Added Ronin::Exploits::AuthBypass (closes #144).

README.md

@@ -35,6 +35,7 @@ research and development.
   * [SEH Overflows][docs-seh-overflow]
   * [Heap Overflows][docs-heap-overflow]
   * [Use After Free (UAF)][docs-use-after-free]
+  * [Auth Bypass][docs-auth-bypass]
   * [Command Injection][docs-command-injection]
   * [Open Redirect][docs-open-redirect]
   * [Local File Inclusions (LFI)][docs-lfi]
@@ -55,6 +56,7 @@ research and development.
 [docs-seh-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/SEHOverflow.html
 [docs-heap-overflow]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/HeapOverflow.html
 [docs-use-after-free]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/UseAfterFree.html
+[docs-auth-bypass]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/AuthBypass.html
 [docs-command-injection]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/CommandInjection.html
 [docs-open-redirect]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/OpenRedirect.html
 [docs-lfi]: https://ronin-rb.dev/docs/ronin-exploits/Ronin/Exploits/LFI.html

lib/ronin/exploits/auth_bypass.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+#
+# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
+# payload crafting functionality.
+#
+# Copyright (c) 2007-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-exploits is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-exploits is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-exploits.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/exploits/exploit'
+
+module Ronin
+  module Exploits
+    #
+    # Represents an authentication bypass exploit.
+    #
+    # @api public
+    #
+    # @since 1.2.0
+    #
+    class AuthBypass < Exploit
+
+      #
+      # Returns the type or kind of exploit.
+      #
+      # @return [Symbol]
+      #
+      # @note
+      #   This is used internally to map an exploit class to a printable type.
+      #
+      # @api private
+      #
+      def self.exploit_type
+        :auth_bypass
+      end
+
+    end
+  end
+end

lib/ronin/exploits/cli/commands/show.rb

@@ -207,6 +207,9 @@ def print_shouts(exploit)
           EXPLOIT_TYPES = {
             exploit: 'Custom',
 
+            # generic exploits
+            auth_bypass: 'Auth Bypass',
+
             # memory corruption exploits
             memory_corruption: 'Memory Corruption',
             stack_overflow:    'Stack Overflow',

spec/auth_bypass_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+require 'ronin/exploits/auth_bypass'
+
+describe Ronin::Exploits::AuthBypass do
+  it "must inherit from Ronin::Exploits::Exploit" do
+    expect(described_class).to be < Ronin::Exploits::Exploit
+  end
+
+  describe ".exploit_type" do
+    subject { described_class }
+
+    it { expect(subject.exploit_type).to eq(:auth_bypass) }
+  end
+end