1.1.0

• Added Ronin::Exploits::CommandInjection.
• Allow :untested as a value for Ronin::Exploits::Exploit.quality.
• Renamed the raw_user_agent param to user_agent_string in Ronin::Exploits::Mixins::HTTP.

CLI

• Added the -T,--test option to ronin-exploits run which will only run the exploits Ronin::Exploits::Exploit#test test method to determine if the target is vulnerable or not.
• Added the ronin-exploits completion command to install shell completion files for all ronin-exploits commands for Bash and Zsh shells.
• The ronin-exploits show command can now print an example ronin-exploits run command for the given exploit.
• Use hyphenated values for ronin-exploits new options.

1.0.6

CLI

• Fixed the usage for ronin-exploits new --software-version.
• Fixed a bug in ronin-exploits run that would crash the command when the payload failed to create a post-exploitation session.

1.0.5

CLI

• Correctly assign the -d short flag to --debug and the -D short flag to --dry-run for the ronin-exploits run command.
• Multiple bug fixes to the ronin-exploits new command:
  • Create the parent directory of the new exploit file, if it already doesn't exist, when running ronin-exploits new path/to/new_exploit.rb.
  • Fixed a bug where ronin-exploits new -t open_redirect was not being accepted as a valid exploit type.
  • Fixed a bug in ronin-explotis new where -t xss and -t ssti were not adding placeholder base_path and query_param metadata attributes to the newly generated exploit file.
  • Fixed a typo in the example escape_expr metadata attribute added by ronin-exploits new -t ssti.
  • Fixed a spelling mistake in the new exploit template used by the ronin-exploits new command.

1.0.4

• Documentation fixes.

CLI

• Fixed a bug in ronin-exploits run when the exploit does not accept a payload and no payload is given.

1.0.3

CLI

• All newly generated exploit files using ronin-exploit new should have a
  summary and a description.
• Fixed a bug where the ronin-exploits new options --author,
  --author-email, or --summary were not properly escaping given values.

1.0.2

• Corrected the class_dir for Ronin::Exploits; even though
  ronin-exploits will never contain any built-in exploits.
• Avoid using case/in syntax for TruffleRuby.
• Documentation fixes and improvements.

CLI

• Fixed a typo in ronin-exploits new man-page.
• Fixed a bug in the ronin-exploits show command where a target's version
  was not being printed.
• Fixed a bug where ronin-exploits new --payload-type command wasn't being
  accepted as a valid payload type.

1.0.1

• Require ronin-support ~> 1.0, >= 1.0.1.
• Require ronin-payloads ~> 0.1, >= 0.1.1.
• Require ronin-vulns ~> 0.1, >= 0.1.1.

CLI

• Fixed multiple bugs in the --encoder-param option of the
  ronin-exploits run command.

1.0.0

• Upgraded to the LGPL-3 license.
• Require ruby >= 3.0.0.
• Added ronin-support ~> 1.0 as a dependency.
• Added ronin-post_ex ~> 0.1 as a dependency.
• Added ronin-payloads ~> 0.1 as a dependency.
• Added ronin-vulns ~> 0.1 as a dependency.
• Added ronin-core ~> 0.1 as a dependency.
• Added ronin-repos ~> 0.1 as a dependency.
• Added Ronin::Exploits::Advisory.
• Added Ronin::Exploits::Loot.
• Added Ronin::Exploits::Loot::File.
• Added Ronin::Exploits::TestResult.
• Added Ronin::Exploits::Exploit.exploit.
• Added Ronin::Exploits::Exploit#perform_test.
• Added Ronin::Exploits::Exploit#perform_build.
• Added Ronin::Exploits::Exploit#perform_launch.
• Added Ronin::Exploits::Exploit#perform_cleanup.
• Added Ronin::Exploits::Exploit#exploit.
• Added Ronin::Exploits::Exploit#validate.
• Added Ronin::Exploits::Exploit#Vulnerable.
• Added Ronin::Exploits::Exploit#NotVulnerable.
• Added Ronin::Exploits::Exploit#Unknown.
• Added Ronin::Exploits::Exploit#test.
• Added Ronin::Exploits::Exploit#build.
• Added Ronin::Exploits::Exploit#launch.
• Added Ronin::Exploits::Exploit#cleanup.
• Added Ronin::Exploits::MemoryCorruption.
• Added Ronin::Exploits::StackOverflow.
• Added Ronin::Exploits::SEHOverflow.
• Added Ronin::Exploits::HeapOverflow.
• Added Ronin::Exploits::UseAfterFree.
• Added Ronin::Exploits::WebVuln.
• Added Ronin::Exploits::OpenRedirect.
• Added Ronin::Exploits::LFI.
• Added Ronin::Exploits::RFI.
• Added Ronin::Exploits::SQLI.
• Added Ronin::Exploits::SSTI.
• Added Ronin::Exploits::XSS.
• Added Ronin::Exploits::ClientSideWebVuln.
• Added Ronin::Exploits::Mixins::Binary.
• Added Ronin::Exploits::Mixins::FileBuilder.
• Added Ronin::Exploits::Mixins::FormatString.
• Added Ronin::Exploits::Mixins::HasTargets.
• Added Ronin::Exploits::Mixins::HasTargets.
• Added Ronin::Exploits::Mixins::HasPayload.
• Added Ronin::Exploits::Mixins::HTTP.
• Added Ronin::Exploits::Mixins::Loot.
• Added Ronin::Exploits::Mixins::NOPS.
• Added Ronin::Exploits::Mixins::RemoteTCP.
• Added Ronin::Exploits::Mixins::RemoteUDP.
• Added Ronin::Exploits::Mixins::SEH.
• Added Ronin::Exploits::Mixins::StackOverflow.
• Added Ronin::Exploits::Mixins::Text.
• Added Ronin::Exploits::Params::BaseURL.
• Added Ronin::Exploits::Params::BindHost.
• Added Ronin::Exploits::Params::BindPort.
• Added Ronin::Exploits::Params::Filename.
• Added Ronin::Exploits::Params::Host.
• Added Ronin::Exploits::Params::Port.
• Renamed ronin/exploits/helpers to ronin/exploits/mixins.
• Extracted Ronin::Payloads into ronin-payloads.
• Extracted agent payloads into separate ronin-agent- repos.
  • ronin-agent-php
  • ronin-agent-ruby
  • ronin-agent-nodejs
• Refactored the ronin-exploit command into the ronin-exploits run command.
• Refactored Ronin::Exploits::Exploit as a Plain Old Ruby Class that defines
  method data, params, and the build, launch, and cleanup methods.
• Refactored Ronin::UI into Ronin::Exploits::CLI.
• Removed the open_namespace dependency.
• Removed the data_paths dependency.
• Removed the ronin-gen dependency.
• Removed the ronin dependency; ronin now requires ronin-exploits and all
  other ronin- gems.
• Removed Ronin::Exploits::Controls.
• Removed Ronin::Exploits::Generators in favor of the ronin-exploits new
  command.
• Removed Ronin::Exploits::UnknownHelper.
• Removed Ronin::Exploits::Helpers::Padding in favor of calling String#pad.
• Removed Ronin::Exploits::Exploit#helpers in favor of included_modules.
• Removed Ronin::Exploits::Exploit#helper in favor of including
  Ronin::Exploits::Mixins modules.
• Removed Ronin::Exploits::Local.
• Removed Ronin::Exploits::Remote.
• Removed Ronin::Exploits::RemoteTCP in favor of including
  Ronin::Exploits::Mixins::RemoteTCP.
• Removed Ronin::Exploits::RemoteUDP in favor of including
  Ronin::Exploits::Mixins::RemoteUDP.
• Removed Ronin::Exploits::HTTP in favor of including
  Ronin::Exploits::Mixins::HTTP.
• Removed Ronin::Exploits::FTP.
• Removed all database models and code in favor of Plain Old Ruby Classes.