ronin-rb / ronin-exploits Goto Github PK
View Code? Open in Web Editor NEWA Ruby micro-framework for writing and running exploits
Home Page: https://ronin-rb.dev
License: GNU Lesser General Public License v3.0
A Ruby micro-framework for writing and running exploits
Home Page: https://ronin-rb.dev
License: GNU Lesser General Public License v3.0
Over the years people seem to be confused that ronin-exploits does not contain any actual working exploits, just the library code that allows you to write and run exploits. Should we rename the repository to ronin-exploit
or ronin-exploitation
to avoid this confusion?
Extract the data/ronin/payloads/php/rpc.php
and data/ronin/payloads/php/rpc.js
files out into their own repository.
Ronin::Exploits::Helpers::FormatString should be checked against the libformatstr library.
Extract lib/ronin/payloads
out into it's own repository.
Add rubocop to the repository.
rubocop.yml
file which closely matches Ronin's general code style.rubocop
task and add it to the CI.In the bin/ronin-*
files, check for the existence of Gemfile.lock
and then require 'bundler/setup'
.
This will help with making dynamic Shellcode payloads.
Add a Ronin::Exploits::CLI
main command class that will auto-load the other sub-commands. See ronin-repos as an example.
Delete the lib/ronin/payloads
directory and all related files in favor of the new ronin-payloads gem.
Add ronin-repos
as a dependency to the gemspec.yml
.
Ronin::Database::Migrations
need to be defined for the Exploit and Payload classes.
bundle install
bin/ronin-exploit
.../.rvm/gems/ruby-1.9.3-p392/gems/parameters-0.4.4/lib/parameters/options.rb:171:in `define': [PAYLOAD]: incompatible argument styles (ArgumentError)
OptionParser::Switch::RequiredArgument, OptionParser::Switch::PlacedArgument
from .../.rvm/gems/ruby-1.9.3-p392/bundler/gems/ronin-9114bdf2fdef/lib/ronin/ui/cli/command.rb:641:in `block (2 levels) in option_parser'
Once we remove all DataMapper or Database code, the yard-dm dependency will no longer be needed.
Replace all database model properties that store the Exploit's metadata with class methods for declaring the metadata.
ronin/exploits/advisory
ronin/exploits/target
ronin/exploits/exploiit
ronin/exploits/mixins/has_targets
ronin/exploits/mixins/has_payload
ronin/exploits/memory_corruption
ronin/exploits/stack_overflow
ronin/exploits/heap_overflow
ronin/exploits/web
ronin/exploits/lfi
ronin/exploits/rfi
ronin/exploits/sqli
class Exploit
def self.foo(value=nil)
if value
@foo = value
else
@foo
end
end
# ...
end
class ExampleExploit < Exploit
foo "Some value"
# ...
end
Remove the ronin
dependency from the gemspec.yml
.
ronin-exploit
from the repository throws an require error track back to this line of code:
``require': cannot load such file -- ronin/database/migrations/license (LoadError)`
I can't find where this license
file in either ronin
or ronin-exploit
Exploits currently use Ronin::Script::Testable and Ronin::Exploits::Tests, which provides methods for testing data and raising exceptions. @mephux mentioned a need for more specific test/validation methods (ex: validates_is_running /WuFTP/
).
Reduce the amount of meta-programming and define Ronin::Exploits::Exploit
classes as plain Ruby classes.
Ronin::Script
and Ronin::Behaviors
.helper
method in favor of just including Mixin modules.reigster
class method that registers the exploit class with Ronin::Exploits
/Ronin::Core::ModuleRegistry
.Ronin::Exploits::Exploit
Ronin::Exploits::Web
Ronin::Exploits::MemoryCorruption
Ronin::Exploits::StackOverflow
Ronin::Exploits::HeapOverflow
Ronin::Exploits::LFI
Ronin::Exploits::RFI
Ronin::Exploits::SQLI
Remove the lib/ronin/post_exploitation*
directory and files in favor of the new ronin-post_exploitation gem.
Exploit classes should register themselves with Ronin::Exploits
.
Replace targeting_arch
, target_os
, targeting_product
with custom arch=
, os=
, product=
methods.
Error when trying to run ronin-exploit (clone from git and bundle install)
bin/ronin-exploit:18:in require': /tmp/ronin-exploits/lib/ronin/ui/cli/commands/exploit.rb:66: syntax error, unexpected tLABEL (SyntaxError) Payloads:Exception: e ^ from bin/ronin-exploit:18:in
Add ronin-c2 to gemspec.yml
as a dependency. The Ronin::Exploits
classes may include Ronin::C2
functionality (ex: LFI exploit may provide the file-read capability).
Refactor the Ronin::Exploits::CLI::Commands
classes to use the Ronin::Core::CLI::Command class.
ronin/exploits/cli/commands/list
ronin/exploits/cli/commands/run
Extract the data/ronin/payloads/ruby/rpc.rb
file out into it's own repository.
Due to issues with how TruffleRuby implements keyword argument splatting, command_kit fails to pass specs on TruffleRuby. Will have to hold off on TruffleRuby support until TruffleRuby fixed keyword argument splatting or adds support for Ruby 3.0.
Ronin now requires Ruby >= 3.0. Re-enable JRuby in the CI matrix once JRuby achieves 3.0 support.
Since we will not be storing exploits in the database, remove the ronin/vuln.rb
model.
Add ronin-payloads
to gemspec.yml
as a dependency.
Need to finish the Ronin::Exploits::SQLi
class, which uses Ronin::Code::SQL to generate SQL injections.
Remove the yard*
dependencies from the gemspec.yml
and move the yard
gem into the Gemfile
.
Since we will not be storing exploits in the database, remove the ronin/advisory.rb
model.
Add a db_each_table
/ db_each_column
methods to Ronin::Exploits::SQLi which can enumerate the tables/columns in the database.
Switch from options={}
to keyword arguments.
lib/ronin/exploits/exploit.rb: def use_target!(options={})
lib/ronin/exploits/exploit.rb: def build_payload!(options={})
lib/ronin/exploits/exploit.rb: def build!(options={},&block)
lib/ronin/exploits/exploit.rb: def exploit!(options={},&block)
lib/ronin/exploits/web.rb: def self.test(uri,options={})
lib/ronin/exploits/web.rb: def http_request(options={},&block)
Extract the lib/ronin/post_exploitation/
code into it's own repository and gem, which ronin-exploits can then dep in.
Now that Ronin::Exploits::Exploit
will be a Plain-Old-Ruby-Object (PORO), we can remove the following database files:
lib/ronin/database/migrations/advisory.rb
lib/ronin/database/migrations/exploits/
lib/ronin/database/migrations/exploits.rb
lib/ronin/database/migrations/vuln.rb
Ronin::Payloads::Shellcode
needs helper methods for using Ronin::Code::ASM::Program
.
Add a new
sub-command for generating a boilerplate exploit or payload file. Add options to support generating different types of exploits or payloads. Try to reuse the .erb
templates in data/ronin/gen/exploits/
.
There should be commands for testing URLs for Web Exploits and saving them into the Database.
Remove payload files in favor of the new ronin-payloads dependency.
bin/ronin-encoder*
bin/ronin-payload*
examples/bin_sh_amd64.rb
examples/bin_sh.rb
examples/local_shell.rb
lib/ronin/database/migrations/encoders.rb
lib/ronin/database/migrations/encoders/
lib/ronin/database/migrations/payloads/
lib/ronin/database/migrations/payloads.rb
lib/ronin/encoders/
lib/ronin/encoders.rb
lib/ronin/payloads/
lib/ronin/payloads.rb
lib/ronin/gen/generators/payloads/
data/ronin/gen/payloads/
lib/ronin/ui/cli/commands/*encoder*
lib/ronin/ui/cli/commands/*payload*
spec/payloads/
spec/encoders/
spec/helpers/encoders.rb
spec/helpers/payloads.rb
spec/helpers/scripts/payloads/
spec/gen/generators/payloads/
The ronin-exploits
command should be able to search Ronin::Repos
for all exploit files (aka files within the exploits/
directory). Additionally, ronin-exploit
should be able to search for and load an exploit file/class from Ronin::Repos
.
Extract data/ronin/payloads/node.js/rpc.js
out into it's own repository.
Drop the ronin-gen
dependency.
We need a Web Exploit (similar to LFI) for scanning and crafting XSS.
Add a Ronin::Exploits::CLI::Commands::New
sub-command which generates boilerplate exploit modules. Reuse the .erb
templates in data/ronin/gen/exploits/
. Add options based on the parameter
s in the lib/ronin/gen/generators/exploits/...
classes.
Exploit classes need full Examples added to their top-level documentation. These Examples must be short, functional and copy-pastable.
ronin/exploits/stack_overflow
ronin/exploits/seh_overflow
ronin/exploits/lfi
ronin/exploits/rfi
ronin/exploits/sqli
Once we have a Ronin::Exploits::CLI::Commands::Gen
sub-command, we can delete the lib/ronin/gen/
directory.
When debugging output is enabled it will allow the user to see what data is being sent and received by the Network methods.
Ronin::Exploits::Mixins::RemoteTCP
Ronin::Exploits::Mixins::RemoteUDP
Ronin::Exploits::Mixins::HTTP
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.