# # Ronin Exploits - A Ruby library for Ronin that provides exploitation and # payload crafting functionality. # # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com) # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA # require 'ronin/ui/command_line/command' require 'ronin/exploits' require 'ronin/database' module Ronin module UI module CommandLine module Commands class Exploits < Command desc "exploits [options]", "Lists available exploits" method_option :database, :type => :string, :default => Database.config, :aliases => '-D' method_option :name, :type => :string, :aliases => '-n' method_option :version, :type => :string, :aliases => '-V' method_option :describing, :stype => :string, :aliases => '-d' method_option :status, :type => :string, :aliases => '-s' method_option :license, :type => :string, :aliases => '-l' method_option :arch, :type => :string, :aliases => '-a' method_option :os, :type => :string, :aliases => '-o' method_option :product, :type => :string, :aliases => '-p' method_option :verbose, :type => :boolean, :aliases => '-v' def default Database.setup(options[:database]) exploits = Ronin::Exploits::Exploit.all if options[:name] exploits = exploits.named(options[:name]) end if options[:version] exploits = exploits.revision(options[:version]) end if options[:describing] exploits = exploits.describing(options[:describing]) end if options[:license] exploits = exploits.licensed_under(options[:license]) end if options[:status] exploits = exploits.all(:status => options[:status].to_sym) end if options[:arch] exploits = exploits.targeting_arch(options[:arch]) end if options[:os] exploits = exploits.targeting_os(options[:os]) end if options[:product] exploits = exploits.targeting_product(options[:product]) end if exploits.empty? print_error "Could not find similar exploits" exit -1 end if options.verbose? exploits.each { |exploit| print_exploit(exploit) } else exploits.each { |exploit| puts " #{exploit}" } end end protected def print_exploit(exploit) print_hash( exploit.humanize_attributes(:exclude => [:description]), :title => "Exploit: #{exploit}" ) indent do if exploit.description puts "Description:\n\n" indent do exploit.description.each_line { |line| puts line } end puts "\n" end unless exploit.authors.empty? exploit.authors.each do |author| print_hash(author.humanize_attributes, :title => 'Author') end end unless exploit.behaviors.empty? print_array(exploit.behaviors, :title => 'Controls') end unless exploit.targets.empty? exploit.targets.each do |target| attributes = target.humanize_attributes(:exclude => [:data]) attributes['Arch'] = target.arch if target.arch attributes['OS'] = target.os if target.os attributes['Product'] = target.product if target.product print_hash(attributes, :title => 'Target') unless target.data.empty? print_title("Target Data") indent do target.data.each do |name,value| puts "#{name} [#{value.inspect}]" end end end end end attempt { exploit.load_original! } unless exploit.params.empty? print_array(exploit.params.values, :title => 'Parameters') end end end end end end end end