Thursday, 27 November 2014
0 comments

Ronin, The Ruby Platform For Vulnerability Research And Exploit Development


Ronin Exploits is a Ruby library for Ronin that provides exploitation and payload crafting functionality.

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories.

Console
Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience methods. In the Console one can work with data and automate complex tasks, with greater ease than the command-line.

>> File.read('data').base64_decode

Database
Ronin ships with a preconfigured Database, that one can interact with from Ruby, without having to write any SQL.

>> HostName.tld('eu').urls.with_query_param('id')

Repositories
Ronin provides a Repository system, allowing users to organize and share miscallaneous Data, Code, Exploits, Payloads, Scanners, etc.

$ ronin install git://github.com/user/myexploits.git

Libraries
Ronin provides libraries with additional functionality, such as Exploitation and Scanning:

$ gem install ronin-exploits

Install
Install Ronin using RubyGems:

$ gem install ronin

Install Ronin on Debian, Ubuntu, Fedora or Mac OS X.

Synopsis

Generate a skeleton exploit, with some custom information:

$ ronin-gen exploit example_exploit.rb \
    --name Example --arch i686 --os Linux --product "Example Product" \
    --status proven \
    --authors Postmodern --description "This is an example."

To generate other types of exploits specify one of the following:
local_exploit
remote_exploit
remote_tcp_exploit
remote_udp_exploit
ftp_exploit
http_exploit
web_exploit

Generate a skeleton payload, with some custom information:

$ ronin-gen payload example_payload.rb \
    --name Example --arch i686 --os Linux \
    --authors Postmodern --description "This is an example."

To generate other types of payloads specify one of the following:

binary_payload
shellcode
nops

List available exploits:
$ ronin-exploits

Print information about an exploit:
$ ronin-exploits -n NAME -v

Build and deploy an exploit:
$ ronin-exploit -n NAME --host example.com --port 9999

Load an exploit from a file, then build and deploy it:
$ ronin-exploit -f FILE --host example.com --port 9999

Build and deploy an exploit, with a payload:
$ ronin-exploit -n NAME --host example.com --port 9999 -P PAYLOAD_NAME

Build and deploy an exploit, with a raw payload:

$ ronin-exploit -n NAME --host example.com --port 9999 --raw-payload \
    `echo -en "\x66\x31\xc0\xfe\xc0\xb3\xff\xcd\x80"`

List available payloads:
$ ronin-payloads

Print information about a payload:
$ ronin-payloads -n NAME -v

Build and output a payload:
$ ronin-payload NAME

Build and output a raw unescaped payload:
$ ronin-payload NAME --raw

Load a payload from a file, then build and output it:
$ ronin-payload -f FILE

See more Examples

Download

0 comments:

Post a Comment

Note: only a member of this blog may post a comment.

 
Toggle Footer
Top