Add missing descriptions to builtin payload classes

ronin-rb / ronin-payloads

A Ruby micro-framework for writing and running exploit payloads

https://ronin-rb.dev

GNU Lesser General Public License v3.0

21 stars 7 forks source link

Add missing descriptions to builtin payload classes #81

Closed postmodern closed 1 year ago

postmodern commented 1 year ago

Some of the payload classes in lib/ronin/payloads/builtin/ are missing descriptions:

[ ] lib/ronin/payloads/builtin/cmd/awk/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/bash/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/lua/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/node/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/openssl/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/perl/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/php/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/powershell/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/python/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/cmd/ruby/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/java/reverse_shell.rb
[ ] lib/ronin/payloads/builtin/java/reverse_shell/Payload.java.erb

Descriptions must be defined like:

  description <<~DESC
    Text goes here.

    May contain multiple paragraphs.
  DESC

ervinismu commented 1 year ago

are the descriptions in this issue is refer to class comments and method comments ?

for example

description 1 : line 29 - 31
description 2 : line 38 - 40

postmodern commented 1 year ago

@ervinismu the description <<~DESC... class-method call which adds the description metadata to the class, which can then be printed or displayed by ronin-app.

  description <<~DESC
    Text goes here
    Should be more than one line
  DESC

postmodern commented 1 year ago

@ervinismu er I now see what you mean. You could re-use the class'es top-level documentation description for the description <<~DESC text. That's what I did for the builtin/shellcode/ payload classes. Ideally, the description <<~DESC text should be more verbose, as users will see the text.

ervinismu commented 1 year ago

yes @postmodern , i mean the text of description. based on my screenshot in prev comment, the description in this file will be like this, it is correct ?

module Ronin
  module Payloads
    module CMD
      module Awk
        #
        # A basic `awk` reverse shell command.
        #
        class ReverseShell < CommandPayload
          include Mixins::ReverseShell
          register 'cmd/awk/reverse_shell'

          description <<~DESC
              A basic `awk` reverse shell command.
          DESC

          #
          # Builds the `awk` reverse shell command.
          #
          def build
          end
        end
      end
    end
  end
end

and all class under lib/ronin/payloads/builtin/cmd/ already have description, it is ok to reuse description in every class or need to edit it ?

postmodern commented 1 year ago

@ervinismu that looks about right, just indent by 2 spaces instead of 4, otherwise rubocop will flag it. Any builtin/ payload class without a description <<~DESC should have one at a minimum. Maybe later we or someone else can add more verbose multi-sentence descriptions to these payloads.

postmodern commented 1 year ago

Closed by PR #86.