From 51eb79adc72a01b791aa52b3fc14048c9fd85e21 Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer Date: Mon, 28 Dec 2015 21:26:10 +0100 Subject: [PATCH] first try in changing class names --- lib/msf/core/exploit/ftpserver.rb | 2 +- lib/msf/core/exploit/smb/server/share.rb | 4 +- lib/msf/core/module_manager/loading.rb | 2 +- lib/msf/core/modules/loader/base.rb | 59 ++++---------- .../metasploit_class_compatibility_error.rb | 14 ---- lib/msf/core/modules/namespace.rb | 76 ------------------- .../modules/version_compatibility_error.rb | 52 ------------- .../multi/http/joomla_http_header_rce.rb | 2 +- 8 files changed, 21 insertions(+), 190 deletions(-) delete mode 100644 lib/msf/core/modules/metasploit_class_compatibility_error.rb delete mode 100644 lib/msf/core/modules/namespace.rb delete mode 100644 lib/msf/core/modules/version_compatibility_error.rb diff --git a/lib/msf/core/exploit/ftpserver.rb b/lib/msf/core/exploit/ftpserver.rb index 41dea0f789..e1990f69ad 100644 --- a/lib/msf/core/exploit/ftpserver.rb +++ b/lib/msf/core/exploit/ftpserver.rb @@ -56,7 +56,7 @@ module Exploit::Remote::FtpServer # exists for the given command, returns a generic default response. # # @example Handle SYST requests - # class Metasploit4 < Msf::Exploit + # class Metasploit < Msf::Exploit # include Msf::Exploit::Remote::FtpServer # ... # def on_client_command_syst(cmd_conn, arg) diff --git a/lib/msf/core/exploit/smb/server/share.rb b/lib/msf/core/exploit/smb/server/share.rb index 1ddbdd4172..aaf949ef3b 100644 --- a/lib/msf/core/exploit/smb/server/share.rb +++ b/lib/msf/core/exploit/smb/server/share.rb @@ -17,7 +17,7 @@ module Msf # @example Use it from an Auxiliary module # require 'msf/core' # - # class Metasploit3 < Msf::Auxiliary + # class Metasploit < Msf::Auxiliary # # include Msf::Exploit::Remote::SMB::Server::Share # @@ -59,7 +59,7 @@ module Msf # @example Use it from an Exploit module # require 'msf/core' # - # class Metasploit3 < Msf::Exploit::Remote + # class Metasploit < Msf::Exploit::Remote # Rank = ExcellentRanking # # include Msf::Exploit::EXE diff --git a/lib/msf/core/module_manager/loading.rb b/lib/msf/core/module_manager/loading.rb index c5900bd15a..415107d82d 100644 --- a/lib/msf/core/module_manager/loading.rb +++ b/lib/msf/core/module_manager/loading.rb @@ -122,4 +122,4 @@ module Msf::ModuleManager::Loading count_by_type end -end \ No newline at end of file +end diff --git a/lib/msf/core/modules/loader/base.rb b/lib/msf/core/modules/loader/base.rb index 5f4586efd6..617e449efa 100644 --- a/lib/msf/core/modules/loader/base.rb +++ b/lib/msf/core/modules/loader/base.rb @@ -3,9 +3,7 @@ # Project # require 'msf/core/modules/loader' -require 'msf/core/modules/namespace' -require 'msf/core/modules/metasploit_class_compatibility_error' -require 'msf/core/modules/version_compatibility_error' +require 'msf/core/modules/error' # Responsible for loading modules for {Msf::ModuleManager}. # @@ -26,13 +24,10 @@ class Msf::Modules::Loader::Base Msf::MODULE_POST => 'post' } # This must calculate the first line of the NAMESPACE_MODULE_CONTENT string so that errors are reported correctly - NAMESPACE_MODULE_LINE = __LINE__ + 4 + NAMESPACE_MODULE_LINE = __LINE__ + 1 # By calling module_eval from inside the module definition, the lexical scope is captured and available to the code in # module_content. NAMESPACE_MODULE_CONTENT = <<-EOS - # ensure the namespace module can respond to checks during loading - extend Msf::Modules::Namespace - class << self # The loader that originally loaded this module # @@ -131,8 +126,6 @@ class Msf::Modules::Loader::Base reload ||= force || file_changed - metasploit_class = nil - module_content = read_module_content(parent_path, type, module_reference_name) if module_content.empty? @@ -140,6 +133,7 @@ class Msf::Modules::Loader::Base return false end + klass = nil try_eval_module = lambda { |namespace_module| # set the parent_path so that the module can be reloaded with #load_module namespace_module.parent_path = parent_path @@ -150,44 +144,21 @@ class Msf::Modules::Loader::Base rescue ::Interrupt raise rescue ::Exception => error - # Hide eval errors when the module version is not compatible - begin - namespace_module.version_compatible!(module_path, module_reference_name) - rescue Msf::Modules::VersionCompatibilityError => version_compatibility_error - load_error(module_path, version_compatibility_error) - else - load_error(module_path, error) - end - - return false - end - - begin - namespace_module.version_compatible!(module_path, module_reference_name) - rescue Msf::Modules::VersionCompatibilityError => version_compatibility_error - load_error(module_path, version_compatibility_error) - - return false - end - - begin - metasploit_class = namespace_module.metasploit_class!(module_path, module_reference_name) - rescue Msf::Modules::MetasploitClassCompatibilityError => error load_error(module_path, error) - return false end - unless usable?(metasploit_class) - ilog( - "Skipping module (#{module_reference_name} from #{module_path}) because is_usable returned false.", - 'core', - LEV_1 - ) - + if namespace_module.const_defined?('Metasploit3') || namespace_module.const_defined?('Metasploit4') + load_error(module_path, Msf::Modules::Error.new({ + :module_path => module_path, + :module_reference_name => module_reference_name, + :causal_message => 'Please change the module class name to Metasploit' + })) return false end + klass = namespace_module.const_get('Metasploit') + if reload ilog("Reloading #{type} module #{module_reference_name}. Ambiguous module warnings are safe to ignore", 'core', LEV_2) else @@ -206,7 +177,7 @@ class Msf::Modules::Loader::Base # Do some processing on the loaded module to get it into the right associations module_manager.on_module_load( - metasploit_class, + klass, type, module_reference_name, { @@ -432,8 +403,10 @@ class Msf::Modules::Loader::Base log_lines << "#{module_path} failed to load due to the following error:" log_lines << error.class.to_s log_lines << error.to_s - log_lines << "Call stack:" - log_lines += error.backtrace + if error.backtrace + log_lines << "Call stack:" + log_lines += error.backtrace + end log_message = log_lines.join("\n") elog(log_message) diff --git a/lib/msf/core/modules/metasploit_class_compatibility_error.rb b/lib/msf/core/modules/metasploit_class_compatibility_error.rb deleted file mode 100644 index ae829392cf..0000000000 --- a/lib/msf/core/modules/metasploit_class_compatibility_error.rb +++ /dev/null @@ -1,14 +0,0 @@ -# -*- coding: binary -*- -require 'msf/core/modules/error' - -# Error raised by {Msf::Modules::Namespace#metasploit_class!} if it cannot the namespace_module does not have a constant -# with {Msf::Framework::Major} or lower as a number after 'Metasploit', which indicates a compatible Msf::Module. -class Msf::Modules::MetasploitClassCompatibilityError < Msf::Modules::Error - def initialize(attributes={}) - super_attributes = { - :causal_message => 'Missing compatible Metasploit class constant', - }.merge(attributes) - - super(super_attributes) - end -end \ No newline at end of file diff --git a/lib/msf/core/modules/namespace.rb b/lib/msf/core/modules/namespace.rb deleted file mode 100644 index fa65f5fa26..0000000000 --- a/lib/msf/core/modules/namespace.rb +++ /dev/null @@ -1,76 +0,0 @@ -# -*- coding: binary -*- -require 'metasploit/framework/api/version' -require 'metasploit/framework/core/version' - -# Concern for behavior that all namespace modules that wrap Msf::Modules must support like version checking and -# grabbing the version specific-Metasploit* class. -module Msf::Modules::Namespace - # Returns the Metasploit(3|2|1) class from the module_evalled content. - # - # @note The module content must be module_evalled into this namespace module before the return of - # {#metasploit_class} is valid. - # - # @return [Msf::Module] if a Metasploit(3|2|1) class exists in this module - # @return [nil] if such as class is not defined. - def metasploit_class - metasploit_class = nil - - ::Msf::Framework::Major.downto(1) do |major| - # Since we really only care about the deepest namespace, we don't - # need to look for parents' constants. However, the "inherit" - # parameter for const_defined? only exists after 1.9. If we ever - # drop 1.8 support, we can save a few cycles here by passing false - # here. - if const_defined?("Metasploit#{major}") - metasploit_class = const_get("Metasploit#{major}") - - break - end - end - - metasploit_class - end - - def metasploit_class!(module_path, module_reference_name) - metasploit_class = self.metasploit_class - - unless metasploit_class - raise Msf::Modules::MetasploitClassCompatibilityError.new( - :module_path => module_path, - :module_reference_name => module_reference_name - ) - end - - metasploit_class - end - - # Raises an error unless {Msf::Framework::VersionCore} and {Msf::Framework::VersionAPI} meet the minimum required - # versions defined in RequiredVersions in the module content. - # - # @note The module content must be module_evalled into this namespace module using module_eval_with_lexical_scope - # before calling {#version_compatible!} is valid. - # - # @param [String] module_path Path from where the module was read. - # @param [String] module_reference_name The canonical name for the module. - # @raise [Msf::Modules::VersionCompatibilityError] if RequiredVersion[0] > Msf::Framework::VersionCore or - # RequiredVersion[1] > Msf::Framework::VersionApi - # @return [void] - def version_compatible!(module_path, module_reference_name) - if const_defined?(:RequiredVersions) - required_versions = const_get(:RequiredVersions) - minimum_core_version = Gem::Version.new(required_versions[0].to_s) - minimum_api_version = Gem::Version.new(required_versions[1].to_s) - - if (minimum_core_version > Metasploit::Framework::Core::GEM_VERSION || - minimum_api_version > Metasploit::Framework::API::GEM_VERSION) - raise Msf::Modules::VersionCompatibilityError.new( - :module_path => module_path, - :module_reference_name => module_reference_name, - :minimum_api_version => minimum_api_version, - :minimum_core_version => minimum_core_version - ) - end - end - end -end - diff --git a/lib/msf/core/modules/version_compatibility_error.rb b/lib/msf/core/modules/version_compatibility_error.rb deleted file mode 100644 index fb52be3fc8..0000000000 --- a/lib/msf/core/modules/version_compatibility_error.rb +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: binary -*- -require 'msf/core/modules/error' - -# Error raised by {Msf::Modules::Namespace#version_compatible!} on {Msf::Modules::Loader::Base#create_namespace_module} -# if the API or Core version does not meet the minimum requirements defined in the RequiredVersions constant in the -# {Msf::Modules::Loader::Base#read_module_content module content}. -class Msf::Modules::VersionCompatibilityError < Msf::Modules::Error - # @param [Hash{Symbol => Float}] attributes - # @option attributes [Float] :minimum_api_version The minimum {Msf::Framework::VersionAPI} as defined in - # RequiredVersions. - # @option attributes [Float] :minimum_core_version The minimum {Msf::Framework::VersionCore} as defined in - # RequiredVersions. - def initialize(attributes={}) - @minimum_api_version = attributes[:minimum_api_version] - @minimum_core_version = attributes[:minimum_core_version] - - message_parts = [] - message_parts << 'version check' - - if minimum_api_version or minimum_core_version - clause_parts = [] - - if minimum_api_version - clause_parts << "API >= #{minimum_api_version}" - end - - if minimum_core_version - clause_parts << "Core >= #{minimum_core_version}" - end - - clause = clause_parts.join(' and ') - message_parts << "(requires #{clause})" - end - - causal_message = message_parts.join(' ') - - super_attributes = { - :causal_message => causal_message - }.merge(attributes) - - super(super_attributes) - end - - # @return [Float] The minimum value of {Msf::Framework::VersionAPI} for the module to be compatible. - attr_reader :minimum_api_version - # @return [Float] The minimum value of {Msf::Framework::VersionCore} for the module to be compatible. - attr_reader :minimum_core_version - # @return [String] the path to the module that declared the RequiredVersions - attr_reader :module_path - # @return [String] the module reference name that declared the RequiredVersions - attr_reader :module_reference_name -end \ No newline at end of file diff --git a/modules/exploits/multi/http/joomla_http_header_rce.rb b/modules/exploits/multi/http/joomla_http_header_rce.rb index c047d6242c..d395288c87 100644 --- a/modules/exploits/multi/http/joomla_http_header_rce.rb +++ b/modules/exploits/multi/http/joomla_http_header_rce.rb @@ -5,7 +5,7 @@ require 'msf/core' -class Metasploit3 < Msf::Exploit::Remote +class Metasploit < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HTTP::Joomla