2012-06-29 05:18:28 +00:00
|
|
|
# -*- coding: binary -*-
|
2005-07-09 21:18:49 +00:00
|
|
|
require 'msf/core'
|
2005-06-05 00:03:23 +00:00
|
|
|
|
|
|
|
###
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# A reference to some sort of information. This is typically a URL, but could
|
|
|
|
# be any type of referential value that people could use to research a topic.
|
2005-06-05 00:03:23 +00:00
|
|
|
#
|
|
|
|
###
|
|
|
|
class Msf::Module::Reference
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Serialize a reference from a string.
|
|
|
|
#
|
2005-06-05 00:03:23 +00:00
|
|
|
def self.from_s(str)
|
|
|
|
return self.new(str)
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Initializes a reference from a string.
|
|
|
|
#
|
2005-06-05 00:03:23 +00:00
|
|
|
def initialize(in_str)
|
|
|
|
self.str = in_str
|
|
|
|
end
|
|
|
|
|
2005-07-10 00:16:48 +00:00
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Compares references to see if their equal.
|
2005-07-10 00:16:48 +00:00
|
|
|
#
|
|
|
|
def ==(tgt)
|
|
|
|
return (tgt.to_s == to_s)
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Returns the reference as a string.
|
|
|
|
#
|
2005-06-05 00:03:23 +00:00
|
|
|
def to_s
|
|
|
|
return self.str
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Serializes the reference instance from a string.
|
|
|
|
#
|
2005-06-05 00:03:23 +00:00
|
|
|
def from_s(in_str)
|
|
|
|
self.str = in_str
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# The reference string.
|
|
|
|
#
|
2005-06-05 00:03:23 +00:00
|
|
|
attr_reader :str
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
attr_writer :str # :nodoc:
|
2005-06-05 00:03:23 +00:00
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
###
|
|
|
|
#
|
|
|
|
# A reference to a website.
|
|
|
|
#
|
|
|
|
###
|
|
|
|
class Msf::Module::SiteReference < Msf::Module::Reference
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Class method that translates a URL into a site reference instance.
|
2005-06-05 00:03:23 +00:00
|
|
|
#
|
|
|
|
def self.from_s(str)
|
|
|
|
instance = self.new
|
|
|
|
|
|
|
|
if (instance.from_s(str) == false)
|
|
|
|
return nil
|
|
|
|
end
|
|
|
|
|
|
|
|
return instance
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Initializes a site reference from an array. ary[0] is the site and
|
|
|
|
# ary[1] is the site context identifier, such as OSVDB.
|
|
|
|
#
|
2005-06-05 00:33:38 +00:00
|
|
|
def self.from_a(ary)
|
|
|
|
return nil if (ary.length < 2)
|
|
|
|
|
|
|
|
self.new(ary[0], ary[1])
|
|
|
|
end
|
|
|
|
|
2005-06-05 00:03:23 +00:00
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Initialize the site reference.
|
2005-06-05 00:03:23 +00:00
|
|
|
#
|
2006-01-17 04:09:40 +00:00
|
|
|
def initialize(in_ctx_id = 'Unknown', in_ctx_val = '')
|
|
|
|
self.ctx_id = in_ctx_id
|
|
|
|
self.ctx_val = in_ctx_val
|
|
|
|
|
|
|
|
if (in_ctx_id == 'OSVDB')
|
|
|
|
self.site = 'http://www.osvdb.org/' + in_ctx_val.to_s
|
|
|
|
elsif (in_ctx_id == 'CVE')
|
2012-11-28 19:24:08 +00:00
|
|
|
self.site = "http://cvedetails.com/cve/#{in_ctx_val.to_s}/"
|
2013-07-22 17:13:56 +00:00
|
|
|
elsif (in_ctx_id == 'CWE')
|
|
|
|
self.site = "http://cwe.mitre.org/data/definitions/#{in_ctx_val.to_s}.html"
|
2006-01-17 04:09:40 +00:00
|
|
|
elsif (in_ctx_id == 'BID')
|
|
|
|
self.site = 'http://www.securityfocus.com/bid/' + in_ctx_val.to_s
|
|
|
|
elsif (in_ctx_id == 'MSB')
|
|
|
|
self.site = 'http://www.microsoft.com/technet/security/bulletin/' + in_ctx_val.to_s + '.mspx'
|
|
|
|
elsif (in_ctx_id == 'MIL')
|
2006-11-01 20:11:56 +00:00
|
|
|
self.site = 'http://milw0rm.com/metasploit/' + in_ctx_val.to_s
|
2012-03-20 13:01:08 +00:00
|
|
|
elsif (in_ctx_id == 'EDB')
|
2012-03-22 19:26:46 +00:00
|
|
|
self.site = 'http://www.exploit-db.com/exploits/' + in_ctx_val.to_s
|
2006-11-01 20:11:56 +00:00
|
|
|
elsif (in_ctx_id == 'WVE')
|
2006-11-01 20:14:05 +00:00
|
|
|
self.site = 'http://www.wirelessve.org/entries/show/WVE-' + in_ctx_val.to_s
|
2008-07-23 20:56:36 +00:00
|
|
|
elsif (in_ctx_id == 'US-CERT-VU')
|
|
|
|
self.site = 'http://www.kb.cert.org/vuls/id/' + in_ctx_val.to_s
|
2008-04-21 05:21:28 +00:00
|
|
|
elsif (in_ctx_id == 'BPS')
|
2011-11-20 01:32:06 +00:00
|
|
|
self.site = 'https://strikecenter.bpointsys.com/bps/advisory/BPS-' + in_ctx_val.to_s
|
2006-01-17 04:09:40 +00:00
|
|
|
elsif (in_ctx_id == 'URL')
|
|
|
|
self.site = in_ctx_val.to_s
|
2005-06-05 00:03:23 +00:00
|
|
|
else
|
2006-01-17 04:09:40 +00:00
|
|
|
self.site = in_ctx_id
|
2008-12-19 07:11:08 +00:00
|
|
|
self.site += " (#{in_ctx_val})" if (in_ctx_val)
|
2005-06-05 00:03:23 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Returns the absolute site URL.
|
2005-06-05 00:03:23 +00:00
|
|
|
#
|
|
|
|
def to_s
|
|
|
|
return site || ''
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Serializes a site URL string.
|
2005-06-05 00:03:23 +00:00
|
|
|
#
|
|
|
|
def from_s(str)
|
|
|
|
if (/(http:\/\/|https:\/\/|ftp:\/\/)/.match(str))
|
|
|
|
self.site = str
|
2009-09-27 21:30:45 +00:00
|
|
|
self.ctx_id = 'URL'
|
|
|
|
self.ctx_val = self.site
|
2005-06-05 00:03:23 +00:00
|
|
|
else
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
|
|
|
|
return true
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# The site being referenced.
|
|
|
|
#
|
|
|
|
attr_reader :site
|
|
|
|
#
|
|
|
|
# The context identifier of the site, such as OSVDB.
|
|
|
|
#
|
|
|
|
attr_reader :ctx_id
|
2006-01-17 04:09:40 +00:00
|
|
|
#
|
|
|
|
# The context value of the reference, such as MS02-039
|
|
|
|
#
|
|
|
|
attr_reader :ctx_val
|
2005-06-05 00:03:23 +00:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
2006-01-17 04:09:40 +00:00
|
|
|
attr_writer :site, :ctx_id, :ctx_val
|
2005-06-05 00:03:23 +00:00
|
|
|
|
2009-09-27 21:30:45 +00:00
|
|
|
end
|