Commit Graph

144 Commits (59847eb15b8780fd39714462c4d3c44e6a39c31d)

Author SHA1 Message Date
sinn3r 31c0f45b27 Add routine to check bad check codes 2014-01-22 15:26:16 -06:00
William Vu 3a943c719e Implement a whitelist for suspect capitalization 2014-01-21 09:26:16 -06:00
William Vu e7026c10ef Update msftidy to check for double quotes 2014-01-08 20:32:30 -06:00
Tod Beardsley 63d1a78cd2
Remove capturing parens and debug hexes. 2013-11-20 17:53:25 -06:00
Tod Beardsley 637ce058f5
Write a nonstupid regex (2-pass test) 2013-11-20 17:47:19 -06:00
Tod Beardsley 0ec9881a22
Fix stdout/stderr check to avoid ruby payloads
[SeeRM #8498]

This knocks out all the non-datastore editing ERROR messages, so we've
got that going for us. Which is nice.
2013-11-20 17:39:35 -06:00
Tod Beardsley 5ef6c5bb44
Land #2668, avoid tidying nonfiles. 2013-11-20 16:57:57 -06:00
William Vu b75f5a8f45 Avoid crashing when msftidy'ing missing files 2013-11-20 16:36:07 -06:00
William Vu 6c7a98ef47 Be more exact about shebang checking 2013-11-20 15:26:35 -06:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
William Vu 2572d8daad Add #! check to msftidy 2013-11-08 16:11:48 -06:00
William Vu bcc9c760c4 Add +x check to msftidy 2013-11-05 11:50:28 -06:00
sinn3r 079c82d11d
Land #2565 - Show full path in msftidy 2013-10-22 16:05:56 -05:00
William Vu 33c3167362 Show full path instead of just the basename
Since @todb-r7 and I hate having to use find. :/
2013-10-22 14:54:54 -05:00
William Vu 36a7d02001 Update msftidy to check new ZDI reference 2013-10-21 15:31:37 -05:00
Tod Beardsley 07ab53ab39
Merge from master to clear conflict
Conflicts:
	modules/exploits/windows/brightstor/tape_engine_8A.rb
	modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
2013-10-17 13:29:24 -05:00
Tod Beardsley 3fc1a75a6b
Simplify msftidy with Find.find and add fixed()
Also, enforce binary encoding like the other Metasploit tools.

This opens the door to fixing files that have things that could be fixed
programmatically.

    [SeeRM #8497]
2013-10-16 10:40:42 -05:00
Tod Beardsley 81d145ad81
At least offer a solution with msftidy
I would go ahead and fix it for the user, but due to #8497, I can't
yet.
2013-10-15 13:53:38 -05:00
Tod Beardsley e9e6fb7e26
Add msftidy check. 2013-10-15 13:35:52 -05:00
Tod Beardsley 36d058b28c
Warn for tabbed indentation 2013-10-01 12:22:46 -05:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
James Lee 8fe9132159
Land #2358, deprecate funny names 2013-09-18 14:55:33 -05:00
Tod Beardsley 32d2f7ffce Hard tabs for now 2013-09-12 16:15:50 -05:00
Tod Beardsley 52843c6a67 Revert whitespace change to msf_tidy.rb
Causing merge conflicts, I'll re-tab it after this PR lands.

This reverts commit 1178da46c6.
2013-09-12 16:14:42 -05:00
Tod Beardsley 1178da46c6 Normalize indentation or @wchen-r7 will be cross 2013-09-12 16:10:43 -05:00
Tod Beardsley cf27b0b457 Add msftidy check for snake_case.rb filenames 2013-09-12 16:06:17 -05:00
Christian Mehlmauer 40e7f45db4 another regex fix 2013-08-30 16:10:16 +02:00
Christian Mehlmauer 921ec615c7 Bugfix 2013-08-29 21:35:15 +02:00
Christian Mehlmauer 1839af4b89 check for modified datastore 2013-08-29 07:31:17 +02:00
Tod Beardsley ef224b175d Allow for tabs or spaces as indentation
This signals a move to allowing for normal Ruby indentation (2 space
soft tabs). This change will check files for indentation of spaces or of
tabs, since we don't want to fail out all modules quite yet.

For more, see
https://github.com/rapid7/metasploit-framework/wiki/Indentation-Standards
where all details of the conversion plan will be documented in order to
minimize the amount of whitespace conflict we are sure to encounter over
this conversion.
2013-08-07 11:45:46 -05:00
Tod Beardsley 04c2a7367d Uncapitalized function names are rarely improper. 2013-07-01 15:37:22 -05:00
h0ng10 4e42ffd51e msftidy cleanup 2013-04-12 21:39:11 +02:00
h0ng10 f6da02d907 Check for VERBOSE Option 2013-04-12 21:34:15 +02:00
Tod Beardsley fd20eba35e Expanding the title and desc for external_ip
Also allowing the capitalization on "via" to be small.
2013-03-20 14:42:12 -05:00
sinn3r 45db43d2b3 Merge branch 'msftidy/no-twitter-handles' of github.com:todb-r7/metasploit-framework into todb-r7-msftidy/no-twitter-handles 2013-02-04 14:21:40 -06:00
Tod Beardsley e8def29b4f Dropping all twitter handles
Also adds "pbot" as an accepted lowercase word. This will come up pretty
routinley for functions and stuff.
2013-02-01 16:33:52 -06:00
Tod Beardsley 7b6d1f4fdd Actually test alternate rubies. 2013-02-01 13:36:15 -06:00
sinn3r bf013ba65f Add more words to ignore 2013-01-10 01:54:19 -06:00
sinn3r acdce4c876 Correct unicode probs 2013-01-04 14:09:37 -06:00
sinn3r 3dc051c296 Remove return 2012-12-14 11:07:41 -06:00
sinn3r 4011c8dba7 Ignore refs commented out 2012-12-14 10:17:10 -06:00
sinn3r 3297db7bf7 Add function check_ref_identifiers 2012-12-13 17:13:53 -06:00
sinn3r ab26995910 Add more words to ignore 2012-12-13 13:21:34 -06:00
sinn3r 9a2cb7eddf Improve title casing check
Sometimes the first letter of a word shouldn't be capitalized.
If you do, it may actually be technically incorrect.  For example:
a function name, a filename, or even a software name like freeFTPd.
We should ignore scenarios like those.
2012-12-13 13:07:23 -06:00
sinn3r d90d41d706 Allow version or build numbers 2012-12-13 12:47:36 -06:00
sinn3r 438c18472e damn it, typo 2012-12-13 12:44:15 -06:00
sinn3r d8b78868c9 Change case checking code 2012-12-13 12:43:12 -06:00
sinn3r cdb47bfcfc Forgot to uncomment back 2012-12-13 12:31:03 -06:00
sinn3r 6f747f16a0 Add another word to ignore 2012-12-13 12:26:32 -06:00
sinn3r 0c84cd0d01 Ignore function names 2012-12-13 12:22:52 -06:00
sinn3r a049327f21 Ignore certain words 2012-12-13 12:21:22 -06:00
sinn3r 051fe4ddd4 Make exceptions for check_title_format
It's not always possible or technically correct to uppercase every
word.  For example, sometimes a module may contain a filename or
function name.  We should allow these conditions to pass.
2012-12-13 12:11:27 -06:00
sinn3r 014269cd25 Small changes 2012-12-12 15:47:04 -06:00
sinn3r ee1aaac61f Look for SVN keywords that no longer use. 2012-12-12 14:27:08 -06:00
sinn3r 86f41c4e6a Forgot to remove some code 2012-12-12 11:57:28 -06:00
sinn3r 37efe53ac8 I hope this works better 2012-12-12 11:41:36 -06:00
sinn3r a8084d6412 Add badchars check for module title and author names 2012-12-11 16:17:29 -06:00
Tod Beardsley bd0352de19 Delete comment 2012-10-29 08:33:01 -05:00
Tod Beardsley ac90d21725 Msftidy checks for file loads 2012-10-29 08:27:22 -05:00
sinn3r a11d16ea30 More strict on check_disclosure_date 2012-10-14 19:06:36 -05:00
sinn3r 2b9c04318f No more check_executable, check extname instead.
When File.executable?() is used, it checks if the file is an
executable AND that exe permission is set. Well, we don't really
have to set the permission we can still load/use the module. So
really, all we care is the module must be a ".rb" to make sure
it loads at startup.  So that's what we need to check.
2012-10-12 14:37:42 -05:00
sinn3r 2bbbbee381 Make the check_executable warning easier to understand. 2012-10-12 09:33:18 -05:00
sinn3r dc71771dda Change some texts
Changes include:
* Make invalid ranking an error, because it may affect module
  search in msfconsole, or the metasploit site.
* Make invalid disclosure format an error, same concern as above.
* Plus other changes
2012-10-12 09:11:34 -05:00
sinn3r a5cdf5df90 Fix check_executable 2012-10-12 03:16:50 -05:00
sinn3r b89c4d1b7c Rank checking should only run against exploit modules 2012-10-12 03:01:48 -05:00
sinn3r 82189d9f8c Make msftidy's code more manageable, and more helpful output 2012-10-12 02:55:16 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes.
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
2012-09-18 11:25:00 -05:00
Tod Beardsley 90f3e755f5 Commenting out poor naming style checks
Too noisy when run against all the exploits -- it's a good idea but it's
too falsey at the moment to be useful.
2012-03-15 17:00:44 -05:00
Tod Beardsley 9144c33345 MSFTidy check for capitalization in modules
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
sinn3r 28dbaee5ab Do a strip() before regex check 2012-02-21 11:46:52 -06:00
sinn3r 1d71aec916 Fix DisclosureDate regex, and avoid checking Rank naming style 2012-02-21 01:04:05 -06:00
sinn3r ce356402d0 Avoid checking var naming style if it's a JavaScript variable 2012-02-18 17:58:36 -06:00
sinn3r ea5594316f Add feature to check function/variable naming style 2012-02-18 17:29:14 -06:00
sinn3r 4e32bfce22 Add a check for poorly designed arg list 2012-02-13 21:03:13 -06:00
sinn3r 2d35cf4b66 "stack overflow" in exploits most likely means "stack bof". In aux modules, it's "stack exhaustion" 2012-02-05 17:48:05 -06:00
sinn3r caee1bba28 Only flag bad term 'stack overflow' if it's an exploit module. 2012-02-05 16:07:55 -06:00
sinn3r 4027f6180c Better disclosure format check 2012-02-05 15:39:36 -06:00
Jonathan Cran a6d59bd823 special case handler 2012-01-31 20:49:08 -06:00
Jonathan Cran 4d61a12076 add a note so we can alert 2012-01-30 01:52:49 -06:00
Tod Beardsley 7e25f9a6cc Death to unicode
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
Tod Beardsley 7de12fbf02 Adds a (slow) check for checking old rubies
This is mainly to avoid checking in modules that break Ruby 1.8.
Currently not terribly configurable, and since it's slow to
test ruby syntaces against different ruby versions, it's off
by default. Enable by setting an environment variable of
MSF_CHECK_OLD_RUBIES to any value.
2011-12-12 15:12:01 -06:00
Tod Beardsley f503bd9488 Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append. 2011-11-28 17:52:34 -06:00
Tod Beardsley e598a40aca Updating msftidy to not care about SVN specific properties. 2011-11-22 18:33:44 -06:00
James Lee 9cbd759eab better regex for spaces at EOL 2011-11-20 11:34:31 +11:00
Joshua Drake 5caaedca7a enhance msftidy a bit
git-svn-id: file:///home/svn/framework3/trunk@14033 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:07 +00:00
Tod Beardsley 75bcb7cc5c Altering the alert for long line length to only alert on truly stupendously long lines. Otherwise, simply long names and normal registry keys will trip it, which is annoying.
git-svn-id: file:///home/svn/framework3/trunk@13953 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 15:53:19 +00:00
James Lee 785d3da63b get rid of some false positives for writing stdio
git-svn-id: file:///home/svn/framework3/trunk@13749 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 01:57:51 +00:00
Joshua Drake 7dea60c6a4 Now showing which lines are too long!
git-svn-id: file:///home/svn/framework3/trunk@11874 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-04 04:21:16 +00:00
James Lee 2ba50b6663 add checks for long lines and uses of stdio (puts)
git-svn-id: file:///home/svn/framework3/trunk@11806 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 20:20:29 +00:00
Joshua Drake c30bc9cb69 check for exploit rank and disclosure date
git-svn-id: file:///home/svn/framework3/trunk@11051 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:17:03 +00:00
Joshua Drake 6856977331 add a couple more checks
git-svn-id: file:///home/svn/framework3/trunk@11038 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 19:00:47 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake b5a86ad0c2 fix silly keywords oops
git-svn-id: file:///home/svn/framework3/trunk@10987 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 18:07:48 +00:00
Joshua Drake 385450b40d add msftidy.rb script
git-svn-id: file:///home/svn/framework3/trunk@10910 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 00:05:34 +00:00