ronin-rb / ronin Goto Github PK

Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd party git repositories.

Home Page: https://ronin-rb.dev

License: GNU General Public License v3.0

Ruby 99.78% HTML 0.22%

ruby hacking infosec ctf-tools console cli database orm ronin-rb security

ronin's Introduction

ronin

Description

Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, install 3rd party repositories of exploits and/or payloads, run exploits, write new exploits, managing local databases, fuzzing data, and much more.

Who is Ronin for?

CTF players
Bug bounty hunters
Security Researchers
Security Engineers
Developers
Students

What does Ronin provide?

A toolkit of useful commands.
A fully-loaded Ruby REPL.
An ecosystem of high-quality security related Ruby libraries, APIs, and commands.

What can you do with Ronin?

Quickly process and query various data using the ronin commands.
Efficiently work with code and data in the ronin irb Ruby REPL.
Rapidly prototype Ruby scripts using ronin-support and other ronin libraries.
Install 3rd-party git repositories of exploits, payloads, or other code, using ronin-repos.
Import and query data using the ronin-db database.
Fuzz data using ronin-fuzzer.
Use common payloads or write your own using ronin-payloads.
Write/run exploits using ronin-exploits.
Scan for web vulnerabilities using ronin-vulns.

Synopsis

Usage: ronin [options] [COMMAND [ARGS...]]

Options:
    -h, --help                       Print help information

Arguments:
    [COMMAND]                        The command name to run
    [ARGS ...]                       Additional arguments for the command

Commands:
    asn
    banner-grab
    bitflip
    cert-dump
    cert-gen
    cert-grab
    decode, dec
    decrypt
    dns
    email-addr
    encode, enc
    encrypt
    entropy
    escape
    extract
    grep
    help
    hexdump
    highlight
    hmac
    homoglyph
    host
    http
    ip
    iprange
    irb
    md5
    netcat, nc
    new
    proxy
    public-suffix-list
    quote
    rot
    sha1
    sha256
    sha512
    strings
    tld-list
    tips
    typo
    typosquat
    unescape
    unhexdump
    unquote
    url
    xor

Additional Ronin Commands:
    $ ronin-repos
    $ ronin-db
    $ ronin-web
    $ ronin-fuzzer
    $ ronin-payloads
    $ ronin-exploits
    $ ronin-vulns

List ronin commands:

$ ronin help

View a man-page for a command:

$ ronin help COMMAND

Get a random tip on how to use ronin:

$ ronin tips

Open the Ronin Ruby REPL:

$ ronin irb

Generate a new Ruby script with ronin-support preloaded:

$ ronin new script foo.rb

Generate a new Ruby project with a Gemfile:

$ ronin new project foo

Binary

Hexdumps data in a variety of formats:

$ ronin hexdump /bin/ls

Un-hexdumps a hexdump file back into it's original raw binary data:

$ ronin unhexdump -o data.bin hexdump.txt

Print all printable strings from a file:

$ ronin strings /bin/ls

Print all alphabetic strings from a file:

$ ronin strings --alpha /bin/ls

Print all alpha-numeric strings from a file:

$ ronin strings --alpha-num /bin/ls

Print all numeric strings from a file:

$ ronin strings --numeric /bin/ls

Print all hexadecimal strings from a file:

$ ronin strings --hex /bin/ls

Enumerate through all of the Bit-flips of a domain name:

$ ronin bitflip microsoft --alpha-num --append .com
licrosoft.com
oicrosoft.com
iicrosoft.com
eicrosoft.com
Microsoft.com
mhcrosoft.com
mkcrosoft.com
mmcrosoft.com
macrosoft.com
mycrosoft.com
...

Encoding

Base64 encode a string:

$ ronin encode --base64 --string "foo bar baz"
Zm9vIGJhciBiYXo=

Zlib compresses, Base64 encodes, and then URI encode a string:

$ ronin encode --zlib --base64 --uri --string "foo bar"
%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A

Base64 decode a string:

$ ronin decode --base64 --string "Zm9vIGJhciBiYXo="
foo bar baz

URI decode, Base64 decode, and then zlib inflates a string:

$ ronin decode --uri --base64 --zlib --string "%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A"
foo bar

URI escape a string:

$ ronin escape --uri --string "foo bar"
foo%20bar

URI unescape a string:

$ ronin unescape --uri --string "foo%20bar"
foo bar

Convert a file into a quoted C string:

$ ronin quote --c file.bin
"..."

Convert a file into a quoted JavaScript string:

$ ronin quote --js file.bin

Unquote a C string:

$ ronin unquote --c --string '"\x66\x6f\x6f\x20\x62\x61\x72"'
foo bar

Text

Extract high-entropy data from a file:

$ ronin entropy -e 5.0 index.html

Grep for common patterns of data:

$ ronin grep --hash index.html

Extract common patterns from data:

$ ronin extract --hash index.html

Generate a random typo of a word:

$ ronin typo microsoft
microssoft

Enumerate over every typo variation of a word:

$ ronin typo --enum microsoft
microosoft
microsooft
microssoft

Generate a random homoglyph version of a word:

$ ronin homoglyph CEO
CＥO

Enumerate over every homoglyph variation of a word:

$ ronin homoglyph --enum CEO
ϹEO
СEO
ⅭEO
ＣEO
CΕO
CЕO
CＥO
CEΟ
CEО
CEＯ

Syntax-highlights a file:

$ ronin highlight index.html

Cryptography

AES-256 encrypt a file:

$ ronin encrypt --cipher aes-256-cbc --password "..." file.txt > encrypted.bin

Decrypt data:

$ ronin decrypt --cipher aes-256-cbc --password "..." encrypted.bin

Generates a HMAC for a file:

$ ronin hmac --hash sha1 --password "too many secrets" data.txt

Generates a HMAC for a string:

$ ronin hmac --hash sha1 --password "too many secrets" --string "..."

Calculate an MD5 checksum of a string:

$ ronin md5 --string "hello world"
5eb63bbbe01eeed093cb22bb8f5acdc3

Calculate the MD5 checksum of a file:

$ ronin md5 file.txt

Calculate the MD5 checksum of every line in a file:

$ ronin md5 --multiline file.txt

Calculate an SHA1 checksum of a string:

$ ronin sha1 --string "hello world"
2aae6c35c94fcfb415dbe95f408b9ce91ee846ed

Calculate the SHA1 checksum of a file:

$ ronin sha1 file.txt

Calculate the SHA1 checksum of every line in a file:

$ ronin sha1 --multiline file.txt

Calculate an SHA256 checksum of a string:

$ ronin sha256 --string "hello world"
b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9

Calculate the SHA256 checksum of a file:

$ ronin sha256 file.txt

Calculate the SHA256 checksum of every line in a file:

$ ronin sha256 --multiline file.txt

Calculate an SHA512 checksum of a string:

$ ronin sha512 --string "hello world"
309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f

Calculate the SHA512 checksum of a file:

$ ronin sha512 file.txt

Calculate the SHA512 checksum of every line in a file:

$ ronin sha512 --multiline file.txt

ROT-13 encodes a string:

$ ronin rot --string "The quick brown fox jumps over the lazy dog"
Gur dhvpx oebja sbk whzcf bire gur ynml qbt

XOR encodes a string:

$ ronin xor --key ABC --string "The quick brown fox jumps over the lazy dog"
"\x15*&a36(!(a 1.5-a$,9b)4/32b,7'1a6+$b/ 8:a&,&"

Networking

Query the ASN of an IP address:

$ ronin asn -I 4.2.2.1
4.0.0.0/9 AS3356 (US) LEVEL3

Get the system's external/public IP address:

$ ronin ip --public

Convert an IP address to decimal format:

$ ronin ip --decimal 127.0.0.1
2130706433

Convert a file of IP addresses into URLs:

$ ronin ip --file targets.txt --http

Enumerate over every IP address in the IP CIDR range:

$ ronin iprange 10.1.0.0/15
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
10.0.0.5
10.0.0.6
10.0.0.7
10.0.0.8
10.0.0.9
...

Enumerate over every IP address in the IP glob range:

$ ronin iprange 10.1-3.0.*
10.1.0.1
10.1.0.2
10.1.0.3
10.1.0.4
10.1.0.5
10.1.0.6
10.1.0.7
10.1.0.8
10.1.0.9
10.1.0.10
...

Enumerate over every IP address between two IP addresses:

$ ronin iprange --start 10.0.0.1 --stop 10.0.3.33
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
10.0.0.5
10.0.0.6
10.0.0.7
10.0.0.8
10.0.0.9
10.0.0.10

Connect to a remote TCP service:

$ ronin netcat -v example.com 80

Listen on a local TCP port:

$ ronin netcat -v -l 1337

Connect to a remote SSL/TLS service:

$ ronin netcat -v --ssl example.com 443

Connect to a remote UDP service:

$ ronin netcat -v -u example.com 1337

Listen on a local UDP port:

$ ronin netcat -v -u -l 1337

Opens a UNIX socket:

$ ronin netcat -v --unix /path/to/unix.socket

Hexdump all data received from a socket:

$ ronin netcat --hexdump example.com 80
GET / HTTP/1.1
Host: example.com
User-Agent: Ruby

00000000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d  |HTTP/1.1 200 OK.|
00000010  0a 41 67 65 3a 20 32 35 30 38 30 36 0d 0a 43 61  |.Age: 250806..Ca|
00000020  63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78  |che-Control: max|
00000030  2d 61 67 65 3d 36 30 34 38 30 30 0d 0a 43 6f 6e  |-age=604800..Con|
00000040  74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f  |tent-Type: text/|
00000050  68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54  |html; charset=UT|
...

DNS

Query DNS records:

$ ronin dns -t TXT github.com

Find all registered TLDs for a host name:

$ ronin host --enum-tlds --registered github.com
github.ac
github.actor
github.ae
github.africa
github.agency
github.ai
...

Find all registered public suffixes for a host name:

$ ronin host --enum-suffix --registered github.com
example.com.ag
example.ai
example.al
example.am
example.com.ar
example.at
example.co.at
example.or.at
example.com.au
example.be
example.com.bh
...

Find all subdomains that have addresses:

$ ronin host --enum-subdomains subdomains.txt --has-addresses google.com
www.google.com
mail.google.com
smtp.google.com
ns1.google.com
ns2.google.com
m.google.com
ns.google.com
blog.google.com
admin.google.com
news.google.com
vpn.google.com
ns3.google.com
...

Enumerate over every possible typosquat variation of a domain:

$ ronin typosquat microsoft.com
microosoft.com
microsooft.com
microssoft.com

Find all of the registered typosquat domains for a valid domain:

$ ronin typosquat --registered microsoft.com

Find all of the typosquat domains with addresses for a valid domain:

$ ronin typosquat --has-addresses microsoft.com

Find all of the unregistered typosquat domains for a valid domain:

$ ronin typosquat --unregistered microsoft.com

De-obfuscate an email address:

$ ronin email-addr --deobfuscate "john [dot] smith [at] example [dot] com"
[email protected]

Enumerate through all of the obfuscations of an email address:

$ ronin email-addr --enum-obfuscations [email protected]
john.smith @ example.com
john.smith AT example.com
john.smith at example.com
john.smith[AT]example.com
john.smith[at]example.com
...

SSL/TLS Certs

Dump information about a SSL/TLS certificate:

$ ronin cert-dump https://example.com/

Download a SSL/TLS certificate from a host and port:

$ ronin cert-grab github.com:443

Generate a new SSL/TLS certificate:

$ ronin cert-gen -c test.com -O "Test Co" -U "Test Dept" \
                 -L "Test City" -S NY -C US

HTTP

Perform an HTTP GET request (with syntax highlighting):

$ ronin http https://example.com/

Send an HTTP request with additional headers:

$ ronin http --post --header "Authorization: ..." https://foo.bar/

Send an HTTP request with a known User-Agent string:

$ ronin http --post --user-agent chrome-android https://foo.bar/

Send an HTTP request with a custom User-Agent string:

$ ronin http --post --user-agent-string "..." https://foo.bar/

Open an interactive HTTP shell:

$ ronin http --shell https://example.com/
https://example.com/> help
  help [COMMAND]                      	Prints the list of commands or additional help
  get PATH[?QUERY] [BODY]             	Performs a GET request
  head PATH[?QUERY]                   	Performs a HEAD request
  patch PATH[?QUERY] [BODY]           	Performs a PATCH request
  post PATH[?QUERY] [BODY]            	Performs a POST request
  put PATH [BODY]                     	Performs a PUT request
  copy PATH DEST                      	Performs a COPY request
  delete PATH[?QUERY]                 	Performs a DELETE request
  lock PATH[?QUERY]                   	Performs a LOCK request
  options PATH[?QUERY]                	Performs a OPTIONS request
  mkcol PATH[?QUERY]                  	Performs a MKCOL request
  move PATH[?QUERY] DEST              	Performs a MOVE request
  propfind PATH[?QUERY]               	Performs a PROPFIND request
  proppatch PATH[?QUERY]              	Performs a PROPPATCH request
  trace PATH[?QUERY]                  	Performs a TRACE request
  unlock PATH[?QUERY]                 	Performs a UNLOCK request
  cd PATH                             	Changes the base URL path
  headers [{set | unset} NAME [VALUE]]	Manages the request headers

Print the HTTP status of every URL in a file:

$ ronin url --file urls.txt --status

Requirements

gcc / clang
make
git
libsqlite3
Ruby >= 3.0.0
open_namespace ~> 0.4
rouge ~> 3.0
async-io ~> 1.0
wordlist ~> 1.0, >= 1.0.3
ronin-support ~> 1.0, >= 1.0.3
ronin-core ~> 0.1, >= 0.1.2
ronin-repos ~> 0.1
ronin-db ~> 0.1
ronin-fuzzer ~> 0.1
ronin-web ~> 1.0
ronin-code-asm ~> 1.0
ronin-code-sql ~> 2.0
ronin-payloads ~> 0.1
ronin-exploits ~> 1.0
ronin-vulns ~> 0.1

Install

Bash Script

curl -o ronin-install.sh https://raw.githubusercontent.com/ronin-rb/scripts/main/ronin-install.sh && bash ronin-install.sh

Manually

See the manual install instructions for how to install Ronin and it's additional dependencies on your platform.

Docker

If you prefer using Docker, there are also Docker images available:

docker pull roninrb/ronin
docker run -it roninrb/ronin

Additionally, if you want to mount your home directory into the docker image:

docker run --mount type=bind,source="$HOME",target=/home/ronin -it ronin

Development

Fork It!
Clone It!
cd ronin
bundle install
git checkout -b my_feature
Code It!
bundle exec rake spec
git push origin my_feature

License

Ronin is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Ronin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with Ronin. If not, see https://www.gnu.org/licenses/.

ronin's People

Contributors

Stargazers

Watchers

Forkers

shizen-yasei djcas9 havenwood antimoon todb-r7 jtibaquira timwhite47 hacktobeer spangey alex-metasploit espreto team-firebugs firebitsbr jbhdeconinck cnlouts redteamcaliber fingerleakers ro9ueadmin jack51706 marciopocebon chaos-monkey-island takianfif 5l1v3r1 rayiik excloudx6 dongbinghua jackorp anonymuz-1 hacker-archive nelup20 stefankroes crt-fork hartl3y94 yonasbsd evpgh ryan5hanahan ch1keen erangoldman ervinismu cmhobbs pseudobobsmith iq-scm ai-mozi elliotte deltared1a sushrut1101 cioraz 0xsojalsec whisprer chriss-0x01 phoenxxxxx

ronin's Issues

Add a `strings` subcommand

Add a strings subcommand for printing all contiguous substrings in the input or FILE. Allow specifying which character set to search for (alpha, alpha-numeric, hex, etc). Use Chars::CharSet#substrings method(s) from the chars gem.

Drop dependency on dm-serializer to improve load-time

We don't really use dm-serializers in the Ronin code-base. It could be dropped in order to improve load-time.

Add :description values to all Command options

All Command options (in lib/ronin/ui/cli/commands/) need proper :descriptions association with them.

Rescue Errno::EPIPE in Ronin::UI::CLI::Command.start

Need to rescue Errno::EPIPE in Command.start, so ronin commands can be piped without printing a backtrace when STDOUT gets closed.

Add EmailAddress.import

There should be a EmailAddress.import method which extracts/parses/saves email addresses from any text-file into the Database.

Examples

EmailAddress.import('emails.txt')
# => [...]

EmailAddress.import('emails.txt') do |email|
  print_info "Imported email: #{email}"
end

`require': cannot load such file -- ronin/ui/cli

I installed ronin (master - branch ) using

$ git clone git://github.com/ronin-ruby/ronin.git
$ cd ronin/
$ bundle install
$ ./bin/ronin

when I run the ./bin/ronin get this output

/Users/jk0/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/site_ruby/1.9.1/rubygems/custom_require.rb:36:in require': cannot load such file -- ronin/ui/cli (LoadError) from /Users/jk0/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/site_ruby/1.9.1/rubygems/custom_require.rb:36:inrequire'
from ./bin/ronin:18:in `

Am I doing something wrong ?

Have ronin-help display man-pages for commands

Add man-pages for every command and change ronin-help COMMAND to display the man-page. Investigate using md2man or ronn.

no such table: ronin_overlays

I believe that there is some creation of the ronin database that is being skipped.

Steps to reproduce:
start with a clean ronin environment (an empty ~/.ronin/database.sqlite2)
cd into local ronin src dir, load the 1.9.2 ruby environment in rvm
bundle install
./bin/ronin
.rvm/gems/ruby-1.9.2-p0/gems/dm-do-adapter-1.0.2/lib/dm-do-adapter/adapter.rb:142:in execute_reader': no such table: ronin_overlays (DataObjects::SyntaxError) from .rvm/gems/ruby-1.9.2-p0/gems/dm-do-adapter-1.0.2/lib/dm-do-adapter/adapter.rb:142:inblock in read'
from .rvm/gems/ruby-1.9.2-p0/gems/dm-do-adapter-1.0.2/lib/dm-do-adapter/adapter.rb:260:in with_connection' from .rvm/gems/ruby-1.9.2-p0/gems/dm-do-adapter-1.0.2/lib/dm-do-adapter/adapter.rb:138:inread'
from .rvm/gems/ruby-1.9.2-p0/gems/dm-core-1.0.2/lib/dm-core/repository.rb:162:in read' from .rvm/gems/ruby-1.9.2-p0/gems/dm-core-1.0.2/lib/dm-core/collection.rb:1116:inlazy_load'
from .rvm/gems/ruby-1.9.2-p0/gems/dm-core-1.0.2/lib/dm-core/support/lazy_array.rb:411:in each' from .rvm/gems/ruby-1.9.2-p0/gems/dm-core-1.0.2/lib/dm-core/collection.rb:508:ineach'
from ronin/lib/ronin/overlay.rb:359:in activate!' from ronin/lib/ronin/ui/console.rb:202:inblock in start'
from ronin/lib/ronin/ui/console.rb:180:in instance_eval' from ronin/lib/ronin/ui/console.rb:180:instart'
from ronin/lib/ronin/ui/command_line/commands/console.rb:65:in execute' from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/task.rb:22:inrun'
from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/invocation.rb:118:in invoke_task' from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/invocation.rb:124:inblock in invoke_all'
from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/invocation.rb:124:in each' from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/invocation.rb:124:inmap'
from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/invocation.rb:124:in invoke_all' from /.rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/group.rb:226:indispatch'
from .rvm/gems/ruby-1.9.2-p0/gems/thor-0.14.4/lib/thor/base.rb:389:in start' from ronin/lib/ronin/ui/command_line/command_line.rb:138:instart'
from ./bin/ronin:24:in `

Gemspec error when bundle install

cd /tmp
git clone ...
bundle install ... 
ronin at /tmp/ronin did not have a valid gemspec.
This prevents bundler from installing bins or native extensions, but that may not affect its functionality.
The validation message from Rubygems was:
["man/ronin.1", "man/ronin-campaigns.1", "man/ronin-console.1", "man/ronin-creds.1", "man/ronin-database.1", "man/ronin-emails.1", "man/ronin-exec.1", "man/ronin-fuzzer.1", "man/ronin-help.1", "man/ronin-hosts.1", "man/ronin-install.1", "man/ronin-ips.1", "man/ronin-net-proxy.1", "man/ronin-repos.1", "man/ronin-uninstall.1", "man/ronin-update.1", "man/ronin-urls.1", "man/ronin-wordlist.1"] are not files`

Possible fix is changing gemspec section generated_files from man/*.1 to man/*.1.md

Install a default ~/.ronin/ directory if non-existant

If there is no ~/.ronin/ directory, install a default one:

~/.ronin/config.rb - default configuration file with various settings commented out.
~/.ronin/database.yml - default database configuration file containing commented out examples for postgres/mysql.

Allow Console commands to embed Ruby expressions

In order to breakdown the barrier between the Ruby Console and the in-line shell commands, we should allow embedding of Ruby expressions into the shell commands:

>> ip = "10.0.0.1"
>> ports = [80,135,137,443,8080,8081,9090]
...
>> !nmap -sT -P0 -v -p #{ports.join(',')} #{ip}

This could be done by using String#gsub to match /\#\{[^\}]*\}/ with a block to evaluate the expression.

raw_command = command.gsub(/\#\{[^\}]*\}/) do |match|
  eval(match[2..-2],binding)
end

`ronin help` should list other ronin-* commands from other ronin-* libraries

Override the #help method in the main ronin command class to also list other ronin-* commands provided by the other ronin-* gems.

Extract Ronin::UI::Console::Shell into ripl-shell

Extract Ronin::UI::Console::Shell (allows for !commands) into a ripl plugin library.

Add a `unhexdump` subcommand to `ronin` using `Ronin::Binary::Hexdump::Parser` in `ronin-support`.

Add a unhexdump subcommand/ Use Ronin::Binary::Hexdump::Parser from ronin-support to parse hexdumps. Support reading from STDIN or a FILE.

success install ronin but Ronin::UI:CLI.start error unable to load the command "console"

I have ruby 2.0.0p647 with i386-mingw32 on Windows XP-SP3
I installed ronin successfuly using

$gem install ronin

When i run the ronin get this output

unable to load the command "console"

I try reinstall ronin

$git clone https://github.com/ronin-ruby/ronin.git ~/ronin
$cd ronin/
$bundle install
$./bin/ronin

The installation run smooth...
Then I run the ./bin/ronin get same output

unable to load the command "console"

How to fix this?

`<module:Ronin>': uninitialized constant Ronin::Credential (NameError)

Having an issue with the specs on macosx.

ronin (master) $ rake spec --trace                                                                                                                                                                                                                   ~/Source/ruby/ronin 1 ↵ 
** Invoke spec (first_time)
** Execute spec
/Users/mephux/.rvm/rubies/ruby-1.9.2-p136/bin/ruby -S bundle exec rspec ./spec/arch_spec.rb ./spec/author_spec.rb ./spec/campaign_spec.rb ./spec/credential_spec.rb ./spec/database_spec.rb ./spec/email_address_spec.rb ./spec/host_name_spec.rb ./spec/installation_spec.rb ./spec/license_spec.rb ./spec/mac_address_spec.rb ./spec/model/has_authors_spec.rb ./spec/model/has_description_spec.rb ./spec/model/has_license_spec.rb ./spec/model/has_name_spec.rb ./spec/model/has_title_spec.rb ./spec/model/has_version_spec.rb ./spec/model/model_spec.rb ./spec/os_spec.rb ./spec/password_spec.rb ./spec/port_spec.rb ./spec/repository_spec.rb ./spec/ronin_spec.rb ./spec/script/buildable_spec.rb ./spec/script/deployable_spec.rb ./spec/script/path_spec.rb ./spec/script/script_spec.rb ./spec/script/testable_spec.rb ./spec/service_spec.rb ./spec/software_spec.rb ./spec/ui/cli/command_spec.rb ./spec/ui/output_spec.rb ./spec/url_query_param_spec.rb ./spec/url_scheme_spec.rb ./spec/url_spec.rb ./spec/vendor_spec.rb
/Users/mephux/Source/ruby/ronin/lib/ronin/service_credential.rb:27:in `<module:Ronin>': uninitialized constant Ronin::Credential (NameError)
    from /Users/mephux/Source/ruby/ronin/lib/ronin/service_credential.rb:23:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/open_port.rb:24:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/open_port.rb:24:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/ip_address.rb:24:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/ip_address.rb:24:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/host_name_ip_address.rb:22:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/host_name_ip_address.rb:22:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/host_name.rb:21:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/host_name.rb:21:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/email_address.rb:22:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/email_address.rb:22:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/user_name.rb:23:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/user_name.rb:23:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/credential.rb:21:in `require'
    from /Users/mephux/Source/ruby/ronin/lib/ronin/credential.rb:21:in `<top (required)>'
    from /Users/mephux/Source/ruby/ronin/spec/credential_spec.rb:2:in `require'
    from /Users/mephux/Source/ruby/ronin/spec/credential_spec.rb:2:in `<top (required)>'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/configuration.rb:419:in `load'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/configuration.rb:419:in `block in load_spec_files'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/configuration.rb:419:in `map'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/configuration.rb:419:in `load_spec_files'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/command_line.rb:18:in `run'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/runner.rb:80:in `run_in_process'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/runner.rb:69:in `run'
    from /Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/runner.rb:11:in `block in autorun'
rake aborted!
ruby -S bundle exec rspec ./spec/arch_spec.rb ./spec/author_spec.rb ./spec/campaign_spec.rb ./spec/credential_spec.rb ./spec/database_spec.rb ./spec/email_address_spec.rb ./spec/host_name_spec.rb ./spec/installation_spec.rb ./spec/license_spec.rb ./spec/mac_address_spec.rb ./spec/model/has_authors_spec.rb ./spec/model/has_description_spec.rb ./spec/model/has_license_spec.rb ./spec/model/has_name_spec.rb ./spec/model/has_title_spec.rb ./spec/model/has_version_spec.rb ./spec/model/model_spec.rb ./spec/os_spec.rb ./spec/password_spec.rb ./spec/port_spec.rb ./spec/repository_spec.rb ./spec/ronin_spec.rb ./spec/script/buildable_spec.rb ./spec/script/deployable_spec.rb ./spec/script/path_spec.rb ./spec/script/script_spec.rb ./spec/script/testable_spec.rb ./spec/service_spec.rb ./spec/software_spec.rb ./spec/ui/cli/command_spec.rb ./spec/ui/output_spec.rb ./spec/url_query_param_spec.rb ./spec/url_scheme_spec.rb ./spec/url_spec.rb ./spec/vendor_spec.rb failed
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/rake_task.rb:139:in `rescue in block (2 levels) in initialize'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/rake_task.rb:135:in `block (2 levels) in initialize'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/file_utils_ext.rb:57:in `verbose'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rspec-core-2.6.4/lib/rspec/core/rake_task.rb:131:in `block in initialize'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:205:in `call'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:205:in `block in execute'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:200:in `each'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:200:in `execute'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:158:in `block in invoke_with_call_chain'
/Users/mephux/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/monitor.rb:201:in `mon_synchronize'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:151:in `invoke_with_call_chain'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/task.rb:144:in `invoke'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:112:in `invoke_task'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:90:in `block (2 levels) in top_level'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:90:in `each'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:90:in `block in top_level'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:129:in `standard_exception_handling'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:84:in `top_level'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:62:in `block in run'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:129:in `standard_exception_handling'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/lib/rake/application.rb:59:in `run'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/gems/rake-0.9.2/bin/rake:32:in `<top (required)>'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/bin/rake:19:in `load'
/Users/mephux/.rvm/gems/ruby-1.9.2-p136/bin/rake:19:in `<main>'
Tasks: TOP => spec

Remove Model::InstanceMethods#humanize_attributes

Model::InstanceMethods#humanize_attributes appears to only be used in the ronin encoders, ronin exploits and ronin payloads commands in ronin-exploits.

Remove `bin/ronin-*` commands in favor of a single `ronin` command with subcommands

Reserve ronin-* commands for other ronin-* libraries that define their own subcommands.

Move Script::Buildable, Script::Deployable, Script::Testable to ronin-exploits

Script::Buildable, Script::Deployable, Script::Testable are only used in [ronin-exploits].

Remove Script::InstanceMethods#run method and the ronin-script command

It doesn't make sense to have a generic run method or command. ronin-exploit, ronin-payload, ronin-scanner are better commands.

Add `encode` and `decode` subcommands

Allow encoding/decoding Strings/Files using ronin-support String#encode_* and String#decode_* methods.

ronin net:proxy CLI fails.

Error notes;
[!] NoMethodError: undefined method `on_client_connect' for #Ronin::Network::UDP::Proxy:0x007fb3b1a51498

This makes sense, since UDP lacks the concept of a connection. Seems the CLI command doesn't distinguish between TCP/UDP sufficiently.

Invoking the UDP proxy via it's example from https://github.com/ronin-ruby/ronin-support/blob/5f5d27595c1f2f59e94e2feff402a78cd9a579c2/lib/ronin/network/udp/proxy.rb works as intended.

I'll try to take a look and submit a pull as I'm able, wanted to log this as an issue in the meantime so as not to forget.

Thanks!

Add HostName.import

There should be a HostName.import method, which extracts/parses/saves HostNames from any text-file to the Database.

Examples

HostName.import('hosts.txt')
# => [....]

HostName.import('hosts.txt') do |host|
  print_info "Imported host: #{host}"
end

Add a `hexdump` subcommand

Use the brand new hexdump 1.0.0 gem.
Support hex, decimal, octal, and binary bases.
Support hexdumping C types (ex: int32).
Support ANSI highlighting.
Support grouping columns together.
Support zero-padding.

Split !commands from .commands

The short-hand syntax for running shell commands (!netstat) should be separated from running built-in console commands (.edit). These should be split into the Shell and Commands modules, and included into the Ripl Shell.

Add extract methods to URL, IPAddress, HostName and EmailAddress

There should be extract methods (which could be used by the import methods) for URL, IPAddress, HostName and EmailAddress. These extract methods would parse a String, and extract URLs, IPs, HostNames, EmailAddresses.

Add migrations to pre-populate Arch, OS, License, URLScheme

We should pre-populate Arch, OS, License and URLScheme models.

Use YAML::Store to better manage ~/.ronin/database.yml

Use the built-in YAML::Store library to better manage modifying ~/.ronin/database.yml.

Add URL.import

There should be a URL.import method, which extracts/parses/saves URLs from any text-file into the Database.

Examples

URL.import('urls.txt')
# => [...]

URL.import('urls.txt') do |url|
  print_info "Imported URL: #{url}"
end

Why you no ronin-crypto ?

It's more like a feature request than an issue. I think it is nice to have a wrapper to openssl. Not sure if you have given a thought about it.

For example:

require 'openssl'
aes = OpenSSL::Cipher.new("AES-256-CFB")
aes.encrypt
aes.key = key
aes.iv = iv
encrypted_data = aes.update(payload) + aes.final

IMO, That is quite "wordy".
We can do something like

require 'ronin/crypto'
aes = AES.new(AES::CFB, key, iv) # auto detect key-size
encrypted_data = aes.update('data') + aes.final()

or some syntax similar to http://crypt.rubyforge.org/rijndael.html

Would also be nice to have some method for cryptographic computation such as power modulo: pow(2,x,N) == 2**x % N, or discrete log algorithm.

I can help with the implementation as long as you think it fits here and provide some stub on how you want it to be

Have --help option open the man page for the command

Have the --help option open the man page for the command. If there is no man page, fall back to standard OptionParser help output.

Add a smart `grep` subcommand

Add a "smart" grep subcommand that can grep out known patterns from input or files (ex: URLs, IPs, domains, host names, phone numbers, etc).

Use Ronin::Text::Patterns to extract the common patterns.

Organize migrations by Model

Organize migrations by Model so they can be required from the Model file. This will allow users to require specific models and call Database.setup.

Add --import options to model commands.

A lot of people have flat-files of IP Addresses, HostNames, EmailAddresses, URLs laying around. Ronin should have --import options which can import these resources, and associate them with a campaign or add tags.

DataMapper Stack-Level too deep bug with EmailAddress

After importing the first EmailAddress using ronin-emails --import=emails.txt (containing only [email protected]), the email address cannot be queried.

>> UserName.first
 ~ (0.000128) SELECT "id", "name", "created_at" FROM "ronin_user_names" ORDER BY "id" LIMIT 1
=> #<Ronin::UserName:alice>
>> HostName.first
 ~ (0.000147) SELECT "id", "type", "address", "created_at" FROM "ronin_addresses" WHERE "type" IN ('Ronin::HostName') ORDER BY "id" LIMIT 1
=> #<Ronin::HostName: example.com>
>> EmailAddress.first
 ~ (0.000155) SELECT "id", "created_at" FROM "ronin_email_addresses" ORDER BY "id" LIMIT 1
 ~ (0.000129) SELECT "id", "user_name_id" FROM "ronin_email_addresses" WHERE "id" = 1 ORDER BY "id"
/home/hal/.rvm/gems/ruby-1.9.2-p180/gems/dm-core-1.1.0/lib/dm-core/support/subject_set.rb:212: stack level too deep (SystemStackError)

$ sqlite3 ~/.ronin/database.sqlite3 
SQLite version 3.6.23.1
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> select * from ronin_email_addresses;
1|1|1|2011-04-25T16:40:48-07:00
sqlite> .schema ronin_email_addresses
CREATE TABLE "ronin_email_addresses" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "user_name_id" INTEGER, "host_name_id" INTEGER, "created_at" TIMESTAMP);
CREATE UNIQUE INDEX "unique_index_ronin_email_addresses" ON "ronin_email_addresses" ("user_name_id", "host_name_id");

Allow UI::Console to start a sub-console within the scope of an Object

Users should be able to spawn a sub-console within an Exploit.

Remove the env dependency

env was a library I wrote to provide convenience methods for accessing common environment variables. Ronin uses Env in only two or three places (git grep Env), so I think we can inline the logic into Ronin::Config and remove the dependency.

Add UI::CLI::Command.examples

The --help output of commands should list example usages of the commands.

Inventory notification

https://inventory.rawsec.ml/tools.html#Ronin

Your tool/software has been inventoried on Rawsec's CyberSecurity Inventory.

What is Rawsec's CyberSecurity Inventory?

An inventory of tools and resources about CyberSecurity. This inventory aims to help people to find everything related to CyberSecurity.

More details about features here.

Note: the inventory is a FLOSS (Free, Libre and Open-Source Software) project.

Why should you care about being inventoried?

Mainly because this is giving visibility to your tool and improve its referencing.

Badges

The badge shows to your community that your are inventoried. It looks good but also shows you care about your project, that your tool is referenced.

Feel free to claim your badge here: http://inventory.rawsec.ml/features.html#badges, it looks like that , but there are several styles available.

Want to thank us?

If you want to thank us, you can help make our open project better known by tweeting about it! For example:

So what?

That's all, this message is just to notify you if you care. Else you can close this issue.

Ronin::Script::Path failed cached files should not save new cached files that contain validation errors

 Failure/Error: validation_error.should_not be_saved
   expected saved? to return false, got true
 # ./spec/script/path_spec.rb:98:in `block (3 levels) in <top (required)>'

`ronin` with no arguments should print help

No longer drop users into a Ruby console by default, just print help and list sub-commands.

Add examples for non-trivial command usages

Add examples to Commands for non-trivial usages.

Example

examples [
  "ronin foo --bar=1 | less"
]

Renamed Ronin::Script back to Ronin::Model::Cacheable

"Script" is such an ambiguous term, rename the module to Ronin::Model::Cacheable.

More ModelCommands needed.

Ronin needs more model commands to query and display resources in the Database. These commands should inherit from the ModelCommand class. Ronin currently has the ronin-ip and ronin-url commands, which are good examples.

Some models which could use commands:

Author
CachedFile (or maybe add options to the overlay command).
MACAddress
HostName
EmailAddress
Campaign
Credential
RemoteFile

Add rubocop

Add rubocop to the repository.

Add the rubocop gem to the Gemfile.
Start with the template rubocop.yml file which closely matches Ronin's general code style.
Add the rubocop task and add it to the CI.

Examples

IPAddress.import('scan.txt')
# => [....]

IPAddress.import('scan.csv') do |ip|
  print_info "Imported IP: #{ip}"
end

ronin database NoMethodError

$ ronin database -h
[!] NoMethodError: undefined method `delete?' for #<Ronin::UI::CLI::Commands::Database:0x876953c>

Ronin::Address relationships do not propagate into HostName

The belongs_to :organization relationship in Ronin::Address does not propagate into Ronin::HostName.

>> host = HostName.first
=> #<Ronin::HostName: example.com>
>> host.organization
ArgumentError: +options[:field]+ entry :address does not map to a property in Ronin::HostName [/home/hal/.rvm/gems/ruby-1.8.7-p334/gems/dm-core-1.1.0/lib/dm-core/query.rb:805:in `assert_valid_fields_without_operator']

>> addr = Address.first(:address => 'example.com')
=> #<Ronin::HostName: example.com>
>> addr.organization
=> nil

This may be another DataMapper STI bug, or related to issue #4.

ronin-rb / ronin Goto Github PK

ronin's Introduction

ronin

Description

Who is Ronin for?

What does Ronin provide?

What can you do with Ronin?

Synopsis

Binary

Encoding

Text

Cryptography

Networking

DNS

SSL/TLS Certs

HTTP

See Also

Requirements

Install

Bash Script

Manually

Docker

Development

License

ronin's People

Contributors

Stargazers

Watchers

Forkers

ronin's Issues

Examples

Examples

Examples

What is Rawsec's CyberSecurity Inventory?

Why should you care about being inventoried?

Badges

Want to thank us?

So what?

Example

Examples

Recommend Projects

Recommend Topics

Recommend Org