Land #10536, https:// reference check for msftidy

2018-08-29 11:14:42 -05:00 · 2018-08-29 11:14:42 -05:00 · ec9cedf4fc
parent 08e069bbe1
commit ec9cedf4fc
7 changed files with 15 additions and 14 deletions
--- a/modules/auxiliary/dos/http/slowloris.py
+++ b/modules/auxiliary/dos/http/slowloris.py
@ -28,7 +28,7 @@ metadata = {
    'references': [
        {'type': 'cve', 'ref': '2007-6750'},
        {'type': 'cve', 'ref': '2010-2227'},
-        {'type': 'url', 'ref': 'https://www.exploit-db.com/exploits/8976/'},
+        {'type': 'edb', 'ref': '8976'},
        {'type': 'url', 'ref': 'https://github.com/gkbrk/slowloris'}
     ],
    'type': 'dos',
--- a/modules/auxiliary/dos/scada/siemens_siprotec4.rb
+++ b/modules/auxiliary/dos/scada/siemens_siprotec4.rb
@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
          'References'     =>
            [
              [ 'CVE' '2015-5374' ],
-              [ 'URL', 'https://www.exploit-db.com/exploits/44103/' ],
+              [ 'EDB', '44103' ],
              [ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01' ]
            ])
        register_options([Opt::RPORT(50000),])
--- a/modules/auxiliary/dos/tcp/claymore_dos.py
+++ b/modules/auxiliary/dos/tcp/claymore_dos.py
@ -26,7 +26,7 @@ metadata = {

    'references': [
        {'type': 'cve', 'ref': '2018-6317'},
-        {'type': 'url', 'ref': 'https://www.exploit-db.com/exploits/43972/'},
+        {'type': 'edb', 'ref': '43972'},
        {'type': 'url', 'ref': 'https://github.com/nanopool/Claymore-Dual-Miner'}
    ],

--- a/modules/exploits/linux/http/netgear_r7000_cgibin_exec.rb
+++ b/modules/exploits/linux/http/netgear_r7000_cgibin_exec.rb
@ -29,7 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote
        [
          [ 'EDB', '40889'],
          [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=305'],
-          [ 'URL', 'https://www.kb.cert.org/vuls/id/582384'],
+          [ 'US-CERT-VU', '582384'],
          [ 'URL', 'http://kb.netgear.com/000036386/CVE-2016-582384'],
          [ 'CVE', '2016-6277']
        ],
--- a/modules/exploits/windows/misc/hp_imc_dbman_restartdb_unauth_rce.rb
+++ b/modules/exploits/windows/misc/hp_imc_dbman_restartdb_unauth_rce.rb
@ -38,7 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote
          ['CVE', '2017-5816'],
          ['EDB', '43198'],
          ['ZDI', '17-340'],
-          ['URL', 'https://www.securityfocus.com/bid/98469/info'],
+          ['BID', '98469'],
          ['URL', 'https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us']
        ],
      'Platform'       => 'win',
--- a/modules/exploits/windows/misc/hp_imc_dbman_restoredbase_unauth_rce.rb
+++ b/modules/exploits/windows/misc/hp_imc_dbman_restoredbase_unauth_rce.rb
@ -38,7 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote
          ['CVE', '2017-5817'],
          ['EDB', '43195'],
          ['ZDI', '17-341'],
-          ['URL', 'https://www.securityfocus.com/bid/98469/info'],
+          ['BID', '98469'],
          ['URL', 'https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us']
        ],
      'Platform'       => 'win',
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@ -179,17 +179,17 @@ class Msftidy
        when 'PACKETSTORM'
          warn("Invalid PACKETSTORM reference") if value !~ /^\d+$/
        when 'URL' || 'AKA'
-          if value =~ /^http:\/\/cvedetails\.com\/cve/
+          if value =~ /^https?:\/\/cvedetails\.com\/cve/
            warn("Please use 'CVE' for '#{value}'")
-          elsif value =~ /^http:\/\/www\.securityfocus\.com\/bid\//
+          elsif value =~ /^https?:\/\/www\.securityfocus\.com\/bid\//
            warn("Please use 'BID' for '#{value}'")
-          elsif value =~ /^http:\/\/www\.microsoft\.com\/technet\/security\/bulletin\//
+          elsif value =~ /^https?:\/\/www\.microsoft\.com\/technet\/security\/bulletin\//
            warn("Please use 'MSB' for '#{value}'")
          elsif value =~ /^https?:\/\/www\.exploit\-db\.com\/exploits\//
            warn("Please use 'EDB' for '#{value}'")
-          elsif value =~ /^http:\/\/www\.kb\.cert\.org\/vuls\/id\//
+          elsif value =~ /^https?:\/\/www\.kb\.cert\.org\/vuls\/id\//
            warn("Please use 'US-CERT-VU' for '#{value}'")
-          elsif value =~ /^https:\/\/wpvulndb\.com\/vulnerabilities\//
+          elsif value =~ /^https?:\/\/wpvulndb\.com\/vulnerabilities\//
            warn("Please use 'WPVDB' for '#{value}'")
          elsif value =~ /^https?:\/\/(?:[^\.]+\.)?packetstormsecurity\.(?:com|net|org)\//
            warn("Please use 'PACKETSTORM' for '#{value}'")
@ -745,10 +745,11 @@ if __FILE__ == $PROGRAM_NAME
      Find.find(dir) do |full_filepath|
        next if full_filepath =~ /\.git[\x5c\x2f]/
        next unless File.file? full_filepath
-        next unless full_filepath =~ /\.rb$/
-        # Executable files are now assumed to be external modules
-        next if File.executable?(full_filepath)
+        next unless File.extname(full_filepath) == '.rb'
        msftidy = Msftidy.new(full_filepath)
+        # Executable files are now assumed to be external modules
+        # but also check for some content to be sure
+        next if File.executable?(full_filepath) && msftidy.source =~ /require ["']metasploit["']/
        msftidy.run_checks
        @exit_status = msftidy.status if (msftidy.status > @exit_status.to_i)
      end