ronin-vulns 0.1.0.beta1 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (41) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +1 -0
  3. data/.yardopts +1 -1
  4. data/ChangeLog.md +6 -1
  5. data/Gemfile +2 -2
  6. data/README.md +3 -2
  7. data/gemspec.yml +4 -4
  8. data/lib/ronin/vulns/cli/command.rb +1 -1
  9. data/lib/ronin/vulns/cli/commands/lfi.rb +3 -3
  10. data/lib/ronin/vulns/cli/commands/open_redirect.rb +3 -3
  11. data/lib/ronin/vulns/cli/commands/reflected_xss.rb +3 -3
  12. data/lib/ronin/vulns/cli/commands/rfi.rb +5 -5
  13. data/lib/ronin/vulns/cli/commands/scan.rb +5 -5
  14. data/lib/ronin/vulns/cli/commands/sqli.rb +3 -3
  15. data/lib/ronin/vulns/cli/commands/ssti.rb +3 -3
  16. data/lib/ronin/vulns/cli/logging.rb +1 -1
  17. data/lib/ronin/vulns/cli/web_vuln_command.rb +8 -8
  18. data/lib/ronin/vulns/cli.rb +6 -1
  19. data/lib/ronin/vulns/lfi/test_file.rb +1 -1
  20. data/lib/ronin/vulns/lfi.rb +1 -1
  21. data/lib/ronin/vulns/open_redirect.rb +2 -2
  22. data/lib/ronin/vulns/reflected_xss/context.rb +1 -1
  23. data/lib/ronin/vulns/reflected_xss/test_string.rb +1 -1
  24. data/lib/ronin/vulns/reflected_xss.rb +1 -1
  25. data/lib/ronin/vulns/rfi.rb +2 -2
  26. data/lib/ronin/vulns/root.rb +1 -1
  27. data/lib/ronin/vulns/sqli/error_pattern.rb +2 -2
  28. data/lib/ronin/vulns/sqli.rb +2 -2
  29. data/lib/ronin/vulns/ssti/test_expression.rb +1 -1
  30. data/lib/ronin/vulns/ssti.rb +1 -1
  31. data/lib/ronin/vulns/url_scanner.rb +1 -1
  32. data/lib/ronin/vulns/version.rb +2 -2
  33. data/lib/ronin/vulns/vuln.rb +1 -1
  34. data/lib/ronin/vulns/web_vuln/http_request.rb +1 -1
  35. data/lib/ronin/vulns/web_vuln.rb +1 -1
  36. data/man/ronin-vulns-rfi.1 +1 -1
  37. data/man/ronin-vulns-rfi.1.md +1 -1
  38. data/man/ronin-vulns-scan.1 +1 -1
  39. data/man/ronin-vulns-scan.1.md +1 -1
  40. data/ronin-vulns.gemspec +2 -2
  41. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3a7f0f97531b93caf6893b805e9326dc9836d903db94b0b5387d96b3d555986b
4
- data.tar.gz: ea9163ac70cac3ebb7ad3ee66090e1e0a1c90f6f66c04d9112fe5c093632ed7f
3
+ metadata.gz: 4b883fd15ba88606984046997827e571053dc77cc7309cb228746435706789fe
4
+ data.tar.gz: 1090624e7a3dbb9d1b212052a1f300f454620cdb5508f4605e3124b8432698b1
5
5
  SHA512:
6
- metadata.gz: d307c996fa6692769a953a53e9931c6fd067ea4f13d2a642be8a575a1020766aa85be7dbdc1b02b1dcf123013be3859aff61562b17528609e68d3d37b4cd60e5
7
- data.tar.gz: '048a760dbbbb9dcd3dedcbe2ba8730e819d8441065e7df2c2a0cead82f694f26c9c78141590b1455d44f64ac09554f64b57c8ca71c643473da09f9c99d8f1463'
6
+ metadata.gz: ba3fecaec4b2dcba4043c8cd95d67b0443011c04f0f83296d86f2cbef4b364d30359093ebee289076a1cbf8e55b77e3a03ca9bcd8b6aea6a972390571ff14910
7
+ data.tar.gz: ffb84a729dbab47c6df0bde5f4a7df8f9c0e345de58bb9ddc36d6c6420c87b77f615b0b1d1d7caa5f8edfc456bcca909b3dbf28d32dab2ddde83bd3ec066adec
@@ -21,6 +21,7 @@ jobs:
21
21
  uses: ruby/setup-ruby@v1
22
22
  with:
23
23
  ruby-version: ${{ matrix.ruby }}
24
+ bundler-cache: true
24
25
  - name: Install libsqlite3
25
26
  run: |
26
27
  sudo apt update -y && \
data/.yardopts CHANGED
@@ -1 +1 @@
1
- --markup markdown --title 'ronin-vulns Documentation' --protected
1
+ --markup markdown --title 'Ronin::Vulns Documentation' --protected
data/ChangeLog.md CHANGED
@@ -1,4 +1,9 @@
1
- ### 0.1.0 / 2023-XX-XX
1
+ ### 0.1.1 / 2023-02-02
2
+
3
+ * Fixed typo in {Ronin::Vulns::CLI::WebVulnCommand#process_url} which effected
4
+ the `ronin-vulns lfi` command and others.
5
+
6
+ ### 0.1.0 / 2023-02-01
2
7
 
3
8
  * Initial release:
4
9
  * Require `ruby` >= 3.0.0.
data/Gemfile CHANGED
@@ -29,6 +29,6 @@ group :development do
29
29
  gem 'yard-spellcheck', require: false
30
30
 
31
31
  gem 'dead_end', require: false
32
- gem 'sord', require: false
33
- gem 'stackprof', require: false
32
+ gem 'sord', require: false, platform: :mri
33
+ gem 'stackprof', require: false, platform: :mri
34
34
  end
data/README.md CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  [![CI](https://github.com/ronin-rb/ronin-vulns/actions/workflows/ruby.yml/badge.svg)](https://github.com/ronin-rb/ronin-vulns/actions/workflows/ruby.yml)
4
4
  [![Code Climate](https://codeclimate.com/github/ronin-rb/ronin-vulns.svg)](https://codeclimate.com/github/ronin-rb/ronin-vulns)
5
+ [![Gem Version](https://badge.fury.io/rb/ronin-vulns.svg)](https://badge.fury.io/rb/ronin-vulns)
5
6
 
6
7
  * [Website](https://ronin-rb.dev/)
7
8
  * [Source](https://github.com/ronin-rb/ronin-vulns)
@@ -15,7 +16,7 @@
15
16
 
16
17
  ronin-vulns is a Ruby library for blind vulnerability testing. It currently
17
18
  supports testing for Local File Inclusion (LFI), Remote File Inclusion (RFI),
18
- SQL injection (SQLi), reflective Cross Site Scripting (XSS), and Server Side
19
+ SQL injection (SQLi), reflective Cross Site Scripting (XSS), Server Side
19
20
  Template Injection (SSTI), and Open Redirects.
20
21
 
21
22
  ronin-vulns is part of the [ronin-rb] project, a [Ruby] toolkit for security
@@ -306,7 +307,7 @@ gem.add_dependency 'ronin-vulns', '~> 0.1'
306
307
 
307
308
  ## License
308
309
 
309
- Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
310
+ Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
310
311
 
311
312
  ronin-vulns is free software: you can redistribute it and/or modify
312
313
  it under the terms of the GNU Lesser General Public License as published
data/gemspec.yml CHANGED
@@ -16,10 +16,10 @@ homepage: https://ronin-rb.dev/
16
16
  has_yard: true
17
17
 
18
18
  metadata:
19
- documentation_uri: https://rubydoc.info/gems/ronin-vulns
19
+ documentation_uri: https://ronin-rb.dev/docs/ronin-vulns
20
20
  source_code_uri: https://github.com/ronin-rb/ronin-vulns
21
21
  bug_tracker_uri: https://github.com/ronin-rb/ronin-vulns/issues
22
- changelog_uri: https://github.com/ronin-rb/ronin-vulns/blob/master/ChangeLog.md
22
+ changelog_uri: https://github.com/ronin-rb/ronin-vulns/blob/main/ChangeLog.md
23
23
  rubygems_mfa_required: 'true'
24
24
 
25
25
  required_ruby_version: ">= 3.0.0"
@@ -34,8 +34,8 @@ generated_files:
34
34
  - man/ronin-vulns-scan.1
35
35
 
36
36
  dependencies:
37
- ronin-support: ~> 1.0.0.beta1
38
- ronin-core: ~> 0.1.0.beta1
37
+ ronin-support: ~> 1.0
38
+ ronin-core: ~> 0.1
39
39
 
40
40
  development_dependencies:
41
41
  bundler: ~> 2.0
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -110,7 +110,7 @@ module Ronin
110
110
  end
111
111
 
112
112
  #
113
- # Scans a URL for LFI vulnerabiltiies.
113
+ # Scans a URL for LFI vulnerabilities.
114
114
  #
115
115
  # @param [String] url
116
116
  # The URL to scan.
@@ -126,7 +126,7 @@ module Ronin
126
126
  end
127
127
 
128
128
  #
129
- # Tests a URL for LFI vulnerabiltiies.
129
+ # Tests a URL for LFI vulnerabilities.
130
130
  #
131
131
  # @param [String] url
132
132
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -83,7 +83,7 @@ module Ronin
83
83
  end
84
84
 
85
85
  #
86
- # Scans a URL for Open Redirect vulnerabiltiies.
86
+ # Scans a URL for Open Redirect vulnerabilities.
87
87
  #
88
88
  # @param [String] url
89
89
  # The URL to scan.
@@ -100,7 +100,7 @@ module Ronin
100
100
  end
101
101
 
102
102
  #
103
- # Tests a URL for Open Redirect vulnerabiltiies.
103
+ # Tests a URL for Open Redirect vulnerabilities.
104
104
  #
105
105
  # @param [String] url
106
106
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -63,7 +63,7 @@ module Ronin
63
63
  man_page 'ronin-vulns-reflected-xss.1'
64
64
 
65
65
  #
66
- # Scans a URL for Reflected XSS vulnerabiltiies.
66
+ # Scans a URL for Reflected XSS vulnerabilities.
67
67
  #
68
68
  # @param [String] url
69
69
  # The URL to scan.
@@ -80,7 +80,7 @@ module Ronin
80
80
  end
81
81
 
82
82
  #
83
- # Tests a URL for Reflected XSS vulnerabiltiies.
83
+ # Tests a URL for Reflected XSS vulnerabilities.
84
84
  #
85
85
  # @param [String] url
86
86
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -52,7 +52,7 @@ module Ronin
52
52
  # --filter-bypass Optional filter-bypass strategy to use
53
53
  # -S asp|asp.net|coldfusion|jsp|php|perl,
54
54
  # --script-lang Explicitly specify the scripting language to test for
55
- # -T, --test-script-url URL Use an altnerative test script URL
55
+ # -T, --test-script-url URL Use an alternative test script URL
56
56
  # -h, --help Print help information
57
57
  #
58
58
  # ## Arguments
@@ -91,7 +91,7 @@ module Ronin
91
91
  type: String,
92
92
  usage: 'URL'
93
93
  },
94
- desc: 'Use an altnerative test script URL'
94
+ desc: 'Use an alternative test script URL'
95
95
 
96
96
  description 'Scans URL(s) for Remote File Inclusion (RFI) vulnerabilities'
97
97
 
@@ -121,7 +121,7 @@ module Ronin
121
121
  end
122
122
 
123
123
  #
124
- # Scans a URL for RFI vulnerabiltiies.
124
+ # Scans a URL for RFI vulnerabilities.
125
125
  #
126
126
  # @param [String] url
127
127
  # The URL to scan.
@@ -137,7 +137,7 @@ module Ronin
137
137
  end
138
138
 
139
139
  #
140
- # Tests a URL for RFI vulnerabiltiies.
140
+ # Tests a URL for RFI vulnerabilities.
141
141
  #
142
142
  # @param [String] url
143
143
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -54,7 +54,7 @@ module Ronin
54
54
  # Optional filter-bypass strategy to use
55
55
  # --rfi-script-lang asp|asp.net|coldfusion|jsp|php|perl
56
56
  # Explicitly specify the scripting language to test for
57
- # --rfi-test-script-url URL Use an altnerative test script URL
57
+ # --rfi-test-script-url URL Use an alternative test script URL
58
58
  # --sqli-escape-quote Escapes quotation marks
59
59
  # --sqli-escape-parens Escapes parenthesis
60
60
  # --sqli-terminate Terminates the SQL expression with a --
@@ -118,7 +118,7 @@ module Ronin
118
118
  type: String,
119
119
  usage: 'URL'
120
120
  },
121
- desc: 'Use an altnerative test script URL'
121
+ desc: 'Use an alternative test script URL'
122
122
 
123
123
  option :sqli_escape_quote, desc: 'Escapes quotation marks'
124
124
 
@@ -271,7 +271,7 @@ module Ronin
271
271
  end
272
272
 
273
273
  #
274
- # Scans a URL for all web vulnerabiltiies.
274
+ # Scans a URL for all web vulnerabilities.
275
275
  #
276
276
  # @param [String] url
277
277
  # The URL to scan.
@@ -292,7 +292,7 @@ module Ronin
292
292
  end
293
293
 
294
294
  #
295
- # Tests a URL for any web vulnerabiltiies.
295
+ # Tests a URL for any web vulnerabilities.
296
296
  #
297
297
  # @param [String] url
298
298
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -98,7 +98,7 @@ module Ronin
98
98
  end
99
99
 
100
100
  #
101
- # Scans a URL for SQLi vulnerabiltiies.
101
+ # Scans a URL for SQLi vulnerabilities.
102
102
  #
103
103
  # @param [String] url
104
104
  # The URL to scan.
@@ -114,7 +114,7 @@ module Ronin
114
114
  end
115
115
 
116
116
  #
117
- # Tests a URL for SQLi vulnerabiltiies.
117
+ # Tests a URL for SQLi vulnerabilities.
118
118
  #
119
119
  # @param [String] url
120
120
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -91,7 +91,7 @@ module Ronin
91
91
  end
92
92
 
93
93
  #
94
- # Scans a URL for SSTI vulnerabiltiies.
94
+ # Scans a URL for SSTI vulnerabilities.
95
95
  #
96
96
  # @param [String] url
97
97
  # The URL to scan.
@@ -107,7 +107,7 @@ module Ronin
107
107
  end
108
108
 
109
109
  #
110
- # Tests a URL for SSTI vulnerabiltiies.
110
+ # Tests a URL for SSTI vulnerabilities.
111
111
  #
112
112
  # @param [String] url
113
113
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -191,7 +191,7 @@ module Ronin
191
191
  # @return [Set<String>, nil]
192
192
  attr_reader :test_query_params
193
193
 
194
- # Indiciates whether to test all of the query params of the URL.
194
+ # Indicates whether to test all of the query params of the URL.
195
195
  #
196
196
  # @return [Boolean, nil]
197
197
  attr_reader :test_all_query_params
@@ -206,7 +206,7 @@ module Ronin
206
206
  # @return [Set<String>, nil]
207
207
  attr_reader :test_cookie_params
208
208
 
209
- # Indiciates whether to test all `Cookie` params for the URL.
209
+ # Indicates whether to test all `Cookie` params for the URL.
210
210
  #
211
211
  # @return [Boolean, nil]
212
212
  attr_reader :test_all_cookie_params
@@ -252,7 +252,7 @@ module Ronin
252
252
  end
253
253
 
254
254
  #
255
- # Prcesses a URL.
255
+ # Processes a URL.
256
256
  #
257
257
  # @param [String] url
258
258
  # A URL to scan.
@@ -260,11 +260,11 @@ module Ronin
260
260
  def process_url(url)
261
261
  if @scan_mode == :first
262
262
  if (first_vuln = test_url(url))
263
- print_vuln(first_vuln)
263
+ log_vuln(first_vuln)
264
264
  end
265
265
  else
266
266
  scan_url(url) do |vuln|
267
- print_vuln(vuln)
267
+ log_vuln(vuln)
268
268
  end
269
269
  end
270
270
  end
@@ -309,7 +309,7 @@ module Ronin
309
309
  end
310
310
 
311
311
  #
312
- # Scans a URL for web vulnerabiltiies.
312
+ # Scans a URL for web vulnerabilities.
313
313
  #
314
314
  # @param [String] url
315
315
  # The URL to scan.
@@ -327,7 +327,7 @@ module Ronin
327
327
  end
328
328
 
329
329
  #
330
- # Tests a URL for web vulnerabiltiies.
330
+ # Tests a URL for web vulnerabilities.
331
331
  #
332
332
  # @param [String] url
333
333
  # The URL to test.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -18,8 +18,11 @@
18
18
  # along with ronin-vulns. If not, see <https://www.gnu.org/licenses/>.
19
19
  #
20
20
 
21
+ require 'ronin/vulns/version'
22
+
21
23
  require 'command_kit/commands'
22
24
  require 'command_kit/commands/auto_load'
25
+ require 'command_kit/options/version'
23
26
 
24
27
  module Ronin
25
28
  module Vulns
@@ -35,8 +38,10 @@ module Ronin
35
38
  dir: "#{__dir__}/cli/commands",
36
39
  namespace: "#{self}::Commands"
37
40
  )
41
+ include CommandKit::Options::Version
38
42
 
39
43
  command_name 'ronin-vulns'
44
+ version Ronin::Vulns::VERSION
40
45
 
41
46
  command_aliases['xss'] = 'reflected-xss'
42
47
 
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library to blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -69,7 +69,7 @@ module Ronin
69
69
  end
70
70
 
71
71
  #
72
- # Tests whther the URL has a vulnerable Open Redirect.
72
+ # Tests whether the URL has a vulnerable Open Redirect.
73
73
  #
74
74
  # @return [Boolean]
75
75
  #
@@ -3,7 +3,7 @@
3
3
  #
4
4
  # ronin-vulns - A Ruby library for blind vulnerability testing.
5
5
  #
6
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # ronin-vulns is free software: you can redistribute it and/or modify
9
9
  # it under the terms of the GNU Lesser General Public License as published
@@ -3,7 +3,7 @@
3
3
  #
4
4
  # ronin-vulns - A Ruby library for blind vulnerability testing.
5
5
  #
6
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # ronin-vulns is free software: you can redistribute it and/or modify
9
9
  # it under the terms of the GNU Lesser General Public License as published
@@ -3,7 +3,7 @@
3
3
  #
4
4
  # ronin-vulns - A Ruby library for blind vulnerability testing.
5
5
  #
6
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # ronin-vulns is free software: you can redistribute it and/or modify
9
9
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -162,7 +162,7 @@ module Ronin
162
162
  # Optionally applies a filter bypass technique to the RFI URL.
163
163
  #
164
164
  # @param [URI::HTTP, String] url
165
- # The RFI URL to optionall encode before it will be injected into a
165
+ # The RFI URL to optionally encode before it will be injected into a
166
166
  # HTTP request.
167
167
  #
168
168
  # @return [String]
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -57,7 +57,7 @@ module Ronin
57
57
  end
58
58
 
59
59
  #
60
- # Tests whether the respones body contains a SQL error.
60
+ # Tests whether the response body contains a SQL error.
61
61
  #
62
62
  # @param [String] response_body
63
63
  # The HTTP response body.
@@ -3,7 +3,7 @@
3
3
  #
4
4
  # ronin-vulns - A Ruby library for blind vulnerability testing.
5
5
  #
6
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # ronin-vulns is free software: you can redistribute it and/or modify
9
9
  # it under the terms of the GNU Lesser General Public License as published
@@ -280,7 +280,7 @@ module Ronin
280
280
  # The HTTP response object to check.
281
281
  #
282
282
  # @return [Boolean]
283
- # Indicates whether the response was a `500` and if the respones body
283
+ # Indicates whether the response was a `500` and if the response body
284
284
  # contained a SQL error message.
285
285
  #
286
286
  def check_for_sql_errors(response)
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -21,6 +21,6 @@
21
21
  module Ronin
22
22
  module Vulns
23
23
  # The ronin-vulns version
24
- VERSION = '0.1.0.beta1'
24
+ VERSION = '0.1.1'
25
25
  end
26
26
  end
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -3,7 +3,7 @@
3
3
  #
4
4
  # ronin-vulns - A Ruby library for blind vulnerability testing.
5
5
  #
6
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # ronin-vulns is free software: you can redistribute it and/or modify
9
9
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-vulns - A Ruby library for blind vulnerability testing.
4
4
  #
5
- # Copyright (c) 2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-vulns is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -88,7 +88,7 @@ Explicitly specify the scripting language to test for\.
88
88
  .LP
89
89
  .TP
90
90
  \fB-T\fR, \fB--test-script-url\fR \fIURL\fP
91
- Use an altnerative test script \fIURL\fP\.
91
+ Use an alternative test script \fIURL\fP\.
92
92
  .LP
93
93
  .TP
94
94
  \fB-h\fR, \fB--help\fR
@@ -66,7 +66,7 @@ option.
66
66
  Explicitly specify the scripting language to test for.
67
67
 
68
68
  `-T`, `--test-script-url` *URL*
69
- Use an altnerative test script *URL*.
69
+ Use an alternative test script *URL*.
70
70
 
71
71
  `-h`, `--help`
72
72
  Print help information.
@@ -99,7 +99,7 @@ Explicitly specify the scripting language to test for\.
99
99
  .LP
100
100
  .TP
101
101
  \fB--rfi-test-script-url\fR \fIURL\fP
102
- Use an altnerative test script URL\.
102
+ Use an alternative test script URL\.
103
103
  .LP
104
104
  .TP
105
105
  \fB--sqli-escape-quote\fR
@@ -74,7 +74,7 @@ additional arguments or read from a file using the `--input` option.
74
74
  Explicitly specify the scripting language to test for.
75
75
 
76
76
  `--rfi-test-script-url` *URL*
77
- Use an altnerative test script URL.
77
+ Use an alternative test script URL.
78
78
 
79
79
  `--sqli-escape-quote`
80
80
  Escapes quotation marks.
data/ronin-vulns.gemspec CHANGED
@@ -25,14 +25,14 @@ Gem::Specification.new do |gem|
25
25
  gem.files = `git ls-files`.split($/)
26
26
  gem.files = glob[gemspec['files']] if gemspec['files']
27
27
  gem.files += Array(gemspec['generated_files'])
28
- gem.files -= glob[gemspec['test_files'] || '{test,spec}/{**/}*']
28
+ # exclude test files from the packages gem
29
+ gem.files -= glob[gemspec['test_files'] || 'spec/{**/}*']
29
30
 
30
31
  gem.executables = gemspec.fetch('executables') do
31
32
  glob['bin/*'].map { |path| File.basename(path) }
32
33
  end
33
34
 
34
35
  gem.extensions = glob[gemspec['extensions'] || 'ext/**/extconf.rb']
35
- gem.test_files = glob[gemspec['test_files'] || 'spec/{**/}*_spec.rb']
36
36
  gem.extra_rdoc_files = glob[gemspec['extra_doc_files'] || '*.{txt,md}']
37
37
 
38
38
  gem.require_paths = Array(gemspec.fetch('require_paths') {
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ronin-vulns
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0.beta1
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Postmodern
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-01 00:00:00.000000000 Z
11
+ date: 2023-02-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ronin-support
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 1.0.0.beta1
19
+ version: '1.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 1.0.0.beta1
26
+ version: '1.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: ronin-core
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.1.0.beta1
33
+ version: '0.1'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.1.0.beta1
40
+ version: '0.1'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bundler
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -132,10 +132,10 @@ homepage: https://ronin-rb.dev/
132
132
  licenses:
133
133
  - LGPL-3.0
134
134
  metadata:
135
- documentation_uri: https://rubydoc.info/gems/ronin-vulns
135
+ documentation_uri: https://ronin-rb.dev/docs/ronin-vulns
136
136
  source_code_uri: https://github.com/ronin-rb/ronin-vulns
137
137
  bug_tracker_uri: https://github.com/ronin-rb/ronin-vulns/issues
138
- changelog_uri: https://github.com/ronin-rb/ronin-vulns/blob/master/ChangeLog.md
138
+ changelog_uri: https://github.com/ronin-rb/ronin-vulns/blob/main/ChangeLog.md
139
139
  rubygems_mfa_required: 'true'
140
140
  post_install_message:
141
141
  rdoc_options: []