Commit Graph

144 Commits (59847eb15b8780fd39714462c4d3c44e6a39c31d)

Author SHA1 Message Date
sinn3r a049327f21 Ignore certain words 2012-12-13 12:21:22 -06:00
sinn3r 051fe4ddd4 Make exceptions for check_title_format
It's not always possible or technically correct to uppercase every
word.  For example, sometimes a module may contain a filename or
function name.  We should allow these conditions to pass.
2012-12-13 12:11:27 -06:00
sinn3r 014269cd25 Small changes 2012-12-12 15:47:04 -06:00
sinn3r ee1aaac61f Look for SVN keywords that no longer use. 2012-12-12 14:27:08 -06:00
sinn3r 86f41c4e6a Forgot to remove some code 2012-12-12 11:57:28 -06:00
sinn3r 37efe53ac8 I hope this works better 2012-12-12 11:41:36 -06:00
sinn3r a8084d6412 Add badchars check for module title and author names 2012-12-11 16:17:29 -06:00
Tod Beardsley bd0352de19 Delete comment 2012-10-29 08:33:01 -05:00
Tod Beardsley ac90d21725 Msftidy checks for file loads 2012-10-29 08:27:22 -05:00
sinn3r a11d16ea30 More strict on check_disclosure_date 2012-10-14 19:06:36 -05:00
sinn3r 2b9c04318f No more check_executable, check extname instead.
When File.executable?() is used, it checks if the file is an
executable AND that exe permission is set. Well, we don't really
have to set the permission we can still load/use the module. So
really, all we care is the module must be a ".rb" to make sure
it loads at startup.  So that's what we need to check.
2012-10-12 14:37:42 -05:00
sinn3r 2bbbbee381 Make the check_executable warning easier to understand. 2012-10-12 09:33:18 -05:00
sinn3r dc71771dda Change some texts
Changes include:
* Make invalid ranking an error, because it may affect module
  search in msfconsole, or the metasploit site.
* Make invalid disclosure format an error, same concern as above.
* Plus other changes
2012-10-12 09:11:34 -05:00
sinn3r a5cdf5df90 Fix check_executable 2012-10-12 03:16:50 -05:00
sinn3r b89c4d1b7c Rank checking should only run against exploit modules 2012-10-12 03:01:48 -05:00
sinn3r 82189d9f8c Make msftidy's code more manageable, and more helpful output 2012-10-12 02:55:16 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes.
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
2012-09-18 11:25:00 -05:00
Tod Beardsley 90f3e755f5 Commenting out poor naming style checks
Too noisy when run against all the exploits -- it's a good idea but it's
too falsey at the moment to be useful.
2012-03-15 17:00:44 -05:00
Tod Beardsley 9144c33345 MSFTidy check for capitalization in modules
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
sinn3r 28dbaee5ab Do a strip() before regex check 2012-02-21 11:46:52 -06:00
sinn3r 1d71aec916 Fix DisclosureDate regex, and avoid checking Rank naming style 2012-02-21 01:04:05 -06:00
sinn3r ce356402d0 Avoid checking var naming style if it's a JavaScript variable 2012-02-18 17:58:36 -06:00
sinn3r ea5594316f Add feature to check function/variable naming style 2012-02-18 17:29:14 -06:00
sinn3r 4e32bfce22 Add a check for poorly designed arg list 2012-02-13 21:03:13 -06:00
sinn3r 2d35cf4b66 "stack overflow" in exploits most likely means "stack bof". In aux modules, it's "stack exhaustion" 2012-02-05 17:48:05 -06:00
sinn3r caee1bba28 Only flag bad term 'stack overflow' if it's an exploit module. 2012-02-05 16:07:55 -06:00
sinn3r 4027f6180c Better disclosure format check 2012-02-05 15:39:36 -06:00
Jonathan Cran a6d59bd823 special case handler 2012-01-31 20:49:08 -06:00
Jonathan Cran 4d61a12076 add a note so we can alert 2012-01-30 01:52:49 -06:00
Tod Beardsley 7e25f9a6cc Death to unicode
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
Tod Beardsley 7de12fbf02 Adds a (slow) check for checking old rubies
This is mainly to avoid checking in modules that break Ruby 1.8.
Currently not terribly configurable, and since it's slow to
test ruby syntaces against different ruby versions, it's off
by default. Enable by setting an environment variable of
MSF_CHECK_OLD_RUBIES to any value.
2011-12-12 15:12:01 -06:00
Tod Beardsley f503bd9488 Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append. 2011-11-28 17:52:34 -06:00
Tod Beardsley e598a40aca Updating msftidy to not care about SVN specific properties. 2011-11-22 18:33:44 -06:00
James Lee 9cbd759eab better regex for spaces at EOL 2011-11-20 11:34:31 +11:00
Joshua Drake 5caaedca7a enhance msftidy a bit
git-svn-id: file:///home/svn/framework3/trunk@14033 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:07 +00:00
Tod Beardsley 75bcb7cc5c Altering the alert for long line length to only alert on truly stupendously long lines. Otherwise, simply long names and normal registry keys will trip it, which is annoying.
git-svn-id: file:///home/svn/framework3/trunk@13953 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 15:53:19 +00:00
James Lee 785d3da63b get rid of some false positives for writing stdio
git-svn-id: file:///home/svn/framework3/trunk@13749 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 01:57:51 +00:00
Joshua Drake 7dea60c6a4 Now showing which lines are too long!
git-svn-id: file:///home/svn/framework3/trunk@11874 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-04 04:21:16 +00:00
James Lee 2ba50b6663 add checks for long lines and uses of stdio (puts)
git-svn-id: file:///home/svn/framework3/trunk@11806 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 20:20:29 +00:00
Joshua Drake c30bc9cb69 check for exploit rank and disclosure date
git-svn-id: file:///home/svn/framework3/trunk@11051 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:17:03 +00:00
Joshua Drake 6856977331 add a couple more checks
git-svn-id: file:///home/svn/framework3/trunk@11038 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 19:00:47 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake b5a86ad0c2 fix silly keywords oops
git-svn-id: file:///home/svn/framework3/trunk@10987 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 18:07:48 +00:00
Joshua Drake 385450b40d add msftidy.rb script
git-svn-id: file:///home/svn/framework3/trunk@10910 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 00:05:34 +00:00