Remove references to Redmine in code
See #4400. This should be all of them, except for, of course, the module that targets Redmine itself. Note that this also updates the README.md with more current information as well.
This commit is contained in:
parent
337b2d784f
commit
d3050de862
|
@ -14,7 +14,6 @@ before_install:
|
||||||
- sudo apt-get install -qq libpcap-dev
|
- sudo apt-get install -qq libpcap-dev
|
||||||
# Uncomment when we have fewer shipping msftidy warnings.
|
# Uncomment when we have fewer shipping msftidy warnings.
|
||||||
# Merge committers will still be checking, just not autofailing.
|
# Merge committers will still be checking, just not autofailing.
|
||||||
# See https://dev.metasploit.com/redmine/issues/8498
|
|
||||||
# - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
|
# - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
|
||||||
# - ls -la ./.git/hooks
|
# - ls -la ./.git/hooks
|
||||||
# - ./.git/hooks/post-merge
|
# - ./.git/hooks/post-merge
|
||||||
|
|
19
README.md
19
README.md
|
@ -4,23 +4,20 @@ Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.pn
|
||||||
The Metasploit Framework is released under a BSD-style license. See
|
The Metasploit Framework is released under a BSD-style license. See
|
||||||
COPYING for more details.
|
COPYING for more details.
|
||||||
|
|
||||||
The latest version of this software is available from http://metasploit.com/
|
The latest version of this software is available from https://metasploit.com/
|
||||||
|
|
||||||
Bug tracking and development information can be found at:
|
Bug tracking and development information can be found at:
|
||||||
https://dev.metasploit.com/redmine/projects/framework/
|
|
||||||
|
|
||||||
The public GitHub source repository can be found at:
|
|
||||||
https://github.com/rapid7/metasploit-framework
|
https://github.com/rapid7/metasploit-framework
|
||||||
|
|
||||||
|
API documentation for writing modules can be found at:
|
||||||
|
https://rapid7.github.io/metasploit-framework/api
|
||||||
|
|
||||||
Questions and suggestions can be sent to:
|
Questions and suggestions can be sent to:
|
||||||
msfdev(at)metasploit.com
|
https://lists.sourceforge.net/lists/listinfo/metasploit-hackers
|
||||||
|
|
||||||
The framework mailing list is the place to discuss features and ask for help.
|
An up-to-date list of useful Metasploit development resources is
|
||||||
To subscribe, visit the following web page:
|
maintained at:
|
||||||
https://mail.metasploit.com/mailman/listinfo/framework
|
https://metasploit.github.io
|
||||||
|
|
||||||
The mailing list archives are available from:
|
|
||||||
https://mail.metasploit.com/pipermail/framework/
|
|
||||||
|
|
||||||
Installing
|
Installing
|
||||||
--
|
--
|
||||||
|
|
|
@ -920,7 +920,7 @@ function read($resource, $len=null) {
|
||||||
# whole php process will block waiting for data that may never come.
|
# whole php process will block waiting for data that may never come.
|
||||||
# Unfortunately, selecting on pipes created with proc_open on Windows
|
# Unfortunately, selecting on pipes created with proc_open on Windows
|
||||||
# always returns immediately. Basically, shell interaction in Windows
|
# always returns immediately. Basically, shell interaction in Windows
|
||||||
# is hosed until this gets figured out. See https://dev.metasploit.com/redmine/issues/2232
|
# is hosed until this gets figured out.
|
||||||
$r = Array($resource);
|
$r = Array($resource);
|
||||||
my_print("Calling select to see if there's data on $resource");
|
my_print("Calling select to see if there's data on $resource");
|
||||||
while (true) {
|
while (true) {
|
||||||
|
|
|
@ -45,7 +45,7 @@ module Exploit::ORACLE
|
||||||
def check_dependencies
|
def check_dependencies
|
||||||
if not @oci8_loaded
|
if not @oci8_loaded
|
||||||
print_error("Failed to load the OCI library: #{@oci8_error}")
|
print_error("Failed to load the OCI library: #{@oci8_error}")
|
||||||
print_error("See http://www.metasploit.com/redmine/projects/framework/wiki/OracleUsage for installation instructions")
|
print_error("Try 'gem install ruby-oci8'")
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
return true
|
return true
|
||||||
|
|
|
@ -1928,7 +1928,7 @@ to_linux_x86_elf(framework, code, exeopts)
|
||||||
end
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# EICAR Canary: https://www.metasploit.com/redmine/projects/framework/wiki/EICAR
|
# EICAR Canary
|
||||||
#
|
#
|
||||||
def self.is_eicar_corrupted?
|
def self.is_eicar_corrupted?
|
||||||
path = ::File.expand_path(::File.join(
|
path = ::File.expand_path(::File.join(
|
||||||
|
|
|
@ -280,7 +280,7 @@ class ClientCore < Extension
|
||||||
# good bet that migration failed and the remote side is hung.
|
# good bet that migration failed and the remote side is hung.
|
||||||
# Since we have the comm_mutex here, we *must* release it to
|
# Since we have the comm_mutex here, we *must* release it to
|
||||||
# keep from hanging the packet dispatcher thread, which results
|
# keep from hanging the packet dispatcher thread, which results
|
||||||
# in blocking the entire process. See Redmine #8794
|
# in blocking the entire process.
|
||||||
begin
|
begin
|
||||||
Timeout.timeout(60) do
|
Timeout.timeout(60) do
|
||||||
# Renegotiate SSL over this socket
|
# Renegotiate SSL over this socket
|
||||||
|
|
|
@ -22,8 +22,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
[
|
[
|
||||||
[ 'CVE', '2011-3305' ],
|
[ 'CVE', '2011-3305' ],
|
||||||
[ 'OSVDB', '76080'],
|
[ 'OSVDB', '76080'],
|
||||||
[ 'URL', 'http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml' ],
|
[ 'URL', 'http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml' ]
|
||||||
[ 'URL', 'http://dev.metasploit.com/redmine/issues/5673' ]
|
|
||||||
],
|
],
|
||||||
'Author' => [ 'Nenad Stojanovski <nenad.stojanovski[at]gmail.com>' ],
|
'Author' => [ 'Nenad Stojanovski <nenad.stojanovski[at]gmail.com>' ],
|
||||||
'License' => MSF_LICENSE
|
'License' => MSF_LICENSE
|
||||||
|
|
|
@ -32,7 +32,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
[ 'CVE', '1999-0502'] # Weak password
|
[ 'CVE', '1999-0502'] # Weak password
|
||||||
],
|
],
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
# See https://dev.metasploit.com/redmine/issues/8814
|
# See https://github.com/rapid7/metasploit-framework/issues/3811
|
||||||
#'DefaultOptions' => {
|
#'DefaultOptions' => {
|
||||||
# 'USERPASS_FILE' => File.join(Msf::Config.data_directory, "wordlists", "http_default_userpass.txt"),
|
# 'USERPASS_FILE' => File.join(Msf::Config.data_directory, "wordlists", "http_default_userpass.txt"),
|
||||||
# 'USER_FILE' => File.join(Msf::Config.data_directory, "wordlists", "http_default_users.txt"),
|
# 'USER_FILE' => File.join(Msf::Config.data_directory, "wordlists", "http_default_users.txt"),
|
||||||
|
|
|
@ -88,7 +88,6 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
res = udp_sock.timed_read(8, 1)
|
res = udp_sock.timed_read(8, 1)
|
||||||
if res.blank?
|
if res.blank?
|
||||||
# To mitigate MacOSX udp sockets behavior
|
# To mitigate MacOSX udp sockets behavior
|
||||||
# see https://dev.metasploit.com/redmine/issues/7480
|
|
||||||
udp_sock.put(pkt)
|
udp_sock.put(pkt)
|
||||||
res = udp_sock.timed_read(8)
|
res = udp_sock.timed_read(8)
|
||||||
end
|
end
|
||||||
|
@ -112,7 +111,6 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
res = udp_sock.timed_read(13964, 1)
|
res = udp_sock.timed_read(13964, 1)
|
||||||
if res.blank?
|
if res.blank?
|
||||||
# To mitigate MacOSX udp sockets behavior
|
# To mitigate MacOSX udp sockets behavior
|
||||||
# see https://dev.metasploit.com/redmine/issues/7480
|
|
||||||
udp_sock.put(proto_tbl_pkt)
|
udp_sock.put(proto_tbl_pkt)
|
||||||
res = udp_sock.timed_read(13964)
|
res = udp_sock.timed_read(13964)
|
||||||
end
|
end
|
||||||
|
|
|
@ -107,7 +107,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
|
|
||||||
def start_http_service
|
def start_http_service
|
||||||
# do not use SSL for this part
|
# do not use SSL for this part
|
||||||
# XXX: See https://dev.metasploit.com/redmine/issues/8498
|
# XXX: See https://github.com/rapid7/metasploit-framework/issues/3853
|
||||||
# It must be possible to do this without directly editing the
|
# It must be possible to do this without directly editing the
|
||||||
# datastore.
|
# datastore.
|
||||||
if datastore['SSL']
|
if datastore['SSL']
|
||||||
|
@ -133,7 +133,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
})
|
})
|
||||||
|
|
||||||
# Restore SSL preference
|
# Restore SSL preference
|
||||||
# XXX: See https://dev.metasploit.com/redmine/issues/8498
|
# XXX: See https://github.com/rapid7/metasploit-framework/issues/3853
|
||||||
# It must be possible to do this without directly editing the
|
# It must be possible to do this without directly editing the
|
||||||
# datastore.
|
# datastore.
|
||||||
datastore['SSL'] = true if ssl_restore
|
datastore['SSL'] = true if ssl_restore
|
||||||
|
|
|
@ -20,7 +20,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
'Author' => [ 'savant42' ], #with module help from kos
|
'Author' => [ 'savant42' ], #with module help from kos
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'References' => [
|
'References' => [
|
||||||
['URL', 'http://dev.metasploit.com/redmine/issues/5610']
|
['CVE', '2011-5010'],
|
||||||
|
['OSVDB', '77497']
|
||||||
],
|
],
|
||||||
'Privileged' => false,
|
'Privileged' => false,
|
||||||
'Payload' =>
|
'Payload' =>
|
||||||
|
|
|
@ -170,8 +170,7 @@ Processor-Speed=#{processor_speed}
|
||||||
#parent process ID, Kill the parent.
|
#parent process ID, Kill the parent.
|
||||||
#This module doesn't use FileDropper because of timing issues when
|
#This module doesn't use FileDropper because of timing issues when
|
||||||
#using migrate -f and FileDropper. On the other hand PrependMigrate
|
#using migrate -f and FileDropper. On the other hand PrependMigrate
|
||||||
#has been avoided because of issues with reverse_https payload
|
#has been avoided because of older issues with reverse_https payload
|
||||||
#SeeRM#8365 https://http://dev.metasploit.com/redmine/issues/8365
|
|
||||||
|
|
||||||
unless client.type == "meterpreter"
|
unless client.type == "meterpreter"
|
||||||
print_error("Automatic cleanup only available with meterpreter, please delete #{stager_instance.payload_exe} manually")
|
print_error("Automatic cleanup only available with meterpreter, please delete #{stager_instance.payload_exe} manually")
|
||||||
|
|
|
@ -106,8 +106,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
sploit << rand_text_alpha_upper(finaloffset-egg.length)
|
sploit << rand_text_alpha_upper(finaloffset-egg.length)
|
||||||
|
|
||||||
# The use of rand_text_alpha_upper() ensures we always get the same length for the
|
# The use of rand_text_alpha_upper() ensures we always get the same length for the
|
||||||
# first IP address. See the following for more details:
|
# first IP address.
|
||||||
# http://dev.metasploit.com/redmine/issues/5453
|
|
||||||
sploit[12,4] = rand_text_alpha_upper(4)
|
sploit[12,4] = rand_text_alpha_upper(4)
|
||||||
|
|
||||||
udp_sock.put(sploit)
|
udp_sock.put(sploit)
|
||||||
|
|
|
@ -270,7 +270,7 @@ describe Msf::Ui::Console::CommandDispatcher::Db do
|
||||||
FactoryGirl.create(:mdm_service, :host => host, :port => 1026)
|
FactoryGirl.create(:mdm_service, :host => host, :port => 1026)
|
||||||
end
|
end
|
||||||
it "should list services that are not on a given port" do
|
it "should list services that are not on a given port" do
|
||||||
skip("refs redmine ticket #4821") {
|
skip {
|
||||||
db.cmd_services "-np", "1024"
|
db.cmd_services "-np", "1024"
|
||||||
|
|
||||||
@output.should =~ [
|
@output.should =~ [
|
||||||
|
|
|
@ -532,10 +532,8 @@ class Msftidy
|
||||||
error("Writes to stdout", idx)
|
error("Writes to stdout", idx)
|
||||||
end
|
end
|
||||||
|
|
||||||
# You should not change datastore in code. For reasons. See
|
# You should not change datastore in code. See
|
||||||
# RM#8498 for discussion, starting at comment #16:
|
# https://github.com/rapid7/metasploit-framework/issues/3853
|
||||||
#
|
|
||||||
# https://dev.metasploit.com/redmine/issues/8498#note-16
|
|
||||||
if ln =~ /(?<!\.)datastore\[["'][^"']+["']\]\s*(=|<<)(?![=~>])/
|
if ln =~ /(?<!\.)datastore\[["'][^"']+["']\]\s*(=|<<)(?![=~>])/
|
||||||
info("datastore is modified in code with '#{Regexp.last_match(1)}': #{ln}", idx)
|
info("datastore is modified in code with '#{Regexp.last_match(1)}': #{ln}", idx)
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue