Class: Ronin::Payloads::Payload

Inherits:

Object

• Object
• Ronin::Payloads::Payload

Includes:

Core::Metadata::Authors, Core::Metadata::Description, Core::Metadata::ID, Core::Metadata::References, Core::Metadata::Summary, Core::Params::Mixin, Support::CLI::Printing

Defined in:

lib/ronin/payloads/payload.rb

Overview

The Payload class allows for describing payloads, which are delivered via exploits, purely in Ruby. Payloads contain metadata about the payload and methods which define the functionality of the payload. Payloads may also be coupled with exploits, or chained together with other payloads.

Payload API Methods

• initialize - Initializes a new instance of the payload.
• build - contains the logic to build the payload. The built payload must be stored in the @payload instance variable.
• prelaunch - contains additional logic that runs before the payload has been launched by the exploit.
• postlaunch - contains additional logic that runs after the payload has been launched by the exploit.
• cleanup - contains additional logic to cleanup or shutdown the payload.

Example

module Ronin
  module Payloads
    class MyPayload < Payload

      register 'my_payload'

      summary 'My first payload'
      description <<~EOS
        This is my first payload.
        Bla bla bla bla.
      EOS

      author 'John Smith'
      author 'John Smith', email: '...', twitter: '...'

      param :foo, desc: 'Simple param'
      param :bar, Integer, desc: 'A param iwth a typo'

      def build
        @payload = "..."
      end

      def prelaunch
        # ...
      end

      def postlaunch
        # ...
      end

      def cleanup
        # ...
      end

    end
  end
end

Direct Known Subclasses

BinaryPayload, ColdFusionPayload, CommandPayload, HTMLPayload, JSPPayload, JavaPayload, JavaScriptPayload, NodeJSPayload, PHPPayload, PowerShellPayload, PythonPayload, RubyPayload, SQLPayload, URLPayload, XMLPayload

Instance Attribute Summary

• #encoders ⇒ Encoders::Pipeline readonly

  The payload's encoder pipeline.

• #payload ⇒ Object readonly

  The built payload.

String Methods

• #bytesize ⇒ Integer (also: #size)

  The size of the payload in bytes.

• #length ⇒ Integer

  The number of characters in the payload.

• #to_s ⇒ String (also: #to_str)

  Converts the payload into a String.

Payload API Methods

• #build ⇒ Object abstract

  Builds the payload.

• #cleanup ⇒ Object abstract

  Placeholder method to clean up the payload.

• #postlaunch ⇒ Object abstract

  Placeholder method that runs after the payload is launched by the exploit.

• #prelaunch ⇒ Object abstract

  Placeholder method that runs before the payload is launched by the exploit.

• #validate ⇒ Object abstract

  Place holder method for additional validation logic.

Class Method Summary

• .encoder_class(new_encoder_class = nil) ⇒ Class<Encoders::Encoder>

  Gets or sets the payload encoder base class that is compatible with the payload.

• .payload_type ⇒ Symbol private

  Returns the type or kind of payload.

• .register(payload_id) ⇒ Object

  Registers the payload with Ronin::Payloads.

Instance Method Summary

• #built? ⇒ Boolean

  Determines whether the payload was built.

• #built_payload ⇒ String

  The built payload String.

• #encode_payload ⇒ String

  Encodes the built payload.

• #encoded_payload ⇒ String

  The encoded payload.

• #initialize(encoders: nil, **kwargs) ⇒ Payload constructor

  Initializes the payload.

• #perform_build ⇒ Object

  Builds the payload.

• #perform_cleanup ⇒ Object

  Performs the cleanup step.

• #perform_postlaunch ⇒ Object

  Performs the post-launch step.

• #perform_prelaunch ⇒ Object

  Performs the prelaunch step.

• #perform_validate ⇒ Object

  Validates that the payload is ready to be built.

• #rebuild_payload ⇒ String

  Forcibly rebuilds the payload.

• #reencode_payload ⇒ String

  Forcibly re-encodes the payload.

Constructor Details

#initialize(encoders: nil, **kwargs) ⇒ Payload

Initializes the payload.

Parameters:

• encoders (Array<Encoders::Encoder>, nil) (defaults to: nil) —

  The optional list of payload encoders to use.

Raises:

• (IncompatibleEncoder) —

  One of the encoders in encoders: was not compatible with the payload's encoder_class.

# File 'lib/ronin/payloads/payload.rb', line 179

def initialize(encoders: nil, **kwargs)
  super(**kwargs)

  @encoders = Encoders::Pipeline.new

  if encoders
    encoders.each do |encoder|
      unless encoder.kind_of?(self.class.encoder_class)
        raise(IncompatibleEncoder,"encoder for payload #{self.class} was not of type #{self.class.encoder_class}: #{encoder.inspect}")
      end

      @encoders << encoder
    end
  end
end

Instance Attribute Details

#encoders ⇒ Encoders::Pipeline (readonly)

The payload's encoder pipeline.

Returns:

• (Encoders::Pipeline)

# File 'lib/ronin/payloads/payload.rb', line 167

def encoders
  @encoders
end

#payload ⇒ Object (readonly)

The built payload

# File 'lib/ronin/payloads/payload.rb', line 162

def payload
  @payload
end

Class Method Details

.encoder_class(new_encoder_class = nil) ⇒ Class<Encoders::Encoder>

Gets or sets the payload encoder base class that is compatible with the payload.

Parameters:

• new_encoder_class (Class<Encoders::Encoder>, nil) (defaults to: nil) —

  The optional new payload encoder base class to set.

Returns:

• (Class<Encoders::Encoder>) —

  The exploit's compatible payload encoder base class.

# File 'lib/ronin/payloads/payload.rb', line 135

def self.encoder_class(new_encoder_class=nil)
  if new_encoder_class
    @encoder_class = new_encoder_class
  else
    @encoder_class ||= if superclass < ClassMethods
                         superclass.encoder_class
                       else
                         Encoders::Encoder
                       end
  end
end

.payload_type ⇒ Symbol

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

This is used internally to map an payload class to a printable type.

Returns the type or kind of payload.

Returns:

• (Symbol)

# File 'lib/ronin/payloads/payload.rb', line 157

def self.payload_type
  :payload
end

.register(payload_id) ⇒ Object

Note:

The given id must match the file name.

Registers the payload with Ronin::Payloads.

Examples:

register 'shellcode/x86_64/linux/binsh'

Parameters:

• payload_id (String) —

  The payload's ID.

# File 'lib/ronin/payloads/payload.rb', line 120

def self.register(payload_id)
  id(payload_id)
  Payloads.register(payload_id,self)
end

Instance Method Details

#build ⇒ Object

This method is abstract.

Builds the payload.

# File 'lib/ronin/payloads/payload.rb', line 399

def build
end

#built? ⇒ Boolean

Determines whether the payload was built.

Returns:

• (Boolean)

# File 'lib/ronin/payloads/payload.rb', line 217

def built?
  !(@payload.nil? || @payload.empty?)
end

#built_payload ⇒ String

Note:

This method will lazy-build the payload if unbuilt.

The built payload String.

Returns:

• (String) —

  The built payload String.

# File 'lib/ronin/payloads/payload.rb', line 246

def built_payload
  perform_build unless built?

  return @payload
end

#bytesize ⇒ Integer Also known as: size

The size of the payload in bytes.

Returns:

• (Integer)

# File 'lib/ronin/payloads/payload.rb', line 360

def bytesize
  encoded_payload.bytesize
end

#cleanup ⇒ Object

This method is abstract.

Placeholder method to clean up the payload.

# File 'lib/ronin/payloads/payload.rb', line 425

def cleanup
end

#encode_payload ⇒ String

Note:

This method will return a new, potentially different, String each time.

Encodes the built payload.

Returns:

• (String) —

  The encoded payload String.

# File 'lib/ronin/payloads/payload.rb', line 273

def encode_payload
  @encoders.encode(built_payload)
end

#encoded_payload ⇒ String

Note:

This method will lazy build then lazy encode the payload and save the result.

The encoded payload.

Returns:

• (String) —

  The encoded payload String.

See Also:

• #encode_payload

# File 'lib/ronin/payloads/payload.rb', line 289

def encoded_payload
  @encoded_payload ||= encode_payload
end

#length ⇒ Integer

The number of characters in the payload.

Returns:

• (Integer)

# File 'lib/ronin/payloads/payload.rb', line 351

def length
  encoded_payload.length
end

#perform_build ⇒ Object

Builds the payload.

See Also:

• #build

# File 'lib/ronin/payloads/payload.rb', line 228

def perform_build
  @payload = nil

  build

  unless built?
    raise(PayloadNotBuilt,"the payload was not built for some reason: #{inspect}")
  end
end

#perform_cleanup ⇒ Object

Performs the cleanup step.

See Also:

• #cleanup

# File 'lib/ronin/payloads/payload.rb', line 337

def perform_cleanup
  cleanup
  @payload = nil
end

#perform_postlaunch ⇒ Object

Performs the post-launch step.

See Also:

• #postlaunch

# File 'lib/ronin/payloads/payload.rb', line 326

def perform_postlaunch
  postlaunch
end

#perform_prelaunch ⇒ Object

Performs the prelaunch step.

See Also:

• #prelaunch

# File 'lib/ronin/payloads/payload.rb', line 315

def perform_prelaunch
  prelaunch
end

#perform_validate ⇒ Object

Validates that the payload is ready to be built.

Raises:

• (Ronin::Core::Params::RequiredParam) —

  One of the required params was not set.

• (ValidationError) —

  Another payload validation error occurred.

# File 'lib/ronin/payloads/payload.rb', line 206

def perform_validate
  validate_params
  @encoders.validate
  validate
end

#postlaunch ⇒ Object

This method is abstract.

Placeholder method that runs after the payload is launched by the exploit.

# File 'lib/ronin/payloads/payload.rb', line 417

def postlaunch
end

#prelaunch ⇒ Object

This method is abstract.

Placeholder method that runs before the payload is launched by the exploit.

# File 'lib/ronin/payloads/payload.rb', line 408

def prelaunch
end

#rebuild_payload ⇒ String

Forcibly rebuilds the payload.

Returns:

• (String) —

  The re-built payload String.

# File 'lib/ronin/payloads/payload.rb', line 258

def rebuild_payload
  @payload = nil
  perform_build
end

#reencode_payload ⇒ String

Note:

This will re-encode the built payload and update #encoded_payload.

Forcibly re-encodes the payload.

Returns:

• (String) —

  The re-encoded payload String.

See Also:

• #encode_payload

# File 'lib/ronin/payloads/payload.rb', line 304

def reencode_payload
  @encoded_payload = encode_payload
end

#to_s ⇒ String Also known as: to_str

Converts the payload into a String.

Returns:

• (String) —

  The built and encoded payload.

See Also:

• #encoded_payload

# File 'lib/ronin/payloads/payload.rb', line 374

def to_s
  encoded_payload
end

#validate ⇒ Object

This method is abstract.

Place holder method for additional validation logic.

# File 'lib/ronin/payloads/payload.rb', line 391

def validate
end