.vuln.to_http(payload))
-        expect(subject).to receive(:puts)
-        subject.launch
-      end
-    end
-    context "when the 'format' param is :curl" do
-      subject do
-        exploit_class.new(
-          payload: payload,
-          params: {
-            base_url: base_url,
-            format:   :curl
-          }
-        )
-      end
-      it "must print out a message and the exploit formatted as an HTTP request" do
-        expect(subject).to receive(:print_info).with("Copy and paste the following exploit:")
-        expect(subject).to receive(:puts)
-        expect(subject).to receive(:puts).with(subject.vuln.to_curl(payload))
-        expect(subject).to receive(:puts)
-        subject.launch
-      end
-    end
-  end
-end