Introducing Ronin, a hacking environment for the rest of us

Ronin has been my main quasi-secret (I only told people who asked what I was hacking on in GVim) project for some time now. It has also been driving most of my side projects, such as GScraper, reverse-require and R’epertoire. The code-base has finally settled down now, allowing me to release version 0.0.9 of Ronin. This is an initial beta-release, so not all of the desired features are present, although I’m always looking for user-feedback.

Ronin is a platform for information security and data-exploration tasks. Ronin harnesses the elegance of Ruby (one-liner convenience methods, sparse monkey-patching, meta-programming, Domain Specific Languages (DSL) and duck-typing) to provide the user with a robust API, an extendable command-line utility and a customized IRB console.

Ronin is considered a platform and not a framework, since it has the ability to install Overlays of code (think extensions) and data (think exploit/shellcode repositories) from any SubVersion (SVN), Git, CVS or Rsync repositories, which are then integrated into Ronin’s environment. The ability to install 3rd party code or data from any common source-code repository using just a URI is what makes Ronin decentralized.

Ronin is not bloated either, most of it’s functionality is divided between various libraries which can be selectively installed by the user. These libraries allow the user to choose what functionality they need from Ronin. Ronin currently provides the following libraries:

  • Ronin SQL – Provides SQL Injection tests, exploitation methods and a DSL for generating complex SQL Injection statements.
  • Ronin PHP – Provides PHP Local File Inclusion (LFI) and Remote File Inclusion (RFI) tests, fingerprinting, exploitation methods and a custom PHP Remote Procedure Call (RPC) server which can injected via RFI vulnerabilities.
  • Ronin Dorks – Provides a simply API for performing common or even custom Google Dorks.
  • Ronin Exploits – Provides an API for defining Exploits or Payloads which can also be distributed over the previously mentioned Overlays and cached by Ronin for later use.

Ronin is packaged as a RubyGem and can be downloaded here. To install Ronin using RubyGems, simply run the following command:

$ sudo gem install ronin

Documentation for Ronin and it’s libraries can be found here. If you have further questions there’s also a FAQ for Ronin.

Update 2: I have recently published a HOWTO covering Ronin’s convenience methods and how to perform everyday tasks in the Ronin Console (such as owning web-servers).

Update 1: An astute reader of this blog pointed out that R’epertoire 0.1.2, which is required by Ronin, was not yet released as a RubyGem on This issue has been corrected and R’epertoire 0.1.2 is now available for download.

Also expect a release of the Ronin Exploits soon (I’m in the process of adding the beginnings of Vulnerability Taxonomy to the Exploit base-class).


About this entry