ronin-exploits 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ruby.yml +2 -2
- data/ChangeLog.md +18 -0
- data/README.md +2 -3
- data/data/new/exploit.rb.erb +8 -8
- data/lib/ronin/exploits/cli/commands/new.rb +2 -1
- data/lib/ronin/exploits/cli/commands/run.rb +1 -1
- data/lib/ronin/exploits/mixins/http.rb +1 -7
- data/lib/ronin/exploits/mixins/remote_tcp.rb +7 -5
- data/lib/ronin/exploits/mixins/remote_udp.rb +7 -5
- data/lib/ronin/exploits/mixins/text.rb +2 -0
- data/lib/ronin/exploits/version.rb +1 -1
- data/man/ronin-exploits-irb.1 +2 -2
- data/man/ronin-exploits-list.1 +2 -2
- data/man/ronin-exploits-new.1 +4 -4
- data/man/ronin-exploits-new.1.md +2 -2
- data/man/ronin-exploits-run.1 +2 -2
- data/man/ronin-exploits-show.1 +2 -2
- data/man/ronin-exploits.1 +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5cfd3c025753ca4049f2ec1f5a61aa9442e6fb39dab803aed575cfddcfadd0e8
|
4
|
+
data.tar.gz: 48651dbef77525c74e9fbcdea6a7688f4048e2be5ce696a1301b408fb8d30e2f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3c048f3293d44ec2c8615d56ee8c3ab363aa0393fa3fe50dc35b83875ab289b86f55fa28501a127138ee8eca3bc5bce077debee6b0992154294bcfbe825da840
|
7
|
+
data.tar.gz: 76486d06cf34785a94b867ca79cde13fe79da7a26e71896388fc5cd8c46ff0968e4484e8da854d99a7c02c084cd7e3edcae67f7dffec5fb014023e8e593d2f4a
|
data/.github/workflows/ruby.yml
CHANGED
@@ -16,7 +16,7 @@ jobs:
|
|
16
16
|
- truffleruby
|
17
17
|
name: Ruby ${{ matrix.ruby }}
|
18
18
|
steps:
|
19
|
-
- uses: actions/checkout@
|
19
|
+
- uses: actions/checkout@v4
|
20
20
|
- name: Set up Ruby
|
21
21
|
uses: ruby/setup-ruby@v1
|
22
22
|
with:
|
@@ -35,7 +35,7 @@ jobs:
|
|
35
35
|
rubocop:
|
36
36
|
runs-on: ubuntu-latest
|
37
37
|
steps:
|
38
|
-
- uses: actions/checkout@
|
38
|
+
- uses: actions/checkout@v4
|
39
39
|
- name: Set up Ruby
|
40
40
|
uses: ruby/setup-ruby@v1
|
41
41
|
with:
|
data/ChangeLog.md
CHANGED
@@ -1,3 +1,21 @@
|
|
1
|
+
### 1.0.4 / 2023-12-23
|
2
|
+
|
3
|
+
* Documentation fixes.
|
4
|
+
|
5
|
+
#### CLI
|
6
|
+
|
7
|
+
* Fixed a bug in `ronin-exploits run` when the exploit does not accept a payload
|
8
|
+
and no payload is given.
|
9
|
+
|
10
|
+
### 1.0.3 / 2023-09-19
|
11
|
+
|
12
|
+
#### CLI
|
13
|
+
|
14
|
+
* All newly generated exploit files using `ronin-exploit new` should have a
|
15
|
+
`summary` and a `description`.
|
16
|
+
* Fixed a bug where the `ronin-exploits new` options `--author`,
|
17
|
+
`--author-email`, or `--summary` were not properly escaping given values.
|
18
|
+
|
1
19
|
### 1.0.2 / 2023-06-12
|
2
20
|
|
3
21
|
* Corrected the `class_dir` for {Ronin::Exploits}; even though
|
data/README.md
CHANGED
@@ -8,7 +8,6 @@
|
|
8
8
|
* [Issues](https://github.com/ronin-rb/ronin-exploits/issues)
|
9
9
|
* [Documentation](https://rubydoc.info/github/ronin-rb/ronin-exploits/frames)
|
10
10
|
* [Discord](https://discord.gg/6WAb3PsVX9) |
|
11
|
-
[Twitter](https://twitter.com/ronin_rb) |
|
12
11
|
[Mastodon](https://infosec.exchange/@ronin_rb)
|
13
12
|
|
14
13
|
## Description
|
@@ -155,8 +154,8 @@ $ ronin-exploits run my_exploit --param host=example.com --param port=9999 \
|
|
155
154
|
Generate a ronin repository of your own exploits (and/or payloads):
|
156
155
|
|
157
156
|
```shell
|
158
|
-
$ ronin-repos new my-
|
159
|
-
$ cd my-
|
157
|
+
$ ronin-repos new my-repo
|
158
|
+
$ cd my-repo/
|
160
159
|
$ mkdir exploits
|
161
160
|
$ ronin-exploits new exploits/my_exploit.rb --type stack_overflow \
|
162
161
|
--arch x86 --os linux --software ExampleWare --software-version 1.2.3 \
|
data/data/new/exploit.rb.erb
CHANGED
@@ -41,7 +41,7 @@ module Ronin
|
|
41
41
|
# disclosure_date 'YYYY-MM-DD'
|
42
42
|
<%- unless @advisories.empty? -%>
|
43
43
|
<%- @advisories.each do |advisory| -%>
|
44
|
-
advisory
|
44
|
+
advisory <%= advisory.inspect -%>
|
45
45
|
<%- end -%>
|
46
46
|
<%- else -%>
|
47
47
|
# advisory 'CVE-YYYY-NNNN'
|
@@ -49,23 +49,23 @@ module Ronin
|
|
49
49
|
<%- end -%>
|
50
50
|
|
51
51
|
<%- if @author_email -%>
|
52
|
-
author
|
52
|
+
author <%= @author_name.inspect %>, email: <%= @author_email.inspect %>
|
53
53
|
<%- else -%>
|
54
|
-
author
|
54
|
+
author <%= @author_name.inspect %>
|
55
55
|
<%- end -%>
|
56
56
|
<%- if @summary -%>
|
57
|
-
summary
|
57
|
+
summary <%= @summary.inspect %>
|
58
58
|
<%- else -%>
|
59
|
-
|
59
|
+
summary "FIX ME"
|
60
60
|
<%- end -%>
|
61
61
|
<%- if @description -%>
|
62
62
|
description <<~DESC
|
63
63
|
<%= @description %>
|
64
64
|
DESC
|
65
65
|
<%- else -%>
|
66
|
-
|
67
|
-
|
68
|
-
|
66
|
+
description <<~DESC
|
67
|
+
FIX ME
|
68
|
+
DESC
|
69
69
|
<%- end -%>
|
70
70
|
<%- unless @references.empty? -%>
|
71
71
|
references [
|
@@ -29,7 +29,6 @@ require 'ronin/core/cli/generator/options/author'
|
|
29
29
|
require 'ronin/core/cli/generator/options/summary'
|
30
30
|
require 'ronin/core/cli/generator/options/description'
|
31
31
|
require 'ronin/core/cli/generator/options/reference'
|
32
|
-
require 'ronin/core/git'
|
33
32
|
|
34
33
|
require 'command_kit/inflector'
|
35
34
|
|
@@ -78,6 +77,7 @@ module Ronin
|
|
78
77
|
include Core::CLI::Generator
|
79
78
|
include Payloads::CLI::Generator
|
80
79
|
|
80
|
+
# Mapping of exploit types and their file/class names.
|
81
81
|
EXPLOIT_TYPES = {
|
82
82
|
exploit: {
|
83
83
|
file: 'exploit',
|
@@ -135,6 +135,7 @@ module Ronin
|
|
135
135
|
}
|
136
136
|
}
|
137
137
|
|
138
|
+
# Mapping of network mixins and their file/module names.
|
138
139
|
NETWORKING_TYPES = {
|
139
140
|
remote_tcp: {
|
140
141
|
file: 'remote_tcp',
|
@@ -160,13 +160,7 @@ module Ronin
|
|
160
160
|
# @option kwargs [Hash, String, nil] :form_data
|
161
161
|
# The form data that may be sent in the body of the request.
|
162
162
|
#
|
163
|
-
# @option kwargs [String, nil] :
|
164
|
-
# The user to authenticate as.
|
165
|
-
#
|
166
|
-
# @option kwargs [String, nil] :password (http_password)
|
167
|
-
# The password to authenticate with.
|
168
|
-
#
|
169
|
-
# @option kwargs [Hash{Symbol,String => String}, nil] :headers
|
163
|
+
# @option kwargs [Hash{Symbol,String => String}, nil] :headers (http_headers)
|
170
164
|
# Additional HTTP headers to use for the request.
|
171
165
|
#
|
172
166
|
|
@@ -31,6 +31,8 @@ module Ronin
|
|
31
31
|
#
|
32
32
|
# Adds TCP helper methods for communicating with a remote host.
|
33
33
|
#
|
34
|
+
# @see https://ronin-rb.dev/docs/ronin-support/Ronin/Support/Network/TCP/Mixin.html
|
35
|
+
#
|
34
36
|
# @api public
|
35
37
|
#
|
36
38
|
# @since 1.0.0
|
@@ -64,15 +66,15 @@ module Ronin
|
|
64
66
|
# @param [Integer] port
|
65
67
|
# The port to connect to.
|
66
68
|
#
|
67
|
-
# @param [
|
68
|
-
# Additional keyword arguments for {#tcp_connect}.
|
69
|
-
#
|
70
|
-
# @option kwargs [String, nil] bind_host
|
69
|
+
# @param [String, nil] bind_host
|
71
70
|
# The local host to bind to.
|
72
71
|
#
|
73
|
-
# @
|
72
|
+
# @param [Integer, nil] bind_port
|
74
73
|
# The local port to bind to.
|
75
74
|
#
|
75
|
+
# @param [Hash{Symbol => Object}] kwargs
|
76
|
+
# Additional keyword arguments for {#tcp_connect}.
|
77
|
+
#
|
76
78
|
# @option kwargs [Integer] :timeout (5)
|
77
79
|
# The maximum time to attempt connecting.
|
78
80
|
#
|
@@ -31,6 +31,8 @@ module Ronin
|
|
31
31
|
#
|
32
32
|
# Adds UDP helper methods for communicating with a remote host.
|
33
33
|
#
|
34
|
+
# @see https://ronin-rb.dev/docs/ronin-support/Ronin/Support/Network/UDP/Mixin.html
|
35
|
+
#
|
34
36
|
# @api public
|
35
37
|
#
|
36
38
|
# @since 1.0.0
|
@@ -64,15 +66,15 @@ module Ronin
|
|
64
66
|
# @param [Integer] port
|
65
67
|
# The port to connect to.
|
66
68
|
#
|
67
|
-
# @param [
|
68
|
-
# Additional keyword arguments for {#udp_connect}.
|
69
|
-
#
|
70
|
-
# @option kwargs [String, nil] :bind_host
|
69
|
+
# @param [String, nil] bind_host
|
71
70
|
# The local host to bind to.
|
72
71
|
#
|
73
|
-
# @
|
72
|
+
# @param kwargs [Integer, nil] bind_port
|
74
73
|
# The local port to bind to.
|
75
74
|
#
|
75
|
+
# @param [Hash{Symbol => Object}] kwargs
|
76
|
+
# Additional keyword arguments for {#udp_connect}.
|
77
|
+
#
|
76
78
|
# @option kwargs [Integer] :timeout (5)
|
77
79
|
# The maximum time to attempt connecting.
|
78
80
|
#
|
data/man/ronin-exploits-irb.1
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
.\" Generated by kramdown-man 0.1.
|
1
|
+
.\" Generated by kramdown-man 0.1.9
|
2
2
|
.\" https://github.com/postmodern/kramdown-man#readme
|
3
3
|
.TH ronin-exploits-irb 1 "2023-02-01" Ronin "User Manuals"
|
4
4
|
.LP
|
5
5
|
.SH SYNOPSIS
|
6
6
|
.LP
|
7
|
-
.
|
7
|
+
.PP
|
8
8
|
\fBronin-exploits irb\fR \[lB]\fIoptions\fP\[rB]
|
9
9
|
.LP
|
10
10
|
.SH DESCRIPTION
|
data/man/ronin-exploits-list.1
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
.\" Generated by kramdown-man 0.1.
|
1
|
+
.\" Generated by kramdown-man 0.1.9
|
2
2
|
.\" https://github.com/postmodern/kramdown-man#readme
|
3
3
|
.TH ronin-exploits-list 1 "2023-02-01" Ronin "User Manuals"
|
4
4
|
.LP
|
5
5
|
.SH SYNOPSIS
|
6
6
|
.LP
|
7
|
-
.
|
7
|
+
.PP
|
8
8
|
\fBronin-exploits list\fR \[lB]\fIoptions\fP\[rB] \fIDIR\fP
|
9
9
|
.LP
|
10
10
|
.SH DESCRIPTION
|
data/man/ronin-exploits-new.1
CHANGED
@@ -1,11 +1,11 @@
|
|
1
|
-
.\" Generated by kramdown-man 0.1.
|
1
|
+
.\" Generated by kramdown-man 0.1.9
|
2
2
|
.\" https://github.com/postmodern/kramdown-man#readme
|
3
3
|
.TH ronin-exploits-new 1 "2023-02-01" Ronin "User Manuals"
|
4
4
|
.LP
|
5
5
|
.SH SYNOPSIS
|
6
6
|
.LP
|
7
|
-
.
|
8
|
-
\fBronin-exploits new\fR \[lB]\fIoptions\fP\[rB] \
|
7
|
+
.PP
|
8
|
+
\fBronin-exploits new\fR \[lB]\fIoptions\fP\[rB] \fIPATH\fP
|
9
9
|
.LP
|
10
10
|
.SH DESCRIPTION
|
11
11
|
.LP
|
@@ -15,7 +15,7 @@ Creates a new exploit file\.
|
|
15
15
|
.SH ARGUMENTS
|
16
16
|
.LP
|
17
17
|
.TP
|
18
|
-
\
|
18
|
+
\fIPATH\fP
|
19
19
|
The path to the exploit file to generate\.
|
20
20
|
.LP
|
21
21
|
.SH OPTIONS
|
data/man/ronin-exploits-new.1.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
## SYNOPSIS
|
4
4
|
|
5
|
-
`ronin-exploits new` [*options*] *
|
5
|
+
`ronin-exploits new` [*options*] *PATH*
|
6
6
|
|
7
7
|
## DESCRIPTION
|
8
8
|
|
@@ -10,7 +10,7 @@ Creates a new exploit file.
|
|
10
10
|
|
11
11
|
## ARGUMENTS
|
12
12
|
|
13
|
-
*
|
13
|
+
*PATH*
|
14
14
|
The path to the exploit file to generate.
|
15
15
|
|
16
16
|
## OPTIONS
|
data/man/ronin-exploits-run.1
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
.\" Generated by kramdown-man 0.1.
|
1
|
+
.\" Generated by kramdown-man 0.1.9
|
2
2
|
.\" https://github.com/postmodern/kramdown-man#readme
|
3
3
|
.TH ronin-exploits-run 1 "2023-02-01" Ronin "User Manuals"
|
4
4
|
.LP
|
5
5
|
.SH SYNOPSIS
|
6
6
|
.LP
|
7
|
-
.
|
7
|
+
.PP
|
8
8
|
\fBronin-exploits run\fR \[lB]\fIoptions\fP\[rB] \[lC]\fINAME\fP \[or] \fB--file\fR \fIFILE\fP\[rC]
|
9
9
|
.LP
|
10
10
|
.SH DESCRIPTION
|
data/man/ronin-exploits-show.1
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
.\" Generated by kramdown-man 0.1.
|
1
|
+
.\" Generated by kramdown-man 0.1.9
|
2
2
|
.\" https://github.com/postmodern/kramdown-man#readme
|
3
3
|
.TH ronin-exploits-show 1 "2023-02-01" Ronin "User Manuals"
|
4
4
|
.LP
|
5
5
|
.SH SYNOPSIS
|
6
6
|
.LP
|
7
|
-
.
|
7
|
+
.PP
|
8
8
|
\fBronin-exploits show\fR \[lB]\fIoptions\fP\[rB] \[lC]\fINAME\fP \[or] \-\-file \fIFILE\fP\[rC]
|
9
9
|
.LP
|
10
10
|
.SH DESCRIPTION
|
data/man/ronin-exploits.1
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
.\" Generated by kramdown-man 0.1.
|
1
|
+
.\" Generated by kramdown-man 0.1.9
|
2
2
|
.\" https://github.com/postmodern/kramdown-man#readme
|
3
3
|
.TH ronin-exploits 1 "2023-02-01" Ronin "User Manuals"
|
4
4
|
.LP
|
5
5
|
.SH SYNOPSIS
|
6
6
|
.LP
|
7
|
-
.
|
7
|
+
.PP
|
8
8
|
\fBronin-exploits\fR \[lB]\fIoptions\fP\[rB] \[lB]\fICOMMAND\fP \[lB]\.\.\.\[rB]\[rB]
|
9
9
|
.LP
|
10
10
|
.SH DESCRIPTION
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ronin-exploits
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Postmodern
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-12-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: uri-query_params
|