Added the -T,--test option to ronin-exploits run (#123)

* Added the `-T,--test` option to `ronin-exploits run` to allow only running `Exploit#perform_test` to determine if the target is vulnerable or not: $ ronin-exploits --file=path/to/exploit.rb --test -p host=example.com ... * Printed output looks like one of these lines, depending on the return type: [+] Vulnerable: <test result message> [-] NotVulnerable: <test result message> [~] Unknown: <test result message> [!] Unexpected: <other result type to_s> --------- Co-authored-by: Postmodern <postmodern.mod3@gmail.com>
ronin-rb · Jun 28, 2024 · 56d6776 · 56d6776
1 parent 3e4ddb6
commit 56d6776
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 1 deletion.
diff --git a/lib/ronin/exploits/cli/commands/run.rb b/lib/ronin/exploits/cli/commands/run.rb
@@ -52,6 +52,7 @@ module Commands
         #     -f, --file FILE                  The exploit file to load
         #     -p, --param NAME=VALUE           Sets a param
         #     -D, --dry-run                    Builds the exploit but does not launch it
+        #     -T  --test                       Runs only the exploit test
         #         --payload-file FILE          Load the payload from the given Ruby file
         #         --read-payload FILE          Reads the payload string from the file
         #         --payload-string STRING      Uses the raw payload string instead
@@ -85,11 +86,15 @@ class Run < ExploitCommand
           include Core::CLI::Options::Param
           include Core::CLI::Logging
           include CommandKit::Printing::Indent
+          include Support::CLI::Printing
 
           # Exploit options
           option :dry_run, short: '-D',
                            desc: 'Builds the exploit but does not launch it'
 
+          option :test, short: '-T',
+                        desc: 'Runs only the exploit test'
+
           # Payload options
           option :payload_file, value: {
                                   type: String,
@@ -273,7 +278,12 @@ def run(name=nil)
             validate_payload
             initialize_exploit
             validate_exploit
-            run_exploit
+
+            if options[:test]
+              run_test
+            else
+              run_exploit
+            end
 
             if options[:irb]
               start_shell
@@ -382,6 +392,22 @@ def run_exploit
             end
           end
 
+          #
+          # Run the exploit's test method, and print the result.
+          #
+          def run_test
+            case (result = @exploit.perform_test)
+            when TestResult::Vulnerable
+              print_positive "Vulnerable: #{result}"
+            when TestResult::NotVulnerable
+              print_negative "NotVulnerable: #{result}"
+            when TestResult::Unknown
+              print_warning "Unknown: #{result}"
+            else
+              print_error "Unexpected result: #{result.inspect}"
+            end
+          end
+
           #
           # Starts an interactive ruby shell within the exploit object.
           #

diff --git a/man/ronin-exploits-run.1.md b/man/ronin-exploits-run.1.md
@@ -28,6 +28,9 @@ Loads and runs an exploit.
 `-D`, `--dry-run`
 : Builds the exploit but does not launch it.
 
+`-T`, `--test`
+: Runs only the exploit test.
+
 `--payload-file` *FILE*
 : Load the payload from the given Ruby file.