ronin-exploits 1.0.4 → 1.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5cfd3c025753ca4049f2ec1f5a61aa9442e6fb39dab803aed575cfddcfadd0e8
4
- data.tar.gz: 48651dbef77525c74e9fbcdea6a7688f4048e2be5ce696a1301b408fb8d30e2f
3
+ metadata.gz: 13a47ad5232e96a5bc9cefd24683dcbe3c0d1dfe0cb96dabe210c972e4ed36e8
4
+ data.tar.gz: 2979cbb74e0989df458a7d0bd6437d9ad32073b86c314bdb9021e20af90a8c4c
5
5
  SHA512:
6
- metadata.gz: 3c048f3293d44ec2c8615d56ee8c3ab363aa0393fa3fe50dc35b83875ab289b86f55fa28501a127138ee8eca3bc5bce077debee6b0992154294bcfbe825da840
7
- data.tar.gz: 76486d06cf34785a94b867ca79cde13fe79da7a26e71896388fc5cd8c46ff0968e4484e8da854d99a7c02c084cd7e3edcae67f7dffec5fb014023e8e593d2f4a
6
+ metadata.gz: 270ffbeb092a9694d0d49d583810b687caf51f0e9cdcf426a16a705c7112426c210263ecccfe40444d81e92198196f31bba5658debf5dc16f6c8abdba7255338
7
+ data.tar.gz: d15786ac0fefc31fcdabdd7e8f8fa7586017bc145904f913b893942680a896581c347f088ae357201f4fe517158851d5de09e2c0196a5e2bb6013c87acf47102
@@ -12,6 +12,7 @@ jobs:
12
12
  - '3.0'
13
13
  - '3.1'
14
14
  - '3.2'
15
+ - '3.3'
15
16
  - jruby
16
17
  - truffleruby
17
18
  name: Ruby ${{ matrix.ruby }}
data/ChangeLog.md CHANGED
@@ -1,3 +1,22 @@
1
+ ### 1.0.5 / 2024-06-19
2
+
3
+ #### CLI
4
+
5
+ * Correctly assign the `-d` short flag to `--debug` and the `-D` short flag to
6
+ `--dry-run` for the `ronin-exploits run` command.
7
+ * Multiple bug fixes to the `ronin-exploits new` command:
8
+ * Create the parent directory of the new exploit file, if it already doesn't
9
+ exist, when running `ronin-exploits new path/to/new_exploit.rb`.
10
+ * Fixed a bug where `ronin-exploits new -t open_redirect` was not being
11
+ accepted as a valid exploit type.
12
+ * Fixed a bug in `ronin-explotis new` where `-t xss` and `-t ssti` were not
13
+ adding placeholder `base_path` and `query_param` metadata attributes to the
14
+ newly generated exploit file.
15
+ * Fixed a typo in the example `escape_expr` metadata attribute added by
16
+ `ronin-exploits new -t ssti`.
17
+ * Fixed a spelling mistake in the new exploit template used by the
18
+ `ronin-exploits new` command.
19
+
1
20
  ### 1.0.4 / 2023-12-23
2
21
 
3
22
  * Documentation fixes.
@@ -44,7 +44,7 @@ module Ronin
44
44
  advisory <%= advisory.inspect -%>
45
45
  <%- end -%>
46
46
  <%- else -%>
47
- # advisory 'CVE-YYYY-NNNN'
47
+ # advisory 'CVE-YYYY-XXXX'
48
48
  # advisory 'GHSA-XXXXXX'
49
49
  <%- end -%>
50
50
 
@@ -81,6 +81,8 @@ module Ronin
81
81
  <%- end -%>
82
82
  <%- if web_vuln_exploit? -%>
83
83
 
84
+ base_path '/FIXME'
85
+ query_param 'FIXME'
84
86
  <%- if @exploit_type[:class] == 'LFI' -%>
85
87
  # depth 7
86
88
  <%- elsif @exploit_type[:class] == 'SQLI' -%>
@@ -88,7 +90,7 @@ module Ronin
88
90
  # escape_parens true
89
91
  # terminate true
90
92
  <%- elsif @exploit_type[:class] == 'SSTI' -%>
91
- # escape_expr ->(expr) { "{{${expr}}}" }
93
+ # escape_expr ->(expr) { "{{#{expr}}}" }
92
94
  <%- end -%>
93
95
  <%- else -%>
94
96
  <%- if @has_payload -%>
@@ -106,7 +108,7 @@ module Ronin
106
108
  <%- end -%>
107
109
 
108
110
  # #
109
- # # Test whether the target systme is vulnerable.
111
+ # # Test whether the target system is vulnerable.
110
112
  # #
111
113
  # def test
112
114
  # # return Vulnerable('host is vulnerable')
@@ -109,6 +109,11 @@ module Ronin
109
109
  class: 'Web'
110
110
  },
111
111
 
112
+ open_redirect: {
113
+ file: 'open_redirect',
114
+ class: 'OpenRedirect'
115
+ },
116
+
112
117
  lfi: {
113
118
  file: 'lfi',
114
119
  class: 'LFI'
@@ -283,9 +288,12 @@ module Ronin
283
288
  # The path to the new exploit file.
284
289
  #
285
290
  def run(file)
291
+ @directory = File.dirname(file)
286
292
  @file_name = File.basename(file,File.extname(file))
287
293
  @class_name = CommandKit::Inflector.camelize(@file_name)
288
294
 
295
+ mkdir @directory unless @directory == '.'
296
+
289
297
  erb "exploit.rb.erb", file
290
298
  chmod '+x', file
291
299
  end
@@ -298,17 +306,13 @@ module Ronin
298
306
  # @return [String]
299
307
  #
300
308
  def format_kwargs(kwargs)
301
- args = []
302
-
303
- kwargs.each do |key,value|
304
- args << "#{key}: #{value.inspect}"
305
- end
306
-
307
- return args.join(', ')
309
+ kwargs.map { |key,value|
310
+ "#{key}: #{value.inspect}"
311
+ }.join(', ')
308
312
  end
309
313
 
310
314
  # Web exploit class names.
311
- WEB_VULN_EXPLOITS = %w[LFI RFI SQLI]
315
+ WEB_VULN_EXPLOITS = %w[OpenRedirect LFI RFI SQLI SSTI XSS]
312
316
 
313
317
  #
314
318
  # Determines if the exploit type is `stack_overflow`.
@@ -70,7 +70,7 @@ module Ronin
70
70
  # -S, --target-software NAME Selects the target with the matching software name
71
71
  # -V, --target-version VERSION Selects the target with the matching software version
72
72
  # -L, --save-loot DIR Saves any found loot to the DIR
73
- # -D, --debug Enables debugging messages
73
+ # -d, --debug Enables debugging messages
74
74
  # --irb Open an interactive Ruby shell inside the exploit
75
75
  # -h, --help Print help information
76
76
  #
@@ -211,7 +211,7 @@ module Ronin
211
211
  },
212
212
  desc: 'Saves any found loot to the DIR'
213
213
 
214
- option :debug, short: '-D',
214
+ option :debug, short: '-d',
215
215
  desc: 'Enables debugging messages' do
216
216
  Support::CLI::Printing.debug = true
217
217
  end
@@ -69,7 +69,7 @@ module Ronin
69
69
  # @param [String, nil] bind_host
70
70
  # The local host to bind to.
71
71
  #
72
- # @param kwargs [Integer, nil] bind_port
72
+ # @param [Integer, nil] bind_port
73
73
  # The local port to bind to.
74
74
  #
75
75
  # @param [Hash{Symbol => Object}] kwargs
@@ -22,6 +22,6 @@
22
22
  module Ronin
23
23
  module Exploits
24
24
  # ronin-exploits version
25
- VERSION = '1.0.4'
25
+ VERSION = '1.0.5'
26
26
  end
27
27
  end
@@ -93,7 +93,7 @@ Selects the target with the matching software version\.
93
93
  Saves any found loot to the \fIDIR\fP\.
94
94
  .LP
95
95
  .TP
96
- \fB-D\fR, \fB--debug\fR
96
+ \fB-d\fR, \fB--debug\fR
97
97
  Enables debugging messages\.
98
98
  .LP
99
99
  .TP
@@ -69,7 +69,7 @@ Loads and runs an exploit.
69
69
  `-L`, `--save-loot` *DIR*
70
70
  Saves any found loot to the *DIR*.
71
71
 
72
- `-D`, `--debug`
72
+ `-d`, `--debug`
73
73
  Enables debugging messages.
74
74
 
75
75
  `--irb`
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ronin-exploits
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Postmodern
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-24 00:00:00.000000000 Z
11
+ date: 2024-06-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: uri-query_params
@@ -290,7 +290,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
290
290
  - !ruby/object:Gem::Version
291
291
  version: '0'
292
292
  requirements: []
293
- rubygems_version: 3.3.26
293
+ rubygems_version: 3.3.27
294
294
  signing_key:
295
295
  specification_version: 4
296
296
  summary: A Ruby micro-framework for writing and running exploits and payloads.