Skip to content

Commit 03ad810

Browse files
committed
Merge pull request #1 from Meatballs1/land_2551
Some changes and cleanup.
2 parents 868b70c + d53b56c commit 03ad810

File tree

3,346 files changed

+88173
-33497
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

3,346 files changed

+88173
-33497
lines changed

.gitignore

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,3 +41,13 @@ tags
4141
*~
4242
# Ignore backups of retabbed files
4343
*.notab
44+
45+
# ignore Visual Studio external source garbage
46+
*.suo
47+
*.sdf
48+
*.opensdf
49+
*.user
50+
51+
# ignore release/debug folders for exploits
52+
external/source/exploits/**/Debug
53+
external/source/exploits/**/Release

.gitmodules

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
[submodule "external/source/ReflectiveDLLInjection"]
2+
path = external/source/ReflectiveDLLInjection
3+
url = https://github.com/rapid7/ReflectiveDLLInjection.git

.mailmap

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,22 +2,27 @@ bturner-r7 <bturner-r7@github> Brandon Turner <[email protected]>
22
dmaloney-r7 <dmaloney-r7@github> David Maloney <[email protected]>
33
dmaloney-r7 <dmaloney-r7@github> David Maloney <[email protected]> # aka TheLightCosine
44
ecarey-r7 <ecarey-r7@github> Erran Carey <[email protected]>
5+
farias-r7 <farias-r7@github> Fernando Arias <[email protected]>
56
hmoore-r7 <hmoore-r7@github> HD Moore <[email protected]>
67
hmoore-r7 <hmoore-r7@github> HD Moore <[email protected]>
78
jlee-r7 <jlee-r7@github> egypt <[email protected]> # aka egypt
89
jlee-r7 <jlee-r7@github> James Lee <[email protected]> # aka egypt
910
jlee-r7 <jlee-r7@github> James Lee <[email protected]>
11+
joev-r7 <joev-r7@github> joev <[email protected]>
1012
joev-r7 <joev-r7@github> Joe Vennix <[email protected]>
1113
jvazquez-r7 <jvazquez-r7@github> jvazquez-r7 <[email protected]>
14+
jvazquez-r7 <jvazquez-r7@github> jvazquez-r7 <[email protected]>
1215
limhoff-r7 <limhoff-r7@github> Luke Imhoff <[email protected]>
1316
shuckins-r7 <shuckins-r7@github> Samuel Huckins <[email protected]>
14-
tasos-r7 <tasos-r7@github> Tasos Laskos <[email protected]>
1517
todb-r7 <todb-r7@github> Tod Beardsley <[email protected]>
1618
todb-r7 <todb-r7@github> Tod Beardsley <[email protected]>
19+
todb-r7 <todb-r7@github> Tod Beardsley <[email protected]>
20+
trosen-r7 <trosen-r7@github> Trevor Rosen <[email protected]>
1721
wchen-r7 <wchen-r7@github> sinn3r <[email protected]> # aka sinn3r
1822
wchen-r7 <wchen-r7@github> sinn3r <[email protected]>
1923
wchen-r7 <wchen-r7@github> Wei Chen <[email protected]>
2024
wvu-r7 <wvu-r7@github> William Vu <[email protected]>
25+
wvu-r7 <wvu-r7@github> William Vu <[email protected]>
2126
wvu-r7 <wvu-r7@github> William Vu <[email protected]>
2227

2328
# Above this line are current Rapid7 employees. Below this paragraph are
@@ -38,8 +43,8 @@ Chao-mu <Chao-Mu@github> chao-mu <[email protected]>
3843
Chao-mu <Chao-Mu@github> chao-mu <chao@confusion.(none)>
3944
ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <[email protected]>
4045
ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <[email protected]>
41-
corelanc0d3er <corelanc0d3er@github> corelanc0d3r <[email protected]>
42-
corelanc0d3er <corelanc0d3er@github> Peter Van Eeckhoutte (corelanc0d3r) <[email protected]>
46+
corelanc0d3r <corelanc0d3r@github> corelanc0d3r <[email protected]>
47+
corelanc0d3r <corelanc0d3r@github> Peter Van Eeckhoutte (corelanc0d3r) <[email protected]>
4348
darkoperator <darkoperator@github> Carlos Perez <[email protected]>
4449
efraintorres <efraintorres@github> efraintorres <[email protected]>
4550
efraintorres <efraintorres@github> et <>
@@ -66,11 +71,22 @@ nevdull77 <nevdull77@github> Patrik Karlsson <[email protected]>
6671
nmonkee <nmonkee@github> nmonkee <[email protected]>
6772
nullbind <nullbind@github> nullbind <[email protected]>
6873
ohdae <ohdae@github> ohdae <[email protected]>
74+
OJ <oj@github> OJ Reeves <[email protected]>
75+
OJ <oj@github> OJ <[email protected]>
6976
r3dy <r3dy@github> Royce Davis <[email protected]>
7077
r3dy <r3dy@github> Royce Davis <[email protected]>
78+
Rick Flores <[email protected]> Rick Flores (nanotechz9l) <[email protected]>
7179
rsmudge <rsmudge@github> Raphael Mudge <[email protected]> # Aka `butane
7280
schierlm <schierlm@github> Michael Schierl <[email protected]> # Aka mihi
7381
scriptjunkie <scriptjunkie@github> Matt Weeks <[email protected]>
7482
skape <skape@???> Matt Miller <[email protected]>
7583
spoonm <spoonm@github> Spoon M <[email protected]>
7684
swtornio <swtornio@github> Steve Tornio <[email protected]>
85+
Tasos Laskos <[email protected]> Tasos Laskos <[email protected]>
86+
TrustedSec <[email protected]> trustedsec <[email protected]>
87+
88+
# Aliases for utility author names. Since they're fake, typos abound
89+
90+
Tab Assassin <[email protected]> Tabasssassin <[email protected]>
91+
Tab Assassin <[email protected]> Tabassassin <[email protected]>
92+
Tab Assassin <[email protected]> TabAssassin <[email protected]>

.rspec

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
--color
2-
--format documentation
2+
--format Fivemat

.ruby-version

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
1.9.3-p448
1+
1.9.3-p484

.travis.yml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,15 @@
11
language: ruby
2+
env: MSF_SPOTCHECK_RECENT=1
23
before_install:
4+
- rake --version
35
- sudo apt-get update -qq
46
- sudo apt-get install -qq libpcap-dev
57
before_script:
8+
- ./tools/msftidy.rb
69
- cp config/database.yml.travis config/database.yml
7-
- rake db:create
8-
- rake db:migrate
10+
- bundle exec rake --version
11+
- bundle exec rake db:create
12+
- bundle exec rake db:migrate
913

1014
rvm:
1115
#- '1.8.7'

CONTRIBUTING.md

Lines changed: 66 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -1,44 +1,68 @@
11
# Contributing to Metasploit
22

3-
## Reporting Bugs
4-
5-
If you would like to report a bug, please take a look at [our Redmine
6-
issue
7-
tracker](https://dev.metasploit.com/redmine/projects/framework/issues?query_id=420)
8-
-- your bug may already have been reported there! Simply [searching](https://dev.metasploit.com/redmine/projects/framework/search) for some appropriate keywords may save everyone a lot of hassle.
9-
10-
If your bug is new and you'd like to report it you will need to
11-
[register
12-
first](https://dev.metasploit.com/redmine/account/register). Don't
13-
worry, it's easy and fun and takes about 30 seconds.
14-
15-
When you file a bug report, please include your **steps to reproduce**,
16-
full copy-pastes of Ruby stack traces, and any relevant details about
17-
your environment. Without repro steps, your bug will likely be closed.
18-
With repro steps, your bugs will likely be fixed.
19-
20-
## Contributing Metasploit Modules
21-
22-
If you have an exploit that you'd like to contribute to the Metasploit
23-
Framework, please familiarize yourself with the
24-
**[HACKING](https://github.com/rapid7/metasploit-framework/blob/master/HACKING)**
25-
document in the
26-
Metasploit-Framework repository. There are many mysteries revealed in
27-
HACKING concerning code style and content.
28-
29-
[Pull requests](https://github.com/rapid7/metasploit-framework/pulls)
30-
should corellate with modules at a 1:1 ratio
31-
-- there is rarely a good reason to have two, three, or ten modules on
32-
one pull request, as this dramatically increases the review time
33-
required to land (commit) any of those modules.
34-
35-
Pull requests tend to be very collaborative for Metasploit -- do not be
36-
surprised if your pull request to rapid7/metasploit-framework triggers a
37-
pull request back to your own fork. In this way, we can isolate working
38-
changes before landing your PR to the Metasploit master branch.
39-
40-
To save yourself the embarrassment of committing common errors, you will
41-
want to symlink the `msftidy.rb` utility to your pre-commit hooks by
42-
running `ln -s ../../tools/dev/pre-commit-hook.rb .git/hooks/pre-commit`
43-
from the top-level directory of your metasploit-framework clone. This
44-
will prevent you from committing modules that raise WARNINGS or ERRORS.
3+
Thanks for your interest in making Metasploit -- and therefore, the
4+
world -- a better place! What you see here in CONTRIBUTING.md is a
5+
bullet-point list of the do's and don'ts of how to make sure *your*
6+
valuable contributions actually make it into Metasploit's master branch.
7+
8+
If you care not to follow these rules, your contribution **will** be
9+
closed (*Road House* style). Sorry!
10+
11+
Incidentally, this is a **short** list. The
12+
[wiki](https://github.com/rapid7/metasploit-framework/wiki) is much more
13+
exhaustive and reveals many mysteries. If you read nothing else, take a
14+
look at the standard [development environment setup
15+
guide](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment)
16+
and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes).
17+
18+
## Code Contributions
19+
20+
* **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
21+
* **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
22+
* **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
23+
24+
### Pull Requests
25+
26+
* **Do** specify a descriptive title to make searching for your pull request easier.
27+
* **Do** include [console output](https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks), especially for witnessable effects in `msfconsole`.
28+
* **Do** list [verification steps](https://help.github.com/articles/writing-on-github#task-lists) so your code is testable.
29+
* **Don't** leave your pull request description blank.
30+
* **Don't** abandon your pull request. Being responsive helps us land your code faster.
31+
32+
Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940) and [#3043](https://github.com/rapid7/metasploit-framework/pull/3043) are a couple good examples to follow.
33+
34+
#### New Modules
35+
36+
* **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up. Even better would be to set up `msftidy.rb` as a [pre-commit hook](https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb).
37+
* **Do** use the [API](https://dev.metasploit.com/documents/api/). Wheel improvements are welcome; wheel reinventions, not so much.
38+
* **Don't** include more than one module per pull request.
39+
40+
#### Library Code
41+
42+
* **Do** write [RSpec](http://rspec.info/) tests - even the smallest change in library land can thoroughly screw things up.
43+
* **Do** follow [Better Specs](http://betterspecs.org/) - it's like the style guide for specs.
44+
* **Do** write [YARD](http://yardoc.org/) documentation - this makes it easier for people to use your code.
45+
46+
#### Bug Fixes
47+
48+
* **Do** include reproduction steps in the form of verification steps.
49+
* **Do** include a link to the corresponding [Redmine](https://dev.metasploit.com/redmine/projects/framework) issue in the format of `SeeRM #1234` in your commit description.
50+
51+
## Bug Reports
52+
53+
* **Do** report vulnerabilities in Rapid7 software to [email protected].
54+
* **Do** create a Redmine account and report your bug there.
55+
* **Do** write a detailed description of your bug and use a descriptive title.
56+
* **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
57+
* **Don't** file duplicate reports - search for your bug before filing a new report.
58+
* **Don't** report a bug on GitHub. Use [Redmine](https://dev.metasploit.com/redmine/projects/framework) instead.
59+
60+
Redmine issues [#8762](https://dev.metasploit.com/redmine/issues/8762) and [#8764](https://dev.metasploit.com/redmine/issues/8764) are a couple good examples to follow.
61+
62+
If you need some more guidance, talk to the main body of open
63+
source contributors over on the [Freenode IRC channel](http://webchat.freenode.net/?channels=%23metasploit&uio=d4)
64+
or e-mail us at [metasploit-hackers](https://lists.sourceforge.net/lists/listinfo/metasploit-hackers)
65+
mailing list.
66+
67+
Also, **thank you** for taking the few moments to read this far! You're
68+
already way ahead of the curve, so keep it up!

COPYING

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
Copyright (C) 2006-2013, Rapid7 Inc.
1+
Copyright (C) 2006-2013, Rapid7, Inc.
22
All rights reserved.
33

44
Redistribution and use in source and binary forms, with or without modification,

Gemfile

Lines changed: 35 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ source 'https://rubygems.org'
22

33
# Need 3+ for ActiveSupport::Concern
44
gem 'activesupport', '>= 3.0.0'
5+
# Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
6+
gem 'bcrypt-ruby'
57
# Needed for some admin modules (scrutinizer_add_user.rb)
68
gem 'json'
79
# Needed by msfgui and other rpc components
@@ -14,48 +16,50 @@ gem 'robots'
1416
gem 'packetfu', '1.1.9'
1517

1618
group :db do
17-
# Needed for Msf::DbManager
18-
gem 'activerecord'
19-
# Database models shared between framework and Pro.
20-
gem 'metasploit_data_models', '~> 0.16.6'
21-
# Needed for module caching in Mdm::ModuleDetails
22-
gem 'pg', '>= 0.11'
19+
# Needed for Msf::DbManager
20+
gem 'activerecord'
21+
# Database models shared between framework and Pro.
22+
gem 'metasploit_data_models', '~> 0.17.0'
23+
# Needed for module caching in Mdm::ModuleDetails
24+
gem 'pg', '>= 0.11'
2325
end
2426

2527
group :pcap do
2628
gem 'network_interface', '~> 0.0.1'
27-
# For sniffer and raw socket modules
28-
gem 'pcaprub'
29+
# For sniffer and raw socket modules
30+
gem 'pcaprub'
2931
end
3032

3133
group :development do
32-
# Markdown formatting for yard
33-
gem 'redcarpet'
34-
# generating documentation
35-
gem 'yard'
34+
# Markdown formatting for yard
35+
gem 'redcarpet'
36+
# generating documentation
37+
gem 'yard'
3638
end
3739

3840
group :development, :test do
39-
# supplies factories for producing model instance for specs
40-
# Version 4.1.0 or newer is needed to support generate calls without the
41-
# 'FactoryGirl.' in factory definitions syntax.
42-
gem 'factory_girl', '>= 4.1.0'
43-
# running documentation generation tasks and rspec tasks
44-
gem 'rake', '>= 10.0.0'
41+
# supplies factories for producing model instance for specs
42+
# Version 4.1.0 or newer is needed to support generate calls without the
43+
# 'FactoryGirl.' in factory definitions syntax.
44+
gem 'factory_girl', '>= 4.1.0'
45+
# Make rspec output shorter and more useful
46+
gem 'fivemat', '1.2.1'
47+
# running documentation generation tasks and rspec tasks
48+
gem 'rake', '>= 10.0.0'
4549
end
4650

4751
group :test do
48-
# Removes records from database created during tests. Can't use rspec-rails'
49-
# transactional fixtures because multiple connections are in use so
50-
# transactions won't work.
51-
gem 'database_cleaner'
52-
# testing framework
53-
gem 'rspec', '>= 2.12'
54-
gem 'shoulda-matchers'
55-
# code coverage for tests
56-
# any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
57-
# see: https://github.com/colszowka/simplecov/issues/127 (hopefully fixed in 0.8.0)
58-
gem 'simplecov', '0.5.4', :require => false
59-
# Manipulate Time.now in specs
60-
gem 'timecop'
52+
# Removes records from database created during tests. Can't use rspec-rails'
53+
# transactional fixtures because multiple connections are in use so
54+
# transactions won't work.
55+
gem 'database_cleaner'
56+
# testing framework
57+
gem 'rspec', '>= 2.12'
58+
gem 'shoulda-matchers'
59+
# code coverage for tests
60+
# any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
61+
# see: https://github.com/colszowka/simplecov/issues/127 (hopefully fixed in 0.8.0)
62+
gem 'simplecov', '0.5.4', :require => false
63+
# Manipulate Time.now in specs
64+
gem 'timecop'
6165
end

Gemfile.lock

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,14 +13,16 @@ GEM
1313
i18n (~> 0.6, >= 0.6.4)
1414
multi_json (~> 1.0)
1515
arel (3.0.2)
16+
bcrypt-ruby (3.1.2)
1617
builder (3.0.4)
1718
database_cleaner (1.1.1)
1819
diff-lcs (1.2.4)
1920
factory_girl (4.2.0)
2021
activesupport (>= 3.0.0)
22+
fivemat (1.2.1)
2123
i18n (0.6.5)
2224
json (1.8.0)
23-
metasploit_data_models (0.16.6)
25+
metasploit_data_models (0.17.0)
2426
activerecord (>= 3.2.13)
2527
activesupport
2628
pg
@@ -60,10 +62,12 @@ PLATFORMS
6062
DEPENDENCIES
6163
activerecord
6264
activesupport (>= 3.0.0)
65+
bcrypt-ruby
6366
database_cleaner
6467
factory_girl (>= 4.1.0)
68+
fivemat (= 1.2.1)
6569
json
66-
metasploit_data_models (~> 0.16.6)
70+
metasploit_data_models (~> 0.17.0)
6771
msgpack
6872
network_interface (~> 0.0.1)
6973
nokogiri

0 commit comments

Comments
 (0)