Ronin 2.0 – Open Source Ruby Toolkit For Security
Written by Nikos Vaggalis   
Thursday, 23 February 2023

Considered as a simpler and more modular version of Metasploit, version 2 of Ronin has been finally released after nearly a full year of non-stop development. So why Ronin?


First of all, let's give credit to Ruby; it powers both Ronin and Metasploit and is the goto toolkit for all things security, hacking and penetration testing.

Now, Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as:

  • encoding/decoding data
  • filtering IPs/hosts/URLs
  • querying ASNs
  • querying DNS, HTTP
  • scanning for web vulnerabilities
  • spidering websites
  • installing 3rd party repositories of exploits and/or payloads
  • running exploits/writing new exploits
  • managing local databases
  • fuzzing data 

and much more. . .

As far as the encoding, encrypting and converting data formats for use in popular scenarios like: 

  • Decode a Base64-encoded string
  • Convert a date and time to a different time zone
  • Parse a IPv6 address
  • Convert data from a hexdump, then decompress
  • Decrypt and disassemble shellcode
  • Display multiple timestamps as full dates
  • Carry out different operations on data of different types
  • Use parts of the input as arguments to operations
  • Perform AES decryption, extracting the IV from the beginning of the cipher stream
  • Automatically detect several layers of nested encoding 

You could get away with just CyberChef from GCHQ - yes, a government intelligence agency, as described in "CyberChef - The Developer's Ultimate Toolbox", but if you want to go beyond that and expand into serious pentesting you should get your hands on a framework like Ronin.

Note that for another popular language like Python, there's no complete equivalent to Ronin, the Python landscape being fragmented into separate libraries, each of which provide Ronin-like functionality.

To sum up Ronin is: 

  • A toolkit of useful commands.
  • A fully-loaded Ruby REPL.
  • An ecosystem of high-quality security related Ruby libraries, API, and commands. 

Ronin is also modular having split functionality into APIs and distinct modules: 

  • ronin-support A support library for Ronin.
  • ronin-core A core library for all ronin libraries.
  • ronin-repos Third-party git repository support for ronin.
  • ronin-db-activerecord ActiveRecord backend for the Ronin Database.
  • ronin-db A common database library for managing and querying security data.
  • ronin-web-server A custom Ruby web server based on Sinatra.
  • ronin-web-spider A collection of common web spidering routines.
  • ronin-web-user_agents Generates random but realistic User-Agent strings.
  • ronin-web A collection of common web security commands and libraries.
  • ronin-code-asm A Ruby DSL for crafting Assmebly programs and Shellcode.
  • ronin-code-sql A Ruby DSL for crafting SQL Injections.
  • ronin-post_ex Ruby API for Post-Exploitation.
  • ronin-payloads A Ruby micro-framework for writing and running exploit payloads.
  • ronin-vulns Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
  • ronin-exploits A Ruby micro-framework for writing and running exploits and payloads.
  • ronin-fuzzer A highly configurable fuzzing library and CLI for Ruby. 

Ronin is fully scriptable as it is made up of different Ruby libraries and powerful APIs that you can use in Ruby scripts.There are also two more ways that you can use Ronin: through the CLI command 'ronin' and the more involved, but more powerful, Ruby Console.

Use of 'ronin' command :

Base64 encode a string:
$ ronin encode --base64 --string "foo bar baz"
Zm9vIGJhciBiYXo=

Zlib compresses, Base64 encodes, and then URI encode a string:
$ ronin encode --zlib --base64 --uri --string "foo bar"
%65%4A%78%4C%79%38%39%58%53%45%6F%73
%41%67%41%4B%63%41%4B%61%0A

De-obfuscate an email address:
$ ronin email-addr --deobfuscate "john [dot] smith [at] example [dot] com"
john.smith@example. com

AES-256 encrypt a file:
$ ronin encrypt --cipher aes-256-cbc --password ". . . " file. txt > encrypted. bin

Generates an HMAC for a string:
$ ronin hmac --hash sha1 --password "too many secrets" --string ". . . "

Query the ASN of an IP address:
$ ronin asn -I 4. 2. 2. 1
4.0.0.0/9 AS3356 (US) LEVEL3

Dump information about a SSL/TLS certificate:
$ ronin cert-dump https://example.com/

Send an HTTP request with additional headers:
$ ronin http --post --header "Authorization: ..."

The Ruby Console is a customized Interactive Ruby Shell (IRB) with tab-completion and auto-indentation enabled. The Console provides us with the full power of the Ruby language and the convenience of Ronin, all in a handy console. From this Console you can perform research, scan for vulnerabilities and even exploit vulnerable targets. To use it you are required to have a basic understanding of Ruby the language as it involves:

Packing an Integer:
0x1337.pack(:uint32_le)

Base64 decode a String:
"c2VjcmV0\n".base64_decode

Return the SHA512 checksum of a String:
"thunder growl".sha512

Creating a TCP Socket for a specified host and port:
sock = tcp_connect('www.example.com', 25)

Creating a TCP session which will be automatically closed:
tcp_connect('www.example.com',1212) do |sock|
sock.write("this is just a test\n")
puts sock.readline
end

To install Ronin and its supporting libraries, simply run :
$ sudo gem install ronin

To start a Ruby Console with ronin preloaded, run the ronin irb command:
$ ronin irb

And of course I haven't touched the advanced functionality of blind vulnerability testing, writing and running exploits, generating, mutating, and fuzzing data, all accessible from their own APIs and commands : ronin-vulns, ronin-exploits and ronin-fuzzer.

So whether a CTF player, a Bug bounty hunter, a Security Researcher, a Security Engineer, a Developer or just a Student, Ronin has got you covered!

 

More Information

Ronin 2.0.0

Github

Related Articles

Play & Learn With CryptoHack

CyberChef - The Developer's Ultimate Toolbox

A Reverse Engineering Workshop for Beginners

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner

Sequin - Open Source Message Stream Built On Postgres
31/10/2024

Sequin is a tool for capturing changes and streaming data out of your Postgres database, guaranteeing exactly once processing. What does that mean?


+ Full Story
Zitadel Announces Funding And Future Plans
21/11/2024

Zitadel has announced a major funding round that will be used to expand technical teams and fund further product development. The company is the creator of an open source project for cloud-native iden [ ... ]


+ Full Story
More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info
Last Updated ( Thursday, 23 February 2023 )