GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ronin-rb → ronin-exploits

ronin-rb / ronin-exploits

Licence: GPL-3.0 license
A Ruby micro-framework for writing and running exploits

Programming Languages

ruby
36898 projects - #4 most used programming language
javascript
184084 projects - #8 most used programming language
PHP
23972 projects - #3 most used programming language
HTML
75241 projects

Labels

exploitwipunder-constructionexploitation-frameworkexploit-development

Projects that are alternatives of or similar to ronin-exploits

Gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
Stars: ✭ 4,197 (+11558.33%)
Mutual labels:  exploit, exploit-development
Beef Over Wan
Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (+127.78%)
Mutual labels:  exploit, exploitation-framework
Featherduster
An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
Stars: ✭ 876 (+2333.33%)
Mutual labels:  exploit, exploitation-framework
ShadowSteal
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
Stars: ✭ 186 (+416.67%)
Mutual labels:  exploit, exploit-development
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Stars: ✭ 1,934 (+5272.22%)
Mutual labels:  exploit, exploitation-framework
HackingAllTheThings
My documentation and tools for learn ethical hacking.
Stars: ✭ 66 (+83.33%)
Mutual labels:  exploit, exploit-development
Pentest Tools Framework
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 48 (+33.33%)
Mutual labels:  exploit, exploitation-framework
pwnscripts
Very simple script(s) to hasten binary exploit creation
Stars: ✭ 66 (+83.33%)
Mutual labels:  exploit, exploitation-framework
Mouse
Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (+416.67%)
Mutual labels:  exploit, exploitation-framework
Metasploit Cheat Sheet
Metasploit Cheat Sheet 💣
Stars: ✭ 139 (+286.11%)
Mutual labels:  exploit, exploitation-framework
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+2655.56%)
Mutual labels:  exploit, exploitation-framework
SubRosa
Basic tool to automate backdooring PE files
Stars: ✭ 48 (+33.33%)
Mutual labels:  exploit, exploit-development
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+28930.56%)
Mutual labels:  exploit, exploit-development
readhook
Red-team tool to hook libc read syscall with a buffer overflow vulnerability.
Stars: ✭ 31 (-13.89%)
Mutual labels:  exploit, exploit-development
exploiting
Exploiting challenges in Linux and Windows
Stars: ✭ 122 (+238.89%)
Mutual labels:  exploit, exploit-development
cylon-deb
TUI menu driven bash shell script to update and maintain a Debian based Linux distro.
Stars: ✭ 23 (-36.11%)
Mutual labels:  wip
Bash
Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.
Stars: ✭ 19 (-47.22%)
Mutual labels:  exploit
exploit
Collection of different exploits
Stars: ✭ 153 (+325%)
Mutual labels:  exploit
CVE-2019-10149
CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Stars: ✭ 15 (-58.33%)
Mutual labels:  exploit
Umbraco-RCE
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (+69.44%)
Mutual labels:  exploit
View All Similar Projects ➔

ronin-exploits

CI Code Climate

Description

ronin-exploits is a Ruby library for writing and running exploits and payloads.

ronin-exploits is part of the ronin-rb project, a Ruby toolkit for security research and development.

Features

  • Define Exploits based on:
    • Whether they are local or remote.
    • Protocol they use.
    • Contributing authors.
    • Exploited behaviors.
    • Disclosure status.
    • Level of weaponization.
    • Architectures they target.
    • OSes they target.
    • Products they target.
  • Define Payloads based on:
    • Contributing authors.
    • Helpers they use.
  • Define Payload Encoders:
    • Architectures they target.
    • OSes they target.
  • Provides a simple three phase process of building, verifying and deploying Exploits and Payloads.
  • Allows adding arbitrary target data to the targets of Exploits.
  • Allows combining Payloads with Exploits.
  • Allows using a raw-payload with an Exploit.
  • Allows the addition of multiple Payload Encoders to an Exploit.
  • Allows chaining multiple Payloads together.
  • Provides the following Exploit classes:
    • {Ronin::Exploits::Exploit}
    • {Ronin::Exploits::Local}
    • {Ronin::Exploits::Remote}
    • {Ronin::Exploits::RemoteTCP}
    • {Ronin::Exploits::RemoteUDP}
    • {Ronin::Exploits::HTTP}
    • {Ronin::Exploits::FTP}
    • {Ronin::Exploits::Web}
    • {Ronin::Exploits::LFI}
    • {Ronin::Exploits::RFI}
    • {Ronin::Exploits::SQLi}
  • Provides the following Exploit helpers:
    • {Ronin::Exploits::Helpers::Binary}
    • {Ronin::Exploits::Helpers::Padding}
    • {Ronin::Exploits::Helpers::BufferOverflow}
    • {Ronin::Exploits::Helpers::FormatString}
    • {Ronin::Exploits::Helpers::FileBuilder}
  • Provides the following Payload classes:
    • {Ronin::Payloads::Payload}
    • {Ronin::Payloads::BinaryPayload}
    • {Ronin::Payloads::ASMPayload}
    • {Ronin::Payloads::Nops}
    • {Ronin::Payloads::Shellcode}
    • {Ronin::Payloads::BindShell}
  • Provides the following Payload helpers:
    • {Ronin::Payloads::Helpers::BindShell}
  • Provides an API for {Ronin::PostExploitation Post-Exploitation}.
  • Provides a multitude of exploit and payload generators which can create customized skeleton Ruby Exploits and Payloads.

Synopsis

Generate a skeleton exploit, with some custom information:

$ ronin-gen exploit example_exploit.rb \
    --name Example --arch i686 --os Linux --product "Example Product" \
    --status proven \
    --authors Postmodern --description "This is an example."
  • To generate other types of exploits specify one of the following:
    • local_exploit
    • remote_exploit
    • remote_tcp_exploit
    • remote_udp_exploit
    • ftp_exploit
    • http_exploit
    • web_exploit

Generate a skeleton payload, with some custom information:

$ ronin-gen payload example_payload.rb \
    --name Example --arch i686 --os Linux \
    --authors Postmodern --description "This is an example."
  • To generate other types of payloads specify one of the following:
    • binary_payload
    • shellcode
    • nops

List available exploits:

$ ronin-exploits

Print information about an exploit:

$ ronin-exploits -n NAME -v

Build and deploy an exploit:

$ ronin-exploit -n NAME --host example.com --port 9999

Load an exploit from a file, then build and deploy it:

$ ronin-exploit -f FILE --host example.com --port 9999

Build and deploy an exploit, with a payload:

$ ronin-exploit -n NAME --host example.com --port 9999 -P PAYLOAD_NAME

Build and deploy an exploit, with a raw payload:

$ ronin-exploit -n NAME --host example.com --port 9999 --raw-payload \
    `echo -en "\x66\x31\xc0\xfe\xc0\xb3\xff\xcd\x80"`

List available payloads:

$ ronin-payloads

Print information about a payload:

$ ronin-payloads -n NAME -v

Build and output a payload:

$ ronin-payload NAME

Build and output a raw unescaped payload:

$ ronin-payload NAME --raw

Load a payload from a file, then build and output it:

$ ronin-payload -f FILE

Examples

Define a remote TCP exploit:

require 'ronin/exploits/remote_tcp'

Ronin::Exploits::RemoteTCP.object do

  helper :buffer_overflow

  #
  # Cacheable data.
  #
  cache do
    self.name        = 'test'
    self.description = %{This is an example exploit.}

    self.status      = :potential
    self.released    = true

    author name: 'Postmodern', organization: 'SophSec'

    targeting do |t|
      t.targets_arch     :x86
      t.targets_os       'Linux'
      t.targets_software 'ExampleWare', '2.4.7b'
    end
  end

  #
  # Builds the exploit.
  #
  build do
    @buffer = "USER #{build_buffer}\n"
  end

  #
  # Deploys the built exploit.
  #
  deploy do
    tcp_send @buffer
  end

  #
  # Evacuates the deployed exploit.
  #
  evacuate do
    tcp_send "QUIT"
  end

end

Define a shellcode payload:

require 'ronin/payloads/shellcode'

Ronin::Payloads::Shellcode.object do

  cache do
    self.name        = 'local_shell'
    self.version     = '0.5'
    self.description = %{
      Shellcode that spawns a local /bin/sh shell
    }

    targets_arch :x86
    targets_os   'Linux'
  end

  build do
    shellcode do
      xor   eax, eax
      push  eax
      push  0x68732f2f
      push  0x6e69622f
      mov   esp, ebx
      push  eax
      push  ebx
      mov   esp, ecx
      xor   edx, edx
      int   0xb
    end
  end

end

Define a payload encoder:

require 'ronin/encoders/encoder'

Ronin::Encoders::Encoder.object do

  #
  # Cacheable data.
  #
  cache do
    self.name        = 'base64_encode'
    self.description = %{Example base64 payload encoder}

    self.targets_arch :x86
    self.targets_os   'Linux'
  end

  #
  # Base64 encodes the specified data.
  #
  def encode(data)
    return data.to_s.base64_encode
  end

end

Requirements

Install

$ gem install ronin-exploits

Development

  1. Fork It!
  2. Clone It!
  3. cd ronin-exploits
  4. bundle install
  5. git checkout -b my_feature
  6. Code It!
  7. bundle exec rake spec
  8. git push origin my_feature

License

ronin-exploits - A Ruby library for ronin-rb that provides exploitation and payload crafting functionality.

Copyright (c) 2007-2013 Hal Brodigan (postmodern.mod3 at gmail.com)

This file is part of ronin-exploits.

ronin-exploits is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

ronin-exploits is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with ronin-exploits. If not, see https://www.gnu.org/licenses/.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].