Moon

Ronin "toorcamp" 0.2.4 finally released

2009 / 07 / 19 — 1.9.x, fork, github, intext, ronin, ronin-dorks, ronin-exploits, ronin-gen, ronin-php, ronin-scanners, ronin-sql, ronin-web, ruby, scanners, toorcamp, website

Update: As CG points out, I forgot to post the slides from the ToorCamp presentation. Here they are in XHTML form.

Update: @sanitybit discovered that parameters 0.1.7, which is required by ronin 0.2.4, was not released. Parameters 0.1.7 has now been released.

As promised in the Ronin: A Platform for Publishing and Mayhem talk at ToorCamp, Ronin 0.2.4 has finally been released. I was wanting to release 0.2.4 before ToorCamp, and hand out copies while there, but due to time constraints I had to wait till after the event.

$ gem update

Signed RubyGems

All released versions of Ronin, from 0.2.4 onward, will be signed. You can download the public certificate used to verify all of my gems here. A more in depth explanation of RubyGem Signing is given in Chapter 21 of the RubyGems Manual.

Bug Fixes

Mr. evoltech discovered and fixed a bug in the lookup of command names containing dashes, which was causing issues with the ronin-gen commands. flatline also improved the reliability of the caching of exploits from Overlays, now any exceptions raised during the caching of each exploit will be ignored.

Bytes and Chars

The 0.2.4 release now comes with new convenience methods to make working with byte and char Arrays easier:

[0x41, 0x41, 0x42].chars
# => ["A", "A", "B"]
["A", "B"].bytes
# => [0x41, 0x42]
[0x41, 0x41, 0x41].char_string
# => "AAB"

Un-Hexdumping

The File.unhexdump method was also added, making it even easier to un-hexdump those dumps.

Exceptions

Occasionally one needs to run some code which may raise exceptions, but you might not care about such exceptions, and would rather have them printed out. The catch_all method does exactly that. catch_all will catch all exceptions and print abbreviated back-traces.

require 'resolv'

catch_all do
  Resolv.getaddress('www.wired.com')
end

Another note-worth change in 0.2.4, was the renaming of the try method to attempt; so as not to conflict with JRuby's try method.

HTTP

The Net.http_request method was added, allowing one to make arbitrary HTTP Requests, just specify the :method option.

Net.http_request(:host => 'www.example.com', :method => :head)

Templates::Erb

The Templates::Erb module was added in 0.2.4, providing convenience methods for rendering Embedded Ruby (ERB) templates.

Scanners::Scanner

The Scanners::Scanner module was also added in 0.2.4. The Scanner module can be included into any class and allows one to define multiple scanner rules by name, which are ran against each target, returning results in real-time via a callback.

An example usage of Scanners::Scanner would be to add scanner rules to all IPAddr objects, having each IP address within a netmask scanned.

require 'ronin/scanners/scanner'
require 'ronin/extensions/ip_addr'

class IPAddr

  include Ronin::Scanners::Scanner

  scanner(:dns) do |ip,results|
    Resolve.getnames(ip).each do |name|
      results.call(name)
    end
  end

  def each_target(&block)
    each(&block)
  end

end

First we include Ronin::Scanners::Scanner into the IPAddr class. Then we define a simple scanner rule to perform reverse DNS lookup on an IP address and returns the results using the result callback. Finally we define the each_target method which enumerates over each IP address in the netmask, passing each to the block to be scanned.

To run all scanner rules on an IPAddr range:

ip = IPAddr.new('10.1.1.1/24')
ip.scan

To only run the DNS scanner rule:

ip.dns_scan

The SQL Injection, LFI and RFI scanning code has now been ported to use Scanners::Scanner.

Accessible Extensions

Extensions from Overlays are now more accessible. Within the Ronin console, they can be accessed as local variables:

puts milw0rm.remote.first_page

This is all thanks to the new Ronin#method_missing method; which catches missing instance method calls, and attempts to load the appropriate extension.

Command Name Changes

The ls and rm ronin commands have now been renamed to list and remove, respectively.

To list all installed Overlays:

$ ronin list

To remove (but not delete) an Overlay:

$ ronin remove overlay-name

New Dorks

ronin-dorks 0.1.2 saw the addition of the intext, allintext, string_intext, all_strings_intext, intitle, allintitle, string_intitle methods to Web::Dorks. The new intext and intitle convenience methods should simplify the creation of future dorks.

ronin.rubyforge.org Open Sourced

Last but not least, the source-code for the ronin.rubyforge.org website has been open-sourced on GitHub. Now if you want to make a correction or add a How-To, just fork it, commit your changes, then send me a pull-request and I'll upload your changes.

The collaborative editing is already happening, evoltech already wrote up a new badass Contribute page, that explains typical Git(Hub) workflow.

Comments

blog comments powered by Disqus