From 539817fddb2cb3557de5976bfa65a3fdf27f7c6a Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 13:55:56 -0500 Subject: [PATCH 01/14] Add metasploit-model as a direct dependency MSP-10905 Metasploit::Model constants need to be accessible without the db group installed. --- Gemfile.lock | 1 + metasploit-framework.gemspec | 2 ++ 2 files changed, 3 insertions(+) diff --git a/Gemfile.lock b/Gemfile.lock index c36333f202..cc7d570f55 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -5,6 +5,7 @@ PATH activesupport (>= 3.0.0, < 4.0.0) bcrypt json + metasploit-model (~> 0.25.6) meterpreter_bins (= 0.0.6) msgpack nokogiri diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec index e0980416d6..c2bd419408 100644 --- a/metasploit-framework.gemspec +++ b/metasploit-framework.gemspec @@ -55,6 +55,8 @@ Gem::Specification.new do |spec| spec.add_runtime_dependency 'bcrypt' # Needed for some admin modules (scrutinizer_add_user.rb) spec.add_runtime_dependency 'json' + # Metasploit::Model constant used with and without database gems + spec.add_runtime_dependency 'metasploit-model', '~> 0.25.6' # Needed for Meterpreter on Windows, soon others. spec.add_runtime_dependency 'meterpreter_bins', '0.0.6' # Needed by msfgui and other rpc components From 24a5a155f449acf12b1b8375665092165f268eab Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 14:02:56 -0500 Subject: [PATCH 02/14] Require gems MSP-10905 --- lib/metasploit/framework.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/metasploit/framework.rb b/lib/metasploit/framework.rb index 61d2f70d31..304405bfd3 100644 --- a/lib/metasploit/framework.rb +++ b/lib/metasploit/framework.rb @@ -9,6 +9,7 @@ require 'active_support' require 'bcrypt' require 'json' require 'msgpack' +require 'metasploit/model' require 'nokogiri' require 'packetfu' # railties has not autorequire defined From 9a5085cbba96294b34d09b5a01c68b39a1f29660 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 14:04:15 -0500 Subject: [PATCH 03/14] Prevent circular dependency MSP-10905 Use Metasploit::Framework::Version directly instead of Msf::Framework to prevent circular dependency when starting msfconsole. --- lib/msf/base/config.rb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lib/msf/base/config.rb b/lib/msf/base/config.rb index ed6d34576c..fce480ef33 100644 --- a/lib/msf/base/config.rb +++ b/lib/msf/base/config.rb @@ -10,7 +10,6 @@ require 'fileutils' # Project # -require 'msf/core' require 'rex/compat' module Msf @@ -37,16 +36,16 @@ class Config < Hash ['HOME', 'LOCALAPPDATA', 'APPDATA', 'USERPROFILE'].each do |dir| val = Rex::Compat.getenv(dir) if (val and File.directory?(val)) - return File.join(val, ".msf#{Msf::Framework::Major}") + return File.join(val, ".msf#{Metasploit::Framework::Version::MAJOR}") end end begin # First we try $HOME/.msfx - File.expand_path("~#{FileSep}.msf#{Msf::Framework::Major}") + File.expand_path("~#{FileSep}.msf#{Metasploit::Framework::Version::MAJOR}") rescue ::ArgumentError # Give up and install root + ".msfx" - InstallRoot + ".msf#{Msf::Framework::Major}" + InstallRoot + ".msf#{Metasploit::Framework::Version::MAJOR}" end end From 8e7dd1b65850c7a179ed9e04a999a85485532c7e Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 14:06:27 -0500 Subject: [PATCH 04/14] Add missing require MSP-10905 --- lib/msf/core/exploit/cmdstager.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/msf/core/exploit/cmdstager.rb b/lib/msf/core/exploit/cmdstager.rb index 7dcc3c43bb..e53b33243e 100644 --- a/lib/msf/core/exploit/cmdstager.rb +++ b/lib/msf/core/exploit/cmdstager.rb @@ -2,6 +2,7 @@ require 'rex/exploitation/cmdstager' require 'msf/core/exploit/exe' +require 'msf/base/config' module Msf From 04541ac724cbf11a0801230cf9cb3274de020a03 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 14:07:14 -0500 Subject: [PATCH 05/14] Parse msfconsole options before initializing Rails MSP-10905 --- config/application.rb | 25 +-- lib/metasploit/framework/command.rb | 22 +++ lib/metasploit/framework/command/base.rb | 117 +++++++++++ lib/metasploit/framework/command/console.rb | 58 ++++++ lib/metasploit/framework/parsed_options.rb | 24 +++ .../framework/parsed_options/base.rb | 182 ++++++++++++++++++ .../framework/parsed_options/console.rb | 73 +++++++ msfconsole | 150 ++------------- 8 files changed, 488 insertions(+), 163 deletions(-) create mode 100644 lib/metasploit/framework/command.rb create mode 100644 lib/metasploit/framework/command/base.rb create mode 100644 lib/metasploit/framework/command/console.rb create mode 100644 lib/metasploit/framework/parsed_options.rb create mode 100644 lib/metasploit/framework/parsed_options/base.rb create mode 100644 lib/metasploit/framework/parsed_options/console.rb diff --git a/config/application.rb b/config/application.rb index c48edfafac..55271a8cdc 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,30 +1,7 @@ require 'rails' require File.expand_path('../boot', __FILE__) -# only the parts of 'rails/all' that metasploit-framework actually uses -begin - require 'active_record/railtie' -rescue LoadError - warn "activerecord not in the bundle, so database support will be disabled." - warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" - warn "To clear the without option do `bundle install --without ''` " \ - "(the --without flag with an empty string) or " \ - "`rm -rf .bundle` to remove the .bundle/config manually and " \ - "then `bundle install`" -end - -all_environments = [ - :development, - :production, - :test -] - -Bundler.require( - *Rails.groups( - db: all_environments, - pcap: all_environments - ) -) +Bundler.require(*Rails.groups) # # Project diff --git a/lib/metasploit/framework/command.rb b/lib/metasploit/framework/command.rb new file mode 100644 index 0000000000..4b6449b21b --- /dev/null +++ b/lib/metasploit/framework/command.rb @@ -0,0 +1,22 @@ +# +# Gems +# + +# have to be exact so minimum is loaded prior to parsing arguments which could influence loading. +require 'active_support/dependencies/autoload' + +# @note Must use the nested declaration of the {Metasploit::Framework::Command} namespace because commands need to be +# able to be required directly without any other part of metasploit-framework besides config/boot so that the commands +# can parse arguments, setup RAILS_ENV, and load config/application.rb correctly. +module Metasploit + module Framework + module Command + # Namespace for commands for metasploit-framework. There are corresponding classes in the + # {Metasploit::Framework::ParsedOptions} namespace, which handle for parsing the options for each command. + extend ActiveSupport::Autoload + + autoload :Base + autoload :Console + end + end +end \ No newline at end of file diff --git a/lib/metasploit/framework/command/base.rb b/lib/metasploit/framework/command/base.rb new file mode 100644 index 0000000000..70df3f1507 --- /dev/null +++ b/lib/metasploit/framework/command/base.rb @@ -0,0 +1,117 @@ +# +# Gems +# + +require 'active_support/core_ext/module/introspection' + +# +# Project +# + +require 'metasploit/framework/command' +require 'metasploit/framework/parsed_options' + +# Based on pattern used for lib/rails/commands in the railties gem. +class Metasploit::Framework::Command::Base + # + # Attributes + # + + # @!attribute [r] application + # The Rails application for metasploit-framework. + # + # @return [Metasploit::Framework::Application] + attr_reader :application + + # @!attribute [r] parsed_options + # The parsed options from the command line. + # + # @return (see parsed_options) + attr_reader :parsed_options + + # + # Class Methods + # + + # @note {require_environment!} should be called to load `config/application.rb` to so that the RAILS_ENV can be set + # from the command line options in `ARGV` prior to `Rails.env` being set. + # @note After returning, `Rails.application` will be defined and configured. + # + # Parses `ARGV` for command line arguments to configure the `Rails.application`. + # + # @return (see parsed_options) + def self.require_environment! + parsed_options = self.parsed_options + # RAILS_ENV must be set before requiring 'config/application.rb' + parsed_options.environment! + ARGV.replace(parsed_options.positional) + + # @see https://github.com/rails/rails/blob/v3.2.17/railties/lib/rails/commands.rb#L39-L40 + require Pathname.new(__FILE__).parent.parent.parent.parent.parent.join('config', 'application') + + # have to configure before requiring environment because config/environment.rb calls initialize! and the initializers + # will use the configuration from the parsed options. + parsed_options.configure(Rails.application) + + # support disabling the database + unless parsed_options.options.database.disable + begin + require 'active_record/railtie' + rescue LoadError + warn "activerecord not in the bundle, so database support will be disabled." + warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" + warn "To clear the without option do `bundle install --without ''` " \ + "(the --without flag with an empty string) or " \ + "`rm -rf .bundle` to remove the .bundle/config manually and " \ + "then `bundle install`" + end + + ENV['RAILS_GROUP'] = 'db,pcap' + end + + Rails.application.require_environment! + + parsed_options + end + + def self.parsed_options + parsed_options_class.new + end + + def self.parsed_options_class + @parsed_options_class ||= parsed_options_class_name.constantize + end + + def self.parsed_options_class_name + @parsed_options_class_name ||= "#{parent.parent}::ParsedOptions::#{name.demodulize}" + end + + def self.start + parsed_options = require_environment! + new(application: Rails.application, parsed_options: parsed_options).start + end + + # + # Instance Methods + # + + # @param attributes [Hash{Symbol => ActiveSupport::OrderedOptions,Rails::Application}] + # @option attributes [Rails::Application] :application + # @option attributes [ActiveSupport::OrderedOptions] :parsed_options + # @raise [KeyError] if :application is not given + # @raise [KeyError] if :parsed_options is not given + def initialize(attributes={}) + @application = attributes.fetch(:application) + @parsed_options = attributes.fetch(:parsed_options) + end + + # @abstract Use {#application} to start this command. + # + # Starts this command. + # + # @return [void] + # @raise [NotImplementedError] + def start + raise NotImplementedError + end +end \ No newline at end of file diff --git a/lib/metasploit/framework/command/console.rb b/lib/metasploit/framework/command/console.rb new file mode 100644 index 0000000000..6395352822 --- /dev/null +++ b/lib/metasploit/framework/command/console.rb @@ -0,0 +1,58 @@ +# +# Project +# + +require 'metasploit/framework/command' +require 'metasploit/framework/command/base' + +# Based on pattern used for lib/rails/commands in the railties gem. +class Metasploit::Framework::Command::Console < Metasploit::Framework::Command::Base + def start + driver.run + end + + private + + # The console UI driver. + # + # @return [Msf::Ui::Console::Driver] + def driver + unless @driver + # require here so minimum loading is done before {start} is called. + require 'msf/ui' + + @driver = Msf::Ui::Console::Driver.new( + Msf::Ui::Console::Driver::DefaultPrompt, + Msf::Ui::Console::Driver::DefaultPromptChar, + driver_options + ) + end + + @driver + end + + def driver_options + unless @driver_options + options = parsed_options.options + + driver_options = {} + driver_options['Config'] = options.framework.config + driver_options['DatabaseEnv'] = options.environment + driver_options['DatabaseMigrationPaths'] = options.database.migrations_paths + driver_options['DatabaseYAML'] = options.database.config + driver_options['Defanged'] = options.console.defanged + driver_options['DisableBanner'] = options.console.quiet + driver_options['DisableDatabase'] = options.database.disable + driver_options['LocalOutput'] = options.console.local_output + driver_options['ModulePath'] = options.modules.path + driver_options['Plugins'] = options.console.plugins + driver_options['RealReadline'] = options.console.real_readline + driver_options['Resource'] = options.console.resource + driver_options['XCommands'] = options.console.commands + + @driver_options = driver_options + end + + @driver_options + end +end diff --git a/lib/metasploit/framework/parsed_options.rb b/lib/metasploit/framework/parsed_options.rb new file mode 100644 index 0000000000..c6e8de5e02 --- /dev/null +++ b/lib/metasploit/framework/parsed_options.rb @@ -0,0 +1,24 @@ +# +# Gems +# + +require 'active_support/dependencies/autoload' + +# # @note Must use the nested declaration of the {Metasploit::Framework::ParsedOptions} namespace because commands, +# which use parsed options, need to be able to be required directly without any other part of metasploit-framework +# besides config/boot so that the commands can parse arguments, setup RAILS_ENV, and load config/application.rb +# correctly. +module Metasploit + module Framework + # Namespace for parsed options for {Metasploit::Framework::Command commands}. The names of `Class`es in this + # namespace correspond to the name of the `Class` in the {Metasploit::Framework::Command} namespace for which this + # namespace's `Class` parses options. + module ParsedOptions + extend ActiveSupport::Autoload + + autoload :Base + autoload :Console + end + end +end + diff --git a/lib/metasploit/framework/parsed_options/base.rb b/lib/metasploit/framework/parsed_options/base.rb new file mode 100644 index 0000000000..a2ed28c005 --- /dev/null +++ b/lib/metasploit/framework/parsed_options/base.rb @@ -0,0 +1,182 @@ +# +# Standard Library +# + +require 'optparse' + +# +# Gems +# + +require 'active_support/ordered_options' + +# +# Project +# + +require 'metasploit/framework/parsed_options' +require 'msf/base/config' + +# Options parsed from the command line that can be used to change the `Metasploit::Framework::Application.config` and +# `Rails.env` +class Metasploit::Framework::ParsedOptions::Base + # + # CONSTANTS + # + + # msfconsole boots in production mode instead of the normal rails default of development. + DEFAULT_ENVIRONMENT = 'production' + + # + # Attributes + # + + attr_reader :positional + + # + # Instance Methods + # + + def initialize(arguments=ARGV) + @positional = option_parser.parse(arguments) + end + + # Translates {#options} to the `application`'s config + # + # @param application [Rails::Application] + # @return [void] + def configure(application) + application.config['config/database'] = options.database.config + end + + # Sets the `RAILS_ENV` environment variable. + # + # 1. If the -E/--environment option is given, then its value is used. + # 2. The default value, 'production', is used. + # + # @return [void] + def environment! + if defined?(Rails) && Rails.instance_variable_defined?(:@_env) + raise "#{self.class}##{__method__} called too late to set RAILS_ENV: Rails.env already memoized" + end + + ENV['RAILS_ENV'] = options.environment + end + + # Options parsed from + # + # @return [ActiveSupport::OrderedOptions] + def options + unless @options + options = ActiveSupport::OrderedOptions.new + + options.database = ActiveSupport::OrderedOptions.new + + user_config_root = Pathname.new(Msf::Config.get_config_root) + user_database_yaml = user_config_root.join('database.yml') + + if user_database_yaml.exist? + options.database.config = [user_database_yaml.to_path] + else + options.database.config = ['config/database.yml'] + end + + options.database.disable = false + options.database.migrations_paths = [] + + options.framework = ActiveSupport::OrderedOptions.new + options.framework.config = nil + + options.modules = ActiveSupport::OrderedOptions.new + options.modules.path = nil + + options.environment = DEFAULT_ENVIRONMENT + + @options = options + end + + @options + end + + private + + # Parses arguments into {#options}. + # + # @return [OptionParser] + def option_parser + @option_parser ||= OptionParser.new { |option_parser| + option_parser.separator '' + option_parser.separator 'Common options' + + option_parser.on( + '-E', + '--environment ENVIRONMENT', + %w{development production test}, + "The Rails environment. Will use RAIL_ENV environment variable if that is set. " \ + "Defaults to production if neither option not RAILS_ENV environment variable is set." + ) do |environment| + options.environment = environment + end + + option_parser.separator '' + option_parser.separator 'Database options' + + option_parser.on( + '-M', + '--migration-path DIRECTORY', + 'Specify a directory containing additional DB migrations' + ) do |directory| + options.database.migrations_paths << directory + end + + option_parser.on('-n', '--no-database', 'Disable database support') do + options.database.disable = true + end + + option_parser.on( + '-y', + '--yaml PATH', + 'Specify a YAML file containing database settings' + ) do |path| + options.database.config = path + end + + option_parser.separator '' + option_parser.separator 'Framework options' + + + option_parser.on('-c', '-c FILE', 'Load the specified configuration file') do |file| + options.framework.config = file + end + + option_parser.on( + '-v', + '--version', + 'Show version' + ) do + options.subcommand = :version + end + + option_parser.separator '' + option_parser.separator 'Module options' + + option_parser.on( + '-m', + '--module-path DIRECTORY', + 'An additional module path' + ) do |directory| + options.modules.path = directory + end + + # + # Tail + # + + option_parser.separator '' + option_parser.on_tail('-h', '--help', 'Show this message') do + puts option_parser + exit + end + } + end +end \ No newline at end of file diff --git a/lib/metasploit/framework/parsed_options/console.rb b/lib/metasploit/framework/parsed_options/console.rb new file mode 100644 index 0000000000..383c5482a7 --- /dev/null +++ b/lib/metasploit/framework/parsed_options/console.rb @@ -0,0 +1,73 @@ +# Parsed options for {Metasploit::Framework::Command::Console} +class Metasploit::Framework::ParsedOptions::Console < Metasploit::Framework::ParsedOptions::Base + # Options parsed from msfconsole command-line. + # + # @return [ActiveSupport::OrderedOptions] + def options + unless @options + super.tap { |options| + options.console = ActiveSupport::OrderedOptions.new + + options.console.commands = [] + options.console.defanged = false + options.console.local_output = nil + options.console.plugins = [] + options.console.quiet = false + options.console.real_readline = false + options.console.resources = [] + } + end + + @options + end + + private + + # Parses msfconsole arguments into {#options}. + # + # @return [OptionParser] + def option_parser + unless @option_parser + super.tap { |option_parser| + option_parser.banner = "Usage: #{option_parser.program_name} [options]" + + option_parser.separator '' + option_parser.separator 'Console options:' + + option_parser.on('-d', '--defanged', 'Execute the console as defanged') do + options.console.defanged = true + end + + option_parser.on('-L', '--real-readline', 'Use the system Readline library instead of RbReadline') do + options.console.real_readline = true + end + + option_parser.on('-o', '--output FILE', 'Output to the specified file') do |file| + options.console.local_output = file + end + + option_parser.on('-p', '--plugin PLUGIN', 'Load a plugin on startup') do |plugin| + options.console.plugins << plugin + end + + option_parser.on('-q', '--quiet', 'Do not print the banner on start up') do + options.console.quiet = true + end + + option_parser.on('-r', '--resource FILE', 'Execute the specified resource file') do |file| + options.console.resources << file + end + + option_parser.on( + '-x', + '--execute-command COMMAND', + 'Execute the specified string as console commands (use ; for multiples)' + ) do |commands| + options.console.commands += commands.split(/\s*;\s*/) + end + } + end + + @option_parser + end +end \ No newline at end of file diff --git a/msfconsole b/msfconsole index 4934fd86e5..9dee47926f 100755 --- a/msfconsole +++ b/msfconsole @@ -9,146 +9,18 @@ # $Revision$ # -msfbase = __FILE__ -while File.symlink?(msfbase) - msfbase = File.expand_path(File.readlink(msfbase), File.dirname(msfbase)) -end - -@msfbase_dir = File.expand_path(File.dirname(msfbase)) - -$:.unshift(File.expand_path(File.join(File.dirname(msfbase), 'lib'))) -require 'fastlib' -require 'msfenv' - -$:.unshift(ENV['MSF_LOCAL_LIB']) if ENV['MSF_LOCAL_LIB'] - -require 'optparse' - -if(RUBY_PLATFORM =~ /mswin32/) - $stderr.puts "[*] The msfconsole interface is not supported on the native Windows Ruby\n" - $stderr.puts " interpreter. Things will break, exploits will fail, payloads will not\n" - $stderr.puts " be handled correctly. Please install Cygwin or use Linux in VMWare.\n\n" -end - -class OptsConsole - # - # Return a hash describing the options. - # - def self.parse(args) - options = { - 'DeferModuleLoads' => true - } - - opts = OptionParser.new do |opts| - opts.banner = "Usage: msfconsole [options]" - - opts.separator "" - opts.separator "Specific options:" - - opts.on("-d", "-d", "Execute the console as defanged") do - options['Defanged'] = true - end - - opts.on("-r", "-r ", "Execute the specified resource file") do |r| - options['Resource'] ||= [] - options['Resource'] << r - end - - opts.on("-o", "-o ", "Output to the specified file") do |o| - options['LocalOutput'] = o - end - - opts.on("-c", "-c ", "Load the specified configuration file") do |c| - options['Config'] = c - end - - opts.on("-m", "-m ", "Specifies an additional module search path") do |m| - options['ModulePath'] = m - end - - opts.on("-p", "-p ", "Load a plugin on startup") do |p| - options['Plugins'] ||= [] - options['Plugins'] << p - end - - opts.on("-y", "--yaml ", "Specify a YAML file containing database settings") do |m| - options['DatabaseYAML'] = m - end - - opts.on("-M", "--migration-path ", "Specify a directory containing additional DB migrations") do |m| - options['DatabaseMigrationPaths'] ||= [] - options['DatabaseMigrationPaths'] << m - end - - opts.on("-e", "--environment ", "Specify the database environment to load from the YAML") do |m| - options['DatabaseEnv'] = m - end - - # Boolean switches - opts.on("-v", "--version", "Show version") do |v| - options['Version'] = true - end - - opts.on("-L", "--real-readline", "Use the system Readline library instead of RbReadline") do |v| - options['RealReadline'] = true - end - - opts.on("-n", "--no-database", "Disable database support") do |v| - options['DisableDatabase'] = true - end - - opts.on("-q", "--quiet", "Do not print the banner on start up") do |v| - options['DisableBanner'] = true - end - - opts.on("-x", "-x ", "Execute the specified string as console commands (use ; for multiples)") do |s| - options['XCommands'] ||= [] - options['XCommands'] += s.split(/\s*;\s*/) - end - - opts.separator "" - opts.separator "Common options:" - - opts.on_tail("-h", "--help", "Show this message") do - puts opts - exit - end - end - - begin - opts.parse!(args) - rescue OptionParser::InvalidOption - puts "Invalid option, try -h for usage" - exit - end - - options - end -end - -options = OptsConsole.parse(ARGV) - # -# NOTE: we don't require this until down here since we may not need it -# when processing certain options (currently only -h) -# -require 'rex' -require 'msf/ui' - -# -# Everything below this line requires the framework. +# Standard Library # -if (options['Version']) - $stderr.puts 'Framework Version: ' + Msf::Framework::Version - exit -end +require 'pathname' -begin - Msf::Ui::Console::Driver.new( - Msf::Ui::Console::Driver::DefaultPrompt, - Msf::Ui::Console::Driver::DefaultPromptChar, - options - ).run -rescue Interrupt -end +# +# Project +# + +# @see https://github.com/rails/rails/blob/v3.2.17/railties/lib/rails/generators/rails/app/templates/script/rails#L3-L5 +require Pathname.new(__FILE__).expand_path.parent.join('config', 'boot') +require 'metasploit/framework/command/console' + +Metasploit::Framework::Command::Console.start From 38da44c26bc1f415092b7ac9b6cbd0d2a417a114 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 14:32:42 -0500 Subject: [PATCH 06/14] Fix arity difference between rails and msfconsole options MSP-10905 --- lib/metasploit/framework/parsed_options/base.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/metasploit/framework/parsed_options/base.rb b/lib/metasploit/framework/parsed_options/base.rb index a2ed28c005..e3c8f8365a 100644 --- a/lib/metasploit/framework/parsed_options/base.rb +++ b/lib/metasploit/framework/parsed_options/base.rb @@ -76,9 +76,9 @@ class Metasploit::Framework::ParsedOptions::Base user_database_yaml = user_config_root.join('database.yml') if user_database_yaml.exist? - options.database.config = [user_database_yaml.to_path] + options.database.config = user_database_yaml.to_path else - options.database.config = ['config/database.yml'] + options.database.config = 'config/database.yml' end options.database.disable = false From f5ff22eba498c1df30c7cf55fa6c3eea585bcc0a Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 14:46:44 -0500 Subject: [PATCH 07/14] msfconsole with bundle install --without db MSP-10905 --- lib/msf/core/auxiliary/report.rb | 15 ++++++++++++--- lib/msf/core/db.rb | 15 +++++++++++++-- lib/msf/core/db_manager/import_msf_xml.rb | 3 --- 3 files changed, 25 insertions(+), 8 deletions(-) diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb index c45c2ee449..1af02fde18 100644 --- a/lib/msf/core/auxiliary/report.rb +++ b/lib/msf/core/auxiliary/report.rb @@ -1,4 +1,3 @@ -require 'metasploit/credential/creation' # -*- coding: binary -*- module Msf @@ -9,8 +8,18 @@ module Msf ### module Auxiliary::Report - - include Metasploit::Credential::Creation + begin + require 'metasploit/credential/creation' + rescue LoadError + warn "metasploit-credential not in the bundle, so Metasploit::Credential creation will fail for Msf::Auxiliary::Report." + warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" + warn "To clear the without option do `bundle install --without ''` " \ + "(the --without flag with an empty string) or " \ + "`rm -rf .bundle` to remove the .bundle/config manually and " \ + "then `bundle install`" + else + include Metasploit::Credential::Creation + end # This method overrides the method from Metasploit::Credential to check for an active db def active_db? diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index 52017ab8e3..e2b3991726 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -56,7 +56,6 @@ require 'rex/parser/retina_xml' # require 'msf/core/db_manager/import_msf_xml' -require 'metasploit/credential/creation' module Msf @@ -157,7 +156,19 @@ end ### class DBManager include Msf::DBManager::ImportMsfXml - include Metasploit::Credential::Creation + + begin + require 'metasploit/credential/creation' + rescue LoadError + warn "metasploit-credential not in the bundle, so Metasploit::Credential creation will fail for Msf::DBManager" + warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" + warn "To clear the without option do `bundle install --without ''` " \ + "(the --without flag with an empty string) or " \ + "`rm -rf .bundle` to remove the .bundle/config manually and " \ + "then `bundle install`" + else + include Metasploit::Credential::Creation + end def rfc3330_reserved(ip) case ip.class.to_s diff --git a/lib/msf/core/db_manager/import_msf_xml.rb b/lib/msf/core/db_manager/import_msf_xml.rb index bebda6b962..68e712468d 100644 --- a/lib/msf/core/db_manager/import_msf_xml.rb +++ b/lib/msf/core/db_manager/import_msf_xml.rb @@ -1,5 +1,3 @@ -require 'metasploit/credential/creation' - module Msf class DBManager # Handles importing of the xml format exported by Pro. The methods are in a @@ -8,7 +6,6 @@ module Msf # methods defined in a class cannot be overridden by including a module # (unless you're running Ruby 2.0 and can use prepend) module ImportMsfXml - include Metasploit::Credential::Creation # # CONSTANTS # From 8fda4ee239b4205ea7093d157061bd3b86be03e5 Mon Sep 17 00:00:00 2001 From: Trevor Rosen Date: Tue, 29 Jul 2014 15:15:47 -0500 Subject: [PATCH 08/14] Fix fd leak and blind IO#gets in pwdump import MSP-10715 --- Gemfile | 2 +- Gemfile.lock | 16 ++++++++-------- db/schema.rb | 5 ++++- lib/msf/core/db.rb | 30 ++++++++++++++---------------- 4 files changed, 27 insertions(+), 26 deletions(-) diff --git a/Gemfile b/Gemfile index da51f4999b..854184b55e 100755 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ group :db do # Needed for Msf::DbManager gem 'activerecord', '>= 3.0.0', '< 4.0.0' # Metasploit::Credential database models - gem 'metasploit-credential', '>= 0.7.10.pre.core.pre.search', '< 0.8' + gem 'metasploit-credential', '~>0.8.2' # Database models shared between framework and Pro. gem 'metasploit_data_models', '~> 0.19' # Needed for module caching in Mdm::ModuleDetails diff --git a/Gemfile.lock b/Gemfile.lock index c36333f202..338eee01cf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -41,7 +41,7 @@ GEM i18n (~> 0.6, >= 0.6.4) multi_json (~> 1.0) arel (3.0.3) - arel-helpers (2.0.0) + arel-helpers (2.0.1) activerecord (>= 3.1.0, < 5) bcrypt (3.1.7) builder (3.0.4) @@ -60,21 +60,21 @@ GEM json (1.8.1) metasploit-concern (0.1.1) activesupport (~> 3.0, >= 3.0.0) - metasploit-credential (0.7.10.pre.core.pre.search) + metasploit-credential (0.8.2) metasploit-concern (~> 0.1.0) - metasploit-model (>= 0.25.6) - metasploit_data_models (~> 0.19) + metasploit-model (~> 0.26.1) + metasploit_data_models (~> 0.19.4) pg rubyntlm rubyzip (~> 1.1) - metasploit-model (0.25.6) + metasploit-model (0.26.1) activesupport - metasploit_data_models (0.19.0) + metasploit_data_models (0.19.4) activerecord (>= 3.2.13, < 4.0.0) activesupport arel-helpers metasploit-concern (~> 0.1.0) - metasploit-model (>= 0.25.1, < 0.26) + metasploit-model (~> 0.26.1) pg meterpreter_bins (0.0.6) method_source (0.8.2) @@ -159,7 +159,7 @@ DEPENDENCIES factory_girl (>= 4.1.0) factory_girl_rails fivemat (= 1.2.1) - metasploit-credential (>= 0.7.10.pre.core.pre.search, < 0.8) + metasploit-credential (~> 0.8.2) metasploit-framework! metasploit_data_models (~> 0.19) network_interface (~> 0.0.1) diff --git a/db/schema.rb b/db/schema.rb index 0b2e254fa7..0ce1238312 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20140703144541) do +ActiveRecord::Schema.define(:version => 20140728191933) do create_table "api_keys", :force => true do |t| t.text "token" @@ -193,6 +193,9 @@ ActiveRecord::Schema.define(:version => 20140703144541) do add_index "metasploit_credential_cores", ["private_id"], :name => "index_metasploit_credential_cores_on_private_id" add_index "metasploit_credential_cores", ["public_id"], :name => "index_metasploit_credential_cores_on_public_id" add_index "metasploit_credential_cores", ["realm_id"], :name => "index_metasploit_credential_cores_on_realm_id" + add_index "metasploit_credential_cores", ["workspace_id", "private_id", "public_id"], :name => "unique_complete_metasploit_credential_cores", :unique => true + add_index "metasploit_credential_cores", ["workspace_id", "private_id"], :name => "unique_private_metasploit_credential_cores", :unique => true + add_index "metasploit_credential_cores", ["workspace_id", "public_id"], :name => "unique_public_metasploit_credential_cores", :unique => true add_index "metasploit_credential_cores", ["workspace_id"], :name => "index_metasploit_credential_cores_on_workspace_id" create_table "metasploit_credential_logins", :force => true do |t| diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index 52017ab8e3..46802936ee 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -2897,28 +2897,26 @@ class DBManager data = "" ::File.open(filename, 'rb') do |f| - data = f.read(4) + # This check is the largest (byte-wise) that we need to do + # since the other 4-byte checks will be subsets of this larger one. + data = f.read(Metasploit::Credential::Exporter::Pwdump::FILE_ID_STRING.size) end if data.nil? raise DBImportError.new("Zero-length file") end - io = File.open(filename) - first_line = io.gets - io.rewind - - if first_line.index("# Metasploit PWDump Export") - data = io + if data.index(Metasploit::Credential::Exporter::Pwdump::FILE_ID_STRING) + data = ::File.open(filename, 'rb') else case data[0,4] - when "PK\x03\x04" - data = Zip::File.open(filename) - when "\xd4\xc3\xb2\xa1", "\xa1\xb2\xc3\xd4" - data = PacketFu::PcapFile.new(:filename => filename) - else - ::File.open(filename, 'rb') do |f| - sz = f.stat.size - data = f.read(sz) + when "PK\x03\x04" + data = Zip::File.open(filename) + when "\xd4\xc3\xb2\xa1", "\xa1\xb2\xc3\xd4" + data = PacketFu::PcapFile.new(:filename => filename) + else + ::File.open(filename, 'rb') do |f| + sz = f.stat.size + data = f.read(sz) end end end @@ -2929,7 +2927,6 @@ class DBManager else import(args.merge(:data => data)) end - end # A dispatcher method that figures out the data's file type, @@ -3539,6 +3536,7 @@ class DBManager origin = Metasploit::Credential::Origin::Import.create!(filename: filename) importer = Metasploit::Credential::Importer::Pwdump.new(input: args[:data], workspace: wspace, filename: filename, origin:origin) importer.import! + importer.input.close unless importer.input.closed? end # If hex notation is present, turn them into a character. From ba4891bca0865cb5e84d9253c426dee966f24938 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Tue, 29 Jul 2014 15:50:52 -0500 Subject: [PATCH 09/14] Restore Rails.groups arguments MSP-10905 They don't cause a problem. --- config/application.rb | 13 ++++++++++++- lib/metasploit/framework/command/base.rb | 2 -- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/config/application.rb b/config/application.rb index 55271a8cdc..54c1e29d4d 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,7 +1,18 @@ require 'rails' require File.expand_path('../boot', __FILE__) -Bundler.require(*Rails.groups) +all_environments = [ + :development, + :production, + :test +] + +Bundler.require( + *Rails.groups( + db: all_environments, + pcap: all_environments + ) +) # # Project diff --git a/lib/metasploit/framework/command/base.rb b/lib/metasploit/framework/command/base.rb index 70df3f1507..fe3c01e0e6 100644 --- a/lib/metasploit/framework/command/base.rb +++ b/lib/metasploit/framework/command/base.rb @@ -65,8 +65,6 @@ class Metasploit::Framework::Command::Base "`rm -rf .bundle` to remove the .bundle/config manually and " \ "then `bundle install`" end - - ENV['RAILS_GROUP'] = 'db,pcap' end Rails.application.require_environment! From ceb8a0f5c27aa2f108236e9099c7e67bb09dfea7 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Wed, 30 Jul 2014 10:07:53 -0500 Subject: [PATCH 10/14] Extract option require pattern to helper Module MSP-10905 `Metasplot::Framework::Require.optionally` can be used to optionally require a library and then issue a warning if the require fails or run a block when it succeeds. --- lib/metasploit/framework/command/base.rb | 12 +--- lib/metasploit/framework/require.rb | 92 ++++++++++++++++++++++++ lib/msf/core/auxiliary/report.rb | 15 +--- lib/msf/core/db.rb | 17 ++--- 4 files changed, 101 insertions(+), 35 deletions(-) create mode 100644 lib/metasploit/framework/require.rb diff --git a/lib/metasploit/framework/command/base.rb b/lib/metasploit/framework/command/base.rb index fe3c01e0e6..1621b8e1fd 100644 --- a/lib/metasploit/framework/command/base.rb +++ b/lib/metasploit/framework/command/base.rb @@ -10,6 +10,7 @@ require 'active_support/core_ext/module/introspection' require 'metasploit/framework/command' require 'metasploit/framework/parsed_options' +require 'metasploit/framework/require' # Based on pattern used for lib/rails/commands in the railties gem. class Metasploit::Framework::Command::Base @@ -55,16 +56,7 @@ class Metasploit::Framework::Command::Base # support disabling the database unless parsed_options.options.database.disable - begin - require 'active_record/railtie' - rescue LoadError - warn "activerecord not in the bundle, so database support will be disabled." - warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" - warn "To clear the without option do `bundle install --without ''` " \ - "(the --without flag with an empty string) or " \ - "`rm -rf .bundle` to remove the .bundle/config manually and " \ - "then `bundle install`" - end + Metasploit::Framework::Require.optionally_active_record_railtie end Rails.application.require_environment! diff --git a/lib/metasploit/framework/require.rb b/lib/metasploit/framework/require.rb new file mode 100644 index 0000000000..c493c834e6 --- /dev/null +++ b/lib/metasploit/framework/require.rb @@ -0,0 +1,92 @@ +# @note needs to use explicit nesting. so this file can be loaded directly without loading 'metasploit/framework', this +# file can be used prior to Bundler.require. +module Metasploit + module Framework + # Extension to `Kernel#require` behavior. + module Require + # + # Module Methods + # + + # Tries to require `name`. If a `LoadError` occurs, then `without_warning` is printed to standard error using + # `Kernel#warn`, along with instructions for reinstalling the bundle. If a `LoadError` does not occur, then + # `with_block` is called. + # + # @param name [String] the name of the library to `Kernel#require`. + # @param without_warning [String] warning to print if `name` cannot be required. + # @yield block to run when `name` requires successfully + # @yieldreturn [void] + # @return [void] + def self.optionally(name, without_warning) + begin + require name + rescue LoadError + warn without_warning + warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" + warn "To clear the without option do `bundle install --without ''` " \ + "(the --without flag with an empty string) or " \ + "`rm -rf .bundle` to remove the .bundle/config manually and " \ + "then `bundle install`" + else + if block_given? + yield + end + end + end + + # Tries to `require 'active_record/railtie'` to define the activerecord Rails initializers and rake tasks. + # + # @example Optionally requiring 'active_record/railtie' + # require 'metasploit/framework/require' + # + # class MyClass + # def setup + # if database_enabled + # Metasploit::Framework::Require.optionally_active_record_railtie + # end + # end + # end + # + # @return [void] + def self.optionally_active_record_railtie + optionally( + 'active_record/railtie', + 'activerecord not in the bundle, so database support will be disabled.' + ) + end + + # Tries to `require 'metasploit/credential/creation'` and include it in the `including_module`. + # + # @param including_module [Module] `Class` or `Module` that wants to `include Metasploit::Credential::Creation`. + # @return [void] + def self.optionally_include_metasploit_credential_creation(including_module) + optionally( + 'metasploit/credential/creation', + "metasploit-credential not in the bundle, so Metasploit::Credential creation will fail for #{including_module.name}", + ) do + including_module.send(:include, Metasploit::Credential::Creation) + end + end + + # + # Instance Methods + # + + # Tries to `require 'metasploit/credential/creation'` and include it in this `Class` or `Module`. + # + # @example Using in a `Module` + # require 'metasploit/framework/require' + # + # module MyModule + # extend Metasploit::Framework::Require + # + # optionally_include_metasploit_credential_creation + # end + # + # @return [void] + def optionally_include_metasploit_credential_creation + Metasploit::Framework::Require.optionally_include_metasploit_credential_creation(self) + end + end + end +end \ No newline at end of file diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb index 1af02fde18..7d47d5f1a8 100644 --- a/lib/msf/core/auxiliary/report.rb +++ b/lib/msf/core/auxiliary/report.rb @@ -8,18 +8,9 @@ module Msf ### module Auxiliary::Report - begin - require 'metasploit/credential/creation' - rescue LoadError - warn "metasploit-credential not in the bundle, so Metasploit::Credential creation will fail for Msf::Auxiliary::Report." - warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" - warn "To clear the without option do `bundle install --without ''` " \ - "(the --without flag with an empty string) or " \ - "`rm -rf .bundle` to remove the .bundle/config manually and " \ - "then `bundle install`" - else - include Metasploit::Credential::Creation - end + extend Metasploit::Framework::Require + + optionally_include_metasploit_credential_creation # This method overrides the method from Metasploit::Credential to check for an active db def active_db? diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index e2b3991726..e1559a3e3b 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -55,6 +55,7 @@ require 'rex/parser/retina_xml' # Project # +require 'metasploit/framework/require' require 'msf/core/db_manager/import_msf_xml' module Msf @@ -155,20 +156,10 @@ end # ### class DBManager - include Msf::DBManager::ImportMsfXml + extend Metasploit::Framework::Require - begin - require 'metasploit/credential/creation' - rescue LoadError - warn "metasploit-credential not in the bundle, so Metasploit::Credential creation will fail for Msf::DBManager" - warn "Bundle installed '--without #{Bundler.settings.without.join(' ')}'" - warn "To clear the without option do `bundle install --without ''` " \ - "(the --without flag with an empty string) or " \ - "`rm -rf .bundle` to remove the .bundle/config manually and " \ - "then `bundle install`" - else - include Metasploit::Credential::Creation - end + include Msf::DBManager::ImportMsfXml + optionally_include_metasploit_credential_creation def rfc3330_reserved(ip) case ip.class.to_s From d7a0c1f3e809aaf0f1a97b4018911050c13957e4 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Wed, 30 Jul 2014 10:10:20 -0500 Subject: [PATCH 11/14] Optionally require 'active_record/railtie` in Rakefile MSP-10905 Require in Rakefile so that db tasks are defined. Make it optionally so that `rake` doesn't error out when metasploit-framework installed with `bundle install --without db`. --- Rakefile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Rakefile b/Rakefile index 14d403ce70..232a7351b2 100644 --- a/Rakefile +++ b/Rakefile @@ -1,4 +1,11 @@ #!/usr/bin/env rake require File.expand_path('../config/application', __FILE__) +require 'metasploit/framework/require' + +# @note must be before `Metasploit::Framework::Application.load_tasks` +# +# define db rake tasks from activerecord if activerecord is in the bundle. activerecord could be not in the bundle if +# the user installs with `bundle install --without db` +Metasploit::Framework::Require.optionally_active_record_railtie Metasploit::Framework::Application.load_tasks From e4f665fe72738cc20f53001f6175d8c9b1357e9f Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Wed, 30 Jul 2014 11:10:02 -0500 Subject: [PATCH 12/14] Require 'active_record/railtie' for specs MSP-10905 --- spec/spec_helper.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 573c2ebae9..5237d08381 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -3,6 +3,12 @@ ENV['RAILS_ENV'] = 'test' require 'simplecov' +# @note must be before loading config/environment because railtie needs to be loaded before +# `Metasploit::Framework::Application.initialize!` is called. +# +# Must be explicit as activerecord is optional dependency +require 'active_record/railtie' + require File.expand_path('../../config/environment', __FILE__) # Don't `require 'rspec/rails'` as it includes support for pieces of rails that metasploit-framework doesn't use From 735ccda4db3f4c17b2f29da751b4c753dcbef4e5 Mon Sep 17 00:00:00 2001 From: James Lee Date: Thu, 31 Jul 2014 09:40:36 -0500 Subject: [PATCH 13/14] Add an example for add-ssh-key --- lib/msf/ui/console/command_dispatcher/db.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/msf/ui/console/command_dispatcher/db.rb b/lib/msf/ui/console/command_dispatcher/db.rb index 32f4c32ae1..f1c7cbb0fa 100644 --- a/lib/msf/ui/console/command_dispatcher/db.rb +++ b/lib/msf/ui/console/command_dispatcher/db.rb @@ -690,6 +690,8 @@ class Db print_line " creds add-ntlm alice 5cfe4c82d9ab8c66590f5b47cd6690f1:978a2e2e1dec9804c6b936f254727f9a" print_line " # Add a user with a blank password and a domain" print_line " creds add-password bob '' contosso" + print_line " # Add a user with an SSH key" + print_line " creds add-ssh-key root /root/.ssh/id_rsa" print_line end From 6a72572237eae086df7a270c8780a8ff7aca7706 Mon Sep 17 00:00:00 2001 From: James Lee Date: Thu, 31 Jul 2014 09:41:08 -0500 Subject: [PATCH 14/14] Wrap comments at 80 --- lib/metasploit/framework/command.rb | 18 +++++++++++------- lib/metasploit/framework/command/base.rb | 15 +++++++++------ lib/metasploit/framework/parsed_options.rb | 17 ++++++++++------- .../framework/parsed_options/base.rb | 9 +++++---- .../framework/parsed_options/console.rb | 2 +- 5 files changed, 36 insertions(+), 25 deletions(-) diff --git a/lib/metasploit/framework/command.rb b/lib/metasploit/framework/command.rb index 4b6449b21b..63c614f470 100644 --- a/lib/metasploit/framework/command.rb +++ b/lib/metasploit/framework/command.rb @@ -2,21 +2,25 @@ # Gems # -# have to be exact so minimum is loaded prior to parsing arguments which could influence loading. +# have to be exact so minimum is loaded prior to parsing arguments which could +# influence loading. require 'active_support/dependencies/autoload' -# @note Must use the nested declaration of the {Metasploit::Framework::Command} namespace because commands need to be -# able to be required directly without any other part of metasploit-framework besides config/boot so that the commands -# can parse arguments, setup RAILS_ENV, and load config/application.rb correctly. +# @note Must use the nested declaration of the +# {Metasploit::Framework::Command} namespace because commands need to be able +# to be required directly without any other part of metasploit-framework +# besides config/boot so that the commands can parse arguments, setup +# RAILS_ENV, and load config/application.rb correctly. module Metasploit module Framework module Command - # Namespace for commands for metasploit-framework. There are corresponding classes in the - # {Metasploit::Framework::ParsedOptions} namespace, which handle for parsing the options for each command. + # Namespace for commands for metasploit-framework. There are + # corresponding classes in the {Metasploit::Framework::ParsedOptions} + # namespace, which handle for parsing the options for each command. extend ActiveSupport::Autoload autoload :Base autoload :Console end end -end \ No newline at end of file +end diff --git a/lib/metasploit/framework/command/base.rb b/lib/metasploit/framework/command/base.rb index 1621b8e1fd..6635232d8d 100644 --- a/lib/metasploit/framework/command/base.rb +++ b/lib/metasploit/framework/command/base.rb @@ -34,11 +34,13 @@ class Metasploit::Framework::Command::Base # Class Methods # - # @note {require_environment!} should be called to load `config/application.rb` to so that the RAILS_ENV can be set - # from the command line options in `ARGV` prior to `Rails.env` being set. + # @note {require_environment!} should be called to load + # `config/application.rb` to so that the RAILS_ENV can be set from the + # command line options in `ARGV` prior to `Rails.env` being set. # @note After returning, `Rails.application` will be defined and configured. # - # Parses `ARGV` for command line arguments to configure the `Rails.application`. + # Parses `ARGV` for command line arguments to configure the + # `Rails.application`. # # @return (see parsed_options) def self.require_environment! @@ -50,8 +52,9 @@ class Metasploit::Framework::Command::Base # @see https://github.com/rails/rails/blob/v3.2.17/railties/lib/rails/commands.rb#L39-L40 require Pathname.new(__FILE__).parent.parent.parent.parent.parent.join('config', 'application') - # have to configure before requiring environment because config/environment.rb calls initialize! and the initializers - # will use the configuration from the parsed options. + # have to configure before requiring environment because + # config/environment.rb calls initialize! and the initializers will use + # the configuration from the parsed options. parsed_options.configure(Rails.application) # support disabling the database @@ -104,4 +107,4 @@ class Metasploit::Framework::Command::Base def start raise NotImplementedError end -end \ No newline at end of file +end diff --git a/lib/metasploit/framework/parsed_options.rb b/lib/metasploit/framework/parsed_options.rb index c6e8de5e02..4a5727fc0f 100644 --- a/lib/metasploit/framework/parsed_options.rb +++ b/lib/metasploit/framework/parsed_options.rb @@ -4,15 +4,18 @@ require 'active_support/dependencies/autoload' -# # @note Must use the nested declaration of the {Metasploit::Framework::ParsedOptions} namespace because commands, -# which use parsed options, need to be able to be required directly without any other part of metasploit-framework -# besides config/boot so that the commands can parse arguments, setup RAILS_ENV, and load config/application.rb -# correctly. +# @note Must use the nested declaration of the +# {Metasploit::Framework::ParsedOptions} namespace because commands, which +# use parsed options, need to be able to be required directly without any +# other part of metasploit-framework besides config/boot so that the +# commands can parse arguments, setup RAILS_ENV, and load +# config/application.rb correctly. module Metasploit module Framework - # Namespace for parsed options for {Metasploit::Framework::Command commands}. The names of `Class`es in this - # namespace correspond to the name of the `Class` in the {Metasploit::Framework::Command} namespace for which this - # namespace's `Class` parses options. + # Namespace for parsed options for {Metasploit::Framework::Command + # commands}. The names of `Class`es in this namespace correspond to the + # name of the `Class` in the {Metasploit::Framework::Command} namespace + # for which this namespace's `Class` parses options. module ParsedOptions extend ActiveSupport::Autoload diff --git a/lib/metasploit/framework/parsed_options/base.rb b/lib/metasploit/framework/parsed_options/base.rb index e3c8f8365a..52dfe65016 100644 --- a/lib/metasploit/framework/parsed_options/base.rb +++ b/lib/metasploit/framework/parsed_options/base.rb @@ -17,14 +17,15 @@ require 'active_support/ordered_options' require 'metasploit/framework/parsed_options' require 'msf/base/config' -# Options parsed from the command line that can be used to change the `Metasploit::Framework::Application.config` and -# `Rails.env` +# Options parsed from the command line that can be used to change the +# `Metasploit::Framework::Application.config` and `Rails.env` class Metasploit::Framework::ParsedOptions::Base # # CONSTANTS # - # msfconsole boots in production mode instead of the normal rails default of development. + # msfconsole boots in production mode instead of the normal rails default of + # development. DEFAULT_ENVIRONMENT = 'production' # @@ -179,4 +180,4 @@ class Metasploit::Framework::ParsedOptions::Base end } end -end \ No newline at end of file +end diff --git a/lib/metasploit/framework/parsed_options/console.rb b/lib/metasploit/framework/parsed_options/console.rb index 383c5482a7..84710c3338 100644 --- a/lib/metasploit/framework/parsed_options/console.rb +++ b/lib/metasploit/framework/parsed_options/console.rb @@ -70,4 +70,4 @@ class Metasploit::Framework::ParsedOptions::Console < Metasploit::Framework::Par @option_parser end -end \ No newline at end of file +end