ronin-support 0.5.0, ronin 1.5.0 and ronin-gen 1.2.0 have finally been released!

$ gem install ronin-support ronin ronin-gen

Checksums

Whats New?

pack / unpack

Special pack / unpack methods were added to String, Integer, Float and Array classes. Unlike the normal Array#pack / String#unpack methods, these methods accept C-types:

[0x5, "hello"].pack(:uint16_be, :string)
# => "\x00\x05hello\x00"

You can even specify the lengths of fields with Array#pack and

[0x1, 0x2, 0x3, 0x4, "hello"].pack([:uint8, 4], :string)
# => "\x01\x02\x03\x04hello\x00"

For a complete list of supported types, please see the documentation for Binary::Template.

Binary::Template

The way we implemented the fancy pack / unpack methods, was to create a template (Binary::Template) which translates C-types to Ruby pack codes. Using Binary::Template you can create reusable binary templates for packing and unpacking data.

template = Binary::Template[:uint16_be, :string]
template.pack(0x5, "hello")
# => "\x00\x05hello\x00"

template.unpack("\x00\x05hello\x00")
# => [5, "hello"]

Binary::Struct

Binary::Struct was also added to ronin-support 0.5.0. It is similar to BinStruct, but provides the same API as FFI::Struct. It supports typedefs, Array fields, nested-Structs and overriding reader/writer methods of fields.

require 'ronin/binary/struct'

class Packet < Binary::Struct

  endian :network

  layout :length, :uint32,
         :data,   [:uchar, 48]

end

pkt = Packet.new
pkt.length = 5
pkt.data   = 'hello'

buffer = pkt.pack
# => "\x00\x00\x00\x05hello\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"

new_pkt = Packet.unpack(buffer)
# => #<Packet: length: 5, data: "hello">

tcp_open? / udp_open?

The tcp_open? and udp_open? methods were added to ronin-support 0.5.0. These methods perform basic tests to determine if a TCP / UDP port is open.

tcp_open?('example.com',80)
# => true
udp_open?('4.2.2.1',53)
# => true

Network::UNIX

Network::UNIX was added to help communicating with UNIX sockets.

unix_connect('/tmp/haproxy.stats.socket')
# => #<UNIXSocket:...>
unix_session('/tmp/haproxy.stats.socket') do |socket|
  socket.puts("show stat")
  puts socket.readlines
end
unix_accept('/tmp/race_condition.socket') do |socket|
  sockets.puts(buffer)
end

Network::FTP

Network::FTP was added to provide the same helper methods as Network::IMAP, but for communicating with FTP Servers.

ftp_connect('www.example.com', :user => 'joe', :password => 'secret')
# => #<Net::FTP:...>
ftp_session('ftp.kernel.org') do |ftp|
  ftp.chdir('/pub')
  puts ftp.list
end

Network::TCP::Proxy / Network::UDP::Proxy

Network::TCP::Proxy and Network::UDP::Proxy were added as well. Finally, you can create simple evented TCP/UDP proxies, to intercept or rewrite messages.

require 'ronin/network/tcp/proxy'
require 'hexdump'

Ronin::Network::TCP::Proxy.start(:port => 1337, :server => ['www.wired.com', 80]) do |proxy|
  address = lambda { |socket|
    addrinfo = socket.peeraddr
   "#{addrinfo[3]}:#{addrinfo[1]}"
  }
  hex = Hexdump::Dumper.new

  proxy.on_client_data do |client,server,data|
    puts "#{address[client]} -> #{proxy}"
    hex.dump(data)
  end

  proxy.on_client_connect do |client|
    puts "#{address[client]} -> #{proxy} [connected]"
  end

  proxy.on_client_disconnect do |client,server|
    puts "#{address[client]} <- #{proxy} [disconnected]"
  end

  proxy.on_server_data do |client,server,data|
    puts "#{address[client]} <- #{proxy}"
    hex.dump(data)
  end

  proxy.on_server_connect do |client,server|
    puts "#{address[client]} <- #{proxy} [connected]"
  end

  proxy.on_server_disconnect do |client,server|
    puts "#{address[client]} <- #{proxy} [disconnected]"
  end
end
require 'ronin/network/udp/proxy'
require 'hexdump'

Ronin::Network::UDP::Proxy.start(:port => 1337, :server => ['4.2.2.1', 53]) do |proxy|
  hex = Hexdump::Dumper.new

  proxy.on_client_data do |(client,(host,port)),server,data|
    puts "#{host}:#{port} -> #{proxy}"
    hex.dump(data)
  end

  proxy.on_server_data do |(client,(host,port)),server,data|
    puts "#{host}:#{port} <- #{proxy}"
    hex.dump(data)
  end

end

Console Commands

In ronin 1.5.0, one can now embed variables into shell commands:

>> !ncat #{ip} #{port}

Special Console commands (edit) have been separated from shell commands (!netstat -an) and are now prefixed with a .:

>> .edit

ronin net:proxy

Building on Network::TCP::Proxy and Network::UDP::Proxy, the net:proxy command was added to ronin 1.5.0 for quick proxying.

$ ronin net:proxy --port 8080 --server google.com:80
$ ronin net:proxy --port 53 --server 4.2.2.1 --udp --hexdump

ronin fuzzer

The fuzzer command was also added to ronin 1.5.0, for quick and dirty fuzzing of files, commands, TCP/UDP Services.

$ ronin fuzzer -i request.txt -o bad.txt -r unix_path:bad_strings

Man pages

Ronin 1.5.0 now sports professional man-pages for every command. The man-pages are viewed using the ronin help command.

$ ronin-help wordlist

Update

Due to a few minor bugs that slipped past QA, ronin-support 0.5.1 has been released:

$ gem update ronin-support