ronin-exploits 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (87) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +14 -0
  3. data/.rubocop.yml +61 -0
  4. data/ChangeLog.md +13 -2
  5. data/Gemfile +5 -1
  6. data/Rakefile +3 -1
  7. data/bin/ronin-exploits +6 -7
  8. data/gemspec.yml +3 -3
  9. data/lib/ronin/exploits/advisory.rb +1 -0
  10. data/lib/ronin/exploits/cli/command.rb +1 -0
  11. data/lib/ronin/exploits/cli/commands/irb.rb +1 -0
  12. data/lib/ronin/exploits/cli/commands/list.rb +1 -0
  13. data/lib/ronin/exploits/cli/commands/new.rb +12 -1
  14. data/lib/ronin/exploits/cli/commands/run.rb +40 -21
  15. data/lib/ronin/exploits/cli/commands/show.rb +11 -8
  16. data/lib/ronin/exploits/cli/exploit_command.rb +4 -0
  17. data/lib/ronin/exploits/cli/exploit_methods.rb +4 -0
  18. data/lib/ronin/exploits/cli/ruby_shell.rb +1 -0
  19. data/lib/ronin/exploits/cli.rb +1 -0
  20. data/lib/ronin/exploits/client_side_web_vuln.rb +1 -0
  21. data/lib/ronin/exploits/exceptions.rb +1 -0
  22. data/lib/ronin/exploits/exploit.rb +20 -16
  23. data/lib/ronin/exploits/heap_overflow.rb +1 -0
  24. data/lib/ronin/exploits/lfi.rb +6 -6
  25. data/lib/ronin/exploits/loot/file.rb +2 -1
  26. data/lib/ronin/exploits/loot.rb +1 -0
  27. data/lib/ronin/exploits/memory_corruption.rb +1 -0
  28. data/lib/ronin/exploits/metadata/arch.rb +4 -0
  29. data/lib/ronin/exploits/metadata/cookie_param.rb +4 -0
  30. data/lib/ronin/exploits/metadata/default_filename.rb +4 -0
  31. data/lib/ronin/exploits/metadata/default_port.rb +4 -0
  32. data/lib/ronin/exploits/metadata/header_name.rb +4 -0
  33. data/lib/ronin/exploits/metadata/os.rb +4 -0
  34. data/lib/ronin/exploits/metadata/shouts.rb +17 -9
  35. data/lib/ronin/exploits/metadata/url_path.rb +4 -0
  36. data/lib/ronin/exploits/metadata/url_query_param.rb +4 -0
  37. data/lib/ronin/exploits/mixins/binary.rb +1 -0
  38. data/lib/ronin/exploits/mixins/file_builder.rb +3 -2
  39. data/lib/ronin/exploits/mixins/format_string.rb +4 -3
  40. data/lib/ronin/exploits/mixins/has_payload.rb +4 -3
  41. data/lib/ronin/exploits/mixins/has_targets.rb +1 -0
  42. data/lib/ronin/exploits/mixins/html.rb +4 -0
  43. data/lib/ronin/exploits/mixins/http.rb +24 -19
  44. data/lib/ronin/exploits/mixins/loot.rb +3 -2
  45. data/lib/ronin/exploits/mixins/nops.rb +4 -4
  46. data/lib/ronin/exploits/mixins/remote_tcp.rb +2 -1
  47. data/lib/ronin/exploits/mixins/remote_udp.rb +1 -0
  48. data/lib/ronin/exploits/mixins/seh.rb +1 -0
  49. data/lib/ronin/exploits/mixins/stack_overflow.rb +2 -1
  50. data/lib/ronin/exploits/mixins/text.rb +1 -0
  51. data/lib/ronin/exploits/mixins.rb +1 -0
  52. data/lib/ronin/exploits/open_redirect.rb +5 -4
  53. data/lib/ronin/exploits/params/base_url.rb +1 -0
  54. data/lib/ronin/exploits/params/bind_host.rb +1 -0
  55. data/lib/ronin/exploits/params/bind_port.rb +1 -0
  56. data/lib/ronin/exploits/params/filename.rb +3 -2
  57. data/lib/ronin/exploits/params/host.rb +1 -0
  58. data/lib/ronin/exploits/params/port.rb +3 -2
  59. data/lib/ronin/exploits/registry.rb +4 -0
  60. data/lib/ronin/exploits/rfi.rb +9 -6
  61. data/lib/ronin/exploits/root.rb +1 -0
  62. data/lib/ronin/exploits/seh_overflow.rb +9 -8
  63. data/lib/ronin/exploits/sqli.rb +11 -10
  64. data/lib/ronin/exploits/ssti.rb +5 -4
  65. data/lib/ronin/exploits/stack_overflow.rb +9 -8
  66. data/lib/ronin/exploits/target.rb +1 -0
  67. data/lib/ronin/exploits/test_result.rb +2 -1
  68. data/lib/ronin/exploits/use_after_free.rb +1 -0
  69. data/lib/ronin/exploits/version.rb +2 -1
  70. data/lib/ronin/exploits/web.rb +1 -0
  71. data/lib/ronin/exploits/web_vuln.rb +1 -0
  72. data/lib/ronin/exploits/xss.rb +5 -4
  73. data/lib/ronin/exploits.rb +1 -0
  74. data/man/ronin-exploits-irb.1 +1 -1
  75. data/man/ronin-exploits-irb.1.md +1 -1
  76. data/man/ronin-exploits-list.1 +1 -1
  77. data/man/ronin-exploits-list.1.md +1 -1
  78. data/man/ronin-exploits-new.1 +1 -1
  79. data/man/ronin-exploits-new.1.md +2 -2
  80. data/man/ronin-exploits-run.1 +1 -1
  81. data/man/ronin-exploits-run.1.md +1 -1
  82. data/man/ronin-exploits-show.1 +1 -1
  83. data/man/ronin-exploits-show.1.md +1 -1
  84. data/man/ronin-exploits.1 +1 -1
  85. data/man/ronin-exploits.1.md +1 -1
  86. data/ronin-exploits.gemspec +4 -3
  87. metadata +21 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f4fb437a6634a2eef3dae27f5d940718e94d1e5d7839113e9b02d849daeb2f81
4
- data.tar.gz: 661bbae01973ba0ec2e367abef7fd137534dff1597b8486dde94e64afcc6e780
3
+ metadata.gz: 7c482725859543f95754cb4e3fd61e31326eec9a63c2f8d5f5f1e7a64e2bb29e
4
+ data.tar.gz: e35da617d9f8301d4fb5a3fff6eb77a17615c0477cdbbaa2e26e4b152a05af6b
5
5
  SHA512:
6
- metadata.gz: 9c40d3ba6b13842ddb66b762cac6aaa26a22f3feb03a8f68abf1fdc7d90696fb4cc03da0fd4472ea77af9e861eb92cf4a7165a5fc023b4ecb4e59f0ef13fa234
7
- data.tar.gz: 8b81f266e3b256f028a01b1d10a85d0d1d09cfbcdfecab07e5bf25ebae0f96adee5b7881515eb4cfaccae5ae0e4807377315f50db9213ab5268b179db3e87640
6
+ metadata.gz: 7a1b389e0283581e586a65729bb5994f1f8c0ccddee570117bf1746638a09d07b30eed9c13f777d064b436bec418df0697c9e86f39fbf7db1c86bb5e25b5755c
7
+ data.tar.gz: 857e56f993e8c55580ef358c8021ae526431607f3ed6188f1813e81dee6a91308dfe95cd2d32b1bf5284e5945f64abddd93893bc3e6211b5d0d350d6d99e31a7
@@ -30,3 +30,17 @@ jobs:
30
30
  run: bundle install --jobs 4 --retry 3
31
31
  - name: Run tests
32
32
  run: bundle exec rake test
33
+
34
+ # rubocop linting
35
+ rubocop:
36
+ runs-on: ubuntu-latest
37
+ steps:
38
+ - uses: actions/checkout@v2
39
+ - name: Set up Ruby
40
+ uses: ruby/setup-ruby@v1
41
+ with:
42
+ ruby-version: 3.0
43
+ - name: Install dependencies
44
+ run: bundle install --jobs 4 --retry 3
45
+ - name: Run rubocop
46
+ run: bundle exec rubocop --parallel
data/.rubocop.yml ADDED
@@ -0,0 +1,61 @@
1
+ AllCops:
2
+ NewCops: enable
3
+ SuggestExtensions: false
4
+ TargetRubyVersion: 3.1
5
+
6
+ inherit_gem:
7
+ rubocop-ronin: rubocop.yml
8
+
9
+ #
10
+ # ronin-exploits specific exceptions
11
+ #
12
+
13
+ # Exploit#initialize exists for documentation purposes
14
+ Lint/UselessMethodDefinition:
15
+ Exclude:
16
+ - 'lib/ronin/exploits/exploit.rb'
17
+
18
+ # make an exception for the Vulnerable, NotVulnerable, and Unknown methods.
19
+ Naming/MethodName:
20
+ AllowedPatterns:
21
+ - Vulnerable
22
+ - NotVulnerable
23
+ - Unknown
24
+
25
+ # robucop mistakes :x86_64 for a "symbol number"
26
+ Naming/VariableNumber:
27
+ AllowedIdentifiers:
28
+ - x86_64
29
+
30
+ # we actually want to use OpenStruct for Ronin::Exploits::Target
31
+ Style/OpenStructUse:
32
+ Exclude:
33
+ - 'lib/ronin/exploits/target.rb'
34
+ - 'spec/target_spec.rb'
35
+
36
+ # aligning rows of columns vertically actually helps with readability
37
+ Layout/SpaceInsideArrayPercentLiteral:
38
+ Exclude:
39
+ - 'spec/loot/file_spec.rb'
40
+
41
+ # aligning rows of columns vertically actually helps with readability
42
+ Layout/SpaceInsidePercentLiteralDelimiters:
43
+ Exclude:
44
+ - 'spec/loot/file_spec.rb'
45
+
46
+ # I cannot think of good format string annotation names for the format-string
47
+ Style/FormatStringToken:
48
+ Exclude:
49
+ - 'lib/ronin/exploits/mixins/format_string.rb'
50
+
51
+ # `bp:` and `ip:` are OK keyword argument names
52
+ Naming/MethodParameterName:
53
+ Exclude:
54
+ - 'lib/ronin/exploits/mixins/stack_overflow.rb'
55
+
56
+ # `if !value.nil? ... else ...` and `if !value.empty?` ... else ...` are
57
+ # acceptable. Otherwise prefer `unless ... else ...`.
58
+ Style/NegatedIfElseCondition:
59
+ Exclude:
60
+ - 'lib/ronin/exploits/sqli.rb'
61
+ - 'lib/ronin/exploits/mixins/html.rb'
data/ChangeLog.md CHANGED
@@ -1,4 +1,15 @@
1
- ### 1.0.0 / 2023-XX-XX
1
+ ### 1.0.1 / 2023-03-01
2
+
3
+ * Require [ronin-support] ~> 1.0, >= 1.0.1.
4
+ * Require [ronin-payloads] ~> 0.1, >= 0.1.1.
5
+ * Require [ronin-vulns] ~> 0.1, >= 0.1.1.
6
+
7
+ #### CLI
8
+
9
+ * Fixed multiple bugs in the `--encoder-param` option of the
10
+ `ronin-exploits run ` command.
11
+
12
+ ### 1.0.0 / 2023-02-01
2
13
 
3
14
  * Upgraded to the LGPL-3 license.
4
15
  * Require `ruby` >= 3.0.0.
@@ -291,7 +302,7 @@
291
302
  * Added the Exploit#target which will return the current selected
292
303
  target, or the first target of the exploit.
293
304
  * Added the Exploit#arch, Exploit#os and Exploit#product methods.
294
- * Added the Exploit#verify_target!, Exploit#verify_arch!,
305
+ * Added the Exploit#verify_target!, Exploit#verify_arch!,
295
306
  Exploit#verify_os! and Exploit#verify_product! methods.
296
307
  * Added Exploit#encoded_payload.
297
308
  * Added Exploit#encode_payload!.
data/Gemfile CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  source 'https://rubygems.org'
2
4
 
3
5
  gemspec
@@ -37,7 +39,7 @@ group :development do
37
39
  gem 'rspec', '~> 3.0'
38
40
  gem 'simplecov', '~> 0.20'
39
41
 
40
- gem 'kramdown', '~> 2.0'
42
+ gem 'kramdown', '~> 2.0'
41
43
  gem 'kramdown-man', '~> 0.1'
42
44
 
43
45
  gem 'redcarpet', platform: :mri
@@ -47,4 +49,6 @@ group :development do
47
49
  gem 'dead_end', require: false
48
50
  gem 'sord', require: false, platform: :mri
49
51
  gem 'stackprof', require: false, platform: :mri
52
+ gem 'rubocop', require: false, platform: :mri
53
+ gem 'rubocop-ronin', '~> 0.2', require: false, platform: :mri
50
54
  end
data/Rakefile CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rubygems'
2
4
 
3
5
  begin
@@ -5,7 +7,7 @@ begin
5
7
  rescue LoadError => e
6
8
  warn e.message
7
9
  warn "Run `gem install bundler` to install Bundler."
8
- exit -1
10
+ exit(-1)
9
11
  end
10
12
 
11
13
  begin
data/bin/ronin-exploits CHANGED
@@ -1,17 +1,16 @@
1
1
  #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
2
3
 
3
4
  require 'rubygems'
4
5
 
5
6
  root = File.expand_path(File.join(File.dirname(__FILE__),'..'))
6
7
  if File.file?(File.join(root,'Gemfile.lock'))
7
8
  Dir.chdir(root) do
8
- begin
9
- require 'bundler/setup'
10
- rescue LoadError => e
11
- warn e.message
12
- warn "Run `gem install bundler` to install Bundler"
13
- exit -1
14
- end
9
+ require 'bundler/setup'
10
+ rescue LoadError => e
11
+ warn e.message
12
+ warn "Run `gem install bundler` to install Bundler"
13
+ exit(-1)
15
14
  end
16
15
  end
17
16
 
data/gemspec.yml CHANGED
@@ -34,10 +34,10 @@ generated_files:
34
34
  dependencies:
35
35
  uri-query_params: ~> 0.6
36
36
  # Ronin dependencies:
37
- ronin-support: ~> 1.0
37
+ ronin-support: ~> 1.0, >= 1.0.1
38
38
  ronin-code-sql: ~> 2.0
39
- ronin-payloads: ~> 0.1
40
- ronin-vulns: ~> 0.1
39
+ ronin-payloads: ~> 0.1, >= 0.1.1
40
+ ronin-vulns: ~> 0.1, >= 0.1.1
41
41
  ronin-post_ex: ~> 0.1
42
42
  ronin-core: ~> 0.1
43
43
  ronin-repos: ~> 0.1
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -44,7 +45,7 @@ module Ronin
44
45
  # ronin-exploit new [options] FILE
45
46
  #
46
47
  # ## Options
47
- #
48
+ #
48
49
  # -t exploit|heap_overflow|stack_overflow|web|open_redirect|lfi|rfi|sqli|ssti|xss,
49
50
  # --type The type for the new exploit
50
51
  # -a, --author NAME The name of the author
@@ -198,7 +199,9 @@ module Ronin
198
199
  type: Core::CLI::Options::Values::ARCHES
199
200
  },
200
201
  desc: 'The architecture to target' do |arch|
202
+ # lazy initialize @target
201
203
  @target ||= {}
204
+
202
205
  @target[:arch] = arch
203
206
  end
204
207
 
@@ -207,7 +210,9 @@ module Ronin
207
210
  type: Core::CLI::Options::Values::OSES
208
211
  },
209
212
  desc: 'The Operating System (OS) to target' do |os|
213
+ # lazy initialize @target
210
214
  @target ||= {}
215
+
211
216
  @target[:os] = os
212
217
  end
213
218
 
@@ -216,7 +221,9 @@ module Ronin
216
221
  usage: 'VERSION'
217
222
  },
218
223
  desc: 'The OS version to target' do |ver|
224
+ # lazy initialize @target
219
225
  @target ||= {}
226
+
220
227
  @target[:os_version] = ver
221
228
  end
222
229
 
@@ -226,7 +233,9 @@ module Ronin
226
233
  usage: 'NAME'
227
234
  },
228
235
  desc: 'The software to target' do |name|
236
+ # lazy initialize @target
229
237
  @target ||= {}
238
+
230
239
  @target[:software] = name
231
240
  end
232
241
 
@@ -236,7 +245,9 @@ module Ronin
236
245
  usage: 'ARCH'
237
246
  },
238
247
  desc: 'The software version to target' do |ver|
248
+ # lazy initialize @target
239
249
  @target ||= {}
250
+
240
251
  @target[:version] = ver
241
252
  end
242
253
 
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -92,7 +93,7 @@ module Ronin
92
93
  # Payload options
93
94
  option :payload_file, value: {
94
95
  type: String,
95
- usage: 'FILE',
96
+ usage: 'FILE'
96
97
  },
97
98
  desc: 'Load the payload from the given Ruby file'
98
99
  option :read_payload, value: {
@@ -130,7 +131,7 @@ module Ronin
130
131
  usage: 'FILE'
131
132
  },
132
133
  desc: 'Load the payload encoder from the Ruby file' do |file|
133
- @load_encoders << [:file, file]
134
+ @encoders_to_load << [:file, file]
134
135
  end
135
136
 
136
137
  option :encoder, short: '-E',
@@ -139,18 +140,18 @@ module Ronin
139
140
  usage: 'NAME'
140
141
  },
141
142
  desc: 'Loads the payload encoder by name' do |name|
142
- @load_encoders << [:name, name]
143
+ @encoders_to_load << [:name, name]
143
144
  end
144
145
 
145
146
  option :encoder_param, value: {
146
147
  type: /\A[^\.\=\s]+\.[^=\s]+=.+\z/,
147
148
  usage: 'ENCODER.NAME=VALUE'
148
149
  },
149
- desc: 'Sets a param on the ENCODER' do
150
+ desc: 'Sets a param on the ENCODER' do |str|
150
151
  prefix, value = str.split('=',2)
151
- ecndoer, name = prefix.split('.',2)
152
+ encoder, name = prefix.split('.',2)
152
153
 
153
- @encodeer_params[encoder][name] = value
154
+ @encoder_params[encoder][name.to_sym] = value
154
155
  end
155
156
 
156
157
  # Target options
@@ -221,6 +222,26 @@ module Ronin
221
222
 
222
223
  man_page 'ronin-exploits-run.1'
223
224
 
225
+ # Thte encoder names and paths to load.
226
+ #
227
+ # @return [Array<(Symbol, String)>]
228
+ attr_reader :encoders_to_load
229
+
230
+ # The encoder params.
231
+ #
232
+ # @return [Hash{String => Hash{String => String}}]
233
+ attr_reader :encoder_params
234
+
235
+ # The payload params.
236
+ #
237
+ # @return [Hash{Hash{String => String}]
238
+ attr_reader :payload_params
239
+
240
+ # The keyword arguments to select a target with.
241
+ #
242
+ # @return [Hash{Hash{Symbol => Object}]
243
+ attr_reader :target_kwargs
244
+
224
245
  #
225
246
  # Initializes the `ronin-exploits run` command.
226
247
  #
@@ -230,10 +251,10 @@ module Ronin
230
251
  def initialize(**kwargs)
231
252
  super(**kwargs)
232
253
 
233
- @load_encoders = []
234
- @encoder_params = Hash.new { |hash,key| hash[key] = {} }
235
- @payload_params = {}
236
- @target_kwargs = {}
254
+ @encoders_to_load = []
255
+ @encoder_params = Hash.new { |hash,key| hash[key] = {} }
256
+ @payload_params = {}
257
+ @target_kwargs = {}
237
258
  end
238
259
 
239
260
  #
@@ -268,7 +289,7 @@ module Ronin
268
289
  # `--encoder-file`.
269
290
  #
270
291
  def load_encoders
271
- @encoder_classes = @load_encoders.map do |(type,value)|
292
+ @encoder_classes = @encoders_to_load.map do |(type,value)|
272
293
  case type
273
294
  in :name then load_encoder(value)
274
295
  in :file then load_encoder_from(value)
@@ -427,16 +448,14 @@ module Ronin
427
448
  # Performs the cleanup stage of the exploit.
428
449
  #
429
450
  def perform_cleanup
430
- begin
431
- @exploit.perform_cleanup
432
- rescue ExploitError => error
433
- print_error "failed to cleanup exploit #{@exploit.class_id}: #{error.message}"
434
- exit(1)
435
- rescue => error
436
- print_exception(error)
437
- print_error "an unhandled exception occurred while cleaning up the exploit #{@exploit.class_id}"
438
- exit(-1)
439
- end
451
+ @exploit.perform_cleanup
452
+ rescue ExploitError => error
453
+ print_error "failed to cleanup exploit #{@exploit.class_id}: #{error.message}"
454
+ exit(1)
455
+ rescue => error
456
+ print_exception(error)
457
+ print_error "an unhandled exception occurred while cleaning up the exploit #{@exploit.class_id}"
458
+ exit(-1)
440
459
  end
441
460
 
442
461
  end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -48,7 +49,7 @@ module Ronin
48
49
  # -h, --help Print help information
49
50
  #
50
51
  # ## Arguments
51
- #
52
+ #
52
53
  # [NAME] The exploit name to load
53
54
  #
54
55
  class Show < ExploitCommand
@@ -97,7 +98,7 @@ module Ronin
97
98
  exploit.include?(Mixins::HasTargets)
98
99
  unless exploit.targets.empty?
99
100
  exploit.targets.each_with_index do |target,index|
100
- puts "[ Target ##{index+1} ]"
101
+ puts "[ Target ##{index + 1} ]"
101
102
  puts
102
103
 
103
104
  indent { print_target(target) }
@@ -118,16 +119,17 @@ module Ronin
118
119
  # The loaded exploit class.
119
120
  #
120
121
  def print_metadata(exploit)
121
- fields = {}
122
- fields['Type'] = exploit_type(exploit)
122
+ fields = {
123
+ 'Type' => exploit_type(exploit)
124
+ }
123
125
 
124
126
  if defined?(Core::Metadata::Version) &&
125
127
  exploit.include?(Core::Metadata::Version)
126
128
  fields['Version'] = exploit.version if exploit.version
127
129
  end
128
130
 
129
- fields['Quality'] = exploit.quality if exploit.quality
130
- fields['Released'] = exploit.release_date if exploit.release_date
131
+ fields['Quality'] = exploit.quality if exploit.quality
132
+ fields['Released'] = exploit.release_date if exploit.release_date
131
133
  fields['Disclosed'] = exploit.disclosure_date if exploit.disclosure_date
132
134
 
133
135
  if defined?(Metadata::Arch) && exploit.include?(Metadata::Arch)
@@ -144,7 +146,7 @@ module Ronin
144
146
  os
145
147
  end
146
148
  end
147
- end
149
+ end
148
150
 
149
151
  if (software = exploit.software)
150
152
  fields['Software'] = software
@@ -164,7 +166,7 @@ module Ronin
164
166
  fields['Payload Type'] = payload_type(exploit.payload_class)
165
167
  end
166
168
 
167
- fields['Summary'] = exploit.summary if exploit.summary
169
+ fields['Summary'] = exploit.summary if exploit.summary
168
170
  print_fields(fields)
169
171
  end
170
172
 
@@ -252,6 +254,7 @@ module Ronin
252
254
  #
253
255
  def print_target(target)
254
256
  fields = {}
257
+
255
258
  fields['Arch'] = target.arch if target.arch
256
259
 
257
260
  if target.os
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -24,6 +25,9 @@ require 'ronin/exploits/cli/exploit_methods'
24
25
  module Ronin
25
26
  module Exploits
26
27
  class CLI
28
+ #
29
+ # Base class for all commands which load or run exploits.
30
+ #
27
31
  class ExploitCommand < Command
28
32
 
29
33
  include ExploitMethods
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -25,6 +26,9 @@ require 'ronin/core/params/exceptions'
25
26
  module Ronin
26
27
  module Exploits
27
28
  class CLI
29
+ #
30
+ # Mixin which adds methods for loading and running exploit classes.
31
+ #
28
32
  module ExploitMethods
29
33
  #
30
34
  # Loads a exploit class.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.
@@ -63,27 +64,27 @@ module Ronin
63
64
  # [Params]: https://ronin-rb.dev/docs/ronin-core/Ronin/Core/Params/Mixin.html
64
65
  #
65
66
  # ## Example
66
- #
67
+ #
67
68
  # require 'ronin/exploits/exploit'
68
69
  # require 'ronin/exploits/mixins/remote_tcp'
69
- #
70
+ #
70
71
  # module Ronin
71
72
  # module Exploits
72
73
  # class MyExploit < Exploit
73
74
  #
74
75
  # include Mixins::RemoteTCP
75
- #
76
+ #
76
77
  # register 'my_exploit'
77
- #
78
+ #
78
79
  # summary 'My first exploit'
79
80
  # description <<~EOS
80
81
  # This is my first exploit.
81
82
  # Bla bla bla bla.
82
83
  # EOS
83
- #
84
+ #
84
85
  # author '...'
85
86
  # author '...', email: '...', twitter: '...'
86
- #
87
+ #
87
88
  # disclosure_date 'YYY-MM-DD'
88
89
  # release_date 'YYYY-MM-DD'
89
90
  #
@@ -121,7 +122,7 @@ module Ronin
121
122
  # register 'my_exploit'
122
123
  #
123
124
  # ### quality
124
- #
125
+ #
125
126
  # Defines the quality level of the exploit. Accepted values are:
126
127
  #
127
128
  # * `:testing`
@@ -157,7 +158,7 @@ module Ronin
157
158
  # author 'doctor_doom', email: '...', twitter: '...'
158
159
  #
159
160
  # ### software
160
- #
161
+ #
161
162
  # Defines the software which the exploit targets.
162
163
  #
163
164
  # software 'TestApp'
@@ -181,33 +182,33 @@ module Ronin
181
182
  # default to `String`. Params must have a one-line description.
182
183
  #
183
184
  # param :str, desc: 'A basic string param'
184
- #
185
+ #
185
186
  # param :feature_flag, Boolean, desc: 'A boolean param'
186
- #
187
+ #
187
188
  # param :enum, Enum[:one, :two, :three],
188
189
  # desc: 'An enum param'
189
190
  #
190
191
  # param :num1, Integer, desc: 'An integer param'
191
- #
192
+ #
192
193
  # param :num2, Integer, default: 42,
193
194
  # desc: 'A param with a default value'
194
- #
195
+ #
195
196
  # param :num3, Integer, default: ->{ rand(42) },
196
197
  # desc: 'A param with a dynamic default value'
197
- #
198
+ #
198
199
  # param :float, Float, 'Floating point param'
199
200
  #
200
201
  # param :url, URI, desc: 'URL param'
201
202
  #
202
203
  # param :pattern, Regexp, desc: 'Regular Expression param'
203
- #
204
+ #
204
205
  # Params may then be accessed in instance methods using `params` Hash.
205
206
  #
206
207
  # param :padding, Integer, desc: 'Amount of additional padding'
207
208
  #
208
209
  # def build
209
210
  # # ...
210
- #
211
+ #
211
212
  # if params[:padding]
212
213
  # @buffer << 'A' * params[:padding]
213
214
  # end
@@ -231,7 +232,7 @@ module Ronin
231
232
  # end
232
233
  #
233
234
  # ### build
234
- #
235
+ #
235
236
  # The method which defines the logic that builds the exploit before
236
237
  # launching it.
237
238
  #
@@ -440,6 +441,9 @@ module Ronin
440
441
  # @param [Hash{Symbol => Object}] kwargs
441
442
  # Additional keyword arguments.
442
443
  #
444
+ # @option kwargs [Hash{Symbol => Object}] :params
445
+ # The param values for the exploit.
446
+ #
443
447
  def initialize(**kwargs)
444
448
  super(**kwargs)
445
449
  end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  #
2
3
  # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
3
4
  # payload crafting functionality.