ronin-exploits 1.0.4 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5cfd3c025753ca4049f2ec1f5a61aa9442e6fb39dab803aed575cfddcfadd0e8
4
- data.tar.gz: 48651dbef77525c74e9fbcdea6a7688f4048e2be5ce696a1301b408fb8d30e2f
3
+ metadata.gz: 13a47ad5232e96a5bc9cefd24683dcbe3c0d1dfe0cb96dabe210c972e4ed36e8
4
+ data.tar.gz: 2979cbb74e0989df458a7d0bd6437d9ad32073b86c314bdb9021e20af90a8c4c
5
5
  SHA512:
6
- metadata.gz: 3c048f3293d44ec2c8615d56ee8c3ab363aa0393fa3fe50dc35b83875ab289b86f55fa28501a127138ee8eca3bc5bce077debee6b0992154294bcfbe825da840
7
- data.tar.gz: 76486d06cf34785a94b867ca79cde13fe79da7a26e71896388fc5cd8c46ff0968e4484e8da854d99a7c02c084cd7e3edcae67f7dffec5fb014023e8e593d2f4a
6
+ metadata.gz: 270ffbeb092a9694d0d49d583810b687caf51f0e9cdcf426a16a705c7112426c210263ecccfe40444d81e92198196f31bba5658debf5dc16f6c8abdba7255338
7
+ data.tar.gz: d15786ac0fefc31fcdabdd7e8f8fa7586017bc145904f913b893942680a896581c347f088ae357201f4fe517158851d5de09e2c0196a5e2bb6013c87acf47102
@@ -12,6 +12,7 @@ jobs:
12
12
  - '3.0'
13
13
  - '3.1'
14
14
  - '3.2'
15
+ - '3.3'
15
16
  - jruby
16
17
  - truffleruby
17
18
  name: Ruby ${{ matrix.ruby }}
data/ChangeLog.md CHANGED
@@ -1,3 +1,22 @@
1
+ ### 1.0.5 / 2024-06-19
2
+
3
+ #### CLI
4
+
5
+ * Correctly assign the `-d` short flag to `--debug` and the `-D` short flag to
6
+ `--dry-run` for the `ronin-exploits run` command.
7
+ * Multiple bug fixes to the `ronin-exploits new` command:
8
+ * Create the parent directory of the new exploit file, if it already doesn't
9
+ exist, when running `ronin-exploits new path/to/new_exploit.rb`.
10
+ * Fixed a bug where `ronin-exploits new -t open_redirect` was not being
11
+ accepted as a valid exploit type.
12
+ * Fixed a bug in `ronin-explotis new` where `-t xss` and `-t ssti` were not
13
+ adding placeholder `base_path` and `query_param` metadata attributes to the
14
+ newly generated exploit file.
15
+ * Fixed a typo in the example `escape_expr` metadata attribute added by
16
+ `ronin-exploits new -t ssti`.
17
+ * Fixed a spelling mistake in the new exploit template used by the
18
+ `ronin-exploits new` command.
19
+
1
20
  ### 1.0.4 / 2023-12-23
2
21
 
3
22
  * Documentation fixes.
@@ -44,7 +44,7 @@ module Ronin
44
44
  advisory <%= advisory.inspect -%>
45
45
  <%- end -%>
46
46
  <%- else -%>
47
- # advisory 'CVE-YYYY-NNNN'
47
+ # advisory 'CVE-YYYY-XXXX'
48
48
  # advisory 'GHSA-XXXXXX'
49
49
  <%- end -%>
50
50
 
@@ -81,6 +81,8 @@ module Ronin
81
81
  <%- end -%>
82
82
  <%- if web_vuln_exploit? -%>
83
83
 
84
+ base_path '/FIXME'
85
+ query_param 'FIXME'
84
86
  <%- if @exploit_type[:class] == 'LFI' -%>
85
87
  # depth 7
86
88
  <%- elsif @exploit_type[:class] == 'SQLI' -%>
@@ -88,7 +90,7 @@ module Ronin
88
90
  # escape_parens true
89
91
  # terminate true
90
92
  <%- elsif @exploit_type[:class] == 'SSTI' -%>
91
- # escape_expr ->(expr) { "{{${expr}}}" }
93
+ # escape_expr ->(expr) { "{{#{expr}}}" }
92
94
  <%- end -%>
93
95
  <%- else -%>
94
96
  <%- if @has_payload -%>
@@ -106,7 +108,7 @@ module Ronin
106
108
  <%- end -%>
107
109
 
108
110
  # #
109
- # # Test whether the target systme is vulnerable.
111
+ # # Test whether the target system is vulnerable.
110
112
  # #
111
113
  # def test
112
114
  # # return Vulnerable('host is vulnerable')
@@ -109,6 +109,11 @@ module Ronin
109
109
  class: 'Web'
110
110
  },
111
111
 
112
+ open_redirect: {
113
+ file: 'open_redirect',
114
+ class: 'OpenRedirect'
115
+ },
116
+
112
117
  lfi: {
113
118
  file: 'lfi',
114
119
  class: 'LFI'
@@ -283,9 +288,12 @@ module Ronin
283
288
  # The path to the new exploit file.
284
289
  #
285
290
  def run(file)
291
+ @directory = File.dirname(file)
286
292
  @file_name = File.basename(file,File.extname(file))
287
293
  @class_name = CommandKit::Inflector.camelize(@file_name)
288
294
 
295
+ mkdir @directory unless @directory == '.'
296
+
289
297
  erb "exploit.rb.erb", file
290
298
  chmod '+x', file
291
299
  end
@@ -298,17 +306,13 @@ module Ronin
298
306
  # @return [String]
299
307
  #
300
308
  def format_kwargs(kwargs)
301
- args = []
302
-
303
- kwargs.each do |key,value|
304
- args << "#{key}: #{value.inspect}"
305
- end
306
-
307
- return args.join(', ')
309
+ kwargs.map { |key,value|
310
+ "#{key}: #{value.inspect}"
311
+ }.join(', ')
308
312
  end
309
313
 
310
314
  # Web exploit class names.
311
- WEB_VULN_EXPLOITS = %w[LFI RFI SQLI]
315
+ WEB_VULN_EXPLOITS = %w[OpenRedirect LFI RFI SQLI SSTI XSS]
312
316
 
313
317
  #
314
318
  # Determines if the exploit type is `stack_overflow`.
@@ -70,7 +70,7 @@ module Ronin
70
70
  # -S, --target-software NAME Selects the target with the matching software name
71
71
  # -V, --target-version VERSION Selects the target with the matching software version
72
72
  # -L, --save-loot DIR Saves any found loot to the DIR
73
- # -D, --debug Enables debugging messages
73
+ # -d, --debug Enables debugging messages
74
74
  # --irb Open an interactive Ruby shell inside the exploit
75
75
  # -h, --help Print help information
76
76
  #
@@ -211,7 +211,7 @@ module Ronin
211
211
  },
212
212
  desc: 'Saves any found loot to the DIR'
213
213
 
214
- option :debug, short: '-D',
214
+ option :debug, short: '-d',
215
215
  desc: 'Enables debugging messages' do
216
216
  Support::CLI::Printing.debug = true
217
217
  end
@@ -69,7 +69,7 @@ module Ronin
69
69
  # @param [String, nil] bind_host
70
70
  # The local host to bind to.
71
71
  #
72
- # @param kwargs [Integer, nil] bind_port
72
+ # @param [Integer, nil] bind_port
73
73
  # The local port to bind to.
74
74
  #
75
75
  # @param [Hash{Symbol => Object}] kwargs
@@ -22,6 +22,6 @@
22
22
  module Ronin
23
23
  module Exploits
24
24
  # ronin-exploits version
25
- VERSION = '1.0.4'
25
+ VERSION = '1.0.5'
26
26
  end
27
27
  end
@@ -93,7 +93,7 @@ Selects the target with the matching software version\.
93
93
  Saves any found loot to the \fIDIR\fP\.
94
94
  .LP
95
95
  .TP
96
- \fB-D\fR, \fB--debug\fR
96
+ \fB-d\fR, \fB--debug\fR
97
97
  Enables debugging messages\.
98
98
  .LP
99
99
  .TP
@@ -69,7 +69,7 @@ Loads and runs an exploit.
69
69
  `-L`, `--save-loot` *DIR*
70
70
  Saves any found loot to the *DIR*.
71
71
 
72
- `-D`, `--debug`
72
+ `-d`, `--debug`
73
73
  Enables debugging messages.
74
74
 
75
75
  `--irb`
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ronin-exploits
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Postmodern
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-24 00:00:00.000000000 Z
11
+ date: 2024-06-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: uri-query_params
@@ -290,7 +290,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
290
290
  - !ruby/object:Gem::Version
291
291
  version: '0'
292
292
  requirements: []
293
- rubygems_version: 3.3.26
293
+ rubygems_version: 3.3.27
294
294
  signing_key:
295
295
  specification_version: 4
296
296
  summary: A Ruby micro-framework for writing and running exploits and payloads.