Land #5280, update to Ruby on Rails 4.0
This upgrades a number of other gems as a side-effect.
This commit is contained in:
commit
9549d572cc
8
Gemfile
8
Gemfile
|
@ -8,7 +8,7 @@ group :coverage do
|
|||
# code coverage for tests
|
||||
# any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
|
||||
# see: https://github.com/colszowka/simplecov/issues/127 (hopefully fixed in 0.8.0)
|
||||
gem 'simplecov', '0.5.4', :require => false
|
||||
gem 'simplecov'
|
||||
end
|
||||
|
||||
group :db do
|
||||
|
@ -25,12 +25,8 @@ group :development do
|
|||
end
|
||||
|
||||
group :development, :test do
|
||||
# supplies factories for producing model instance for specs
|
||||
# Version 4.1.0 or newer is needed to support generate calls without the
|
||||
# 'FactoryGirl.' in factory definitions syntax.
|
||||
gem 'factory_girl', '>= 4.1.0'
|
||||
# automatically include factories from spec/factories
|
||||
gem 'factory_girl_rails'
|
||||
gem 'factory_girl_rails', '~> 4.5.0'
|
||||
# Make rspec output shorter and more useful
|
||||
gem 'fivemat', '1.2.1'
|
||||
# running documentation generation tasks and rspec tasks
|
||||
|
|
236
Gemfile.lock
236
Gemfile.lock
|
@ -2,13 +2,13 @@ PATH
|
|||
remote: .
|
||||
specs:
|
||||
metasploit-framework (4.11.0.pre.dev)
|
||||
actionpack (>= 3.2.21, < 4.0.0)
|
||||
activesupport (>= 3.2.21, < 4.0.0)
|
||||
actionpack (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
bcrypt
|
||||
jsobfu (~> 0.2.0)
|
||||
json
|
||||
metasploit-concern (= 0.4.0)
|
||||
metasploit-model (~> 0.29.0)
|
||||
metasploit-concern (~> 1.0)
|
||||
metasploit-model (~> 1.0)
|
||||
metasploit-payloads (= 0.0.3)
|
||||
msgpack
|
||||
nokogiri
|
||||
|
@ -21,10 +21,10 @@ PATH
|
|||
sqlite3
|
||||
tzinfo
|
||||
metasploit-framework-db (4.11.0.pre.dev)
|
||||
activerecord (>= 3.2.21, < 4.0.0)
|
||||
metasploit-credential (= 0.14.5)
|
||||
activerecord (>= 4.0.9, < 4.1.0)
|
||||
metasploit-credential (~> 1.0)
|
||||
metasploit-framework (= 4.11.0.pre.dev)
|
||||
metasploit_data_models (= 0.24.0)
|
||||
metasploit_data_models (~> 1.0)
|
||||
pg (>= 0.11)
|
||||
metasploit-framework-pcap (4.11.0.pre.dev)
|
||||
metasploit-framework (= 4.11.0.pre.dev)
|
||||
|
@ -34,148 +34,147 @@ PATH
|
|||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
actionmailer (3.2.21)
|
||||
actionpack (= 3.2.21)
|
||||
mail (~> 2.5.4)
|
||||
actionpack (3.2.21)
|
||||
activemodel (= 3.2.21)
|
||||
activesupport (= 3.2.21)
|
||||
builder (~> 3.0.0)
|
||||
actionmailer (4.0.13)
|
||||
actionpack (= 4.0.13)
|
||||
mail (~> 2.5, >= 2.5.4)
|
||||
actionpack (4.0.13)
|
||||
activesupport (= 4.0.13)
|
||||
builder (~> 3.1.0)
|
||||
erubis (~> 2.7.0)
|
||||
journey (~> 1.0.4)
|
||||
rack (~> 1.4.5)
|
||||
rack-cache (~> 1.2)
|
||||
rack-test (~> 0.6.1)
|
||||
sprockets (~> 2.2.1)
|
||||
activemodel (3.2.21)
|
||||
activesupport (= 3.2.21)
|
||||
builder (~> 3.0.0)
|
||||
activerecord (3.2.21)
|
||||
activemodel (= 3.2.21)
|
||||
activesupport (= 3.2.21)
|
||||
arel (~> 3.0.2)
|
||||
tzinfo (~> 0.3.29)
|
||||
activeresource (3.2.21)
|
||||
activemodel (= 3.2.21)
|
||||
activesupport (= 3.2.21)
|
||||
activesupport (3.2.21)
|
||||
i18n (~> 0.6, >= 0.6.4)
|
||||
multi_json (~> 1.0)
|
||||
arel (3.0.3)
|
||||
rack (~> 1.5.2)
|
||||
rack-test (~> 0.6.2)
|
||||
activemodel (4.0.13)
|
||||
activesupport (= 4.0.13)
|
||||
builder (~> 3.1.0)
|
||||
activerecord (4.0.13)
|
||||
activemodel (= 4.0.13)
|
||||
activerecord-deprecated_finders (~> 1.0.2)
|
||||
activesupport (= 4.0.13)
|
||||
arel (~> 4.0.0)
|
||||
activerecord-deprecated_finders (1.0.4)
|
||||
activesupport (4.0.13)
|
||||
i18n (~> 0.6, >= 0.6.9)
|
||||
minitest (~> 4.2)
|
||||
multi_json (~> 1.3)
|
||||
thread_safe (~> 0.1)
|
||||
tzinfo (~> 0.3.37)
|
||||
arel (4.0.2)
|
||||
arel-helpers (2.1.0)
|
||||
activerecord (>= 3.1.0, < 5)
|
||||
aruba (0.6.1)
|
||||
aruba (0.6.2)
|
||||
childprocess (>= 0.3.6)
|
||||
cucumber (>= 1.1.1)
|
||||
rspec-expectations (>= 2.7.0)
|
||||
bcrypt (3.1.10)
|
||||
builder (3.0.4)
|
||||
capybara (2.4.1)
|
||||
builder (3.1.4)
|
||||
capybara (2.4.4)
|
||||
mime-types (>= 1.16)
|
||||
nokogiri (>= 1.3.3)
|
||||
rack (>= 1.0.0)
|
||||
rack-test (>= 0.5.4)
|
||||
xpath (~> 2.0)
|
||||
childprocess (0.5.3)
|
||||
childprocess (0.5.5)
|
||||
ffi (~> 1.0, >= 1.0.11)
|
||||
coderay (1.1.0)
|
||||
cucumber (1.2.1)
|
||||
cucumber (1.3.19)
|
||||
builder (>= 2.1.2)
|
||||
diff-lcs (>= 1.1.3)
|
||||
gherkin (~> 2.11.0)
|
||||
json (>= 1.4.6)
|
||||
cucumber-rails (1.4.0)
|
||||
capybara (>= 1.1.2)
|
||||
cucumber (>= 1.2.0)
|
||||
nokogiri (>= 1.5.0)
|
||||
rails (>= 3.0.0)
|
||||
gherkin (~> 2.12)
|
||||
multi_json (>= 1.7.5, < 2.0)
|
||||
multi_test (>= 0.1.2)
|
||||
cucumber-rails (1.4.2)
|
||||
capybara (>= 1.1.2, < 3)
|
||||
cucumber (>= 1.3.8, < 2)
|
||||
mime-types (>= 1.16, < 3)
|
||||
nokogiri (~> 1.5)
|
||||
rails (>= 3, < 5)
|
||||
diff-lcs (1.2.5)
|
||||
docile (1.1.5)
|
||||
erubis (2.7.0)
|
||||
factory_girl (4.4.0)
|
||||
factory_girl (4.5.0)
|
||||
activesupport (>= 3.0.0)
|
||||
factory_girl_rails (4.4.1)
|
||||
factory_girl (~> 4.4.0)
|
||||
factory_girl_rails (4.5.0)
|
||||
factory_girl (~> 4.5.0)
|
||||
railties (>= 3.0.0)
|
||||
ffi (1.9.3)
|
||||
ffi (1.9.8)
|
||||
fivemat (1.2.1)
|
||||
gherkin (2.11.6)
|
||||
json (>= 1.7.6)
|
||||
gherkin (2.12.2)
|
||||
multi_json (~> 1.3)
|
||||
hike (1.2.3)
|
||||
i18n (0.7.0)
|
||||
journey (1.0.4)
|
||||
jsobfu (0.2.1)
|
||||
rkelly-remix (= 0.0.6)
|
||||
json (1.8.2)
|
||||
mail (2.5.4)
|
||||
mime-types (~> 1.16)
|
||||
treetop (~> 1.4.8)
|
||||
metasploit-concern (0.4.0)
|
||||
activesupport (~> 3.0, >= 3.0.0)
|
||||
railties (< 4.0.0)
|
||||
metasploit-credential (0.14.5)
|
||||
metasploit-concern (= 0.4.0)
|
||||
metasploit-model (~> 0.29.0)
|
||||
metasploit_data_models (= 0.24.0)
|
||||
mail (2.6.3)
|
||||
mime-types (>= 1.16, < 3)
|
||||
metasploit-concern (1.0.0)
|
||||
activerecord (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
railties (>= 4.0.9, < 4.1.0)
|
||||
metasploit-credential (1.0.0)
|
||||
metasploit-concern (~> 1.0)
|
||||
metasploit-model (~> 1.0)
|
||||
metasploit_data_models (~> 1.0)
|
||||
pg
|
||||
railties (< 4.0.0)
|
||||
railties
|
||||
rubyntlm
|
||||
rubyzip (~> 1.1)
|
||||
metasploit-model (0.29.2)
|
||||
activesupport
|
||||
railties (< 4.0.0)
|
||||
metasploit-model (1.0.0)
|
||||
activemodel (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
railties (>= 4.0.9, < 4.1.0)
|
||||
metasploit-payloads (0.0.3)
|
||||
metasploit_data_models (0.24.0)
|
||||
activerecord (>= 3.2.13, < 4.0.0)
|
||||
activesupport
|
||||
metasploit_data_models (1.0.1)
|
||||
activerecord (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
arel-helpers
|
||||
metasploit-concern (= 0.4.0)
|
||||
metasploit-model (~> 0.29.0)
|
||||
metasploit-concern (~> 1.0)
|
||||
metasploit-model (~> 1.0)
|
||||
pg
|
||||
railties (< 4.0.0)
|
||||
postgres_ext
|
||||
railties (>= 4.0.9, < 4.1.0)
|
||||
recog (~> 1.0)
|
||||
method_source (0.8.2)
|
||||
mime-types (1.25.1)
|
||||
mime-types (2.4.3)
|
||||
mini_portile (0.6.2)
|
||||
minitest (4.7.5)
|
||||
msgpack (0.5.11)
|
||||
multi_json (1.0.4)
|
||||
multi_json (1.11.0)
|
||||
multi_test (0.1.2)
|
||||
network_interface (0.0.1)
|
||||
nokogiri (1.6.6.2)
|
||||
mini_portile (~> 0.6.0)
|
||||
packetfu (1.1.9)
|
||||
pcaprub (0.11.3)
|
||||
pcaprub (0.12.0)
|
||||
pg (0.18.1)
|
||||
polyglot (0.3.5)
|
||||
pry (0.10.0)
|
||||
pg_array_parser (0.0.9)
|
||||
postgres_ext (2.4.1)
|
||||
activerecord (>= 4.0.0)
|
||||
arel (>= 4.0.1)
|
||||
pg_array_parser (~> 0.0.9)
|
||||
pry (0.10.1)
|
||||
coderay (~> 1.1.0)
|
||||
method_source (~> 0.8.1)
|
||||
slop (~> 3.4)
|
||||
rack (1.4.5)
|
||||
rack-cache (1.2)
|
||||
rack (>= 0.4)
|
||||
rack-ssl (1.3.4)
|
||||
rack
|
||||
rack (1.5.2)
|
||||
rack-test (0.6.3)
|
||||
rack (>= 1.0)
|
||||
rails (3.2.21)
|
||||
actionmailer (= 3.2.21)
|
||||
actionpack (= 3.2.21)
|
||||
activerecord (= 3.2.21)
|
||||
activeresource (= 3.2.21)
|
||||
activesupport (= 3.2.21)
|
||||
bundler (~> 1.0)
|
||||
railties (= 3.2.21)
|
||||
railties (3.2.21)
|
||||
actionpack (= 3.2.21)
|
||||
activesupport (= 3.2.21)
|
||||
rack-ssl (~> 1.3.2)
|
||||
rails (4.0.13)
|
||||
actionmailer (= 4.0.13)
|
||||
actionpack (= 4.0.13)
|
||||
activerecord (= 4.0.13)
|
||||
activesupport (= 4.0.13)
|
||||
bundler (>= 1.3.0, < 2.0)
|
||||
railties (= 4.0.13)
|
||||
sprockets-rails (~> 2.0)
|
||||
railties (4.0.13)
|
||||
actionpack (= 4.0.13)
|
||||
activesupport (= 4.0.13)
|
||||
rake (>= 0.8.7)
|
||||
rdoc (~> 3.4)
|
||||
thor (>= 0.14.6, < 2.0)
|
||||
thor (>= 0.18.1, < 2.0)
|
||||
rake (10.4.2)
|
||||
rb-readline-r7 (0.5.2.0)
|
||||
rdoc (3.12.2)
|
||||
json (~> 1.4)
|
||||
recog (1.0.27)
|
||||
recog (1.0.29)
|
||||
nokogiri
|
||||
redcarpet (3.2.3)
|
||||
rkelly-remix (0.0.6)
|
||||
|
@ -184,12 +183,12 @@ GEM
|
|||
rspec-core (~> 2.99.0)
|
||||
rspec-expectations (~> 2.99.0)
|
||||
rspec-mocks (~> 2.99.0)
|
||||
rspec-collection_matchers (1.0.0)
|
||||
rspec-collection_matchers (1.1.2)
|
||||
rspec-expectations (>= 2.99.0.beta1)
|
||||
rspec-core (2.99.1)
|
||||
rspec-core (2.99.2)
|
||||
rspec-expectations (2.99.2)
|
||||
diff-lcs (>= 1.1.3, < 2.0)
|
||||
rspec-mocks (2.99.2)
|
||||
rspec-mocks (2.99.3)
|
||||
rspec-rails (2.99.0)
|
||||
actionpack (>= 3.0)
|
||||
activemodel (>= 3.0)
|
||||
|
@ -201,28 +200,32 @@ GEM
|
|||
rspec-mocks (~> 2.99.0)
|
||||
rubyntlm (0.5.0)
|
||||
rubyzip (1.1.7)
|
||||
shoulda-matchers (2.6.2)
|
||||
simplecov (0.5.4)
|
||||
multi_json (~> 1.0.3)
|
||||
simplecov-html (~> 0.5.3)
|
||||
simplecov-html (0.5.3)
|
||||
shoulda-matchers (2.8.0)
|
||||
activesupport (>= 3.0.0)
|
||||
simplecov (0.9.2)
|
||||
docile (~> 1.1.0)
|
||||
multi_json (~> 1.0)
|
||||
simplecov-html (~> 0.9.0)
|
||||
simplecov-html (0.9.0)
|
||||
slop (3.6.0)
|
||||
sprockets (2.2.3)
|
||||
sprockets (2.12.3)
|
||||
hike (~> 1.2)
|
||||
multi_json (~> 1.0)
|
||||
rack (~> 1.0)
|
||||
tilt (~> 1.1, != 1.3.0)
|
||||
sprockets-rails (2.2.4)
|
||||
actionpack (>= 3.0)
|
||||
activesupport (>= 3.0)
|
||||
sprockets (>= 2.8, < 4.0)
|
||||
sqlite3 (1.3.10)
|
||||
thor (0.19.1)
|
||||
thread_safe (0.3.5)
|
||||
tilt (1.4.1)
|
||||
timecop (0.7.1)
|
||||
treetop (1.4.15)
|
||||
polyglot
|
||||
polyglot (>= 0.3.1)
|
||||
timecop (0.7.3)
|
||||
tzinfo (0.3.43)
|
||||
xpath (2.0.0)
|
||||
nokogiri (~> 1.3)
|
||||
yard (0.8.7.4)
|
||||
yard (0.8.7.6)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
|
@ -230,8 +233,7 @@ PLATFORMS
|
|||
DEPENDENCIES
|
||||
aruba
|
||||
cucumber-rails
|
||||
factory_girl (>= 4.1.0)
|
||||
factory_girl_rails
|
||||
factory_girl_rails (~> 4.5.0)
|
||||
fivemat (= 1.2.1)
|
||||
metasploit-framework!
|
||||
metasploit-framework-db!
|
||||
|
@ -242,6 +244,6 @@ DEPENDENCIES
|
|||
rspec (>= 2.12, < 3.0.0)
|
||||
rspec-rails (>= 2.12, < 3.0.0)
|
||||
shoulda-matchers
|
||||
simplecov (= 0.5.4)
|
||||
simplecov
|
||||
timecop
|
||||
yard
|
||||
|
|
|
@ -20,6 +20,7 @@ Bundler.require(
|
|||
#
|
||||
|
||||
# For compatibility with jquery-rails (and other engines that need action_view) in pro
|
||||
require 'action_controller/railtie'
|
||||
require 'action_view/railtie'
|
||||
|
||||
#
|
||||
|
@ -36,6 +37,15 @@ module Metasploit
|
|||
|
||||
config.paths['log'] = "#{Msf::Config.log_directory}/#{Rails.env}.log"
|
||||
config.paths['config/database'] = [Metasploit::Framework::Database.configurations_pathname.try(:to_path)]
|
||||
|
||||
case Rails.env
|
||||
when "development"
|
||||
config.eager_load = false
|
||||
when "test"
|
||||
config.eager_load = false
|
||||
when "production"
|
||||
config.eager_load = true
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
645
db/schema.rb
645
db/schema.rb
File diff suppressed because it is too large
Load Diff
|
@ -6,7 +6,7 @@ module Metasploit
|
|||
|
||||
# The Metasploit ecosystem is not ready for Rails 4 as it uses features of
|
||||
# Rails 3.X that are removed in Rails 4.
|
||||
RAILS_VERSION = [ '>= 3.2.21', '< 4.0.0' ]
|
||||
RAILS_VERSION = [ '>= 4.0.9', '< 4.1.0' ]
|
||||
end
|
||||
end
|
||||
end
|
|
@ -157,8 +157,6 @@ module Msf::DBManager::Host
|
|||
|
||||
if not addr.kind_of? ::Mdm::Host
|
||||
addr = normalize_host(addr)
|
||||
addr, scope = addr.split('%', 2)
|
||||
opts[:scope] = scope if scope
|
||||
|
||||
unless ipv46_validator(addr)
|
||||
raise ::ArgumentError, "Invalid IP address in report_host(): #{addr}"
|
||||
|
|
|
@ -4,12 +4,23 @@ module Msf::DBManager::IPAddress
|
|||
end
|
||||
|
||||
def ipv4_validator(addr)
|
||||
return false unless addr.kind_of? String
|
||||
Rex::Socket.is_ipv4?(addr)
|
||||
if addr.try(:ipv4?)
|
||||
true
|
||||
elsif addr.kind_of? String
|
||||
Rex::Socket.is_ipv4?(addr)
|
||||
else
|
||||
false
|
||||
end
|
||||
end
|
||||
|
||||
def ipv6_validator(addr)
|
||||
Rex::Socket.is_ipv6?(addr)
|
||||
if addr.try(:ipv6?)
|
||||
true
|
||||
elsif addr.kind_of? String
|
||||
Rex::Socket.is_ipv6?(addr)
|
||||
else
|
||||
false
|
||||
end
|
||||
end
|
||||
|
||||
def rfc3330_reserved(ip)
|
||||
|
|
|
@ -95,7 +95,6 @@ module Msf::DBManager::Session
|
|||
if session.exploit.user_data_is_match?
|
||||
MetasploitDataModels::AutomaticExploitation::MatchResult.create!(
|
||||
match: session.exploit.user_data[:match],
|
||||
match_set: session.exploit.user_data[:match_set],
|
||||
run: session.exploit.user_data[:run],
|
||||
state: 'succeeded',
|
||||
)
|
||||
|
|
|
@ -668,7 +668,7 @@ class Db
|
|||
columns = [host.address] + col_names.map { |n| service[n].to_s || "" }
|
||||
tbl << columns
|
||||
if set_rhosts
|
||||
addr = (host.scope ? host.address + '%' + host.scope : host.address)
|
||||
addr = (host.scope ? host.address + '%' + host.scope : host.address )
|
||||
rhosts << addr
|
||||
end
|
||||
|
||||
|
@ -790,6 +790,7 @@ class Db
|
|||
# Same for service names
|
||||
next unless svcs.empty? or svcs.include?(vuln.service.name)
|
||||
print_status("Time: #{vuln.created_at} Vuln: host=#{host.address} name=#{vuln.name} refs=#{reflist.join(',')} #{(show_info && vuln.info) ? "info=#{vuln.info}" : ""}")
|
||||
|
||||
else
|
||||
# This vuln has no service, so it can't match
|
||||
next unless ports.empty? and svcs.empty?
|
||||
|
@ -1318,7 +1319,7 @@ class Db
|
|||
host = note.host
|
||||
msg << " host=#{note.host.address}"
|
||||
if set_rhosts
|
||||
addr = (host.scope ? host.address + '%' + host.scope : host.address)
|
||||
addr = (host.scope ? host.address + '%' + host.scope : host.address )
|
||||
rhosts << addr
|
||||
end
|
||||
end
|
||||
|
|
|
@ -29,9 +29,9 @@ Gem::Specification.new do |spec|
|
|||
|
||||
spec.add_runtime_dependency 'activerecord', *Metasploit::Framework::RailsVersionConstraint::RAILS_VERSION
|
||||
# Metasploit::Credential database models
|
||||
spec.add_runtime_dependency 'metasploit-credential', '0.14.5'
|
||||
spec.add_runtime_dependency 'metasploit-credential', '~> 1.0'
|
||||
# Database models shared between framework and Pro.
|
||||
spec.add_runtime_dependency 'metasploit_data_models', '0.24.0'
|
||||
spec.add_runtime_dependency 'metasploit_data_models', '~> 1.0'
|
||||
# depend on metasploit-framewrok as the optional gems are useless with the actual code
|
||||
spec.add_runtime_dependency 'metasploit-framework', "= #{spec.version}"
|
||||
# Needed for module caching in Mdm::ModuleDetails
|
||||
|
|
|
@ -59,10 +59,10 @@ Gem::Specification.new do |spec|
|
|||
# Needed for some admin modules (scrutinizer_add_user.rb)
|
||||
spec.add_runtime_dependency 'json'
|
||||
# Metasploit::Concern hooks
|
||||
spec.add_runtime_dependency 'metasploit-concern', '0.4.0'
|
||||
spec.add_runtime_dependency 'metasploit-concern', '~> 1.0'
|
||||
# Things that would normally be part of the database model, but which
|
||||
# are needed when there's no database
|
||||
spec.add_runtime_dependency 'metasploit-model', '~> 0.29.0'
|
||||
spec.add_runtime_dependency 'metasploit-model', '~> 1.0'
|
||||
# Needed for Meterpreter on Windows, soon others.
|
||||
spec.add_runtime_dependency 'metasploit-payloads', '0.0.3'
|
||||
# Needed by msfgui and other rpc components
|
||||
|
|
|
@ -19,7 +19,7 @@ module Msf
|
|||
|
||||
class ConsoleCommandDispatcher
|
||||
include Msf::Ui::Console::CommandDispatcher
|
||||
|
||||
|
||||
def name
|
||||
PLUGIN_NAME
|
||||
end
|
||||
|
@ -35,11 +35,11 @@ module Msf
|
|||
def msf_local
|
||||
"#{Msf::Config.local_directory}"
|
||||
end
|
||||
|
||||
|
||||
def cmd_nessus_index
|
||||
nessus_index
|
||||
end
|
||||
|
||||
|
||||
def commands
|
||||
{
|
||||
"nessus_connect" => "Connect to a nessus server: nconnect username:password@hostname:port <verify_ssl>",
|
||||
|
@ -81,7 +81,7 @@ module Msf
|
|||
"nessus_folder_list" => "List folders configured on the Nessus server",
|
||||
"nessus_scanner_list" => "List the configured scanners on the Nessus server",
|
||||
"nessus_family_list" => "List all the plugin families along with their corresponding family IDs and plugin count"
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
def cmd_nessus_help(*args)
|
||||
|
@ -111,7 +111,7 @@ module Msf
|
|||
tbl << [ "nessus_db_import", "Import Nessus scan to the Metasploit connected database" ]
|
||||
tbl << [ "", ""]
|
||||
tbl << [ "Reports Commands", "" ]
|
||||
tbl << [ "-----------------", "-----------------"]
|
||||
tbl << [ "-----------------", "-----------------"]
|
||||
tbl << [ "nessus_report_hosts", "Get list of hosts from a report" ]
|
||||
tbl << [ "nessus_report_vulns", "Get list of vulns from a report" ]
|
||||
tbl << [ "nessus_report_host_details", "Get detailed information from a report item on a host" ]
|
||||
|
@ -205,7 +205,7 @@ module Msf
|
|||
total = Time.now - start
|
||||
print_status("It has taken : #{total} seconds to build the exploits search index")
|
||||
end
|
||||
|
||||
|
||||
def nessus_index
|
||||
if File.exist?("#{xindex}")
|
||||
#check if it's version line matches current version.
|
||||
|
@ -247,7 +247,7 @@ module Msf
|
|||
return
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
if args[0] == "-h"
|
||||
print_status("%redYou must do this before any other commands.%clr")
|
||||
print_status("Usage: ")
|
||||
|
@ -259,7 +259,7 @@ module Msf
|
|||
print_status("use a self signed certificate, therefore, users should use ssl_ignore.")
|
||||
return
|
||||
end
|
||||
|
||||
|
||||
if !@token == ''
|
||||
print_error("You are already authenticated. Call nessus_logout before authenticating again")
|
||||
return
|
||||
|
@ -268,7 +268,7 @@ module Msf
|
|||
ncusage
|
||||
return
|
||||
end
|
||||
|
||||
|
||||
@user = @pass = @host = @port = @sslv = nil
|
||||
case args.length
|
||||
when 1,2
|
||||
|
@ -647,7 +647,7 @@ module Msf
|
|||
print_line("IP Address: #{details['info']['host-ip']}")
|
||||
print_line("Hostname: #{details['info']['host-name']}")
|
||||
print_line("Operating System: #{details['info']['operating-system']}")
|
||||
print_line
|
||||
print_line
|
||||
print_status("Vulnerability information")
|
||||
details["vulnerabilities"].each { |vuln|
|
||||
tbl << [ vuln["plugin_name"], vuln["plugin_family"], vuln["severity"] ]
|
||||
|
@ -684,7 +684,7 @@ module Msf
|
|||
report = @n.report_download(scan_id, file_id)
|
||||
File.open("#{msf_local}/#{scan_id}-#{file_id}","w+") do |f|
|
||||
f.puts report
|
||||
print_status("Report downloaded to #{msf_local} directory")
|
||||
print_status("Report downloaded to #{msf_local} directory")
|
||||
end
|
||||
else
|
||||
print_error("Only completed scans ca be downloaded")
|
||||
|
@ -799,7 +799,7 @@ module Msf
|
|||
'Status',
|
||||
'Folder'
|
||||
])
|
||||
|
||||
|
||||
list["scans"].each { |scan|
|
||||
if args[0] == "-r"
|
||||
if scan["status"] == "running"
|
||||
|
@ -1010,11 +1010,11 @@ module Msf
|
|||
end
|
||||
else
|
||||
print_error(export)
|
||||
end
|
||||
end
|
||||
else
|
||||
print_error("Only completed scans could be used for import")
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
|
||||
def is_scan_complete(scan_id)
|
||||
|
|
|
@ -58,24 +58,24 @@ framework.db.creds.each do |creds|
|
|||
next if not serv.host
|
||||
next if (serv.state != Msf::ServiceState::Open)
|
||||
# for now we only check these services, you can add some more ...
|
||||
next if not (serv.name =~ /smb/ or
|
||||
serv.name =~ /microsoft-ds/ or
|
||||
serv.name =~ /netbios-ssn/ or
|
||||
serv.name =~ /ftp/ or
|
||||
serv.name =~ /ssh/ or
|
||||
serv.name =~ /telnet/ or
|
||||
serv.name =~ /mysql/ or
|
||||
serv.name =~ /vnc/ or
|
||||
serv.name =~ /mssql/ or
|
||||
serv.name =~ /pop3/ or
|
||||
next if not (serv.name =~ /smb/ or
|
||||
serv.name =~ /microsoft-ds/ or
|
||||
serv.name =~ /netbios-ssn/ or
|
||||
serv.name =~ /ftp/ or
|
||||
serv.name =~ /ssh/ or
|
||||
serv.name =~ /telnet/ or
|
||||
serv.name =~ /mysql/ or
|
||||
serv.name =~ /vnc/ or
|
||||
serv.name =~ /mssql/ or
|
||||
serv.name =~ /pop3/ or
|
||||
serv.name =~ /postgres/)
|
||||
|
||||
xport = serv.port.to_i
|
||||
xprot = serv.proto
|
||||
xname = serv.name
|
||||
xhost = host.address
|
||||
xhost = host.address
|
||||
|
||||
if(xname =~ /smb/ or xname =~ /microsoft-ds/ or xname =~ /netbios-ssn/)
|
||||
if(xname =~ /smb/ or xname =~ /microsoft-ds/ or xname =~ /netbios-ssn/)
|
||||
print_line("smb_login")
|
||||
if(verbose == 1)
|
||||
infos(serv,creds,host)
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
|
||||
<ruby>
|
||||
#psexec needs a payload
|
||||
if framework.datastore['PAYLOAD']
|
||||
pload = framework.datastore['PAYLOAD']
|
||||
if framework.datastore['PAYLOAD']
|
||||
pload = framework.datastore['PAYLOAD']
|
||||
else #just to get sure that we have a backup payload
|
||||
pload = "windows/meterpreter/bind_tcp"
|
||||
end
|
||||
|
@ -59,7 +59,7 @@ framework.db.creds.each do |creds| # just checking if we have any smb_hashes in
|
|||
|
||||
if (jotr == 1)
|
||||
# first checking weak windows hashes with john ... because of the filtering before, we are sure that
|
||||
# this is a windows hash
|
||||
# this is a windows hash
|
||||
# on the first found hash we are going to analyse all hashes - then we set jotr to 0
|
||||
|
||||
print_line("using jtr_crack_fast")
|
||||
|
@ -74,14 +74,14 @@ framework.db.creds.each do |creds| # just checking if we have any smb_hashes in
|
|||
|
||||
smbhash = creds.pass
|
||||
username = creds.user
|
||||
|
||||
|
||||
framework.db.hosts.each do |host|
|
||||
next if (host.os_name !~ /Windows/) # pass the hash works just for Win
|
||||
|
||||
host.services.each do |serv|
|
||||
next if not serv.host
|
||||
next if (serv.state != Msf::ServiceState::Open)
|
||||
next if (serv.name !~ /smb/)
|
||||
next if (serv.name !~ /smb/)
|
||||
|
||||
print_line("using psexec - Pass the hash")
|
||||
if(verbose == 1)
|
||||
|
|
|
@ -36,7 +36,7 @@ framework.db.workspace.hosts.each do |host|
|
|||
next if not serv.host
|
||||
next if (serv.state != Msf::ServiceState::Open)
|
||||
next if (serv.name !~ /http/)
|
||||
|
||||
|
||||
if(verbose == 1)
|
||||
print_line("IP: #{host.address}")
|
||||
print_line("OS: #{host.os_name}")
|
||||
|
|
|
@ -109,7 +109,7 @@ print_line("starting discovery scanners ... stage 2")
|
|||
print_line("============================================")
|
||||
print_line("")
|
||||
|
||||
run_single("unsetg RHOSTS") # we dont need it anymore
|
||||
run_single("unsetg RHOSTS") # we dont need it anymore
|
||||
|
||||
framework.db.workspace.hosts.each do |host|
|
||||
host.services.each do |serv|
|
||||
|
@ -416,7 +416,7 @@ framework.db.workspace.hosts.each do |host|
|
|||
end
|
||||
|
||||
if (serv.name =~ /http/ or serv.port == 80 or serv.port == 443)
|
||||
|
||||
|
||||
if(versionscanners == 1 or serv.name == nil)
|
||||
print_line("Module: http_version")
|
||||
run_single("use auxiliary/scanner/http/http_version")
|
||||
|
@ -700,7 +700,7 @@ framework.db.workspace.hosts.each do |host|
|
|||
jobwaiting(maxjobs,verbose)
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
if (serv.port == 7777)
|
||||
print_line("Module: energizer_duo_detect")
|
||||
run_single("use auxiliary/scanner/backdoor/energizer_duo_detect")
|
||||
|
|
|
@ -24,9 +24,9 @@ end
|
|||
|
||||
#we look in the global datastore for a global VERBOSE option and use it
|
||||
if (framework.datastore['VERBOSE'] == "true")
|
||||
verbose = 1
|
||||
verbose = 1
|
||||
else
|
||||
verbose = 0
|
||||
verbose = 0
|
||||
end
|
||||
|
||||
if (framework.plugins.to_s =~ /[Ww]map/)
|
||||
|
|
|
@ -61,7 +61,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
|
|||
|
||||
context '#with_connection' do
|
||||
def reserved_connection_count
|
||||
connection_pool.instance_variable_get(:@reserved_connections).length
|
||||
connection_pool.instance_variable_get(:@reserved_connections).size
|
||||
end
|
||||
|
||||
let(:connection_id) do
|
||||
|
|
|
@ -627,7 +627,7 @@ shared_examples_for 'Msf::DBManager::Session' do
|
|||
)
|
||||
end
|
||||
|
||||
it { expect(subject.routes).to eq(routes) }
|
||||
it { expect(subject.routes.to_a).to eq(routes) }
|
||||
end
|
||||
|
||||
context 'without :routes' do
|
||||
|
|
Loading…
Reference in New Issue