Merge branch 'master' of https://github.com/rapid7/metasploit-framework

2013-05-28 19:57:16 -05:00 · 2013-05-28 19:57:16 -05:00 · 6401d557fd
parent 66ea59b03f 63694a6c87
commit 6401d557fd
13 changed files with 25 additions and 264 deletions
--- a/lib/msf/base.rb.ts.rb
+++ b/lib/msf/base.rb.ts.rb
@ -1,22 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-require 'test/unit'
-require 'msf/base'
-require 'msf/base/sessions/command_shell.rb.ut'
-
-module Msf
-module Base
-
-class TestSuite
-	def self.suite
-		suite = Test::Unit::TestSuite.new("Msf Base")
-
-		suite << Msf::Session::CommandShell::UnitTest.suite
-
-		return suite;
-	end
-end
-
-end
-end
--- a/lib/msf/core.rb.ts.rb
+++ b/lib/msf/core.rb.ts.rb
@ -1,44 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-require 'test/unit'
-require 'msf/core'
-require 'msf/core/exceptions.rb.ut'
-require 'msf/core/option_container.rb.ut'
-require 'msf/core/session_manager.rb.ut'
-
-require 'msf/core/module/author.rb.ut'
-require 'msf/core/module/platform_list.rb.ut'
-require 'msf/core/module/reference.rb.ut'
-require 'msf/core/module/target.rb.ut'
-
-require 'msf/core/handler/bind_tcp.rb.ut'
-require 'msf/core/handler/reverse_tcp.rb.ut'
-
-require 'msf/core/exploit.rb.ut'
-require 'msf/core/exploit/tcp.rb.ut'
-require 'msf/core/exploit/dcerpc.rb.ut'
-
-class Msf::TestSuite
-	def self.suite
-		suite = Test::Unit::TestSuite.new("Msf Core")
-
-		suite << Msf::Exceptions::UnitTest.suite
-		suite << Msf::OptionContainer::UnitTest.suite
-		suite << Msf::SessionManager::UnitTest.suite
-
-		suite << Msf::Module::Author::UnitTest.suite
-		suite << Msf::Module::PlatformList::UnitTest.suite
-		suite << Msf::Module::Reference::UnitTest.suite
-		suite << Msf::Module::Target::UnitTest.suite
-
-		suite << Msf::Handler::BindTcp::UnitTest.suite
-		suite << Msf::Handler::ReverseTcp::UnitTest.suite
-
-		suite << Msf::Exploit::UnitTest.suite
-		suite << Msf::Exploit::Remote::Tcp::UnitTest.suite
-		suite << Msf::Exploit::Remote::DCERPC::UnitTest.suite
-
-		return suite;
-	end
-end
--- a/lib/msf/util/exe.rb
+++ b/lib/msf/util/exe.rb
@ -364,10 +364,11 @@ require 'digest/sha1'
 		exe
 	end

-	def self.to_win32pe_only(framework, code, opts={})
+	def self.to_winpe_only(framework, code, opts={}, arch="x86")

 		# Allow the user to specify their own EXE template
-		set_template_default(opts, "template_x86_windows_old.exe")
+
+		set_template_default(opts, "template_"+arch+"_windows.exe")

 		pe = Rex::PeParsey::Pe.new_from_file(opts[:template], true)

@ -1968,7 +1969,11 @@ End Sub

 		when 'exe-only'
 			if(not arch or (arch.index(ARCH_X86)))
-				output = Msf::Util::EXE.to_win32pe_only(framework, code, exeopts)
+				output = Msf::Util::EXE.to_winpe_only(framework, code, exeopts)
+			end
+
+			if(arch and (arch.index( ARCH_X86_64 ) or arch.index( ARCH_X64 )))
+				output = Msf::Util::EXE.to_winpe_only(framework, code, exeopts, "x64")
 			end

 		when 'elf'
--- a/lib/rex.rb.ts.rb
+++ b/lib/rex.rb.ts.rb
@ -1,70 +0,0 @@
-#!/usr/bin/env ruby -I..
-
-=begin
-
-The Metasploit Rex library is provided under the 3-clause BSD license.
-
-Copyright (c) 2005-2006, Rapid7 LLC
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice, this 
-   list of conditions and the following disclaimer.
-   
- * Redistributions in binary form must reproduce the above copyright notice, 
-   this list of conditions and the following disclaimer in the documentation 
-   and/or other materials provided with the distribution.
-   
- * Neither the name of Rapid7 LLC nor the names of its contributors may be 
-   used to endorse or promote products derived from this software without 
-   specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
-ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 
-ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-=end
-
-require 'test/unit'
-
-require 'rex/exceptions.rb.ut'
-require 'rex/transformer.rb.ut'
-require 'rex/text.rb.ut'
-require 'rex/file.rb.ut'
-
-require 'rex/encoder/xdr.rb.ut'
-
-require 'rex/encoding/xor/generic.rb.ut'
-require 'rex/encoding/xor/byte.rb.ut'
-require 'rex/encoding/xor/word.rb.ut'
-require 'rex/encoding/xor/dword.rb.ut'
-require 'rex/encoding/xor/dword_additive.rb.ut'
-
-require 'rex/socket.rb.ut'
-require 'rex/socket/tcp.rb.ut'
-require 'rex/socket/ssl_tcp.rb.ut'
-require 'rex/socket/tcp_server.rb.ut'
-require 'rex/socket/udp.rb.ut'
-require 'rex/socket/parameters.rb.ut'
-require 'rex/socket/comm/local.rb.ut'
-require 'rex/socket/switch_board.rb.ut'
-require 'rex/socket/subnet_walker.rb.ut'
-
-require 'rex/proto.rb.ts'
-
-require 'rex/parser/arguments.rb.ut'
-
-require 'rex/ui/text/color.rb.ut'
-require 'rex/ui/text/table.rb.ut'
-
-require 'rex/exploitation/egghunter.rb.ut'
-require 'rex/exploitation/seh.rb.ut'
--- a/lib/rex/encoding/xor.rb.ts.rb
+++ b/lib/rex/encoding/xor.rb.ts.rb
@ -1,15 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-$:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
-
-#
-# Xor Encoding Test Suite
-#
-
-require 'test/unit'
-require 'rex/encoding/xor/generic.rb.ut'
-require 'rex/encoding/xor/byte.rb.ut'
-require 'rex/encoding/xor/word.rb.ut'
-require 'rex/encoding/xor/dword.rb.ut'
-require 'rex/encoding/xor/dword_additive.rb.ut'
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb
@ -1,18 +0,0 @@
-# -*- coding: binary -*-
-$:.unshift(File.join(File.dirname(__FILE__)))
-$:.unshift(File.join(File.dirname(__FILE__), '..', '..','..','..','..','..', 'lib'))
-
-require 'test/unit'
-require 'rex'
-
-require 'railgun/api_constants.rb.ut'
-require 'railgun/type/pointer_util.rb.ut'
-require 'railgun/platform_util.rb.ut'
-require 'railgun/buffer_item.rb.ut'
-require 'railgun/dll_function.rb.ut'
-require 'railgun/dll_helper.rb.ut'
-require 'railgun/win_const_manager.rb.ut'
-require 'railgun/dll.rb.ut.rb'
-require 'railgun/dll_wrapper.rb.ut.rb'
-require 'railgun/railgun.rb.ut.rb'
-require 'railgun/win_const_manager.rb.ut.rb'
--- a/lib/rex/proto.rb.ts.rb
+++ b/lib/rex/proto.rb.ts.rb
@ -1,9 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-$:.unshift(File.join(File.dirname(__FILE__), '..'))
-
-require 'test/unit'
-require 'rex/proto/smb.rb.ts'
-require 'rex/proto/dcerpc.rb.ts'
-require 'rex/proto/http.rb.ts'
--- a/lib/rex/proto/dcerpc.rb.ts.rb
+++ b/lib/rex/proto/dcerpc.rb.ts.rb
@ -1,10 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-require 'rex/test'
-require 'rex/proto/dcerpc/uuid.rb.ut'
-require 'rex/proto/dcerpc/response.rb.ut'
-require 'rex/proto/dcerpc/packet.rb.ut'
-# require 'rex/proto/dcerpc/ndr.rb.ut'
-require 'rex/proto/dcerpc/handle.rb.ut'
-require 'rex/proto/dcerpc/client.rb.ut'
--- a/lib/rex/proto/drda.rb.ts.rb
+++ b/lib/rex/proto/drda.rb.ts.rb
@ -1,18 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-require 'rex/test'
-
-module Rex
-	class Test
-		$_REX_TEST_DRDA_HOST = "192.168.145.138"
-		$_REX_TEST_DRDA_USER = "db2inst1"
-		$_REX_TEST_DRDA_PASS = "db2pw"
-	end
-end
-
-require 'rex/proto/drda/constants.rb.ut.rb'
-require 'rex/proto/drda/packet.rb.ut.rb'
-require 'rex/proto/drda/utils.rb.ut.rb'
-
-
--- a/lib/rex/proto/http.rb.ts.rb
+++ b/lib/rex/proto/http.rb.ts.rb
@ -1,13 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-require 'test/unit'
-
-require 'rex/proto/http/client.rb.ut'
-require 'rex/proto/http/server.rb.ut'
-require 'rex/proto/http/packet.rb.ut'
-require 'rex/proto/http/header.rb.ut'
-require 'rex/proto/http/request.rb.ut'
-require 'rex/proto/http/response.rb.ut'
-require 'rex/proto/http/handler/erb.rb.ut'
-require 'rex/proto/http/handler/proc.rb.ut'
--- a/lib/rex/proto/smb.rb.ts.rb
+++ b/lib/rex/proto/smb.rb.ts.rb
@ -1,9 +0,0 @@
-#!/usr/bin/env ruby
-# -*- coding: binary -*-
-
-require 'rex/test'
-require 'rex/proto/smb/client.rb.ut.rb'
-require 'rex/proto/smb/constants.rb.ut.rb'
-require 'rex/proto/smb/crypt.rb.ut.rb'
-require 'rex/proto/smb/simpleclient.rb.ut.rb'
-require 'rex/proto/smb/utils.rb.ut.rb'
--- a/modules/auxiliary/scanner/http/cold_fusion_version.rb
+++ b/modules/auxiliary/scanner/http/cold_fusion_version.rb
@ -17,9 +17,14 @@ class Metasploit3 < Msf::Auxiliary
 		super(
 			'Name'        => 'ColdFusion Version Scanner',
 			'Description' => %q{
-					This module attempts identify various flavors of ColdFusion as well as the underlying OS
+				This module attempts identify various flavors of ColdFusion up to version 10
+				as well as the underlying OS.
 			},
-			'Author'      => [ 'nebulus' ],
+			'Author'      =>
+				[
+					'nebulus',  # Original
+					'sinn3r'    # Fingerprint() patch for Cold Fusion 10
+				],
 			'License'     => MSF_LICENSE
 		)
 	end
@ -30,7 +35,7 @@ class Metasploit3 < Msf::Auxiliary
 			if(response.headers['Server'] =~ /IIS/ or response.headers['Server'] =~ /\(Windows/)
 				os = "Windows (#{response.headers['Server']})"
 			elsif(response.headers['Server'] =~ /Apache\//)
-					os = "Unix (#{response.headers['Server']})"
+				os = "Unix (#{response.headers['Server']})"
 			else
 				os = response.headers['Server']
 			end
@ -43,7 +48,8 @@ class Metasploit3 < Msf::Auxiliary
 			title = $1
 			title.gsub!(/\s/, '')
 		end
-		return nil  if( title == 'Not Found' or not title =~ /ColdFusionAdministrator/)
+
+		return nil if( title == 'Not Found' or not title =~ /ColdFusionAdministrator/)

 		out = nil

@ -54,8 +60,12 @@ class Metasploit3 < Msf::Auxiliary
 			out = "Adobe ColdFusion MX7"
 		elsif(response.body =~ /<meta name=\"Author\" content=\"Copyright \(c\) 1995\-2006 Adobe/)
 			out = "Adobe ColdFusion 8"
+		elsif(response.body =~ /<meta name=\"Author\" content=\"Copyright \(c\) 1995\-2010 Adobe/ and
+			response.body =~ /1997\-2012 Adobe Systems Incorporated and its licensors/)
+			out = "Adobe ColdFusion 10"
 		elsif(response.body =~ /<meta name=\"Author\" content=\"Copyright \(c\) 1995\-2010 Adobe/ or
-			response.body =~ /<meta name=\"Author\" content=\"Copyright \(c\) 1995\-2009 Adobe Systems\, Inc\. All rights reserved/)
+			response.body =~ /<meta name=\"Author\" content=\"Copyright \(c\) 1995\-2009 Adobe Systems\, Inc\. All rights reserved/ or
+			response.body =~ /<meta name=\"Author\" content=\"Copyright \(c\) 1997\-2012 Adobe Systems\, Inc\. All rights reserved/)
 			out = "Adobe ColdFusion 9"
 		elsif(response.body =~ /<meta name=\"Keywords\" content=\"(.*)\">\s+<meta name/)
 			out = $1.split(/,/)[0]
@ -76,8 +86,8 @@ class Metasploit3 < Msf::Auxiliary
 		url = '/CFIDE/administrator/index.cfm'

 		res = send_request_cgi({
-				'uri' => url,
-				'method' => 'GET',
+			'uri' => url,
+			'method' => 'GET',
 		})

 		return if not res or not res.body or not res.code
--- a/modules/modules.rb.ts.rb
+++ b/modules/modules.rb.ts.rb
@ -1,26 +0,0 @@
-#!/usr/bin/env ruby -I../lib
-
-$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-
-require 'test/unit'
-
-require 'encoders/generic/none.rb.ut'
-require 'encoders/x86/call4_dword_xor.rb.ut'
-require 'encoders/x86/countdown.rb.ut'
-require 'encoders/x86/fnstenv_mov.rb.ut'
-require 'encoders/x86/jmp_call_additive.rb.ut'
-
-class Rex::TestSuite
-	def self.suite
-		suite = Test::Unit::TestSuite.new("Rex")
-
-		# General
-		suite << Msf::Encoders::Generic::None::UnitTest.suite
-		suite << Msf::Encoders::X86::Call4Dword::UnitTest.suite
-		suite << Msf::Encoders::X86::Countdown::UnitTest.suite
-		suite << Msf::Encoders::X86::FnstenvMov::UnitTest.suite
-		suite << Msf::Encoders::X86::JmpCallAdditive::UnitTest.suite
-
-		return suite;
-	end
-end