Module: Ronin::Exploits::Mixins::HasPayload

Included in:
CommandInjection, RFI, SQLI, WebVuln
Defined in:
lib/ronin/exploits/mixins/has_payload.rb

Overview

Adds the ability to use a payload in an exploit.

Examples

module Ronin
  module Exploits
    class MyExploit < Exploit

      include Mixins::HasPayload

      payload_class Ronin::Payloads::JavaScriptPayload

    end
  end
end

Defined Under Namespace

Modules: ClassMethods

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#payloadRonin::Payloads::Payload, ...

The payload the exploit can use.

Returns:

  • (Ronin::Payloads::Payload, String, nil)


90
91
92
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 90

def payload
  @payload
end

Class Method Details

.included(exploit) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Adds ClassMethods to the exploit.

Parameters:



56
57
58
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 56

def self.included(exploit)
  exploit.extend ClassMethods
end

Instance Method Details

#initialize(payload: nil, **kwargs) ⇒ Object

Initializes the exploit and sets the #payload.

Parameters:

  • payload (Ronin::Payloads::Payload, String, nil) (defaults to: nil)

    The payload to use.



98
99
100
101
102
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 98

def initialize(payload: nil, **kwargs)
  super(**kwargs)

  self.payload = payload
end

#perform_buildObject

Calls the payload's perform_build method first before the exploit is built.



151
152
153
154
155
156
157
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 151

def perform_build
  if @payload.kind_of?(Ronin::Payloads::Payload)
    @payload.perform_build
  end

  super
end

#perform_cleanupObject

Calls the payload's perform_cleanup method first after the exploit is cleaned up.



193
194
195
196
197
198
199
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 193

def perform_cleanup
  super

  if @payload.kind_of?(Ronin::Payloads::Payload)
    @payload.perform_cleanup
  end
end

#perform_launchObject

Note:

If any exception is raised by the exploit's launch method, then the payload's perform_cleanup method is called and the exception is re-raised.

Overrides the payload's perform_prelaunch method, then calls the exploit's perform_launch method, and finally calls the payload's perform_postlaunch method.



169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 169

def perform_launch
  if @payload.kind_of?(Ronin::Payloads::Payload)
    @payload.perform_prelaunch
  end

  begin
    super()

    if @payload.kind_of?(Ronin::Payloads::Payload)
      @payload.perform_postlaunch
    end
  rescue => error
    if @payload.kind_of?(Ronin::Payloads::Payload)
      @payload.perform_cleanup
    end

    raise(error)
  end
end

#perform_validateObject

Validates #payload and the exploit.

Raises:

  • (MissingPayload)

    #payload was never set.

  • (Ronin::Core::Params::RequiredParam)

    One of the required params in the exploit or #payload is not set.



135
136
137
138
139
140
141
142
143
144
145
# File 'lib/ronin/exploits/mixins/has_payload.rb', line 135

def perform_validate
  unless @payload
    raise(MissingPayload,"exploit requires a payload")
  end

  if @payload.kind_of?(Ronin::Core::Params::Mixin)
    @payload.validate_params
  end

  super
end