Merge pull request #1 from jvazquez-r7/rebase_3019

Clean Huawei SOHO router information disclosure

Author: aczire

.gitignore

@@ -1,20 +1,28 @@
 .bundle
+Gemfile.local
+Gemfile.local.lock
 # Rubymine project directory
 .idea
 # Sublime Text project directory (not created by ST by default)
 .sublime-project
 # RVM control file, keep this to avoid backdooring Metasploit
 .rvmrc
+# Allow for a local choice of (unsupported / semi-supported) ruby versions
+# See PR #4136 for usage, but example usage for rvm:
+#   rvm --create --versions-conf use 2.1.4@metasploit-framework
+# Because rbenv doesn't use .versions.conf, to achieve this same functionality, run:
+#   rbenv shell 2.1.4
+.versions.conf
 # YARD cache directory
 .yardoc
 # Mac OS X files
 .DS_Store
 # database config for testing
 config/database.yml
+# target config file for testing
+features/support/targets.yml
 # simplecov coverage data
 coverage
-data/meterpreter/ext_server_pivot.x86.dll
-data/meterpreter/ext_server_pivot.x64.dll
 doc/
 external/source/meterpreter/java/bin
 external/source/meterpreter/java/build
@@ -48,6 +56,34 @@ tags
 *.opensdf
 *.user
 
+# Rails log directory
+/log
+# Rails tmp directory
+/tmp
+
 # ignore release/debug folders for exploits
 external/source/exploits/**/Debug
 external/source/exploits/**/Release
+
+# Avoid checking in Meterpreter binaries. These are supplied upstream by
+# the meterpreter_bins gem.
+data/meterpreter/elevator.*.dll
+data/meterpreter/ext_server_espia.*.dll
+data/meterpreter/ext_server_extapi.*.dll
+data/meterpreter/ext_server_incognito.*.dll
+data/meterpreter/ext_server_kiwi.*.dll
+data/meterpreter/ext_server_lanattacks.*.dll
+data/meterpreter/ext_server_mimikatz.*.dll
+data/meterpreter/ext_server_priv.*.dll
+data/meterpreter/ext_server_stdapi.*.dll
+data/meterpreter/metsrv.*.dll
+data/meterpreter/screenshot.*.dll
+
+# Avoid checking in Meterpreter libs that are built from
+# private source. If you're interested in this functionality,
+# check out Metasploit Pro: http://metasploit.com/download
+data/meterpreter/ext_server_pivot.*.dll
+
+# Avoid checking in metakitty, the source for
+# https://rapid7.github.io/metasploit-framework. It's an orphan branch.
+/metakitty

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "external/source/ReflectiveDLLInjection"]
+	path = external/source/ReflectiveDLLInjection
+	url = https://github.com/rapid7/ReflectiveDLLInjection.git

.mailmap

@@ -1,26 +1,50 @@
+bcook-r7 <bcook-r7@github>         Brent Cook <[email protected]>
 bturner-r7 <bturner-r7@github>     Brandon Turner <[email protected]>
+cdoughty-r7 <cdoughty-r7@github>   Chris Doughty <[email protected]>
+dheiland-r7 <dheiland-r7@github>   Deral Heiland <[email protected]>
 dmaloney-r7 <dmaloney-r7@github>   David Maloney <[email protected]>
-dmaloney-r7 <dmaloney-r7@github>   David Maloney <[email protected]> # aka TheLightCosine
+dmaloney-r7 <dmaloney-r7@github>   David Maloney <[email protected]>
+dmaloney-r7 <dmaloney-r7@github>   dmaloney-r7 <[email protected]>
 ecarey-r7 <ecarey-r7@github>       Erran Carey <[email protected]>
+farias-r7 <farias-r7@github>       Fernando Arias <[email protected]>
 hmoore-r7 <hmoore-r7@github>       HD Moore <[email protected]>
 hmoore-r7 <hmoore-r7@github>       HD Moore <[email protected]>
+jhart-r7 <jhart-r7@github>         Jon Hart <[email protected]>
 jlee-r7 <jlee-r7@github>           egypt <[email protected]> # aka egypt
 jlee-r7 <jlee-r7@github>           James Lee <[email protected]> # aka egypt
 jlee-r7 <jlee-r7@github>           James Lee <[email protected]>
-joev-r7 <joev-r7@github>           joev <[email protected]>
 joev-r7 <joev-r7@github>           Joe Vennix <[email protected]>
+joev-r7 <joev-r7@github>           Joe Vennix <[email protected]>
+joev-r7 <joev-r7@github>           joev <[email protected]>
+joev-r7 <joev-r7@github>           jvennix-r7 <[email protected]>
+joev-r7 <joev-r7@github>           jvennix-r7 <[email protected]>
 jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <[email protected]>
 jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <[email protected]>
+kgray-r7 <kgray-r7@github>         Kyle Gray <[email protected]>
 limhoff-r7 <limhoff-r7@github>     Luke Imhoff <[email protected]>
+lsanchez-r7 <lsanchez-r7@github>   darkbushido <[email protected]>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <[email protected]>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <[email protected]>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <[email protected]>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <[email protected]>
+mbuck-r7 <mbuck-r7@github>         Matt Buck <[email protected]>
+mbuck-r7 <mbuck-r7@github>         Matt Buck <[email protected]>
+mschloesser-r7 <mschloesser-r7@github> Mark Schloesser <[email protected]>
+mschloesser-r7 <mschloesser-r7@github> mschloesser-r7 <[email protected]>
+parzamendi-r7 <parzamendi-r7@github> parzamendi-r7 <[email protected]>
 shuckins-r7 <shuckins-r7@github>   Samuel Huckins <[email protected]>
-tasos-r7 <tasos-r7@github>         Tasos Laskos <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
+todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
+trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
+trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]> # aka sinn3r
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]>
 wchen-r7 <wchen-r7@github>         Wei Chen <[email protected]>
 wvu-r7 <wvu-r7@github>             William Vu <[email protected]>
+wvu-r7 <wvu-r7@github>             William Vu <[email protected]>
 wvu-r7 <wvu-r7@github>             William Vu <[email protected]>
+wvu-r7 <wvu-r7@github>             wvu-r7 <[email protected]>
 
 # Above this line are current Rapid7 employees. Below this paragraph are
 # volunteers, former employees, and potential Rapid7 employees who, at
@@ -30,18 +54,21 @@ wvu-r7 <wvu-r7@github>             William Vu <[email protected]>
 # let [email protected] know.
 
 bannedit <bannedit@github>             David Rude <[email protected]>
-Brandon Perry <brandonprry@github>     Brandon Perry <[email protected]>
-Brandon Perry <brandonprry@github>     Brandon Perry <bperry@bperry-rapid7.(none)>
-Brian Wallace <bwall@github>           (B)rian (Wall)ace <[email protected]>
-Brian Wallace <bwall@github>           Brian Wallace <[email protected]>
+bcoles <bcoles@github>                 bcoles <[email protected]>
+bcoles <bcoles@github>                 Brendan Coles <[email protected]>
+brandonprry <brandonprry@github>       Brandon Perry <[email protected]>
+brandonprry <brandonprry@github>       Brandon Perry <bperry@bperry-rapid7.(none)>
+brandonprry <brandonprry@github>       Brandon Perry <[email protected]>
+bwall <bwall@github>                   (B)rian (Wall)ace <[email protected]>
+bwall <bwall@github>                   Brian Wallace <[email protected]>
 ceballosm <ceballosm@github>           Mario Ceballos <[email protected]>
 Chao-mu <Chao-Mu@github>               Chao Mu <[email protected]>
 Chao-mu <Chao-Mu@github>               chao-mu <[email protected]>
 Chao-mu <Chao-Mu@github>               chao-mu <chao@confusion.(none)>
 ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <[email protected]>
 ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <[email protected]>
-corelanc0d3er <corelanc0d3er@github>   corelanc0d3r <[email protected]>
-corelanc0d3er <corelanc0d3er@github>   Peter Van Eeckhoutte (corelanc0d3r) <[email protected]>
+corelanc0d3r <corelanc0d3r@github>     corelanc0d3r <[email protected]>
+corelanc0d3r <corelanc0d3r@github>     Peter Van Eeckhoutte (corelanc0d3r) <[email protected]>
 darkoperator <darkoperator@github>     Carlos Perez <[email protected]>
 efraintorres <efraintorres@github>     efraintorres <[email protected]>
 efraintorres <efraintorres@github>     et <>
@@ -55,26 +82,44 @@ jduck <jduck@github>                   Joshua Drake <[email protected]>
 jgor <jgor@github>                     jgor <[email protected]>
 kernelsmith <kernelsmith@github>       Joshua Smith <[email protected]>
 kernelsmith <kernelsmith@github>       kernelsmith <kernelsmith@kernelsmith>
+kernelsmith <kernelsmith@github>       Joshua Smith <[email protected]>
 kost <kost@github>                     Vlatko Kosturjak <[email protected]>
 kris <kris@???>                        kris <>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <[email protected]>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <[email protected]>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <[email protected]>
+m-1-k-3 <m-1-k-3@github>               Michael Messner <[email protected]>
 Meatballs1 <Meatballs1@github>         Ben Campbell <[email protected]>
 Meatballs1 <Meatballs1@github>         Meatballs <[email protected]>
-Meatballs1 <Meatballs1@github>         Meatballs1 <[email protected]> 
+Meatballs1 <Meatballs1@github>         Meatballs1 <[email protected]>
 mubix <mubix@github>                   Rob Fuller <[email protected]>
 nevdull77 <nevdull77@github>           Patrik Karlsson <[email protected]>
-nmonkee <nmonkee@github>               nmonkee <[email protected]> 
+nmonkee <nmonkee@github>               nmonkee <[email protected]>
 nullbind <nullbind@github>             nullbind <[email protected]>
+nullbind <nullbind@github>             Scott Sutherland <[email protected]>
 ohdae <ohdae@github>                   ohdae <[email protected]>
-OJ <oj@github>                         OJ Reeves <[email protected]>
-OJ <oj@github>                         OJ <[email protected]>
+oj <oj@github>                         OJ <[email protected]>
+oj <oj@github>                         OJ Reeves <[email protected]>
 r3dy <r3dy@github>                     Royce Davis <[email protected]>
 r3dy <r3dy@github>                     Royce Davis <[email protected]>
+Rick Flores <[email protected]>  Rick Flores (nanotechz9l) <[email protected]>
 rsmudge <rsmudge@github>               Raphael Mudge <[email protected]> # Aka `butane
 schierlm <schierlm@github>             Michael Schierl <[email protected]> # Aka mihi
 scriptjunkie <scriptjunkie@github>     Matt Weeks <[email protected]>
+scriptjunkie <scriptjunkie@github>     scriptjunkie <[email protected]>
 skape <skape@???>                      Matt Miller <[email protected]>
 spoonm <spoonm@github>                 Spoon M <[email protected]>
 swtornio <swtornio@github>             Steve Tornio <[email protected]>
+Tasos Laskos <[email protected]> Tasos Laskos <[email protected]>
+timwr <timwr@github>                   Tim <[email protected]>
+timwr <timwr@github>                   Tim Wright <[email protected]>
+TomSellers <TomSellers@github>         Tom Sellers <[email protected]>
+TrustedSec <[email protected]>      trustedsec <[email protected]>
+zeroSteiner <zeroSteiner@github>       Spencer McIntyre <[email protected]>
+
+# Aliases for utility author names. Since they're fake, typos abound
+
+Tab Assassin <[email protected]> Tabassassin <[email protected]>
+Tab Assassin <[email protected]> TabAssassin <[email protected]>
+Tab Assassin <[email protected]> Tabasssassin <[email protected]>
+Tab Assassin <[email protected]> URI Assassin <[email protected]>

.rspec

@@ -1,2 +1,3 @@
 --color
 --format Fivemat
+--require spec_helper

.rubocop.yml

@@ -0,0 +1,84 @@
+# This list was intially created by analyzing the last three months (51
+# modules) committed to Metasploit Framework. Many, many older modules
+# will have offenses, but this should at least provide a baseline for
+# new modules.
+#
+# Updates to this file should include a 'Description' parameter for any
+# explaination needed.
+
+# inherit_from: .rubocop_todo.yml
+
+Metrics/ClassLength:
+  Description: 'Most Metasploit modules are quite large. This is ok.'
+  Enabled: true
+  Exclude:
+    - 'modules/**/*'
+
+Style/Documentation:
+  Enabled: true
+  Description: 'Most Metasploit modules do not have class documentation.'
+  Exclude:
+    - 'modules/**/*'
+
+Style/Encoding:
+  Enabled: true
+  Description: 'We prefer binary to UTF-8.'
+  EnforcedStyle: 'when_needed'
+
+Metrics/LineLength:
+  Description: >-
+                  Metasploit modules often pattern match against very
+                  long strings when identifying targets.
+  Enabled: true
+  Max: 180
+
+Metrics/MethodLength:
+  Enabled: true
+  Description: >-
+                  While the style guide suggests 10 lines, exploit definitions
+                  often exceed 200 lines.
+  Max: 300
+
+# Basically everything in metasploit needs binary encoding, not UTF-8.
+# Disable this here and enforce it through msftidy
+Style/Encoding:
+  Enabled: false
+
+# %q() is super useful for long strings split over multiple lines and
+# is very common in module constructors for things like descriptions
+Style/UnneededPercentQ:
+  Enabled: false
+
+Style/NumericLiterals:
+  Enabled: false
+  Description: 'This often hurts readability for exploit-ish code.'
+
+Style/SpaceInsideBrackets:
+  Enabled: false
+  Description: 'Until module template are final, most modules will fail this.'
+
+Style/StringLiterals:
+  Enabled: false
+  Description: 'Single vs double quote fights are largely unproductive.'
+
+Style/WordArray:
+  Enabled: false
+  Description: 'Metasploit prefers consistent use of []'
+
+Style/RedundantBegin:
+  Exclude:
+    # this pattern is very common and somewhat unavoidable
+    # def run_host(ip)
+    #   begin
+    #     ...
+    #   rescue ...
+    #     ...
+    #   ensure
+    #     disconnect
+    #   end
+    # end
+    - 'modules/**/*'
+
+Documentation:
+  Exclude:
+    - 'modules/**/*'

.ruby-version

@@ -1 +1 @@
-1.9.3-p448
+2.1.5

.simplecov

@@ -39,7 +39,6 @@ SimpleCov.configure do
 	# Other library groups
 	#
 
-	add_group 'Fastlib', 'lib/fastlib'
 	add_group 'Metasm', 'lib/metasm'
 	add_group 'PacketFu', 'lib/packetfu'
 	add_group 'Rex', 'lib/rex'

.travis.yml

@@ -1,18 +1,42 @@
+bundler_args: --without coverage development pcap
+cache: bundler
+env:
+  - RAKE_TASKS="cucumber cucumber:boot"
+  - RAKE_TASKS=spec SPEC_OPTS="--tag content"
+  - RAKE_TASKS=spec SPEC_OPTS="--tag ~content"
+
 language: ruby
+matrix:
+  fast_finish: true
 before_install:
-  - sudo apt-get update -qq
-  - sudo apt-get install -qq libpcap-dev
+  - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
+  - rake --version
+  # Uncomment when we have fewer shipping msftidy warnings.
+  # Merge committers will still be checking, just not autofailing.
+  # - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  # - ls -la ./.git/hooks
+  # - ./.git/hooks/post-merge
 before_script:
   - cp config/database.yml.travis config/database.yml
-  - rake db:create
-  - rake db:migrate
-
+  - bundle exec rake --version
+  - bundle exec rake db:create
+  - bundle exec rake db:migrate
+script:
+  # fail build if db/schema.rb update is not committed
+  - git diff --exit-code && bundle exec rake $RAKE_TASKS
+sudo: false
 rvm:
-  #- '1.8.7'
   - '1.9.3'
+  - '2.1'
 
 notifications:
   irc: "irc.freenode.org#msfnotify"
 
 git:
   depth: 5
+
+# Blacklist certain branches from triggering travis builds
+branches:
+  except:
+    - gh-pages
+    - metakitty

.yardopts

@@ -3,5 +3,8 @@
 --exclude \.ut\.rb/
 --exclude \.ts\.rb/
 --files CONTRIBUTING.md,COPYING,HACKING,LICENSE
+app/**/*.rb
 lib/msf/**/*.rb
+lib/metasploit/**/*.rb
 lib/rex/**/*.rb
+plugins/**/*.rb