ronin-exploits 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ruby.yml +1 -0
- data/ChangeLog.md +19 -0
- data/data/new/exploit.rb.erb +5 -3
- data/lib/ronin/exploits/cli/commands/new.rb +12 -8
- data/lib/ronin/exploits/cli/commands/run.rb +2 -2
- data/lib/ronin/exploits/mixins/remote_udp.rb +1 -1
- data/lib/ronin/exploits/version.rb +1 -1
- data/man/ronin-exploits-run.1 +1 -1
- data/man/ronin-exploits-run.1.md +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 13a47ad5232e96a5bc9cefd24683dcbe3c0d1dfe0cb96dabe210c972e4ed36e8
|
4
|
+
data.tar.gz: 2979cbb74e0989df458a7d0bd6437d9ad32073b86c314bdb9021e20af90a8c4c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 270ffbeb092a9694d0d49d583810b687caf51f0e9cdcf426a16a705c7112426c210263ecccfe40444d81e92198196f31bba5658debf5dc16f6c8abdba7255338
|
7
|
+
data.tar.gz: d15786ac0fefc31fcdabdd7e8f8fa7586017bc145904f913b893942680a896581c347f088ae357201f4fe517158851d5de09e2c0196a5e2bb6013c87acf47102
|
data/.github/workflows/ruby.yml
CHANGED
data/ChangeLog.md
CHANGED
@@ -1,3 +1,22 @@
|
|
1
|
+
### 1.0.5 / 2024-06-19
|
2
|
+
|
3
|
+
#### CLI
|
4
|
+
|
5
|
+
* Correctly assign the `-d` short flag to `--debug` and the `-D` short flag to
|
6
|
+
`--dry-run` for the `ronin-exploits run` command.
|
7
|
+
* Multiple bug fixes to the `ronin-exploits new` command:
|
8
|
+
* Create the parent directory of the new exploit file, if it already doesn't
|
9
|
+
exist, when running `ronin-exploits new path/to/new_exploit.rb`.
|
10
|
+
* Fixed a bug where `ronin-exploits new -t open_redirect` was not being
|
11
|
+
accepted as a valid exploit type.
|
12
|
+
* Fixed a bug in `ronin-explotis new` where `-t xss` and `-t ssti` were not
|
13
|
+
adding placeholder `base_path` and `query_param` metadata attributes to the
|
14
|
+
newly generated exploit file.
|
15
|
+
* Fixed a typo in the example `escape_expr` metadata attribute added by
|
16
|
+
`ronin-exploits new -t ssti`.
|
17
|
+
* Fixed a spelling mistake in the new exploit template used by the
|
18
|
+
`ronin-exploits new` command.
|
19
|
+
|
1
20
|
### 1.0.4 / 2023-12-23
|
2
21
|
|
3
22
|
* Documentation fixes.
|
data/data/new/exploit.rb.erb
CHANGED
@@ -44,7 +44,7 @@ module Ronin
|
|
44
44
|
advisory <%= advisory.inspect -%>
|
45
45
|
<%- end -%>
|
46
46
|
<%- else -%>
|
47
|
-
# advisory 'CVE-YYYY-
|
47
|
+
# advisory 'CVE-YYYY-XXXX'
|
48
48
|
# advisory 'GHSA-XXXXXX'
|
49
49
|
<%- end -%>
|
50
50
|
|
@@ -81,6 +81,8 @@ module Ronin
|
|
81
81
|
<%- end -%>
|
82
82
|
<%- if web_vuln_exploit? -%>
|
83
83
|
|
84
|
+
base_path '/FIXME'
|
85
|
+
query_param 'FIXME'
|
84
86
|
<%- if @exploit_type[:class] == 'LFI' -%>
|
85
87
|
# depth 7
|
86
88
|
<%- elsif @exploit_type[:class] == 'SQLI' -%>
|
@@ -88,7 +90,7 @@ module Ronin
|
|
88
90
|
# escape_parens true
|
89
91
|
# terminate true
|
90
92
|
<%- elsif @exploit_type[:class] == 'SSTI' -%>
|
91
|
-
# escape_expr ->(expr) { "{{
|
93
|
+
# escape_expr ->(expr) { "{{#{expr}}}" }
|
92
94
|
<%- end -%>
|
93
95
|
<%- else -%>
|
94
96
|
<%- if @has_payload -%>
|
@@ -106,7 +108,7 @@ module Ronin
|
|
106
108
|
<%- end -%>
|
107
109
|
|
108
110
|
# #
|
109
|
-
# # Test whether the target
|
111
|
+
# # Test whether the target system is vulnerable.
|
110
112
|
# #
|
111
113
|
# def test
|
112
114
|
# # return Vulnerable('host is vulnerable')
|
@@ -109,6 +109,11 @@ module Ronin
|
|
109
109
|
class: 'Web'
|
110
110
|
},
|
111
111
|
|
112
|
+
open_redirect: {
|
113
|
+
file: 'open_redirect',
|
114
|
+
class: 'OpenRedirect'
|
115
|
+
},
|
116
|
+
|
112
117
|
lfi: {
|
113
118
|
file: 'lfi',
|
114
119
|
class: 'LFI'
|
@@ -283,9 +288,12 @@ module Ronin
|
|
283
288
|
# The path to the new exploit file.
|
284
289
|
#
|
285
290
|
def run(file)
|
291
|
+
@directory = File.dirname(file)
|
286
292
|
@file_name = File.basename(file,File.extname(file))
|
287
293
|
@class_name = CommandKit::Inflector.camelize(@file_name)
|
288
294
|
|
295
|
+
mkdir @directory unless @directory == '.'
|
296
|
+
|
289
297
|
erb "exploit.rb.erb", file
|
290
298
|
chmod '+x', file
|
291
299
|
end
|
@@ -298,17 +306,13 @@ module Ronin
|
|
298
306
|
# @return [String]
|
299
307
|
#
|
300
308
|
def format_kwargs(kwargs)
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
args << "#{key}: #{value.inspect}"
|
305
|
-
end
|
306
|
-
|
307
|
-
return args.join(', ')
|
309
|
+
kwargs.map { |key,value|
|
310
|
+
"#{key}: #{value.inspect}"
|
311
|
+
}.join(', ')
|
308
312
|
end
|
309
313
|
|
310
314
|
# Web exploit class names.
|
311
|
-
WEB_VULN_EXPLOITS = %w[LFI RFI SQLI]
|
315
|
+
WEB_VULN_EXPLOITS = %w[OpenRedirect LFI RFI SQLI SSTI XSS]
|
312
316
|
|
313
317
|
#
|
314
318
|
# Determines if the exploit type is `stack_overflow`.
|
@@ -70,7 +70,7 @@ module Ronin
|
|
70
70
|
# -S, --target-software NAME Selects the target with the matching software name
|
71
71
|
# -V, --target-version VERSION Selects the target with the matching software version
|
72
72
|
# -L, --save-loot DIR Saves any found loot to the DIR
|
73
|
-
# -
|
73
|
+
# -d, --debug Enables debugging messages
|
74
74
|
# --irb Open an interactive Ruby shell inside the exploit
|
75
75
|
# -h, --help Print help information
|
76
76
|
#
|
@@ -211,7 +211,7 @@ module Ronin
|
|
211
211
|
},
|
212
212
|
desc: 'Saves any found loot to the DIR'
|
213
213
|
|
214
|
-
option :debug, short: '-
|
214
|
+
option :debug, short: '-d',
|
215
215
|
desc: 'Enables debugging messages' do
|
216
216
|
Support::CLI::Printing.debug = true
|
217
217
|
end
|
data/man/ronin-exploits-run.1
CHANGED
data/man/ronin-exploits-run.1.md
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ronin-exploits
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Postmodern
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-06-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: uri-query_params
|
@@ -290,7 +290,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
290
290
|
- !ruby/object:Gem::Version
|
291
291
|
version: '0'
|
292
292
|
requirements: []
|
293
|
-
rubygems_version: 3.3.
|
293
|
+
rubygems_version: 3.3.27
|
294
294
|
signing_key:
|
295
295
|
specification_version: 4
|
296
296
|
summary: A Ruby micro-framework for writing and running exploits and payloads.
|