infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/interval-collect-geo

bug/bundler_fix
HD Moore 2015-11-20 14:06:22 -06:00
parent 07b34e8906 8d1f5849e0
commit 99a74fd4d2
410 changed files with 5840 additions and 3112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CONTRIBUTING.md
View File

@ -97,7 +97,7 @@ already way ahead of the curve, so keep it up!
[Common Coding Mistakes]:https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes
[Ruby style guide]:https://github.com/bbatsov/ruby-style-guide
[Rubocop]:https://rubygems.org/search?query=rubocop
[50.72 rule]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
[50/72 rule]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
[topic branch]:http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches
[console output]:https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks
[verification steps]:https://help.github.com/articles/writing-on-github#task-lists

8
Gemfile
View File

@ -11,10 +11,6 @@ group :coverage do
gem 'simplecov'
end
group :db do
gemspec name: 'metasploit-framework-db'
end
group :development do
# Markdown formatting for yard
gem 'redcarpet'
@ -38,10 +34,6 @@ group :development, :test do
gem 'rspec-rails' , '>= 2.12', '< 3.0.0'
end
group :pcap do
gemspec name: 'metasploit-framework-pcap'
end
group :test do
# cucumber extension for testing command line applications, like msfconsole
gem 'aruba'

36
Gemfile.lock
View File

@ -1,19 +1,26 @@
PATH
remote: .
specs:
metasploit-framework (4.11.4)
metasploit-framework (4.11.5)
actionpack (>= 4.0.9, < 4.1.0)
activerecord (>= 4.0.9, < 4.1.0)
activesupport (>= 4.0.9, < 4.1.0)
bcrypt
jsobfu (~> 0.2.0)
filesize
jsobfu (~> 0.3.0)
json
metasm (~> 1.0.2)
metasploit-concern (= 1.0.0)
metasploit-credential (= 1.0.1)
metasploit-model (= 1.0.0)
metasploit-payloads (= 1.0.15)
metasploit-payloads (= 1.0.16)
metasploit_data_models (= 1.2.9)
msgpack
network_interface (~> 0.0.1)
nokogiri
packetfu (= 1.1.11)
pcaprub
pg (>= 0.11)
railties
rb-readline-r7
recog (= 2.0.14)
@ -21,16 +28,6 @@ PATH
rubyzip (~> 1.1)
sqlite3
tzinfo
metasploit-framework-db (4.11.4)
activerecord (>= 4.0.9, < 4.1.0)
metasploit-credential (= 1.0.1)
metasploit-framework (= 4.11.4)
metasploit_data_models (= 1.2.7)
pg (>= 0.11)
metasploit-framework-pcap (4.11.4)
metasploit-framework (= 4.11.4)
network_interface (~> 0.0.1)
pcaprub
GEM
remote: https://rubygems.org/
@ -98,12 +95,13 @@ GEM
factory_girl (~> 4.5.0)
railties (>= 3.0.0)
ffi (1.9.8)
filesize (0.1.1)
fivemat (1.2.1)
gherkin (2.12.2)
multi_json (~> 1.3)
hike (1.2.3)
i18n (0.7.0)
jsobfu (0.2.1)
jsobfu (0.3.0)
rkelly-remix (= 0.0.6)
json (1.8.3)
mail (2.6.3)
@ -125,8 +123,8 @@ GEM
activemodel (>= 4.0.9, < 4.1.0)
activesupport (>= 4.0.9, < 4.1.0)
railties (>= 4.0.9, < 4.1.0)
metasploit-payloads (1.0.15)
metasploit_data_models (1.2.7)
metasploit-payloads (1.0.16)
metasploit_data_models (1.2.9)
activerecord (>= 4.0.9, < 4.1.0)
activesupport (>= 4.0.9, < 4.1.0)
arel-helpers
@ -140,7 +138,7 @@ GEM
mime-types (2.6.1)
mini_portile (0.6.2)
minitest (4.7.5)
msgpack (0.6.2)
msgpack (0.7.0)
multi_json (1.11.2)
multi_test (0.1.2)
network_interface (0.0.1)
@ -221,7 +219,7 @@ GEM
actionpack (>= 3.0)
activesupport (>= 3.0)
sprockets (>= 2.8, < 4.0)
sqlite3 (1.3.10)
sqlite3 (1.3.11)
thor (0.19.1)
thread_safe (0.3.5)
tilt (1.4.1)
@ -240,8 +238,6 @@ DEPENDENCIES
factory_girl_rails (~> 4.5.0)
fivemat (= 1.2.1)
metasploit-framework!
metasploit-framework-db!
metasploit-framework-pcap!
pry
rake (>= 10.0.0)
redcarpet

BIN
data/gui/lib/appframework-1.0.3.jar
View File

Binary file not shown.

BIN
data/gui/lib/msgpack-0.5.1-devel.jar
View File

Binary file not shown.

BIN
data/gui/lib/swing-worker-1.1.jar
View File

Binary file not shown.

396
data/js/detect/os.js
View File

@ -1,4 +1,3 @@
// Case matters, see lib/msf/core/constants.rb
// All of these should match up with constants in ::Msf::HttpClients
var clients_opera = "Opera";
@ -344,400 +343,7 @@ os_detect.getVersion = function(){
os_name = oses_linux;
}
// end navigator.oscpu checks
// buildID is unaffected by changes in the useragent and typically has
// the compile date which in some cases can be used to map to specific
// Version & O/S (including Distro and even Arch). Depending upon the
// buildID, sometime navigator.productSub will be needed.
//
// This technique, and the laboriously compiled associated table,
// submitted by Mark Fioravanti.
var buildid = navigator.buildID;
switch(buildid) {
case "2008041514": ua_version = "3.0.0.b5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008041515": ua_version = "3.0.0.b5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "2008052312": ua_version = "3.0.0"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008052906": ua_version = "3.0.0"; os_name = oses_windows; break;
case "2008052909": ua_version = "3.0.0.rc1"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008052912": ua_version = "3.0.0"; os_name = oses_linux; break;
case "2008060309": ua_version = "3.0.0"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "2008070205": ua_version = "2.0.0.16"; os_name = oses_windows; break;
case "2008070206": ua_version = "3.0.1"; os_name = oses_linux; break;
case "2008070208": ua_version = "3.0.1"; os_name = oses_windows; break;
case "2008071222": ua_version = "3.0.1"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008072820":
switch (navigator.productSub) {
case "2008072820": ua_version = "3.0.1"; os_name = oses_linux; break;
case "2008092313": ua_version = "3.0.2"; os_name = oses_linux; break;
} break;
case "2008082909": ua_version = "2.0.0.17"; os_name = oses_windows; break;
case "2008091618": ua_version = "3.0.2"; os_name = oses_linux; break;
case "2008091620": ua_version = "3.0.2"; os_name = oses_windows; break;
case "2008092313": ua_version = "3.0.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008092416": ua_version = "3.0.3"; os_name = oses_linux; break;
case "2008092417": ua_version = "3.0.3"; os_name = oses_windows; break;
case "2008092510": ua_version = "3.0.4"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008101315":
switch (navigator.productSub) {
case "2008101315": ua_version = "3.0.3"; os_name = oses_linux; break;
case "2008111318": ua_version = "3.0.4"; os_name = oses_linux; arch = arch_x86; break;
} break;
case "2008102918": ua_version = "2.0.0.18"; os_name = oses_windows; break;
case "2008102920": ua_version = "3.0.4"; break;
case "2008112309": ua_version = "3.0.4"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Iceweasel 3.0.4 / Debian Testing (Lenny)
case "2008111317": ua_version = "3.0.5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2008111318": ua_version = "3.0.5"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "2008120119": ua_version = "2.0.0.19"; os_name = oses_windows; break;
case "2008120121": ua_version = "3.0.5"; os_name = oses_linux; break;
case "2008120122": ua_version = "3.0.5"; os_name = oses_windows; break;
case "2008121623": ua_version = "2.0.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; break; // browsershots: Firefox 2.0.0.19 / Ubuntu 8.04 LTS (Hardy Heron)
case "2008121709": ua_version = "2.0.0.20"; os_name = oses_windows; break;
case "2009011912": ua_version = "3.0.6"; os_name = oses_linux; break;
case "2009011913": ua_version = "3.0.6"; os_name = oses_windows; break;
case "2009012615": ua_version = "3.0.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009012616": ua_version = "3.0.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009021906": ua_version = "3.0.7"; os_name = oses_linux; break;
case "2009021910": ua_version = "3.0.7"; os_name = oses_windows; break;
case "2009030422": ua_version = "3.0.8"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009032608": ua_version = "3.0.8"; os_name = oses_linux; break;
case "2009032609": ua_version = "3.0.8"; os_name = oses_windows; break;
case "2009032711": ua_version = "3.0.9"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009033100":
switch (navigator.productSub) {
case "2009033100": ua_version = "3.0.8"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "2009042113": ua_version = "3.0.9"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
} break;
case "2009040820": ua_version = "3.0.9"; os_name = oses_linux; break;
case "2009040821": ua_version = "3.0.9"; os_name = oses_windows; break;
case "2009042113": ua_version = "3.0.10"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009042114": ua_version = "3.0.10"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "2009042315": ua_version = "3.0.10"; os_name = oses_linux; break;
case "2009042316": ua_version = "3.0.10"; os_name = oses_windows; break;
case "20090427153806": ua_version = "3.5.0.b4"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20090427153807": ua_version = "3.5.0.b4"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "2009060214": ua_version = "3.0.11"; os_name = oses_linux; break;
case "2009060215": ua_version = "3.0.11"; os_name = oses_windows; break;
case "2009060308":
switch (navigator.productSub) {
case "2009060308": ua_version = "3.0.11"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009070811": ua_version = "3.0.12"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
} break;
case "2009060309":
switch (navigator.productSub) {
case "2009060309": ua_version = "3.0.11"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "2009070811": ua_version = "3.0.12"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
} break;
case "2009060310": ua_version = "3.0.11"; os_name = oses_linux; os_vendor = "BackTrack"; break;
case "2009062005": ua_version = "3.0.11"; os_name = oses_linux; os_vendor = "PCLunixOS"; break;
case "20090624012136": ua_version = "3.5.0"; os_name = oses_mac_osx; break;
case "20090624012820": ua_version = "3.5.0"; os_name = oses_linux; break;
case "20090701234143": ua_version = "3.5.0"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20090702060527": ua_version = "3.5.0"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "2009070610": ua_version = "3.0.12"; os_name = oses_linux; break;
case "2009070611": ua_version = "3.0.12"; os_name = oses_windows; break;
case "2009070811": ua_version = "3.0.13"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "20090715083437": ua_version = "3.5.1"; os_name = oses_mac_osx; break;
case "20090715083816": ua_version = "3.5.1"; os_name = oses_linux; break;
case "20090715094852": ua_version = "3.5.1"; os_name = oses_windows; break;
case "2009072202": ua_version = "3.0.12"; os_name = oses_linux; os_vendor = "Oracle"; break;
case "2009072711": ua_version = "3.0.12"; os_name = oses_linux; os_vendor = "CentOS"; break;
case "20090729211433": ua_version = "3.5.2"; os_name = oses_mac_osx; break;
case "20090729211829": ua_version = "3.5.2"; os_name = oses_linux; break;
case "20090729225027": ua_version = "3.5.2"; os_name = oses_windows; break;
case "2009073021": ua_version = "3.0.13"; os_name = oses_linux; break;
case "2009073022": ua_version = "3.0.13"; os_name = oses_windows; break;
case "20090824085414": ua_version = "3.5.3"; os_name = oses_mac_osx; break;
case "20090824085743": ua_version = "3.5.3"; os_name = oses_linux; break;
case "20090824101458": ua_version = "3.5.3"; os_name = oses_windows; break;
case "2009082707": ua_version = "3.0.14"; break;
case "2009090216": ua_version = "3.0.14"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20090914014745": ua_version = "3.5.3"; os_name = oses_linux; os_vendor = "Mandriva"; arch = arch_x86; break;
case "20090915065903": ua_version = "3.5.3"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86_64; break;
case "20090915070141": ua_version = "3.5.3"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86; break;
case "20091007090112": ua_version = "3.5.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break; // Could also be Mint x86
case "20091007095328": ua_version = "3.5.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break; // Could also be Mint x86-64
case "2009101600":
switch (navigator.productSub) {
case "2009101600": ua_version = "3.0.15"; break; // Can be either Mac or Linux
case "20091016": ua_version = "3.5.4"; os_name = oses_linux; os_vendor = "SUSE"; arch = arch_x86; break;
} break;
case "2009101601": ua_version = "3.0.15"; os_name = oses_windows; break;
case "20091016081620": ua_version = "3.5.4"; os_name = oses_mac_osx; break;
case "20091016081727": ua_version = "3.5.4"; os_name = oses_linux; break;
case "20091016092926": ua_version = "3.5.4"; os_name = oses_windows; break;
case "20091020122601": ua_version = "3.5.4"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break; // Could also be Mint x86-64
case "2009102814":
switch (navigator.productSub) {
case "2009121601": ua_version = "3.0.16"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "2009121602": ua_version = "3.0.16"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "2010010604": ua_version = "3.0.17"; os_name = oses_linux; os_vendor = "Mint"; break;
case "2010021501": ua_version = "3.0.17;xul1.9.0.18"; os_name = oses_linux; os_vendor = "Mint"; arch = arch_x86; break;
case "2010021502": ua_version = "3.0.17;xul1.9.0.18"; os_name = oses_linux; os_vendor = "Mint"; arch = arch_x86_64; break;
} break;
case "2009102815":
switch (navigator.productSub) {
case "2009102815": ua_version = "3.0.15"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2009121601": ua_version = "3.0.16"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
} break;
case "20091029152254": ua_version = "3.6.0.b1"; os_name = oses_linux; break;
case "20091029171059": ua_version = "3.6.0.b1"; os_name = oses_windows; break;
case "20091102134505": ua_version = "3.5.5"; os_name = oses_mac_osx; break;
case "20091102141836": ua_version = "3.5.5"; os_name = oses_linux; break;
case "20091102152451": ua_version = "3.5.5"; os_name = oses_windows; break;
case "2009110421": ua_version = "3.0.15"; os_name = oses_freebsd; arch = arch_x86; break;
case "20091106091959": ua_version = "3.5.5"; os_name = oses_linux; os_vendor = "Mandriva"; arch = arch_x86; break;
case "20091106140514": ua_version = "3.5.5"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20091106145609": ua_version = "3.5.5"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20091108163911": ua_version = "3.6.0.b2"; os_name = oses_linux; break;
case "20091108181924": ua_version = "3.6.0.b2"; os_name = oses_windows; break;
case "20091109125225":
switch (navigator.productSub) {
case "20091109": ua_version = "3.5.5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20091215": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
} break;
case "20091109134913": ua_version = "3.5.5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20091115172547": ua_version = "3.6.0.b3"; os_name = oses_linux; break;
case "20091115182845": ua_version = "3.6.0.b3"; os_name = oses_windows; break;
case "20091124201530": ua_version = "3.6.0.b4"; os_name = oses_mac_osx; break;
case "20091124201751": ua_version = "3.6.0.b4"; os_name = oses_linux; break;
case "20091124213835": ua_version = "3.6.0.b4"; os_name = oses_windows; break;
case "2009120100": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20091201203240": ua_version = "3.5.6"; os_name = oses_mac_osx; break;
case "20091201204959": ua_version = "3.5.6"; os_name = oses_linux; break;
case "20091201220228": ua_version = "3.5.6"; os_name = oses_windows; break;
case "2009120206": ua_version = "3.0.16"; break; // Can be either Mac or Linux
case "2009120208": ua_version = "3.0.16"; os_name = oses_windows; break;
case "20091204132459": ua_version = "3.6.0.b5"; os_name = oses_linux; break;
case "20091204132509": ua_version = "3.6.0.b5"; os_name = oses_mac_osx; break;
case "20091204143806": ua_version = "3.6.0.b5"; os_name = oses_windows; break;
case "20091215230859": ua_version = "3.5.7"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20091215230946": ua_version = "3.5.7"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20091215231400": ua_version = "3.5.7"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break; // Could also be Mint x86
case "20091215231754":
switch (navigator.productSub) {
case "20091215": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100106": ua_version = "3.5.7"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break; // Could also be Mint x86-64
} break;
case "2009121601":
switch (navigator.productSub) {
case "2009121601": ua_version = "3.0.16"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "2010010604": ua_version = "3.0.17"; os_name = oses_linux; os_vendor = "Ubuntu"; break; // Could also be Mint x86-64
} break;
case "2009121602": ua_version = "3.0.17"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "20091216104148": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Mandriva"; break;
case "20091216132458": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20091216132537": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20091216142458": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20091216142519": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "2009121708": ua_version = "3.0.16"; os_name = oses_linux; os_vendor = "CentOS"; arch = arch_x86; break;
case "20091221151141": ua_version = "3.5.7"; os_name = oses_mac_osx; break;
case "20091221152502": ua_version = "3.5.7"; os_name = oses_linux; break;
case "2009122115": ua_version = "3.0.17"; break; // Can be either Mac or Linux
case "20091221164558": ua_version = "3.5.7"; os_name = oses_windows; break;
case "2009122116": ua_version = "3.0.17"; os_name = oses_windows; break;
case "2009122200": ua_version = "3.5.7"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20091223231431": ua_version = "3.5.6"; os_name = oses_linux; os_vendor = "PCLunixOS"; arch = arch_x86; break;
case "20100105194006": ua_version = "3.6.0.rc1"; os_name = oses_mac_osx; break;
case "20100105194116": ua_version = "3.6.0.rc1"; os_name = oses_linux; break;
case "20100105212446": ua_version = "3.6.0.rc1"; os_name = oses_windows; break;
case "2010010604": ua_version = "3.0.18"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "20100106054534": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break; // Could also be Mint x86
case "20100106054634": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break; // Could also be Mint x86-64
case "2010010605": ua_version = "3.0.18"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100106211825": ua_version = "3.5.7"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100106212742": ua_version = "3.5.7"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20100106215614": ua_version = "3.5.7"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100110112429": ua_version = "3.5.7"; os_name = oses_linux; os_vendor = "Mandriva"; break;
case "20100115132715": ua_version = "3.6.0"; os_name = oses_mac_osx; break;
case "20100115133306": ua_version = "3.6.0"; os_name = oses_linux; break;
case "20100115144158": ua_version = "3.6.0"; os_name = oses_windows; break;
case "20100125074043": ua_version = "3.6.0"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break; // Could also be Mint x86
case "20100125074127": ua_version = "3.6.0"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break; // Could also be Mint x86-64
case "20100125204847": ua_version = "3.6.0"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86; break; // Could also be Mint x86
case "20100125204903": ua_version = "3.6.0"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86_64; break; // Could also be Mint x86-64
case "20100202152834": ua_version = "3.5.8"; os_name = oses_mac_osx; break;
case "20100202153512": ua_version = "3.5.8"; os_name = oses_linux; break;
case "20100202165920": ua_version = "3.5.8"; os_name = oses_windows; break;
case "2010020219": ua_version = "3.0.18"; os_name = oses_mac_osx; break;
case "2010020220": ua_version = "3.0.18"; os_name = oses_windows; break;
case "2010020400": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20100212131909": ua_version = "3.6.0.2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100212132013": ua_version = "3.6.0.2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100216105329": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100216105348": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100216105410": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100216110009": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "2010021718": ua_version = "3.0.18"; os_name = oses_linux; os_vendor = "CentOS"; arch = arch_x86; break;
case "20100218022359": ua_version = "3.6.0.4"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100218022705": ua_version = "3.6.0.4"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100218112915": ua_version = "3.5.8"; os_name = oses_linux; os_vendor = "Mandriva"; arch = arch_x86; break;
case "20100222120605": ua_version = "3.6.0.5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100222120717": ua_version = "3.6.0.5"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100301015346": ua_version = "3.6.0"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100305054927": ua_version = "3.6.0"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20100307204001": ua_version = "3.6.0"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100308142847": ua_version = "3.6.0.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100308151019": ua_version = "3.6.0.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "2010031218": ua_version = "3.0.19"; break; // Mac OS X or Linux
case "2010031422": ua_version = "3.0.19"; os_name = oses_windows; break;
case "20100315075757": ua_version = "3.5.9"; os_name = oses_linux; break;
case "20100315080228": ua_version = "3.5.9"; os_name = oses_mac_osx; break;
case "20100315083431": ua_version = "3.5.9"; os_name = oses_windows; break;
case "20100316055951": ua_version = "3.6.2"; os_name = oses_mac_osx; break;
case "20100316060223": ua_version = "3.6.2"; os_name = oses_linux; break;
case "20100316074819": ua_version = "3.6.2"; os_name = oses_windows; break;
case "2010031700": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20100323102218": ua_version = "3.6.2"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100323102339": ua_version = "3.6.2"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100323194640": ua_version = "3.6.2"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20100324182054": ua_version = "3.6.2"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100330071911": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100330072017": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100330072020": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100330072034": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100401064631": ua_version = "3.6.3"; os_name = oses_mac_osx; break;
case "20100401074458": ua_version = "3.6.3"; os_name = oses_linux; break;
case "20100401080539": ua_version = "3.6.3"; os_name = oses_windows; break;
case "20100401144201": ua_version = "3.6.2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2010040116": ua_version = "3.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2010040118": ua_version = "3.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2010040119": ua_version = "3.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100401213457": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "2010040121": ua_version = "3.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "2010040123": ua_version = "3.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "2010040200": ua_version = "3.0.19"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100402010516": ua_version = "3.5.9"; os_name = oses_linux; os_vendor = "Mint"; arch = arch_x86_64; break;
case "20100402041908": ua_version = "3.6.2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100403042003": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100403082016": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100404024515": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100404024646": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100404104043": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "PClinuxOS"; arch = arch_x86_64; break;
case "20100409151117": ua_version = "3.6.3.2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100409170726": ua_version = "3.6.3.2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100412125148": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Mandriva"; arch = arch_x86; break;
case "20100413152922": ua_version = "3.6.4.b1"; os_name = oses_mac_osx; break;
case "20100413154310": ua_version = "3.6.4.b1"; os_name = oses_linux; break;
case "20100413172113": ua_version = "3.6.4.b1"; os_name = oses_windows; break;
case "20100415062243": ua_version = "3.6.3.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100415103754": ua_version = "3.6.3.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100416101101": ua_version = "3.6.3.2"; os_name = oses_linux; os_vendor = "Mandriva"; arch = arch_x86; break;
case "2010041700": ua_version = "3.6.4.1"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20100419015333": ua_version = "3.6.3"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20100423043606": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86_64; break;
case "20100423140709": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100423141150": ua_version = "3.6.3"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100423142835": ua_version = "3.6.3"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100502202326": ua_version = "3.6.4.b2"; os_name = oses_linux; break;
case "20100502202401": ua_version = "3.6.4.b2"; os_name = oses_mac_osx; break;
case "20100502221517": ua_version = "3.6.4.b2"; os_name = oses_windows; break;
case "20100503113315": ua_version = "3.6.4.b3"; os_name = oses_mac_osx; break;
case "20100503113541": ua_version = "3.6.4.b3"; os_name = oses_linux; break;
case "20100503122926": ua_version = "3.6.4.b3"; os_name = oses_windows; break;
case "20100504085637": ua_version = "3.5.10"; os_name = oses_linux; break;
case "20100504085753": ua_version = "3.5.10"; os_name = oses_mac_osx; break;
case "20100504093643": ua_version = "3.5.10"; os_name = oses_windows; break;
case "2010050600": ua_version = "3.5.10"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "2010051300": ua_version = "3.6.4.1"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20100513134853": ua_version = "3.6.4.b4"; os_name = oses_mac_osx; break;
case "20100513140540": ua_version = "3.6.4.b4"; os_name = oses_linux; break;
case "20100513144105": ua_version = "3.6.4.b4"; os_name = oses_windows; break;
case "20100513190740": ua_version = "3.6.3"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20100523180910": ua_version = "3.6.4.b5"; os_name = oses_mac_osx; break;
case "20100523181754": ua_version = "3.6.4.b5"; os_name = oses_linux; break;
case "20100523185824": ua_version = "3.6.4.b5"; os_name = oses_windows; break;
case "20100527084110": ua_version = "3.6.4.b6"; os_name = oses_mac_osx; break;
case "20100527085242": ua_version = "3.6.4.b6"; os_name = oses_linux; break;
case "20100527093236": ua_version = "3.6.4.b6"; os_name = oses_windows; break;
case "2010061100": ua_version = "3.6.4"; os_name = oses_linux; os_vendor = "SUSE"; break;
case "20100611134546": ua_version = "3.6.4.b7"; os_name = oses_mac_osx; break;
case "20100611135942": ua_version = "3.6.4.b7"; os_name = oses_linux; break;
case "20100611143157": ua_version = "3.6.4.b7"; os_name = oses_windows; break;
case "20100622203044": ua_version = "3.6.4"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100622203045": ua_version = "3.6.4"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100622204750": ua_version = "3.5.10"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86_64; break;
case "20100622204830": ua_version = "3.5.10"; os_name = oses_linux; os_vendor = "Fedora"; arch = arch_x86; break;
case "20100622205038": ua_version = "3.6.4"; os_name = oses_linux; os_vendor = "PClinuxOS"; arch = arch_x86_64; break;
case "20100623081410": ua_version = "3.6.4"; os_name = oses_linux; os_vendor = "CentOS"; arch = arch_x86_64; break;
case "20100623081921": ua_version = "3.6.4"; os_name = oses_linux; os_vendor = "CentOS"; arch = arch_x86; break;
case "20100623155731": ua_version = "3.6.4.b7"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100623200132": ua_version = "3.6.4.b7"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100625222733": ua_version = "3.6.6"; os_name = oses_linux; break;
case "20100625223402": ua_version = "3.6.6"; os_name = oses_mac_osx; break;
case "20100625231939": ua_version = "3.6.6"; os_name = oses_windows; break;
case "20100626104508": ua_version = "3.6.4"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86; break;
case "20100627211341": ua_version = "3.6.4"; os_name = oses_freebsd; os_vendor = "PC-BSD"; arch = arch_x86_64; break;
case "20100628082832": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "PClinuxOS"; arch = arch_x86_64; break;
case "20100628124739": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100628143222": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100628232431": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100629034705": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100629105354": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Mandriva"; arch = arch_x86; break;
case "20100630130433": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100630131607": ua_version = "4.0.0.b1"; os_name = oses_mac_osx; break;
case "20100630132217": ua_version = "4.0.0.b1"; os_name = oses_linux; break;
case "20100630141702": ua_version = "4.0.0.b1"; os_name = oses_windows; break;
case "20100630174226": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86_64; break;
case "20100630180611": ua_version = "3.6.6"; os_name = oses_linux; os_vendor = "Sabayon"; arch = arch_x86; break;
case "20100709115208": ua_version = "3.6.7.b1"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86; break;
case "20100709183408": ua_version = "3.6.7.b1"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20100716093011": ua_version = "3.6.7.b2"; os_name = oses_linux; os_vendor = "Ubuntu"; arch = arch_x86_64; break;
case "20101203075014": ua_version = "3.6.13"; os_name = oses_windows; break;
case "20101206122825": ua_version = "3.6.13"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "20110318052756": ua_version = "4.0"; os_name = oses_windows; break; // browsershots: Firefox 4.0 / Windows XP
case "20110420144310": ua_version = "3.5.19"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Firefox 3.5.19 / Debian 4.0 (Etch)
case "20110615151330": ua_version = "5.0"; os_name = oses_windows; break; // browsershots: Firefox 5.0 / Windows XP
case "20110811165603": ua_version = "6.0"; os_name = oses_windows; break; // browsershots: Firefox 6.0 / Windows XP
case "20110830092941": ua_version = "6.0.1"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Firefox 6.0.1 / Debian 4.0 (Etch)
case "20110922153450": ua_version = "7.0"; os_name = oses_windows; break; // browsershots: Firefox 7.0 / Windows XP
case "20110928134238": ua_version = "7.0.1"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Firefox 7.0.1 / Debian 4.0 (Etch)
case "20111104165243": ua_version = "8.0"; os_name = oses_windows; break; // browsershots: Firefox 8.0 / Windows XP
case "20111115183813": ua_version = "8.0"; os_name = oses_linux; os_vendor = "Ubuntu"; break; // browsershots: Firefox 8.0 / Ubuntu 9.10 (Karmic Koala)
case "20111216140209": ua_version = "9.0"; os_name = oses_windows; break; // browsershots: Firefox 9.0 / Windows XP
case "20120129021758": ua_version = "10.0"; os_name = oses_windows; break; // browsershots: Firefox 10.0 / Windows 2000
case "20120201083324": ua_version = "3.5.16"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Iceweasel 3.5.16 / Debian 4.0 (Etch)
case "20120216013254": ua_version = "3.6.27"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Firefox 3.6.27 / Debian 4.0 (Etch)
case "20120216100510": ua_version = "10.0.2"; os_name = oses_linux; os_vendor = "Ubuntu"; break; // browsershots: Firefox 10.0.2 / Ubuntu 9.10 (Karmic Koala)
case "20120310010316": ua_version = "11.0"; os_name = oses_linux; os_vendor = "Ubuntu"; break; // browsershots: Firefox 11.0 / Ubuntu 9.10 (Karmic Koala)
case "20120310194926": ua_version = "11.0"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "20120312181643":
// It is disconcerting that a buildID is the same on Windows
// and Mac, need to examine more versions on Mac.
ua_version = "11.0";
if (/Mac/.test(navigator.oscpu)) {
os_name = oses_mac_osx;
} else {
os_name = oses_windows; // browsershots: Firefox 11.0 / Windows XP
}
break;
case "20120314195616": ua_version = "12.0"; os_name = oses_linux; os_vendor = "Debian"; break; // browsershots: Firefox 12.0 / Debian 4.0 (Etch)
case "20120423142301": ua_version = "12.0"; os_name = oses_linux; os_vendor = "Ubuntu"; break;
case "20120424151700": ua_version = "12.0"; os_name = oses_linux; os_vendor = "Fedora"; break;
default:
version = this.searchVersion("Firefox", navigator.userAgent);
// Verify whether the ua string is lying by checking if it contains
// the major version we detected using known objects above. If it
// appears to be truthful, then use its more precise version number.
if (version && ua_version && version.split(".")[0] == ua_version.split(".")[0]) {
// The version number will sometimes end with a space or end of
// line, so strip off anything after a space if one exists
if (-1 != version.indexOf(" ")) {
version = version.substr(0,version.indexOf(" "));
}
ua_version = version;
} else {
ua_is_lying = true;
}
break;
}
//if (ua_is_lying) { alert("UA is lying"); }
//alert(ua_version + " vs " + navigator.userAgent);
// end navigator.buildID checks
} else if (typeof ScriptEngineMajorVersion == "function") {
} else if (typeof ScriptEngineMajorVersion == "function") {
// Then this is IE and we can very reliably detect the OS.
// Need to add detection for IE on Mac. Low priority, since we
// don't have any sploits for it yet and it's a very low market

2
external/ruby-kissfft/Gemfile vendored
View File

@ -1,2 +0,0 @@
source "http://rubygems.org"
gemspec

30
external/ruby-kissfft/LICENSE vendored
View File

@ -1,30 +0,0 @@
Kiss FFT library
==================
Copyright (c) 2003-2010 Mark Borgerding
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the author nor the names of any contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Ruby wrapper layer
==================
Copyright (C) 2009-2012 H D Moore < hdm[at]rapid7.com >
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the author nor the names of any contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

1
external/ruby-kissfft/Rakefile vendored
View File

@ -1 +0,0 @@
require "bundler/gem_tasks"

164
external/ruby-kissfft/ext/kissfft/_kiss_fft_guts.h vendored
View File

@ -1,164 +0,0 @@
/*
Copyright (c) 2003-2010, Mark Borgerding
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the author nor the names of any contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/* kiss_fft.h
defines kiss_fft_scalar as either short or a float type
and defines
typedef struct { kiss_fft_scalar r; kiss_fft_scalar i; }kiss_fft_cpx; */
#include "kiss_fft.h"
#include <limits.h>
#define MAXFACTORS 32
/* e.g. an fft of length 128 has 4 factors
as far as kissfft is concerned
4*4*4*2
*/
struct kiss_fft_state{
int nfft;
int inverse;
int factors[2*MAXFACTORS];
kiss_fft_cpx twiddles[1];
};
/*
Explanation of macros dealing with complex math:
C_MUL(m,a,b) : m = a*b
C_FIXDIV( c , div ) : if a fixed point impl., c /= div. noop otherwise
C_SUB( res, a,b) : res = a - b
C_SUBFROM( res , a) : res -= a
C_ADDTO( res , a) : res += a
* */
#ifdef FIXED_POINT
#if (FIXED_POINT==32)
# define FRACBITS 31
# define SAMPPROD int64_t
#define SAMP_MAX 2147483647
#else
# define FRACBITS 15
# define SAMPPROD int32_t
#define SAMP_MAX 32767
#endif
#define SAMP_MIN -SAMP_MAX
#if defined(CHECK_OVERFLOW)
# define CHECK_OVERFLOW_OP(a,op,b) \
if ( (SAMPPROD)(a) op (SAMPPROD)(b) > SAMP_MAX || (SAMPPROD)(a) op (SAMPPROD)(b) < SAMP_MIN ) { \
fprintf(stderr,"WARNING:overflow @ " __FILE__ "(%d): (%d " #op" %d) = %ld\n",__LINE__,(a),(b),(SAMPPROD)(a) op (SAMPPROD)(b) ); }
#endif
# define smul(a,b) ( (SAMPPROD)(a)*(b) )
# define sround( x ) (kiss_fft_scalar)( ( (x) + (1<<(FRACBITS-1)) ) >> FRACBITS )
# define S_MUL(a,b) sround( smul(a,b) )
# define C_MUL(m,a,b) \
do{ (m).r = sround( smul((a).r,(b).r) - smul((a).i,(b).i) ); \
(m).i = sround( smul((a).r,(b).i) + smul((a).i,(b).r) ); }while(0)
# define DIVSCALAR(x,k) \
(x) = sround( smul( x, SAMP_MAX/k ) )
# define C_FIXDIV(c,div) \
do { DIVSCALAR( (c).r , div); \
DIVSCALAR( (c).i , div); }while (0)
# define C_MULBYSCALAR( c, s ) \
do{ (c).r = sround( smul( (c).r , s ) ) ;\
(c).i = sround( smul( (c).i , s ) ) ; }while(0)
#else /* not FIXED_POINT*/
# define S_MUL(a,b) ( (a)*(b) )
#define C_MUL(m,a,b) \
do{ (m).r = (a).r*(b).r - (a).i*(b).i;\
(m).i = (a).r*(b).i + (a).i*(b).r; }while(0)
# define C_FIXDIV(c,div) /* NOOP */
# define C_MULBYSCALAR( c, s ) \
do{ (c).r *= (s);\
(c).i *= (s); }while(0)
#endif
#ifndef CHECK_OVERFLOW_OP
# define CHECK_OVERFLOW_OP(a,op,b) /* noop */
#endif
#define C_ADD( res, a,b)\
do { \
CHECK_OVERFLOW_OP((a).r,+,(b).r)\
CHECK_OVERFLOW_OP((a).i,+,(b).i)\
(res).r=(a).r+(b).r; (res).i=(a).i+(b).i; \
}while(0)
#define C_SUB( res, a,b)\
do { \
CHECK_OVERFLOW_OP((a).r,-,(b).r)\
CHECK_OVERFLOW_OP((a).i,-,(b).i)\
(res).r=(a).r-(b).r; (res).i=(a).i-(b).i; \
}while(0)
#define C_ADDTO( res , a)\
do { \
CHECK_OVERFLOW_OP((res).r,+,(a).r)\
CHECK_OVERFLOW_OP((res).i,+,(a).i)\
(res).r += (a).r; (res).i += (a).i;\
}while(0)
#define C_SUBFROM( res , a)\
do {\
CHECK_OVERFLOW_OP((res).r,-,(a).r)\
CHECK_OVERFLOW_OP((res).i,-,(a).i)\
(res).r -= (a).r; (res).i -= (a).i; \
}while(0)
#ifdef FIXED_POINT
# define KISS_FFT_COS(phase) floor(.5+SAMP_MAX * cos (phase))
# define KISS_FFT_SIN(phase) floor(.5+SAMP_MAX * sin (phase))
# define HALF_OF(x) ((x)>>1)
#elif defined(USE_SIMD)
# define KISS_FFT_COS(phase) _mm_set1_ps( cos(phase) )
# define KISS_FFT_SIN(phase) _mm_set1_ps( sin(phase) )
# define HALF_OF(x) ((x)*_mm_set1_ps(.5))
#else
# define KISS_FFT_COS(phase) (kiss_fft_scalar) cos(phase)
# define KISS_FFT_SIN(phase) (kiss_fft_scalar) sin(phase)
# define HALF_OF(x) ((x)*.5)
#endif
#define kf_cexp(x,phase) \
do{ \
(x)->r = KISS_FFT_COS(phase);\
(x)->i = KISS_FFT_SIN(phase);\
}while(0)
/* a debugging function */
#define pcpx(c)\
fprintf(stderr,"%g + %gi\n",(double)((c)->r),(double)((c)->i) )
#ifdef KISS_FFT_USE_ALLOCA
// define this to allow use of alloca instead of malloc for temporary buffers
// Temporary buffers are used in two case:
// 1. FFT sizes that have "bad" factors. i.e. not 2,3 and 5
// 2. "in-place" FFTs. Notice the quotes, since kissfft does not really do an in-place transform.
#include <alloca.h>
#define KISS_FFT_TMP_ALLOC(nbytes) alloca(nbytes)
#define KISS_FFT_TMP_FREE(ptr)
#else
#define KISS_FFT_TMP_ALLOC(nbytes) KISS_FFT_MALLOC(nbytes)
#define KISS_FFT_TMP_FREE(ptr) KISS_FFT_FREE(ptr)
#endif

5
external/ruby-kissfft/ext/kissfft/extconf.rb vendored
View File

@ -1,5 +0,0 @@
require 'mkmf'
if(have_library("m"))
create_makefile("kissfft")
end

408
external/ruby-kissfft/ext/kissfft/kiss_fft.c vendored
View File

@ -1,408 +0,0 @@
/*
Copyright (c) 2003-2010, Mark Borgerding
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the author nor the names of any contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "_kiss_fft_guts.h"
/* The guts header contains all the multiplication and addition macros that are defined for
fixed or floating point complex numbers. It also delares the kf_ internal functions.
*/
static void kf_bfly2(
kiss_fft_cpx * Fout,
const size_t fstride,
const kiss_fft_cfg st,
int m
)
{
kiss_fft_cpx * Fout2;
kiss_fft_cpx * tw1 = st->twiddles;
kiss_fft_cpx t;
Fout2 = Fout + m;
do{
C_FIXDIV(*Fout,2); C_FIXDIV(*Fout2,2);
C_MUL (t, *Fout2 , *tw1);
tw1 += fstride;
C_SUB( *Fout2 , *Fout , t );
C_ADDTO( *Fout , t );
++Fout2;
++Fout;
}while (--m);
}
static void kf_bfly4(
kiss_fft_cpx * Fout,
const size_t fstride,
const kiss_fft_cfg st,
const size_t m
)
{
kiss_fft_cpx *tw1,*tw2,*tw3;
kiss_fft_cpx scratch[6];
size_t k=m;
const size_t m2=2*m;
const size_t m3=3*m;
tw3 = tw2 = tw1 = st->twiddles;
do {
C_FIXDIV(*Fout,4); C_FIXDIV(Fout[m],4); C_FIXDIV(Fout[m2],4); C_FIXDIV(Fout[m3],4);
C_MUL(scratch[0],Fout[m] , *tw1 );
C_MUL(scratch[1],Fout[m2] , *tw2 );
C_MUL(scratch[2],Fout[m3] , *tw3 );
C_SUB( scratch[5] , *Fout, scratch[1] );
C_ADDTO(*Fout, scratch[1]);
C_ADD( scratch[3] , scratch[0] , scratch[2] );
C_SUB( scratch[4] , scratch[0] , scratch[2] );
C_SUB( Fout[m2], *Fout, scratch[3] );
tw1 += fstride;
tw2 += fstride*2;
tw3 += fstride*3;
C_ADDTO( *Fout , scratch[3] );
if(st->inverse) {
Fout[m].r = scratch[5].r - scratch[4].i;
Fout[m].i = scratch[5].i + scratch[4].r;
Fout[m3].r = scratch[5].r + scratch[4].i;
Fout[m3].i = scratch[5].i - scratch[4].r;
}else{
Fout[m].r = scratch[5].r + scratch[4].i;
Fout[m].i = scratch[5].i - scratch[4].r;
Fout[m3].r = scratch[5].r - scratch[4].i;
Fout[m3].i = scratch[5].i + scratch[4].r;
}
++Fout;
}while(--k);
}
static void kf_bfly3(
kiss_fft_cpx * Fout,
const size_t fstride,
const kiss_fft_cfg st,
size_t m
)
{
size_t k=m;
const size_t m2 = 2*m;
kiss_fft_cpx *tw1,*tw2;
kiss_fft_cpx scratch[5];
kiss_fft_cpx epi3;
epi3 = st->twiddles[fstride*m];
tw1=tw2=st->twiddles;
do{
C_FIXDIV(*Fout,3); C_FIXDIV(Fout[m],3); C_FIXDIV(Fout[m2],3);
C_MUL(scratch[1],Fout[m] , *tw1);
C_MUL(scratch[2],Fout[m2] , *tw2);
C_ADD(scratch[3],scratch[1],scratch[2]);
C_SUB(scratch[0],scratch[1],scratch[2]);
tw1 += fstride;
tw2 += fstride*2;
Fout[m].r = Fout->r - HALF_OF(scratch[3].r);
Fout[m].i = Fout->i - HALF_OF(scratch[3].i);
C_MULBYSCALAR( scratch[0] , epi3.i );
C_ADDTO(*Fout,scratch[3]);
Fout[m2].r = Fout[m].r + scratch[0].i;
Fout[m2].i = Fout[m].i - scratch[0].r;
Fout[m].r -= scratch[0].i;
Fout[m].i += scratch[0].r;
++Fout;
}while(--k);
}
static void kf_bfly5(
kiss_fft_cpx * Fout,
const size_t fstride,
const kiss_fft_cfg st,
int m
)
{
kiss_fft_cpx *Fout0,*Fout1,*Fout2,*Fout3,*Fout4;
int u;
kiss_fft_cpx scratch[13];
kiss_fft_cpx * twiddles = st->twiddles;
kiss_fft_cpx *tw;
kiss_fft_cpx ya,yb;
ya = twiddles[fstride*m];
yb = twiddles[fstride*2*m];
Fout0=Fout;
Fout1=Fout0+m;
Fout2=Fout0+2*m;
Fout3=Fout0+3*m;
Fout4=Fout0+4*m;
tw=st->twiddles;
for ( u=0; u<m; ++u ) {
C_FIXDIV( *Fout0,5); C_FIXDIV( *Fout1,5); C_FIXDIV( *Fout2,5); C_FIXDIV( *Fout3,5); C_FIXDIV( *Fout4,5);
scratch[0] = *Fout0;
C_MUL(scratch[1] ,*Fout1, tw[u*fstride]);
C_MUL(scratch[2] ,*Fout2, tw[2*u*fstride]);
C_MUL(scratch[3] ,*Fout3, tw[3*u*fstride]);
C_MUL(scratch[4] ,*Fout4, tw[4*u*fstride]);
C_ADD( scratch[7],scratch[1],scratch[4]);
C_SUB( scratch[10],scratch[1],scratch[4]);
C_ADD( scratch[8],scratch[2],scratch[3]);
C_SUB( scratch[9],scratch[2],scratch[3]);
Fout0->r += scratch[7].r + scratch[8].r;
Fout0->i += scratch[7].i + scratch[8].i;
scratch[5].r = scratch[0].r + S_MUL(scratch[7].r,ya.r) + S_MUL(scratch[8].r,yb.r);
scratch[5].i = scratch[0].i + S_MUL(scratch[7].i,ya.r) + S_MUL(scratch[8].i,yb.r);
scratch[6].r = S_MUL(scratch[10].i,ya.i) + S_MUL(scratch[9].i,yb.i);
scratch[6].i = -S_MUL(scratch[10].r,ya.i) - S_MUL(scratch[9].r,yb.i);
C_SUB(*Fout1,scratch[5],scratch[6]);
C_ADD(*Fout4,scratch[5],scratch[6]);
scratch[11].r = scratch[0].r + S_MUL(scratch[7].r,yb.r) + S_MUL(scratch[8].r,ya.r);
scratch[11].i = scratch[0].i + S_MUL(scratch[7].i,yb.r) + S_MUL(scratch[8].i,ya.r);
scratch[12].r = - S_MUL(scratch[10].i,yb.i) + S_MUL(scratch[9].i,ya.i);
scratch[12].i = S_MUL(scratch[10].r,yb.i) - S_MUL(scratch[9].r,ya.i);
C_ADD(*Fout2,scratch[11],scratch[12]);
C_SUB(*Fout3,scratch[11],scratch[12]);
++Fout0;++Fout1;++Fout2;++Fout3;++Fout4;
}
}
/* perform the butterfly for one stage of a mixed radix FFT */
static void kf_bfly_generic(
kiss_fft_cpx * Fout,
const size_t fstride,
const kiss_fft_cfg st,
int m,
int p
)
{
int u,k,q1,q;
kiss_fft_cpx * twiddles = st->twiddles;
kiss_fft_cpx t;
int Norig = st->nfft;
kiss_fft_cpx * scratch = (kiss_fft_cpx*)KISS_FFT_TMP_ALLOC(sizeof(kiss_fft_cpx)*p);
for ( u=0; u<m; ++u ) {
k=u;
for ( q1=0 ; q1<p ; ++q1 ) {
scratch[q1] = Fout[ k ];
C_FIXDIV(scratch[q1],p);
k += m;
}
k=u;
for ( q1=0 ; q1<p ; ++q1 ) {
int twidx=0;
Fout[ k ] = scratch[0];
for (q=1;q<p;++q ) {
twidx += fstride * k;
if (twidx>=Norig) twidx-=Norig;
C_MUL(t,scratch[q] , twiddles[twidx] );
C_ADDTO( Fout[ k ] ,t);
}
k += m;
}
}
KISS_FFT_TMP_FREE(scratch);
}
static
void kf_work(
kiss_fft_cpx * Fout,
const kiss_fft_cpx * f,
const size_t fstride,
int in_stride,
int * factors,
const kiss_fft_cfg st
)
{
kiss_fft_cpx * Fout_beg=Fout;
const int p=*factors++; /* the radix */
const int m=*factors++; /* stage's fft length/p */
const kiss_fft_cpx * Fout_end = Fout + p*m;
#ifdef _OPENMP
// use openmp extensions at the
// top-level (not recursive)
if (fstride==1 && p<=5)
{
int k;
// execute the p different work units in different threads
# pragma omp parallel for
for (k=0;k<p;++k)
kf_work( Fout +k*m, f+ fstride*in_stride*k,fstride*p,in_stride,factors,st);
// all threads have joined by this point
switch (p) {
case 2: kf_bfly2(Fout,fstride,st,m); break;
case 3: kf_bfly3(Fout,fstride,st,m); break;
case 4: kf_bfly4(Fout,fstride,st,m); break;
case 5: kf_bfly5(Fout,fstride,st,m); break;
default: kf_bfly_generic(Fout,fstride,st,m,p); break;
}
return;
}
#endif
if (m==1) {
do{
*Fout = *f;
f += fstride*in_stride;
}while(++Fout != Fout_end );
}else{
do{
// recursive call:
// DFT of size m*p performed by doing
// p instances of smaller DFTs of size m,
// each one takes a decimated version of the input
kf_work( Fout , f, fstride*p, in_stride, factors,st);
f += fstride*in_stride;
}while( (Fout += m) != Fout_end );
}
Fout=Fout_beg;
// recombine the p smaller DFTs
switch (p) {
case 2: kf_bfly2(Fout,fstride,st,m); break;
case 3: kf_bfly3(Fout,fstride,st,m); break;
case 4: kf_bfly4(Fout,fstride,st,m); break;
case 5: kf_bfly5(Fout,fstride,st,m); break;
default: kf_bfly_generic(Fout,fstride,st,m,p); break;
}
}
/* facbuf is populated by p1,m1,p2,m2, ...
where
p[i] * m[i] = m[i-1]
m0 = n */
static
void kf_factor(int n,int * facbuf)
{
int p=4;
double floor_sqrt;
floor_sqrt = floor( sqrt((double)n) );
/*factor out powers of 4, powers of 2, then any remaining primes */
do {
while (n % p) {
switch (p) {
case 4: p = 2; break;
case 2: p = 3; break;
default: p += 2; break;
}
if (p > floor_sqrt)
p = n; /* no more factors, skip to end */
}
n /= p;
*facbuf++ = p;
*facbuf++ = n;
} while (n > 1);
}
/*
*
* User-callable function to allocate all necessary storage space for the fft.
*
* The return value is a contiguous block of memory, allocated with malloc. As such,
* It can be freed with free(), rather than a kiss_fft-specific function.
* */
kiss_fft_cfg kiss_fft_alloc(int nfft,int inverse_fft,void * mem,size_t * lenmem )
{
kiss_fft_cfg st=NULL;
size_t memneeded = sizeof(struct kiss_fft_state)
+ sizeof(kiss_fft_cpx)*(nfft-1); /* twiddle factors*/
if ( lenmem==NULL ) {
st = ( kiss_fft_cfg)KISS_FFT_MALLOC( memneeded );
}else{
if (mem != NULL && *lenmem >= memneeded)
st = (kiss_fft_cfg)mem;
*lenmem = memneeded;
}
if (st) {
int i;
st->nfft=nfft;
st->inverse = inverse_fft;
for (i=0;i<nfft;++i) {
const double pi=3.141592653589793238462643383279502884197169399375105820974944;
double phase = -2*pi*i / nfft;
if (st->inverse)
phase *= -1;
kf_cexp(st->twiddles+i, phase );
}
kf_factor(nfft,st->factors);
}
return st;
}
void kiss_fft_stride(kiss_fft_cfg st,const kiss_fft_cpx *fin,kiss_fft_cpx *fout,int in_stride)
{
if (fin == fout) {
//NOTE: this is not really an in-place FFT algorithm.
//It just performs an out-of-place FFT into a temp buffer
kiss_fft_cpx * tmpbuf = (kiss_fft_cpx*)KISS_FFT_TMP_ALLOC( sizeof(kiss_fft_cpx)*st->nfft);
kf_work(tmpbuf,fin,1,in_stride, st->factors,st);
memcpy(fout,tmpbuf,sizeof(kiss_fft_cpx)*st->nfft);
KISS_FFT_TMP_FREE(tmpbuf);
}else{
kf_work( fout, fin, 1,in_stride, st->factors,st );
}
}
void kiss_fft(kiss_fft_cfg cfg,const kiss_fft_cpx *fin,kiss_fft_cpx *fout)
{
kiss_fft_stride(cfg,fin,fout,1);
}
void kiss_fft_cleanup(void)
{
// nothing needed any more
}
int kiss_fft_next_fast_size(int n)
{
while(1) {
int m=n;
while ( (m%2) == 0 ) m/=2;
while ( (m%3) == 0 ) m/=3;
while ( (m%5) == 0 ) m/=5;
if (m<=1)
break; /* n is completely factorable by twos, threes, and fives */
n++;
}
return n;
}

124
external/ruby-kissfft/ext/kissfft/kiss_fft.h vendored
View File

@ -1,124 +0,0 @@
#ifndef KISS_FFT_H
#define KISS_FFT_H
#include <stdlib.h>
#include <stdio.h>
#include <math.h>
#include <string.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
ATTENTION!
If you would like a :
-- a utility that will handle the caching of fft objects
-- real-only (no imaginary time component ) FFT
-- a multi-dimensional FFT
-- a command-line utility to perform ffts
-- a command-line utility to perform fast-convolution filtering
Then see kfc.h kiss_fftr.h kiss_fftnd.h fftutil.c kiss_fastfir.c
in the tools/ directory.
*/
#ifdef USE_SIMD
# include <xmmintrin.h>
# define kiss_fft_scalar __m128
#define KISS_FFT_MALLOC(nbytes) _mm_malloc(nbytes,16)
#define KISS_FFT_FREE _mm_free
#else
#define KISS_FFT_MALLOC malloc
#define KISS_FFT_FREE free
#endif
#ifdef FIXED_POINT
#include <sys/types.h>
# if (FIXED_POINT == 32)
# define kiss_fft_scalar int32_t
# else
# define kiss_fft_scalar int16_t
# endif
#else
# ifndef kiss_fft_scalar
/* default is float */
# define kiss_fft_scalar float
# endif
#endif
typedef struct {
kiss_fft_scalar r;
kiss_fft_scalar i;
}kiss_fft_cpx;
typedef struct kiss_fft_state* kiss_fft_cfg;
/*
* kiss_fft_alloc
*
* Initialize a FFT (or IFFT) algorithm's cfg/state buffer.
*
* typical usage: kiss_fft_cfg mycfg=kiss_fft_alloc(1024,0,NULL,NULL);
*
* The return value from fft_alloc is a cfg buffer used internally
* by the fft routine or NULL.
*
* If lenmem is NULL, then kiss_fft_alloc will allocate a cfg buffer using malloc.
* The returned value should be free()d when done to avoid memory leaks.
*
* The state can be placed in a user supplied buffer 'mem':
* If lenmem is not NULL and mem is not NULL and *lenmem is large enough,
* then the function places the cfg in mem and the size used in *lenmem
* and returns mem.
*
* If lenmem is not NULL and ( mem is NULL or *lenmem is not large enough),
* then the function returns NULL and places the minimum cfg
* buffer size in *lenmem.
* */
kiss_fft_cfg kiss_fft_alloc(int nfft,int inverse_fft,void * mem,size_t * lenmem);
/*
* kiss_fft(cfg,in_out_buf)
*
* Perform an FFT on a complex input buffer.
* for a forward FFT,
* fin should be f[0] , f[1] , ... ,f[nfft-1]
* fout will be F[0] , F[1] , ... ,F[nfft-1]
* Note that each element is complex and can be accessed like
f[k].r and f[k].i
* */
void kiss_fft(kiss_fft_cfg cfg,const kiss_fft_cpx *fin,kiss_fft_cpx *fout);
/*
A more generic version of the above function. It reads its input from every Nth sample.
* */
void kiss_fft_stride(kiss_fft_cfg cfg,const kiss_fft_cpx *fin,kiss_fft_cpx *fout,int fin_stride);
/* If kiss_fft_alloc allocated a buffer, it is one contiguous
buffer and can be simply free()d when no longer needed*/
#define kiss_fft_free free
/*
Cleans up some memory that gets managed internally. Not necessary to call, but it might clean up
your compiler output to call this before you exit.
*/
void kiss_fft_cleanup(void);
/*
* Returns the smallest integer k, such that k>=n and k has only "fast" factors (2,3,5)
*/
int kiss_fft_next_fast_size(int n);
/* for real ffts, we need an even size */
#define kiss_fftr_next_fast_size_real(n) \
(kiss_fft_next_fast_size( ((n)+1)>>1)<<1)
#ifdef __cplusplus
}
#endif
#endif

159
external/ruby-kissfft/ext/kissfft/kiss_fftr.c vendored
View File

@ -1,159 +0,0 @@
/*
Copyright (c) 2003-2004, Mark Borgerding
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the author nor the names of any contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "kiss_fftr.h"
#include "_kiss_fft_guts.h"
struct kiss_fftr_state{
kiss_fft_cfg substate;
kiss_fft_cpx * tmpbuf;
kiss_fft_cpx * super_twiddles;
#ifdef USE_SIMD
void * pad;
#endif
};
kiss_fftr_cfg kiss_fftr_alloc(int nfft,int inverse_fft,void * mem,size_t * lenmem)
{
int i;
kiss_fftr_cfg st = NULL;
size_t subsize, memneeded;
if (nfft & 1) {
fprintf(stderr,"Real FFT optimization must be even.\n");
return NULL;
}
nfft >>= 1;
kiss_fft_alloc (nfft, inverse_fft, NULL, &subsize);
memneeded = sizeof(struct kiss_fftr_state) + subsize + sizeof(kiss_fft_cpx) * ( nfft * 3 / 2);
if (lenmem == NULL) {
st = (kiss_fftr_cfg) KISS_FFT_MALLOC (memneeded);
} else {
if (*lenmem >= memneeded)
st = (kiss_fftr_cfg) mem;
*lenmem = memneeded;
}
if (!st)
return NULL;
st->substate = (kiss_fft_cfg) (st + 1); /*just beyond kiss_fftr_state struct */
st->tmpbuf = (kiss_fft_cpx *) (((char *) st->substate) + subsize);
st->super_twiddles = st->tmpbuf + nfft;
kiss_fft_alloc(nfft, inverse_fft, st->substate, &subsize);
for (i = 0; i < nfft/2; ++i) {
double phase =
-3.14159265358979323846264338327 * ((double) (i+1) / nfft + .5);
if (inverse_fft)
phase *= -1;
kf_cexp (st->super_twiddles+i,phase);
}
return st;
}
void kiss_fftr(kiss_fftr_cfg st,const kiss_fft_scalar *timedata,kiss_fft_cpx *freqdata)
{
/* input buffer timedata is stored row-wise */
int k,ncfft;
kiss_fft_cpx fpnk,fpk,f1k,f2k,tw,tdc;
if ( st->substate->inverse) {
fprintf(stderr,"kiss fft usage error: improper alloc\n");
exit(1);
}
ncfft = st->substate->nfft;
/*perform the parallel fft of two real signals packed in real,imag*/
kiss_fft( st->substate , (const kiss_fft_cpx*)timedata, st->tmpbuf );
/* The real part of the DC element of the frequency spectrum in st->tmpbuf
* contains the sum of the even-numbered elements of the input time sequence
* The imag part is the sum of the odd-numbered elements
*
* The sum of tdc.r and tdc.i is the sum of the input time sequence.
* yielding DC of input time sequence
* The difference of tdc.r - tdc.i is the sum of the input (dot product) [1,-1,1,-1...
* yielding Nyquist bin of input time sequence
*/
tdc.r = st->tmpbuf[0].r;
tdc.i = st->tmpbuf[0].i;
C_FIXDIV(tdc,2);
CHECK_OVERFLOW_OP(tdc.r ,+, tdc.i);
CHECK_OVERFLOW_OP(tdc.r ,-, tdc.i);
freqdata[0].r = tdc.r + tdc.i;
freqdata[ncfft].r = tdc.r - tdc.i;
#ifdef USE_SIMD
freqdata[ncfft].i = freqdata[0].i = _mm_set1_ps(0);
#else
freqdata[ncfft].i = freqdata[0].i = 0;
#endif
for ( k=1;k <= ncfft/2 ; ++k ) {
fpk = st->tmpbuf[k];
fpnk.r = st->tmpbuf[ncfft-k].r;
fpnk.i = - st->tmpbuf[ncfft-k].i;
C_FIXDIV(fpk,2);
C_FIXDIV(fpnk,2);
C_ADD( f1k, fpk , fpnk );
C_SUB( f2k, fpk , fpnk );
C_MUL( tw , f2k , st->super_twiddles[k-1]);
freqdata[k].r = HALF_OF(f1k.r + tw.r);
freqdata[k].i = HALF_OF(f1k.i + tw.i);
freqdata[ncfft-k].r = HALF_OF(f1k.r - tw.r);
freqdata[ncfft-k].i = HALF_OF(tw.i - f1k.i);
}
}
void kiss_fftri(kiss_fftr_cfg st,const kiss_fft_cpx *freqdata,kiss_fft_scalar *timedata)
{
/* input buffer timedata is stored row-wise */
int k, ncfft;
if (st->substate->inverse == 0) {
fprintf (stderr, "kiss fft usage error: improper alloc\n");
exit (1);
}
ncfft = st->substate->nfft;
st->tmpbuf[0].r = freqdata[0].r + freqdata[ncfft].r;
st->tmpbuf[0].i = freqdata[0].r - freqdata[ncfft].r;
C_FIXDIV(st->tmpbuf[0],2);
for (k = 1; k <= ncfft / 2; ++k) {
kiss_fft_cpx fk, fnkc, fek, fok, tmp;
fk = freqdata[k];
fnkc.r = freqdata[ncfft - k].r;
fnkc.i = -freqdata[ncfft - k].i;
C_FIXDIV( fk , 2 );
C_FIXDIV( fnkc , 2 );
C_ADD (fek, fk, fnkc);
C_SUB (tmp, fk, fnkc);
C_MUL (fok, tmp, st->super_twiddles[k-1]);
C_ADD (st->tmpbuf[k], fek, fok);
C_SUB (st->tmpbuf[ncfft - k], fek, fok);
#ifdef USE_SIMD
st->tmpbuf[ncfft - k].i *= _mm_set1_ps(-1.0);
#else
st->tmpbuf[ncfft - k].i *= -1;
#endif
}
kiss_fft (st->substate, st->tmpbuf, (kiss_fft_cpx *) timedata);
}

46
external/ruby-kissfft/ext/kissfft/kiss_fftr.h vendored
View File

@ -1,46 +0,0 @@
#ifndef KISS_FTR_H
#define KISS_FTR_H
#include "kiss_fft.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
Real optimized version can save about 45% cpu time vs. complex fft of a real seq.
*/
typedef struct kiss_fftr_state *kiss_fftr_cfg;
kiss_fftr_cfg kiss_fftr_alloc(int nfft,int inverse_fft,void * mem, size_t * lenmem);
/*
nfft must be even
If you don't care to allocate space, use mem = lenmem = NULL
*/
void kiss_fftr(kiss_fftr_cfg cfg,const kiss_fft_scalar *timedata,kiss_fft_cpx *freqdata);
/*
input timedata has nfft scalar points
output freqdata has nfft/2+1 complex points
*/
void kiss_fftri(kiss_fftr_cfg cfg,const kiss_fft_cpx *freqdata,kiss_fft_scalar *timedata);
/*
input freqdata has nfft/2+1 complex points
output timedata has nfft scalar points
*/
#define kiss_fftr_free free
#ifdef __cplusplus
}
#endif
#endif

155
external/ruby-kissfft/ext/kissfft/main.c vendored
View File

@ -1,155 +0,0 @@
/*
ruby-kissfft: a simple ruby module embedding the Kiss FFT library
Copyright (C) 2009-2010 Rapid7, Inc - H D Moore <hdm[at]metasploit.com>
Derived from "psdpng.c" from the KissFFT tools directory
Copyright (C) 2003-2006 Mark Borgerding
*/
#include "ruby.h"
#include <stdlib.h>
#include <math.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "kiss_fft.h"
#include "kiss_fftr.h"
static VALUE rb_cKissFFT;
#define KISS_VERSION "1.2.8-1.0"
static VALUE
rbkiss_s_version(VALUE class)
{
return rb_str_new2(KISS_VERSION);
}
#define CHECKNULL(p) if ( (p)==NULL ) do { fprintf(stderr,"CHECKNULL failed @ %s(%d): %s\n",__FILE__,__LINE__,#p );exit(1);} while(0)
static VALUE
rbkiss_s_fftr(VALUE class, VALUE r_nfft, VALUE r_rate, VALUE r_buckets, VALUE r_data)
{
kiss_fftr_cfg cfg=NULL;
kiss_fft_scalar *tbuf;
kiss_fft_cpx *fbuf;
float *mag2buf;
int i;
int avgctr=0;
int nrows=0;
int nfft;
int rate;
int navg;
int nfreqs;
int inp_len;
int inp_idx;
// Result set
VALUE res;
VALUE tmp;
VALUE set;
res = rb_ary_new();
if(TYPE(r_nfft) != T_FIXNUM) {
return Qnil;
}
nfft=NUM2INT(r_nfft);
if(TYPE(r_rate) != T_FIXNUM) {
return Qnil;
}
rate=NUM2INT(r_rate);
if(TYPE(r_buckets) != T_FIXNUM) {
return Qnil;
}
navg=NUM2INT(r_buckets);
if(TYPE(r_data) != T_ARRAY) {
return Qnil;
}
if(RARRAY_LEN(r_data) == 0) {
return Qnil;
}
if(TYPE(RARRAY_PTR(r_data)[0]) != T_FIXNUM ) {
return Qnil;
}
nfreqs=nfft/2+1;
CHECKNULL( cfg=kiss_fftr_alloc(nfft,0,0,0) );
CHECKNULL( tbuf=(kiss_fft_scalar*)malloc(sizeof(kiss_fft_scalar)*(nfft + 2) ) );
CHECKNULL( fbuf=(kiss_fft_cpx*)malloc(sizeof(kiss_fft_cpx)*(nfft + 2)) );
CHECKNULL( mag2buf=(float*)malloc(sizeof(float)*(nfft + 2) ));
memset(mag2buf,0,sizeof(mag2buf)*nfreqs);
inp_len = RARRAY_LEN(r_data);
inp_idx = 0;
while(inp_idx < inp_len) {
// Fill tbuf with nfft samples
for(i=0;i<nfft;i++) {
if(inp_idx + i >= inp_len) {
tbuf[i] = 0;
} else {
if(TYPE(RARRAY_PTR(r_data)[ inp_idx + i ]) != T_FIXNUM) {
tbuf[i] = 0;
} else {
tbuf[i] = NUM2INT( RARRAY_PTR(r_data)[ inp_idx + i ] );
}
}
}
/* do FFT */
kiss_fftr(cfg,tbuf,fbuf);
for (i=0;i<nfreqs;++i) {
mag2buf[i] += fbuf[i].r * fbuf[i].r + fbuf[i].i * fbuf[i].i;
}
if (++avgctr == navg) {
float eps = 1;
avgctr=0;
++nrows;
// RESULTS
set = rb_ary_new();
for (i=0;i<nfreqs;++i) {
float pwr = 10 * log10( mag2buf[i] / navg + eps );
tmp = rb_ary_new();
rb_ary_push(tmp, rb_float_new( (float)i * ( ( (float)rate / 2) / (float)nfreqs) ));
rb_ary_push(tmp, rb_float_new( pwr));
rb_ary_push(set, tmp);
}
rb_ary_push(res, set);
memset(mag2buf,0,sizeof(mag2buf[0])*nfreqs);
}
inp_idx += nfft;
}
free(cfg);
free(tbuf);
free(fbuf);
free(mag2buf);
return(res);
}
void
Init_kissfft()
{
// KissFFT
rb_cKissFFT = rb_define_class("KissFFT", rb_cObject);
rb_define_module_function(rb_cKissFFT, "version", rbkiss_s_version, 0);
rb_define_module_function(rb_cKissFFT, "fftr", rbkiss_s_fftr, 4);
}

16
external/ruby-kissfft/kissfft.gemspec vendored
View File

@ -1,16 +0,0 @@
# -*- encoding: utf-8 -*-
Gem::Specification.new do |s|
s.name = "kissfft"
s.version = "0.0.1"
s.authors = ["HD Moore"]
s.email = ["hdm@rapid7.com"]
s.homepage = ""
s.summary = %q{Ruby wrapper around the KisFFT library for performing FFTs}
s.description = %q{Provides access to the KissFFT library for performing fast-fourier transforms from Ruby }
s.files = Dir.glob('lib/**/*.rb') + Dir.glob('ext/**/*.{c,h,rb}') + [ "LICENSE" ]
s.test_files = Dir.glob('test/**/*.{rb,data}')
s.extensions = [ 'ext/kissfft/extconf.rb' ]
s.require_paths = ["lib"]
end

BIN
external/ruby-kissfft/tests/sample.data vendored
View File

Binary file not shown.

47
external/ruby-kissfft/tests/test_kissfft.rb vendored
View File

@ -1,47 +0,0 @@
#!/usr/bin/ruby
base = File.symlink?(__FILE__) ? File.readlink(__FILE__) : __FILE__
$:.unshift(File.join(File.dirname(base)))
require 'test/unit'
require 'kissfft'
require 'pp'
#
# Simple unit test
#
class KissFFT::UnitTest < Test::Unit::TestCase
def test_version
assert_equal(String, KissFFT.version.class)
puts "KissFFT version: #{KissFFT.version}"
end
def test_fftr
data = File.read('sample.data').unpack('s*')
min = 1
res = KissFFT.fftr(8192, 8000, 1, data)
tones = {}
res.each do |x|
rank = x.sort{|a,b| a[1].to_i <=> b[1].to_i }.reverse
rank[0..10].each do |t|
f = t[0].round
p = t[1].round
next if f == 0
next if p < min
tones[ f ] ||= []
tones[ f ] << t
end
end
tones.keys.sort.each do |t|
next if tones[t].length < 2
puts "#{t}hz"
tones[t].each do |x|
puts "\t#{x[0]}hz @ #{x[1]}"
end
end
end
end

4
features/commands/help.feature
View File

@ -12,6 +12,7 @@ Feature: Help command
Command Description
------- -----------
? Help menu
advanced Displays advanced options for one or more modules
back Move back from the current context
banner Display an awesome metasploit banner
cd Change the current working directory
@ -24,13 +25,14 @@ Feature: Help command
go_pro Launch Metasploit web GUI
grep Grep the output of another command
help Help menu
info Displays information about one or more module
info Displays information about one or more modules
irb Drop into irb scripting mode
jobs Displays and manages jobs
kill Kill a job
load Load a framework plugin
loadpath Searches for and loads modules from a path
makerc Save commands entered since start to a file
options Displays global options or for one or more modules
popm Pops the latest module off the stack and makes it active
previous Sets the previously loaded module as the current module
pushm Pushes the active or list of modules onto the module stack

4
lib/metasploit/framework/spec/untested_payloads.rb
View File

@ -44,7 +44,7 @@ module Metasploit
untested_payloads_pathname = Pathname.new 'log/untested-payloads.log'
if untested_payloads_pathname.exist?
tool_path = 'tools/missing_payload_tests.rb'
tool_path = 'tools/modules/missing_payload_tests.rb'
$stderr.puts "Untested payload detected. Running `#{tool_path}` to see contexts to add to " \
"`spec/modules/payloads_spec.rb` to test those payload ancestor reference names."
@ -58,4 +58,4 @@ module Metasploit
end
end
end
end
end

9
lib/metasploit/framework/version.rb
View File

@ -30,14 +30,13 @@ module Metasploit
end
end
MAJOR = 4
MINOR = 11
PATCH = 4
VERSION = "4.11.5"
MAJOR, MINOR, PATCH = VERSION.split('.').map { |x| x.to_i }
PRERELEASE = 'dev'
HASH = get_hash
end
VERSION = "#{Version::MAJOR}.#{Version::MINOR}.#{Version::PATCH}-#{Version::PRERELEASE}#{Version::HASH}"
GEM_VERSION = "#{Version::MAJOR}.#{Version::MINOR}.#{Version::PATCH}"
VERSION = "#{Version::VERSION}-#{Version::PRERELEASE}#{Version::HASH}"
GEM_VERSION = "#{Version::VERSION}"
end
end

18
lib/msf/base/serializer/readable_text.rb
View File

@ -638,13 +638,10 @@ class ReadableText
# @param col [Integer] the column wrap width.
# @return [String] the formatted list of running jobs.
def self.dump_jobs(framework, verbose = false, indent = DefaultIndent, col = DefaultColumnWrap)
columns = [ 'Id', 'Name' ]
columns = [ 'Id', 'Name', "Payload", "LPORT" ]
if (verbose)
columns << "Payload"
columns << "LPORT"
columns << "URIPATH"
columns << "Start Time"
columns += [ "URIPATH", "Start Time" ]
end
tbl = Rex::Ui::Text::Table.new(
@ -653,16 +650,19 @@ class ReadableText
'Columns' => columns
)
# jobs are stored as a hash with the keys being a numeric job_id.
framework.jobs.keys.sort{|a,b| a.to_i <=> b.to_i }.each { |k|
# Job context is stored as an Array with the 0th element being
# the running module. If that module is an exploit, ctx will also
# contain its payload.
ctx = framework.jobs[k].ctx
row = [ k, framework.jobs[k].name ]
row << (ctx[1].nil? ? (ctx[0].datastore['PAYLOAD'] || "") : ctx[1].refname)
row << (ctx[0].datastore['LPORT'] || "")
if (verbose)
ctx = framework.jobs[k].ctx
uripath = ctx[0].get_resource if ctx[0].respond_to?(:get_resource)
uripath = ctx[0].datastore['URIPATH'] if uripath.nil?
row << (ctx[1].nil? ? (ctx[0].datastore['PAYLOAD'] || "") : ctx[1].refname)
row << (ctx[0].datastore['LPORT'] || "")
row << (uripath || "")
row << (framework.jobs[k].start_time || "")
end

149
lib/msf/base/sessions/mainframe_shell.rb Normal file
View File

@ -0,0 +1,149 @@
# -*- coding: binary -*-
require 'msf/base/sessions/command_shell'
module Msf::Sessions
###
#
# This class provides basic interaction with a Unix Systems Service
# command shell on a mainframe (IBM System Z) running Z/OS
# This session is initialized with a stream that will be used
# as the pipe for reading and writing the command shell.
#
# Date: Oct 8, 2015
# Author: Bigendian Smalls
#
###
class MainframeShell < Msf::Sessions::CommandShell
#
# This interface supports basic interaction.
#
include Msf::Session::Basic
#
# This interface supports interacting with a single command shell.
#
include Msf::Session::Provider::SingleCommandShell
##
#
# initialize as mf shell session
#
def initialize(*args)
self.platform = "mainframe"
self.arch = "zarch"
self.translate_1047 = true
super
end
##
#
# Returns the session description.
#
def desc
"Mainframe shell"
end
##
#
# override shell_read to include decode of cp1047
#
def shell_read(length=-1, timeout=1)
#mfimpl
if self.respond_to?(:ring)
return Rex::Text.from_ibm1047(shell_read_ring(length,timeout))
end
begin
rv = Rex::Text.from_ibm1047(rstream.get_once(length, timeout))
framework.events.on_session_output(self, rv) if rv
return rv
rescue ::Rex::SocketError, ::EOFError, ::IOError, ::Errno::EPIPE => e
shell_close
raise e
end
end
##
#
# override shell_write to include encode of cp1047
#
def shell_write(buf)
#mfimpl
return unless buf
begin
framework.events.on_session_command(self, buf.strip)
rstream.write(Rex::Text.to_ibm1047(buf))
rescue ::Rex::SocketError, ::EOFError, ::IOError, ::Errno::EPIPE => e
shell_close
raise e
end
end
def execute_file(full_path, args)
#mfimpl
raise NotImplementedError
end
# need to do more testing on this before we either use the default in command_shell
# or write a new one. For now we just make it unavailble. This prevents a hang on
# initial session creation. See PR#6067
undef_method :process_autoruns
def desc
"Mainframe USS session"
end
attr_accessor :translate_1047 # tells the session whether or not to translate
# ebcdic (cp1047) <-> ASCII for certain mainframe payloads
# this will be used in post modules to be able to switch on/off the
# translation on file transfers, for instance
protected
##
#
# _interact_ring overridden to include decoding of cp1047 data
#
def _interact_ring
begin
rdr = framework.threads.spawn("RingMonitor", false) do
seq = nil
while self.interacting
# Look for any pending data from the remote ring
nseq,data = ring.read_data(seq)
# Update the sequence number if necessary
seq = nseq || seq
# Write output to the local stream if successful
user_output.print(Rex::Text.from_ibm1047(data)) if data
begin
# Wait for new data to arrive on this session
ring.wait(seq)
rescue EOFError => e
print_error("EOFError: #{e.class}: #{e}")
break
end
end
end
while self.interacting
# Look for any pending input or errors from the local stream
sd = Rex::ThreadSafe.select([ _local_fd ], nil, [_local_fd], 5.0)
# Write input to the ring's input mechanism
shell_write(user_input.gets) if sd
end
ensure
rdr.kill
end
end
end
end

5
lib/msf/core.rb
View File

@ -67,11 +67,6 @@ require 'msf/core/nop'
require 'msf/core/payload'
require 'msf/core/post'
# Custom HTTP Modules
require 'msf/http/wordpress'
require 'msf/http/typo3'
require 'msf/http/jboss'
# Drivers
require 'msf/core/exploit_driver'

8
lib/msf/core/encoded_payload.rb
View File

@ -342,14 +342,18 @@ class EncodedPayload
self.nop_sled = nop.generate_sled(self.nop_sled_size,
'BadChars' => reqs['BadChars'],
'SaveRegisters' => save_regs)
if nop_sled && nop_sled.length == nop_sled_size
break
else
dlog("#{pinst.refname}: Nop generator #{nop.refname} failed to generate sled for payload", 'core', LEV_1)
end
rescue
dlog("#{pinst.refname}: Nop generator #{nop.refname} failed to generate sled for payload: #{$!}",
'core', LEV_1)
self.nop = nil
end
break
}
if (self.nop_sled == nil)

8
lib/msf/core/exploit.rb
View File

@ -1034,12 +1034,16 @@ class Exploit < Msf::Module
nop_sled = nop.generate_sled(count,
'BadChars' => payload_badchars || '',
'SaveRegisters' => save_regs)
if nop_sled && nop_sled.length == count
break
else
wlog("#{self.refname}: Nop generator #{nop.refname} failed to generate sled for exploit", 'core', LEV_0)
end
rescue
wlog("#{self.refname}: Nop generator #{nop.refname} failed to generate sled for exploit: #{$!}",
'core', LEV_0)
end
break
}
nop_sled

36
lib/msf/core/exploit/http/jboss.rb Normal file
View File

@ -0,0 +1,36 @@
# -*- coding: binary -*-
module Msf
class Exploit
class Remote
module HTTP
# This module provides a way of interacting with JBoss installations
module JBoss
require 'msf/core/exploit/http/jboss/base'
require 'msf/core/exploit/http/jboss/bean_shell'
require 'msf/core/exploit/http/jboss/bean_shell_scripts'
require 'msf/core/exploit/http/jboss/deployment_file_repository'
require 'msf/core/exploit/http/jboss/deployment_file_repository_scripts'
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::Remote::HTTP::JBoss::Base
include Msf::Exploit::Remote::HTTP::JBoss::BeanShell
include Msf::Exploit::Remote::HTTP::JBoss::BeanShellScripts
include Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepository
include Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepositoryScripts
def initialize(info = {})
super
register_options(
[
OptString.new('TARGETURI', [true, 'The URI path of the JMX console', '/jmx-console']),
OptEnum.new('VERB', [true, 'HTTP Method to use (for CVE-2010-0738)', 'POST', ['GET', 'POST', 'HEAD']]),
OptString.new('PACKAGE', [false, 'The package containing the BSHDeployer service'])
], Msf::Exploit::Remote::HTTP::JBoss)
end
end
end
end
end
end

2
lib/msf/http/jboss/base.rb → lib/msf/core/exploit/http/jboss/base.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::JBoss::Base
module Msf::Exploit::Remote::HTTP::JBoss::Base
# Deploys a WAR through HTTP uri invoke
#

2
lib/msf/http/jboss/bean_shell.rb → lib/msf/core/exploit/http/jboss/bean_shell.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::JBoss::BeanShell
module Msf::Exploit::Remote::HTTP::JBoss::BeanShell
DEFAULT_PACKAGES = %w{ deployer scripts }

2
lib/msf/http/jboss/bean_shell_scripts.rb → lib/msf/core/exploit/http/jboss/bean_shell_scripts.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::JBoss::BeanShellScripts
module Msf::Exploit::Remote::HTTP::JBoss::BeanShellScripts
# Generates a Bean Shell Script.
#

2
lib/msf/http/jboss/deployment_file_repository.rb → lib/msf/core/exploit/http/jboss/deployment_file_repository.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::JBoss::DeploymentFileRepository
module Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepository
# Upload a text file with DeploymentFileRepository.store()
#

2
lib/msf/http/jboss/deployment_file_repository_scripts.rb → lib/msf/core/exploit/http/jboss/deployment_file_repository_scripts.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::JBoss::DeploymentFileRepositoryScripts
module Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepositoryScripts
# Generate a stager JSP to write the second stager to the
# deploy/management directory. It is only used with HEAD/GET requests

29
lib/msf/core/exploit/http/typo3.rb Normal file
View File

@ -0,0 +1,29 @@
# -*- coding: binary -*-
module Msf
class Exploit
class Remote
module HTTP
# This module provides a way of interacting with typo3 installations
module Typo3
require 'msf/core/exploit/http/typo3/login'
require 'msf/core/exploit/http/typo3/uris'
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::Remote::HTTP::Typo3::Login
include Msf::Exploit::Remote::HTTP::Typo3::URIs
def initialize(info = {})
super
register_options(
[
Msf::OptString.new('TARGETURI', [true, 'The base path to the typo3 application', '/']),
], Msf::Exploit::Remote::HTTP::Typo3
)
end
end
end
end
end
end

2
lib/msf/http/typo3/login.rb → lib/msf/core/exploit/http/typo3/login.rb
View File

@ -1,5 +1,5 @@
# -*- coding: binary -*-
module Msf::HTTP::Typo3::Login
module Msf::Exploit::Remote::HTTP::Typo3::Login
# performs a typo3 backend login
#

2
lib/msf/http/typo3/uris.rb → lib/msf/core/exploit/http/typo3/uris.rb
View File

@ -1,5 +1,5 @@
# -*- coding: binary -*-
module Msf::HTTP::Typo3::URIs
module Msf::Exploit::Remote::HTTP::Typo3::URIs
# Returns the Typo3 Login URL
#

53
lib/msf/core/exploit/http/wordpress.rb Normal file
View File

@ -0,0 +1,53 @@
# -*- coding: binary -*-
module Msf
class Exploit
class Remote
module HTTP
# This module provides a way of interacting with wordpress installations
module Wordpress
require 'msf/core/exploit/http/wordpress/admin'
require 'msf/core/exploit/http/wordpress/base'
require 'msf/core/exploit/http/wordpress/helpers'
require 'msf/core/exploit/http/wordpress/login'
require 'msf/core/exploit/http/wordpress/posts'
require 'msf/core/exploit/http/wordpress/uris'
require 'msf/core/exploit/http/wordpress/users'
require 'msf/core/exploit/http/wordpress/version'
require 'msf/core/exploit/http/wordpress/xml_rpc'
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::Remote::HTTP::Wordpress::Admin
include Msf::Exploit::Remote::HTTP::Wordpress::Base
include Msf::Exploit::Remote::HTTP::Wordpress::Helpers
include Msf::Exploit::Remote::HTTP::Wordpress::Login
include Msf::Exploit::Remote::HTTP::Wordpress::Posts
include Msf::Exploit::Remote::HTTP::Wordpress::URIs
include Msf::Exploit::Remote::HTTP::Wordpress::Users
include Msf::Exploit::Remote::HTTP::Wordpress::Version
include Msf::Exploit::Remote::HTTP::Wordpress::XmlRpc
def initialize(info = {})
super
register_options(
[
Msf::OptString.new('TARGETURI', [true, 'The base path to the wordpress application', '/'])
], Msf::Exploit::Remote::HTTP::Wordpress
)
register_advanced_options(
[
Msf::OptString.new('WPCONTENTDIR', [true, 'The name of the wp-content directory', 'wp-content'])
], Msf::Exploit::Remote::HTTP::Wordpress
)
end
def wp_content_dir
datastore['WPCONTENTDIR']
end
end
end
end
end
end

2
lib/msf/http/wordpress/admin.rb → lib/msf/core/exploit/http/wordpress/admin.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Admin
module Msf::Exploit::Remote::HTTP::Wordpress::Admin
# Uploads a plugin using a valid admin session.
#
# @param name [String] The name of the plugin

2
lib/msf/http/wordpress/base.rb → lib/msf/core/exploit/http/wordpress/base.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Base
module Msf::Exploit::Remote::HTTP::Wordpress::Base
# Checks if the site is online and running wordpress
#
# @return [Rex::Proto::Http::Response,nil] Returns the HTTP response if the site is online and running wordpress, nil otherwise

2
lib/msf/http/wordpress/helpers.rb → lib/msf/core/exploit/http/wordpress/helpers.rb
View File

@ -1,5 +1,5 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Helpers
module Msf::Exploit::Remote::HTTP::Wordpress::Helpers
# Helper methods are private and should not be called by modules
private

2
lib/msf/http/wordpress/login.rb → lib/msf/core/exploit/http/wordpress/login.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Login
module Msf::Exploit::Remote::HTTP::Wordpress::Login
# performs a wordpress login
#
# @param user [String] Username

2
lib/msf/http/wordpress/posts.rb → lib/msf/core/exploit/http/wordpress/posts.rb
View File

@ -1,5 +1,5 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Posts
module Msf::Exploit::Remote::HTTP::Wordpress::Posts
# Posts a comment as an authenticated user
#

2
lib/msf/http/wordpress/uris.rb → lib/msf/core/exploit/http/wordpress/uris.rb
View File

@ -1,5 +1,5 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::URIs
module Msf::Exploit::Remote::HTTP::Wordpress::URIs
# Returns the Wordpress Login URL
#

2
lib/msf/http/wordpress/users.rb → lib/msf/core/exploit/http/wordpress/users.rb
View File

@ -1,5 +1,5 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Users
module Msf::Exploit::Remote::HTTP::Wordpress::Users
# Checks if the given user exists
#

2
lib/msf/http/wordpress/version.rb → lib/msf/core/exploit/http/wordpress/version.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::Version
module Msf::Exploit::Remote::HTTP::Wordpress::Version
# Used to check if the version is correct: must contain at least one dot
WORDPRESS_VERSION_PATTERN = '([^\r\n"\']+\.[^\r\n"\']+)'

2
lib/msf/http/wordpress/xml_rpc.rb → lib/msf/core/exploit/http/wordpress/xml_rpc.rb
View File

@ -1,6 +1,6 @@
# -*- coding: binary -*-
module Msf::HTTP::Wordpress::XmlRpc
module Msf::Exploit::Remote::HTTP::Wordpress::XmlRpc
# Determines if the XMLRPC interface is enabled by sending a demo.sayHello request
#

5
lib/msf/core/exploit/mixins.rb
View File

@ -106,5 +106,10 @@ require 'msf/core/exploit/android'
require 'msf/core/exploit/remote/browser_exploit_server'
require 'msf/core/exploit/browser_autopwn2'
# Custom HTTP Modules
require 'msf/core/exploit/http/wordpress'
require 'msf/core/exploit/http/typo3'
require 'msf/core/exploit/http/jboss'
# Kerberos Support
require 'msf/core/exploit/kerberos/client'

13
lib/msf/core/exploit/smtp_deliver.rb
View File

@ -146,14 +146,15 @@ module Exploit::Remote::SMTPDeliver
# If the user supplied a Date field, use that, else use the current
# DateTime in the proper RFC2822 format.
if datastore['DATE'].present?
raw_send_recv("Date: #{datastore['DATE']}\r\n", nsock)
date = "Date: #{datastore['DATE']}\r\n"
else
raw_send_recv("Date: #{DateTime.now.rfc2822}\r\n", nsock)
date = "Date: #{DateTime.now.rfc2822}\r\n"
end
# If the user supplied a Subject field, use that
subject = nil
if datastore['SUBJECT'].present?
raw_send_recv("Subject: #{datastore['SUBJECT']}\r\n", nsock)
subject = "Subject: #{datastore['SUBJECT']}\r\n"
end
# Avoid sending tons of data and killing the connection if the server
@ -161,7 +162,11 @@ module Exploit::Remote::SMTPDeliver
if not resp or not resp[0,3] == '354'
print_error("Server refused our mail")
else
send_status = raw_send_recv("#{data}\r\n.\r\n", nsock)
full_msg = ''
full_msg << date
full_msg << subject unless subject.nil?
full_msg << data
send_status = raw_send_recv("#{full_msg}\r\n.\r\n", nsock)
end
if not already_connected

4
lib/msf/core/handler/reverse_http.rb
View File

@ -351,7 +351,9 @@ protected
# we don't get new ones generated.
blob = obj.stage_payload(
uuid: uuid,
uri: conn_id
uri: conn_id,
lhost: datastore['OverrideRequestHost'] ? datastore['OverrideLHOST'] : (req && req.headers && req.headers['Host']) ? req.headers['Host'] : datastore['LHOST'],
lport: datastore['OverrideRequestHost'] ? datastore['OverrideLPORT'] : datastore['LPORT']
)
resp.body = encode_stage(blob)

73
lib/msf/core/payload/python/meterpreter_loader.rb Normal file
View File

@ -0,0 +1,73 @@
# -*- coding: binary -*-
require 'msf/core'
require 'msf/base/sessions/meterpreter_options'
require 'msf/core/payload/uuid/options'
module Msf
###
#
# Common module stub for ARCH_PYTHON payloads that make use of Meterpreter.
#
###
module Payload::Python::MeterpreterLoader
include Msf::Payload::UUID::Options
include Msf::Sessions::MeterpreterOptions
def initialize(info = {})
super(update_info(info,
'Name' => 'Meterpreter & Configuration',
'Description' => 'Run Meterpreter & the configuration stub',
'Author' => [ 'Spencer McIntyre' ],
'Platform' => 'python',
'Arch' => ARCH_PYTHON,
'Stager' => {'Payload' => ""}
))
register_advanced_options([
OptBool.new('PythonMeterpreterDebug', [ true, 'Enable debugging for the Python meterpreter', false ])
], self.class)
end
# Get the raw Python Meterpreter stage and patch in values based on the
# configuration
#
# @param opts [Hash] The options to use for patching the stage data.
# @option opts [String] :stageless_tcp_socket_setup Python code to execute to
# setup a tcp socket to allow use of the stage as a stageless payload.
# @option opts [String] :uuid A specific UUID to use for sessions created by
# this stage.
def stage_meterpreter(opts={})
met = MetasploitPayloads.read('meterpreter', 'meterpreter.py')
if datastore['PythonMeterpreterDebug']
met = met.sub("DEBUGGING = False", "DEBUGGING = True")
end
met.sub!('SESSION_EXPIRATION_TIMEOUT = 604800', "SESSION_EXPIRATION_TIMEOUT = #{datastore['SessionExpirationTimeout']}")
met.sub!('SESSION_COMMUNICATION_TIMEOUT = 300', "SESSION_COMMUNICATION_TIMEOUT = #{datastore['SessionCommunicationTimeout']}")
met.sub!('SESSION_RETRY_TOTAL = 3600', "SESSION_RETRY_TOTAL = #{datastore['SessionRetryTotal']}")
met.sub!('SESSION_RETRY_WAIT = 10', "SESSION_RETRY_WAIT = #{datastore['SessionRetryWait']}")
uuid = opts[:uuid] || generate_payload_uuid
uuid = Rex::Text.to_hex(uuid.to_raw, prefix = '')
met.sub!("PAYLOAD_UUID = \'\'", "PAYLOAD_UUID = \'#{uuid}\'")
# patch in any optional stageless tcp socket setup
unless opts[:stageless_tcp_socket_setup].nil?
socket_setup = opts[:stageless_tcp_socket_setup]
socket_setup = socket_setup.split("\n")
socket_setup.map! {|line| "\t\t#{line}\n"}
socket_setup = socket_setup.join
met.sub!("\t\t# PATCH-SETUP-STAGELESS-TCP-SOCKET #", socket_setup)
end
met
end
end
end

4
lib/msf/core/payload/transport_config.rb
View File

@ -55,8 +55,8 @@ module Msf::Payload::TransportConfig
{
:scheme => 'http',
:lhost => datastore['LHOST'],
:lport => datastore['LPORT'].to_i,
:lhost => opts[:lhost],
:lport => opts[:lport].to_i,
:uri => uri,
:comm_timeout => datastore['SessionCommunicationTimeout'].to_i,
:retry_total => datastore['SessionRetryTotal'].to_i,

54
lib/msf/core/post/windows/registry.rb
View File

@ -145,6 +145,19 @@ module Registry
end
end
# Checks if a key exists on the target registry
#
# @param key [String] the full path of the key to check
# @return [Boolean] true if the key exists on the target registry, false otherwise
# (also in case of error)
def registry_key_exist?(key)
if session_has_registry_ext
meterpreter_registry_key_exist?(key)
else
shell_registry_key_exist?(key)
end
end
protected
#
@ -310,6 +323,26 @@ protected
shell_registry_cmd_result("add /f \"#{key}\" /v \"#{valname}\" /t \"#{type}\" /d \"#{data}\" /f", view)
end
# Checks if a key exists on the target registry using a shell session
#
# @param key [String] the full path of the key to check
# @return [Boolean] true if the key exists on the target registry, false otherwise,
# even if case of error (invalid arguments) or the session hasn't permission to
# access the key
def shell_registry_key_exist?(key)
begin
key = normalize_key(key)
rescue ArgumentError
return false
end
results = shell_registry_cmd("query \"#{key}\"")
if results =~ /ERROR: /i
return false
else
return true
end
end
##
# Meterpreter-specific registry manipulation methods
@ -515,6 +548,27 @@ protected
end
end
# Checks if a key exists on the target registry using a meterpreter session
#
# @param key [String] the full path of the key to check
# @return [Boolean] true if the key exists on the target registry, false otherwise
# (also in case of error)
def meterpreter_registry_key_exist?(key)
begin
root_key, base_key = session.sys.registry.splitkey(key)
rescue ArgumentError
return false
end
begin
check = session.sys.registry.check_key_exists(root_key, base_key)
rescue Rex::Post::Meterpreter::RequestError, TimesoutError
return false
end
check
end
#
# Normalize the supplied full registry key string so the root key is sane. For
# instance, passing "HKLM\Software\Dog" will return 'HKEY_LOCAL_MACHINE\Software\Dog'

4
lib/msf/core/post_mixin.rb
View File

@ -82,6 +82,10 @@ module Msf::PostMixin
@session
end
def session_display_info
"Session: #{session.sid} (#{session.session_host})"
end
alias :client :session
#

6
lib/msf/core/rpc/v10/rpc_session.rb
View File

@ -481,15 +481,17 @@ private
def _valid_session(sid,type)
s = self.framework.sessions[sid.to_i]
if(not s)
error(500, "Unknown Session ID")
error(500, "Unknown Session ID #{sid}")
end
if type == "ring"
if not s.respond_to?(:ring)
error(500, "Session #{s.type} does not support ring operations")
end
elsif (s.type != type)
elsif (type == 'meterpreter' && s.type != type) ||
(type == 'shell' && s.type == 'meterpreter')
error(500, "Session is not of type " + type)
end
s

33
lib/msf/http/jboss.rb
View File

@ -1,33 +0,0 @@
# -*- coding: binary -*-
# This module provides a way of interacting with JBoss installations
module Msf
module HTTP
module JBoss
require 'msf/http/jboss/base'
require 'msf/http/jboss/bean_shell'
require 'msf/http/jboss/bean_shell_scripts'
require 'msf/http/jboss/deployment_file_repository'
require 'msf/http/jboss/deployment_file_repository_scripts'
include Msf::Exploit::Remote::HttpClient
include Msf::HTTP::JBoss::Base
include Msf::HTTP::JBoss::BeanShell
include Msf::HTTP::JBoss::BeanShellScripts
include Msf::HTTP::JBoss::DeploymentFileRepository
include Msf::HTTP::JBoss::DeploymentFileRepositoryScripts
def initialize(info = {})
super
register_options(
[
OptString.new('TARGETURI', [true, 'The URI path of the JMX console', '/jmx-console']),
OptEnum.new('VERB', [true, 'HTTP Method to use (for CVE-2010-0738)', 'POST', ['GET', 'POST', 'HEAD']]),
OptString.new('PACKAGE', [false, 'The package containing the BSHDeployer service'])
], self.class)
end
end
end
end

25
lib/msf/http/typo3.rb
View File

@ -1,25 +0,0 @@
# -*- coding: binary -*-
# This module provides a way of interacting with typo3 installations
module Msf
module HTTP
module Typo3
require 'msf/http/typo3/login'
require 'msf/http/typo3/uris'
include Msf::Exploit::Remote::HttpClient
include Msf::HTTP::Typo3::Login
include Msf::HTTP::Typo3::URIs
def initialize(info = {})
super
register_options(
[
Msf::OptString.new('TARGETURI', [true, 'The base path to the typo3 application', '/']),
], HTTP::Typo3
)
end
end
end
end

49
lib/msf/http/wordpress.rb
View File

@ -1,49 +0,0 @@
# -*- coding: binary -*-
# This module provides a way of interacting with wordpress installations
module Msf
module HTTP
module Wordpress
require 'msf/http/wordpress/admin'
require 'msf/http/wordpress/base'
require 'msf/http/wordpress/helpers'
require 'msf/http/wordpress/login'
require 'msf/http/wordpress/posts'
require 'msf/http/wordpress/uris'
require 'msf/http/wordpress/users'
require 'msf/http/wordpress/version'
require 'msf/http/wordpress/xml_rpc'
include Msf::Exploit::Remote::HttpClient
include Msf::HTTP::Wordpress::Admin
include Msf::HTTP::Wordpress::Base
include Msf::HTTP::Wordpress::Helpers
include Msf::HTTP::Wordpress::Login
include Msf::HTTP::Wordpress::Posts
include Msf::HTTP::Wordpress::URIs
include Msf::HTTP::Wordpress::Users
include Msf::HTTP::Wordpress::Version
include Msf::HTTP::Wordpress::XmlRpc
def initialize(info = {})
super
register_options(
[
Msf::OptString.new('TARGETURI', [true, 'The base path to the wordpress application', '/'])
], HTTP::Wordpress
)
register_advanced_options(
[
Msf::OptString.new('WPCONTENTDIR', [true, 'The name of the wp-content directory', 'wp-content'])
], HTTP::Wordpress
)
end
def wp_content_dir
datastore['WPCONTENTDIR']
end
end
end
end

99
lib/msf/ui/console/command_dispatcher/core.rb
View File

@ -123,7 +123,9 @@ class Core
"go_pro" => "Launch Metasploit web GUI",
"grep" => "Grep the output of another command",
"help" => "Help menu",
"info" => "Displays information about one or more module",
"advanced" => "Displays advanced options for one or more modules",
"info" => "Displays information about one or more modules",
"options" => "Displays global options or for one or more modules",
"irb" => "Drop into irb scripting mode",
"jobs" => "Displays and manages jobs",
"rename_job" => "Rename a job",
@ -712,6 +714,36 @@ class Core
Rex::ThreadSafe.sleep(args[0].to_f)
end
def cmd_advanced_help
print_line 'Usage: advanced [mod1 mod2 ...]'
print_line
print_line 'Queries the supplied module or modules for advanced options. If no module is given,'
print_line 'show advanced options for the currently active module.'
print_line
end
def cmd_advanced(*args)
if args.empty?
if (active_module)
show_advanced_options(active_module)
return true
else
print_error('No module active')
return false
end
end
args.each { |name|
mod = framework.modules.create(name)
if (mod == nil)
print_error("Invalid module: #{name}")
else
show_advanced_options(mod)
end
}
end
def cmd_info_help
print_line "Usage: info <module name> [mod2 mod3 ...]"
print_line
@ -748,17 +780,66 @@ class Core
}
end
def cmd_options_help
print_line 'Usage: options [mod1 mod2 ...]'
print_line
print_line 'Queries the supplied module or modules for options. If no module is given,'
print_line 'show options for the currently active module.'
print_line
end
def cmd_options(*args)
if args.empty?
if (active_module)
show_options(active_module)
return true
else
show_global_options
return true
end
end
args.each { |name|
mod = framework.modules.create(name)
if (mod == nil)
print_error("Invalid module: #{name}")
else
show_options(mod)
end
}
end
#
# Tab completion for the info command (same as use)
# Tab completion for the advanced command (same as use)
#
# @param str [String] the string currently being typed before tab was hit
# @param words [Array<String>] the previously completed words on the command line. words is always
# at least 1 when tab completion has reached this stage since the command itself has been completed
# @param str (see #cmd_use_tabs)
# @param words (see #cmd_use_tabs)
def cmd_advanced_tabs(str, words)
cmd_use_tabs(str, words)
end
#
# Tab completion for the advanced command (same as use)
#
# @param str (see #cmd_use_tabs)
# @param words (see #cmd_use_tabs)
def cmd_info_tabs(str, words)
cmd_use_tabs(str, words)
end
#
# Tab completion for the advanced command (same as use)
#
# @param str (see #cmd_use_tabs)
# @param words (see #cmd_use_tabs)
def cmd_options_tabs(str, words)
cmd_use_tabs(str, words)
end
def cmd_irb_help
print_line "Usage: irb"
print_line
@ -2204,7 +2285,7 @@ class Core
end
def cmd_show_help
global_opts = %w{all encoders nops exploits payloads auxiliary plugins options}
global_opts = %w{all encoders nops exploits payloads auxiliary plugins info options}
print_status("Valid parameters for the \"show\" command are: #{global_opts.join(", ")}")
module_opts = %w{ missing advanced evasion targets actions }
@ -2244,6 +2325,8 @@ class Core
show_auxiliary
when 'post'
show_post
when 'info'
cmd_info(*args[1, args.length])
when 'options'
if (mod)
show_options(mod)
@ -2936,7 +3019,7 @@ class Core
return option_values_payloads() if opt.upcase == 'PAYLOAD'
return option_values_targets() if opt.upcase == 'TARGET'
return option_values_nops() if opt.upcase == 'NOPS'
return option_values_encoders() if opt.upcase == 'StageEncoder'
return option_values_encoders() if opt.upcase == 'STAGEENCODER'
end
# Well-known option names specific to modules with actions
@ -3465,7 +3548,7 @@ class Core
def show_advanced_options(mod) # :nodoc:
mod_opt = Serializer::ReadableText.dump_advanced_options(mod, ' ')
print("\nModule advanced options:\n\n#{mod_opt}\n") if (mod_opt and mod_opt.length > 0)
print("\nModule advanced options (#{mod.fullname}):\n\n#{mod_opt}\n") if (mod_opt and mod_opt.length > 0)
# If it's an exploit and a payload is defined, create it and
# display the payload's options

11
lib/msf/ui/console/module_command_dispatcher.rb
View File

@ -164,6 +164,16 @@ module ModuleCommandDispatcher
end
end
def report_vuln(instance)
framework.db.report_vuln(
workspace: instance.workspace,
host: instance.rhost,
name: instance.name,
info: "This was flagged as vulnerable by the explicit check of #{instance.fullname}.",
refs: instance.references
)
end
def check_simple(instance=nil)
unless instance
instance = mod
@ -184,6 +194,7 @@ module ModuleCommandDispatcher
if (code and code.kind_of?(Array) and code.length > 1)
if (code == Msf::Exploit::CheckCode::Vulnerable)
print_good("#{peer} - #{code[1]}")
report_vuln(instance)
else
print_status("#{peer} - #{code[1]}")
end

5
lib/msf/util/exe.rb
View File

@ -992,6 +992,11 @@ require 'msf/core/exe/segment_appender'
if default
elf = to_exe_elf(framework, opts, "template_x86_linux.bin", code)
else
# Use set_template_default to normalize the :template key. It will just end up doing
# opts[:template] = File.join(opts[:template_path], opts[:template])
# for us, check if the file exists.
set_template_default(opts, 'template_x86_linux.bin')
# If this isn't our normal template, we have to do some fancy
# header patching to mark the .text section rwx before putting our
# payload into the entry point.

114
lib/rex/post/meterpreter/extensions/python/python.rb Normal file
View File

@ -0,0 +1,114 @@
# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/python/tlv'
require 'set'
module Rex
module Post
module Meterpreter
module Extensions
module Python
###
#
# Python extension - gives remote python scripting capabilities on the target.
#
###
class Python < Extension
PY_CODE_TYPE_STRING = 0
PY_CODE_TYPE_PY = 1
PY_CODE_TYPE_PYC = 2
PY_CODE_FILE_TYPES = [ '.py', '.pyc' ]
PY_CODE_FILE_TYPE_MAP = {
'.py' => PY_CODE_TYPE_PY,
'.pyc' => PY_CODE_TYPE_PYC
}
#
# Typical extension initialization routine.
#
# @param client (see Extension#initialize)
def initialize(client)
super(client, 'python')
client.register_extension_aliases(
[
{
'name' => 'python',
'ext' => self
}
])
end
def reset
request = Packet.create_request('python_reset')
client.send_request(request)
return true
end
def import(file, mod_name, result_var)
unless ::File.file?(file)
raise ArgumentError, "File not found: #{file}"
end
ext = ::File.extname(file).downcase
unless PY_CODE_FILE_TYPES.include?(ext)
raise ArgumentError, "File not a valid type: #{file}"
end
code = ::File.read(file)
request = Packet.create_request('python_execute')
request.add_tlv(TLV_TYPE_PYTHON_CODE, code)
request.add_tlv(TLV_TYPE_PYTHON_CODE_LEN, code.length)
request.add_tlv(TLV_TYPE_PYTHON_CODE_TYPE, PY_CODE_FILE_TYPE_MAP[ext])
request.add_tlv(TLV_TYPE_PYTHON_NAME, mod_name) if mod_name
request.add_tlv(TLV_TYPE_PYTHON_RESULT_VAR, result_var) if result_var
run_exec_request(request)
end
#
# Dump the LSA secrets from the target machine.
#
# @return [Hash<Symbol,Object>]
def execute_string(code, result_var)
request = Packet.create_request('python_execute')
request.add_tlv(TLV_TYPE_PYTHON_CODE, code)
request.add_tlv(TLV_TYPE_PYTHON_CODE_TYPE, PY_CODE_TYPE_STRING)
request.add_tlv(TLV_TYPE_PYTHON_RESULT_VAR, result_var) if result_var
run_exec_request(request)
end
private
def run_exec_request(request)
response = client.send_request(request)
result = {
result: response.get_tlv_value(TLV_TYPE_PYTHON_RESULT),
stdout: "",
stderr: ""
}
response.each(TLV_TYPE_PYTHON_STDOUT) do |o|
result[:stdout] << o.value
end
response.each(TLV_TYPE_PYTHON_STDERR) do |e|
result[:stderr] << e.value
end
result
end
end
end; end; end; end; end

21
lib/rex/post/meterpreter/extensions/python/tlv.rb Normal file
View File

@ -0,0 +1,21 @@
# -*- coding: binary -*-
module Rex
module Post
module Meterpreter
module Extensions
module Python
TLV_TYPE_PYTHON_STDOUT = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 1)
TLV_TYPE_PYTHON_STDERR = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 2)
TLV_TYPE_PYTHON_CODE = TLV_META_TYPE_RAW | (TLV_EXTENSIONS + 3)
TLV_TYPE_PYTHON_CODE_LEN = TLV_META_TYPE_UINT | (TLV_EXTENSIONS + 4)
TLV_TYPE_PYTHON_CODE_TYPE = TLV_META_TYPE_UINT | (TLV_EXTENSIONS + 5)
TLV_TYPE_PYTHON_NAME = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 6)
TLV_TYPE_PYTHON_RESULT_VAR = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 7)
TLV_TYPE_PYTHON_RESULT = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 8)
end
end
end
end
end

57
lib/rex/post/meterpreter/extensions/stdapi/fs/mount.rb Normal file
View File

@ -0,0 +1,57 @@
# -*- coding: binary -*-
require 'rex/post/meterpreter/extensions/stdapi/stdapi'
module Rex
module Post
module Meterpreter
module Extensions
module Stdapi
module Fs
class Mount
# Used when matching against windows drive types
DRIVE_TYPES = [
:unknown,
:no_root,
:removable,
:fixed,
:remote,
:cdrom,
:ramdisk
]
def initialize(client)
self.client = client
end
def show_mount
request = Packet.create_request('stdapi_fs_mount_show')
response = client.send_request(request)
results = []
response.each(TLV_TYPE_MOUNT) do |d|
results << {
name: d.get_tlv_value(TLV_TYPE_MOUNT_NAME),
type: DRIVE_TYPES[d.get_tlv_value(TLV_TYPE_MOUNT_TYPE)],
user_space: d.get_tlv_value(TLV_TYPE_MOUNT_SPACE_USER),
total_space: d.get_tlv_value(TLV_TYPE_MOUNT_SPACE_TOTAL),
free_space: d.get_tlv_value(TLV_TYPE_MOUNT_SPACE_FREE),
unc: d.get_tlv_value(TLV_TYPE_MOUNT_UNCPATH)
}
end
results
end
protected
attr_accessor :client # :nodoc:
end
end; end; end; end; end; end

4
lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
View File

@ -7,6 +7,7 @@ require 'rex/post/meterpreter/extensions/stdapi/tlv'
require 'rex/post/meterpreter/extensions/stdapi/fs/dir'
require 'rex/post/meterpreter/extensions/stdapi/fs/file'
require 'rex/post/meterpreter/extensions/stdapi/fs/file_stat'
require 'rex/post/meterpreter/extensions/stdapi/fs/mount'
require 'rex/post/meterpreter/extensions/stdapi/net/resolve'
require 'rex/post/meterpreter/extensions/stdapi/net/config'
require 'rex/post/meterpreter/extensions/stdapi/net/socket'
@ -50,7 +51,8 @@ class Stdapi < Extension
{
'dir' => self.dir,
'file' => self.file,
'filestat' => self.filestat
'filestat' => self.filestat,
'mount' => Fs::Mount.new(client)
})
},
{

16
lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb
View File

@ -77,6 +77,22 @@ class Registry
client, root_key, base_key, perm, response.get_tlv(TLV_TYPE_HKEY).value)
end
# Checks if a key exists on the target registry
#
# @param root_key [String] the root part of the key path. Ex: HKEY_LOCAL_MACHINE
# @param base_key [String] the base part of the key path
# @return [Boolean] true if the key exists on the target registry, false otherwise, even
# it the session hasn't permissions to access the target key.
# @raise [TimeoutError] if the timeout expires when waiting the answer
# @raise [Rex::Post::Meterpreter::RequestError] if the parameters are not valid
def Registry.check_key_exists(root_key, base_key)
request = Packet.create_request('stdapi_registry_check_key_exists')
request.add_tlv(TLV_TYPE_ROOT_KEY, root_key)
request.add_tlv(TLV_TYPE_BASE_KEY, base_key)
response = client.send_request(request)
return response.get_tlv(TLV_TYPE_BOOL).value
end
#
# Opens the supplied registry key on the specified remote host. Requires that the
# current process has credentials to access the target and that the target has the

8
lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
View File

@ -32,6 +32,14 @@ TLV_TYPE_FILE_SIZE = TLV_META_TYPE_UINT | 1204
TLV_TYPE_FILE_SHORT_NAME = TLV_META_TYPE_STRING | 1205
TLV_TYPE_FILE_HASH = TLV_META_TYPE_RAW | 1206
TLV_TYPE_MOUNT = TLV_META_TYPE_GROUP | 1207
TLV_TYPE_MOUNT_NAME = TLV_META_TYPE_STRING | 1208
TLV_TYPE_MOUNT_TYPE = TLV_META_TYPE_UINT | 1209
TLV_TYPE_MOUNT_SPACE_USER = TLV_META_TYPE_QWORD | 1210
TLV_TYPE_MOUNT_SPACE_TOTAL = TLV_META_TYPE_QWORD | 1211
TLV_TYPE_MOUNT_SPACE_FREE = TLV_META_TYPE_QWORD | 1212
TLV_TYPE_MOUNT_UNCPATH = TLV_META_TYPE_STRING | 1213
TLV_TYPE_STAT_BUF = TLV_META_TYPE_COMPLEX | 1220
TLV_TYPE_SEARCH_RECURSE = TLV_META_TYPE_BOOL | 1230

3
lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
View File

@ -49,10 +49,9 @@ class Console::CommandDispatcher::Core
"?" => "Help menu",
"background" => "Backgrounds the current session",
"close" => "Closes a channel",
"channel" => "Displays information about active channels",
"channel" => "Displays information or control active channels",
"exit" => "Terminate the meterpreter session",
"help" => "Help menu",
"interact" => "Interacts with a channel",
"irb" => "Drop into irb scripting mode",
"use" => "Deprecated alias for 'load'",
"load" => "Load one or more meterpreter extensions",

187
lib/rex/post/meterpreter/ui/console/command_dispatcher/python.rb Normal file
View File

@ -0,0 +1,187 @@
# -*- coding: binary -*-
require 'rex/post/meterpreter'
module Rex
module Post
module Meterpreter
module Ui
###
#
# Python extension - interact with a python interpreter
#
###
class Console::CommandDispatcher::Python
Klass = Console::CommandDispatcher::Python
include Console::CommandDispatcher
#
# Name for this dispatcher
#
def name
'Python'
end
#
# List of supported commands.
#
def commands
{
'python_reset' => 'Resets/restarts the Python interpreter',
'python_execute' => 'Execute a python command string',
'python_import' => 'Import/run a python file or module'
}
end
def cmd_python_reset(*args)
client.python.reset
print_good('Python interpreter successfully reset')
end
@@python_import_opts = Rex::Parser::Arguments.new(
'-h' => [false, 'Help banner'],
'-f' => [true, 'Path to the file (.py, .pyc), or module directory to import'],
'-n' => [true, 'Name of the module (optional, for single files only)'],
'-r' => [true, 'Name of the variable containing the result (optional, single files only)']
)
def python_import_usage
print_line('Usage: python_import <-f file path> [-n mod name] [-r result var name]')
print_line
print_line('Loads a python code file or module from disk into memory on the target.')
print_line('The module loader requires a path to a folder that contains the module,')
print_line('and the folder name will be used as the module name. Only .py files will')
print_line('work with modules.')
print_line(@@python_import_opts.usage)
end
#
# Import/run a python file
#
def cmd_python_import(*args)
if args.length == 0 || args.include?('-h')
python_import_usage
return false
end
result_var = nil
source = nil
mod_name = nil
@@python_import_opts.parse(args) { |opt, idx, val|
case opt
when '-f'
source = val
when '-n'
mod_name = val
when '-r'
result_var = val
end
}
unless source
print_error("The -f parameter must be specified")
return false
end
if ::File.directory?(source)
files = ::Find.find(source).select { |p| /.*\.py$/ =~ p }
if files.length == 0
fail_with("No .py files found in #{source}")
end
base_name = ::File.basename(source)
unless source.end_with?('/')
source << '/'
end
print_status("Importing #{source} with base module name #{base_name} ...")
files.each do |file|
rel_path = file[source.length, file.length - source.length]
parts = rel_path.split('/')
mod_parts = [base_name] + parts[0, parts.length - 1]
if parts[-1] != '__init__.py'
mod_parts << ::File.basename(parts[-1], '.*')
end
mod_name = mod_parts.join('.')
print_status("Importing #{file} as #{mod_name} ...")
result = client.python.import(file, mod_name, nil)
handle_exec_result(result, nil)
end
else
print_status("Importing #{source} ...")
result = client.python.import(source, mod_name, result_var)
handle_exec_result(result, result_var)
end
end
@@python_execute_opts = Rex::Parser::Arguments.new(
'-h' => [false, 'Help banner'],
'-r' => [true, 'Name of the variable containing the result (optional)']
)
def python_execute_usage
print_line('Usage: python_execute <python code> [-r result var name]')
print_line
print_line('Runs the given python string on the target. If a result is required,')
print_line('it should be stored in a python variable, and that variable should')
print_line('passed using the -r parameter.')
print_line(@@python_execute_opts.usage)
end
#
# Execute a simple python command string
#
def cmd_python_execute(*args)
if args.length == 0 || args.include?('-h')
python_execute_usage
return false
end
code = args.shift
result_var = nil
@@python_execute_opts.parse(args) { |opt, idx, val|
case opt
when '-r'
result_var = val
end
}
result = client.python.execute_string(code, result_var)
handle_exec_result(result, result_var)
end
private
def handle_exec_result(result, result_var)
if result[:result]
print_good("#{result_var} = #{result[:result]}")
elsif result[:stdout].length == 0 and result[:stderr].length == 0
print_good("Command executed without returning a result")
end
if result[:stdout].length > 0
print_good("Content written to stdout:\n#{result[:stdout]}")
end
if result[:stderr].length > 0
print_error("Content written to stderr:\n#{result[:stderr]}")
end
end
end
end
end
end
end

111
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
View File

@ -1,5 +1,6 @@
# -*- coding: binary -*-
require 'tempfile'
require 'filesize'
require 'rex/post/meterpreter'
module Rex
@ -48,43 +49,45 @@ class Console::CommandDispatcher::Stdapi::Fs
#
def commands
all = {
"cat" => "Read the contents of a file to the screen",
"cd" => "Change directory",
"del" => "Delete the specified file",
"download" => "Download a file or directory",
"edit" => "Edit a file",
"getlwd" => "Print local working directory",
"getwd" => "Print working directory",
"lcd" => "Change local working directory",
"lpwd" => "Print local working directory",
"ls" => "List files",
"mkdir" => "Make directory",
"pwd" => "Print working directory",
"rm" => "Delete the specified file",
"mv" => "Move source to destination",
"rmdir" => "Remove directory",
"search" => "Search for files",
"upload" => "Upload a file or directory",
'cat' => 'Read the contents of a file to the screen',
'cd' => 'Change directory',
'del' => 'Delete the specified file',
'download' => 'Download a file or directory',
'edit' => 'Edit a file',
'getlwd' => 'Print local working directory',
'getwd' => 'Print working directory',
'lcd' => 'Change local working directory',
'lpwd' => 'Print local working directory',
'ls' => 'List files',
'mkdir' => 'Make directory',
'pwd' => 'Print working directory',
'rm' => 'Delete the specified file',
'mv' => 'Move source to destination',
'rmdir' => 'Remove directory',
'search' => 'Search for files',
'upload' => 'Upload a file or directory',
'show_mount' => 'List all mount points/logical drives',
}
reqs = {
"cat" => [ ],
"cd" => [ "stdapi_fs_chdir" ],
"del" => [ "stdapi_fs_rm" ],
"download" => [ ],
"edit" => [ ],
"getlwd" => [ ],
"getwd" => [ "stdapi_fs_getwd" ],
"lcd" => [ ],
"lpwd" => [ ],
"ls" => [ "stdapi_fs_stat", "stdapi_fs_ls" ],
"mkdir" => [ "stdapi_fs_mkdir" ],
"pwd" => [ "stdapi_fs_getwd" ],
"rmdir" => [ "stdapi_fs_delete_dir" ],
"rm" => [ "stdapi_fs_delete_file" ],
"mv" => [ "stdapi_fs_file_move" ],
"search" => [ "stdapi_fs_search" ],
"upload" => [ ],
'cat' => [],
'cd' => ['stdapi_fs_chdir'],
'del' => ['stdapi_fs_rm'],
'download' => [],
'edit' => [],
'getlwd' => [],
'getwd' => ['stdapi_fs_getwd'],
'lcd' => [],
'lpwd' => [],
'ls' => ['stdapi_fs_stat', 'stdapi_fs_ls'],
'mkdir' => ['stdapi_fs_mkdir'],
'pwd' => ['stdapi_fs_getwd'],
'rmdir' => ['stdapi_fs_delete_dir'],
'rm' => ['stdapi_fs_delete_file'],
'mv' => ['stdapi_fs_file_move'],
'search' => ['stdapi_fs_search'],
'upload' => [],
'show_mount' => ['stdapi_fs_mount_show'],
}
all.delete_if do |cmd, desc|
@ -166,6 +169,46 @@ class Console::CommandDispatcher::Stdapi::Fs
end
#
# Show all the mount points/logical drives (currently geared towards
# the Windows Meterpreter).
#
def cmd_show_mount(*args)
if args.include?('-h')
print_line('Usage: show_mount')
return true
end
mounts = client.fs.mount.show_mount
table = Rex::Ui::Text::Table.new(
'Header' => 'Mounts / Drives',
'Indent' => 0,
'SortIndex' => 0,
'Columns' => [
'Name', 'Type', 'Size (Total)', 'Size (Free)', 'Mapped to'
]
)
mounts.each do |d|
ts = ::Filesize.from("#{d[:total_space]} B").pretty.split(' ')
fs = ::Filesize.from("#{d[:free_space]} B").pretty.split(' ')
table << [
d[:name],
d[:type],
"#{ts[0].rjust(6)} #{ts[1].ljust(3)}",
"#{fs[0].rjust(6)} #{fs[1].ljust(3)}",
d[:unc]
]
end
print_line
print_line(table.to_s)
print_line
print_line("Total mounts/drives: #{mounts.length}")
print_line
end
#
# Reads the contents of a file and prints them to the screen.
#

12
lib/rex/proto/dcerpc/client.rb
View File

@ -57,7 +57,7 @@ require 'rex/proto/smb/exceptions'
case self.handle.protocol
when 'ncacn_ip_tcp'
if self.socket.type? != 'tcp'
raise "ack, #{self.handle.protocol} requires socket type tcp, not #{self.socket.type?}!"
raise ::Rex::Proto::DCERPC::Exceptions::InvalidSocket, "ack, #{self.handle.protocol} requires socket type tcp, not #{self.socket.type?}!"
end
when 'ncacn_np'
if self.socket.class == Rex::Proto::SMB::SimpleClient::OpenPipe
@ -65,11 +65,11 @@ require 'rex/proto/smb/exceptions'
elsif self.socket.type? == 'tcp'
self.smb_connect()
else
raise "ack, #{self.handle.protocol} requires socket type tcp, not #{self.socket.type?}!"
raise ::Rex::Proto::DCERPC::Exceptions::InvalidSocket, "ack, #{self.handle.protocol} requires socket type tcp, not #{self.socket.type?}!"
end
# No support ncacn_ip_udp (is it needed now that its ripped from Vista?)
else
raise "Unsupported protocol : #{self.handle.protocol}"
raise ::Rex::Proto::DCERPC::Exceptions::InvalidSocket, "Unsupported protocol : #{self.handle.protocol}"
end
end
@ -255,7 +255,7 @@ require 'rex/proto/smb/exceptions'
bind, context = Rex::Proto::DCERPC::Packet.make_bind(*self.handle.uuid)
end
raise 'make_bind failed' if !bind
raise ::Rex::Proto::DCERPC::Exceptions::BindError, 'make_bind failed' if !bind
self.write(bind)
raw_response = self.read()
@ -264,11 +264,11 @@ require 'rex/proto/smb/exceptions'
self.last_response = response
if response.type == 12 or response.type == 15
if self.last_response.ack_result[context] == 2
raise "Could not bind to #{self.handle}"
raise ::Rex::Proto::DCERPC::Exceptions::BindError, "Could not bind to #{self.handle}"
end
self.context = context
else
raise "Could not bind to #{self.handle}"
raise ::Rex::Proto::DCERPC::Exceptions::BindError, "Could not bind to #{self.handle}"
end
end

26
lib/rex/proto/dcerpc/exceptions.rb
View File

@ -132,6 +132,32 @@ class NoResponse < Error
end
end
class BindError < Error
def initialize(message=nil)
@message = message
end
def to_s
str = 'Failed to bind.'
if @message
str += " #{@message}"
end
end
end
class InvalidSocket < Error
def initialize(message=nil)
@message = message
end
def to_s
str = 'Invalid Socket.'
if @message
str += " #{@message}"
end
end
end
class InvalidPacket < Error
def initialize(message = nil)
@message = message

59
lib/rex/proto/http/response.rb
View File

@ -2,6 +2,7 @@
require 'uri'
require 'rex/proto/http'
require 'nokogiri'
require 'rkelly'
module Rex
module Proto
@ -84,6 +85,62 @@ class Response < Packet
end
# Returns a parsed HTML document.
# Instead of using regexes to parse the HTML body, you should use this and use the Nokogiri API.
#
# @see http://www.nokogiri.org/
# @return [Nokogiri::HTML::Document]
def get_html_document
Nokogiri::HTML(self.body)
end
# Returns a parsed XML document.
# Instead of using regexes to parse the XML body, you should use this and use the Nokogiri API.
#
# @see http://www.nokogiri.org/
# @return [Nokogiri::XML::Document]
def get_xml_document
Nokogiri::XML(self.body)
end
# Returns a parsed json document.
# Instead of using regexes to parse the JSON body, you should use this.
#
# @return [Hash]
def get_json_document
json = []
begin
json = JSON.parse(self.body)
rescue JSON::ParserError => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
end
json
end
# Returns meta tags.
# You will probably want to use this the web app's version info (or other stuff) can be found
# in the metadata.
#
# @return [Array<Nokogiri::XML::Element>]
def get_html_meta_elements
n = get_html_document
n.search('//meta')
end
# Returns parsed JavaScript blocks.
# The parsed version is a RKelly object that allows you to be able do advanced parsing.
#
# @see https://github.com/tenderlove/rkelly
# @return [Array<RKelly::Nodes::SourceElementsNode>]
def get_html_scripts
n = get_html_document
rkelly = RKelly::Parser.new
n.search('//script').map { |s| rkelly.parse(s.text) }
end
# Returns a collection of found hidden inputs
#
# @return [Array<Hash>] An array, each element represents a form that contains a hash of found hidden inputs
@ -94,7 +151,7 @@ class Response < Packet
# session_id = inputs[0]['sessionid'] # The first form's 'sessionid' hidden input
def get_hidden_inputs
forms = []
noko = Nokogiri::HTML(self.body)
noko = get_html_document
noko.search("form").each_entry do |form|
found_inputs = {}
form.search("input").each_entry do |input|

50
lib/rex/text.rb
View File

@ -1126,6 +1126,56 @@ module Text
return output
end
#
# Converts a string to one similar to what would be used by cowsay(1), a UNIX utility for
# displaying text as if it was coming from an ASCII-cow's mouth:
#
# __________________
# < the cow says moo >
# ------------------
# \ ^__^
# \ (oo)\_______
# (__)\ )\/\
# ||----w |
# || ||
#
# @param text [String] The string to cowsay
# @param width [Fixnum] Width of the cow's cloud. Default's to cowsay(1)'s default, 39.
def self.cowsay(text, width=39)
# cowsay(1) chunks a message up into 39-byte chunks and wraps it in '| ' and ' |'
# Rex::Text.wordwrap(text, 0, 39, ' |', '| ') almost does this, but won't
# split a word that has > 39 characters in it which results in oddly formed
# text in the cowsay banner, so just do it by hand. This big mess wraps
# the provided text in an ASCII-cloud and then makes it look like the cloud
# is a thought/word coming from the ASCII-cow. Each line in the
# ASCII-cloud is no more than the specified number-characters long, and the
# cloud corners are made to look rounded
text_lines = text.scan(Regexp.new(".{1,#{width-4}}"))
max_length = text_lines.map(&:size).sort.last
cloud_parts = []
cloud_parts << " #{'_' * (max_length + 2)}"
if text_lines.size == 1
cloud_parts << "< #{text} >"
else
cloud_parts << "/ #{text_lines.first.ljust(max_length, ' ')} \\"
if text_lines.size > 2
text_lines[1, text_lines.length - 2].each do |line|
cloud_parts << "| #{line.ljust(max_length, ' ')} |"
end
end
cloud_parts << "\\ #{text_lines.last.ljust(max_length, ' ')} /"
end
cloud_parts << " #{'-' * (max_length + 2)}"
cloud_parts << <<EOS
\\ ,__,
\\ (oo)____
(__) )\\
||--|| *
EOS
cloud_parts.join("\n")
end
##
#
# Transforms

39
metasploit-framework-db.gemspec
View File

@ -1,39 +0,0 @@
# coding: utf-8
# During build, the Gemfile is temporarily moved and
# we must manually define the project root
if ENV['MSF_ROOT']
lib = File.realpath(File.expand_path('lib', ENV['MSF_ROOT']))
else
# have to use realpath as metasploit-framework is often loaded through a symlink and tools like Coverage and debuggers
# require realpaths.
lib = File.realpath(File.expand_path('../lib', __FILE__))
end
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
require 'metasploit/framework/version'
require 'metasploit/framework/rails_version_constraint'
Gem::Specification.new do |spec|
spec.name = 'metasploit-framework-db'
spec.version = Metasploit::Framework::GEM_VERSION
spec.authors = ['Metasploit Hackers']
spec.email = ['metasploit-hackers@lists.sourceforge.net']
spec.summary = 'metasploit-framework Database dependencies'
spec.description = 'Gems needed to access the PostgreSQL database in metasploit-framework'
spec.homepage = 'https://www.metasploit.com'
spec.license = 'BSD-3-clause'
# no files, just dependencies
spec.files = []
spec.add_runtime_dependency 'activerecord', *Metasploit::Framework::RailsVersionConstraint::RAILS_VERSION
# Metasploit::Credential database models
spec.add_runtime_dependency 'metasploit-credential', '1.0.1'
# Database models shared between framework and Pro.
spec.add_runtime_dependency 'metasploit_data_models', '1.2.7'
# depend on metasploit-framewrok as the optional gems are useless with the actual code
spec.add_runtime_dependency 'metasploit-framework', "= #{spec.version}"
# Needed for module caching in Mdm::ModuleDetails
spec.add_runtime_dependency 'pg', '>= 0.11'
end

36
metasploit-framework-full.gemspec
View File

@ -1,36 +0,0 @@
# coding: utf-8
# During build, the Gemfile is temporarily moved and
# we must manually define the project root
if ENV['MSF_ROOT']
lib = File.realpath(File.expand_path('lib', ENV['MSF_ROOT']))
else
# have to use realpath as metasploit-framework is often loaded through a symlink and tools like Coverage and debuggers
# require realpaths.
lib = File.realpath(File.expand_path('../lib', __FILE__))
end
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
require 'metasploit/framework/version'
require 'metasploit/framework/rails_version_constraint'
Gem::Specification.new do |spec|
spec.name = 'metasploit-framework-full'
spec.version = Metasploit::Framework::GEM_VERSION
spec.authors = ['Metasploit Hackers']
spec.email = ['metasploit-hackers@lists.sourceforge.net']
spec.summary = 'metasploit-framework with all optional dependencies'
spec.description = 'Gems needed to access the PostgreSQL database in metasploit-framework'
spec.homepage = 'https://www.metasploit.com'
spec.license = 'BSD-3-clause'
# no files, just dependencies
spec.files = []
metasploit_framework_version_constraint = "= #{spec.version}"
spec.add_runtime_dependency 'rails', *Metasploit::Framework::RailsVersionConstraint::RAILS_VERSION
spec.add_runtime_dependency 'metasploit-framework', metasploit_framework_version_constraint
spec.add_runtime_dependency 'metasploit-framework-db', metasploit_framework_version_constraint
spec.add_runtime_dependency 'metasploit-framework-pcap', metasploit_framework_version_constraint
end

35
metasploit-framework-pcap.gemspec
View File

@ -1,35 +0,0 @@
# coding: utf-8
# During build, the Gemfile is temporarily moved and
# we must manually define the project root
if ENV['MSF_ROOT']
lib = File.realpath(File.expand_path('lib', ENV['MSF_ROOT']))
else
# have to use realpath as metasploit-framework is often loaded through a symlink and tools like Coverage and debuggers
# require realpaths.
lib = File.realpath(File.expand_path('../lib', __FILE__))
end
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
require 'metasploit/framework/version'
Gem::Specification.new do |spec|
spec.name = 'metasploit-framework-pcap'
spec.version = Metasploit::Framework::GEM_VERSION
spec.authors = ['Metasploit Hackers']
spec.email = ['metasploit-hackers@lists.sourceforge.net']
spec.summary = 'metasploit-framework packet capture dependencies'
spec.description = 'Gems needed to capture packets in metasploit-framework'
spec.homepage = 'https://www.metasploit.com'
spec.license = 'BSD-3-clause'
# no files, just dependencies
spec.files = []
# depend on metasploit-framewrok as the optional gems are useless with the actual code
spec.add_runtime_dependency 'metasploit-framework', "= #{spec.version}"
# get list of network interfaces, like eth* from OS.
spec.add_runtime_dependency 'network_interface', '~> 0.0.1'
# For sniffer and raw socket modules
spec.add_runtime_dependency 'pcaprub'
end

19
metasploit-framework.gemspec
View File

@ -44,7 +44,8 @@ Gem::Specification.new do |spec|
spec.test_files = spec.files.grep(%r{^spec/})
spec.require_paths = ["lib"]
# Database support
spec.add_runtime_dependency 'activerecord', *Metasploit::Framework::RailsVersionConstraint::RAILS_VERSION
# Need 3+ for ActiveSupport::Concern
spec.add_runtime_dependency 'activesupport', *Metasploit::Framework::RailsVersionConstraint::RAILS_VERSION
# Needed for config.action_view for view plugin compatibility for Pro
@ -52,24 +53,34 @@ Gem::Specification.new do |spec|
# Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
spec.add_runtime_dependency 'bcrypt'
# Needed for Javascript obfuscation
spec.add_runtime_dependency 'jsobfu', '~> 0.2.0'
spec.add_runtime_dependency 'jsobfu', '~> 0.3.0'
# Needed for some admin modules (scrutinizer_add_user.rb)
spec.add_runtime_dependency 'json'
# Metasm compiler/decompiler/assembler
spec.add_runtime_dependency 'metasm', '~> 1.0.2'
# Metasploit::Concern hooks
spec.add_runtime_dependency 'metasploit-concern', '1.0.0'
# Metasploit::Credential database models
spec.add_runtime_dependency 'metasploit-credential', '1.0.1'
# Database models shared between framework and Pro.
spec.add_runtime_dependency 'metasploit_data_models', '1.2.9'
# Things that would normally be part of the database model, but which
# are needed when there's no database
spec.add_runtime_dependency 'metasploit-model', '1.0.0'
# Needed for Meterpreter
spec.add_runtime_dependency 'metasploit-payloads', '1.0.15'
spec.add_runtime_dependency 'metasploit-payloads', '1.0.16'
# Needed by msfgui and other rpc components
spec.add_runtime_dependency 'msgpack'
# get list of network interfaces, like eth* from OS.
spec.add_runtime_dependency 'network_interface', '~> 0.0.1'
# Needed by anemone crawler
spec.add_runtime_dependency 'nokogiri'
# Needed by db.rb and Msf::Exploit::Capture
spec.add_runtime_dependency 'packetfu', '1.1.11'
# For sniffer and raw socket modules
spec.add_runtime_dependency 'pcaprub'
# Needed for module caching in Mdm::ModuleDetails
spec.add_runtime_dependency 'pg', '>= 0.11'
# Run initializers for metasploit-concern, metasploit-credential, metasploit_data_models Rails::Engines
spec.add_runtime_dependency 'railties'
# required for OS fingerprinting
@ -91,4 +102,6 @@ Gem::Specification.new do |spec|
spec.add_runtime_dependency 'sqlite3'
# required for Time::TZInfo in ActiveSupport
spec.add_runtime_dependency 'tzinfo'
# Needed so that disk size output isn't horrible
spec.add_runtime_dependency 'filesize'
end

258
modules/auxiliary/admin/atg/atg_client.rb Normal file
View File

@ -0,0 +1,258 @@
##
# encoding: utf-8
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Scanner
def initialize
super(
'Name' => 'Veeder-Root Automatic Tank Gauge (ATG) Administrative Client',
'Description' => %q{
This module acts as a simplistic administrative client for interfacing
with Veeder-Root Automatic Tank Gauges (ATGs) or other devices speaking
the TLS-250 and TLS-350 protocols. This has been tested against
GasPot, a honeypot meant to simulate ATGs; it has not been tested
against anything else, so use at your own risk.
},
'Author' =>
[
'Jon Hart <jon_hart[at]rapid7.com>' # original metasploit module
],
'License' => MSF_LICENSE,
'References' =>
[
['URL', 'https://community.rapid7.com/community/infosec/blog/2015/01/22/the-internet-of-gas-station-tank-gauges'],
['URL', 'http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-gaspot-experiment'],
['URL', 'https://github.com/sjhilt/GasPot'],
['URL', 'http://www.veeder.com/us/automatic-tank-gauge-atg-consoles'],
['URL', 'http://www.chipkin.com/files/liz/576013-635.pdf'],
['URL', 'http://www.veeder.com/gold/download.cfm?doc_id=6227']
],
'DefaultAction' => 'INVENTORY',
'Actions' =>
[
[ 'ALARM',
{
'Description' => 'I30200 Sensor alarm history (untested)',
'TLS-350_CMD' => "\x01I30200"
}
],
[ 'ALARM_RESET',
{
'Description' => 'IS00300 Remote alarm reset (untested)',
'TLS-350_CMD' => "\x01IS00300"
}
],
[ 'DELIVERY',
{
'Description' => 'I20200 Delivery report',
'TLS-350_CMD' => "\x01I20200"
}
],
[ 'INVENTORY',
{
'Description' => '200/I20100 In-tank inventory report',
'TLS-250_CMD' => "\x01200",
'TLS-350_CMD' => "\x01I20100"
}
],
[ 'LEAK',
{
'Description' => 'I20300 Leak report',
'TLS-350_CMD' => "\x01I20300"
}
],
[ 'RELAY',
{
'Description' => 'I40600 Relay status (untested)',
'TLS-350_CMD' => "\x01I40600"
}
],
[ 'RESET',
{
'Description' => 'IS00100 Reset (untested)',
'TLS-350_CMD' => "\x01IS00100"
}
],
[ 'CLEAR_RESET',
{
'Description' => 'IS00200 Clear Reset Flag (untested)',
'TLS-350_CMD' => "\x01IS00200"
}
],
[ 'SENSOR',
{
'Description' => 'I30100 Sensor status (untested)',
'TLS-350_CMD' => "\x01I30100"
}
],
[ 'SENSOR_DIAG',
{
'Description' => 'IB0100 Sensor diagnostics (untested)',
'TLS-350_CMD' => "\x01IB0100"
}
],
[ 'SHIFT',
{
'Description' => 'I20400 Shift report',
'TLS-350_CMD' => "\x01I20400"
}
],
[ 'SET_TANK_NAME',
{
'Description' => 'S602 set tank name (use TANK_NUMBER and TANK_NAME options)',
'TLS-350_CMD' => "\x01S602"
}
],
# [ 'SET_TIME',
# {
# 'Description' => 'S50100 Set time of day (use TIME option) (untested)',
# 'TLS-350_CMD' => "\x01S50100"
# }
# ],
[ 'STATUS',
{
'Description' => 'I20500 In-tank status report',
'TLS-350_CMD' => "\x01I20500"
}
],
[ 'SYSTEM_STATUS',
{
'Description' => 'I10100 System status report (untested)',
'TLS-350_CMD' => "\x01I10100"
}
],
[ 'TANK_ALARM',
{
'Description' => 'I20600 Tank alarm history (untested)',
'TLS-350_CMD' => "\x01I20600"
}
],
[ 'TANK_DIAG',
{
'Description' => 'IA0100 Tank diagnostics (untested)',
'TLS-350_CMD' => "\x01IA0100"
}
],
[ 'VERSION',
{
'Description' => 'Version information',
'TLS-250_CMD' => "\x01980",
'TLS-350_CMD' => "\x01I90200"
}
]
]
)
register_options(
[
Opt::RPORT(10001),
OptInt.new('TANK_NUMBER', [false, 'The tank number to operate on (use with SET_TANK_NAME, 0 to change all)', 1]),
OptString.new('TANK_NAME', [false, 'The tank name to set (use with SET_TANK_NAME, defaults to random)'])
]
)
deregister_options('SSL', 'SSLCipher', 'SSLVerifyMode', 'SSLVersion')
register_advanced_options(
[
OptEnum.new('PROTOCOL', [true, 'The Veeder-Root TLS protocol to speak', 'TLS-350', %w(TLS-350 TLS-250)]),
OptInt.new('TIMEOUT', [true, 'Time in seconds to wait for responses to our probes', 5])
]
)
end
def setup
# ensure that the specified command is implemented for the desired version of the TLS protocol
unless action.opts.keys.include?(protocol_opt_name)
fail_with(Failure::BadConfig, "#{action.name} not defined for #{protocol}")
end
# ensure that the tank number is set for the commands that need it
if action.name == 'SET_TANK_NAME' && (tank_number < 0 || tank_number > 99)
fail_with(Failure::BadConfig, "TANK_NUMBER #{tank_number} is invalid")
end
unless timeout > 0
fail_with(Failure::BadConfig, "Invalid timeout #{timeout} -- must be > 0")
end
end
def get_response(request)
sock.put(request)
response = sock.get_once(-1, timeout)
response
end
def peer
"#{rhost}:#{rport}"
end
def protocol
datastore['PROTOCOL']
end
def protocol_opt_name
protocol + '_CMD'
end
def tank_name
@tank_name ||= (datastore['TANK_NAME'] ? datastore['TANK_NAME'] : Rex::Text.rand_text_alpha(16))
end
def tank_number
datastore['TANK_NUMBER']
end
def time
if datastore['TIME']
Time.parse(datastore['TIME']).to_i
else
Time.now.to_i
end
end
def timeout
datastore['TIMEOUT']
end
def run_host(_host)
begin
connect
case action.name
when 'SET_TANK_NAME'
# send the set tank name command to change the tank name(s)
if tank_number == 0
vprint_status("#{peer} -- setting all tank names to #{tank_name}")
else
vprint_status("#{peer} -- setting tank ##{tank_number}'s name to #{tank_name}")
end
request = "#{action.opts[protocol_opt_name]}#{format('%02d', tank_number)}#{tank_name}\n"
sock.put(request)
# reconnect
disconnect
connect
# send an inventory probe to show that it succeeded
inventory_probe = "#{actions.find { |a| a.name == 'INVENTORY' }.opts[protocol_opt_name]}\n"
inventory_response = get_response(inventory_probe)
message = "#{peer} #{protocol} #{action.opts['Description']}:\n#{inventory_response}"
if inventory_response.include?(tank_name)
print_good message
else
print_warning message
end
else
response = get_response("#{action.opts[protocol_opt_name]}\n")
print_good("#{peer} #{protocol} #{action.opts['Description']}:\n#{response}")
end
ensure
disconnect
end
end
end

3
modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb
View File

@ -28,9 +28,8 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'BID', '19680' ],
[ 'CVE', '2006-4313' ],
[ 'URL', 'http://www.cisco.com/warp/public/707/cisco-sa-20060823-vpn3k.shtml' ],
[ 'OSVDB', '28139' ],
[ 'OSVDB', '28138' ],
[ 'OSVDB', '28138' ]
],
'DisclosureDate' => 'Aug 23 2006'))

1
modules/auxiliary/admin/hp/hp_data_protector_cmd.rb
View File

@ -33,7 +33,6 @@ class Metasploit3 < Msf::Auxiliary
[ 'CVE', '2011-0923' ],
[ 'OSVDB', '72526' ],
[ 'ZDI', '11-055' ],
[ 'URL', 'http://c4an-dl.blogspot.com/hp-data-protector-vuln.html' ],
[ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux' ]
],
'Author' =>

4
modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb
View File

@ -46,8 +46,8 @@ class Metasploit3 < Msf::Auxiliary
'References' => [
[ 'CVE', '2015-0964' ], # XSS vulnerability
[ 'CVE', '2015-0965' ], # CSRF vulnerability
[ 'CVE', '2015-0966' ], # "techician/yZgO8Bvj" web interface backdoor
[ 'URL', 'https://community.rapid7.com/rapid7_blogpostdetail?id=a111400000AanBs' ] # Original disclosure
[ 'CVE', '2015-0966' ], # "techician/yZgO8Bvj" web interface backdoor
[ 'URL', 'https://community.rapid7.com/community/infosec/blog/2015/06/05/r7-2015-01-csrf-backdoor-and-persistent-xss-on-arris-motorola-cable-modems' ],
]
))

3
modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb
View File

@ -22,8 +22,7 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'EDB', '25252' ],
[ 'OSVDB', '93013' ],
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-018' ],
[ 'URL', 'http://www.dlink.com/de/de/home-solutions/connect/modems-and-gateways/dsl-320b-adsl-2-ethernet-modem' ],
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-018' ]
],
'Author' => [
'Michael Messner <devnull[at]s3cur1ty.de>'

2
modules/auxiliary/admin/http/jboss_bshdeployer.rb
View File

@ -7,7 +7,7 @@ require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::HTTP::JBoss
include Msf::Exploit::Remote::HTTP::JBoss
def initialize
super(

2
modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb
View File

@ -7,7 +7,7 @@ require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::HTTP::JBoss
include Msf::Exploit::Remote::HTTP::JBoss
def initialize
super(

1
modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb
View File

@ -26,7 +26,6 @@ class Metasploit3 < Msf::Auxiliary
[ 'OSVDB', '89912' ],
[ 'BID', '57760' ],
[ 'EDB', '24475' ],
[ 'URL', 'http://homesupport.cisco.com/de-eu/support/routers/E1500' ],
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-004' ]
],
'DisclosureDate' => 'Feb 05 2013'))

1
modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb
View File

@ -29,7 +29,6 @@ class Metasploit3 < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
[ 'URL', 'http://homesupport.cisco.com/en-eu/support/routers/WRT54GL' ],
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-01' ],
[ 'URL', 'http://www.s3cur1ty.de/attacking-linksys-wrt54gl' ],
[ 'EDB', '24202' ],

4
modules/auxiliary/admin/http/manage_engine_dc_create_admin.rb
View File

@ -27,8 +27,8 @@ class Metasploit3 < Msf::Auxiliary
[
['CVE', '2014-7862'],
['OSVDB', '116554'],
['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_dc9_admin.txt'],
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/2']
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/2'],
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_dc9_admin.txt'],
],
'DisclosureDate' => 'Dec 31 2014'))

4
modules/auxiliary/admin/http/manageengine_dir_listing.rb
View File

@ -36,8 +36,8 @@ class Metasploit3 < Msf::Auxiliary
[
['CVE', '2014-7863'],
['OSVDB', '117696'],
['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_failservlet.txt'],
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114']
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114'],
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_failservlet.txt']
],
'DisclosureDate' => 'Jan 28 2015'))

4
modules/auxiliary/admin/http/manageengine_file_download.rb
View File

@ -34,8 +34,8 @@ class Metasploit3 < Msf::Auxiliary
[
['CVE', '2014-7863'],
['OSVDB', '117695'],
['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_failservlet.txt'],
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114']
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114'],
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_failservlet.txt']
],
'DisclosureDate' => 'Jan 28 2015'))

4
modules/auxiliary/admin/http/manageengine_pmp_privesc.rb
View File

@ -34,8 +34,8 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2014-8499' ],
[ 'OSVDB', '114485' ],
[ 'URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_pmp_privesc.txt' ],
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Nov/18' ]
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Nov/18' ],
[ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_pmp_privesc.txt' ],
],
'DisclosureDate' => 'Nov 8 2014'))

4
modules/auxiliary/admin/http/netflow_file_download.rb
View File

@ -28,8 +28,8 @@ class Metasploit3 < Msf::Auxiliary
[
[ 'CVE', '2014-5445' ],
[ 'OSVDB', '115340' ],
[ 'URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt' ],
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Dec/9' ]
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Dec/9' ],
[ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_netflow_it360_file_dl.txt' ]
],
'DisclosureDate' => 'Nov 30 2014'))

4
modules/auxiliary/admin/http/nexpose_xxe_file_read.rb
View File

@ -29,9 +29,7 @@ class Metasploit4 < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
[ 'URL', 'https://community.rapid7.com/community/nexpose/blog/2013/08/16/r7-vuln-2013-07-24' ],
# Fill this in with the direct advisory URL from Infigo
[ 'URL', 'http://www.infigo.hr/in_focus/advisories/' ]
[ 'URL', 'https://community.rapid7.com/community/nexpose/blog/2013/08/16/r7-vuln-2013-07-24' ]
],
'DefaultOptions' => {
'SSL' => true

4
modules/auxiliary/admin/http/sysaid_admin_acct.rb
View File

@ -27,8 +27,8 @@ class Metasploit3 < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2015-2993' ],
[ 'URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/generic/sysaid-14.4-multiple-vulns.txt' ],
[ 'URL', 'http://seclists.org/fulldisclosure/2015/Jun/8' ]
[ 'URL', 'http://seclists.org/fulldisclosure/2015/Jun/8' ],
[ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/sysaid-14.4-multiple-vulns.txt' ],
],
'DisclosureDate' => 'Jun 3 2015'))

4
modules/auxiliary/admin/http/sysaid_file_download.rb
View File

@ -34,8 +34,8 @@ class Metasploit3 < Msf::Auxiliary
[
['CVE', '2015-2996'],
['CVE', '2015-2997'],
['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/generic/sysaid-14.4-multiple-vulns.txt'],
['URL', 'http://seclists.org/fulldisclosure/2015/Jun/8']
['URL', 'http://seclists.org/fulldisclosure/2015/Jun/8'],
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/sysaid-14.4-multiple-vulns.txt'],
],
'DisclosureDate' => 'Jun 3 2015'))

4
modules/auxiliary/admin/http/sysaid_sql_creds.rb
View File

@ -29,8 +29,8 @@ class Metasploit3 < Msf::Auxiliary
[
['CVE', '2015-2996'],
['CVE', '2015-2998'],
['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/generic/sysaid-14.4-multiple-vulns.txt' ],
['URL', 'http://seclists.org/fulldisclosure/2015/Jun/8']
['URL', 'http://seclists.org/fulldisclosure/2015/Jun/8'],
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/sysaid-14.4-multiple-vulns.txt']
],
'DisclosureDate' => 'Jun 3 2015'))

2
modules/auxiliary/admin/http/wp_custom_contact_forms.rb
View File

@ -5,7 +5,7 @@
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::HTTP::Wordpress
include Msf::Exploit::Remote::HTTP::Wordpress
def initialize(info = {})
super(update_info(info,

2
modules/auxiliary/admin/http/wp_easycart_privilege_escalation.rb
View File

@ -6,7 +6,7 @@
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::HTTP::Wordpress
include Msf::Exploit::Remote::HTTP::Wordpress
def initialize(info = {})
super(update_info(

2
modules/auxiliary/admin/http/wp_wplms_privilege_escalation.rb
View File

@ -6,7 +6,7 @@
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::HTTP::Wordpress
include Msf::Exploit::Remote::HTTP::Wordpress
def initialize(info = {})
super(update_info(

6
modules/auxiliary/admin/postgres/postgres_readfile.rb
View File

@ -21,11 +21,7 @@ class Metasploit3 < Msf::Auxiliary
as well as read privileges to the target file.
},
'Author' => [ 'todb' ],
'License' => MSF_LICENSE,
'References' =>
[
[ 'URL', 'http://michaeldaw.org/sql-injection-cheat-sheet#postgres' ]
]
'License' => MSF_LICENSE
))
register_options(

Some files were not shown because too many files have changed in this diff Show More