ChangeLog.md

1.1.0 / 2024-07-22

• Added {Ronin::Exploits::CommandInjection}.
• Allow :untested as a value for {Ronin::Exploits::Exploit.quality}.
• Renamed the raw_user_agent param to user_agent_string in {Ronin::Exploits::Mixins::HTTP}.

CLI

• Added the -T,--test option to ronin-exploits run which will only run the exploits {Ronin::Exploits::Exploit#test test} method to determine if the target is vulnerable or not.
• Added the ronin-exploits completion command to install shell completion files for all ronin-exploits commands for Bash and Zsh shells.
• The ronin-exploits show command can now print an example ronin-exploits run command for the given exploit.
• Use hyphenated values for ronin-exploits new options.

1.0.6 / 2024-06-28

CLI

• Fixed the usage for ronin-exploits new --software-version.
• Fixed a bug in ronin-exploits run that would crash the command when the payload failed to create a post-exploitation session.

1.0.5 / 2024-06-19

CLI

• Correctly assign the -d short flag to --debug and the -D short flag to --dry-run for the ronin-exploits run command.
• Multiple bug fixes to the ronin-exploits new command:
  • Create the parent directory of the new exploit file, if it already doesn't exist, when running ronin-exploits new path/to/new_exploit.rb.
  • Fixed a bug where ronin-exploits new -t open_redirect was not being accepted as a valid exploit type.
  • Fixed a bug in ronin-explotis new where -t xss and -t ssti were not adding placeholder base_path and query_param metadata attributes to the newly generated exploit file.
  • Fixed a typo in the example escape_expr metadata attribute added by ronin-exploits new -t ssti.
  • Fixed a spelling mistake in the new exploit template used by the ronin-exploits new command.

1.0.4 / 2023-12-23

• Documentation fixes.

CLI

• Fixed a bug in ronin-exploits run when the exploit does not accept a payload and no payload is given.

1.0.3 / 2023-09-19

CLI

• All newly generated exploit files using ronin-exploit new should have a summary and a description.
• Fixed a bug where the ronin-exploits new options --author, --author-email, or --summary were not properly escaping given values.

1.0.2 / 2023-06-12

• Corrected the class_dir for {Ronin::Exploits}; even though ronin-exploits will never contain any built-in exploits.
• Avoid using case/in syntax for TruffleRuby.
• Documentation fixes and improvements.

CLI

• Fixed a typo in ronin-exploits new man-page.
• Fixed a bug in the ronin-exploits show command where a target's version was not being printed.
• Fixed a bug where ronin-exploits new --payload-type command wasn't being accepted as a valid payload type.

1.0.1 / 2023-03-01

• Require ronin-support ~> 1.0, >= 1.0.1.
• Require ronin-payloads ~> 0.1, >= 0.1.1.
• Require ronin-vulns ~> 0.1, >= 0.1.1.

CLI

• Fixed multiple bugs in the --encoder-param option of the ronin-exploits run command.

1.0.0 / 2023-02-01

• Upgraded to the LGPL-3 license.
• Require ruby >= 3.0.0.
• Added ronin-support ~> 1.0 as a dependency.
• Added ronin-post_ex ~> 0.1 as a dependency.
• Added ronin-payloads ~> 0.1 as a dependency.
• Added ronin-vulns ~> 0.1 as a dependency.
• Added ronin-core ~> 0.1 as a dependency.
• Added ronin-repos ~> 0.1 as a dependency.
• Added {Ronin::Exploits::Advisory}.
• Added {Ronin::Exploits::Loot}.
• Added {Ronin::Exploits::Loot::File}.
• Added {Ronin::Exploits::TestResult}.
• Added {Ronin::Exploits::Exploit.exploit}.
• Added {Ronin::Exploits::Exploit#perform_test}.
• Added {Ronin::Exploits::Exploit#perform_build}.
• Added {Ronin::Exploits::Exploit#perform_launch}.
• Added {Ronin::Exploits::Exploit#perform_cleanup}.
• Added {Ronin::Exploits::Exploit#exploit}.
• Added {Ronin::Exploits::Exploit#validate}.
• Added {Ronin::Exploits::Exploit#Vulnerable}.
• Added {Ronin::Exploits::Exploit#NotVulnerable}.
• Added {Ronin::Exploits::Exploit#Unknown}.
• Added {Ronin::Exploits::Exploit#test}.
• Added {Ronin::Exploits::Exploit#build}.
• Added {Ronin::Exploits::Exploit#launch}.
• Added {Ronin::Exploits::Exploit#cleanup}.
• Added {Ronin::Exploits::MemoryCorruption}.
• Added {Ronin::Exploits::StackOverflow}.
• Added {Ronin::Exploits::SEHOverflow}.
• Added {Ronin::Exploits::HeapOverflow}.
• Added {Ronin::Exploits::UseAfterFree}.
• Added {Ronin::Exploits::WebVuln}.
• Added {Ronin::Exploits::OpenRedirect}.
• Added {Ronin::Exploits::LFI}.
• Added {Ronin::Exploits::RFI}.
• Added {Ronin::Exploits::SQLI}.
• Added {Ronin::Exploits::SSTI}.
• Added {Ronin::Exploits::XSS}.
• Added {Ronin::Exploits::ClientSideWebVuln}.
• Added {Ronin::Exploits::Mixins::Binary}.
• Added {Ronin::Exploits::Mixins::FileBuilder}.
• Added {Ronin::Exploits::Mixins::FormatString}.
• Added {Ronin::Exploits::Mixins::HasTargets}.
• Added {Ronin::Exploits::Mixins::HasTargets}.
• Added {Ronin::Exploits::Mixins::HasPayload}.
• Added {Ronin::Exploits::Mixins::HTTP}.
• Added {Ronin::Exploits::Mixins::Loot}.
• Added {Ronin::Exploits::Mixins::NOPS}.
• Added {Ronin::Exploits::Mixins::RemoteTCP}.
• Added {Ronin::Exploits::Mixins::RemoteUDP}.
• Added {Ronin::Exploits::Mixins::SEH}.
• Added {Ronin::Exploits::Mixins::StackOverflow}.
• Added {Ronin::Exploits::Mixins::Text}.
• Added {Ronin::Exploits::Params::BaseURL}.
• Added {Ronin::Exploits::Params::BindHost}.
• Added {Ronin::Exploits::Params::BindPort}.
• Added {Ronin::Exploits::Params::Filename}.
• Added {Ronin::Exploits::Params::Host}.
• Added {Ronin::Exploits::Params::Port}.
• Renamed ronin/exploits/helpers to ronin/exploits/mixins.
• Extracted Ronin::Payloads into ronin-payloads.
• Extracted agent payloads into separate ronin-agent- repos.
  • ronin-agent-php
  • ronin-agent-ruby
  • ronin-agent-nodejs
• Refactored the ronin-exploit command into the ronin-exploits run command.
• Refactored {Ronin::Exploits::Exploit} as a Plain Old Ruby Class that defines method data, params, and the build, launch, and cleanup methods.
• Refactored Ronin::UI into {Ronin::Exploits::CLI}.
• Removed the open_namespace dependency.
• Removed the data_paths dependency.
• Removed the ronin-gen dependency.
• Removed the ronin dependency; ronin now requires ronin-exploits and all other ronin- gems.
• Removed Ronin::Exploits::Controls.
• Removed Ronin::Exploits::Generators in favor of the ronin-exploits new command.
• Removed Ronin::Exploits::UnknownHelper.
• Removed Ronin::Exploits::Helpers::Padding in favor of calling String#pad.
• Removed Ronin::Exploits::Exploit#helpers in favor of included_modules.
• Removed Ronin::Exploits::Exploit#helper in favor of including {Ronin::Exploits::Mixins} modules.
• Removed Ronin::Exploits::Local.
• Removed Ronin::Exploits::Remote.
• Removed Ronin::Exploits::RemoteTCP in favor of including {Ronin::Exploits::Mixins::RemoteTCP}.
• Removed Ronin::Exploits::RemoteUDP in favor of including {Ronin::Exploits::Mixins::RemoteUDP}.
• Removed Ronin::Exploits::HTTP in favor of including {Ronin::Exploits::Mixins::HTTP}.
• Removed Ronin::Exploits::FTP.
• Removed all database models and code in favor of Plain Old Ruby Classes.

0.3.1 / 2009-10-01

• Removed duplicate default_port properties from Ronin::Exploits::FTP and Ronin::Exploits::HTTP, which were causing dm-core 0.10.1 to crash.

0.3.0 / 2009-09-24

• Require ronin >= 0.3.0.
• Require ronin-gen >= 0.2.0.
• Require rspec >= 1.2.8.
• Require yard >= 0.2.3.5.
• Added Ronin::Vuln::Behavior.drop_privileges.
• Added Ronin::Vuln::Behavior.exit_program.
• Added Ronin::Vuln::Behavior.crash_program.
• Added Ronin::Controls.
• Added Ronin::Controls::Behaviors.
• Added Ronin::Controls::Helpers.
• Added Ronin::Controls::Helpers::CommandExec.
• Added Ronin::Controls::Helpers::DirCreate.
• Added Ronin::Controls::Helpers::DirListing.
• Added Ronin::Controls::Helpers::DirRemove.
• Added Ronin::Controls::Helpers::FileCtime.
• Added Ronin::Controls::Helpers::FileMtime.
• Added Ronin::Controls::Helpers::FileOwnership.
• Added Ronin::Controls::Helpers::FileRead.
• Added Ronin::Controls::Helpers::FileRemove.
• Added Ronin::Controls::Helpers::FileWrite.
• Added Ronin::Controls::Helpers::MemoryRead.
• Added Ronin::Controls::Helpers::MemoryWrite.
• Added Ronin::Model::TargetsProduct.
• Added Ronin::Exploits::Exploit#target=.
• Added Ronin::Exploits::Exploit#payload=.
• Added Ronin::Exploits::Exploit#raw_payload=.
• Added Ronin::Exploits::Exploit#build_payload!.
• Added Ronin::Payloads::HasPayload.
• Added Ronin::Payloads::Helpers::Chained
• Added Ronin::Generators::Exploits.
• Added Ronin::Generators::Exploits::Exploit.
• Added Ronin::Generators::Exploits::Local.
• Added Ronin::Generators::Exploits::Remote.
• Added Ronin::Generators::Exploits::RemoteTCP.
• Added Ronin::Generators::Exploits::RemoteUDP.
• Added Ronin::Generators::Exploits::FTP.
• Added Ronin::Generators::Exploits::HTTP.
• Added Ronin::Generators::Exploits::Web.
• Added Ronin::Generators::Payloads.
• Added Ronin::Generators::Payloads::Payload.
• Added Ronin::Generators::Payloads::BinaryPayload.
• Added Ronin::Generators::Payloads::Shellcode.
• Added Ronin::Generators::Payloads::Nops.
• Added Ronin::UI::CommandLine::Commands::Exploit.
• Added Ronin::UI::CommandLine::Commands::Exploits.
• Added Ronin::UI::CommandLine::Commands::Payload.
• Added Ronin::UI::CommandLine::Commands::Payloads.
• Added Ronin::UI::CommandLine::Commands::GenExploit.
• Added Ronin::UI::CommandLine::Commands::GenLocalExploit.
• Added Ronin::UI::CommandLine::Commands::GenRemoteExploit.
• Added Ronin::UI::CommandLine::Commands::GenRemoteTcpExploit.
• Added Ronin::UI::CommandLine::Commands::GenRemoteUdpExploit.
• Added Ronin::UI::CommandLine::Commands::GenFtpExploit.
• Added Ronin::UI::CommandLine::Commands::GenHttpExploit.
• Added Ronin::UI::CommandLine::Commands::GenWebExploit.
• Added Ronin::UI::CommandLine::Commands::GenPayload.
• Added Ronin::UI::CommandLine::Commands::GenBinaryPayload.
• Added Ronin::UI::CommandLine::Commands::GenShellcode.
• Added Ronin::UI::CommandLine::Commands::GenNops.
• Added the ronin-exploit script.
• Added the ronin-exploits script.
• Added the ronin-payload script.
• Added the ronin-payloads script.
• Added the ronin-gen-exploit script.
• Added the ronin-gen-local-exploit script.
• Added the ronin-gen-remote-exploit script.
• Added the ronin-gen-remote-tcp-exploit script.
• Added the ronin-gen-remote-udp-exploit script.
• Added the ronin-gen-ftp-exploit script.
• Added the ronin-gen-http-exploit script.
• Added the ronin-gen-payload script.
• Added the ronin-gen-binary-payload script.
• Added the ronin-gen-shellcode script.
• Added the ronin-gen-nops script.
• Renamed Ronin::Vuln::Behavior.priv_escalation to gain_privileges.
• Renamed Ronin::Exploits::Exploit#select_target to use_target!.
• Renamed Ronin::Exploits::Exploit#call to exploit!.
• Renamed Ronin::Exploits::Exploit#encode_with to encode_payload.
• Renamed Ronin::Payloads::Encoder to Ronin::Payloads::Encoders::Encoder.
• Renamed Ronin::Payloads::Encoders::Encoder#call to encode.
• Renamed Ronin::Exploits::Exploit#encoded_payload=.
• Removed Ronin::Payloads::Payload#payload to raw_payload.
• Removed Ronin::Payloads::Payload#call.
• Moved to YARD based documentation.
• Updated the project summary and 3-point description for ronin-exploits.
• Ronin::Model::TargetsArch now auto-defines a relationship with Arch.
• Ronin::Model::TargetsOS now auto-defines a relationship with OS.
• Ronin::Model::TargetsProduct now auto-defines a relationship with Product.
• Refactored Ronin::Exploits::Exploit.
• Include Ronin::Controls::Behaviors into Ronin::Exploits::Exploit.
• Made Ronin::Exploits::Exploit#to_s more robust.
• Safely load exploit helpers using the new require_within method.
• Allow Ronin::Exploits::Exploit#encode_payload to accept a block, which will be used to encode the payload.
• No longer allow the payload to be directly passed to Ronin::Exploits::Exploit#build!.
• Allow an index or query to be passed to Ronin::Exploits::Exploit#use_target!.
• Have Ronin::Exploits::Exploit#build_payload! only reset @raw_payload if a payload is set.
• Make sure Ronin::Exploits::Exploit#encode_payload! cannot set the encoded_payload to nil.
• Allow Ronin::Exploits::Exploit#encode_payload! to use either Ronin::Payloads::Encoders::Encoder or Proc objects.
• Allow Ronin::Exploits::Exploit#build_payload! to pass options to Ronin::Payloads::Payload#build!.
• Allow Ronin::Exploits::Exploit#build! to pass options to Ronin::Exploits::Exploit#build_payload!.
• Ronin::Exploits::Exploit#deploy! no longer receives options.
• Allow Ronin::Exploits::Exploit#exploit! to accept a :dry_run option, which will cause the exploit to be built but not deployed.
• Default the @buffer instance variable to an empty String, in Ronin::Exploits::Helpers::BufferOverflow.
• Default the @format_string instance variable to an empty String, in Ronin::Exploits::Helpers::FormatString.
• Refactored Ronin::Payloads::Payload.
• Include Ronin::Controls::Behaviors into Ronin::Payloads::Payload.
• Made Ronin::Payloads::Payload#to_s more robust.
• Safely load payload helpers using the new require_within method.

0.2.1 / 2009-07-02

• Use Hoe >= 2.0.0.
• Require ronin >= 0.2.4.
• Added Ronin::Model::TargetsArch.
• Added Ronin::Model::TargetsOS.
• Added Ronin::Mode::HasDefaultPort.
• Added Exploit#deployed?.
• Added Exploit#inspect.
• Added Exploits::Helpers::FileBased.
• Added Exploits::Web#http_method.
• Added Exploits::Web#targeted_url_path.
• Added Payload#inspect.
• Added Payload#call method.
• Renamed Exploit#exploit to Exploit#call.
• Renamed Payloads::Helpers::Unimplemented to Payloads::Helpers::NotImplemented.
• Renamed RPC#call to RPC#call_method.
• Removed Exploit#switch_payload.
• Moved verifier methods into Exploits::Verifiers.
• Allow Exploit#allow to accept multiple behaviors.
• Include UI::Diagnostics into Ronin::Exploits::Exploit.
• Include Sessions::HTTP into Exploits::Web.
• Include UI::Diagnostics into Ronin::Payloads::Payload.
• Allow Payload#controlling to accept multiple behaviors.
• Added more specs.

0.2.0 / 2009-04-11

• Added Ronin::TargetedArch.
• Added Ronin::TargetedOS.
• Added Ronin::TargetedProduct.
• Added Ronin::Model::TargetsArch.
• Added Ronin::Model::TargetsOS.
• Refactored Ronin::Exploits:
  • Added Ronin::Exploits::Target.
  • Added Ronin::Exploits::Targets::BufferOverflow.
  • Added Ronin::Exploits::Targets::FormatString.
  • Added Ronin::Exploits::Helpers::Binary.
  • Added Ronin::Exploits::Helpers::Padding.
  • Added Ronin::Exploits::Helpers::BufferOverflow.
  • Added Ronin::Exploits::Helpers::FormatString.
  • Added Ronin::Exploits::Local.
  • Added Ronin::Exploits::Remote.
  • Added Ronin::Exploits::RemoteTCP.
  • Added Ronin::Exploits::RemoteUDP.
  • Added Ronin::Exploits::FTP.
  • Added Ronin::Exploits::HTTP.
  • Renamed Ronin::Exploits::Impact to Ronin::Exploits::Allow.
  • Removed the Ronin::Exploits::Requirement.
  • Rewrote Ronin::Exploits::Exploit:
    • Use the new Ronin::Cacheable module.
    • Added a status property, which may be either :potential, :proven, :weaponized, but will default to :potential.
    • Added a disclosure property, which can be a combination of :private, :in_wild, :vendor_aware or :public.
    • Added Exploit#helper, which will extend the Exploit object with the Helper module with the similar name.
    • Added the Exploit#build!, Exploit#verify!, Exploit#deploy! methods, which will call the user-defined Exploit#build, Exploit#verify, Exploit#deploy methods, respectively.
    • Added Exploit#targeting.
    • Added Exploit#behaviors.
    • Added Exploit#targeted_archs, Exploit#targeted_oses, Exploit#targeted_products.
    • Added Exploit#select_target.
    • Added the Exploit#target which will return the current selected target, or the first target of the exploit.
    • Added the Exploit#arch, Exploit#os and Exploit#product methods.
    • Added the Exploit#verify_target!, Exploit#verify_arch!, Exploit#verify_os! and Exploit#verify_product! methods.
    • Added Exploit#encoded_payload.
    • Added Exploit#encode_payload!.
    • Have Exploit#verify_restricted! raise an exception listing all restricted characters found in the given text.
    • Renamed Exploit#allows to Exploit#allowing.
    • Renamed Exploit#verify_restricted to Exploit#verify_restricted!.
    • Renamed Exploit#exploit to Exploit#exploit!.
    • Removed Exploit#payloads.
    • Removed Exploit#vulnerable?.
• Refactored Ronin::Payloads:
  • Added Ronin::Payloads::Helpers::FileSystem.
  • Added Ronin::Payloads::Helpers::RPC.
  • Added Ronin::Payloads::Helpers::Shell.
  • Added Ronin::Payloads::Nops.
  • Added Ronin::Payloads::Encoder.
  • Added Ronin::Payloads::Encoders::XOR.
  • Renamed Ronin::Payloads::Ability to Ronin::Payloads::Control.
  • Rewrote Ronin::Payloads::Payload:
    • Use the new Ronin::Cacheable module.
    • Use Ronin::Model::TargetsArch.
    • Use Ronin::Model::TargetsOS.
    • Added Payload#helper, which will extend the Payload object with the Helper module with the similar name.
    • Added Payload#behaviors.
    • Added Payload#build!, Payload#verify!, Payload#deploy!, which will call the user-defined Payload#build, Payload#verify, Payload#deploy methods, respectively.
    • Rewrote Payload#to_s to return the name and version of the payload.
    • Renamed Payload#controls to Payload#controlling.
    • Removed encoders from the Payload class.
• Added specs.

0.1.1 / 2009-01-22

• Removed old references to the ronin/vulnerability directory.
• Removed old references to the Ronin::Vulnerability namespace.
• Removed past usage of the :value option with parameters.
  • Parametes now uses the :default option, for specifying the default value of parameters.
• Added the missing Ronin::Exploits::PayloadSize exception.
• Reduce usage of first_or_create.
• Updated target methods.

0.1.0 / 2008-01-08

• Initial release.
  • Supports many basic exploit types:
    • Ronin::Exploits::Exploit
    • Ronin::Exploits::BinaryExploit
    • Ronin::Exploits::BufferOverflow
    • Ronin::Exploits::FormatString
    • Ronin::Exploits::WebExploit
  • Supports a few basic payload types:
    • Ronin::Payloads::Payload
    • Ronin::Payloads::BinaryPayload
    • Ronin::Payloads::Shellcode
    • Ronin::Payloads::WebPayload
  • Provides the ability to associate Vulnerability Taxonomy information with Exploits and Payloads.
  • Provides a semi-intelligent XOR translator (Ronin::Translators::XOR).