ronin 0.0.9 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/FAQ.txt +103 -0
- data/History.txt +10 -1
- data/Manifest.txt +26 -0
- data/Rakefile +2 -0
- data/TODO.txt +9 -2
- data/lib/ronin/arch.rb +9 -2
- data/lib/ronin/author.rb +9 -10
- data/lib/ronin/chars/chars.rb +1 -1
- data/lib/ronin/console.rb +5 -5
- data/lib/ronin/context.rb +1 -1
- data/lib/ronin/database.rb +8 -3
- data/lib/ronin/extensions/string.rb +1 -1
- data/lib/ronin/extensions/uri/http.rb +1 -1
- data/lib/ronin/license.rb +4 -0
- data/lib/ronin/model.rb +8 -0
- data/lib/ronin/models.rb +1 -8
- data/lib/ronin/network/extensions/telnet/net.rb +11 -6
- data/lib/ronin/network/extensions/udp/net.rb +0 -12
- data/lib/ronin/objects.rb +1 -3
- data/lib/ronin/parameters/parameters.rb +26 -15
- data/lib/ronin/platform.rb +4 -1
- data/lib/ronin/product.rb +3 -0
- data/lib/ronin/runner/program/program.rb +4 -2
- data/lib/ronin/sessions/esmtp.rb +2 -10
- data/lib/ronin/sessions/imap.rb +1 -9
- data/lib/ronin/sessions/pop3.rb +1 -9
- data/lib/ronin/sessions/session.rb +20 -19
- data/lib/ronin/sessions/smtp.rb +1 -9
- data/lib/ronin/sessions/tcp.rb +1 -21
- data/lib/ronin/sessions/telnet.rb +1 -9
- data/lib/ronin/sessions/udp.rb +1 -21
- data/lib/ronin/sessions/web.rb +1 -9
- data/lib/ronin/target.rb +3 -0
- data/lib/ronin/version.rb +1 -1
- data/spec/arch_spec.rb +61 -0
- data/spec/author_spec.rb +10 -0
- data/spec/chars/chars_spec.rb +82 -0
- data/spec/context/context_spec.rb +84 -0
- data/spec/context/helpers/book_context.rb +15 -0
- data/spec/context/helpers/book_review_context.rb +21 -0
- data/spec/context/helpers/contexts/neuromancer_review.rb +15 -0
- data/spec/context/helpers/contexts/snow_crash.rb +8 -0
- data/spec/extensions/hash_spec.rb +38 -0
- data/spec/extensions/string_spec.rb +13 -0
- data/spec/extensions/uri/http_spec.rb +40 -0
- data/spec/extensions/uri/query_params_spec.rb +38 -0
- data/spec/formatting/binary_spec.rb +65 -0
- data/spec/formatting/digest_spec.rb +54 -0
- data/spec/formatting/html_spec.rb +37 -0
- data/spec/formatting/http_spec.rb +44 -0
- data/spec/formatting/text_spec.rb +21 -0
- data/spec/license_spec.rb +20 -0
- data/spec/parameters/parameters_spec.rb +109 -0
- data/spec/path_spec.rb +34 -0
- data/spec/platform_spec.rb +24 -0
- data/spec/product_spec.rb +16 -0
- data/spec/ronin_spec.rb +11 -0
- data/spec/sessions/session_spec.rb +56 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/target_spec.rb +16 -0
- metadata +39 -2
data/FAQ.txt
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
= FAQ
|
2
|
+
|
3
|
+
Q:: Is Ronin a Framework?
|
4
|
+
A:: Ronin is not a framework. Instead, we like to call it a Platform, since
|
5
|
+
Ronin was designed for developing code on top of it. Besides,
|
6
|
+
"framework" is totally the developer buzz-word of the 2000s.
|
7
|
+
|
8
|
+
Q:: How well documented is Ronin?
|
9
|
+
A:: Ronin has extensive RDoc documentation of it's API. Various Tutorials
|
10
|
+
and HOWTOs are always in the works.
|
11
|
+
|
12
|
+
Q:: How readable is Ronin's code-base?
|
13
|
+
A:: Other projects have been criticized for having poor programming
|
14
|
+
conventions or a lack of documentation. To avoid this, Ronin enforces a
|
15
|
+
set of coding style guidelines to ensure that all source-code is clean
|
16
|
+
and readable. The coding style guidelines can be reviewed here:
|
17
|
+
http://ronin.rubyforge.org/style.html
|
18
|
+
|
19
|
+
Q:: Does Ronin have a test-suite so that I can ensure that Ronin is bug
|
20
|
+
free?
|
21
|
+
A:: Yes, Ronin comes with extensive RSpec specification tests.
|
22
|
+
|
23
|
+
Q:: Ronin comes with code which can be used to scan for and exploit
|
24
|
+
security vulnerabilities, aren't you making everyone less secure by
|
25
|
+
doing so?
|
26
|
+
A:: Yeah, so? There are plenty of similar projects which are freely
|
27
|
+
available on-line, that can be used to scan and exploit vulnerabilities.
|
28
|
+
|
29
|
+
Q:: By publishing a hacking tool, aren't you helping to support the
|
30
|
+
TERRORISTS!!!1111oneoneone
|
31
|
+
A:: Technically we're helping everyone, since Ronin is freely available
|
32
|
+
for download. What people choose to do with Ronin is their own ethical
|
33
|
+
responsibility. If you are scared of Hackers or TERRORISTS, we suggest
|
34
|
+
you help raise awareness of bad programming habits which helped to
|
35
|
+
create all those vulnerabilities in the first place. Perhaps you could
|
36
|
+
stand outside Computer Science departments holding up signs such as:
|
37
|
+
|
38
|
+
"Parametrize your SQL data"
|
39
|
+
|
40
|
+
Or the classic:
|
41
|
+
|
42
|
+
"Don't use strcpy!"
|
43
|
+
|
44
|
+
Q:: Does Ronin ship with 0day?
|
45
|
+
A:: Ronin was never intended to ship with any built-in exploits or
|
46
|
+
payloads. Ronin's design allows user to checkout various
|
47
|
+
overlays of exploits, payloads and extensions. This design choice
|
48
|
+
allows for users to selectively choose which overlay they want to
|
49
|
+
use, update them when they like and possibly even create their own
|
50
|
+
overlays.
|
51
|
+
|
52
|
+
Q:: What exactly are overlays?
|
53
|
+
A:: Overlays are directories which can contain objects (such as exploits or
|
54
|
+
payloads) or extensions which can be used by Ronin. An overlay also
|
55
|
+
contains a small XML file called <tt>ronin.xml</tt> which describes
|
56
|
+
the overlay, it's authors and it's licensing.
|
57
|
+
|
58
|
+
Q:: How are overlays hosted?
|
59
|
+
A:: An overlay can be hosed on any Subversion (SVN), CVS, Git or Rsync
|
60
|
+
server.
|
61
|
+
|
62
|
+
Q:: How can I install an Overlay?
|
63
|
+
A:: Simply pass the URL of the overlay to the +ronin+ +install+ sub-command.
|
64
|
+
|
65
|
+
$ ronin install svn://www.example.com/overlay
|
66
|
+
|
67
|
+
If you have previously checked out an overlay, then simply pass the
|
68
|
+
path of the local overlay to the +ronin+ +add+ sub-command.
|
69
|
+
|
70
|
+
$ ronin add path/to/local/overlay
|
71
|
+
|
72
|
+
Q:: Does Ronin have a GUI or Web-interface?
|
73
|
+
A:: Not currently. The developers of Ronin are considering creating a GUI
|
74
|
+
using JRuby + Swing or possibly Shoes. A Web-interface would be possible
|
75
|
+
once Merb becomes stable.
|
76
|
+
|
77
|
+
Q:: I don't know a lot of Ruby, is there a command-line interface to the
|
78
|
+
various libraries of Ronin?
|
79
|
+
A:: Why yes. Ronin's design allows for the libraries of Ronin to add various
|
80
|
+
sub-commands to the main +ronin+ command. To view all available commands
|
81
|
+
simply run the following command:
|
82
|
+
|
83
|
+
$ ronin help
|
84
|
+
|
85
|
+
To view help information on a specific command:
|
86
|
+
|
87
|
+
$ ronin help command_here
|
88
|
+
|
89
|
+
Q:: Does Ronin offer certification or special training courses?
|
90
|
+
A:: No, we're not that kind of project. Besides, you shouldn't need a
|
91
|
+
certificate to feel good about yourself.
|
92
|
+
|
93
|
+
Q:: What is Ronin licensed under?
|
94
|
+
A:: GPL-2.
|
95
|
+
|
96
|
+
Q:: Can I include Ronin in my (companies) commercial product?
|
97
|
+
A:: No, you cannot. Ronin is licensed under the GPL-2 license.
|
98
|
+
|
99
|
+
Q:: But we are a struggling Information Security company, could we purchase
|
100
|
+
the rights to Ronin?
|
101
|
+
A:: Go struggle somewhere else. No one is selling Ronin, we don't want to
|
102
|
+
see it become another Nessus.
|
103
|
+
|
data/History.txt
CHANGED
@@ -1,4 +1,13 @@
|
|
1
|
-
|
1
|
+
=== 0.1.0 / 2008-09-28
|
2
|
+
|
3
|
+
* Changed how Sessions are setup.
|
4
|
+
* Have Ronin use it's own DataMapper Repository name-space to avoid
|
5
|
+
conflicts with other DataMapper libraries.
|
6
|
+
* Added the Parameters#set_params methods.
|
7
|
+
* Added specs.
|
8
|
+
* Fixed various trivial bugs.
|
9
|
+
|
10
|
+
=== 0.0.9 / 2008-08-20
|
2
11
|
|
3
12
|
* Initial release.
|
4
13
|
* Supports installing/updating/uninstalling of Overlays.
|
data/Manifest.txt
CHANGED
@@ -2,6 +2,7 @@ History.txt
|
|
2
2
|
COPYING.txt
|
3
3
|
Manifest.txt
|
4
4
|
README.txt
|
5
|
+
FAQ.txt
|
5
6
|
TODO.txt
|
6
7
|
Rakefile
|
7
8
|
bin/ronin
|
@@ -155,3 +156,28 @@ lib/ronin/version.rb
|
|
155
156
|
tasks/spec.rb
|
156
157
|
spec/helpers/
|
157
158
|
spec/spec_helper.rb
|
159
|
+
spec/arch_spec.rb
|
160
|
+
spec/author_spec.rb
|
161
|
+
spec/chars/chars_spec.rb
|
162
|
+
spec/context/context_spec.rb
|
163
|
+
spec/context/helpers/book_context.rb
|
164
|
+
spec/context/helpers/book_review_context.rb
|
165
|
+
spec/context/helpers/contexts/snow_crash.rb
|
166
|
+
spec/context/helpers/contexts/neuromancer_review.rb
|
167
|
+
spec/extensions/hash_spec.rb
|
168
|
+
spec/extensions/string_spec.rb
|
169
|
+
spec/extensions/uri/http_spec.rb
|
170
|
+
spec/extensions/uri/query_params_spec.rb
|
171
|
+
spec/formatting/binary_spec.rb
|
172
|
+
spec/formatting/digest_spec.rb
|
173
|
+
spec/formatting/html_spec.rb
|
174
|
+
spec/formatting/http_spec.rb
|
175
|
+
spec/formatting/text_spec.rb
|
176
|
+
spec/license_spec.rb
|
177
|
+
spec/path_spec.rb
|
178
|
+
spec/platform_spec.rb
|
179
|
+
spec/product_spec.rb
|
180
|
+
spec/target_spec.rb
|
181
|
+
spec/parameters/parameters_spec.rb
|
182
|
+
spec/sessions/session_spec.rb
|
183
|
+
spec/ronin_spec.rb
|
data/Rakefile
CHANGED
@@ -8,6 +8,7 @@ require './lib/ronin/version.rb'
|
|
8
8
|
Hoe.new('ronin', Ronin::VERSION) do |p|
|
9
9
|
p.rubyforge_name = 'ronin'
|
10
10
|
p.developer('Postmodern Modulus III','postmodern.mod3@gmail.com')
|
11
|
+
p.remote_rdoc_dir = 'docs/ronin'
|
11
12
|
p.extra_deps = ['hpricot',
|
12
13
|
'mechanize',
|
13
14
|
['dm-core', '>=0.9.3'],
|
@@ -16,6 +17,7 @@ Hoe.new('ronin', Ronin::VERSION) do |p|
|
|
16
17
|
['dm-types', '>=0.9.3'],
|
17
18
|
['dm-serializer', '>=0.9.3'],
|
18
19
|
['dm-aggregates', '>=0.9.3'],
|
20
|
+
['dm-validations', '>=0.9.3'],
|
19
21
|
['reverserequire', '>=0.1.0'],
|
20
22
|
['repertoire', '>=0.1.2']]
|
21
23
|
end
|
data/TODO.txt
CHANGED
@@ -1,6 +1,13 @@
|
|
1
|
-
==
|
1
|
+
== TODO
|
2
|
+
|
3
|
+
=== Ronin 0.1.0:
|
4
|
+
|
5
|
+
* Ensure that an ObjectContext can be loaded from a file and have all of
|
6
|
+
it's properties and associations loaded from the Database.
|
7
|
+
* Create an Overlay Genetor for creating basic Overlays.
|
8
|
+
|
9
|
+
=== Ronin 0.2.0:
|
2
10
|
|
3
11
|
* Create an IO proxy class and RPC Service for proxying io.
|
4
12
|
* Create a module for pivoting.
|
5
|
-
* Process user-requests and bug-fixes
|
6
13
|
|
data/lib/ronin/arch.rb
CHANGED
@@ -41,6 +41,14 @@ module Ronin
|
|
41
41
|
# Address length of the architecture
|
42
42
|
property :address_length, Integer
|
43
43
|
|
44
|
+
# Validates
|
45
|
+
validates_present :name, :endian, :address_length
|
46
|
+
validates_is_unique :name
|
47
|
+
validates_format :endian, :with => lambda { |endian|
|
48
|
+
endian == 'big' || endian == 'little'
|
49
|
+
}
|
50
|
+
validates_is_number :address_length
|
51
|
+
|
44
52
|
#
|
45
53
|
# Returns the name of the arch as a String.
|
46
54
|
#
|
@@ -50,8 +58,7 @@ module Ronin
|
|
50
58
|
|
51
59
|
#
|
52
60
|
# Defines a new builtin Arch with the specified _name_ and the given
|
53
|
-
#
|
54
|
-
# Arch.
|
61
|
+
# _options_.
|
55
62
|
#
|
56
63
|
def Arch.define(name,options={})
|
57
64
|
name = name.to_s
|
data/lib/ronin/author.rb
CHANGED
@@ -55,28 +55,27 @@ module Ronin
|
|
55
55
|
property :biography, Text
|
56
56
|
|
57
57
|
#
|
58
|
-
# Creates a new Author object with the given
|
59
|
-
#
|
60
|
-
# the newly created Author object.
|
58
|
+
# Creates a new Author object with the given _options_. If _block_ is
|
59
|
+
# given, it will be passed the newly created Author object.
|
61
60
|
#
|
62
61
|
# _info_ may contain the following keys:
|
62
|
+
# <tt>:name</tt>:: The name of the author. Defaults to +ANONYMOUSE+.
|
63
63
|
# <tt>:organization</tt>:: The organization of the author.
|
64
64
|
# <tt>:pgp_signature</tt>:: The PGP signature of the author.
|
65
65
|
# <tt>:email</tt>:: The email address of the author.
|
66
66
|
# <tt>:url</tt>:: The URL for the author.
|
67
67
|
# <tt>:biography</tt>:: The biography of the author.
|
68
68
|
#
|
69
|
-
def initialize(
|
70
|
-
|
71
|
-
@organization= info[:organization]
|
72
|
-
@pgp_signature = info[:pgp_signature]
|
73
|
-
@email = info[:email]
|
74
|
-
@url = info[:url]
|
75
|
-
@biography = info[:biography]
|
69
|
+
def initialize(options={},&block)
|
70
|
+
super(options)
|
76
71
|
|
77
72
|
block.call(self) if block
|
78
73
|
end
|
79
74
|
|
75
|
+
def name
|
76
|
+
@name || ANONYMOUSE
|
77
|
+
end
|
78
|
+
|
80
79
|
#
|
81
80
|
# Returns the name of the author.
|
82
81
|
#
|
data/lib/ronin/chars/chars.rb
CHANGED
data/lib/ronin/console.rb
CHANGED
@@ -32,35 +32,35 @@ module Ronin
|
|
32
32
|
# Returns the default Console prompt style
|
33
33
|
#
|
34
34
|
def Console.prompt
|
35
|
-
@@
|
35
|
+
@@ronin_console_prompt ||= :SIMPLE
|
36
36
|
end
|
37
37
|
|
38
38
|
#
|
39
39
|
# Sets the default Console prompt style to the specified _style_.
|
40
40
|
#
|
41
41
|
def Console.prompt=(style)
|
42
|
-
@@
|
42
|
+
@@ronin_console_prompt = style
|
43
43
|
end
|
44
44
|
|
45
45
|
#
|
46
46
|
# Returns the default Console indent setting.
|
47
47
|
#
|
48
48
|
def Console.indent
|
49
|
-
@@
|
49
|
+
@@ronin_console_indent ||= true
|
50
50
|
end
|
51
51
|
|
52
52
|
#
|
53
53
|
# Sets the default Console indent setting.
|
54
54
|
#
|
55
55
|
def Console.indent=(value)
|
56
|
-
@@
|
56
|
+
@@ronin_console_indent = value
|
57
57
|
end
|
58
58
|
|
59
59
|
#
|
60
60
|
# Returns the Array of files to require when the Console starts.
|
61
61
|
#
|
62
62
|
def Console.auto_load
|
63
|
-
@@
|
63
|
+
@@ronin_console_auto_load ||= []
|
64
64
|
end
|
65
65
|
|
66
66
|
#
|
data/lib/ronin/context.rb
CHANGED
data/lib/ronin/database.rb
CHANGED
@@ -24,6 +24,11 @@
|
|
24
24
|
require 'ronin/exceptions/invalid_database_config'
|
25
25
|
require 'ronin/extensions/kernel'
|
26
26
|
require 'ronin/config'
|
27
|
+
require 'ronin/arch'
|
28
|
+
require 'ronin/platform'
|
29
|
+
require 'ronin/author'
|
30
|
+
require 'ronin/license'
|
31
|
+
require 'ronin/product'
|
27
32
|
|
28
33
|
require 'yaml'
|
29
34
|
require 'dm-core'
|
@@ -42,7 +47,7 @@ module Ronin
|
|
42
47
|
# Default configuration of the database
|
43
48
|
DEFAULT_CONFIG = {
|
44
49
|
:adapter => :sqlite3,
|
45
|
-
:database => File.join(Config::PATH,'
|
50
|
+
:database => File.join(Config::PATH,'database.sqlite3')
|
46
51
|
}
|
47
52
|
|
48
53
|
#
|
@@ -100,7 +105,7 @@ module Ronin
|
|
100
105
|
#
|
101
106
|
def Database.setup(configuration=Database.config,&block)
|
102
107
|
Database.setup_log
|
103
|
-
DataMapper.setup(
|
108
|
+
DataMapper.setup(Model::REPOSITORY_NAME, configuration)
|
104
109
|
|
105
110
|
block.call if block
|
106
111
|
|
@@ -115,7 +120,7 @@ module Ronin
|
|
115
120
|
model.relationships.each_value { |r| r.child_key if r.child_model == model }
|
116
121
|
end
|
117
122
|
|
118
|
-
DataMapper.auto_upgrade!
|
123
|
+
DataMapper.auto_upgrade!(Model::REPOSITORY_NAME)
|
119
124
|
return nil
|
120
125
|
end
|
121
126
|
end
|
data/lib/ronin/license.rb
CHANGED
data/lib/ronin/model.rb
CHANGED
@@ -27,16 +27,24 @@ require 'dm-core'
|
|
27
27
|
require 'dm-types'
|
28
28
|
require 'dm-serializer'
|
29
29
|
require 'dm-aggregates'
|
30
|
+
require 'dm-validations'
|
30
31
|
|
31
32
|
module Ronin
|
32
33
|
module Model
|
33
34
|
include DataMapper::Types
|
34
35
|
|
36
|
+
# Name of Ronin's DataMapper repository
|
37
|
+
REPOSITORY_NAME = :ronin
|
38
|
+
|
35
39
|
def self.included(base)
|
36
40
|
base.module_eval do
|
37
41
|
include DataMapper::Resource
|
38
42
|
include DataMapper::AutoMigrations
|
39
43
|
|
44
|
+
def self.default_repository_name
|
45
|
+
Model::REPOSITORY_NAME
|
46
|
+
end
|
47
|
+
|
40
48
|
property :type, Discriminator
|
41
49
|
end
|
42
50
|
end
|
data/lib/ronin/models.rb
CHANGED
@@ -23,12 +23,5 @@
|
|
23
23
|
|
24
24
|
require 'ronin/extensions/kernel'
|
25
25
|
require 'ronin/model'
|
26
|
-
require 'ronin/arch'
|
27
|
-
require 'ronin/platform'
|
28
|
-
require 'ronin/author'
|
29
|
-
require 'ronin/license'
|
30
|
-
require 'ronin/product'
|
31
26
|
|
32
|
-
|
33
|
-
ronin_require 'ronin/models'
|
34
|
-
end
|
27
|
+
ronin_require 'ronin/models'
|
@@ -33,8 +33,9 @@ module Net
|
|
33
33
|
# the newly created Telnet object.
|
34
34
|
#
|
35
35
|
# _options_ may contain the following keys:
|
36
|
-
# <tt>:port</tt>:: The port to connect to. Defaults to
|
37
|
-
# if not
|
36
|
+
# <tt>:port</tt>:: The port to connect to. Defaults to
|
37
|
+
# <tt>Ronin::Network::Telnet.default_port</tt>, if not
|
38
|
+
# given.
|
38
39
|
# <tt>:binmode</tt>:: Indicates that newline substitution shall not
|
39
40
|
# be performed.
|
40
41
|
# <tt>:output_log</tt>:: The name of the file to write connection
|
@@ -45,7 +46,8 @@ module Net
|
|
45
46
|
# <tt>:prompt</tt>:: A regular expression matching the host's
|
46
47
|
# command-line prompt sequence, used to determine
|
47
48
|
# when a command has finished. Defaults to
|
48
|
-
#
|
49
|
+
# <tt>Ronin::Network::Telnet.default_prompt</tt>, if
|
50
|
+
# not given.
|
49
51
|
# <tt>:telnet</tt>:: Indicates that the connection shall behave as a
|
50
52
|
# telnet connection. Defaults to +true+.
|
51
53
|
# <tt>:plain</tt>:: Indicates that the connection shall behave as a
|
@@ -53,16 +55,19 @@ module Net
|
|
53
55
|
# <tt>:timeout</tt>:: The number of seconds to wait before timing out
|
54
56
|
# both the initial attempt to connect to host,
|
55
57
|
# and all attempts to read data from the host.
|
56
|
-
# Defaults to
|
58
|
+
# Defaults to
|
59
|
+
# <tt>Ronin::Network::Telnet.default_timeout</tt>,
|
60
|
+
# if not given.
|
57
61
|
# <tt>:wait_time</tt>:: The amount of time to wait after seeing what
|
58
62
|
# looks like a prompt.
|
59
63
|
# <tt>:proxy</tt>:: A proxy object to used instead of opening a
|
60
64
|
# direct connection to the host. Must be either
|
61
65
|
# another telnet object or an IO object.
|
62
|
-
# Defaults to
|
66
|
+
# Defaults to
|
67
|
+
# <tt>Ronin::Network::Telnet.proxy</tt>, if not given.
|
63
68
|
# <tt>:user</tt>:: The user to login with.
|
64
69
|
# <tt>:password</tt>:: The password to login with.
|
65
|
-
# <tt>:ssl</tt>:: A
|
70
|
+
# <tt>:ssl</tt>:: A Hash of SSL information to use for a SSLed
|
66
71
|
# Telnet session. This hash must contain the following
|
67
72
|
# keys.
|
68
73
|
# <tt>:certfile</tt>:: The SSL Certfile to use.
|