metasploit-framework/data/msfweb
kris a30adcdca5 Fix Javascript payload generation in msfweb: was passing the invalid
"javascript", so it now chooses "js_le" or "js_be" based on endianness


git-svn-id: file:///home/svn/framework3/trunk@6042 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-24 06:57:32 +00:00
..
app Fix Javascript payload generation in msfweb: was passing the invalid 2008-12-24 06:57:32 +00:00
config In with the new 2008-11-09 01:18:35 +00:00
doc Initial commit for Ruby on Rails based msfweb and IDE. 2006-09-24 00:21:23 +00:00
patches Adds a monkey-patch for the WEBrick directory traversal flaw 2008-03-06 17:21:45 +00:00
public In with the new 2008-11-09 01:18:35 +00:00
script Initial commit for Ruby on Rails based msfweb and IDE. 2006-09-24 00:21:23 +00:00
vendor/rails Remove test cases from gems 2008-11-17 06:14:09 +00:00
.project Initial commit for Ruby on Rails based msfweb and IDE. 2006-09-24 00:21:23 +00:00
README Initial commit for Ruby on Rails based msfweb and IDE. 2006-09-24 00:21:23 +00:00
Rakefile Initial commit for Ruby on Rails based msfweb and IDE. 2006-09-24 00:21:23 +00:00
TODO Updates 2007-01-19 20:32:33 +00:00
TODO.IDE Adding my todo/design doc 2006-10-16 02:29:31 +00:00

README

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

== Welcome to Rails

Rails is a web-application and persistence framework that includes everything
needed to create database-backed web-applications according to the
Model-View-Control pattern of separation. This pattern splits the view (also
called the presentation) into "dumb" templates that are primarily responsible
for inserting pre-built data in between HTML tags. The model contains the
"smart" domain objects (such as Account, Product, Person, Post) that holds all
the business logic and knows how to persist themselves to a database. The
controller handles the incoming requests (such as Save New Account, Update
Product, Show Post) by manipulating the model and directing data to the view.

In Rails, the model is handled by what's called an object-relational mapping
layer entitled Active Record. This layer allows you to present the data from
database rows as objects and embellish these data objects with business logic
methods. You can read more about Active Record in 
link:files/vendor/rails/activerecord/README.html.

The controller and view are handled by the Action Pack, which handles both
layers by its two parts: Action View and Action Controller. These two layers
are bundled in a single package due to their heavy interdependence. This is
unlike the relationship between the Active Record and Action Pack that is much
more separate. Each of these packages can be used independently outside of
Rails.  You can read more about Action Pack in 
link:files/vendor/rails/actionpack/README.html.


== Getting started

1. Start the web server: <tt>ruby script/server</tt> (run with --help for options)
2. Go to http://localhost:3000/ and get "Welcome aboard: Youre riding the Rails!"
3. Follow the guidelines to start developing your application


== Web servers

Rails uses the built-in web server in Ruby called WEBrick by default, so you don't
have to install or configure anything to play around. 

If you have lighttpd installed, though, it'll be used instead when running script/server.
It's considerably faster than WEBrick and suited for production use, but requires additional
installation and currently only works well on OS X/Unix (Windows users are encouraged
to start with WEBrick). We recommend version 1.4.11 and higher. You can download it from
http://www.lighttpd.net.

If you want something that's halfway between WEBrick and lighttpd, we heartily recommend
Mongrel. It's a Ruby-based web server with a C-component (so it requires compilation) that
also works very well with Windows. See more at http://mongrel.rubyforge.org/.

But of course its also possible to run Rails with the premiere open source web server Apache.
To get decent performance, though, you'll need to install FastCGI. For Apache 1.3, you want
to use mod_fastcgi. For Apache 2.0+, you want to use mod_fcgid.

See http://wiki.rubyonrails.com/rails/pages/FastCGI for more information on FastCGI.

== Example for Apache conf

  <VirtualHost *:80>
    ServerName rails
    DocumentRoot /path/application/public/
    ErrorLog /path/application/log/server.log
  
    <Directory /path/application/public/>
      Options ExecCGI FollowSymLinks
      AllowOverride all
      Allow from all
      Order allow,deny
    </Directory>
  </VirtualHost>

NOTE: Be sure that CGIs can be executed in that directory as well. So ExecCGI
should be on and ".cgi" should respond. All requests from 127.0.0.1 go
through CGI, so no Apache restart is necessary for changes. All other requests
go through FCGI (or mod_ruby), which requires a restart to show changes.


== Debugging Rails

Have "tail -f" commands running on both the server.log, production.log, and
test.log files. Rails will automatically display debugging and runtime
information to these files. Debugging info will also be shown in the browser
on requests from 127.0.0.1.


== Breakpoints

Breakpoint support is available through the script/breakpointer client. This
means that you can break out of execution at any point in the code, investigate
and change the model, AND then resume execution! Example:

  class WeblogController < ActionController::Base
    def index
      @posts = Post.find_all
      breakpoint "Breaking out from the list"
    end
  end
  
So the controller will accept the action, run the first line, then present you
with a IRB prompt in the breakpointer window. Here you can do things like:

Executing breakpoint "Breaking out from the list" at .../webrick_server.rb:16 in 'breakpoint'

  >> @posts.inspect
  => "[#<Post:0x14a6be8 @attributes={\"title\"=>nil, \"body\"=>nil, \"id\"=>\"1\"}>, 
       #<Post:0x14a6620 @attributes={\"title\"=>\"Rails you know!\", \"body\"=>\"Only ten..\", \"id\"=>\"2\"}>]"
  >> @posts.first.title = "hello from a breakpoint"
  => "hello from a breakpoint"

...and even better is that you can examine how your runtime objects actually work:

  >> f = @posts.first 
  => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
  >> f.
  Display all 152 possibilities? (y or n)

Finally, when you're ready to resume execution, you press CTRL-D


== Console

You can interact with the domain model by starting the console through script/console. 
Here you'll have all parts of the application configured, just like it is when the
application is running. You can inspect domain models, change values, and save to the
database. Starting the script without arguments will launch it in the development environment.
Passing an argument will specify a different environment, like <tt>script/console production</tt>.

To reload your controllers and models after launching the console run <tt>reload!</tt>



== Description of contents

app
  Holds all the code that's specific to this particular application.

app/controllers
  Holds controllers that should be named like weblog_controller.rb for
  automated URL mapping. All controllers should descend from
  ActionController::Base.

app/models
  Holds models that should be named like post.rb.
  Most models will descend from ActiveRecord::Base.
  
app/views
  Holds the template files for the view that should be named like
  weblog/index.rhtml for the WeblogController#index action. All views use eRuby
  syntax. This directory can also be used to keep stylesheets, images, and so on
  that can be symlinked to public.
  
app/helpers
  Holds view helpers that should be named like weblog_helper.rb.

app/apis
  Holds API classes for web services.

config
  Configuration files for the Rails environment, the routing map, the database, and other dependencies.

components
  Self-contained mini-applications that can bundle together controllers, models, and views.

db
  Contains the database schema in schema.rb.  db/migrate contains all
  the sequence of Migrations for your schema.

lib
  Application specific libraries. Basically, any kind of custom code that doesn't
  belong under controllers, models, or helpers. This directory is in the load path.
    
public
  The directory available for the web server. Contains subdirectories for images, stylesheets,
  and javascripts. Also contains the dispatchers and the default HTML files.

script
  Helper scripts for automation and generation.

test
  Unit and functional tests along with fixtures.

vendor
  External libraries that the application depends on. Also includes the plugins subdirectory.
  This directory is in the load path.