ronin-exploits 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ruby.yml +1 -0
- data/ChangeLog.md +11 -0
- data/README.md +7 -7
- data/data/new/exploit.rb.erb +5 -5
- data/gemspec.yml +2 -1
- data/lib/ronin/exploits/advisory.rb +1 -1
- data/lib/ronin/exploits/cli/command.rb +3 -2
- data/lib/ronin/exploits/cli/commands/completion.rb +3 -2
- data/lib/ronin/exploits/cli/commands/irb.rb +3 -3
- data/lib/ronin/exploits/cli/commands/list.rb +3 -3
- data/lib/ronin/exploits/cli/commands/new.rb +4 -3
- data/lib/ronin/exploits/cli/commands/run.rb +11 -9
- data/lib/ronin/exploits/cli/commands/show.rb +2 -4
- data/lib/ronin/exploits/cli/exploit_command.rb +3 -3
- data/lib/ronin/exploits/cli/exploit_methods.rb +4 -3
- data/lib/ronin/exploits/cli/ruby_shell.rb +1 -1
- data/lib/ronin/exploits/cli.rb +3 -2
- data/lib/ronin/exploits/client_side_web_vuln.rb +2 -2
- data/lib/ronin/exploits/command_injection.rb +4 -3
- data/lib/ronin/exploits/exceptions.rb +1 -1
- data/lib/ronin/exploits/exploit.rb +6 -5
- data/lib/ronin/exploits/heap_overflow.rb +2 -2
- data/lib/ronin/exploits/lfi.rb +2 -2
- data/lib/ronin/exploits/loot/file.rb +2 -2
- data/lib/ronin/exploits/loot.rb +2 -2
- data/lib/ronin/exploits/memory_corruption.rb +4 -4
- data/lib/ronin/exploits/metadata/arch.rb +1 -1
- data/lib/ronin/exploits/metadata/cookie_param.rb +1 -1
- data/lib/ronin/exploits/metadata/default_filename.rb +1 -1
- data/lib/ronin/exploits/metadata/default_port.rb +1 -1
- data/lib/ronin/exploits/metadata/header_name.rb +1 -1
- data/lib/ronin/exploits/metadata/os.rb +1 -1
- data/lib/ronin/exploits/metadata/shouts.rb +1 -1
- data/lib/ronin/exploits/metadata/url_path.rb +1 -1
- data/lib/ronin/exploits/metadata/url_query_param.rb +1 -1
- data/lib/ronin/exploits/mixins/binary.rb +3 -2
- data/lib/ronin/exploits/mixins/build_dir.rb +1 -1
- data/lib/ronin/exploits/mixins/file_builder.rb +2 -2
- data/lib/ronin/exploits/mixins/format_string.rb +3 -3
- data/lib/ronin/exploits/mixins/has_payload.rb +6 -2
- data/lib/ronin/exploits/mixins/has_targets.rb +3 -3
- data/lib/ronin/exploits/mixins/html.rb +1 -1
- data/lib/ronin/exploits/mixins/http.rb +3 -2
- data/lib/ronin/exploits/mixins/loot.rb +2 -2
- data/lib/ronin/exploits/mixins/nops.rb +1 -1
- data/lib/ronin/exploits/mixins/remote_tcp.rb +6 -5
- data/lib/ronin/exploits/mixins/remote_udp.rb +6 -5
- data/lib/ronin/exploits/mixins/seh.rb +4 -4
- data/lib/ronin/exploits/mixins/stack_overflow.rb +4 -4
- data/lib/ronin/exploits/mixins/text.rb +1 -1
- data/lib/ronin/exploits/mixins.rb +13 -13
- data/lib/ronin/exploits/open_redirect.rb +2 -2
- data/lib/ronin/exploits/params/base_url.rb +1 -1
- data/lib/ronin/exploits/params/bind_host.rb +1 -1
- data/lib/ronin/exploits/params/bind_port.rb +1 -1
- data/lib/ronin/exploits/params/filename.rb +2 -2
- data/lib/ronin/exploits/params/host.rb +1 -1
- data/lib/ronin/exploits/params/port.rb +2 -2
- data/lib/ronin/exploits/registry.rb +1 -1
- data/lib/ronin/exploits/rfi.rb +3 -3
- data/lib/ronin/exploits/root.rb +1 -1
- data/lib/ronin/exploits/seh_overflow.rb +3 -3
- data/lib/ronin/exploits/sqli.rb +3 -3
- data/lib/ronin/exploits/ssti.rb +2 -2
- data/lib/ronin/exploits/stack_overflow.rb +3 -3
- data/lib/ronin/exploits/target.rb +1 -1
- data/lib/ronin/exploits/test_result.rb +1 -1
- data/lib/ronin/exploits/use_after_free.rb +2 -2
- data/lib/ronin/exploits/version.rb +2 -2
- data/lib/ronin/exploits/web.rb +3 -3
- data/lib/ronin/exploits/web_vuln.rb +3 -3
- data/lib/ronin/exploits/xss.rb +3 -3
- data/lib/ronin/exploits.rb +15 -15
- metadata +18 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 972570e4e9a9e4c65eeb30f7144fa0aa24c4037eea7da6c9e1ad2169df6ad0aa
|
|
4
|
+
data.tar.gz: 543d410b042dd47b25fbe23be0d66b5a69a8a7a0eb6d1f02cbe992f325caa2bc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c2d87e5ae794b5455001178445c773beff75f11a1b830a539e302deae10a78d25340fe73f8fb13f769c8b961b6e2360009bd63f17b1ad54688fbd2f9b57c8b25
|
|
7
|
+
data.tar.gz: 392f0c8593bbe51320cadcc4c36ea982ee89a16b9d27a8968a2a13d1cf5748a2a6b4ed89aa4174501fbb91bd34ec7e40e473f75697881498ad9c506997e127b6
|
data/.github/workflows/ruby.yml
CHANGED
data/ChangeLog.md
CHANGED
|
@@ -1,3 +1,14 @@
|
|
|
1
|
+
### 1.1.1 / 2025-02-14
|
|
2
|
+
|
|
3
|
+
* Added the `csv` gem as a dependency for Bundler and Ruby 3.4.0.
|
|
4
|
+
* Use `require_relative` to improve load times.
|
|
5
|
+
* Documentation improvements.
|
|
6
|
+
|
|
7
|
+
#### CLI
|
|
8
|
+
|
|
9
|
+
* Multiple corrections and style fixes to the `ronin-exploits new` exploit
|
|
10
|
+
template.
|
|
11
|
+
|
|
1
12
|
### 1.1.0 / 2024-07-22
|
|
2
13
|
|
|
3
14
|
* Added {Ronin::Exploits::CommandInjection}.
|
data/README.md
CHANGED
|
@@ -66,12 +66,12 @@ research and development.
|
|
|
66
66
|
## Anti-Features
|
|
67
67
|
|
|
68
68
|
* No magic: exploits are defined as classes in files.
|
|
69
|
-
* No global state
|
|
70
|
-
* Not a
|
|
71
|
-
*
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
69
|
+
* No global state: exploits are fully isolated and can be ran directly.
|
|
70
|
+
* Not a monolithic framework: just a library.
|
|
71
|
+
* Batteries not included: ronin-exploits does not contain any builtin exploits.
|
|
72
|
+
Instead, additional exploits are hosted and installed from other git
|
|
73
|
+
repositories. This prevents ronin-exploits from being taken down or
|
|
74
|
+
restricted.
|
|
75
75
|
|
|
76
76
|
## Synopsis
|
|
77
77
|
|
|
@@ -471,7 +471,7 @@ to be malicious software (malware) or malicious in nature.
|
|
|
471
471
|
ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
472
472
|
payload crafting functionality.
|
|
473
473
|
|
|
474
|
-
Copyright (c) 2007-
|
|
474
|
+
Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
475
475
|
|
|
476
476
|
ronin-exploits is free software: you can redistribute it and/or modify
|
|
477
477
|
it under the terms of the GNU Lesser General Public License as published
|
data/data/new/exploit.rb.erb
CHANGED
|
@@ -18,7 +18,7 @@ require 'ronin/exploits/mixins/loot'
|
|
|
18
18
|
module Ronin
|
|
19
19
|
module Exploits
|
|
20
20
|
class <%= @class_name -%> < <%= @exploit_type[:class] %>
|
|
21
|
-
<%- if @networking_mixin || @has_payload || @target -%>
|
|
21
|
+
<%- if @networking_mixin || @has_payload || @target || @loot -%>
|
|
22
22
|
|
|
23
23
|
<%- if @networking_mixin -%>
|
|
24
24
|
include Mixins::<%= @networking_mixin[:module] %>
|
|
@@ -29,10 +29,10 @@ module Ronin
|
|
|
29
29
|
<%- if @target -%>
|
|
30
30
|
include Mixins::HasTargets
|
|
31
31
|
<%- end -%>
|
|
32
|
-
<%- end -%>
|
|
33
32
|
<%- if @loot -%>
|
|
34
33
|
include Mixins::Loot
|
|
35
34
|
<%- end -%>
|
|
35
|
+
<%- end -%>
|
|
36
36
|
|
|
37
37
|
register '<%= @file_name -%>'
|
|
38
38
|
|
|
@@ -41,7 +41,7 @@ module Ronin
|
|
|
41
41
|
# disclosure_date 'YYYY-MM-DD'
|
|
42
42
|
<%- unless @advisories.empty? -%>
|
|
43
43
|
<%- @advisories.each do |advisory| -%>
|
|
44
|
-
advisory <%= advisory.inspect
|
|
44
|
+
advisory <%= advisory.inspect %>
|
|
45
45
|
<%- end -%>
|
|
46
46
|
<%- else -%>
|
|
47
47
|
# advisory 'CVE-YYYY-XXXX'
|
|
@@ -69,7 +69,7 @@ module Ronin
|
|
|
69
69
|
<%- end -%>
|
|
70
70
|
<%- unless @references.empty? -%>
|
|
71
71
|
references [
|
|
72
|
-
<%- @references.each do |url| -%>
|
|
72
|
+
<%- @references.each.with_index do |url,index| -%>
|
|
73
73
|
<%= url.inspect -%><% if index < @references.length-1 %>,<% end %>
|
|
74
74
|
<%- end -%>
|
|
75
75
|
]
|
|
@@ -101,7 +101,7 @@ module Ronin
|
|
|
101
101
|
|
|
102
102
|
target <%= format_kwargs(@target) -%>
|
|
103
103
|
|
|
104
|
-
# target arch:
|
|
104
|
+
# target arch: :x86_64, os: :linux, software_version: '1.2.3' do |t|
|
|
105
105
|
# t.var1 = 'foo'
|
|
106
106
|
# t.var2 = 0x1234
|
|
107
107
|
# end
|
data/gemspec.yml
CHANGED
|
@@ -8,7 +8,7 @@ description: |
|
|
|
8
8
|
|
|
9
9
|
It's like a simpler version of Metasploit.
|
|
10
10
|
|
|
11
|
-
license: LGPL-3.0
|
|
11
|
+
license: LGPL-3.0-or-later
|
|
12
12
|
authors: Postmodern
|
|
13
13
|
email: postmodern.mod3@gmail.com
|
|
14
14
|
homepage: https://ronin-rb.dev/exploits/
|
|
@@ -34,6 +34,7 @@ generated_files:
|
|
|
34
34
|
- man/ronin-exploits-show.1
|
|
35
35
|
|
|
36
36
|
dependencies:
|
|
37
|
+
csv: ~> 3.0
|
|
37
38
|
uri-query_params: ~> 0.6
|
|
38
39
|
# Ronin dependencies:
|
|
39
40
|
ronin-support: ~> 1.0, >= 1.0.1
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,9 +19,10 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
require 'ronin/exploits/root'
|
|
23
22
|
require 'ronin/core/cli/command'
|
|
24
23
|
|
|
24
|
+
require_relative '../root'
|
|
25
|
+
|
|
25
26
|
module Ronin
|
|
26
27
|
module Exploits
|
|
27
28
|
class CLI
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,9 +19,10 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
require 'ronin/exploits/root'
|
|
23
22
|
require 'ronin/core/cli/completion_command'
|
|
24
23
|
|
|
24
|
+
require_relative '../../root'
|
|
25
|
+
|
|
25
26
|
module Ronin
|
|
26
27
|
module Exploits
|
|
27
28
|
class CLI
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,8 +19,8 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
require_relative '../command'
|
|
23
|
+
require_relative '../ruby_shell'
|
|
24
24
|
|
|
25
25
|
module Ronin
|
|
26
26
|
module Exploits
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,8 +19,8 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
require_relative '../command'
|
|
23
|
+
require_relative '../../registry'
|
|
24
24
|
|
|
25
25
|
module Ronin
|
|
26
26
|
module Exploits
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,8 +19,9 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
require_relative '../command'
|
|
23
|
+
require_relative '../../root'
|
|
24
|
+
|
|
24
25
|
require 'ronin/payloads/cli/generator/payload_types'
|
|
25
26
|
require 'ronin/core/cli/options/values/arches'
|
|
26
27
|
require 'ronin/core/cli/options/values/oses'
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,11 +19,11 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
22
|
+
require_relative '../exploit_command'
|
|
23
|
+
require_relative '../ruby_shell'
|
|
24
|
+
require_relative '../../mixins/has_payload'
|
|
25
|
+
require_relative '../../mixins/has_targets'
|
|
26
|
+
require_relative '../../mixins/loot'
|
|
27
27
|
|
|
28
28
|
require 'ronin/payloads/cli/encoder_methods'
|
|
29
29
|
require 'ronin/payloads/cli/payload_methods'
|
|
@@ -422,17 +422,19 @@ module Ronin
|
|
|
422
422
|
# Performs the post-exploitation stage.
|
|
423
423
|
#
|
|
424
424
|
def post_exploitation
|
|
425
|
-
if @
|
|
425
|
+
if @exploit.kind_of?(Mixins::HasPayload) &&
|
|
426
426
|
@exploit.payload.kind_of?(Ronin::Payloads::Payload) &&
|
|
427
427
|
@exploit.payload.kind_of?(Ronin::Payloads::Mixins::PostEx)
|
|
428
|
-
|
|
428
|
+
session = @exploit.payload.session
|
|
429
|
+
|
|
430
|
+
unless session
|
|
429
431
|
print_error "payload (#{@exploit.payload.class_id}) did not create a post-exploitation session"
|
|
430
432
|
|
|
431
433
|
perform_cleanup
|
|
432
434
|
exit(1)
|
|
433
435
|
end
|
|
434
436
|
|
|
435
|
-
|
|
437
|
+
session.system.interact
|
|
436
438
|
elsif @exploit_class.include?(Mixins::Loot)
|
|
437
439
|
print_loot
|
|
438
440
|
save_loot if options[:save_loot]
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,15 +19,13 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
require_relative '../exploit_command'
|
|
23
23
|
|
|
24
24
|
require 'ronin/payloads/cli/printing'
|
|
25
|
-
|
|
26
25
|
require 'ronin/core/cli/printing/metadata'
|
|
27
26
|
require 'ronin/core/cli/printing/arch'
|
|
28
27
|
require 'ronin/core/cli/printing/os'
|
|
29
28
|
require 'ronin/core/cli/printing/params'
|
|
30
|
-
require 'ronin/core/metadata/version'
|
|
31
29
|
|
|
32
30
|
require 'command_kit/printing/fields'
|
|
33
31
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,8 +19,8 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
require_relative 'command'
|
|
23
|
+
require_relative 'exploit_methods'
|
|
24
24
|
|
|
25
25
|
module Ronin
|
|
26
26
|
module Exploits
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,8 +19,9 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
require_relative '../registry'
|
|
23
|
+
require_relative '../exceptions'
|
|
24
|
+
|
|
24
25
|
require 'ronin/core/params/exceptions'
|
|
25
26
|
|
|
26
27
|
module Ronin
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
data/lib/ronin/exploits/cli.rb
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,13 +19,14 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
require 'ronin/exploits/version'
|
|
23
22
|
require 'ronin/core/cli/help/banner'
|
|
24
23
|
|
|
25
24
|
require 'command_kit/commands'
|
|
26
25
|
require 'command_kit/commands/auto_load'
|
|
27
26
|
require 'command_kit/options/version'
|
|
28
27
|
|
|
28
|
+
require_relative 'version'
|
|
29
|
+
|
|
29
30
|
module Ronin
|
|
30
31
|
module Exploits
|
|
31
32
|
#
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
require_relative 'web_vuln'
|
|
23
23
|
|
|
24
24
|
module Ronin
|
|
25
25
|
module Exploits
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,8 +19,9 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
require_relative 'exploit'
|
|
23
|
+
require_relative 'mixins/has_payload'
|
|
24
|
+
|
|
24
25
|
require 'ronin/payloads/command_payload'
|
|
25
26
|
|
|
26
27
|
module Ronin
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,10 +19,11 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
22
|
+
require_relative 'registry'
|
|
23
|
+
require_relative 'advisory'
|
|
24
|
+
require_relative 'test_result'
|
|
25
|
+
require_relative 'exceptions'
|
|
26
|
+
|
|
26
27
|
require 'ronin/core/metadata/id'
|
|
27
28
|
require 'ronin/core/metadata/authors'
|
|
28
29
|
require 'ronin/core/metadata/summary'
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
require_relative 'memory_corruption'
|
|
23
23
|
|
|
24
24
|
module Ronin
|
|
25
25
|
module Exploits
|
data/lib/ronin/exploits/lfi.rb
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
require_relative 'web_vuln'
|
|
23
23
|
|
|
24
24
|
require 'ronin/vulns/lfi'
|
|
25
25
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -54,7 +54,7 @@ module Ronin
|
|
|
54
54
|
#
|
|
55
55
|
# Initializes the loot file.
|
|
56
56
|
#
|
|
57
|
-
# @param [
|
|
57
|
+
# @param [String] path
|
|
58
58
|
# The file name or relative path of the loot file.
|
|
59
59
|
#
|
|
60
60
|
# @param [String, Array, Hash, #to_s] contents
|
data/lib/ronin/exploits/loot.rb
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
require_relative 'loot/file'
|
|
23
23
|
|
|
24
24
|
require 'fileutils'
|
|
25
25
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -19,9 +19,9 @@
|
|
|
19
19
|
# along with ronin-exploits. If not, see <https://www.gnu.org/licenses/>.
|
|
20
20
|
#
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
22
|
+
require_relative 'exploit'
|
|
23
|
+
require_relative 'metadata/arch'
|
|
24
|
+
require_relative 'metadata/os'
|
|
25
25
|
|
|
26
26
|
module Ronin
|
|
27
27
|
module Exploits
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
|
|
4
4
|
# payload crafting functionality.
|
|
5
5
|
#
|
|
6
|
-
# Copyright (c) 2007-
|
|
6
|
+
# Copyright (c) 2007-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
|
|
7
7
|
#
|
|
8
8
|
# ronin-exploits is free software: you can redistribute it and/or modify
|
|
9
9
|
# it under the terms of the GNU Lesser General Public License as published
|