Commit Graph

47 Commits (27174e2bfdea94f1c60af778eed5e29623a8426f)

Author SHA1 Message Date
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
root 51dd88114b Fix grammer in comments 2015-04-13 13:21:41 +05:00
Luke Imhoff b863978028
Remove fastlib
MSP-11368
MSP-11143

Remove fastlib as it slows down the code loading process.  From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10).  The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10).  This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging"
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
2014-08-22 10:17:44 -05:00
HD Moore 5e123e024d Add 'coding: binary' to all msf/rex library files
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
Luke Imhoff 6603443df4
Add missing require
MSP-10998
2014-08-01 21:54:41 -05:00
Luke Imhoff 9096a8a1f5
Remove Msf::Framework::VersionAPI
MSP-10998

It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
2014-08-01 21:43:14 -05:00
Luke Imhoff 22db5aad8a
Remove Msf::Framework::VersionCore
MSP-10998

It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
2014-08-01 21:31:48 -05:00
Christian Mehlmauer 57839e0f4b
Fix some yardoc issues 2014-07-22 23:26:50 +02:00
Meatballs 3542f851bf Fix some yarddoc issues 2014-05-05 22:45:41 +02:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
sinn3r a0decf502f Refactor msfcli 2013-07-28 12:40:50 -05:00
sinn3r 0fd2c385fb Update documentation 2013-07-24 19:02:10 -05:00
sinn3r e266d1bd0a Add comment about opts 2013-07-24 19:00:58 -05:00
sinn3r a71d7eb372 Update archive.rb to handle whitelist 2013-07-24 18:59:43 -05:00
sinn3r 9ae550c883 Do if [].empty?. Avoid msfcli running as a job 2013-07-24 18:35:06 -05:00
sinn3r ed51d284fa Change name, change how data is passed, fix rspec 2013-07-24 17:15:56 -05:00
sinn3r e120ecfba9 msfcli is designed to load only one module (auxiliary or exploit),
so we shouldn't have to load all of them to run this utility. The
overall goal of this PR is to narrow down what modules
(exploit/aux + payload + encoder + nop) you possibly need in order
to shave off loading time. By doing this, on my box this is 5-6
seconds faster than the original one.

I actually tried to avoid making too many changes in the library
(such as Module Manager), because we don't have test cases for them,
and we can't really afford to risk breaking it. I also developed
a test script to actually be able to test msfcli.
2013-07-24 14:40:46 -05:00
Luke Imhoff 2317e9cced Fix yard tag warnings
[#46491831]
2013-03-30 17:13:12 -05:00
Luke Imhoff 7ed2812ec3 Fix Cannot resolve link YARD warnings
[#46491831]
2013-03-30 16:58:49 -05:00
James Lee f4476cb1b7 Really fix payload recalculation
Instead of deleting all non-symbolics before the re-adding phase of
PayloadSet#recalculate, store a list of old module names, populate a
list of new ones during the re-adding phase, and finally remove any
non-symbolic module that was in the old list but wasn't in the new list.

Also includes a minor refactoring to make ModuleManager its own thing
instead of being an awkard subclass of ModuleSet. Now PayloadSet doesn't
need to know about the existence of framework.modules, which makes the
separation a little more natural.

[FixRM #7037]
2012-12-03 22:23:40 -06:00
James Lee 26a145e527 Always overwrite the old module even when ambiguous 2012-11-07 18:51:12 -06:00
James Lee 3a572625f5 return inside a block returns from outer method
So no need to check its return value.
2012-11-07 17:43:22 -06:00
James Lee aaa5a3c0bb Add "Call stack:" to the log when a module load fails 2012-11-07 12:48:55 -06:00
Luke Imhoff 16407f91c8 Rescue Errno::ENOENT from File.open in read_module_content
[Fixes #38426061, #38097411]

Msf::Modules::Loader::Directory#read_module_content may calculate a non-existent
module_path that gets passed to File.open causing an Errno::ENOENT exception
to be raised when using the module cache with a module that has been
moved to a new path (as is the case that originally found this bug) or
deleted.  Now, the exception is rescued and read_module_content returns
an empty string (''), which load_module detects with
module_content.empty? and returns earlier without attempting to module
eval the (empty) content.

As having Msf::Modules::Loader::Directory#read_module_content rescue the
exception, meant there was another place that needed to log and error
and store an error in Msf::ModuleManager#module_load_error_by_path, I
refactored the error reporting to call
Msf::Modules::Loader::Base#load_error, which handles writing to the log
and setting the Hash, so the error reporting is consistent across the
loaders.

The exception hierarchy was also refactored so that
namespace_module.metasploit_class now has an error raising counter-part:
namespace_module.metasploit_class! that can be used with
Msf::Modules::Loader::Base#load_error as it requires an exception, and
not just a string so the exception class, message, and backtrace can be
logged.
2012-11-06 17:38:38 -06:00
Luke Imhoff 471ac6d15d Use typed_enable?(type) instead of protected enablement_by_type[type]
Msf::Modules::Loader::Archive#each_module_reference_name tried to check
the enabled types for the module_manager by accessing the
enabledment_by_type Hash, which is protected.  Instead, it should use
the public type_enabled? method.

Add specs to test all of Msf::Modules::Loader::Archive while testing
each_module_reference_name.  In order to properly test that modules
could be found in archives, I had to produce a fastlib archive, so there
is now a spec for FastLib.dump and FastLib.load.  Some specs are marked
pending as I found a bug in FastLib, which has a work-around.  The bug
is filed in PivotalTracker as
https://www.pivotaltracker.com/story/show/38730815 and the pending tests
include the URL also in their tags.
2012-10-31 11:43:28 -05:00
Luke Imhoff 69a8739d52 Pass module_path instead of parent_path to file_changed?
[Fixes #37630057]

Modules were always being detected as having file changes because the
parent_path directory, instead of the actual module_path, was being
passed to module_manager.file_changed?, which caused the modification
times to not match.

To ensure this change fixes the ambiguous module warnings, a full spec
for Msf::Core::Modules::Loader::Base has been written.

spec/msf has moved to spec/lib/msf to match conventional spec layout and
allow for the spec/support directory to not be confused as a lib
subdirectory being tested.
2012-10-24 15:11:53 -05:00
sinn3r 1ba57af00a Merge branch 'master' into bug/windows-pro-modules 2012-10-09 11:15:45 -05:00
Luke Imhoff 2d1fd1c305 Pass file size to read for faster reads on Windows 2012-10-09 11:04:05 -05:00
HD Moore 8f07a18d74 Fix comment indentation 2012-10-08 17:29:36 -05:00
HD Moore eb0f0fee0c Correct an extra parenthesis 2012-10-08 17:20:25 -05:00
HD Moore 8cdb76d269 Switch to normal String API vs ActiveSupport method 2012-10-08 17:18:40 -05:00
HD Moore 2dce6e6347 FIXRM #7292 by using hex class names 2012-10-08 17:03:41 -05:00
HD Moore 6bb1b83de3 Align the comments with the space indents for now 2012-10-08 16:09:12 -05:00
Tod Beardsley 114b7886fa Add back EOF newlines 2012-10-08 12:42:34 -05:00
James Lee 10dafcd09f Fix 1.8 compat with Module#const_defined?
Before 1.9, const_defined? only takes one parameter.
2012-10-08 12:40:18 -05:00
Luke Imhoff ef6dad2bc3 Fix loading binary modules on Windows
[#36737359, #36401509]

Failed to follow HACKING guideline #5, open files in binary mode, so
Pro modules were being truncated on Windows installs.
2012-10-08 09:12:23 -05:00
HD Moore 70061223d3 The use of to_path fails on OS X, switch to to_s 2012-10-06 23:40:08 -05:00
Luke Imhoff df9db42c32 Fix module reloading
[#36737359]

The merging of reload_module and the various load_module methods
resulted in the module loading from disk, but because the Hash entry in
the module manager was not deleted before on_module_load was called, the
newly reloaded module was logged as an ambiguous module name instead of
a reload.  In order to report the reload errors correctly, I determined
that module_load_error_by_reference_name should really be
module_load_error_by_path.  I eliminated faild in favor of this new name
since failed was just calling the attribute and the attribute's name is
clearer about the format of the data.

Tested by run rexploit and then exiting over and over with
ms08_067_netapi.  When I messed up the file so it couldn't load, by
adding `inclde Exploit` (note mispelling of `include`), it reported the
error to msfconsole.  When I removed the bad line and added a puts
"RELOADING <n>", where I kept incrementing n and saving the file, the
new number appeared during each rexploit.
2012-10-04 16:32:12 -05:00
Luke Imhoff daf9f9abe8 Module load backtraces in log, but not in console
[#36737359]

Write the module_eval backtrace to the log, but only the error's class
and name to Msf::ModuleManager#module_load_error_by_reference_name as
the contents of the Hash are printed in the console, which should never
recieve backtraces.
2012-10-04 13:25:22 -05:00
Luke Imhoff fb266d5eb9 Refactor demand_load_module
[#36737359]

Refactor the behavior of loading symbolic modules from cache by renaming
methods so it's clearer what they do and ensure that cached modules from
Fastlibs and directories can both be loaded, which was not previously
possible since the demand_load_module only called load_module_from_file.
2012-10-04 11:14:08 -05:00
Luke Imhoff b9bf0e6c28 Reuse Msf::Modules::Loader::Base methods
[#36737359]

Use typed_paths method instead of inlining adding MODULE_EXTENSION and
type directory to module_reference_name.
2012-10-03 17:20:23 -05:00
Luke Imhoff 1fd9659c59 Use MODULE_SEPARATOR constant
[#36737359]

Replace literal '::' with pre-existing MODULE_SEPARATOR constant that
was created specifically for this purpose.
2012-10-03 17:20:14 -05:00
Luke Imhoff 41a0e58b16 Improved docs for ModuleManager and ModuleSet. 2012-10-02 16:26:57 -05:00
Luke Imhoff 555a9f2559 Refactor Msf::ModuleManager
[Fixes #36737359]

Refactor Msf::ModuleManager into concerns so its easier to understand and
duplicate code can be made DRY.  The refactoring also ensures that when
loading from directories, Fastlibs, or reloading, the wrapper module will
always be named so that activesupport/dependencies will function.
2012-10-01 13:09:30 -05:00