Commit Graph

3551 Commits (13a5892e95c2c8e86ba5bb650e8bc2fe75b45cd0)

Author SHA1 Message Date
James Lee 13a5892e95 Add a mixin for uploading/executing bins with PHP
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
Tod Beardsley 7d848c7147 Merge remote branch 'origin/bug/fastlib-nested-pathnames' 2012-10-10 17:31:36 -05:00
sinn3r 5ce26c4524 Merge branch 'bug/activerecord-dep' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bug/activerecord-dep 2012-10-09 11:18:02 -05:00
sinn3r 1ba57af00a Merge branch 'master' into bug/windows-pro-modules 2012-10-09 11:15:45 -05:00
Luke Imhoff 2d1fd1c305 Pass file size to read for faster reads on Windows 2012-10-09 11:04:05 -05:00
James Lee 592851e155 Add requires for active_support deps in use
Hash for #assert_valid_keys, Module for #parent.
2012-10-09 02:05:08 -05:00
James Lee b3e27b16d5 Derp, include is a class method 2012-10-09 01:52:19 -05:00
James Lee 227418bd11 Make AR a soft dependency again
Ensures that the absence of activerecord does not prevent msfconsole
from loading. This returns us to the previous state of affairs where it
is possible to use the framework entirely without a database.

To test:
  1. rm -rf lib/gemcache/ruby/1.9.1/gems/activerecord*
  2. remove any locally installed versions of activerecord
  3. msfconsole

msfconsole should load up with a warning like so:

[-] ***
[-] * WARNING: No database support: LoadError cannot load such file -- active_record
[-] ***

... and should still be functional.
2012-10-08 23:07:04 -05:00
HD Moore 8f07a18d74 Fix comment indentation 2012-10-08 17:29:36 -05:00
HD Moore eb0f0fee0c Correct an extra parenthesis 2012-10-08 17:20:25 -05:00
HD Moore 8cdb76d269 Switch to normal String API vs ActiveSupport method 2012-10-08 17:18:40 -05:00
HD Moore 2dce6e6347 FIXRM #7292 by using hex class names 2012-10-08 17:03:41 -05:00
Luke Imhoff 93469604a7 Fix missed rename when adding fastlib under directory
I missed a spot where I referenced the nested_paths as nested_pathnams
after I renamed the variable.  Now, Msf::ModuleManager#add_module_paths
has rspec tests.

Rspec can be invoked with `rake` as the default task or `rake spec`
explicitly.

I changed RuntimeError to ArgumentError since that error  was more
specific to having a bad argument error.  I adding missing dependencies
to the Gemfile and a require to msf/core/db_manager.rb where it errored
out trying to access Msf::Config when I just did require 'msf/core' in
the spec.
2012-10-08 16:14:37 -05:00
HD Moore 6bb1b83de3 Align the comments with the space indents for now 2012-10-08 16:09:12 -05:00
Tod Beardsley 114b7886fa Add back EOF newlines 2012-10-08 12:42:34 -05:00
James Lee 10dafcd09f Fix 1.8 compat with Module#const_defined?
Before 1.9, const_defined? only takes one parameter.
2012-10-08 12:40:18 -05:00
Luke Imhoff ef6dad2bc3 Fix loading binary modules on Windows
[#36737359, #36401509]

Failed to follow HACKING guideline #5, open files in binary mode, so
Pro modules were being truncated on Windows installs.
2012-10-08 09:12:23 -05:00
HD Moore 70061223d3 The use of to_path fails on OS X, switch to to_s 2012-10-06 23:40:08 -05:00
sinn3r 40b2c04c36 Add a redmine link 2012-10-05 00:53:23 -05:00
sinn3r d13878498d Merge branch 'post_file_rename2' of https://github.com/kernelsmith/metasploit-framework into kernelsmith-post_file_rename2 2012-10-05 00:51:53 -05:00
James Lee 9d4427270e Merge branch 'rapid7' into bug/active_support/dependencies-compatibility
[Closes #843]
2012-10-04 17:18:07 -05:00
Luke Imhoff df9db42c32 Fix module reloading
[#36737359]

The merging of reload_module and the various load_module methods
resulted in the module loading from disk, but because the Hash entry in
the module manager was not deleted before on_module_load was called, the
newly reloaded module was logged as an ambiguous module name instead of
a reload.  In order to report the reload errors correctly, I determined
that module_load_error_by_reference_name should really be
module_load_error_by_path.  I eliminated faild in favor of this new name
since failed was just calling the attribute and the attribute's name is
clearer about the format of the data.

Tested by run rexploit and then exiting over and over with
ms08_067_netapi.  When I messed up the file so it couldn't load, by
adding `inclde Exploit` (note mispelling of `include`), it reported the
error to msfconsole.  When I removed the bad line and added a puts
"RELOADING <n>", where I kept incrementing n and saving the file, the
new number appeared during each rexploit.
2012-10-04 16:32:12 -05:00
Luke Imhoff daf9f9abe8 Module load backtraces in log, but not in console
[#36737359]

Write the module_eval backtrace to the log, but only the error's class
and name to Msf::ModuleManager#module_load_error_by_reference_name as
the contents of the Hash are printed in the console, which should never
recieve backtraces.
2012-10-04 13:25:22 -05:00
Luke Imhoff ff46b15871 Fix inverted logic when checking for module load success
[#36737359]

klass should have gone to klass.nil? and and to or when I changed the
test from if to unless.
2012-10-04 11:22:57 -05:00
Luke Imhoff fb266d5eb9 Refactor demand_load_module
[#36737359]

Refactor the behavior of loading symbolic modules from cache by renaming
methods so it's clearer what they do and ensure that cached modules from
Fastlibs and directories can both be loaded, which was not previously
possible since the demand_load_module only called load_module_from_file.
2012-10-04 11:14:08 -05:00
Luke Imhoff b9bf0e6c28 Reuse Msf::Modules::Loader::Base methods
[#36737359]

Use typed_paths method instead of inlining adding MODULE_EXTENSION and
type directory to module_reference_name.
2012-10-03 17:20:23 -05:00
Luke Imhoff 1fd9659c59 Use MODULE_SEPARATOR constant
[#36737359]

Replace literal '::' with pre-existing MODULE_SEPARATOR constant that
was created specifically for this purpose.
2012-10-03 17:20:14 -05:00
Luke Imhoff 9c5350606b Fully-qualify Msf constants.
[#36737359]

On Linux, some of the unqualified constants that resolve on Mac OS X,
don't resolve, so to prevent errors (and because I can't justify why the
unqualified constants should resolve on OS X), I'm qualifying all the
Msf constants that are referenced in the code I've refactored.
2012-10-03 17:17:18 -05:00
Luke Imhoff a21c9b9832 Fix return and calling convention in Msf::ModuleManager::Reloading
[#36737359]

Fix the YARD docs to document the return values and make them consistent
with the modules being called.  Ensure the force flag is passed as an
option to load_modules instead of a positional argument.
2012-10-03 16:48:55 -05:00
Luke Imhoff 7443fed86d Explicitly require 'active_support/concern'
[#36737359]

When starting msfconsole, 'bundler/setup' is not required, the
'msf/env/gemcache' is required instead. Unlike 'bundler/setup' the
msf/env gemcache does not do the automatic requires for gems in the
cache, so explicit requires on 'active_support/concern' is needed to get
ActiveSupport::Concern defined.  (I could have done require
'active_support' to match the behavior of 'bundler/setup', but a smaller
require seemed more appropriate.
2012-10-03 15:42:14 -05:00
kernelsmith 2eef83453d remove unnecessary parens and better comments
removes unnecessary parens (and yes I confirmed they are properly
paired), and adds some comments regarding this as not being an ideal
solution, but rather a stopgap
2012-10-03 15:38:06 -05:00
sinn3r 858fd9ff43 Merge branch 'ropdb' of https://github.com/wchen-r7/metasploit-framework 2012-10-03 15:21:11 -05:00
Luke Imhoff 249a251f26 Remove duplicate reloading message 2012-10-02 18:25:05 -05:00
Luke Imhoff ca0fc0f950 Fully qualify constants in Msf::ModuleSet
Changed lexical scope when I changed the declaration from module Msf;
class ModuleSet to class Msf::ModuleSet so that constants in Msf would
not automatically resolve.
2012-10-02 18:21:24 -05:00
Luke Imhoff 21397a0479 Restructure module_set.rb for easier diff
Taking egypt's advice for making module_set.rb so it will compare
correctly to master branch for diffing.
2012-10-02 16:38:25 -05:00
Luke Imhoff 2d252ab094 Remove unused extend ActiveSupport::Concern
I wasn't using any the features of ActiveSupport::Concern in
Msf::ModuleManager::Reloading, so remove the extend and just include it
as a regular module.
2012-10-02 16:33:11 -05:00
Luke Imhoff 41a0e58b16 Improved docs for ModuleManager and ModuleSet. 2012-10-02 16:26:57 -05:00
sinn3r a526e3d360 Unbreak yourself! 2012-10-01 21:48:05 -05:00
kernelsmith 3d999f13c4 add rename_file method to Msf::Post::File
Came up on IRC, I'm not attached to it, but this commit adds the
rename_file method to lib/msf/core/post/file.rb and aliases it to
move_file and mv_file
2012-10-01 18:14:44 -05:00
sinn3r d832aac629 msftidy caught the space I left in there. 2012-10-01 17:27:00 -05:00
sinn3r f2c7731b39 Add RopDb mixin 2012-10-01 17:09:01 -05:00
Luke Imhoff 555a9f2559 Refactor Msf::ModuleManager
[Fixes #36737359]

Refactor Msf::ModuleManager into concerns so its easier to understand and
duplicate code can be made DRY.  The refactoring also ensures that when
loading from directories, Fastlibs, or reloading, the wrapper module will
always be named so that activesupport/dependencies will function.
2012-10-01 13:09:30 -05:00
HD Moore 49dd19d91d Fallback to system JTR when bundle isnt available 2012-09-30 19:30:16 -07:00
Luke Imhoff 8a2dc0a09f Give ruby Modules that wrap Metasploit modules a name
[#36737359]

active_support/dependencies cannot resolve missing constants in Metasploit
modules because the wrapper module is anonymous.  In order to make the
wrapper module non-anonymous, the module must be assigned to a constant.
Since we don't want modules colliding, the wrapper module needs a unique
name, so use the module lookup name to derive the proper nested module names
to namespace the wrapper module.  All derived modules are nested under
Msf::Modules.  The name derivation handles invalid characters for constant
names such as digits as the first character or non-alphanumeric character.
The invalid constant name characters are converted to their hex value and
prefixed with X, so '-' in a name become 'X2d'.
2012-09-27 12:52:09 -05:00
Tod Beardsley b1ce969c95 Merge remote branch 'kernelsmith/msfconsole-s' 2012-09-20 14:31:55 -05:00
Tod Beardsley cf8edf8570 Touchups to msfconsole command parsing
Move from -s to -x and use a semicolon.
2012-09-20 13:40:01 -05:00
kernelsmith 56d5c13755 adds -s <string> Execute the specified string as console commands to msfconsole
for convenience when you don't need/want a full resource file, you just
want to run something quick
example usage:
# say you have a saved config ready to go on load
./msfconsole -s 'exploit -j'
# you can run multiple commands too
./msfconsole -s 'set ConsoleLogging true\nshow options'
2012-09-20 12:23:48 -05:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
sinn3r c6c59b6df6 Merge branch 'jlee-r7-bug/redmine-7226-rhost-dns' 2012-09-13 11:04:51 -05:00