ronin-exploits 1.0.0.beta3 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 850efd0369626bc57a83bf7d51ab1d8fc471bfe1472feee5720c80d7f064fdb5
4
- data.tar.gz: b185d3383dc0549dd4aa9aa5e9df990a9554081028fb4cf2e49fd47332ffba7a
3
+ metadata.gz: f4fb437a6634a2eef3dae27f5d940718e94d1e5d7839113e9b02d849daeb2f81
4
+ data.tar.gz: 661bbae01973ba0ec2e367abef7fd137534dff1597b8486dde94e64afcc6e780
5
5
  SHA512:
6
- metadata.gz: 958a1be608668de05fd28d2baeb44d1e7be1765cae684a4110a3183d92647582e6d51921ea24347a562685750717faf5e6e33d62102947f7f11afa3c9b8e7d3b
7
- data.tar.gz: 8dbb0fc9782bced0ea57d49f9f65181ee752776c52ae31f437c368affecbb7a44e288c4e6568ea030d48ee1afde343b3c2cef56d9c9ad2e0c66af68519e216ab
6
+ metadata.gz: 9c40d3ba6b13842ddb66b762cac6aaa26a22f3feb03a8f68abf1fdc7d90696fb4cc03da0fd4472ea77af9e861eb92cf4a7165a5fc023b4ecb4e59f0ef13fa234
7
+ data.tar.gz: 8b81f266e3b256f028a01b1d10a85d0d1d09cfbcdfecab07e5bf25ebae0f96adee5b7881515eb4cfaccae5ae0e4807377315f50db9213ab5268b179db3e87640
data/README.md CHANGED
@@ -18,7 +18,7 @@ ronin-exploits allows one to write exploits as plain old Ruby classes.
18
18
  ronin-exploits can be distributed as Ruby files or as git repositories that can
19
19
  be installed using [ronin-repos].
20
20
 
21
- **tl;dr** It's like a simpler version of
21
+ **tl;dr** It's like a simpler and more modular version of
22
22
  [Metasploit](https://www.metasploit.com/).
23
23
 
24
24
  ronin-exploits is part of the [ronin-rb] project, a [Ruby] toolkit for security
@@ -26,22 +26,22 @@ research and development.
26
26
 
27
27
  ## Features
28
28
 
29
- * Provides a succinct syntax and API for writing exploits in as few lines as
30
- possible.
31
- * Supports defining exploits as plain old Ruby classes.
29
+ * Provides a succinct [syntax](#examples) and [API][docs-exploit] for writing
30
+ exploits in as few lines as possible.
31
+ * Supports [defining exploits as plain old Ruby classes][docs-exploit].
32
32
  * Supports loading exploits from Ruby files or from installed 3rd-party
33
33
  git repositories.
34
34
  * Provides base classes and mixin modules for a variety of exploit types:
35
- * Stack Overflows
36
- * SEH Overflows
37
- * Heap Overflows
38
- * Use After Free (UAF)
39
- * Open Redirect
40
- * Local File Inclusions (LFI)
41
- * Remote File Inclusions (RFI)
42
- * SQL injections (SQLi)
43
- * Cross-Site Scripting (XSS)
44
- * Server-Side Template Injection (SSTI)
35
+ * [Stack Overflows][docs-stack-overflow]
36
+ * [SEH Overflows][docs-seh-overflow]
37
+ * [Heap Overflows][docs-heap-overflow]
38
+ * [Use After Free (UAF)][docs-use-after-free]
39
+ * [Open Redirect][docs-open-redirect]
40
+ * [Local File Inclusions (LFI)][docs-lfi]
41
+ * [Remote File Inclusions (RFI)][docs-rfi]
42
+ * [SQL injections (SQLi)][docs-sqli]
43
+ * [Cross-Site Scripting (XSS)][docs-xss]
44
+ * [Server-Side Template Injection (SSTI)][docs-ssti]
45
45
  * Uses the [ronin-payloads] library for exploit payloads.
46
46
  * Uses the [ronin-post_ex] library for post-exploitation.
47
47
  * Provides a simple CLI for listing, displaying, running, and generating new
@@ -50,6 +50,18 @@ research and development.
50
50
  * Has 86% documentation coverage.
51
51
  * Small memory footprint (~47Kb).
52
52
 
53
+ [docs-exploit]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/Exploit.html
54
+ [docs-stack-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/StackOverflow.html
55
+ [docs-seh-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SEHOverflow.html
56
+ [docs-heap-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/HeapOverflow.html
57
+ [docs-use-after-free]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/UseAfterFree.html
58
+ [docs-open-redirect]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/OpenRedirect.html
59
+ [docs-lfi]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/LFI.html
60
+ [docs-rfi]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/RFI.html
61
+ [docs-sqli]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SQLI.html
62
+ [docs-xss]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/XSS.html
63
+ [docs-ssti]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SSTI.html
64
+
53
65
  ## Anti-Features
54
66
 
55
67
  * No magic: exploits are defined as classes in files.
data/gemspec.yml CHANGED
@@ -34,13 +34,13 @@ generated_files:
34
34
  dependencies:
35
35
  uri-query_params: ~> 0.6
36
36
  # Ronin dependencies:
37
- ronin-support: ~> 1.0.0.beta1
38
- ronin-code-sql: ~> 2.0.0.beta1
39
- ronin-payloads: ~> 0.1.0.beta1
40
- ronin-vulns: ~> 0.1.0.beta1
41
- ronin-post_ex: ~> 0.1.0.beta1
42
- ronin-core: ~> 0.1.0.beta1
43
- ronin-repos: ~> 0.1.0.beta1
37
+ ronin-support: ~> 1.0
38
+ ronin-code-sql: ~> 2.0
39
+ ronin-payloads: ~> 0.1
40
+ ronin-vulns: ~> 0.1
41
+ ronin-post_ex: ~> 0.1
42
+ ronin-core: ~> 0.1
43
+ ronin-repos: ~> 0.1
44
44
 
45
45
  development_dependencies:
46
46
  bundler: ~> 2.0
@@ -252,7 +252,7 @@ module Ronin
252
252
  man_page 'ronin-exploits-new.1'
253
253
 
254
254
  #
255
- # Initialies the `ronin-exploits new` command.
255
+ # Initializes the `ronin-exploits new` command.
256
256
  #
257
257
  # @param [Hash{Symbol => Object}] kwargs
258
258
  # Additional keyword arguments.
@@ -52,7 +52,7 @@ module Ronin
52
52
  # The {Exploit} class defines six key parts:
53
53
  #
54
54
  # 1. Metadata - defines information about the exploit.
55
- # 2. Params - user configurable parameters.
55
+ # 2. [Params] - user configurable parameters.
56
56
  # 3. {Exploit#test test} - optional method that tests whether the target is
57
57
  # vulnerable or not.
58
58
  # 4. {Exploit#build build} - method which builds the exploit.
@@ -60,6 +60,8 @@ module Ronin
60
60
  # 6. {Exploit#cleanup cleanup} - optional Method which performs additional
61
61
  # cleanup steps.
62
62
  #
63
+ # [Params]: https://ronin-rb.dev/docs/ronin-core/Ronin/Core/Params/Mixin.html
64
+ #
63
65
  # ## Example
64
66
  #
65
67
  # require 'ronin/exploits/exploit'
@@ -136,7 +138,7 @@ module Ronin
136
138
  #
137
139
  # ### description
138
140
  #
139
- # Defines a longer multi-paragraph escription of the exploit.
141
+ # Defines a longer multi-paragraph description of the exploit.
140
142
  #
141
143
  # description <<~EOS
142
144
  # This is my first exploit.
@@ -313,7 +315,7 @@ module Ronin
313
315
  end
314
316
 
315
317
  #
316
- # Determines whether the exploit has been publically released yet.
318
+ # Determines whether the exploit has been publicly released yet.
317
319
  #
318
320
  # @return [Boolean]
319
321
  #
@@ -526,7 +528,7 @@ module Ronin
526
528
  end
527
529
 
528
530
  #
529
- # Builds the exploit and then launchs the exploit.
531
+ # Builds the exploit and then launches the exploit.
530
532
  #
531
533
  # @param [Boolean] dry_run
532
534
  # If `true` performs a dry-run by only calling {#build} and **not**
@@ -633,7 +635,7 @@ module Ronin
633
635
  end
634
636
 
635
637
  #
636
- # Place holder method for testing whether the targeet is vulnerable.
638
+ # Place holder method for testing whether the target is vulnerable.
637
639
  #
638
640
  # @return [Test::Vulnerable, Test::NotVulnerable, Test::Unknown]
639
641
  #
@@ -73,7 +73,7 @@ module Ronin
73
73
  # Gets or sets the directory traversal depth for the LFI vulnerability.
74
74
  #
75
75
  # @param [Integer, nil] new_depth
76
- # The optional new directory trasversal depth to set.
76
+ # The optional new directory traversal depth to set.
77
77
  #
78
78
  # @return [Integer]
79
79
  # The LFI vulnerability's directory traverse depth.
@@ -40,7 +40,7 @@ module Ronin
40
40
 
41
41
  module ClassMethods
42
42
  #
43
- # Gets or sets the exploits's targetted architecture.
43
+ # Gets or sets the exploit's targeted architecture.
44
44
  #
45
45
  # @param [:x86, :x86_64, :ia64, :amd64, :ppc, :ppc64, :mips, :mips_le, :mips_be, :mips64, :mips64_le, :mips64_be, :arm, :arm_le, :arm_be, :arm64, :arm64_le, :arm64_be, nil] new_arch
46
46
  # The optional new architecture to set.
@@ -40,7 +40,7 @@ module Ronin
40
40
 
41
41
  module ClassMethods
42
42
  #
43
- # Gets or sets the exploits's default filename.
43
+ # Gets or sets the exploit's default filename.
44
44
  #
45
45
  # @param [Integer, nil] new_default_filename
46
46
  # The optional new default filename to set.
@@ -40,7 +40,7 @@ module Ronin
40
40
 
41
41
  module ClassMethods
42
42
  #
43
- # Gets or sets the exploits's default port.
43
+ # Gets or sets the exploit's default port.
44
44
  #
45
45
  # @param [Integer, nil] new_default_port
46
46
  # The optional new default port number to set.
@@ -24,8 +24,8 @@ module Ronin
24
24
  module Exploits
25
25
  module Mixins
26
26
  #
27
- # Adds methods for building exploit files. Also adds a `filenam`
28
- # param and a
27
+ # Adds methods for building exploit files. Also adds a `filename` param
28
+ # and a
29
29
  # {Metadata::DefaultFilename::ClassMethods#default_filename default_filename}
30
30
  # class method.
31
31
  #
@@ -81,7 +81,7 @@ module Ronin
81
81
  end
82
82
 
83
83
  #
84
- # An individual NOP instructure for the target architecture of the
84
+ # An individual NOP instruction for the target architecture of the
85
85
  # exploit.
86
86
  #
87
87
  # @return [String]
@@ -64,7 +64,7 @@ module Ronin
64
64
  end
65
65
 
66
66
  #
67
- # Expands the URL or path into a fully qualitifed URL.
67
+ # Expands the URL or path into a fully qualified URL.
68
68
  #
69
69
  # @param [String] path
70
70
  # The URL or path to expand.
@@ -21,6 +21,6 @@
21
21
  module Ronin
22
22
  module Exploits
23
23
  # ronin-exploits version
24
- VERSION = '1.0.0.beta3'
24
+ VERSION = '1.0.0'
25
25
  end
26
26
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ronin-exploits
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.beta3
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Postmodern
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-16 00:00:00.000000000 Z
11
+ date: 2023-02-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: uri-query_params
@@ -30,98 +30,98 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.0.0.beta1
33
+ version: '1.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.0.0.beta1
40
+ version: '1.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: ronin-code-sql
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: 2.0.0.beta1
47
+ version: '2.0'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: 2.0.0.beta1
54
+ version: '2.0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: ronin-payloads
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 0.1.0.beta1
61
+ version: '0.1'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 0.1.0.beta1
68
+ version: '0.1'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: ronin-vulns
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 0.1.0.beta1
75
+ version: '0.1'
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 0.1.0.beta1
82
+ version: '0.1'
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: ronin-post_ex
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: 0.1.0.beta1
89
+ version: '0.1'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: 0.1.0.beta1
96
+ version: '0.1'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: ronin-core
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 0.1.0.beta1
103
+ version: '0.1'
104
104
  type: :runtime
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 0.1.0.beta1
110
+ version: '0.1'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: ronin-repos
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.1.0.beta1
117
+ version: '0.1'
118
118
  type: :runtime
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.1.0.beta1
124
+ version: '0.1'
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: bundler
127
127
  requirement: !ruby/object:Gem::Requirement