ronin-exploits 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (87) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +14 -0
  3. data/.rubocop.yml +61 -0
  4. data/ChangeLog.md +13 -2
  5. data/Gemfile +5 -1
  6. data/Rakefile +3 -1
  7. data/bin/ronin-exploits +6 -7
  8. data/gemspec.yml +3 -3
  9. data/lib/ronin/exploits/advisory.rb +1 -0
  10. data/lib/ronin/exploits/cli/command.rb +1 -0
  11. data/lib/ronin/exploits/cli/commands/irb.rb +1 -0
  12. data/lib/ronin/exploits/cli/commands/list.rb +1 -0
  13. data/lib/ronin/exploits/cli/commands/new.rb +12 -1
  14. data/lib/ronin/exploits/cli/commands/run.rb +40 -21
  15. data/lib/ronin/exploits/cli/commands/show.rb +11 -8
  16. data/lib/ronin/exploits/cli/exploit_command.rb +4 -0
  17. data/lib/ronin/exploits/cli/exploit_methods.rb +4 -0
  18. data/lib/ronin/exploits/cli/ruby_shell.rb +1 -0
  19. data/lib/ronin/exploits/cli.rb +1 -0
  20. data/lib/ronin/exploits/client_side_web_vuln.rb +1 -0
  21. data/lib/ronin/exploits/exceptions.rb +1 -0
  22. data/lib/ronin/exploits/exploit.rb +20 -16
  23. data/lib/ronin/exploits/heap_overflow.rb +1 -0
  24. data/lib/ronin/exploits/lfi.rb +6 -6
  25. data/lib/ronin/exploits/loot/file.rb +2 -1
  26. data/lib/ronin/exploits/loot.rb +1 -0
  27. data/lib/ronin/exploits/memory_corruption.rb +1 -0
  28. data/lib/ronin/exploits/metadata/arch.rb +4 -0
  29. data/lib/ronin/exploits/metadata/cookie_param.rb +4 -0
  30. data/lib/ronin/exploits/metadata/default_filename.rb +4 -0
  31. data/lib/ronin/exploits/metadata/default_port.rb +4 -0
  32. data/lib/ronin/exploits/metadata/header_name.rb +4 -0
  33. data/lib/ronin/exploits/metadata/os.rb +4 -0
  34. data/lib/ronin/exploits/metadata/shouts.rb +17 -9
  35. data/lib/ronin/exploits/metadata/url_path.rb +4 -0
  36. data/lib/ronin/exploits/metadata/url_query_param.rb +4 -0
  37. data/lib/ronin/exploits/mixins/binary.rb +1 -0
  38. data/lib/ronin/exploits/mixins/file_builder.rb +3 -2
  39. data/lib/ronin/exploits/mixins/format_string.rb +4 -3
  40. data/lib/ronin/exploits/mixins/has_payload.rb +4 -3
  41. data/lib/ronin/exploits/mixins/has_targets.rb +1 -0
  42. data/lib/ronin/exploits/mixins/html.rb +4 -0
  43. data/lib/ronin/exploits/mixins/http.rb +24 -19
  44. data/lib/ronin/exploits/mixins/loot.rb +3 -2
  45. data/lib/ronin/exploits/mixins/nops.rb +4 -4
  46. data/lib/ronin/exploits/mixins/remote_tcp.rb +2 -1
  47. data/lib/ronin/exploits/mixins/remote_udp.rb +1 -0
  48. data/lib/ronin/exploits/mixins/seh.rb +1 -0
  49. data/lib/ronin/exploits/mixins/stack_overflow.rb +2 -1
  50. data/lib/ronin/exploits/mixins/text.rb +1 -0
  51. data/lib/ronin/exploits/mixins.rb +1 -0
  52. data/lib/ronin/exploits/open_redirect.rb +5 -4
  53. data/lib/ronin/exploits/params/base_url.rb +1 -0
  54. data/lib/ronin/exploits/params/bind_host.rb +1 -0
  55. data/lib/ronin/exploits/params/bind_port.rb +1 -0
  56. data/lib/ronin/exploits/params/filename.rb +3 -2
  57. data/lib/ronin/exploits/params/host.rb +1 -0
  58. data/lib/ronin/exploits/params/port.rb +3 -2
  59. data/lib/ronin/exploits/registry.rb +4 -0
  60. data/lib/ronin/exploits/rfi.rb +9 -6
  61. data/lib/ronin/exploits/root.rb +1 -0
  62. data/lib/ronin/exploits/seh_overflow.rb +9 -8
  63. data/lib/ronin/exploits/sqli.rb +11 -10
  64. data/lib/ronin/exploits/ssti.rb +5 -4
  65. data/lib/ronin/exploits/stack_overflow.rb +9 -8
  66. data/lib/ronin/exploits/target.rb +1 -0
  67. data/lib/ronin/exploits/test_result.rb +2 -1
  68. data/lib/ronin/exploits/use_after_free.rb +1 -0
  69. data/lib/ronin/exploits/version.rb +2 -1
  70. data/lib/ronin/exploits/web.rb +1 -0
  71. data/lib/ronin/exploits/web_vuln.rb +1 -0
  72. data/lib/ronin/exploits/xss.rb +5 -4
  73. data/lib/ronin/exploits.rb +1 -0
  74. data/man/ronin-exploits-irb.1 +1 -1
  75. data/man/ronin-exploits-irb.1.md +1 -1
  76. data/man/ronin-exploits-list.1 +1 -1
  77. data/man/ronin-exploits-list.1.md +1 -1
  78. data/man/ronin-exploits-new.1 +1 -1
  79. data/man/ronin-exploits-new.1.md +2 -2
  80. data/man/ronin-exploits-run.1 +1 -1
  81. data/man/ronin-exploits-run.1.md +1 -1
  82. data/man/ronin-exploits-show.1 +1 -1
  83. data/man/ronin-exploits-show.1.md +1 -1
  84. data/man/ronin-exploits.1 +1 -1
  85. data/man/ronin-exploits.1.md +1 -1
  86. data/ronin-exploits.gemspec +4 -3
  87. metadata +21 -2
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -32,17 +33,17 @@ module Ronin
32
33
  # ## Example
33
34
  #
34
35
  # require 'ronin/exploits/lfi'
35
- #
36
+ #
36
37
  # module Ronin
37
38
  # module Exploits
38
39
  # class MyExploit < LFI
39
- #
40
+ #
40
41
  # register 'my_exploit'
41
- #
42
+ #
42
43
  # base_path '/path/to/page.php'
43
44
  # query_param 'template'
44
45
  # depth 7
45
- #
46
+ #
46
47
  # end
47
48
  # end
48
49
  # end
@@ -66,8 +67,7 @@ module Ronin
66
67
  :base64,
67
68
  :rot13,
68
69
  :zlib
69
- ],
70
- desc: 'Optional filter-bypass strategy to use'
70
+ ], desc: 'Optional filter-bypass strategy to use'
71
71
 
72
72
  #
73
73
  # Gets or sets the directory traversal depth for the LFI vulnerability.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -81,7 +82,7 @@ module Ronin
81
82
  case @format
82
83
  when :json then JSON.pretty_generate(@contents)
83
84
  when :yaml then YAML.dump(@contents)
84
- when :csv
85
+ when :csv
85
86
  CSV.generate do |csv|
86
87
  @contents.each do |row|
87
88
  csv << row
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Gets or sets the exploit's targeted architecture.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Get or sets the target Cookie param of the exploit.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Gets or sets the exploit's default filename.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Gets or sets the exploit's default port.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Get or sets the target HTTP Header name of the exploit.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -39,6 +40,9 @@ module Ronin
39
40
  exploit.extend ClassMethods
40
41
  end
41
42
 
43
+ #
44
+ # Class-methods.
45
+ #
42
46
  module ClassMethods
43
47
  #
44
48
  # Gets or sets the exploit's targeted Operating System (OS).
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -28,13 +29,13 @@ module Ronin
28
29
  # ### Example
29
30
  #
30
31
  # require 'ronin/exploits/metadata/shouts'
31
- #
32
+ #
32
33
  # class MyExploit < Exploit
33
- #
34
+ #
34
35
  # include Metadata::Shouts
35
- #
36
+ #
36
37
  # shouts ['Ultra Laser', 'Dr.Doom']
37
- #
38
+ #
38
39
  # end
39
40
  #
40
41
  module Shouts
@@ -50,6 +51,9 @@ module Ronin
50
51
  base.extend ClassMethods
51
52
  end
52
53
 
54
+ #
55
+ # Class-methods.
56
+ #
53
57
  module ClassMethods
54
58
  #
55
59
  # Gets or sets the exploit's shouts.
@@ -69,13 +73,17 @@ module Ronin
69
73
  #
70
74
  def shouts(new_shouts=nil)
71
75
  if new_shouts
72
- @shouts = shouts() + new_shouts
76
+ @shouts = if superclass.kind_of?(ClassMethods)
77
+ superclass.shouts + new_shouts
78
+ else
79
+ new_shouts
80
+ end
73
81
  else
74
82
  @shouts || if superclass.kind_of?(ClassMethods)
75
- superclass.shouts
76
- else
77
- []
78
- end
83
+ superclass.shouts
84
+ else
85
+ []
86
+ end
79
87
  end
80
88
  end
81
89
  end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Get or sets the target URL path of the exploit.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -38,6 +39,9 @@ module Ronin
38
39
  exploit.extend ClassMethods
39
40
  end
40
41
 
42
+ #
43
+ # Class-methods.
44
+ #
41
45
  module ClassMethods
42
46
  #
43
47
  # Get or sets the target URL query param of the exploit.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -37,13 +38,13 @@ module Ronin
37
38
  #
38
39
  # def build
39
40
  # # ...
40
- #
41
+ #
41
42
  # build_file do |file|
42
43
  # # ...
43
44
  # file.write(buffer)
44
45
  # # ...
45
46
  # end
46
- #
47
+ #
47
48
  # # ...
48
49
  # end
49
50
  #
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -56,7 +57,7 @@ module Ronin
56
57
 
57
58
  buffer = String.new(encoding: Encoding::ASCII_8BIT)
58
59
  buffer << pack(:machine_word,overwrite)
59
- buffer << pack(:machine_word,overwrite + (machine_word.size / 2))
60
+ buffer << pack(:machine_word,overwrite + (machine_word.size / 2))
60
61
 
61
62
  low_mask = 0xff
62
63
 
@@ -72,10 +73,10 @@ module Ronin
72
73
 
73
74
  if low < high
74
75
  low -= (machine_word.size * 2)
75
- buffer << format("%%.%ud%%%u$hn%%.%ud%%%u$hn",low,pop_length,high-low,pop_length+1)
76
+ buffer << format("%%.%ud%%%u$hn%%.%ud%%%u$hn",low,pop_length,high - low,pop_length + 1)
76
77
  else
77
78
  high -= (machine_word.size * 2)
78
- buffer << format("%%.%ud%%%u$hn%%.%ud%%%u$hn",high,pop_length+1,low-high,pop_length)
79
+ buffer << format("%%.%ud%%%u$hn%%.%ud%%%u$hn",high,pop_length + 1,low - high,pop_length)
79
80
  end
80
81
 
81
82
  buffer << payload.to_s
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -32,11 +33,11 @@ module Ronin
32
33
  # module Ronin
33
34
  # module Exploits
34
35
  # class MyExploit < Exploit
35
- #
36
+ #
36
37
  # include Mixins::HasPayload
37
- #
38
+ #
38
39
  # payload_class Ronin::Payloads::JavaScriptPayload
39
- #
40
+ #
40
41
  # end
41
42
  # end
42
43
  # end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -24,6 +25,9 @@ require 'ronin/support/text/core_ext'
24
25
  module Ronin
25
26
  module Exploits
26
27
  module Mixins
28
+ #
29
+ # Mixin which adds methods for building HTML.
30
+ #
27
31
  module HTML
28
32
  #
29
33
  # Formats an HTML attribute name.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -32,6 +33,22 @@ module Ronin
32
33
  # @since 1.0.0
33
34
  #
34
35
  module HTTP
36
+ # Possible values for the `user_agent` param.
37
+ #
38
+ # @api private
39
+ HTTP_USER_AGENT_ALIASES = [
40
+ :random,
41
+ :chrome,
42
+ :firefox,
43
+ :safari,
44
+ :linux,
45
+ :macos,
46
+ :windows,
47
+ :iphone,
48
+ :ipad,
49
+ :android
50
+ ] + Support::Network::HTTP::UserAgents::ALIASES.keys
51
+
35
52
  #
36
53
  # Adds the required `base_url` params to the exploit class.
37
54
  #
@@ -49,19 +66,7 @@ module Ronin
49
66
 
50
67
  exploit.param :http_password, desc: 'The HTTP Basic-Auth password'
51
68
 
52
- user_agent_ids = [
53
- :random,
54
- :chrome,
55
- :firefox,
56
- :safari,
57
- :linux,
58
- :macos,
59
- :windows,
60
- :iphone,
61
- :ipad,
62
- :android
63
- ] + Support::Network::HTTP::UserAgents::ALIASES.keys
64
- exploit.param :user_agent, Core::Params::Types::Enum.new(user_agent_ids), desc: 'The HTTP User-Agent to select'
69
+ exploit.param :user_agent, Core::Params::Types::Enum.new(HTTP_USER_AGENT_ALIASES), desc: 'The HTTP User-Agent to select'
65
70
 
66
71
  exploit.param :raw_user_agent, desc: 'The raw HTTP User-Agent string to use'
67
72
 
@@ -145,22 +150,22 @@ module Ronin
145
150
  #
146
151
  # @option kwargs [String, nil] :query
147
152
  # The query-string to append to the request path.
148
- #
153
+ #
149
154
  # @option kwargs [Hash, nil] :query_params
150
155
  # The query-params to append to the request path.
151
- #
156
+ #
152
157
  # @option kwargs [String, nil] :body
153
158
  # The body of the request.
154
- #
159
+ #
155
160
  # @option kwargs [Hash, String, nil] :form_data
156
161
  # The form data that may be sent in the body of the request.
157
- #
162
+ #
158
163
  # @option kwargs [String, nil] :user (http_user)
159
164
  # The user to authenticate as.
160
- #
165
+ #
161
166
  # @option kwargs [String, nil] :password (http_password)
162
167
  # The password to authenticate with.
163
- #
168
+ #
164
169
  # @option kwargs [Hash{Symbol,String => String}, nil] :headers
165
170
  # Additional HTTP headers to use for the request.
166
171
  #
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -31,7 +32,7 @@ module Ronin
31
32
  # module Ronin
32
33
  # module Exploits
33
34
  # class MyExploit < Exploit
34
- #
35
+ #
35
36
  # include Mixins::Loot
36
37
  #
37
38
  # def launch
@@ -52,7 +53,7 @@ module Ronin
52
53
  # # add CSV data
53
54
  # loot.add('foo.csv', data, format: :csv)
54
55
  # end
55
- #
56
+ #
56
57
  # end
57
58
  # end
58
59
  # end
@@ -45,10 +45,10 @@ module Ronin
45
45
  #
46
46
  # @api private
47
47
  NOPS = {
48
- x86: "\x90".b, # nop
49
- x86_64: "\x90".b, # nop
50
- arm: "\x05P\xa0\xe1".b, # mov r5, r5
51
- arm64: "\xe5\x03\x05\xaa".b, # mov x5, x5
48
+ x86: "\x90".b, # nop
49
+ x86_64: "\x90".b, # nop
50
+ arm: "\x05P\xa0\xe1".b, # mov r5, r5
51
+ arm64: "\xe5\x03\x05\xaa".b # mov x5, x5
52
52
  # TODO: mips
53
53
  # TODO: mips64
54
54
  # TODO: ppc
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -129,7 +130,7 @@ module Ronin
129
130
  # @example
130
131
  # @socket = tcp_connect
131
132
  # # => TCPSocket
132
- #
133
+ #
133
134
  # @example
134
135
  # tcp_connect do |socket|
135
136
  # socket.write("GET /\n\n")
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -102,7 +103,7 @@ module Ronin
102
103
  # @example
103
104
  # ebp = 0x06eb9090 # short jump 6 bytes
104
105
  # eip = 0x1001ae86 # pop pop ret 1001AE86 SSLEAY32.DLL
105
- #
106
+ #
106
107
  # buffer = buffer_overflow(length: 1024, nops: 16, payload: payload, bp: ebp, ip: eip)
107
108
  #
108
109
  def buffer_overflow(length: , nops: nil, payload: , bp: , ip: )
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -34,16 +35,16 @@ module Ronin
34
35
  # ## Example
35
36
  #
36
37
  # require 'ronin/exploits/open_redirect'
37
- #
38
+ #
38
39
  # module Ronin
39
40
  # module Exploits
40
41
  # class MyExploit < OpenRedirect
41
- #
42
+ #
42
43
  # register 'my_exploit'
43
- #
44
+ #
44
45
  # base_path '/path/to/page.php'
45
46
  # query_param 'url'
46
- #
47
+ #
47
48
  # end
48
49
  # end
49
50
  # end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -33,7 +34,7 @@ module Ronin
33
34
  # Setting the default port value:
34
35
  #
35
36
  # include Params::Filename
36
- #
37
+ #
37
38
  # default_filename 'exploit.docx'
38
39
  #
39
40
  # @api public
@@ -53,7 +54,7 @@ module Ronin
53
54
  def self.included(exploit)
54
55
  exploit.include Metadata::DefaultFilename
55
56
  exploit.param :filename, String, required: true,
56
- default: ->{ exploit.default_filename },
57
+ default: -> { exploit.default_filename },
57
58
  desc: 'The filename for the exploit'
58
59
  end
59
60
 
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -33,7 +34,7 @@ module Ronin
33
34
  # Setting the default port value:
34
35
  #
35
36
  # include Params::Port
36
- #
37
+ #
37
38
  # default_port 143
38
39
  #
39
40
  # @api public
@@ -53,7 +54,7 @@ module Ronin
53
54
  def self.included(exploit)
54
55
  exploit.include Metadata::DefaultPort
55
56
  exploit.param :port, Integer, required: true,
56
- default: ->{ exploit.default_port },
57
+ default: -> { exploit.default_port },
57
58
  desc: 'Remote port to connect to'
58
59
  end
59
60
 
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -22,6 +23,9 @@ require 'ronin/core/class_registry'
22
23
  require 'ronin/repos/class_dir'
23
24
 
24
25
  module Ronin
26
+ #
27
+ # Namespace for `ronin-exploits`.
28
+ #
25
29
  module Exploits
26
30
  include Core::ClassRegistry
27
31
  include Repos::ClassDir
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -34,16 +35,16 @@ module Ronin
34
35
  # ## Example
35
36
  #
36
37
  # require 'ronin/exploits/rfi'
37
- #
38
+ #
38
39
  # module Ronin
39
40
  # module Exploits
40
41
  # class MyExploit < RFI
41
- #
42
+ #
42
43
  # register 'my_exploit'
43
- #
44
+ #
44
45
  # base_path '/path/to/page.php'
45
46
  # query_param 'template'
46
- #
47
+ #
47
48
  # end
48
49
  # end
49
50
  # end
@@ -64,8 +65,10 @@ module Ronin
64
65
 
65
66
  param :test_script_url, String, desc: 'The URL for the RFI test script'
66
67
 
67
- param :filter_bypass, Enum[:null_byte, :double_encode],
68
- desc: 'Optional filter bypass strategy'
68
+ param :filter_bypass, Enum[
69
+ :null_byte,
70
+ :double_encode
71
+ ], desc: 'Optional filter bypass strategy'
69
72
 
70
73
  #
71
74
  # Returns the type or kind of exploit.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.