### 1.0.2 / 2023-06-12 * Corrected the `class_dir` for {Ronin::Exploits}; even though `ronin-exploits` will never contain any built-in exploits. * Avoid using `case`/`in` syntax for TruffleRuby. * Documentation fixes and improvements. #### CLI * Fixed a typo in `ronin-exploits new` man-page. * Fixed a bug in the `ronin-exploits show` command where a target's `version` was not being printed. * Fixed a bug where `ronin-exploits new --payload-type command` wasn't being accepted as a valid payload type. ### 1.0.1 / 2023-03-01 * Require [ronin-support] ~> 1.0, >= 1.0.1. * Require [ronin-payloads] ~> 0.1, >= 0.1.1. * Require [ronin-vulns] ~> 0.1, >= 0.1.1. #### CLI * Fixed multiple bugs in the `--encoder-param` option of the `ronin-exploits run ` command. ### 1.0.0 / 2023-02-01 * Upgraded to the LGPL-3 license. * Require `ruby` >= 3.0.0. * Added [ronin-support] ~> 1.0 as a dependency. * Added [ronin-post_ex] ~> 0.1 as a dependency. * Added [ronin-payloads] ~> 0.1 as a dependency. * Added [ronin-vulns] ~> 0.1 as a dependency. * Added [ronin-core] ~> 0.1 as a dependency. * Added [ronin-repos] ~> 0.1 as a dependency. * Added {Ronin::Exploits::Advisory}. * Added {Ronin::Exploits::Loot}. * Added {Ronin::Exploits::Loot::File}. * Added {Ronin::Exploits::TestResult}. * Added {Ronin::Exploits::Exploit.exploit}. * Added {Ronin::Exploits::Exploit#perform_test}. * Added {Ronin::Exploits::Exploit#perform_build}. * Added {Ronin::Exploits::Exploit#perform_launch}. * Added {Ronin::Exploits::Exploit#perform_cleanup}. * Added {Ronin::Exploits::Exploit#exploit}. * Added {Ronin::Exploits::Exploit#validate}. * Added {Ronin::Exploits::Exploit#Vulnerable}. * Added {Ronin::Exploits::Exploit#NotVulnerable}. * Added {Ronin::Exploits::Exploit#Unknown}. * Added {Ronin::Exploits::Exploit#test}. * Added {Ronin::Exploits::Exploit#build}. * Added {Ronin::Exploits::Exploit#launch}. * Added {Ronin::Exploits::Exploit#cleanup}. * Added {Ronin::Exploits::MemoryCorruption}. * Added {Ronin::Exploits::StackOverflow}. * Added {Ronin::Exploits::SEHOverflow}. * Added {Ronin::Exploits::HeapOverflow}. * Added {Ronin::Exploits::UseAfterFree}. * Added {Ronin::Exploits::WebVuln}. * Added {Ronin::Exploits::OpenRedirect}. * Added {Ronin::Exploits::LFI}. * Added {Ronin::Exploits::RFI}. * Added {Ronin::Exploits::SQLI}. * Added {Ronin::Exploits::SSTI}. * Added {Ronin::Exploits::XSS}. * Added {Ronin::Exploits::ClientSideWebVuln}. * Added {Ronin::Exploits::Mixins::Binary}. * Added {Ronin::Exploits::Mixins::FileBuilder}. * Added {Ronin::Exploits::Mixins::FormatString}. * Added {Ronin::Exploits::Mixins::HasTargets}. * Added {Ronin::Exploits::Mixins::HasTargets}. * Added {Ronin::Exploits::Mixins::HasPayload}. * Added {Ronin::Exploits::Mixins::HTTP}. * Added {Ronin::Exploits::Mixins::Loot}. * Added {Ronin::Exploits::Mixins::NOPS}. * Added {Ronin::Exploits::Mixins::RemoteTCP}. * Added {Ronin::Exploits::Mixins::RemoteUDP}. * Added {Ronin::Exploits::Mixins::SEH}. * Added {Ronin::Exploits::Mixins::StackOverflow}. * Added {Ronin::Exploits::Mixins::Text}. * Added {Ronin::Exploits::Params::BaseURL}. * Added {Ronin::Exploits::Params::BindHost}. * Added {Ronin::Exploits::Params::BindPort}. * Added {Ronin::Exploits::Params::Filename}. * Added {Ronin::Exploits::Params::Host}. * Added {Ronin::Exploits::Params::Port}. * Renamed `ronin/exploits/helpers` to `ronin/exploits/mixins`. * Extracted `Ronin::Payloads` into [ronin-payloads]. * Extracted agent payloads into separate `ronin-agent-` repos. * [ronin-agent-php](https://github.com/ronin-rb/ronin-agent-php#readme) * [ronin-agent-ruby](https://github.com/ronin-rb/ronin-agent-ruby#readme) * [ronin-agent-nodejs](https://github.com/ronin-rb/ronin-agent-nodejs#readme) * Refactored the `ronin-exploit` command into the `ronin-exploits run` command. * Refactored {Ronin::Exploits::Exploit} as a Plain Old Ruby Class that defines method data, params, and the `build`, `launch`, and `cleanup` methods. * Refactored `Ronin::UI` into {Ronin::Exploits::CLI}. * Removed the `open_namespace` dependency. * Removed the `data_paths` dependency. * Removed the `ronin-gen` dependency. * Removed the `ronin` dependency; `ronin` now requires `ronin-exploits` and all other `ronin-` gems. * Removed `Ronin::Exploits::Controls`. * Removed `Ronin::Exploits::Generators` in favor of the `ronin-exploits new` command. * Removed `Ronin::Exploits::UnknownHelper`. * Removed `Ronin::Exploits::Helpers::Padding` in favor of calling `String#pad`. * Removed `Ronin::Exploits::Exploit#helpers` in favor of `included_modules`. * Removed `Ronin::Exploits::Exploit#helper` in favor of including {Ronin::Exploits::Mixins} modules. * Removed `Ronin::Exploits::Local`. * Removed `Ronin::Exploits::Remote`. * Removed `Ronin::Exploits::RemoteTCP` in favor of including {Ronin::Exploits::Mixins::RemoteTCP}. * Removed `Ronin::Exploits::RemoteUDP` in favor of including {Ronin::Exploits::Mixins::RemoteUDP}. * Removed `Ronin::Exploits::HTTP` in favor of including {Ronin::Exploits::Mixins::HTTP}. * Removed `Ronin::Exploits::FTP`. * Removed all database models and code in favor of Plain Old Ruby Classes. ### 0.3.1 / 2009-10-01 * Removed duplicate `default_port` properties from Ronin::Exploits::FTP and Ronin::Exploits::HTTP, which were causing dm-core 0.10.1 to crash. ### 0.3.0 / 2009-09-24 * Require ronin >= 0.3.0. * Require ronin-gen >= 0.2.0. * Require rspec >= 1.2.8. * Require yard >= 0.2.3.5. * Added Ronin::Vuln::Behavior.drop_privileges. * Added Ronin::Vuln::Behavior.exit_program. * Added Ronin::Vuln::Behavior.crash_program. * Added Ronin::Controls. * Added Ronin::Controls::Behaviors. * Added Ronin::Controls::Helpers. * Added Ronin::Controls::Helpers::CommandExec. * Added Ronin::Controls::Helpers::DirCreate. * Added Ronin::Controls::Helpers::DirListing. * Added Ronin::Controls::Helpers::DirRemove. * Added Ronin::Controls::Helpers::FileCtime. * Added Ronin::Controls::Helpers::FileMtime. * Added Ronin::Controls::Helpers::FileOwnership. * Added Ronin::Controls::Helpers::FileRead. * Added Ronin::Controls::Helpers::FileRemove. * Added Ronin::Controls::Helpers::FileWrite. * Added Ronin::Controls::Helpers::MemoryRead. * Added Ronin::Controls::Helpers::MemoryWrite. * Added Ronin::Model::TargetsProduct. * Added Ronin::Exploits::Exploit#target=. * Added Ronin::Exploits::Exploit#payload=. * Added Ronin::Exploits::Exploit#raw_payload=. * Added Ronin::Exploits::Exploit#build_payload!. * Added Ronin::Payloads::HasPayload. * Added Ronin::Payloads::Helpers::Chained * Added Ronin::Generators::Exploits. * Added Ronin::Generators::Exploits::Exploit. * Added Ronin::Generators::Exploits::Local. * Added Ronin::Generators::Exploits::Remote. * Added Ronin::Generators::Exploits::RemoteTCP. * Added Ronin::Generators::Exploits::RemoteUDP. * Added Ronin::Generators::Exploits::FTP. * Added Ronin::Generators::Exploits::HTTP. * Added Ronin::Generators::Exploits::Web. * Added Ronin::Generators::Payloads. * Added Ronin::Generators::Payloads::Payload. * Added Ronin::Generators::Payloads::BinaryPayload. * Added Ronin::Generators::Payloads::Shellcode. * Added Ronin::Generators::Payloads::Nops. * Added Ronin::UI::CommandLine::Commands::Exploit. * Added Ronin::UI::CommandLine::Commands::Exploits. * Added Ronin::UI::CommandLine::Commands::Payload. * Added Ronin::UI::CommandLine::Commands::Payloads. * Added Ronin::UI::CommandLine::Commands::GenExploit. * Added Ronin::UI::CommandLine::Commands::GenLocalExploit. * Added Ronin::UI::CommandLine::Commands::GenRemoteExploit. * Added Ronin::UI::CommandLine::Commands::GenRemoteTcpExploit. * Added Ronin::UI::CommandLine::Commands::GenRemoteUdpExploit. * Added Ronin::UI::CommandLine::Commands::GenFtpExploit. * Added Ronin::UI::CommandLine::Commands::GenHttpExploit. * Added Ronin::UI::CommandLine::Commands::GenWebExploit. * Added Ronin::UI::CommandLine::Commands::GenPayload. * Added Ronin::UI::CommandLine::Commands::GenBinaryPayload. * Added Ronin::UI::CommandLine::Commands::GenShellcode. * Added Ronin::UI::CommandLine::Commands::GenNops. * Added the ronin-exploit script. * Added the ronin-exploits script. * Added the ronin-payload script. * Added the ronin-payloads script. * Added the ronin-gen-exploit script. * Added the ronin-gen-local-exploit script. * Added the ronin-gen-remote-exploit script. * Added the ronin-gen-remote-tcp-exploit script. * Added the ronin-gen-remote-udp-exploit script. * Added the ronin-gen-ftp-exploit script. * Added the ronin-gen-http-exploit script. * Added the ronin-gen-payload script. * Added the ronin-gen-binary-payload script. * Added the ronin-gen-shellcode script. * Added the ronin-gen-nops script. * Renamed Ronin::Vuln::Behavior.priv_escalation to gain_privileges. * Renamed Ronin::Exploits::Exploit#select_target to use_target!. * Renamed Ronin::Exploits::Exploit#call to exploit!. * Renamed Ronin::Exploits::Exploit#encode_with to encode_payload. * Renamed Ronin::Payloads::Encoder to Ronin::Payloads::Encoders::Encoder. * Renamed Ronin::Payloads::Encoders::Encoder#call to encode. * Renamed Ronin::Exploits::Exploit#encoded_payload=. * Removed Ronin::Payloads::Payload#payload to raw_payload. * Removed Ronin::Payloads::Payload#call. * Moved to YARD based documentation. * Updated the project summary and 3-point description for ronin-exploits. * Ronin::Model::TargetsArch now auto-defines a relationship with Arch. * Ronin::Model::TargetsOS now auto-defines a relationship with OS. * Ronin::Model::TargetsProduct now auto-defines a relationship with Product. * Refactored Ronin::Exploits::Exploit. * Include Ronin::Controls::Behaviors into Ronin::Exploits::Exploit. * Made Ronin::Exploits::Exploit#to_s more robust. * Safely load exploit helpers using the new require_within method. * Allow Ronin::Exploits::Exploit#encode_payload to accept a block, which will be used to encode the payload. * No longer allow the payload to be directly passed to Ronin::Exploits::Exploit#build!. * Allow an index or query to be passed to Ronin::Exploits::Exploit#use_target!. * Have Ronin::Exploits::Exploit#build_payload! only reset @raw_payload if a payload is set. * Make sure Ronin::Exploits::Exploit#encode_payload! cannot set the encoded_payload to nil. * Allow Ronin::Exploits::Exploit#encode_payload! to use either Ronin::Payloads::Encoders::Encoder or Proc objects. * Allow Ronin::Exploits::Exploit#build_payload! to pass options to Ronin::Payloads::Payload#build!. * Allow Ronin::Exploits::Exploit#build! to pass options to Ronin::Exploits::Exploit#build_payload!. * Ronin::Exploits::Exploit#deploy! no longer receives options. * Allow Ronin::Exploits::Exploit#exploit! to accept a :dry_run option, which will cause the exploit to be built but *not* deployed. * Default the @buffer instance variable to an empty String, in Ronin::Exploits::Helpers::BufferOverflow. * Default the @format_string instance variable to an empty String, in Ronin::Exploits::Helpers::FormatString. * Refactored Ronin::Payloads::Payload. * Include Ronin::Controls::Behaviors into Ronin::Payloads::Payload. * Made Ronin::Payloads::Payload#to_s more robust. * Safely load payload helpers using the new require_within method. ### 0.2.1 / 2009-07-02 * Use Hoe >= 2.0.0. * Require ronin >= 0.2.4. * Added Ronin::Model::TargetsArch. * Added Ronin::Model::TargetsOS. * Added Ronin::Mode::HasDefaultPort. * Added Exploit#deployed?. * Added Exploit#inspect. * Added Exploits::Helpers::FileBased. * Added Exploits::Web#http_method. * Added Exploits::Web#targeted_url_path. * Added Payload#inspect. * Added Payload#call method. * Renamed Exploit#exploit to Exploit#call. * Renamed Payloads::Helpers::Unimplemented to Payloads::Helpers::NotImplemented. * Renamed RPC#call to RPC#call_method. * Removed Exploit#switch_payload. * Moved verifier methods into Exploits::Verifiers. * Allow Exploit#allow to accept multiple behaviors. * Include UI::Diagnostics into Ronin::Exploits::Exploit. * Include Sessions::HTTP into Exploits::Web. * Include UI::Diagnostics into Ronin::Payloads::Payload. * Allow Payload#controlling to accept multiple behaviors. * Added more specs. ### 0.2.0 / 2009-04-11 * Added Ronin::TargetedArch. * Added Ronin::TargetedOS. * Added Ronin::TargetedProduct. * Added Ronin::Model::TargetsArch. * Added Ronin::Model::TargetsOS. * Refactored Ronin::Exploits: * Added Ronin::Exploits::Target. * Added Ronin::Exploits::Targets::BufferOverflow. * Added Ronin::Exploits::Targets::FormatString. * Added Ronin::Exploits::Helpers::Binary. * Added Ronin::Exploits::Helpers::Padding. * Added Ronin::Exploits::Helpers::BufferOverflow. * Added Ronin::Exploits::Helpers::FormatString. * Added Ronin::Exploits::Local. * Added Ronin::Exploits::Remote. * Added Ronin::Exploits::RemoteTCP. * Added Ronin::Exploits::RemoteUDP. * Added Ronin::Exploits::FTP. * Added Ronin::Exploits::HTTP. * Renamed Ronin::Exploits::Impact to Ronin::Exploits::Allow. * Removed the Ronin::Exploits::Requirement. * Rewrote Ronin::Exploits::Exploit: * Use the new Ronin::Cacheable module. * Added a status property, which may be either `:potential`, `:proven`, `:weaponized`, but will default to `:potential`. * Added a disclosure property, which can be a combination of `:private`, `:in_wild`, `:vendor_aware` or `:public`. * Added Exploit#helper, which will extend the Exploit object with the Helper module with the similar name. * Added the Exploit#build!, Exploit#verify!, Exploit#deploy! methods, which will call the user-defined Exploit#build, Exploit#verify, Exploit#deploy methods, respectively. * Added Exploit#targeting. * Added Exploit#behaviors. * Added Exploit#targeted_archs, Exploit#targeted_oses, Exploit#targeted_products. * Added Exploit#select_target. * Added the Exploit#target which will return the current selected target, or the first target of the exploit. * Added the Exploit#arch, Exploit#os and Exploit#product methods. * Added the Exploit#verify_target!, Exploit#verify_arch!, Exploit#verify_os! and Exploit#verify_product! methods. * Added Exploit#encoded_payload. * Added Exploit#encode_payload!. * Have Exploit#verify_restricted! raise an exception listing all restricted characters found in the given text. * Renamed Exploit#allows to Exploit#allowing. * Renamed Exploit#verify_restricted to Exploit#verify_restricted!. * Renamed Exploit#exploit to Exploit#exploit!. * Removed Exploit#payloads. * Removed Exploit#vulnerable?. * Refactored Ronin::Payloads: * Added Ronin::Payloads::Helpers::FileSystem. * Added Ronin::Payloads::Helpers::RPC. * Added Ronin::Payloads::Helpers::Shell. * Added Ronin::Payloads::Nops. * Added Ronin::Payloads::Encoder. * Added Ronin::Payloads::Encoders::XOR. * Renamed Ronin::Payloads::Ability to Ronin::Payloads::Control. * Rewrote Ronin::Payloads::Payload: * Use the new Ronin::Cacheable module. * Use Ronin::Model::TargetsArch. * Use Ronin::Model::TargetsOS. * Added Payload#helper, which will extend the Payload object with the Helper module with the similar name. * Added Payload#behaviors. * Added Payload#build!, Payload#verify!, Payload#deploy!, which will call the user-defined Payload#build, Payload#verify, Payload#deploy methods, respectively. * Rewrote Payload#to_s to return the name and version of the payload. * Renamed Payload#controls to Payload#controlling. * Removed encoders from the Payload class. * Added specs. ### 0.1.1 / 2009-01-22 * Removed old references to the `ronin/vulnerability` directory. * Removed old references to the Ronin::Vulnerability namespace. * Removed past usage of the `:value` option with parameters. * Parametes now uses the `:default` option, for specifying the default value of parameters. * Added the missing Ronin::Exploits::PayloadSize exception. * Reduce usage of first_or_create. * Updated target methods. ### 0.1.0 / 2008-01-08 * Initial release. * Supports many basic exploit types: * Ronin::Exploits::Exploit * Ronin::Exploits::BinaryExploit * Ronin::Exploits::BufferOverflow * Ronin::Exploits::FormatString * Ronin::Exploits::WebExploit * Supports a few basic payload types: * Ronin::Payloads::Payload * Ronin::Payloads::BinaryPayload * Ronin::Payloads::Shellcode * Ronin::Payloads::WebPayload * Provides the ability to associate Vulnerability Taxonomy information with Exploits and Payloads. * Provides a semi-intelligent XOR translator (Ronin::Translators::XOR). [uri-query_params]: https://github.com/postmodern/uri-query_params#readme [ronin-support]: https://github.com/ronin-rb/ronin-support#readme [ronin-code-sql]: https://github.com/ronin-rb/ronin-code-sql#readme [ronin-core]: https://github.com/ronin-rb/ronin-core#readme [ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme [ronin-payloads]: https://github.com/ronin-rb/ronin-payloads#readme [ronin-post_ex]: https://github.com/ronin-rb/ronin-post_ex#readme [ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme