Class: Ronin::Exploits::CommandInjection

Inherits:

Exploit

• Object
• Exploit
• Ronin::Exploits::CommandInjection

Includes:

Mixins::HasPayload

Defined in:

lib/ronin/exploits/command_injection.rb

Overview

Represents a command injection exploit.

Example

require 'ronin/exploits/command_injection'
require 'ronin/exploits/mixins/http'

module Ronin
  module Exploits
    class MyExploit < CommandInjection

      register 'my_exploit'

      include Mixins::HTTP

      def launch
        http_post '/form.php', post_data: {var: "';#{payload}#"}
      end

    end
  end
end

Since:

• 1.1.0

Instance Attribute Summary

Attributes included from Mixins::HasPayload

#payload

Class Method Summary

• .exploit_type ⇒ Symbol private

  Returns the type or kind of exploit.

Methods included from Mixins::HasPayload

included, #initialize, #perform_build, #perform_cleanup, #perform_launch, #perform_validate

Methods inherited from Exploit

#NotVulnerable, #Unknown, #Vulnerable, advisories, advisory, #build, #cleanup, disclosed?, disclosure_date, exploit, #exploit, #fail, #initialize, #launch, #perform_build, #perform_cleanup, #perform_launch, #perform_test, #perform_validate, quality, register, release_date, released?, software, software_versions, #test, #validate

Class Method Details

.exploit_type ⇒ Symbol

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

This is used internally to map an exploit class to a printable type.

Returns the type or kind of exploit.

Returns:

• (Symbol)

Since:

• 1.1.0

# File 'lib/ronin/exploits/command_injection.rb', line 72

def self.exploit_type
  :command_injection
end