ronin-exploits 1.0.4 → 1.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5cfd3c025753ca4049f2ec1f5a61aa9442e6fb39dab803aed575cfddcfadd0e8
-  data.tar.gz: 48651dbef77525c74e9fbcdea6a7688f4048e2be5ce696a1301b408fb8d30e2f
+  metadata.gz: 13a47ad5232e96a5bc9cefd24683dcbe3c0d1dfe0cb96dabe210c972e4ed36e8
+  data.tar.gz: 2979cbb74e0989df458a7d0bd6437d9ad32073b86c314bdb9021e20af90a8c4c
 SHA512:
-  metadata.gz: 3c048f3293d44ec2c8615d56ee8c3ab363aa0393fa3fe50dc35b83875ab289b86f55fa28501a127138ee8eca3bc5bce077debee6b0992154294bcfbe825da840
-  data.tar.gz: 76486d06cf34785a94b867ca79cde13fe79da7a26e71896388fc5cd8c46ff0968e4484e8da854d99a7c02c084cd7e3edcae67f7dffec5fb014023e8e593d2f4a
+  metadata.gz: 270ffbeb092a9694d0d49d583810b687caf51f0e9cdcf426a16a705c7112426c210263ecccfe40444d81e92198196f31bba5658debf5dc16f6c8abdba7255338
+  data.tar.gz: d15786ac0fefc31fcdabdd7e8f8fa7586017bc145904f913b893942680a896581c347f088ae357201f4fe517158851d5de09e2c0196a5e2bb6013c87acf47102

data/.github/workflows/ruby.yml

@@ -12,6 +12,7 @@ jobs:
           - '3.0'
           - '3.1'
           - '3.2'
+          - '3.3'
           - jruby
           - truffleruby
     name: Ruby ${{ matrix.ruby }}

data/ChangeLog.md

@@ -1,3 +1,22 @@
+### 1.0.5 / 2024-06-19
+
+#### CLI
+
+* Correctly assign the `-d` short flag to `--debug` and the `-D` short flag to
+  `--dry-run` for the `ronin-exploits run` command.
+* Multiple bug fixes to the `ronin-exploits new` command:
+  * Create the parent directory of the new exploit file, if it already doesn't
+    exist, when running `ronin-exploits new path/to/new_exploit.rb`.
+  * Fixed a bug where `ronin-exploits new -t open_redirect` was not being
+    accepted as a valid exploit type.
+  * Fixed a bug in `ronin-explotis new` where `-t xss` and `-t ssti` were not
+    adding placeholder `base_path` and `query_param` metadata attributes to the
+    newly generated exploit file.
+  * Fixed a typo in the example `escape_expr` metadata attribute added by
+    `ronin-exploits new -t ssti`.
+  * Fixed a spelling mistake in the new exploit template used by the
+    `ronin-exploits new` command.
+
 ### 1.0.4 / 2023-12-23
 
 * Documentation fixes.

data/data/new/exploit.rb.erb

@@ -44,7 +44,7 @@ module Ronin
       advisory <%= advisory.inspect -%>
       <%-   end -%>
       <%- else -%>
-      # advisory 'CVE-YYYY-NNNN'
+      # advisory 'CVE-YYYY-XXXX'
       # advisory 'GHSA-XXXXXX'
       <%- end -%>
 
@@ -81,6 +81,8 @@ module Ronin
       <%- end -%>
       <%- if web_vuln_exploit? -%>
 
+      base_path '/FIXME'
+      query_param 'FIXME'
       <%- if @exploit_type[:class] == 'LFI' -%>
       # depth 7
       <%- elsif @exploit_type[:class] == 'SQLI' -%>
@@ -88,7 +90,7 @@ module Ronin
       # escape_parens true
       # terminate true
       <%- elsif @exploit_type[:class] == 'SSTI' -%>
-      # escape_expr ->(expr) { "{{${expr}}}" }
+      # escape_expr ->(expr) { "{{#{expr}}}" }
       <%- end -%>
       <%- else -%>
       <%- if @has_payload -%>
@@ -106,7 +108,7 @@ module Ronin
       <%- end -%>
 
       # #
-      # # Test whether the target systme is vulnerable.
+      # # Test whether the target system is vulnerable.
       # #
       # def test
       #   # return Vulnerable('host is vulnerable')

data/lib/ronin/exploits/cli/commands/new.rb

@@ -109,6 +109,11 @@ module Ronin
               class: 'Web'
             },
 
+            open_redirect: {
+              file:  'open_redirect',
+              class: 'OpenRedirect'
+            },
+
             lfi: {
               file:  'lfi',
               class: 'LFI'
@@ -283,9 +288,12 @@ module Ronin
           #   The path to the new exploit file.
           #
           def run(file)
+            @directory  = File.dirname(file)
             @file_name  = File.basename(file,File.extname(file))
             @class_name = CommandKit::Inflector.camelize(@file_name)
 
+            mkdir @directory unless @directory == '.'
+
             erb "exploit.rb.erb", file
             chmod '+x', file
           end
@@ -298,17 +306,13 @@ module Ronin
           # @return [String]
           #
           def format_kwargs(kwargs)
-            args = []
-
-            kwargs.each do |key,value|
-              args << "#{key}: #{value.inspect}"
-            end
-
-            return args.join(', ')
+            kwargs.map { |key,value|
+              "#{key}: #{value.inspect}"
+            }.join(', ')
           end
 
           # Web exploit class names.
-          WEB_VULN_EXPLOITS = %w[LFI RFI SQLI]
+          WEB_VULN_EXPLOITS = %w[OpenRedirect LFI RFI SQLI SSTI XSS]
 
           #
           # Determines if the exploit type is `stack_overflow`.

data/lib/ronin/exploits/cli/commands/run.rb

@@ -70,7 +70,7 @@ module Ronin
         #     -S, --target-software NAME       Selects the target with the matching software name
         #     -V, --target-version VERSION     Selects the target with the matching software version
         #     -L, --save-loot DIR              Saves any found loot to the DIR
-        #     -D, --debug                      Enables debugging messages
+        #     -d, --debug                      Enables debugging messages
         #         --irb                        Open an interactive Ruby shell inside the exploit
         #     -h, --help                       Print help information
         #
@@ -211,7 +211,7 @@ module Ronin
                              },
                              desc: 'Saves any found loot to the DIR'
 
-          option :debug, short: '-D',
+          option :debug, short: '-d',
                          desc: 'Enables debugging messages' do
                            Support::CLI::Printing.debug = true
                          end

data/lib/ronin/exploits/mixins/remote_udp.rb

@@ -69,7 +69,7 @@ module Ronin
         # @param [String, nil] bind_host
         #   The local host to bind to.
         #
-        # @param kwargs [Integer, nil] bind_port
+        # @param [Integer, nil] bind_port
         #   The local port to bind to.
         #
         # @param [Hash{Symbol => Object}] kwargs

data/lib/ronin/exploits/version.rb

@@ -22,6 +22,6 @@
 module Ronin
   module Exploits
     # ronin-exploits version
-    VERSION = '1.0.4'
+    VERSION = '1.0.5'
   end
 end

data/man/ronin-exploits-run.1

@@ -93,7 +93,7 @@ Selects the target with the matching software version\.
 Saves any found loot to the \fIDIR\fP\.
 .LP
 .TP
-\fB-D\fR, \fB--debug\fR
+\fB-d\fR, \fB--debug\fR
 Enables debugging messages\.
 .LP
 .TP

data/man/ronin-exploits-run.1.md

@@ -69,7 +69,7 @@ Loads and runs an exploit.
 `-L`, `--save-loot` *DIR*
   Saves any found loot to the *DIR*.
 
-`-D`, `--debug`
+`-d`, `--debug`
   Enables debugging messages.
 
 `--irb`

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ronin-exploits
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 1.0.5
 platform: ruby
 authors:
 - Postmodern
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-24 00:00:00.000000000 Z
+date: 2024-06-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: uri-query_params
@@ -290,7 +290,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.3.27
 signing_key:
 specification_version: 4
 summary: A Ruby micro-framework for writing and running exploits and payloads.