Merge remote-tracking branch 'upstream/staging/electro-release' into staging/electro-release

.gitignore

@@ -7,8 +7,6 @@ Gemfile.local.lock
 .sublime-project
 # RVM control file, keep this to avoid backdooring Metasploit
 .rvmrc
-.ruby-version
-.ruby-gemset
 # YARD cache directory
 .yardoc
 # Mac OS X files

.ruby-gemset

@@ -0,0 +1 @@
+metasploit-framework

.ruby-version

@@ -0,0 +1 @@
+1.9.3-p484

Gemfile

@@ -7,7 +7,7 @@ group :db do
   # Needed for Msf::DbManager
   gem 'activerecord', '>= 3.0.0', '< 4.0.0'
   # Metasploit::Credential database models
-  gem 'metasploit-credential', '~>0.8.2'
+  gem 'metasploit-credential', '>= 0.8.6', '< 0.9'
   # Database models shared between framework and Pro.
   gem 'metasploit_data_models', '~> 0.19'
   # Needed for module caching in Mdm::ModuleDetails

Gemfile.lock

@@ -61,7 +61,7 @@ GEM
     json (1.8.1)
     metasploit-concern (0.1.1)
       activesupport (~> 3.0, >= 3.0.0)
-    metasploit-credential (0.8.3)
+    metasploit-credential (0.8.6)
       metasploit-concern (~> 0.1.0)
       metasploit-model (~> 0.26.1)
       metasploit_data_models (~> 0.19.4)
@@ -160,7 +160,7 @@ DEPENDENCIES
   factory_girl (>= 4.1.0)
   factory_girl_rails
   fivemat (= 1.2.1)
-  metasploit-credential (~> 0.8.2)
+  metasploit-credential (>= 0.8.6, < 0.9)
   metasploit-framework!
   metasploit_data_models (~> 0.19)
   network_interface (~> 0.0.1)

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20140722174919) do
+ActiveRecord::Schema.define(:version => 20140801150537) do
 
   create_table "api_keys", :force => true do |t|
     t.text     "token"
@@ -193,6 +193,12 @@ ActiveRecord::Schema.define(:version => 20140722174919) do
   add_index "metasploit_credential_cores", ["private_id"], :name => "index_metasploit_credential_cores_on_private_id"
   add_index "metasploit_credential_cores", ["public_id"], :name => "index_metasploit_credential_cores_on_public_id"
   add_index "metasploit_credential_cores", ["realm_id"], :name => "index_metasploit_credential_cores_on_realm_id"
+  add_index "metasploit_credential_cores", ["workspace_id", "private_id"], :name => "unique_private_metasploit_credential_cores", :unique => true
+  add_index "metasploit_credential_cores", ["workspace_id", "public_id", "private_id"], :name => "unique_realmless_metasploit_credential_cores", :unique => true
+  add_index "metasploit_credential_cores", ["workspace_id", "public_id"], :name => "unique_public_metasploit_credential_cores", :unique => true
+  add_index "metasploit_credential_cores", ["workspace_id", "realm_id", "private_id"], :name => "unique_publicless_metasploit_credential_cores", :unique => true
+  add_index "metasploit_credential_cores", ["workspace_id", "realm_id", "public_id", "private_id"], :name => "unique_complete_metasploit_credential_cores", :unique => true
+  add_index "metasploit_credential_cores", ["workspace_id", "realm_id", "public_id"], :name => "unique_privateless_metasploit_credential_cores", :unique => true
   add_index "metasploit_credential_cores", ["workspace_id"], :name => "index_metasploit_credential_cores_on_workspace_id"
 
   create_table "metasploit_credential_logins", :force => true do |t|

lib/metasploit/framework/api.rb

@@ -0,0 +1,7 @@
+module Metasploit
+  module Framework
+    module API
+
+    end
+  end
+end

lib/metasploit/framework/api/version.rb

@@ -0,0 +1,16 @@
+module Metasploit
+  module Framework
+    module API
+      # @note This is a like.  The API version is not semantically version and it's version has actually never changed
+      #    even though API changes have occured.  DO NOT base compatibility on this version.
+      module Version
+        MAJOR = 1
+        MINOR = 0
+        PATCH = 0
+      end
+
+      VERSION = "#{Version::MAJOR}.#{Version::MINOR}.#{Version::PATCH}"
+      GEM_VERSION = Gem::Version.new(VERSION)
+    end
+  end
+end

lib/metasploit/framework/core.rb

@@ -0,0 +1,7 @@
+module Metasploit
+  module Framework
+    module Core
+
+    end
+  end
+end

lib/metasploit/framework/core/version.rb

@@ -0,0 +1,19 @@
+require 'metasploit/framework/version'
+
+module Metasploit
+  module Framework
+    # @note This is a lie.  The core libraries are not semantically versioned.  This is currently just linked to the
+    #   Metasploit::Framework::Version, which is also not semantically versioned.
+    module Core
+      module Version
+        MAJOR = Metasploit::Framework::Version::MAJOR
+        MINOR = Metasploit::Framework::Version::MINOR
+        PATCH = Metasploit::Framework::Version::PATCH
+        PRERELEASE = Metasploit::Framework::Version::PRERELEASE
+      end
+
+      VERSION = Metasploit::Framework::VERSION
+      GEM_VERSION = Gem::Version.new(Metasploit::Framework::GEM_VERSION)
+    end
+  end
+end

lib/msf/core/db.rb

@@ -2177,9 +2177,15 @@ class DBManager
   # @return [Integer] ID of created report
   def report_report(opts)
     return if not active
-  ::ActiveRecord::Base.connection_pool.with_connection {
+    created = opts.delete(:created_at)
+    updated = opts.delete(:updated_at)
+    state   = opts.delete(:state)
 
+  ::ActiveRecord::Base.connection_pool.with_connection {
     report = Report.new(opts)
+    report.created_at = created
+    report.updated_at = updated
+
     unless report.valid?
       errors = report.errors.full_messages.join('; ')
       raise RuntimeError "Report to be imported is not valid: #{errors}"
@@ -2194,10 +2200,14 @@ class DBManager
   # Creates a ReportArtifact based on passed parameters.
   # @param opts [Hash] of ReportArtifact attributes
   def report_artifact(opts)
+    return if not active
+
     artifacts_dir = Report::ARTIFACT_DIR
     tmp_path = opts[:file_path]
     artifact_name = File.basename tmp_path
     new_path = File.join(artifacts_dir, artifact_name)
+    created = opts.delete(:created_at)
+    updated = opts.delete(:updated_at)
 
     unless File.exists? tmp_path
       raise DBImportError 'Report artifact file to be imported does not exist.'
@@ -2215,6 +2225,9 @@ class DBManager
     FileUtils.copy(tmp_path, new_path)
     opts[:file_path] = new_path
     artifact = ReportArtifact.new(opts)
+    artifact.created_at = created
+    artifact.updated_at = updated
+
     unless artifact.valid?
       errors = artifact.errors.full_messages.join('; ')
       raise RuntimeError "Artifact to be imported is not valid: #{errors}"

lib/msf/core/framework.rb

@@ -42,14 +42,6 @@ class Framework
   # EICAR canary
   EICARCorrupted      = ::Msf::Util::EXE.is_eicar_corrupted?
 
-  # API Version
-  APIMajor = 1
-  APIMinor = 0
-
-  # Base/API Version
-  VersionCore  = Major + (Minor / 10.0)
-  VersionAPI   = APIMajor + (APIMinor / 10.0)
-
   #
   # Mixin meant to be included into all classes that can have instances that
   # should be tied to the framework, such as modules.

lib/msf/core/modules/namespace.rb

@@ -1,3 +1,6 @@
+require 'metasploit/framework/api/version'
+require 'metasploit/framework/core/version'
+
 # Concern for behavior that all namespace modules that wrap Msf::Modules must support like version checking and
 # grabbing the version specific-Metasploit* class.
 module Msf::Modules::Namespace
@@ -54,11 +57,11 @@ module Msf::Modules::Namespace
   def version_compatible!(module_path, module_reference_name)
     if const_defined?(:RequiredVersions)
       required_versions = const_get(:RequiredVersions)
-      minimum_core_version = required_versions[0]
-      minimum_api_version = required_versions[1]
+      minimum_core_version = Gem::Version.new(required_versions[0].to_s)
+      minimum_api_version = Gem::Version.new(required_versions[1].to_s)
 
-      if (minimum_core_version > ::Msf::Framework::VersionCore or
-          minimum_api_version > ::Msf::Framework::VersionAPI)
+      if (minimum_core_version > Metasploit::Framework::Core::GEM_VERSION ||
+          minimum_api_version > Metasploit::Framework::API::GEM_VERSION)
         raise Msf::Modules::VersionCompatibilityError.new(
                   :module_path => module_path,
                   :module_reference_name => module_reference_name,

lib/msf/ui/console/command_dispatcher/core.rb

@@ -408,7 +408,7 @@ class Core
     avdwarn = nil
 
     banner_trailers = {
-      :version     => "%yelmetasploit v#{Msf::Framework::Version} [core:#{Msf::Framework::VersionCore} api:#{Msf::Framework::VersionAPI}]%clr",
+      :version     => "%yelmetasploit v#{Msf::Framework::Version} [core:#{Metasploit::Framework::Core::GEM_VERSION} api:#{Metasploit::Framework::API::GEM_VERSION}]%clr",
       :exp_aux_pos => "#{framework.stats.num_exploits} exploits - #{framework.stats.num_auxiliary} auxiliary - #{framework.stats.num_post} post",
       :pay_enc_nop => "#{framework.stats.num_payloads} payloads - #{framework.stats.num_encoders} encoders - #{framework.stats.num_nops} nops",
       :free_trial  => "Free Metasploit Pro trial: http://r-7.co/trymsp",

modules/post/windows/gather/credentials/sso.rb

@@ -101,24 +101,39 @@ class Metasploit3 < Msf::Post
     return if (user.empty? or pass.empty?)
     return if pass.include?("n.a.")
 
-    if session.db_record
-      source_id = session.db_record.id
-    else
-      source_id = nil
+    # Assemble data about the credential objects we will be creating
+    credential_data = {
+      origin_type: :session,
+      post_reference_name: self.refname,
+      private_data: pass,
+      private_type: :password,
+      session_id: session_db_id,
+      username: user,
+      workspace_id: myworkspace_id
+    }
+
+    unless domain.blank?
+      credential_data[:realm_key]   = Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN
+      credential_data[:realm_value] = domain
     end
 
-    report_auth_info(
-      :host  => session.session_host,
-      :port => 445,
-      :sname => 'smb',
-      :proto => 'tcp',
-      :source_id => source_id,
-      :source_type => "exploit",
-      :user => "#{domain}\\#{user}",
-      :pass => pass
-    )
+    credential_core = create_credential(credential_data)
+
+    # Assemble the options hash for creating the Metasploit::Credential::Login object
+    login_data = {
+      core: credential_core,
+      status: Metasploit::Model::Login::Status::UNTRIED,
+      address: ::Rex::Socket.getaddress(session.sock.peerhost, true),
+      port: 445,
+      service_name: 'smb',
+      protocol: 'tcp',
+      workspace_id: myworkspace_id
+    }
+
+    create_credential_login(login_data)
   end
 
+
   def is_system_user?(user)
     system_users = [
       /^$/,

spec/lib/msf/core/modules/namespace_spec.rb

@@ -209,8 +209,8 @@ describe Msf::Modules::Namespace do
       end
 
       context 'with minimum Core version' do
-        it 'should be <= Msf::Framework::VersionCore' do
-          minimum_core_version.should <= Msf::Framework::VersionCore
+        it 'is <= Metasploit::Framework::Core::GEM_VERSION when converted to Gem::Version' do
+          expect(Gem::Version.new(minimum_core_version.to_s)).to be <= Metasploit::Framework::Core::GEM_VERSION
         end
 
         context 'without minimum API version' do
@@ -218,8 +218,8 @@ describe Msf::Modules::Namespace do
             2
           end
 
-          it 'should be > Msf::Framework::VersionAPI' do
-            minimum_api_version.should > Msf::Framework::VersionAPI
+          it 'is > Metasploit::Framework::API::GEM_VERSION when converted to Gem::Version' do
+            expect(Gem::Version.new(minimum_api_version.to_s)).to be > Metasploit::Framework::API::GEM_VERSION
           end
 
           it_should_behave_like 'Msf::Modules::VersionCompatibilityError'
@@ -239,8 +239,8 @@ describe Msf::Modules::Namespace do
           5
         end
 
-        it 'should be > Msf::Framework::VersionCore' do
-          minimum_core_version.should > Msf::Framework::VersionCore
+        it 'is > Metasploit::Framework::Core::GEM_VERSION when converted to Gem::Version' do
+          expect(Gem::Version.new(minimum_core_version.to_s)).to be > Metasploit::Framework::Core::GEM_VERSION
         end
 
         context 'without minimum API version' do
@@ -248,16 +248,16 @@ describe Msf::Modules::Namespace do
             2
           end
 
-          it 'should be > Msf::Framework::VersionAPI' do
-            minimum_api_version.should > Msf::Framework::VersionAPI
+          it 'is > Metasploit::Framework::API::GEM_VERSION when converted to Gem::Version' do
+            expect(Gem::Version.new(minimum_api_version.to_s)).to be > Metasploit::Framework::API::GEM_VERSION
           end
 
           it_should_behave_like 'Msf::Modules::VersionCompatibilityError'
         end
 
         context 'with minimum API version' do
-          it 'should be <= Msf::Framework::VersionAPI' do
-            minimum_api_version <= Msf::Framework::VersionAPI
+          it 'is <= Metasploit::Framework::API::GEM_VERSION when converted to Gem::Version' do
+            expect(Gem::Version.new(minimum_api_version.to_s)).to be <= Metasploit::Framework::API::GEM_VERSION
           end
 
           it_should_behave_like 'Msf::Modules::VersionCompatibilityError'