Merge pull request rapid7#20035 from bcoles/rubocop-modules-encoders

modules/encoders: Resolve RuboCop violations

Author: adfoster-r7

modules/encoders/cmd/base64.rb

@@ -26,8 +26,7 @@ def initialize
     register_advanced_options(
       [
         OptString.new('Base64Decoder', [ false, 'The binary to use for base64 decoding', '', %w[base64 base64-long base64-short openssl] ])
-      ],
-      self.class
+      ]
     )
   end
 

modules/encoders/cmd/brace.rb

@@ -10,14 +10,14 @@ class MetasploitModule < Msf::Encoder
 
   def initialize
     super(
-      'Name'        => 'Bash Brace Expansion Command Encoder',
+      'Name' => 'Bash Brace Expansion Command Encoder',
       'Description' => %q{
         This encoder uses brace expansion in Bash and other shells
         to avoid whitespace without being overly fancy.
       },
-      'Author'      => ['wvu', 'egypt'],
-      'Platform'    => %w[ linux unix ],
-      'Arch'        => ARCH_CMD,
+      'Author' => ['wvu', 'egypt'],
+      'Platform' => %w[linux unix],
+      'Arch' => ARCH_CMD,
       'EncoderType' => Msf::Encoder::Type::CmdPosixBrace
     )
   end

modules/encoders/cmd/echo.rb

@@ -8,61 +8,50 @@ class MetasploitModule < Msf::Encoder
 
   def initialize
     super(
-      'Name'             => 'Echo Command Encoder',
-      'Description'      => %q{
+      'Name' => 'Echo Command Encoder',
+      'Description' => %q{
         This encoder uses echo and backlash escapes to avoid commonly restricted characters.
       },
-      'Author'           => 'hdm',
-      'Arch'             => ARCH_CMD,
-      'Platform'         => %w[ linux unix ],
-      'EncoderType'      => Msf::Encoder::Type::CmdPosixEcho)
+      'Author' => 'hdm',
+      'Arch' => ARCH_CMD,
+      'Platform' => %w[linux unix],
+      'EncoderType' => Msf::Encoder::Type::CmdPosixEcho)
   end
 
-
   #
   # Encodes the payload
   #
   def encode_block(state, buf)
     # Skip encoding for empty badchars
-    if state.badchars.length == 0
-      return buf
-    end
+    return buf if state.badchars.empty?
 
-    if state.badchars.include?("-")
-      raise EncodingError
-    else
-      # Without an escape character we can't escape anything, so echo
-      # won't work.
-      if state.badchars.include?("\\")
-        raise EncodingError
-      else
-        buf = encode_block_bash_echo(state,buf)
-      end
-    end
+    raise EncodingError if state.badchars.include?('-')
 
-    return buf
+    # echo won't work without an escape character
+    raise EncodingError if state.badchars.include?('\\')
+
+    encode_block_bash_echo(state, buf)
   end
 
   #
   # Uses bash's echo -ne command to hex encode the command string
   #
   def encode_block_bash_echo(state, buf)
-
     hex = ''
 
     # Can we use single quotes to enclose the echo arguments?
     if state.badchars.include?("'")
-      hex = buf.unpack('C*').collect { |c| "\\\\\\x%.2x" % c }.join
+      hex = buf.unpack('C*').collect { |c| '\\\\\\x%.2x' % c }.join
     else
-      hex = "'" + buf.unpack('C*').collect { |c| "\\x%.2x" % c }.join + "'"
+      hex = "'" + buf.unpack('C*').collect { |c| '\\x%.2x' % c }.join + "'"
     end
 
     # Are pipe characters restricted?
-    if state.badchars.include?("|")
+    if state.badchars.include?('|')
       # How about backticks?
-      if state.badchars.include?("`")
+      if state.badchars.include?('`')
         # Last ditch effort, dollar paren
-        if state.badchars.include?("$") or state.badchars.include?("(")
+        if state.badchars.include?('$') || state.badchars.include?('(')
           raise EncodingError
         else
           buf = "$(/bin/echo -ne #{hex})"
@@ -75,7 +64,7 @@ def encode_block_bash_echo(state, buf)
     end
 
     # Remove spaces from the command string
-    if state.badchars.include?(" ")
+    if state.badchars.include?(' ')
       buf.gsub!(/\s/, '${IFS}')
     end
 

modules/encoders/cmd/generic_sh.rb

@@ -10,42 +10,38 @@ class MetasploitModule < Msf::Encoder
 
   def initialize
     super(
-      'Name'             => 'Generic Shell Variable Substitution Command Encoder',
-      'Description'      => %q{
+      'Name' => 'Generic Shell Variable Substitution Command Encoder',
+      'Description' => %q{
         This encoder uses standard Bourne shell variable substitution
       tricks to avoid commonly restricted characters.
       },
-      'Author'           => 'hdm',
-      'Arch'             => ARCH_CMD,
-      'Platform'         => 'unix')
+      'Author' => 'hdm',
+      'Arch' => ARCH_CMD,
+      'Platform' => 'unix')
   end
 
-
   #
   # Encodes the payload
   #
   def encode_block(state, buf)
-
     # Skip encoding for empty badchars
-    if(state.badchars.length == 0)
+    if state.badchars.empty?
       return buf
     end
 
-    if (state.badchars.include?("-"))
+    if state.badchars.include?('-')
       # Then neither of the others will work.  Get rid of spaces and hope
       # for the best.  This obviously won't work if the command already
       # has other badchars in it, in which case we're basically screwed.
-      if (state.badchars.include?(" "))
+      if state.badchars.include?(' ')
         buf.gsub!(/\s/, '${IFS}')
       end
-    else
+    elsif state.badchars.include?('\\')
       # Without an escape character we can't escape anything, so echo
       # won't work.  Try perl.
-      if (state.badchars.include?("\\"))
-        buf = encode_block_perl(state,buf)
-      else
-        buf = encode_block_bash_echo(state,buf)
-      end
+      buf = encode_block_perl(state, buf)
+    else
+      buf = encode_block_bash_echo(state, buf)
     end
 
     return buf
@@ -55,46 +51,43 @@ def encode_block(state, buf)
   # Uses the perl command to hex encode the command string
   #
   def encode_block_perl(state, buf)
-
-    hex = buf.unpack("H*")
+    hex = buf.unpack('H*')
     cmd = 'perl -e '
     qot = ',-:.=+!@#$%^&'
 
     # Find a quoting character to use
     state.badchars.unpack('C*') { |c| qot.delete(c.chr) }
 
     # Throw an error if we ran out of quotes
-    raise EncodingError if qot.length == 0
+    raise EncodingError if qot.empty?
 
     sep = qot[0].chr
 
     # Convert spaces to IFS...
-    if (state.badchars.include?(" "))
+    if state.badchars.include?(' ')
       cmd.gsub!(/\s/, '${IFS}')
     end
 
     # Can we use single quotes to enclose the command string?
-    if (state.badchars.include?("'"))
+    if state.badchars.include?("'")
 
-      if (state.badchars.match(/\(|\)/))
+      if state.badchars.match(/\(|\)/)
 
         # No parenthesis...
         raise EncodingError
       end
 
       cmd << "system\\(pack\\(qq#{sep}H\\*#{sep},qq#{sep}#{hex}#{sep}\\)\\)"
 
-    else
-      if (state.badchars.match(/\(|\)/))
-        if (state.badchars.include?(" "))
-          # No spaces allowed, no parenthesis, give up...
-          raise EncodingError
-        end
-
-        cmd << "'system pack qq#{sep}H*#{sep},qq#{sep}#{hex}#{sep}'"
-      else
-        cmd << "'system(pack(qq#{sep}H*#{sep},qq#{sep}#{hex}#{sep}))'"
+    elsif state.badchars.match(/\(|\)/)
+      if state.badchars.include?(' ')
+        # No spaces allowed, no parenthesis, give up...
+        raise EncodingError
       end
+
+      cmd << "'system pack qq#{sep}H*#{sep},qq#{sep}#{hex}#{sep}'"
+    else
+      cmd << "'system(pack(qq#{sep}H*#{sep},qq#{sep}#{hex}#{sep}))'"
     end
 
     return cmd
@@ -104,22 +97,21 @@ def encode_block_perl(state, buf)
   # Uses bash's echo -ne command to hex encode the command string
   #
   def encode_block_bash_echo(state, buf)
-
     hex = ''
 
     # Can we use single quotes to enclose the echo arguments?
-    if (state.badchars.include?("'"))
-      hex = buf.unpack('C*').collect { |c| "\\\\\\x%.2x" % c }.join
+    if state.badchars.include?("'")
+      hex = buf.unpack('C*').collect { |c| '\\\\\\x%.2x' % c }.join
     else
-      hex = "'" + buf.unpack('C*').collect { |c| "\\x%.2x" % c }.join + "'"
+      hex = "'" + buf.unpack('C*').collect { |c| '\\x%.2x' % c }.join + "'"
     end
 
     # Are pipe characters restricted?
-    if (state.badchars.include?("|"))
+    if state.badchars.include?('|')
       # How about backticks?
-      if (state.badchars.include?("`"))
+      if state.badchars.include?('`')
         # Last ditch effort, dollar paren
-        if (state.badchars.include?("$") or state.badchars.include?("("))
+        if state.badchars.include?('$') || state.badchars.include?('(')
           raise EncodingError
         else
           buf = "$(/bin/echo -ne #{hex})"
@@ -132,7 +124,7 @@ def encode_block_bash_echo(state, buf)
     end
 
     # Remove spaces from the command string
-    if (state.badchars.include?(" "))
+    if state.badchars.include?(' ')
       buf.gsub!(/\s/, '${IFS}')
     end
 

modules/encoders/cmd/ifs.rb

@@ -10,14 +10,14 @@ class MetasploitModule < Msf::Encoder
 
   def initialize
     super(
-      'Name'        => 'Bourne ${IFS} Substitution Command Encoder',
+      'Name' => 'Bourne ${IFS} Substitution Command Encoder',
       'Description' => %q{
         This encoder uses Bourne ${IFS} substitution to avoid whitespace
         without being overly fancy.
       },
-      'Author'      => ['egypt', 'wvu'],
-      'Platform'    => %w[ linux unix ],
-      'Arch'        => ARCH_CMD,
+      'Author' => ['egypt', 'wvu'],
+      'Platform' => %w[linux unix],
+      'Arch' => ARCH_CMD,
       'EncoderType' => Msf::Encoder::Type::CmdPosixIFS
     )
   end