diff --git a/Gemfile.lock b/Gemfile.lock index b84a698c82..22ab1fe85c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,9 +2,9 @@ PATH remote: . specs: metasploit-framework (6.0.57) - actionpack (~> 5.2.2) - activerecord (~> 5.2.2) - activesupport (~> 5.2.2) + actionpack (~> 6.0) + activerecord (~> 6.0) + activesupport (~> 6.0) aws-sdk-ec2 aws-sdk-iam aws-sdk-s3 @@ -26,11 +26,11 @@ PATH jsobfu json metasm - metasploit-concern (~> 3.0.0) - metasploit-credential (~> 4.0.0) - metasploit-model (~> 3.1.0) + metasploit-concern + metasploit-credential + metasploit-model metasploit-payloads (= 2.0.50) - metasploit_data_models (~> 4.1.0) + metasploit_data_models metasploit_payloads-mettle (= 1.0.10) mqtt msgpack @@ -94,34 +94,33 @@ GEM remote: https://rubygems.org/ specs: Ascii85 (1.1.0) - actionpack (5.2.6) - actionview (= 5.2.6) - activesupport (= 5.2.6) + actionpack (6.0.3.5) + actionview (= 6.0.3.5) + activesupport (= 6.0.3.5) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.6) - activesupport (= 5.2.6) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actionview (6.0.3.5) + activesupport (= 6.0.3.5) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activemodel (5.2.6) - activesupport (= 5.2.6) - activerecord (5.2.6) - activemodel (= 5.2.6) - activesupport (= 5.2.6) - arel (>= 9.0) - activesupport (5.2.6) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activemodel (6.0.3.5) + activesupport (= 6.0.3.5) + activerecord (6.0.3.5) + activemodel (= 6.0.3.5) + activesupport (= 6.0.3.5) + activesupport (6.0.3.5) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) addressable (2.8.0) public_suffix (>= 2.0.2, < 5.0) afm (0.2.2) - arel (9.0.0) arel-helpers (2.12.0) activerecord (>= 3.1.0, < 7) ast (2.4.2) @@ -226,33 +225,33 @@ GEM nokogiri (>= 1.5.9) memory_profiler (1.0.0) metasm (1.0.5) - metasploit-concern (3.0.2) - activemodel (~> 5.2.2) - activesupport (~> 5.2.2) - railties (~> 5.2.2) - metasploit-credential (4.0.5) + metasploit-concern (4.0.2) + activemodel (~> 6.0) + activesupport (~> 6.0) + railties (~> 6.0) + metasploit-credential (5.0.2) metasploit-concern metasploit-model - metasploit_data_models (>= 3.0.0) + metasploit_data_models (>= 5.0.0) net-ssh pg railties rex-socket rubyntlm rubyzip - metasploit-model (3.1.4) - activemodel (~> 5.2.2) - activesupport (~> 5.2.2) - railties (~> 5.2.2) + metasploit-model (4.0.2) + activemodel (~> 6.0) + activesupport (~> 6.0) + railties (~> 6.0) metasploit-payloads (2.0.50) - metasploit_data_models (4.1.4) - activerecord (~> 5.2.2) - activesupport (~> 5.2.2) + metasploit_data_models (5.0.1) + activerecord (~> 6.0) + activesupport (~> 6.0) arel-helpers metasploit-concern metasploit-model (>= 3.1) pg - railties (~> 5.2.2) + railties (~> 6.0) recog (~> 2.0) webrick metasploit_payloads-mettle (1.0.10) @@ -313,12 +312,12 @@ GEM nokogiri (>= 1.6) rails-html-sanitizer (1.3.0) loofah (~> 2.3) - railties (5.2.6) - actionpack (= 5.2.6) - activesupport (= 5.2.6) + railties (6.0.3.5) + actionpack (= 6.0.3.5) + activesupport (= 6.0.3.5) method_source rake (>= 0.8.7) - thor (>= 0.19.0, < 2.0) + thor (>= 0.20.3, < 2.0) rainbow (3.0.0) rake (13.0.6) rb-readline (0.5.5) diff --git a/app/models/application_record.rb b/app/models/application_record.rb index 10a4cba84d..2991e383e6 100644 --- a/app/models/application_record.rb +++ b/app/models/application_record.rb @@ -1,3 +1,5 @@ class ApplicationRecord < ActiveRecord::Base self.abstract_class = true + include ArelHelpers::ArelTable + include ArelHelpers::JoinAssociation end diff --git a/config/application.rb b/config/application.rb index a3dcd2b134..ca7ee109b9 100644 --- a/config/application.rb +++ b/config/application.rb @@ -36,6 +36,7 @@ module Metasploit config.paths['log'] = "#{Msf::Config.log_directory}/#{Rails.env}.log" config.paths['config/database'] = [Metasploit::Framework::Database.configurations_pathname.try(:to_path)] + config.autoloader = :zeitwerk case Rails.env when "development" @@ -51,4 +52,4 @@ end # Silence warnings about this defaulting to true I18n.enforce_available_locales = true -require 'msfenv' \ No newline at end of file +require 'msfenv' diff --git a/config/initializers/msf_loaded_paths_extractor.rb b/config/initializers/msf_loaded_paths_extractor.rb new file mode 100644 index 0000000000..9c7169e43e --- /dev/null +++ b/config/initializers/msf_loaded_paths_extractor.rb @@ -0,0 +1,17 @@ +require 'msf_autoload' + +module MsfLoadedPathsExtractor + + def extract(loader) + framework_managed = [] + config_paths.each do |entry| + framework_managed << Pathname.new(entry[:path]).realpath.to_s + end + loader.ignore(ignore_list) + end + +end + +MsfAutoload.send(:prepend, MsfLoadedPathsExtractor) + +MsfAutoload.instance.extract(Rails.autoloaders.main) diff --git a/db/schema.rb b/db/schema.rb index 430394e1f5..c3745a55c1 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -2,11 +2,11 @@ # of editing this file, please use the migrations feature of Active Record to # incrementally modify your database, and then regenerate this schema definition. # -# Note that this schema.rb definition is the authoritative source for your -# database schema. If you need to create the application database on another -# system, you should be using db:schema:load, not running all the migrations -# from scratch. The latter is a flawed and unsustainable approach (the more migrations -# you'll amass, the slower it'll run and the greater likelihood for issues). +# This file is the source Rails uses to define your schema when running `bin/rails +# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to +# be faster and is potentially less error prone than running all of your +# migrations from scratch. Old migrations may fail to apply correctly if those +# migrations use external dependencies or application code. # # It's strongly recommended that you check this file into your version control system. diff --git a/lib/metasploit/framework/command/base.rb b/lib/metasploit/framework/command/base.rb index 62b3515a2a..7aa8382869 100644 --- a/lib/metasploit/framework/command/base.rb +++ b/lib/metasploit/framework/command/base.rb @@ -74,7 +74,7 @@ class Metasploit::Framework::Command::Base end def self.parsed_options_class_name - @parsed_options_class_name ||= "#{parent.parent}::ParsedOptions::#{name.demodulize}" + @parsed_options_class_name ||= "#{module_parent.module_parent}::ParsedOptions::#{name.demodulize}" end def self.start diff --git a/lib/metasploit/framework/rails_version_constraint.rb b/lib/metasploit/framework/rails_version_constraint.rb index cbb792befb..7822a12d1d 100644 --- a/lib/metasploit/framework/rails_version_constraint.rb +++ b/lib/metasploit/framework/rails_version_constraint.rb @@ -3,7 +3,7 @@ module Metasploit module Framework module RailsVersionConstraint - RAILS_VERSION = '~> 5.2.2' + RAILS_VERSION = '~> 6.0' end end end diff --git a/lib/msf/core/db_manager/migration.rb b/lib/msf/core/db_manager/migration.rb index b5ee824ea2..dfa03ab0ec 100644 --- a/lib/msf/core/db_manager/migration.rb +++ b/lib/msf/core/db_manager/migration.rb @@ -34,7 +34,7 @@ module Msf::DBManager::Migration ActiveRecord::Migration.verbose = verbose ActiveRecord::Base.connection_pool.with_connection do begin - context = ActiveRecord::MigrationContext.new(gather_engine_migration_paths) + context = ActiveRecord::MigrationContext.new(gather_engine_migration_paths, ActiveRecord::SchemaMigration) if context.needs_migration? ran = context.migrate end diff --git a/lib/msf/core/module_manager/cache.rb b/lib/msf/core/module_manager/cache.rb index 959776fe22..edddf298d4 100644 --- a/lib/msf/core/module_manager/cache.rb +++ b/lib/msf/core/module_manager/cache.rb @@ -52,7 +52,7 @@ module Msf::ModuleManager::Cache log_message = log_lines.join("\n") elog(log_message) else - parent_path = class_or_module.parent.parent_path + parent_path = class_or_module.module_parent.parent_path reference_name = options.fetch(:reference_name) type = options.fetch(:type) diff --git a/lib/msf/core/modules/loader/base.rb b/lib/msf/core/modules/loader/base.rb index 153a030768..85825cd7c3 100644 --- a/lib/msf/core/modules/loader/base.rb +++ b/lib/msf/core/modules/loader/base.rb @@ -535,7 +535,7 @@ class Msf::Modules::Loader::Base relative_name = namespace_module_names.last if previous_namespace_module - parent_module = previous_namespace_module.parent + parent_module = previous_namespace_module.module_parent # remove_const is private, so use send to bypass parent_module.send(:remove_const, relative_name) end @@ -544,7 +544,7 @@ class Msf::Modules::Loader::Base # Get the parent module from the created module so that # restore_namespace_module can remove namespace_module's constant if # needed. - parent_module = namespace_module.parent + parent_module = namespace_module.module_parent begin loaded = block.call(namespace_module) diff --git a/lib/msf/core/web_services/authentication/strategies.rb b/lib/msf/core/web_services/authentication/strategies.rb index 4920897523..5baa758670 100644 --- a/lib/msf/core/web_services/authentication/strategies.rb +++ b/lib/msf/core/web_services/authentication/strategies.rb @@ -1,7 +1,9 @@ +require 'warden' + module Msf::WebServices::Authentication module Strategies Warden::Strategies.add(:api_token, Msf::WebServices::Authentication::Strategies::ApiToken) Warden::Strategies.add(:admin_api_token, Msf::WebServices::Authentication::Strategies::AdminApiToken) Warden::Strategies.add(:password, Msf::WebServices::Authentication::Strategies::UserPassword) end -end \ No newline at end of file +end diff --git a/lib/msf_autoload.rb b/lib/msf_autoload.rb index f65deb9b58..e0f3b475fd 100644 --- a/lib/msf_autoload.rb +++ b/lib/msf_autoload.rb @@ -295,7 +295,6 @@ class MsfAutoload [ { path: "#{__dir__}/msf/", namespace: Msf }, { path: "#{__dir__}/rex/", namespace: Rex }, - { path: "#{__dir__}/../app/validators/" }, ] end diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec index 73a5abb3f1..bc9fdca653 100644 --- a/metasploit-framework.gemspec +++ b/metasploit-framework.gemspec @@ -61,14 +61,14 @@ Gem::Specification.new do |spec| # Metasm compiler/decompiler/assembler spec.add_runtime_dependency 'metasm' # Metasploit::Concern hooks - spec.add_runtime_dependency 'metasploit-concern', '~> 3.0.0' + spec.add_runtime_dependency 'metasploit-concern' # Metasploit::Credential database models - spec.add_runtime_dependency 'metasploit-credential', '~> 4.0.0' + spec.add_runtime_dependency 'metasploit-credential' # Database models shared between framework and Pro. - spec.add_runtime_dependency 'metasploit_data_models', '~> 4.1.0' + spec.add_runtime_dependency 'metasploit_data_models' # Things that would normally be part of the database model, but which # are needed when there's no database - spec.add_runtime_dependency 'metasploit-model', '~> 3.1.0' + spec.add_runtime_dependency 'metasploit-model' # Needed for Meterpreter spec.add_runtime_dependency 'metasploit-payloads', '2.0.50' # Needed for the next-generation POSIX Meterpreter diff --git a/spec/support/shared/examples/msf/db_manager/migration.rb b/spec/support/shared/examples/msf/db_manager/migration.rb index e4f783b2f3..4b6ab82161 100644 --- a/spec/support/shared/examples/msf/db_manager/migration.rb +++ b/spec/support/shared/examples/msf/db_manager/migration.rb @@ -33,7 +33,7 @@ RSpec.shared_examples_for 'Msf::DBManager::Migration' do it 'should return an ActiveRecord::MigrationContext with known migrations' do migrations_paths = [File.expand_path("../../../../../file_fixtures/migrate", __dir__)] - expect(ActiveRecord::Migrator).to receive(:migrations_paths).and_return(migrations_paths).exactly(3).times + expect(ActiveRecord::Migrator).to receive(:migrations_paths).and_return(migrations_paths).exactly(2).times result = migrate expect(result.size).to eq 1 expect(result[0].name).to eq "TestDbMigration" @@ -55,7 +55,7 @@ RSpec.shared_examples_for 'Msf::DBManager::Migration' do end before(:example) do - mockContext = ActiveRecord::MigrationContext.new(nil) + mockContext = ActiveRecord::MigrationContext.new(nil, ActiveRecord::SchemaMigration) expect(ActiveRecord::MigrationContext).to receive(:new).and_return(mockContext) expect(mockContext).to receive(:needs_migration?).and_return(true) expect(mockContext).to receive(:migrate).and_raise(standard_error) diff --git a/spec/support/shared/examples/msf/module_manager/cache.rb b/spec/support/shared/examples/msf/module_manager/cache.rb index bbf2bb6b4b..5ab8da7e2d 100644 --- a/spec/support/shared/examples/msf/module_manager/cache.rb +++ b/spec/support/shared/examples/msf/module_manager/cache.rb @@ -83,7 +83,7 @@ RSpec.shared_examples_for 'Msf::ModuleManager::Cache' do end let(:class_or_module) do - double('Class or Module', :parent => namespace_module) + double('Class or Module', :module_parent => namespace_module) end let(:namespace_module) do diff --git a/spec/support/shared/examples/msf/module_manager/loading.rb b/spec/support/shared/examples/msf/module_manager/loading.rb index c9f704551d..5a3ed3636f 100644 --- a/spec/support/shared/examples/msf/module_manager/loading.rb +++ b/spec/support/shared/examples/msf/module_manager/loading.rb @@ -209,7 +209,7 @@ RSpec.shared_examples_for 'Msf::ModuleManager::Loading' do end before(:example) do - allow(klass).to receive(:parent).and_return(namespace_module) + allow(klass).to receive(:module_parent).and_return(namespace_module) end it "should add module to type's module_set" do