Add latest rubocop rules
This commit is contained in:
parent
debe4242c9
commit
bed7ae2c78
107
.rubocop.yml
107
.rubocop.yml
|
@ -9,7 +9,8 @@
|
|||
# inherit_from: .rubocop_todo.yml
|
||||
|
||||
AllCops:
|
||||
TargetRubyVersion: 2.4
|
||||
TargetRubyVersion: 2.5
|
||||
SuggestExtensions: false
|
||||
|
||||
require:
|
||||
- ./lib/rubocop/cop/layout/module_hash_on_new_line.rb
|
||||
|
@ -17,6 +18,101 @@ require:
|
|||
- ./lib/rubocop/cop/lint/module_disclosure_date_format.rb
|
||||
- ./lib/rubocop/cop/lint/module_disclosure_date_present.rb
|
||||
|
||||
Layout/SpaceBeforeBrackets:
|
||||
Description: >-
|
||||
Disabled as it generates invalid code:
|
||||
https://github.com/rubocop-hq/rubocop/issues/9499
|
||||
Enabled: false
|
||||
|
||||
Lint/AmbiguousAssignment:
|
||||
Enabled: true
|
||||
|
||||
Lint/DeprecatedConstants:
|
||||
Enabled: true
|
||||
|
||||
Lint/DuplicateBranch:
|
||||
Description: >-
|
||||
Disabled as it causes a lot of noise around our current exception/error handling
|
||||
Enabled: false
|
||||
|
||||
Lint/DuplicateRegexpCharacterClassElement:
|
||||
Enabled: false
|
||||
|
||||
Lint/EmptyBlock:
|
||||
Enabled: false
|
||||
|
||||
Lint/EmptyClass:
|
||||
Enabled: false
|
||||
|
||||
Lint/LambdaWithoutLiteralBlock:
|
||||
Enabled: true
|
||||
|
||||
Lint/NoReturnInBeginEndBlocks:
|
||||
Enabled: true
|
||||
|
||||
Lint/NumberedParameterAssignment:
|
||||
Enabled: true
|
||||
|
||||
Lint/OrAssignmentToConstant:
|
||||
Enabled: true
|
||||
|
||||
Lint/RedundantDirGlobSort:
|
||||
Enabled: true
|
||||
|
||||
Lint/SymbolConversion:
|
||||
Enabled: true
|
||||
|
||||
Lint/ToEnumArguments:
|
||||
Enabled: true
|
||||
|
||||
Lint/TripleQuotes:
|
||||
Enabled: true
|
||||
|
||||
Lint/UnexpectedBlockArity:
|
||||
Enabled: true
|
||||
|
||||
Lint/UnmodifiedReduceAccumulator:
|
||||
Enabled: true
|
||||
|
||||
Style/ArgumentsForwarding:
|
||||
Enabled: true
|
||||
|
||||
Style/CollectionCompact:
|
||||
Enabled: true
|
||||
|
||||
Style/DocumentDynamicEvalDefinition:
|
||||
Enabled: false
|
||||
|
||||
Style/EndlessMethod:
|
||||
Enabled: true
|
||||
|
||||
Style/HashExcept:
|
||||
Enabled: true
|
||||
|
||||
Style/IfWithBooleanLiteralBranches:
|
||||
Description: >-
|
||||
Most of the time this is a valid replacement. Although it can generate subtly different
|
||||
rewrites that might break code:
|
||||
2.7.2 :001 > foo = nil
|
||||
=> nil
|
||||
2.7.2 :002 > (foo && foo['key'] == 'foo') ? true : false
|
||||
=> false
|
||||
2.7.2 :003 > foo && foo['key'] == 'foo'
|
||||
=> nil
|
||||
Enabled: false
|
||||
|
||||
Style/NegatedIfElseCondition:
|
||||
Enabled: false
|
||||
|
||||
Style/NilLambda:
|
||||
Enabled: true
|
||||
|
||||
Style/RedundantArgument:
|
||||
Enabled: false
|
||||
|
||||
Style/SwapValues:
|
||||
Enabled: false
|
||||
|
||||
Layout/ModuleHashOnNewLine:
|
||||
Enabled: true
|
||||
|
||||
|
@ -130,12 +226,11 @@ Style/TrailingCommaInArrayLiteral:
|
|||
Enabled: false
|
||||
Description: 'This is often a useful pattern, and is actually required by other languages. It does not hurt.'
|
||||
|
||||
Metrics/LineLength:
|
||||
Layout/LineLength:
|
||||
Description: >-
|
||||
Metasploit modules often pattern match against very
|
||||
long strings when identifying targets.
|
||||
Enabled: true
|
||||
Max: 180
|
||||
Enabled: false
|
||||
|
||||
Metrics/BlockLength:
|
||||
Enabled: true
|
||||
|
@ -247,7 +342,3 @@ Style/SafeNavigation:
|
|||
This has been disabled as in some scenarios it produced invalid code, and disobeyed the 'AllowedMethods'
|
||||
configuration.
|
||||
Enabled: false
|
||||
|
||||
Documentation:
|
||||
Exclude:
|
||||
- 'modules/**/*'
|
||||
|
|
|
@ -82,7 +82,7 @@ class Msf::Modules::External::Shim
|
|||
[#{o['required']}, #{o['description'].dump}, #{o['default'].inspect}])"
|
||||
end
|
||||
end
|
||||
options.reject! { |o| o.nil? }
|
||||
options.compact!
|
||||
options.join(",\n ")
|
||||
end
|
||||
|
||||
|
|
|
@ -55,9 +55,9 @@ module Msf::RPC::JSON
|
|||
@symbolize_names = symbolize_names
|
||||
@is_notification = is_notification
|
||||
@headers = {
|
||||
'Accept': JSON_MEDIA_TYPE,
|
||||
Accept: JSON_MEDIA_TYPE,
|
||||
'Content-Type': JSON_MEDIA_TYPE,
|
||||
'Authorization': "Bearer #{@api_token}"
|
||||
Authorization: "Bearer #{@api_token}"
|
||||
}
|
||||
|
||||
absolute_method_name = @namespace.nil? ? method : "#{@namespace}.#{method}"
|
||||
|
|
|
@ -200,8 +200,7 @@ module Rex
|
|||
'hash_count']
|
||||
(1..0x100000).each do |c|
|
||||
updated_hash = sha256.digest(btl_struct_raw)
|
||||
btl_struct_raw = updated_hash + btl_struct_raw \
|
||||
[btl_struct.updated_hash.sizeof..(
|
||||
btl_struct_raw = updated_hash + btl_struct_raw[btl_struct.updated_hash.sizeof..(
|
||||
btl_struct_hash_count_offset - 1)] + [c].pack('Q')
|
||||
sha256.reset
|
||||
end
|
||||
|
|
|
@ -137,7 +137,7 @@ module Parser
|
|||
# seem to be there just for debugging anyway.
|
||||
def db_report(table, data)
|
||||
raise "Data should be a hash" unless data.kind_of? Hash
|
||||
nonempty_data = data.reject {|k,v| v.nil?}
|
||||
nonempty_data = data.compact
|
||||
valid_attrs = db_valid_attributes(table)
|
||||
raise "Unknown table `#{table}'" if valid_attrs.empty?
|
||||
case table
|
||||
|
|
|
@ -133,7 +133,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
sleep(15)
|
||||
doc = call_ec2(creds, 'Action' => action, 'InstanceId' => instance_id)
|
||||
doc = print_results(doc, action)
|
||||
if doc ['instanceStatusSet'].nil?
|
||||
if doc['instanceStatusSet'].nil?
|
||||
print_error("Error, could not get instance status, instance possibly terminated")
|
||||
break
|
||||
end
|
||||
|
|
|
@ -190,7 +190,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
{:name=>'ZyXEL', :model=>'P-660R-T3', :values=>[
|
||||
[107369567, 21]
|
||||
]},
|
||||
:'ALL'=> # Used when `ForceAttempt` === true
|
||||
ALL=> # Used when `ForceAttempt` === true
|
||||
{:name=>'Unknown', :model=>'Forced', :values=>[]
|
||||
},
|
||||
}
|
||||
|
@ -199,7 +199,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
known_devices.collect { |_, v| v[:values] }.each do |list|
|
||||
all_cookies += list
|
||||
end
|
||||
known_devices[:'ALL'][:values] = all_cookies.uniq
|
||||
known_devices[:ALL][:values] = all_cookies.uniq
|
||||
known_devices
|
||||
end
|
||||
|
||||
|
@ -227,7 +227,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
model = check_response_fingerprint(res, Exploit::CheckCode::Detected)
|
||||
if model != Exploit::CheckCode::Detected
|
||||
devices = devices_list[model.to_sym]
|
||||
devices = devices_list['ALL'.to_sym] if devices.nil? && datastore['ForceAttempt']
|
||||
devices = devices_list[:ALL] if devices.nil? && datastore['ForceAttempt']
|
||||
if devices != nil
|
||||
print_good("Detected device:#{devices[:name]} #{devices[:model]}")
|
||||
devices[:values].each { |value|
|
||||
|
|
|
@ -52,7 +52,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
end
|
||||
|
||||
def inflate_parse(data)
|
||||
zi = Zlib::Inflate.new(window_bits =-15)
|
||||
zi = Zlib::Inflate.new(-15)
|
||||
data_inflated = zi.inflate(data)
|
||||
|
||||
parse_data = data_inflated[8...-1]
|
||||
|
|
|
@ -76,16 +76,16 @@ class MetasploitModule < Msf::Auxiliary
|
|||
print_status('Sending payload')
|
||||
payload = Rex::Text.rand_text_alphanumeric(7000..8000)
|
||||
driver.send({
|
||||
'jsonrpc': '2.0',
|
||||
'method': 'Frontend::GetFrontendSpectrumData',
|
||||
'params': {
|
||||
'coreID': 0,
|
||||
'fStartHz': payload,
|
||||
'fStopHz': 1000000000,
|
||||
'fftSize': 1024,
|
||||
'gain': 1
|
||||
jsonrpc: '2.0',
|
||||
method: 'Frontend::GetFrontendSpectrumData',
|
||||
params: {
|
||||
coreID: 0,
|
||||
fStartHz: payload,
|
||||
fStopHz: 1000000000,
|
||||
fftSize: 1024,
|
||||
gain: 1
|
||||
},
|
||||
'id': '0'
|
||||
id: '0'
|
||||
}.to_json)
|
||||
rescue StandardError
|
||||
fail_with(Failure::Unreachable, 'Could not establish websocket connection')
|
||||
|
|
|
@ -86,7 +86,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'id' => id,
|
||||
'method' => 'Page.navigate',
|
||||
'params' => {
|
||||
'url': fetch_uri
|
||||
url: fetch_uri
|
||||
}
|
||||
}.to_json)
|
||||
end
|
||||
|
|
|
@ -300,15 +300,15 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'uri' => '/login.cgi',
|
||||
'method' => 'POST',
|
||||
'vars_post' => {
|
||||
"submit_button": "login",
|
||||
"submit_type": "",
|
||||
"gui_action": "",
|
||||
"wait_time": 0,
|
||||
"change_action": "",
|
||||
"enc": 1,
|
||||
"user": rand_text_alpha_lower(5),
|
||||
"pwd": buffer,
|
||||
"sel_lang": "EN"
|
||||
submit_button: "login",
|
||||
submit_type: "",
|
||||
gui_action: "",
|
||||
wait_time: 0,
|
||||
change_action: "",
|
||||
enc: 1,
|
||||
user: rand_text_alpha_lower(5),
|
||||
pwd: buffer,
|
||||
sel_lang: "EN"
|
||||
}
|
||||
})
|
||||
rescue ::Rex::ConnectionError
|
||||
|
|
|
@ -85,8 +85,8 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'uri' => normalize_uri(target_uri.path, 'login.php'),
|
||||
'method' => 'POST',
|
||||
'vars_post' => {
|
||||
'username': datastore['username'],
|
||||
'password': datastore['password'],
|
||||
username: datastore['username'],
|
||||
password: datastore['password'],
|
||||
},
|
||||
'cookie'=> "PHPSESSID=#{res.get_cookies}"
|
||||
})
|
||||
|
@ -115,9 +115,9 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'method' => 'POST',
|
||||
'vars_post' => data,
|
||||
'headers' => {
|
||||
'Connection': 'close',
|
||||
'Cookie': cookie.to_s,
|
||||
'Cmd': payload_b64
|
||||
Connection: 'close',
|
||||
Cookie: cookie.to_s,
|
||||
Cmd: payload_b64
|
||||
}
|
||||
})
|
||||
end
|
||||
|
|
|
@ -313,9 +313,9 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
# the new config in JSON format
|
||||
enable_params_resource_loader = {
|
||||
"#{verb}-queryresponsewriter": {
|
||||
"startup": "lazy",
|
||||
"name": "velocity",
|
||||
"class": "solr.VelocityResponseWriter",
|
||||
startup: "lazy",
|
||||
name: "velocity",
|
||||
class: "solr.VelocityResponseWriter",
|
||||
#"template.base.dir": "",
|
||||
#"solr.resource.loader.enabled": "true",
|
||||
"params.resource.loader.enabled": "true"
|
||||
|
|
|
@ -169,7 +169,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'method' => 'POST',
|
||||
'uri' => normalize_uri(target_uri.path, 'auth', 'ajax-login'),
|
||||
'vars_post' => {
|
||||
'logintype': type.to_s,
|
||||
logintype: type.to_s,
|
||||
'username' => user.to_s,
|
||||
'password' => pass.to_s,
|
||||
'securitytoken' => 'guest'
|
||||
|
|
|
@ -64,7 +64,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
def on_request_uri(cli, request)
|
||||
if @jar.nil?
|
||||
p = regenerate_payload(cli)
|
||||
@jar = p.encoded_jar({"random":true})
|
||||
@jar = p.encoded_jar({random:true})
|
||||
paths = [
|
||||
["metasploit", "JMXPayloadMBean.class"],
|
||||
["metasploit", "JMXPayload.class"],
|
||||
|
|
|
@ -33,7 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2018-1111'],
|
||||
['EDB': '44652'],
|
||||
['EDB', '44652'],
|
||||
['URL', 'https://github.com/kkirsche/CVE-2018-1111'],
|
||||
['URL', 'https://twitter.com/_fel1x/status/996388421273882626?lang=en'],
|
||||
['URL', 'https://access.redhat.com/security/vulnerabilities/3442151'],
|
||||
|
|
|
@ -96,7 +96,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
|
||||
def change_password
|
||||
print_status("#{peer} - Attempt to change the root password...")
|
||||
post = {"enable": true, "passwd": new_password, "userid": "root"}.to_json
|
||||
post = {enable: true, passwd: new_password, userid: "root"}.to_json
|
||||
|
||||
login = send_request_cgi({
|
||||
'method' => 'POST',
|
||||
|
|
|
@ -72,13 +72,13 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'method' => 'POST',
|
||||
'ctype' => 'application/json',
|
||||
'data' => {
|
||||
"service": 'Session',
|
||||
"method": 'login',
|
||||
"params": {
|
||||
"username": user.to_s,
|
||||
"password": pass.to_s
|
||||
service: 'Session',
|
||||
method: 'login',
|
||||
params: {
|
||||
username: user.to_s,
|
||||
password: pass.to_s
|
||||
},
|
||||
"options": nil
|
||||
options: nil
|
||||
}.to_json
|
||||
})
|
||||
unless res
|
||||
|
@ -103,11 +103,11 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'method' => 'POST',
|
||||
'cookie' => @cookie.to_s,
|
||||
'data' => {
|
||||
"service": 'System',
|
||||
"method": 'getInformation',
|
||||
"params": nil,
|
||||
"options": {
|
||||
"updatelastaccess": false
|
||||
service: 'System',
|
||||
method: 'getInformation',
|
||||
params: nil,
|
||||
options: {
|
||||
updatelastaccess: false
|
||||
}
|
||||
}.to_json
|
||||
})
|
||||
|
@ -137,16 +137,16 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'method' => 'POST',
|
||||
'cookie' => @cookie.to_s,
|
||||
'data' => {
|
||||
"service": 'LogFile',
|
||||
"method": 'getList',
|
||||
"params": {
|
||||
"id": 'apt_history',
|
||||
"start": 0,
|
||||
"limit": 50,
|
||||
"sortfield": "'.exec(\"#{cmd}\").'",
|
||||
"sortdir": 'DESC'
|
||||
service: 'LogFile',
|
||||
method: 'getList',
|
||||
params: {
|
||||
id: 'apt_history',
|
||||
start: 0,
|
||||
limit: 50,
|
||||
sortfield: "'.exec(\"#{cmd}\").'",
|
||||
sortdir: 'DESC'
|
||||
},
|
||||
"options": nil
|
||||
options: nil
|
||||
}.to_json
|
||||
})
|
||||
rescue ::Rex::ConnectionError
|
||||
|
|
|
@ -321,7 +321,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
end
|
||||
end
|
||||
|
||||
'''
|
||||
'
|
||||
#
|
||||
# Increase the default delay by five seconds since some kernel-mode
|
||||
# payloads may not run immediately.
|
||||
|
@ -329,7 +329,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
def wfs_delay
|
||||
super + 5
|
||||
end
|
||||
'''
|
||||
'
|
||||
|
||||
def smb2_grooms(grooms, payload_hdr_pkt)
|
||||
grooms.times do |_groom_id|
|
||||
|
|
|
@ -74,7 +74,7 @@ class MetasploitModule < Msf::Post
|
|||
|
||||
def run
|
||||
|
||||
'''
|
||||
'
|
||||
Hash format
|
||||
:name,
|
||||
:check_file,
|
||||
|
@ -87,7 +87,7 @@ class MetasploitModule < Msf::Post
|
|||
:viewonly_variable,
|
||||
:viewonly_hash,
|
||||
:viewonly_pass
|
||||
'''
|
||||
'
|
||||
|
||||
locations = []
|
||||
|
||||
|
|
Loading…
Reference in New Issue