ronin-exploits 1.0.1 → 1.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7c482725859543f95754cb4e3fd61e31326eec9a63c2f8d5f5f1e7a64e2bb29e
-  data.tar.gz: e35da617d9f8301d4fb5a3fff6eb77a17615c0477cdbbaa2e26e4b152a05af6b
+  metadata.gz: 4e6dbf77b0e6b4b6de88b6a1afe5484b74918b7a5e3a74007da060381d419f90
+  data.tar.gz: 14664066b0d2262912344e5a3c41e4f247eb60bc1d8464bd0b7ca93348cb9549
 SHA512:
-  metadata.gz: 7a1b389e0283581e586a65729bb5994f1f8c0ccddee570117bf1746638a09d07b30eed9c13f777d064b436bec418df0697c9e86f39fbf7db1c86bb5e25b5755c
-  data.tar.gz: 857e56f993e8c55580ef358c8021ae526431607f3ed6188f1813e81dee6a91308dfe95cd2d32b1bf5284e5945f64abddd93893bc3e6211b5d0d350d6d99e31a7
+  metadata.gz: 7ed8dedb7ddb26720c0a9df41894e3c97d952c7872bb93adbb76a02d2ffb132368e8a94e3e579daa7517a9b95c7aa97713df88eb0170bc35cd3dfb80c6088828
+  data.tar.gz: c6674278d65300b9f4862ef98a1282d0f8a8b7def02618a1ee11df02069c255ba1d493d8ad6b85a64704d0df4f5be0ceb81ae140e3e6e426cb31dc82ac5570ad

data/ChangeLog.md

@@ -1,3 +1,27 @@
+### 1.0.3 / 2023-09-19
+
+#### CLI
+
+* All newly generated exploit files using `ronin-exploit new` should have a
+  `summary` and a `description`.
+* Fixed a bug where the `ronin-exploits new` options `--author`,
+  `--author-email`, or `--summary` were not properly escaping given values.
+
+### 1.0.2 / 2023-06-12
+
+* Corrected the `class_dir` for {Ronin::Exploits}; even though
+  `ronin-exploits` will never contain any built-in exploits.
+* Avoid using `case`/`in` syntax for TruffleRuby.
+* Documentation fixes and improvements.
+
+#### CLI
+
+* Fixed a typo in `ronin-exploits new` man-page.
+* Fixed a bug in the `ronin-exploits show` command where a target's `version`
+  was not being printed.
+* Fixed a bug where `ronin-exploits new --payload-type command`  wasn't being
+  accepted as a valid payload type.
+
 ### 1.0.1 / 2023-03-01
 
 * Require [ronin-support] ~> 1.0, >= 1.0.1.

data/Gemfile

@@ -15,21 +15,21 @@ end
 #                              branch: 'main'
 
 # Ronin dependencies
-# gem 'ronin-support',  '~> 1.0', github: "ronin-rb/ronin-support",
+# gem 'ronin-support',  '~> 1.0', github: 'ronin-rb/ronin-support',
 #                                 branch: 'main'
-# gem 'ronin-payloads', '~> 0.1', github: "ronin-rb/ronin-payloads",
+# gem 'ronin-payloads', '~> 0.1', github: 'ronin-rb/ronin-payloads',
 #                                 branch: 'main'
-# gem 'ronin-vulns',    '~> 0.1', github: "ronin-rb/ronin-vulns",
+# gem 'ronin-vulns',    '~> 0.1', github: 'ronin-rb/ronin-vulns',
 #                                 branch: 'main'
-# gem 'ronin-post_ex',  '~> 0.1', github: "ronin-rb/ronin-post_ex",
+# gem 'ronin-post_ex',  '~> 0.1', github: 'ronin-rb/ronin-post_ex',
 #                                 branch: 'main'
-# gem 'ronin-core',     '~> 0.1', github: "ronin-rb/ronin-core",
+# gem 'ronin-core',     '~> 0.1', github: 'ronin-rb/ronin-core',
 #                                 branch: 'main'
-# gem 'ronin-repos',    '~> 0.1', github: "ronin-rb/ronin-repos",
+# gem 'ronin-repos',    '~> 0.1', github: 'ronin-rb/ronin-repos',
 #                                 branch: 'main'
-# gem 'ronin-code-asm', '~> 1.0', github: "ronin-rb/ronin-code-asm",
+# gem 'ronin-code-asm', '~> 1.0', github: 'ronin-rb/ronin-code-asm',
 #                                 branch: 'main'
-# gem 'ronin-code-sql', '~> 2.0', github: "ronin-rb/ronin-code-sql",
+# gem 'ronin-code-sql', '~> 2.0', github: 'ronin-rb/ronin-code-sql',
 #                                 branch: 'main'
 
 group :development do

data/README.md

@@ -8,7 +8,6 @@
 * [Issues](https://github.com/ronin-rb/ronin-exploits/issues)
 * [Documentation](https://rubydoc.info/github/ronin-rb/ronin-exploits/frames)
 * [Discord](https://discord.gg/6WAb3PsVX9) |
-  [Twitter](https://twitter.com/ronin_rb) |
   [Mastodon](https://infosec.exchange/@ronin_rb)
 
 ## Description
@@ -401,6 +400,10 @@ module Ronin
 end
 ```
 
+For real-world example ronin exploits, see the [example-exploits] repository.
+
+[example-exploits]: https://github.com/ronin-rb/example-exploits
+
 ## Requirements
 
 * [Ruby] >= 3.0.0

data/data/new/exploit.rb.erb

@@ -5,7 +5,7 @@ require 'ronin/exploits/<%= @exploit_type[:file] -%>'
 require 'ronin/exploits/mixins/<%= @networking_mixin[:file] -%>'
 <%- end -%>
 <%- if @target -%>
-require 'ronin/exploits/mixins/has_target'
+require 'ronin/exploits/mixins/has_targets'
 <%- end -%>
 <%- if @has_payload -%>
 require 'ronin/exploits/mixins/has_payload'
@@ -41,7 +41,7 @@ module Ronin
       # disclosure_date 'YYYY-MM-DD'
       <%- unless @advisories.empty? -%>
       <%-   @advisories.each do |advisory| -%>
-      advisory '<%= advisory -%>'
+      advisory <%= advisory.inspect -%>
       <%-   end -%>
       <%- else -%>
       # advisory 'CVE-YYYY-NNNN'
@@ -49,23 +49,23 @@ module Ronin
       <%- end -%>
 
       <%- if @author_email -%>
-      author '<%= @author_name %>', email: '<%= @author_email -%>'
+      author <%= @author_name.inspect %>, email: <%= @author_email.inspect %>
       <%- else -%>
-      author '<%= @author_name %>'
+      author <%= @author_name.inspect %>
       <%- end -%>
       <%- if @summary -%>
-      summary "<%= @summary %>"
+      summary <%= @summary.inspect %>
       <%- else -%>
-      # summary "FIX ME"
+      summary "FIX ME"
       <%- end -%>
       <%- if @description -%>
       description <<~DESC
         <%= @description %>
       DESC
       <%- else -%>
-      # description <<~DESC
-      #   FIX ME
-      # DESC
+      description <<~DESC
+        FIX ME
+      DESC
       <%- end -%>
       <%- unless @references.empty? -%>
       references [

data/lib/ronin/exploits/cli/commands/new.rb

@@ -55,7 +55,7 @@ module Ronin
         #     -I CVE-YYYY-NNNN|GHSA-XXXXX|..., Add the advisory ID to the exploit
         #         --advisory-id
         #     -R, --reference URL              Adds a reference URL
-        #     -P payload|asm|shellcode|c|shell|powershell|html|javascript|typpescript|java|sql|php|nodejs,
+        #     -P payload|asm|shellcode|c|command|shell|powershell|html|javascript|typpescript|java|sql|php|nodejs,
         #         --has-payload                The payload type the exploit uses
         #     -N remote_tcp|remote_udp|http,   The networking mixin to use
         #         --networking

data/lib/ronin/exploits/cli/commands/run.rb

@@ -234,12 +234,12 @@ module Ronin
 
           # The payload params.
           #
-          # @return [Hash{Hash{String => String}]
+          # @return [Hash{String => String}]
           attr_reader :payload_params
 
           # The keyword arguments to select a target with.
           #
-          # @return [Hash{Hash{Symbol => Object}]
+          # @return [Hash{Symbol => Object}]
           attr_reader :target_kwargs
 
           #
@@ -291,8 +291,10 @@ module Ronin
           def load_encoders
             @encoder_classes = @encoders_to_load.map do |(type,value)|
               case type
-              in :name then load_encoder(value)
-              in :file then load_encoder_from(value)
+              when :name then load_encoder(value)
+              when :file then load_encoder_from(value)
+              else
+                raise(NotImplementedError,"invalid encoder type: #{type.inspect}")
               end
             end
           end

data/lib/ronin/exploits/cli/commands/show.rb

@@ -266,8 +266,8 @@ module Ronin
             end
 
             if target.software
-              fields['Software'] = if target.software_version
-                                     "#{target.software} #{target.software_version}"
+              fields['Software'] = if target.version
+                                     "#{target.software} #{target.version}"
                                    else
                                      target.software
                                    end

data/lib/ronin/exploits/cli/exploit_methods.rb

@@ -42,11 +42,11 @@ module Ronin
         def load_exploit(name)
           Exploits.load_class(name)
         rescue Exploits::ClassNotFound => error
-          print_error error.message
+          print_error(error.message)
           exit(1)
         rescue => error
           print_exception(error)
-          print_error "an unhandled exception occurred while loading exploit #{name}"
+          print_error("an unhandled exception occurred while loading exploit #{name}")
           exit(-1)
         end
 
@@ -62,11 +62,11 @@ module Ronin
         def load_exploit_from(file)
           Exploits.load_class_from_file(file)
         rescue Exploits::ClassNotFound => error
-          print_error error.message
+          print_error(error.message)
           exit(1)
         rescue => error
           print_exception(error)
-          print_error "an unhandled exception occurred while loading exploit from file #{file}"
+          print_error("an unhandled exception occurred while loading exploit from file #{file}")
           exit(-1)
         end
 
@@ -79,14 +79,17 @@ module Ronin
         # @param [Hash{Symbol => Object}] kwargs
         #   Additional keyword arguments for {Exploit#initialize}.
         #
+        # @return [Exploit]
+        #   The initialized exploit object.
+        #
         def initialize_exploit(exploit_class,**kwargs)
           exploit_class.new(**kwargs)
         rescue Core::Params::ParamError => error
-          print_error error.message
+          print_error(error.message)
           exit(1)
         rescue => error
           print_exception(error)
-          print_error "an unhandled exception occurred while initializing exploit #{exploit_class.id}"
+          print_error("an unhandled exception occurred while initializing exploit #{exploit_class.id}")
           exit(-1)
         end
 
@@ -105,11 +108,11 @@ module Ronin
         def validate_exploit(exploit)
           exploit.perform_validate
         rescue Core::Params::ParamError, ValidationError => error
-          print_error "failed to validate the exploit #{exploit.class_id}: #{error.message}"
+          print_error("failed to validate the exploit #{exploit.class_id}: #{error.message}")
           exit(1)
         rescue => error
           print_exception(error)
-          print_error "an unhandled exception occurred while validating the exploit #{exploit.class_id}"
+          print_error("an unhandled exception occurred while validating the exploit #{exploit.class_id}")
           exit(-1)
         end
       end

data/lib/ronin/exploits/exploit.rb

@@ -117,7 +117,7 @@ module Ronin
     #
     # ### register
     #
-    # Registers the exploit with `Exploits`.
+    # Registers the exploit with {Exploits}.
     #
     #     register 'my_exploit'
     #
@@ -276,6 +276,9 @@ module Ronin
       # @param [String] exploit_id
       #   The exploit's `id`.
       #
+      # @example
+      #   register 'my_exploit'
+      #
       # @api public
       #
       def self.register(exploit_id)

data/lib/ronin/exploits/metadata/os.rb

@@ -47,10 +47,10 @@ module Ronin
           #
           # Gets or sets the exploit's targeted Operating System (OS).
           #
-          # @param [:unix, :bsd, :freebsd, :openbsd, :netbsd, :linux, :macos, :windows, nil] new_os
+          # @param [:unix, :bsd, :freebsd, :openbsd, :netbsd, :linux, :macos, :windows, :android, nil] new_os
           #   The optional new Operating System (OS) to set.
           #
-          # @return [:unix, :bsd, :freebsd, :openbsd, :netbsd, :linux, :macos, :windows, nil]
+          # @return [:unix, :bsd, :freebsd, :openbsd, :netbsd, :linux, :macos, :windows, :android, nil]
           #   The exploit's Operating System (OS).
           #
           # @example
@@ -97,7 +97,7 @@ module Ronin
         #
         # The Operating System (OS) that the exploit targets.
         #
-        # @return [:unix, :bsd, :freebsd, :openbsd, :netbsd, :linux, :macos, :windows, nil]
+        # @return [:unix, :bsd, :freebsd, :openbsd, :netbsd, :linux, :macos, :windows, :android, nil]
         #
         # @see ClassMethods#os
         #

data/lib/ronin/exploits/mixins/binary.rb

@@ -79,6 +79,9 @@ module Ronin
         #          Ronin::Support::Binary::CTypes::Arch::X86_64,
         #          Ronin::Support::Binary::CTypes::OS]
         #
+        # @raise [ArgumentError]
+        #   The exploit defined an unknown `arch` or `os` value.
+        #
         def platform
           @platform ||= Support::Binary::CTypes.platform(
                           arch: arch,

data/lib/ronin/exploits/mixins/remote_tcp.rb

@@ -31,6 +31,8 @@ module Ronin
       #
       # Adds TCP helper methods for communicating with a remote host.
       #
+      # @see https://ronin-rb.dev/docs/ronin-support/Ronin/Support/Network/TCP/Mixin.html
+      #
       # @api public
       #
       # @since 1.0.0

data/lib/ronin/exploits/mixins/remote_udp.rb

@@ -31,6 +31,8 @@ module Ronin
       #
       # Adds UDP helper methods for communicating with a remote host.
       #
+      # @see https://ronin-rb.dev/docs/ronin-support/Ronin/Support/Network/UDP/Mixin.html
+      #
       # @api public
       #
       # @since 1.0.0

data/lib/ronin/exploits/mixins/text.rb

@@ -36,6 +36,8 @@ module Ronin
       #     # ...
       #   end
       #
+      # @see https://ronin-rb.dev/docs/ronin-support/Ronin/Support/Text/Mixin.html
+      #
       # @api public
       #
       # @since 1.0.0

data/lib/ronin/exploits/registry.rb

@@ -30,7 +30,7 @@ module Ronin
     include Core::ClassRegistry
     include Repos::ClassDir
 
-    class_dir "#{__dir__}/exploits/builtin"
+    class_dir "#{__dir__}/builtin"
     repo_class_dir 'exploits'
   end
 end

data/lib/ronin/exploits/version.rb

@@ -22,6 +22,6 @@
 module Ronin
   module Exploits
     # ronin-exploits version
-    VERSION = '1.0.1'
+    VERSION = '1.0.3'
   end
 end

data/man/ronin-exploits-new.1

@@ -50,7 +50,7 @@ Add the advisory ID to the exploit\.
 Adds a reference to the exploit\.
 .LP
 .TP
-\fB-P\fR, \fB--has-payload\fR \fBpayload\fR\[or]\fBasm\fR\[or]\fBshellcode\fR\[or]\fBc\fR\[or]\fBshell\fR\[or]\fBpowershell\fR\[or]\fBhtml\fR\[or]\fBjavascript\fR\[or]\fBtyppescript\fR\[or]\fBjava\fR\[or]\fBsql\fR\[or]\fBphp\fR\[or]\fBnodejs\fR
+\fB-P\fR, \fB--has-payload\fR \fBpayload\fR\[or]\fBasm\fR\[or]\fBshellcode\fR\[or]\fBc\fR\[or]\fBcommand\fR\[or]\fBshell\fR\[or]\fBpowershell\fR\[or]\fBhtml\fR\[or]\fBjavascript\fR\[or]\fBtypescript\fR\[or]\fBjava\fR\[or]\fBsql\fR\[or]\fBphp\fR\[or]\fBnodejs\fR
 The payload type the exploit uses\.
 .LP
 .TP

data/man/ronin-exploits-new.1.md

@@ -37,7 +37,7 @@ Creates a new exploit file.
 `-R`, `--reference` *URL*
   Adds a reference to the exploit.
 
-`-P`, `--has-payload` `payload`\|`asm`\|`shellcode`\|`c`\|`shell`\|`powershell`\|`html`\|`javascript`\|`typpescript`\|`java`\|`sql`\|`php`\|`nodejs`
+`-P`, `--has-payload` `payload`\|`asm`\|`shellcode`\|`c`\|`command`\|`shell`\|`powershell`\|`html`\|`javascript`\|`typescript`\|`java`\|`sql`\|`php`\|`nodejs`
   The payload type the exploit uses.
 
 `-N`, `--networking` `remote_tcp`\|`remote_udp`\|`http`

data/man/ronin-exploits.1

@@ -27,19 +27,19 @@ Print help information
 .SH COMMANDS
 .LP
 .TP
-\fIirb\fP
+\fBirb\fR
 Starts ronin\-exploits interactive Ruby shell\.
 .LP
 .TP
-\fIlist\fP
+\fBlist\fR
 Lists available exploits\.
 .LP
 .TP
-\fIrun\fP
+\fBrun\fR
 Runs an exploit\.
 .LP
 .TP
-\fIhelp\fP
+\fBhelp\fR
 Lists available commands or shows help about a specific command\.
 .LP
 .SH AUTHOR

data/man/ronin-exploits.1.md

@@ -20,16 +20,16 @@ Runs a `ronin-exploits` *COMMAND*.
 
 ## COMMANDS
 
-*irb*
+`irb`
   Starts ronin-exploits interactive Ruby shell.
 
-*list*
+`list`
   Lists available exploits.
 
-*run*
+`run`
   Runs an exploit.
 
-*help*
+`help`
   Lists available commands or shows help about a specific command.
 
 ## AUTHOR

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ronin-exploits
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.3
 platform: ruby
 authors:
 - Postmodern
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-03-02 00:00:00.000000000 Z
+date: 2023-09-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: uri-query_params