infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #11361, Add URL scheme and Base64.encode64 checks to msftidy

4.x
Brent Cook 2019-02-06 22:45:18 -06:00 committed by Jeffrey Martin
parent 0dd514eb41
commit 3101368bc9
No known key found for this signature in database
GPG Key ID: 0CD9BBC2AF15F171
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tools/dev/msftidy.rb
View File

@ -265,6 +265,10 @@ class Msftidy
if @source =~ /^# This file is part of the Metasploit Framework and may be subject to/
warn("Module contains old license comment.")
end
if @source =~ /^# This module requires Metasploit: http:/
warn("Module license comment link does not use https:// URL scheme.")
fixed('# This module requires Metasploit: https://metasploit.com/download', idx)
end
end
def check_old_keywords
@ -608,8 +612,14 @@ class Msftidy
if ln =~ /['"]ExitFunction['"]\s*=>/
warn("Please use EXITFUNC instead of ExitFunction #{ln}", idx)
fixed(line.gsub('ExitFunction', 'EXITFUNC'), idx)
end
# Output from Base64.encode64 method contains '\n' new lines
# for line wrapping and string termination
if ln =~ /Base64\.encode64/
info("Please use Base64.strict_encode64 instead of Base64.encode64")
end
end
end
@ -646,7 +656,7 @@ class Msftidy
# This module then got copied and committed 20+ times and is used in numerous other places.
# This ensures that this stops.
def check_invalid_url_scheme
test = @source.scan(/^#.+http\/\/(?:www\.)?metasploit.com/)
test = @source.scan(/^#.+https?\/\/(?:www\.)?metasploit.com/)
unless test.empty?
test.each { |item|
warn("Invalid URL: #{item}")