8cc3070cc8
don't require whitespace
2019-02-25 11:24:30 -06:00
c09c15649f
SideEffects Stability Reliability check
2019-02-21 12:38:26 -06:00
46d7ab9795
don't refer to non-existent idx
2019-02-07 00:42:28 -06:00
d38e12c124
Add URL scheme and Base64.encode64 checks to msftdiy
2019-02-04 21:16:01 +00:00
5e28bccda9
Move msfdb_ws since it is deprecated by msfdb
2019-01-09 23:40:02 -05:00
2b231d33e5
Add comment clarifying why we need the day for ISO
2018-11-16 13:25:01 -06:00
2302acaab7
Accept ISO 8601 DisclosureDate with compatibility
...
Zalgo.
2018-11-16 12:03:01 -06:00
f25d7dbaa8
Revert Date.parse check for DisclosureDate
...
An approximation of https://en.wikipedia.org/wiki/Robustness_principle .
2018-11-16 11:48:44 -06:00
d65ba41e31
Use non-greedy regex against DisclosureDate
...
Zalgo. He comes.
wvu@kharak:~/metasploit-framework:bug/msftidy$ tools/dev/msftidy.rb modules/exploits/unix/webapp/jquery_file_upload.rb
"Oct 9 2018', # Larry"
wvu@kharak:~/metasploit-framework:bug/msftidy$
2018-11-16 11:40:12 -06:00
3dd47b34b0
Rework DisclosureDate check to match core code
...
Framework core uses Date.parse, so many date formats are valid.
There is no reason we shouldn't be using ISO 8601 dates.
2018-11-16 11:05:47 -06:00
a30403dbfe
Improve DisclosureDate regex
2018-11-16 03:46:51 -06:00
02bb2d45d3
Make day in DisclosureDate optional for msftidy
...
Defaults to the first day of the month.
2018-11-16 03:00:39 -06:00
0b8926715e
Reactively check for invalid module names
2018-10-10 14:33:59 -05:00
b012fa1275
Update msftidy
2018-10-06 15:59:05 -05:00
2186322134
Stop being an idiot about the regex and rewrite it
...
There was no reason to shoehorn in zero-length assertions.
2018-10-05 13:50:19 -05:00
05ac3875bc
Improve check_snake_case_filename check in msftidy
...
We also remove the separator, since the file is basenamed.
2018-10-05 11:55:17 -05:00
e753eddb6b
Ignore 'No CVE' warning if NOCVE reason was provided in notes
2018-08-31 16:53:44 -05:00
69d321000e
check double quotes
2018-08-29 06:49:37 +02:00
31d4d4f5ff
expand check
2018-08-29 06:42:01 +02:00
7431ae401b
fix more errors
2018-08-28 13:49:31 +02:00
a66556b436
fix msftidy errors
2018-08-28 13:12:43 +02:00
1381e1f3e0
also check https
2018-08-27 21:44:42 +02:00
9725e90ba7
Fix msftdiy EDB link check
2018-08-26 04:18:38 +00:00
0b0a9bfd32
Remove check_sock_get from run_checks
2018-07-18 09:47:17 -05:00
b78a0878b8
Upgrade info checks to warning
...
Also nix get vs. get_once check, since it's inconsistent in practice.
2018-07-18 00:05:48 -05:00
ae9677c1c2
Rework msftidy retvals
...
INFO should not be an error. Also prevent retval overflow.
2018-07-17 18:11:16 -05:00
d355f51969
Switch warn to info
...
Nothing to warn about, just something to note and check.
2018-07-13 14:55:17 -05:00
b8bdceccb8
Add missing CVE check to msftidy
2018-07-13 14:19:00 -05:00
226ef160ff
Land #9748 , Convert the smbloris DoS into an external module
...
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-02 23:25:10 -05:00
71149e9c68
Remove executable Ruby files from classic loading
2018-03-23 14:49:06 -05:00
8463ed99b0
Add standardised header comments
2018-03-20 11:33:34 +00:00
e1a47cd124
Set permissions on ./tools/*.{rb,exe,sh}
2018-02-09 15:13:09 +00:00
6aebc1fdbd
remove more checks
2018-01-22 16:40:30 -06:00
387f78c6a3
allow UTF-8 module names and authors
2018-01-12 01:51:05 -05:00
7578913058
rework msftidy exit codes
2017-09-15 10:27:04 +02:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
d20036e0fb
revise spelling, add heartbleed and tidy checks
2017-06-28 18:50:20 -04:00
577f4da498
add LICENSE_GEMS generation tool, update licenses
2017-05-10 16:19:03 -05:00
f718ea0dc7
Add self.class check for register_*
2017-04-26 03:56:06 -05:00
f25d7dce54
Add check for require 'msf/core'
2017-04-26 02:54:02 -05:00
228de518f0
Remove horrid title casing check
2017-04-26 02:53:59 -05:00
8549ec9fe3
Update $std{out,err} fix for msftidy
2017-04-06 17:54:07 -05:00
b25f549f32
Fix msftidy false +ves for quote-enclosed stdouts
...
Combined old regex in next if statement with a new one
Now catches stdouts enclosed in quotes on a single line
2017-03-27 18:29:58 -04:00
e23e65ee5f
Fix msftidy's vars_get check for omitted parens
...
Hat tip @bcoles.
2017-02-23 02:13:59 -06:00
e52d67cb8c
add architecture check
2016-11-20 19:09:26 -06:00
5b4f96eeac
remove more refs
2016-09-20 14:31:28 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
7a321c7350
Import, sign, and publish signed dev keys
...
This largely automates the process of importing developer keys,
much like `import-dev-keys.sh`, but also takes the additional, sadly
manual step of signing the key with your default key, and uploading
those keys to https://sks-keyservers.net .
In effect, you are stating that you trust keys published on keybase.io
and are listed as such on the official Metasploit-Framework development
wiki.
If your own default key either has no passphrase, or has a passphrase
cached in a keymanager, the process merely requires you hit `y` for
every key, and `y` again for keys with multiple IDs. Otherwise, you
will need to provide your passphrase for each signing. Temporarily
removing the passphrase alleviates this pain.
Of course, this assumes you actually trust the development wiki
and keybase to do the right thing. The tradition is to individually
verify each key through some personally invented means, such as in
person with a government ID check.
Note that `import-dev-keys.sh` currently lists a number of keys
not on Keybase, and that functionality has not been carried over
to this script.
2016-07-06 10:33:02 -05:00
cc30ece6ce
tell the user what to do
2016-06-14 11:54:55 -05:00
Brent Cook
Jacob Robles
Brendan Coles
Matthew Kienow
William Vu
Wei Chen
Erin Bleiweiss
Christian Mehlmauer
Adam Cammack
g0tmi1k
Brent Cook
Bryan Chu
Tod Beardsley