Skip to content

Latest commit

 

History

History
326 lines (312 loc) · 14.1 KB

ChangeLog.md

File metadata and controls

326 lines (312 loc) · 14.1 KB
Raw

1.0.0 / 2012-07-01

  • Upgraded to the GPL-3 license.
  • Require open_namespace ~> 0.3.
  • Require data_paths ~> 0.3.
  • Require uri-query_params ~> 0.5, >= 0.5.2.
  • Require ronin-support ~> 0.4.
  • Require ronin ~> 1.3.
  • Require ronin-gen ~> 1.0.
  • Added {Ronin::Model::TargetsArch::ClassMethods}.
  • Added {Ronin::Model::TargetsOS::ClassMethods}.
  • Added {Ronin::Model::TargetsSoftware::ClassMethods}.
  • Added {Ronin::Advisory}.
  • Added {Ronin::Exploits::Reference}.
  • Added {Ronin::Exploits::Target#respond_to?}.
  • Added {Ronin::Exploits::Exploit.advisory}.
  • Added {Ronin::Exploits::Exploit#advisory}.
  • Added {Ronin::Exploits::Exploit#targeting_arch}.
  • Added {Ronin::Exploits::Exploit#targeting_os}.
  • Added {Ronin::Exploits::Exploit#targeting_software}.
  • Added {Ronin::Exploits::Exploit#evacuate!}.
  • Added {Ronin::Exploits::LFI}.
  • Added {Ronin::Exploits::RFI}.
  • Added {Ronin::Exploits::SQLi}.
  • Added {Ronin::Payloads::HasPayload#respond_to?}.
  • Added {Ronin::Payloads::Helpers::Shell}.
  • Added {Ronin::Payloads::Helpers::RPC}.
  • Added {Ronin::Payloads::ASMPayload#assemble}.
  • Added {Ronin::Payloads::Shellcode#shellcode}.
  • Added {Ronin::Payloads::BindShell}.
  • Added {Ronin::Payloads::Helpers::BindShell}.
  • Added {Ronin::PostExploitation::Command}.
  • Added {Ronin::PostExploitation::IO}.
  • Added {Ronin::PostExploitation::File}.
  • Added {Ronin::PostExploitation::File::Stat}.
  • Added {Ronin::PostExploitation::Dir}.
  • Added {Ronin::PostExploitation::Resource}.
  • Added {Ronin::PostExploitation::Resources::Process}.
  • Added {Ronin::PostExploitation::Resources::FS}.
  • Added {Ronin::PostExploitation::Resources::Shell}.
  • Added {Ronin::PostExploitation::Shells::FS}.
  • Added {Ronin::PostExploitation::Mixin}.
  • Added {Ronin::Vuln}.
  • Added a {Ronin::PostExploitation} compatible PHP payload.
    • Supports forking off as an independent HTTP Server.
  • Added a one-liner PHP backdoor payload.
  • Added a {Ronin::PostExploitation} compatible Ruby payload.
  • Added a {Ronin::PostExploitation} compatible Node.js payload.
  • Added the ronin-encoders and ronin-encoder commands.
  • Renamed Ronin::Exploits::Verifiers to {Ronin::Exploits::Tests}.
  • Renamed Ronin::Payloads::Encoder to {Ronin::Encoders::Encoder}.
  • Renamed Ronin::Payloads::Encoders::XOR to {Ronin::Encoders::XOR}.
  • Removed Ronin::Exploits::Behavior.
  • Removed Ronin::Exploits::ExploitedBehavior.
  • Removed Ronin::Exploits::Exploit.exploiting.
  • Removed Ronin::Exploits::Exploit#targeted_archs.
  • Removed Ronin::Exploits::Exploit#targeted_oses.
  • Removed Ronin::Exploits::Exploit#targeted_software.
  • Removed Ronin::Exploits::Exploit#exploits.
  • {Ronin::Exploits::Exploit}, {Ronin::Payloads::Payload} and {Ronin::Encoders::Encoder} now all include Ronin::Script.
  • Switched from Jeweler to Ore and Bundler.
  • Opt into test.rubygems.org.

0.3.1 / 2009-10-01

  • Removed duplicate default_port properties from Ronin::Exploits::FTP and Ronin::Exploits::HTTP, which were causing dm-core 0.10.1 to crash.

0.3.0 / 2009-09-24

  • Require ronin >= 0.3.0.
  • Require ronin-gen >= 0.2.0.
  • Require rspec >= 1.2.8.
  • Require yard >= 0.2.3.5.
  • Added Ronin::Vuln::Behavior.drop_privileges.
  • Added Ronin::Vuln::Behavior.exit_program.
  • Added Ronin::Vuln::Behavior.crash_program.
  • Added Ronin::Controls.
  • Added Ronin::Controls::Behaviors.
  • Added Ronin::Controls::Helpers.
  • Added Ronin::Controls::Helpers::CommandExec.
  • Added Ronin::Controls::Helpers::DirCreate.
  • Added Ronin::Controls::Helpers::DirListing.
  • Added Ronin::Controls::Helpers::DirRemove.
  • Added Ronin::Controls::Helpers::FileCtime.
  • Added Ronin::Controls::Helpers::FileMtime.
  • Added Ronin::Controls::Helpers::FileOwnership.
  • Added Ronin::Controls::Helpers::FileRead.
  • Added Ronin::Controls::Helpers::FileRemove.
  • Added Ronin::Controls::Helpers::FileWrite.
  • Added Ronin::Controls::Helpers::MemoryRead.
  • Added Ronin::Controls::Helpers::MemoryWrite.
  • Added Ronin::Model::TargetsProduct.
  • Added Ronin::Exploits::Exploit#target=.
  • Added Ronin::Exploits::Exploit#payload=.
  • Added Ronin::Exploits::Exploit#raw_payload=.
  • Added Ronin::Exploits::Exploit#build_payload!.
  • Added Ronin::Payloads::HasPayload.
  • Added Ronin::Payloads::Helpers::Chained
  • Added Ronin::Generators::Exploits.
  • Added Ronin::Generators::Exploits::Exploit.
  • Added Ronin::Generators::Exploits::Local.
  • Added Ronin::Generators::Exploits::Remote.
  • Added Ronin::Generators::Exploits::RemoteTCP.
  • Added Ronin::Generators::Exploits::RemoteUDP.
  • Added Ronin::Generators::Exploits::FTP.
  • Added Ronin::Generators::Exploits::HTTP.
  • Added Ronin::Generators::Exploits::Web.
  • Added Ronin::Generators::Payloads.
  • Added Ronin::Generators::Payloads::Payload.
  • Added Ronin::Generators::Payloads::BinaryPayload.
  • Added Ronin::Generators::Payloads::Shellcode.
  • Added Ronin::Generators::Payloads::Nops.
  • Added Ronin::UI::CommandLine::Commands::Exploit.
  • Added Ronin::UI::CommandLine::Commands::Exploits.
  • Added Ronin::UI::CommandLine::Commands::Payload.
  • Added Ronin::UI::CommandLine::Commands::Payloads.
  • Added Ronin::UI::CommandLine::Commands::GenExploit.
  • Added Ronin::UI::CommandLine::Commands::GenLocalExploit.
  • Added Ronin::UI::CommandLine::Commands::GenRemoteExploit.
  • Added Ronin::UI::CommandLine::Commands::GenRemoteTcpExploit.
  • Added Ronin::UI::CommandLine::Commands::GenRemoteUdpExploit.
  • Added Ronin::UI::CommandLine::Commands::GenFtpExploit.
  • Added Ronin::UI::CommandLine::Commands::GenHttpExploit.
  • Added Ronin::UI::CommandLine::Commands::GenWebExploit.
  • Added Ronin::UI::CommandLine::Commands::GenPayload.
  • Added Ronin::UI::CommandLine::Commands::GenBinaryPayload.
  • Added Ronin::UI::CommandLine::Commands::GenShellcode.
  • Added Ronin::UI::CommandLine::Commands::GenNops.
  • Added the ronin-exploit script.
  • Added the ronin-exploits script.
  • Added the ronin-payload script.
  • Added the ronin-payloads script.
  • Added the ronin-gen-exploit script.
  • Added the ronin-gen-local-exploit script.
  • Added the ronin-gen-remote-exploit script.
  • Added the ronin-gen-remote-tcp-exploit script.
  • Added the ronin-gen-remote-udp-exploit script.
  • Added the ronin-gen-ftp-exploit script.
  • Added the ronin-gen-http-exploit script.
  • Added the ronin-gen-payload script.
  • Added the ronin-gen-binary-payload script.
  • Added the ronin-gen-shellcode script.
  • Added the ronin-gen-nops script.
  • Renamed Ronin::Vuln::Behavior.priv_escalation to gain_privileges.
  • Renamed Ronin::Exploits::Exploit#select_target to use_target!.
  • Renamed Ronin::Exploits::Exploit#call to exploit!.
  • Renamed Ronin::Exploits::Exploit#encode_with to encode_payload.
  • Renamed Ronin::Payloads::Encoder to Ronin::Payloads::Encoders::Encoder.
  • Renamed Ronin::Payloads::Encoders::Encoder#call to encode.
  • Renamed Ronin::Exploits::Exploit#encoded_payload=.
  • Removed Ronin::Payloads::Payload#payload to raw_payload.
  • Removed Ronin::Payloads::Payload#call.
  • Moved to YARD based documentation.
  • Updated the project summary and 3-point description for Ronin Exploits.
  • Ronin::Model::TargetsArch now auto-defines a relationship with Arch.
  • Ronin::Model::TargetsOS now auto-defines a relationship with OS.
  • Ronin::Model::TargetsProduct now auto-defines a relationship with Product.
  • Refactored Ronin::Exploits::Exploit.
  • Include Ronin::Controls::Behaviors into Ronin::Exploits::Exploit.
  • Made Ronin::Exploits::Exploit#to_s more robust.
  • Safely load exploit helpers using the new require_within method.
  • Allow Ronin::Exploits::Exploit#encode_payload to accept a block, which will be used to encode the payload.
  • No longer allow the payload to be directly passed to Ronin::Exploits::Exploit#build!.
  • Allow an index or query to be passed to Ronin::Exploits::Exploit#use_target!.
  • Have Ronin::Exploits::Exploit#build_payload! only reset @raw_payload if a payload is set.
  • Make sure Ronin::Exploits::Exploit#encode_payload! cannot set the encoded_payload to nil.
  • Allow Ronin::Exploits::Exploit#encode_payload! to use either Ronin::Payloads::Encoders::Encoder or Proc objects.
  • Allow Ronin::Exploits::Exploit#build_payload! to pass options to Ronin::Payloads::Payload#build!.
  • Allow Ronin::Exploits::Exploit#build! to pass options to Ronin::Exploits::Exploit#build_payload!.
  • Ronin::Exploits::Exploit#deploy! no longer receives options.
  • Allow Ronin::Exploits::Exploit#exploit! to accept a :dry_run option, which will cause the exploit to be built but not deployed.
  • Default the @buffer instance variable to an empty String, in Ronin::Exploits::Helpers::BufferOverflow.
  • Default the @format_string instance variable to an empty String, in Ronin::Exploits::Helpers::FormatString.
  • Refactored Ronin::Payloads::Payload.
  • Include Ronin::Controls::Behaviors into Ronin::Payloads::Payload.
  • Made Ronin::Payloads::Payload#to_s more robust.
  • Safely load payload helpers using the new require_within method.

0.2.1 / 2009-07-02

  • Use Hoe >= 2.0.0.
  • Require ronin >= 0.2.4.
  • Added Ronin::Model::TargetsArch.
  • Added Ronin::Model::TargetsOS.
  • Added Ronin::Mode::HasDefaultPort.
  • Added Exploit#deployed?.
  • Added Exploit#inspect.
  • Added Exploits::Helpers::FileBased.
  • Added Exploits::Web#http_method.
  • Added Exploits::Web#targeted_url_path.
  • Added Payload#inspect.
  • Added Payload#call method.
  • Renamed Exploit#exploit to Exploit#call.
  • Renamed Payloads::Helpers::Unimplemented to Payloads::Helpers::NotImplemented.
  • Renamed RPC#call to RPC#call_method.
  • Removed Exploit#switch_payload.
  • Moved verifier methods into Exploits::Verifiers.
  • Allow Exploit#allow to accept multiple behaviors.
  • Include UI::Diagnostics into Ronin::Exploits::Exploit.
  • Include Sessions::HTTP into Exploits::Web.
  • Include UI::Diagnostics into Ronin::Payloads::Payload.
  • Allow Payload#controlling to accept multiple behaviors.
  • Added more specs.

0.2.0 / 2009-04-11

  • Added Ronin::TargetedArch.
  • Added Ronin::TargetedOS.
  • Added Ronin::TargetedProduct.
  • Added Ronin::Model::TargetsArch.
  • Added Ronin::Model::TargetsOS.
  • Refactored Ronin::Exploits:
    • Added Ronin::Exploits::Target.
    • Added Ronin::Exploits::Targets::BufferOverflow.
    • Added Ronin::Exploits::Targets::FormatString.
    • Added Ronin::Exploits::Helpers::Binary.
    • Added Ronin::Exploits::Helpers::Padding.
    • Added Ronin::Exploits::Helpers::BufferOverflow.
    • Added Ronin::Exploits::Helpers::FormatString.
    • Added Ronin::Exploits::Local.
    • Added Ronin::Exploits::Remote.
    • Added Ronin::Exploits::RemoteTCP.
    • Added Ronin::Exploits::RemoteUDP.
    • Added Ronin::Exploits::FTP.
    • Added Ronin::Exploits::HTTP.
    • Renamed Ronin::Exploits::Impact to Ronin::Exploits::Allow.
    • Removed the Ronin::Exploits::Requirement.
    • Rewrote Ronin::Exploits::Exploit:
      • Use the new Ronin::Cacheable module.
      • Added a status property, which may be either :potential, :proven, :weaponized, but will default to :potential.
      • Added a disclosure property, which can be a combination of :private, :in_wild, :vendor_aware or :public.
      • Added Exploit#helper, which will extend the Exploit object with the Helper module with the similar name.
      • Added the Exploit#build!, Exploit#verify!, Exploit#deploy! methods, which will call the user-defined Exploit#build, Exploit#verify, Exploit#deploy methods, respectively.
      • Added Exploit#targeting.
      • Added Exploit#behaviors.
      • Added Exploit#targeted_archs, Exploit#targeted_oses, Exploit#targeted_products.
      • Added Exploit#select_target.
      • Added the Exploit#target which will return the current selected target, or the first target of the exploit.
      • Added the Exploit#arch, Exploit#os and Exploit#product methods.
      • Added the Exploit#verify_target!, Exploit#verify_arch!, Exploit#verify_os! and Exploit#verify_product! methods.
      • Added Exploit#encoded_payload.
      • Added Exploit#encode_payload!.
      • Have Exploit#verify_restricted! raise an exception listing all restricted characters found in the given text.
      • Renamed Exploit#allows to Exploit#allowing.
      • Renamed Exploit#verify_restricted to Exploit#verify_restricted!.
      • Renamed Exploit#exploit to Exploit#exploit!.
      • Removed Exploit#payloads.
      • Removed Exploit#vulnerable?.
  • Refactored Ronin::Payloads:
    • Added Ronin::Payloads::Helpers::FileSystem.
    • Added Ronin::Payloads::Helpers::RPC.
    • Added Ronin::Payloads::Helpers::Shell.
    • Added Ronin::Payloads::Nops.
    • Added Ronin::Payloads::Encoder.
    • Added Ronin::Payloads::Encoders::XOR.
    • Renamed Ronin::Payloads::Ability to Ronin::Payloads::Control.
    • Rewrote Ronin::Payloads::Payload:
      • Use the new Ronin::Cacheable module.
      • Use Ronin::Model::TargetsArch.
      • Use Ronin::Model::TargetsOS.
      • Added Payload#helper, which will extend the Payload object with the Helper module with the similar name.
      • Added Payload#behaviors.
      • Added Payload#build!, Payload#verify!, Payload#deploy!, which will call the user-defined Payload#build, Payload#verify, Payload#deploy methods, respectively.
      • Rewrote Payload#to_s to return the name and version of the payload.
      • Renamed Payload#controls to Payload#controlling.
      • Removed encoders from the Payload class.
  • Added specs.

0.1.1 / 2009-01-22

  • Removed old references to the ronin/vulnerability directory.
  • Removed old references to the Ronin::Vulnerability namespace.
  • Removed past usage of the :value option with parameters.
    • Parametes now uses the :default option, for specifying the default value of parameters.
  • Added the missing Ronin::Exploits::PayloadSize exception.
  • Reduce usage of first_or_create.
  • Updated target methods.

0.1.0 / 2008-01-08

  • Initial release.
    • Supports many basic exploit types:
      • Ronin::Exploits::Exploit
      • Ronin::Exploits::BinaryExploit
      • Ronin::Exploits::BufferOverflow
      • Ronin::Exploits::FormatString
      • Ronin::Exploits::WebExploit
    • Supports a few basic payload types:
      • Ronin::Payloads::Payload
      • Ronin::Payloads::BinaryPayload
      • Ronin::Payloads::Shellcode
      • Ronin::Payloads::WebPayload
    • Provides the ability to associate Vulnerability Taxonomy information with Exploits and Payloads.
    • Provides a semi-intelligent XOR translator (Ronin::Translators::XOR).