= Ronin Exploits
* http://ronin.rubyforge.org/exploits/
* http://github.com/postmodern/ronin-exploits
* irc.freenode.net ##ronin
* Postmodern (postmodern.mod3 at gmail.com)
== DESCRIPTION:
Ronin Exploits is a Ruby library for Ronin that provides exploitation and
payload crafting functionality.
Ronin is a Ruby platform designed for information security and data
exploration tasks. Ronin allows for the rapid development and distribution
of code over many of the common Source-Code-Management (SCM) systems.
=== Free
All source code within Ronin is licensed under the GPL-2, therefore no user
will ever have to pay for Ronin or updates to Ronin. Not only is the
source code free, the Ronin project will not sell enterprise grade security
snake-oil solutions, give private training classes or later turn Ronin into
commercial software.
=== Modular
Ronin was not designed as one monolithic framework but instead as a
collection of libraries which can be individually installed. This allows
users to pick and choose what functionality they want in Ronin.
=== Decentralized
Ronin does not have a central repository of exploits and payloads which
all developers contribute to. Instead Ronin has Overlays, repositories of
code that can be hosted on any CVS/SVN/Git/Rsync server. Users can then use
Ronin to quickly install or update Overlays. This allows developers and
users to form their own communities, independent of the main developers
of Ronin.
== FEATURES:
* Ability to define payloads based on:
* Contributing authors.
* Behaviors they control.
* Helpers they use.
* Ability to define payload encoders:
* Architectures they target.
* OSes they target.
* Ability to define exploits based on:
* Wether they are local or remote.
* Protocol they use.
* Contributing authors.
* Disclosure status.
* Level of weaponization.
* Behaviors the vulnerability allows.
* Architectures they target.
* OSes they target.
* Products they target.
* Helpers they use.
== REQUIREMENTS:
* ronin[http://ronin.rubyforge.org/] >= 0.2.3
== INSTALL:
$ sudo gem install ronin-exploits
== EXAMPLES:
* Define a shellcode payload:
ronin_shellcode do
cache do
self.name = 'test'
self.version = '0.5'
self.arch :i686
self.os :name => 'Linux'
end
parameter :exit_status,
:default => 0,
:description => 'Exit status of shellcode'
def build
@payload = "\x66\x31\xc0\xfe\xc0"
unless @exit_status == 0
@payload << "\xb3#@exit_status@exit_status.chr\xcd\x80"
else
@payload << "\x66\x31\xdb\xcd\x80"
end
end
end
* Define a payload encoder:
ronin_payload_encoder do
cache do
self.name = 'base64_encode'
self.description = %base64 payload encoder
self.arch :i686
self.os :name => 'Linux'
end
def call(data)
return data.to_s.base64_encode
end
end
* Define a remote TCP exploit:
ronin_remote_tcp_exploit do
helper :buffer_overflow
cache do
self.name = 'test'
targeting do |target|
target.arch :i686
target.os :name => 'Linux'
target.product :name => 'ExampleWare', :version => '2.4.7b'
end
end
def build
@buffer = "USER #build_buffer\n"
end
def deploy
tcp_send @buffer
end
end
== LICENSE:
Ronin Exploits - A Ruby library for Ronin that provides exploitation and
payload crafting functionality.
Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
* http://ronin.rubyforge.org/exploits/
* http://github.com/postmodern/ronin-exploits
* irc.freenode.net ##ronin
* Postmodern (postmodern.mod3 at gmail.com)
== DESCRIPTION:
Ronin Exploits is a Ruby library for Ronin that provides exploitation and
payload crafting functionality.
Ronin is a Ruby platform designed for information security and data
exploration tasks. Ronin allows for the rapid development and distribution
of code over many of the common Source-Code-Management (SCM) systems.
=== Free
All source code within Ronin is licensed under the GPL-2, therefore no user
will ever have to pay for Ronin or updates to Ronin. Not only is the
source code free, the Ronin project will not sell enterprise grade security
snake-oil solutions, give private training classes or later turn Ronin into
commercial software.
=== Modular
Ronin was not designed as one monolithic framework but instead as a
collection of libraries which can be individually installed. This allows
users to pick and choose what functionality they want in Ronin.
=== Decentralized
Ronin does not have a central repository of exploits and payloads which
all developers contribute to. Instead Ronin has Overlays, repositories of
code that can be hosted on any CVS/SVN/Git/Rsync server. Users can then use
Ronin to quickly install or update Overlays. This allows developers and
users to form their own communities, independent of the main developers
of Ronin.
== FEATURES:
* Ability to define payloads based on:
* Contributing authors.
* Behaviors they control.
* Helpers they use.
* Ability to define payload encoders:
* Architectures they target.
* OSes they target.
* Ability to define exploits based on:
* Wether they are local or remote.
* Protocol they use.
* Contributing authors.
* Disclosure status.
* Level of weaponization.
* Behaviors the vulnerability allows.
* Architectures they target.
* OSes they target.
* Products they target.
* Helpers they use.
== REQUIREMENTS:
* ronin[http://ronin.rubyforge.org/] >= 0.2.3
== INSTALL:
$ sudo gem install ronin-exploits
== EXAMPLES:
* Define a shellcode payload:
ronin_shellcode do
cache do
self.name = 'test'
self.version = '0.5'
self.arch :i686
self.os :name => 'Linux'
end
parameter :exit_status,
:default => 0,
:description => 'Exit status of shellcode'
def build
@payload = "\x66\x31\xc0\xfe\xc0"
unless @exit_status == 0
@payload << "\xb3#@exit_status@exit_status.chr\xcd\x80"
else
@payload << "\x66\x31\xdb\xcd\x80"
end
end
end
* Define a payload encoder:
ronin_payload_encoder do
cache do
self.name = 'base64_encode'
self.description = %base64 payload encoder
self.arch :i686
self.os :name => 'Linux'
end
def call(data)
return data.to_s.base64_encode
end
end
* Define a remote TCP exploit:
ronin_remote_tcp_exploit do
helper :buffer_overflow
cache do
self.name = 'test'
targeting do |target|
target.arch :i686
target.os :name => 'Linux'
target.product :name => 'ExampleWare', :version => '2.4.7b'
end
end
def build
@buffer = "USER #build_buffer\n"
end
def deploy
tcp_send @buffer
end
end
== LICENSE:
Ronin Exploits - A Ruby library for Ronin that provides exploitation and
payload crafting functionality.
Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA