Skip to content

Ruby to Python migration: Convert post-2020 exploit modules and tools #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 7 commits into
base: master
Choose a base branch
from
Draft

Ruby to Python migration: Convert post-2020 exploit modules and tools #65

Copilot wants to merge 7 commits into from

Conversation

Copy link

Copilot AI commented Dec 14, 2025
edited
Loading

Description

Continues Ruby to Python migration effort. Converts 3 post-2020 exploit modules and 1 exploit development tool to Python, following the established python_framework architecture.

Converted Modules:

  • apache_hugegraph_gremlin_rce.py - CVE-2024-27348 Gremlin sandbox bypass
  • chamilo_bigupload_webshell.py - CVE-2023-4220 unrestricted file upload
  • example_webapp.py - Educational web exploitation example

Converted Tools:

  • find_badchars.py - Bad character detection for exploit development (supports raw, WinDbg, GDB, hex formats)

All modules:

  • Inherit from RemoteExploit + HttpExploitMixin
  • Implement CheckCode for vulnerability detection
  • Support standalone execution via argparse
  • Include comprehensive docstrings and usage examples

Example usage:

# Standalone execution
python3 modules/exploits/linux/http/apache_hugegraph_gremlin_rce.py \
    --host target.com --port 8080 --check-only

# Bad character detection
python3 tools/exploit/find_badchars.py -b "\\x00\\xff" \
    -i windbg_output.txt -t windbg

Verification

  • Start msfconsole
  • Load converted modules: use exploit/linux/http/apache_hugegraph_gremlin_rce
  • Verify options and targets are properly configured
  • Run standalone: python3 modules/exploits/linux/http/apache_hugegraph_gremlin_rce.py --help
  • Verify find_badchars.py processes test input correctly
  • Verify all modules follow python_framework patterns
  • Verify CheckCode implementation returns expected values
  • Document updated in PYTHON_TRANSLATIONS.md (entries 55-58)
Original prompt

This section details on the original issue you should resolve

<issue_title>Ruby2Py</issue_title>
<issue_description>alright biggest part of this project is simply ruby to python, let's keep at it!</issue_description>

Comments on the Issue (you are @copilot in this section)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@coderabbitai
Copy link

coderabbitai bot commented Dec 14, 2025

Important

Review skipped

Auto reviews are limited based on label configuration.

🏷️ Required labels (at least one) (2)
  • .*

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI and others added 6 commits December 14, 2025 17:18
Copilot AI changed the title [WIP] Convert Ruby code to Python for project Ruby to Python migration: Convert post-2020 exploit modules and tools Dec 14, 2025
Copilot AI requested a review from P4X-ng December 14, 2025 17:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@P4X-ng P4X-ng Awaiting requested review from P4X-ng

Assignees

Copilot code review Copilot

@P4X-ng P4X-ng

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Ruby2Py

2 participants

@P4X-ng