Adds a few metrics-based tools and a mailmap

This merge adds four new tools:

  * .mailmap : allows for easier identification of committers
  * tools/module_count.rb : Spits out a current count of modules
  * tools/module_commits.rb: Spits out who commited to a module
  * tools/committer_counts.rb : Spits out commiters by commit counts

This was part of a long-running feature branch, which is why it's now
bundled up in one big squash merge.

Squashed commit of the following:

commit de201ff6a5b304d0fedec56d9f1930abf1a10d9e
Author: Tod Beardsley <[email protected]>
Date:   Thu Jan 24 14:48:24 2013 -0600

    Rename from scorecard to merely a count

commit 8028cf838b0b560831602e3163e92d0751a4c0a9
Author: Tod Beardsley <[email protected]>
Date:   Thu Jan 24 14:36:42 2013 -0600

    Some final comment docs

commit a69fd78
Merge: e288f13 3faf4b3
Author: Tod Beardsley <[email protected]>
Date:   Thu Jan 24 13:21:14 2013 -0600

    Merge branch 'master' into committer-scorecard

    I think these conflicts came from a move or a rename or something.

    Conflicts:
    	external/source/exploits/cve-2012-5076_2/Makefile
    	external/source/exploits/cve-2012-5088/Makefile
    	modules/exploits/multi/browser/java_jre17_method_handle.rb
    	modules/exploits/multi/http/jenkins_script_console.rb

commit e288f13
Author: Tod Beardsley <[email protected]>
Date:   Wed Jan 16 14:06:23 2013 -0600

    Add FireFart's mail alias

commit 1b1792e
Author: Tod Beardsley <[email protected]>
Date:   Fri Jan 18 22:41:44 2013 -0600

    Fix grammar on description for webcam

commit 276388f
Author: Robin Wood <[email protected]>
Date:   Tue Jan 22 15:42:23 2013 +0000

    added extra checking for strict databases

commit a40ea3d
Author: jvazquez-r7 <[email protected]>
Date:   Tue Jan 22 12:07:16 2013 +0100

    fix data added to table

commit 738d2fa
Author: HD Moore <[email protected]>
Date:   Tue Jan 22 00:27:03 2013 -0600

    Fix a stack overflow in bidirectional pipe

commit aeec5a8
Author: jvazquez-r7 <[email protected]>
Date:   Mon Jan 21 12:26:35 2013 +0100

    Cleanup for mysql_file_enum.rb

commit 13f68f0
Author: sinn3r <[email protected]>
Date:   Mon Jan 21 00:30:43 2013 -0600

    Updates the progress function

    Because the previous one was wrong.

commit d971fe0
Author: Robin Wood <[email protected]>
Date:   Sun Jan 20 21:32:02 2013 +0000

    Brute force directory and file names with MySQL

commit a96ca2e
Author: Robin Wood <[email protected]>
Date:   Sun Jan 20 00:13:42 2013 +0000

    added a warning and using optpath

commit aa98d85
Author: Robin Wood <[email protected]>
Date:   Sun Jan 20 00:12:38 2013 +0000

    added a warning and using optpath

commit 6dd5bb8
Author: Robin Wood <[email protected]>
Date:   Sun Jan 20 00:02:07 2013 +0000

    stopped using fixed table name

commit 520aeb9
Author: Robin Wood <[email protected]>
Date:   Sat Jan 19 23:41:38 2013 +0000

    Fixed msftidy stuff

commit cec6a06
Author: Robin Wood <[email protected]>
Date:   Sat Jan 19 22:48:00 2013 +0000

    File/dir brute forcer using MySQL

commit 3cc0f3f
Author: jvazquez-r7 <[email protected]>
Date:   Sun Jan 20 19:54:24 2013 +0100

    finally it doesn't use FileDropper atm

commit 2670d5c
Author: jvazquez-r7 <[email protected]>
Date:   Sun Jan 20 17:38:37 2013 +0100

    references and date updated

commit 1230d52
Author: bcoles <[email protected]>
Date:   Mon Jan 21 02:12:42 2013 +1030

    update php_charts_exec metadata

commit cf37c59
Author: bcoles <[email protected]>
Date:   Mon Jan 21 02:10:48 2013 +1030

    move and update php_charts_exec metadata

commit 1e86429
Author: bcoles <[email protected]>
Date:   Sun Jan 20 23:51:17 2013 +1030

    Add PHP-Charts v1.0 PHP Code Execution Exploit

commit fe60ee6
Author: jvazquez-r7 <[email protected]>
Date:   Sun Jan 20 13:42:02 2013 +0100

    linux stager plus little cleanup

commit 5900248
Author: Spencer McIntyre <[email protected]>
Date:   Sat Jan 19 19:10:56 2013 -0500

    use target_uri and normalize_uri as well as fix a cookie problem

commit a7ce0a5
Author: Spencer McIntyre <[email protected]>
Date:   Fri Jan 18 14:56:52 2013 -0500

    add module to execute commands via Jenkins Script Console

commit 33b8aa4
Author: jvazquez-r7 <[email protected]>
Date:   Fri Jan 18 18:42:27 2013 +0100

    title updated

commit 63fe457
Author: Charles Smith <[email protected]>
Date:   Thu Jan 17 16:52:02 2013 -0500

    Fixed loot formatting so data is under the proper column

    The credentials table was defined with the columns "User", "Password", "Host", "Port", and "SSL".  Credentials were not added in that order, however. They were added in the order "host, port, user, password, ssl" in this line:

    credentials << [cred['host'], cred['port'], cred['user'], cred['password'], cred['ssl']]

    I changed the order the columns were defined to fix this.

    The permissions table had a similar issue. The "FileWrite" column was missing, so I added it. I also moved the "Home" column to after the "AutoCreate" column. Now the line:

    permissions << [perm['host'], perm['user'], perm['dir'], perm['fileread'], perm['filewrite'], perm['filedelete'], perm['fileappend'],perm['dircreate'], perm['dirdelete'], perm['dirlist'], perm['dirsubdirs'], perm['autocreate']]

    works correctly.

commit b948559
Author: jvazquez-r7 <[email protected]>
Date:   Thu Jan 17 21:45:13 2013 +0100

    cleanup

commit 199ab00
Author: jvazquez-r7 <[email protected]>
Date:   Thu Jan 17 21:39:41 2013 +0100

    cleanup

commit 8d55044
Author: jvazquez-r7 <[email protected]>
Date:   Thu Jan 17 21:27:47 2013 +0100

    Added new module for cve-2012-5076

commit 31ae18f
Author: jvazquez-r7 <[email protected]>
Date:   Thu Jan 17 21:14:49 2013 +0100

    Added module for CVE-2012-5088

commit 6ac99f3
Author: Tod Beardsley <[email protected]>
Date:   Sat Jan 19 09:08:31 2013 -0600

    Add a quick comment doc

commit 0c18f1c
Author: Tod Beardsley <[email protected]>
Date:   Sat Jan 19 09:06:34 2013 -0600

    Adds a per-module commit counter.

commit 44fa228
Merge: fa288ff 9f42abd
Author: Tod Beardsley <[email protected]>
Date:   Sat Jan 19 08:30:37 2013 -0600

    Merge remote-tracking branch 'origin/master' into committer-scorecard

commit fa288ff
Author: Tod Beardsley <[email protected]>
Date:   Fri Jan 18 14:05:47 2013 -0600

    Make module_count execable

commit 6c1625e
Author: Tod Beardsley <[email protected]>
Date:   Tue Jan 8 09:56:48 2013 -0600

    Wrote a quick module counter, by type

commit af07ddc
Merge: 2ee5df8 2c3ccb5
Author: Tod Beardsley <[email protected]>
Date:   Tue Jan 8 09:35:28 2013 -0600

    Merge remote-tracking branch 'origin/master' into committer-scorecard

commit 2ee5df8
Merge: 501c678 b50e040
Author: Tod Beardsley <[email protected]>
Date:   Fri Jan 4 10:24:27 2013 -0600

    Merge remote-tracking branch 'origin/master' into committer-scorecard

commit 501c678
Merge: 8001401 c2586d0
Author: Tod Beardsley <[email protected]>
Date:   Thu Dec 27 15:42:25 2012 -0600

    Merge branch 'master' into committer-scorecard

commit 8001401
Author: Tod Beardsley <[email protected]>
Date:   Thu Dec 27 11:13:04 2012 -0600

    Adding shuckins and cjr to the mailmap

commit ab2db49
Merge: 8b6ecb3 daf5465
Author: Tod Beardsley <[email protected]>
Date:   Thu Dec 27 10:29:19 2012 -0600

    Merge remote branch 'origin/master' into committer-scorecard

commit 8b6ecb3
Author: Tod Beardsley <[email protected]>
Date:   Mon Dec 17 21:58:37 2012 -0600

    Comment docs on .mailmap

commit 8e245a0
Author: Tod Beardsley <[email protected]>
Date:   Mon Dec 17 21:56:06 2012 -0600

    Another alias for h0ng10

commit aff6169
Author: Tod Beardsley <[email protected]>
Date:   Mon Dec 17 17:02:35 2012 -0600

    A more useful committer score card

    Now with aliases for anyone who hit the top 20 list of the last year,
    six months, and twelve weeks.

    Still needs some optparsey niceities, but it's good enough for an
    intial push to GitHub.

commit bd4e00e
Author: Tod Beardsley <[email protected]>
Date:   Mon Dec 17 15:22:33 2012 -0600

    Initial commit of a git commit scorecard

Author: todb

.mailmap

@@ -0,0 +1,63 @@
+wchen-r7 <wchen-r7@github>         sinn3r <[email protected]> # aka sinn3r
+wchen-r7 <wchen-r7@github>         Wei Chen <[email protected]>
+wchen-r7 <wchen-r7@github>         sinn3r <[email protected]>
+todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
+jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <[email protected]>
+hmoore-r7 <hmoore-r7@github>       HD Moore <[email protected]>
+jlee-r7 <jlee-r7@github>           James Lee <[email protected]> # aka egypt
+jlee-r7 <jlee-r7@github>           James Lee <[email protected]>
+dmaloney-r7 <dmaloney-r7@github>   David Maloney <[email protected]> # aka TheLightCosine
+dmaloney-r7 <dmaloney-r7@github>   David Maloney <[email protected]>
+joev-r7 <joev-r7@github>           Joe Vennix <[email protected]>
+bturner-r7 <bturner-r7@github>     Brandon Turner <[email protected]>
+ecarey-r7 <ecarey-r7@github>       Erran Carey <[email protected]>
+limhoff-r7 <limhoff-r7@github>     Luke Imhoff <[email protected]>
+todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
+tasos-r7 <tasos-r7@github>         Tasos Laskos <[email protected]>
+shuckins-r7 <shuckins-r7@github>   Samuel Huckins <[email protected]>
+
+# Above this line are current Rapid7 employees Below this paragraph are
+# volunteers, former employees, and potential Rapid7 employees who, at
+# one time or another, had some largeish number of commits landed on
+# rapid7/metasploit-framework master branch.  This should be refreshed
+# periodically. If you're on this list and would like to not be, just
+# let [email protected] know.
+
+Meatballs1 <Meatballs1@github>         Meatballs <[email protected]>
+Meatballs1 <Meatballs1@github>         Meatballs1 <[email protected]> 
+Meatballs1 <Meatballs1@github>         Meatballs1 <[email protected]> 
+jduck <jduck@github>                   Joshua Drake <[email protected]>
+jcran <jcran@github>                   Jonathan Cran <[email protected]>
+jcran <jcran@github>                   Jonathan Cran <[email protected]>
+bannedit <bannedit@github>             David Rude <[email protected]>
+darkoperator <darkoperator@github>     Carlos Perez <[email protected]>
+scriptjunkie <scriptjunkie@github>     Matt Weeks <[email protected]>
+skape <skape@???>                      Matt Miller <[email protected]>
+ceballosm <ceballosm@github>           Mario Ceballos <[email protected]>
+swtornio <swtornio@github>             Steve Tornio <[email protected]>
+kris <kris@???>                        kris <>
+spoonm <spoonm@github>                 Spoon M <[email protected]>
+fab <fab@???>                          fab <> # fab at revhosts.net (Fabrice MOURRON)
+efraintorres <efraintorres@github>     efraintorres <[email protected]>
+efraintorres <efraintorres@github>     et <>
+r3dy <r3dy@github>                     Royce Davis <[email protected]>
+r3dy <r3dy@github>                     Royce Davis <[email protected]>
+mubix <mubix@github>                   Rob Fuller <[email protected]>
+nmonkee <nmonkee@github>               nmonkee <[email protected]> 
+rsmudge <rsmudge@github>               Raphael Mudge <[email protected]> # Aka `butane
+m-1-k-3 <m-1-k-3@github>               m-1-k-3 <[email protected]>
+kost <kost@github>                     Vlatko Kosturjak <[email protected]>
+ohdae <ohdae@github>                   ohdae <[email protected]>
+schierlm <schierlm@github>             Michael Schierl <[email protected]> # Aka mihi
+corelanc0d3er <corelanc0d3er@github>   Peter Van Eeckhoutte (corelanc0d3r) <[email protected]>
+corelanc0d3er <corelanc0d3er@github>   corelanc0d3r <[email protected]>
+kernelsmith <kernelsmith@github>       Joshua Smith <[email protected]>
+kernelsmith <kernelsmith@github>       kernelsmith <kernelsmith@kernelsmith>
+h0ng10 <h0ng10@github>                 h0ng10 <[email protected]>
+h0ng10 <h0ng10@github>                 Hans-Martin Münch <[email protected]>
+nullbind <nullbind@github>             nullbind <[email protected]>
+nevdull77 <nevdull77@github>           Patrik Karlsson <[email protected]>
+jgor <jgor@github>                     jgor <[email protected]>
+ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <[email protected]>
+ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <[email protected]>
+FireFart <FireFart@github>             Christian Mehlmauer <[email protected]>

tools/committer_count.rb

@@ -0,0 +1,70 @@
+#!/usr/bin/env ruby
+
+# The commit_scorecard is a way to tell who's been active over the last
+# given period. It's of course, quite coarse -- someone with 10 commits in a day
+# may or may not be more productive than someone with 3, but over long enough
+# periods, it's an okay metric to measure involvement with the project, since
+# large and small commits will tend to average out.
+#
+# Note that this includes merge commits by default (which usually means at least
+# code review happened, so it's still a measure of work). You can get different
+# stats by ignoring merge commits, once option parsing is implemented.
+#
+# Usage: ./commit_scorecard.rb 2011-01-01 | head -10 # Since a particular date
+#        ./commit_scorecard.rb 1y   | head -10       # Last year
+#        ./commit_scorecard.rb 6m   | head -10       # Last six months
+#        ./commit_scorecard.rb 12w  | head -10       # Last twelve weeks
+#        ./commit_scorecard.rb 100d | head -10       # Last hundred days
+#
+#
+# History with colors and e-mail addresses (respecting .mailmap):
+# git log --pretty=format:"%C(white)%ad %C(yellow)%h %Cblue'%aN' <%aE> %Cgreen%f%Creset" --date=short
+
+class GitLogLine < Struct.new(:date, :hash, :author, :message)
+end
+
+@history = `git log --pretty=format:"%ad %h '%aN' %f" --date=short --date-order`
+@recent_history = []
+@commits_by_author = {}
+
+def parse_date(date)
+	case date
+	when /([0-9]+)y(ear)?s?/
+		seconds = $1.to_i* (60*60*24*365.25)
+		calc_date = (Time.now - seconds).strftime("%Y-%m-%d")
+	when /([0-9]+)m(onth)?s?/
+		seconds = $1.to_i* (60*60*24*(365.25 / 12))
+		calc_date = (Time.now - seconds).strftime("%Y-%m-%d")
+	when /([0-9]+)w(eek)?s?/
+		seconds = $1.to_i* (60*60*24*7)
+		calc_date = (Time.now - seconds).strftime("%Y-%m-%d")
+	when /([0-9]+)d(ay)?s?/
+		seconds = $1.to_i* (60*60*24)
+		calc_date = (Time.now - seconds).strftime("%Y-%m-%d")
+	else
+		calc_date = Time.new(date).strftime("%Y-%m-%d")
+	end
+end
+
+date = ARGV[0] || "2005-03-22" # A day before the first SVN commit.
+calc_date = parse_date(date)
+
+
+@history.each_line do |line|
+	parsed_line = line.match(/^([^\s+]+)\s(.{7,})\s'(.*)'\s(.*)[\r\n]*$/)
+	break if calc_date == parsed_line[1]
+	@recent_history << GitLogLine.new(*parsed_line[1,4])
+end
+
+@recent_history.each do |logline|
+	@commits_by_author[logline.author] ||= []
+	@commits_by_author[logline.author] << logline.message
+end
+
+puts "Commits since #{calc_date}"
+puts "-" * 50
+
+@commits_by_author.sort_by {|k,v| v.size}.reverse.each do |k,v|
+	puts "%-25s %3d" % [k,v.size]
+end
+

tools/module_commits.rb

@@ -0,0 +1,64 @@
+#!/usr/bin/env ruby
+
+# Check the commit history of a module or tree of modules.
+# and sort by number of commits.
+#
+# Usage: tools/module_commits.rb [module dir | module fname]
+
+require 'find'
+
+class GitLogLine < Struct.new(:date, :hash, :author, :message)
+end
+
+class CommitHistory < Struct.new(:fname, :total, :authors)
+end
+
+msfbase = __FILE__
+while File.symlink?(msfbase)
+	msfbase = File.expand_path(File.readlink(msfbase), File.dirname(msfbase))
+end
+
+dir = ARGV[0] || File.join(msfbase, "modules", "exploits")
+raise ArgumentError, "Need a filename or directory" unless (dir and File.readable? dir)
+
+def check_commit_history(fname)
+
+  git_cmd = `git log --pretty=format:"%ad %h '%aN' %f" --date=short --date-order #{fname}`
+  commit_history = []
+  commits_by_author = {}
+
+  git_cmd.each_line do |line|
+    parsed_line = line.match(/^([^\s+]+)\s(.{7,})\s'(.*)'\s(.*)[\r\n]*$/)
+    commit_history << GitLogLine.new(*parsed_line[1,4])
+  end
+
+  commit_history.each do |logline|
+    commits_by_author[logline.author] ||= []
+    commits_by_author[logline.author] << logline.message
+  end
+
+  puts "Commits for #{fname} #{commit_history.size}"
+  puts "-" * 72
+
+  commits_by_author.sort_by {|k,v| v.size}.reverse.each do |k,v|
+    puts "%-25s %3d" % [k,v.size]
+  end
+
+ this_module = CommitHistory.new(fname,commit_history.size,commits_by_author)
+ return this_module
+
+end
+
+@module_stats = []
+
+Find.find(dir) do |fname|
+  next unless fname =~ /rb$/
+  @module_stats << check_commit_history(fname)
+end
+
+puts "=" * 72
+puts "Sorted modules by commit counts"
+
+@module_stats.sort_by {|m| m.total }.reverse.each do |m|
+  puts "%-60s %d" % [m.fname, m.total]
+end

tools/module_count.rb

@@ -0,0 +1,49 @@
+#!/usr/bin/env ruby
+
+# Lists the current count of modules, by type, and outputs a bare CSV.
+
+msfbase = __FILE__
+while File.symlink?(msfbase)
+	msfbase = File.expand_path(File.readlink(msfbase), File.dirname(msfbase))
+end
+
+$:.unshift(File.expand_path(File.join(File.dirname(msfbase), '..', 'lib')))
+require 'fastlib'
+require 'msfenv'
+
+$:.unshift(ENV['MSF_LOCAL_LIB']) if ENV['MSF_LOCAL_LIB']
+
+require 'rex'
+require 'msf/ui'
+require 'msf/base'
+
+# Always disable the database (we never need it just to list module
+# information).
+framework_opts = { 'DisableDatabase' => true }
+
+# Initialize the simplified framework instance.
+$framework = Msf::Simple::Framework.create(framework_opts)
+Indent = '  '
+
+i = 0
+module_types = {
+  :exploit => 0,
+  :auxiliary => 0,
+  :post => 0,
+  :payload => 0,
+  :encoder => 0,
+  :nop => 0
+}
+
+$framework.modules.each do |name, mod|
+  this_mod = mod.new
+  [:exploit, :auxiliary, :post, :payload, :encoder, :nop].each do |meth|
+    interrogative = "#{meth}?".intern
+    if this_mod.send(interrogative)
+      module_types[meth] += 1 
+    end
+  end
+end
+
+puts module_types.keys.map {|k| k.to_s}.join(",")
+puts module_types.values.join(",")