Ronin : A Ruby Platform For Vulnerability Research & Exploit Development

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories.

Console

Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience methods. In the Console one can work with data and automate complex tasks, with greater ease than the command-line.

>> File.read(‘data’).base64_decode

Database

Ronin ships with a preconfigured Database, that one can interact with from Ruby, without having to write any SQL.

>> HostName.tld(‘eu’).urls.with_query_param(‘id’)

Repositories

Ronin provides a Repository system, allowing users to organize and share miscallaneous Data, Code, Exploits, Payloads, Scanners, etc.

$ ronin install git://github.com/user/myexploits.git

Libraries

Ronin provides libraries with additional functionality, such as Exploitation and Scanning:

$ gem install ronin-exploits

Features

• Supports installing/updating/uninstalling of Repositories.
  • Supports installing Repositories from various media types:
    • Subversion (SVN)
    • Mercurial (Hg)
    • Git
    • Rsync
• Provides a Database using DataMapper with:
  • {Ronin::Author}
  • {Ronin::License}
  • {Ronin::Arch}
  • {Ronin::OS}
  • {Ronin::Software}
  • {Ronin::Vendor}
  • {Ronin::Address}
    • {Ronin::MACAddress}
    • {Ronin::IPAddress}
    • {Ronin::HostName}
  • {Ronin::Port}
    • {Ronin::TCPPort}
    • {Ronin::UDPPort}
  • {Ronin::Service}
  • {Ronin::OpenPort}
  • {Ronin::OSGuess}
  • {Ronin::UserName}
  • {Ronin::URL}
  • {Ronin::EmailAddress}
  • {Ronin::Credential}
    • {Ronin::ServiceCredential}
    • {Ronin::WebCredential}
  • {Ronin::Organization}
  • {Ronin::Campaign}
  • {Ronin::Target}
• Caches exploits, payloads, scanners, etc stored within Repositories into the Database.
• Convenience methods provided by ronin-support.
• Provides a customized Ruby Console using Ripl with:
  • Syntax highlighting.
  • Tab completion.
  • Auto indentation.
  • Pretty Printing (pp).
  • print_info, print_error, print_warning and print_debug output helper methods with color-output.
  • Inline commands (!nmap -v -sT victim.com)
• Provides an extensible command-line interface.

Synopsis

Start the Ronin console:

$ ronin

Run a Ruby script in Ronin:

$ ronin exec script.rb

View available commands:

$ ronin help

View a man-page for a command:

$ ronin help wordlist

Install a Repository:

$ ronin install svn://example.com/path/to/repo

List installed Repositories:

$ ronin repos

Update all installed Repositories:

$ ronin update

Update a specific Repositories:

$ ronin update repo-name

Uninstall a specific Repositories:

$ ronin uninstall repo-name

List available Databases:

$ ronin database

Add a new Database:

$ ronin database –add team –uri mysql://user:pass@vpn.example.com/db

Remove a Database:

$ ronin database –remove team

Requirements

• Ruby >= 1.8.7
• DataMapper:
  • dm-sqlite-adapter ~> 1.2
    • libsqlite3
  • dm-core ~> 1.2
  • dm-types ~> 1.2
  • dm-migrations ~> 1.2
  • dm-validations ~> 1.2
  • dm-aggregates ~> 1.2
  • dm-timestamps ~> 1.2
• dm-is-predefined ~> 0.4
• uri-query_params ~> 0.6
• open_namespace ~> 0.4
• data_paths ~> 0.3
• object_loader ~> 1.0
• parameters ~> 0.4
• pullr ~> 0.1, >= 0.1.2
• ripl ~> 0.3
• ripl-multi_line ~> 0.2
• ripl-auto_indent ~> 0.1
• ripl-short_errors ~> 0.1
• ripl-color_result ~> 0.3
• ronin-support ~> 0.5

Install

$ gem install ronin

Development

1. Fork It!
2. Clone It!
3. cd ronin
4. bundle install
5. git checkout -b my_feature
6. Code It!
7. bundle exec rake spec
8. git push origin my_feature