ronin-exploits 1.0.0.beta3 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +26 -14
- data/gemspec.yml +7 -7
- data/lib/ronin/exploits/cli/commands/new.rb +1 -1
- data/lib/ronin/exploits/exploit.rb +7 -5
- data/lib/ronin/exploits/lfi.rb +1 -1
- data/lib/ronin/exploits/metadata/arch.rb +1 -1
- data/lib/ronin/exploits/metadata/default_filename.rb +1 -1
- data/lib/ronin/exploits/metadata/default_port.rb +1 -1
- data/lib/ronin/exploits/mixins/file_builder.rb +2 -2
- data/lib/ronin/exploits/mixins/nops.rb +1 -1
- data/lib/ronin/exploits/params/base_url.rb +1 -1
- data/lib/ronin/exploits/version.rb +1 -1
- metadata +16 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f4fb437a6634a2eef3dae27f5d940718e94d1e5d7839113e9b02d849daeb2f81
|
4
|
+
data.tar.gz: 661bbae01973ba0ec2e367abef7fd137534dff1597b8486dde94e64afcc6e780
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9c40d3ba6b13842ddb66b762cac6aaa26a22f3feb03a8f68abf1fdc7d90696fb4cc03da0fd4472ea77af9e861eb92cf4a7165a5fc023b4ecb4e59f0ef13fa234
|
7
|
+
data.tar.gz: 8b81f266e3b256f028a01b1d10a85d0d1d09cfbcdfecab07e5bf25ebae0f96adee5b7881515eb4cfaccae5ae0e4807377315f50db9213ab5268b179db3e87640
|
data/README.md
CHANGED
@@ -18,7 +18,7 @@ ronin-exploits allows one to write exploits as plain old Ruby classes.
|
|
18
18
|
ronin-exploits can be distributed as Ruby files or as git repositories that can
|
19
19
|
be installed using [ronin-repos].
|
20
20
|
|
21
|
-
**tl;dr** It's like a simpler version of
|
21
|
+
**tl;dr** It's like a simpler and more modular version of
|
22
22
|
[Metasploit](https://www.metasploit.com/).
|
23
23
|
|
24
24
|
ronin-exploits is part of the [ronin-rb] project, a [Ruby] toolkit for security
|
@@ -26,22 +26,22 @@ research and development.
|
|
26
26
|
|
27
27
|
## Features
|
28
28
|
|
29
|
-
* Provides a succinct syntax and API for writing
|
30
|
-
possible.
|
31
|
-
* Supports defining exploits as plain old Ruby classes.
|
29
|
+
* Provides a succinct [syntax](#examples) and [API][docs-exploit] for writing
|
30
|
+
exploits in as few lines as possible.
|
31
|
+
* Supports [defining exploits as plain old Ruby classes][docs-exploit].
|
32
32
|
* Supports loading exploits from Ruby files or from installed 3rd-party
|
33
33
|
git repositories.
|
34
34
|
* Provides base classes and mixin modules for a variety of exploit types:
|
35
|
-
* Stack Overflows
|
36
|
-
* SEH Overflows
|
37
|
-
* Heap Overflows
|
38
|
-
* Use After Free (UAF)
|
39
|
-
* Open Redirect
|
40
|
-
* Local File Inclusions (LFI)
|
41
|
-
* Remote File Inclusions (RFI)
|
42
|
-
* SQL injections (SQLi)
|
43
|
-
* Cross-Site Scripting (XSS)
|
44
|
-
* Server-Side Template Injection (SSTI)
|
35
|
+
* [Stack Overflows][docs-stack-overflow]
|
36
|
+
* [SEH Overflows][docs-seh-overflow]
|
37
|
+
* [Heap Overflows][docs-heap-overflow]
|
38
|
+
* [Use After Free (UAF)][docs-use-after-free]
|
39
|
+
* [Open Redirect][docs-open-redirect]
|
40
|
+
* [Local File Inclusions (LFI)][docs-lfi]
|
41
|
+
* [Remote File Inclusions (RFI)][docs-rfi]
|
42
|
+
* [SQL injections (SQLi)][docs-sqli]
|
43
|
+
* [Cross-Site Scripting (XSS)][docs-xss]
|
44
|
+
* [Server-Side Template Injection (SSTI)][docs-ssti]
|
45
45
|
* Uses the [ronin-payloads] library for exploit payloads.
|
46
46
|
* Uses the [ronin-post_ex] library for post-exploitation.
|
47
47
|
* Provides a simple CLI for listing, displaying, running, and generating new
|
@@ -50,6 +50,18 @@ research and development.
|
|
50
50
|
* Has 86% documentation coverage.
|
51
51
|
* Small memory footprint (~47Kb).
|
52
52
|
|
53
|
+
[docs-exploit]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/Exploit.html
|
54
|
+
[docs-stack-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/StackOverflow.html
|
55
|
+
[docs-seh-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SEHOverflow.html
|
56
|
+
[docs-heap-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/HeapOverflow.html
|
57
|
+
[docs-use-after-free]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/UseAfterFree.html
|
58
|
+
[docs-open-redirect]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/OpenRedirect.html
|
59
|
+
[docs-lfi]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/LFI.html
|
60
|
+
[docs-rfi]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/RFI.html
|
61
|
+
[docs-sqli]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SQLI.html
|
62
|
+
[docs-xss]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/XSS.html
|
63
|
+
[docs-ssti]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SSTI.html
|
64
|
+
|
53
65
|
## Anti-Features
|
54
66
|
|
55
67
|
* No magic: exploits are defined as classes in files.
|
data/gemspec.yml
CHANGED
@@ -34,13 +34,13 @@ generated_files:
|
|
34
34
|
dependencies:
|
35
35
|
uri-query_params: ~> 0.6
|
36
36
|
# Ronin dependencies:
|
37
|
-
ronin-support: ~> 1.0
|
38
|
-
ronin-code-sql: ~> 2.0
|
39
|
-
ronin-payloads: ~> 0.1
|
40
|
-
ronin-vulns: ~> 0.1
|
41
|
-
ronin-post_ex: ~> 0.1
|
42
|
-
ronin-core: ~> 0.1
|
43
|
-
ronin-repos: ~> 0.1
|
37
|
+
ronin-support: ~> 1.0
|
38
|
+
ronin-code-sql: ~> 2.0
|
39
|
+
ronin-payloads: ~> 0.1
|
40
|
+
ronin-vulns: ~> 0.1
|
41
|
+
ronin-post_ex: ~> 0.1
|
42
|
+
ronin-core: ~> 0.1
|
43
|
+
ronin-repos: ~> 0.1
|
44
44
|
|
45
45
|
development_dependencies:
|
46
46
|
bundler: ~> 2.0
|
@@ -52,7 +52,7 @@ module Ronin
|
|
52
52
|
# The {Exploit} class defines six key parts:
|
53
53
|
#
|
54
54
|
# 1. Metadata - defines information about the exploit.
|
55
|
-
# 2. Params - user configurable parameters.
|
55
|
+
# 2. [Params] - user configurable parameters.
|
56
56
|
# 3. {Exploit#test test} - optional method that tests whether the target is
|
57
57
|
# vulnerable or not.
|
58
58
|
# 4. {Exploit#build build} - method which builds the exploit.
|
@@ -60,6 +60,8 @@ module Ronin
|
|
60
60
|
# 6. {Exploit#cleanup cleanup} - optional Method which performs additional
|
61
61
|
# cleanup steps.
|
62
62
|
#
|
63
|
+
# [Params]: https://ronin-rb.dev/docs/ronin-core/Ronin/Core/Params/Mixin.html
|
64
|
+
#
|
63
65
|
# ## Example
|
64
66
|
#
|
65
67
|
# require 'ronin/exploits/exploit'
|
@@ -136,7 +138,7 @@ module Ronin
|
|
136
138
|
#
|
137
139
|
# ### description
|
138
140
|
#
|
139
|
-
# Defines a longer multi-paragraph
|
141
|
+
# Defines a longer multi-paragraph description of the exploit.
|
140
142
|
#
|
141
143
|
# description <<~EOS
|
142
144
|
# This is my first exploit.
|
@@ -313,7 +315,7 @@ module Ronin
|
|
313
315
|
end
|
314
316
|
|
315
317
|
#
|
316
|
-
# Determines whether the exploit has been
|
318
|
+
# Determines whether the exploit has been publicly released yet.
|
317
319
|
#
|
318
320
|
# @return [Boolean]
|
319
321
|
#
|
@@ -526,7 +528,7 @@ module Ronin
|
|
526
528
|
end
|
527
529
|
|
528
530
|
#
|
529
|
-
# Builds the exploit and then
|
531
|
+
# Builds the exploit and then launches the exploit.
|
530
532
|
#
|
531
533
|
# @param [Boolean] dry_run
|
532
534
|
# If `true` performs a dry-run by only calling {#build} and **not**
|
@@ -633,7 +635,7 @@ module Ronin
|
|
633
635
|
end
|
634
636
|
|
635
637
|
#
|
636
|
-
# Place holder method for testing whether the
|
638
|
+
# Place holder method for testing whether the target is vulnerable.
|
637
639
|
#
|
638
640
|
# @return [Test::Vulnerable, Test::NotVulnerable, Test::Unknown]
|
639
641
|
#
|
data/lib/ronin/exploits/lfi.rb
CHANGED
@@ -73,7 +73,7 @@ module Ronin
|
|
73
73
|
# Gets or sets the directory traversal depth for the LFI vulnerability.
|
74
74
|
#
|
75
75
|
# @param [Integer, nil] new_depth
|
76
|
-
# The optional new directory
|
76
|
+
# The optional new directory traversal depth to set.
|
77
77
|
#
|
78
78
|
# @return [Integer]
|
79
79
|
# The LFI vulnerability's directory traverse depth.
|
@@ -40,7 +40,7 @@ module Ronin
|
|
40
40
|
|
41
41
|
module ClassMethods
|
42
42
|
#
|
43
|
-
# Gets or sets the
|
43
|
+
# Gets or sets the exploit's targeted architecture.
|
44
44
|
#
|
45
45
|
# @param [:x86, :x86_64, :ia64, :amd64, :ppc, :ppc64, :mips, :mips_le, :mips_be, :mips64, :mips64_le, :mips64_be, :arm, :arm_le, :arm_be, :arm64, :arm64_le, :arm64_be, nil] new_arch
|
46
46
|
# The optional new architecture to set.
|
@@ -24,8 +24,8 @@ module Ronin
|
|
24
24
|
module Exploits
|
25
25
|
module Mixins
|
26
26
|
#
|
27
|
-
# Adds methods for building exploit files. Also adds a `
|
28
|
-
#
|
27
|
+
# Adds methods for building exploit files. Also adds a `filename` param
|
28
|
+
# and a
|
29
29
|
# {Metadata::DefaultFilename::ClassMethods#default_filename default_filename}
|
30
30
|
# class method.
|
31
31
|
#
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ronin-exploits
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Postmodern
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-01
|
11
|
+
date: 2023-02-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: uri-query_params
|
@@ -30,98 +30,98 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 1.0
|
33
|
+
version: '1.0'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 1.0
|
40
|
+
version: '1.0'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: ronin-code-sql
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 2.0
|
47
|
+
version: '2.0'
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 2.0
|
54
|
+
version: '2.0'
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: ronin-payloads
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: 0.1
|
61
|
+
version: '0.1'
|
62
62
|
type: :runtime
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: 0.1
|
68
|
+
version: '0.1'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: ronin-vulns
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
73
|
- - "~>"
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: 0.1
|
75
|
+
version: '0.1'
|
76
76
|
type: :runtime
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: 0.1
|
82
|
+
version: '0.1'
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: ronin-post_ex
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
87
|
- - "~>"
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: 0.1
|
89
|
+
version: '0.1'
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - "~>"
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: 0.1
|
96
|
+
version: '0.1'
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: ronin-core
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 0.1
|
103
|
+
version: '0.1'
|
104
104
|
type: :runtime
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: 0.1
|
110
|
+
version: '0.1'
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: ronin-repos
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
114
114
|
requirements:
|
115
115
|
- - "~>"
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 0.1
|
117
|
+
version: '0.1'
|
118
118
|
type: :runtime
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - "~>"
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 0.1
|
124
|
+
version: '0.1'
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|