From 18104c133f7cc5eccbfd338389b83dca8935b2cb Mon Sep 17 00:00:00 2001 From: adfoster-r7 Date: Mon, 23 May 2022 22:58:40 +0100 Subject: [PATCH] Rename wiki files --- docs/build.rb | 13 ++++-- ...Reliability-Side-Effects-and-Stability.md} | 0 .../GSoC-2022-Project-Ideas.md | 2 +- ...ting-ysoserial-Java-serialized-objects.md} | 0 ...andling-Module-Failures-with-fail_with.md} | 0 docs/metasploit-framework.wiki/Home.md | 8 ++-- ...o-use-a-Metasploit-module-appropriately.md | 4 +- ...thod.md => How-to-write-a-check-method.md} | 0 ...-to-zip-files-with-Msf-Util-EXE-to_zip.md} | 0 ...loit-Data-Service-Enhancements-Goliath.md} | 0 ...loit.md => Metasploit-Database-Support.md} | 0 ....md => Metasploit-URL-support-proposal.md} | 0 ...and-Understanding-Metasploits-Codebase.md} | 0 ...ibraries.md => SQL-Injection-Libraries.md} | 0 ...e.local.example.md => Using-local-gems.md} | 0 docs/navigation.rb | 44 +++++++++---------- 16 files changed, 38 insertions(+), 33 deletions(-) rename docs/metasploit-framework.wiki/{Definition-of-Module-Reliability,-Side-Effects,-and-Stability.md => Definition-of-Module-Reliability-Side-Effects-and-Stability.md} (100%) rename docs/metasploit-framework.wiki/{Generating-`ysoserial`-Java-serialized-objects.md => Generating-ysoserial-Java-serialized-objects.md} (100%) rename docs/metasploit-framework.wiki/{Handling-Module-Failures-with-`fail_with`.md => Handling-Module-Failures-with-fail_with.md} (100%) rename docs/metasploit-framework.wiki/{How-to-write-a-check()-method.md => How-to-write-a-check-method.md} (100%) rename docs/metasploit-framework.wiki/{How-to-zip-files-with-Msf-Util-EXE.to_zip.md => How-to-zip-files-with-Msf-Util-EXE-to_zip.md} (100%) rename docs/metasploit-framework.wiki/{Metasploit-Data-Service-Enhancements-(Goliath).md => Metasploit-Data-Service-Enhancements-Goliath.md} (100%) rename docs/metasploit-framework.wiki/{msfdb:-Database-Features-&-How-to-Set-up-a-Database-for-Metasploit.md => Metasploit-Database-Support.md} (100%) rename docs/metasploit-framework.wiki/{RFC---Metasploit-URL-support.md => Metasploit-URL-support-proposal.md} (100%) rename docs/metasploit-framework.wiki/{Navigating-and-Understanding-Metasploit's-Codebase.md => Navigating-and-Understanding-Metasploits-Codebase.md} (100%) rename docs/metasploit-framework.wiki/{SQL-Injection-(SQLi)-Libraries.md => SQL-Injection-Libraries.md} (100%) rename docs/metasploit-framework.wiki/{Testing-Rex-and-other-Gem-File-Updates-With-Gemfile.local-and-Gemfile.local.example.md => Using-local-gems.md} (100%) diff --git a/docs/build.rb b/docs/build.rb index 5ce5f657d3..74b1b202d3 100644 --- a/docs/build.rb +++ b/docs/build.rb @@ -47,7 +47,7 @@ module Build each do |page| page_keys = page.keys - allowed_keys = %i[path new_base_name nav_order title new_path folder children has_children parents] + allowed_keys = %i[old_wiki_path path new_base_name nav_order title new_path folder children has_children parents] invalid_keys = page_keys - allowed_keys raise "#{page} had invalid keys #{invalid_keys.join(', ')}" if invalid_keys.any? end @@ -200,11 +200,15 @@ module Build new_links end - # Scans for substrings such as '[[Reference Sites|Git Reference Sites]]' + # Scans for Github wiki flavor links such as: + # '[[Relative Path]]' + # '[[Custom name|Relative Path]]' + # '[[Custom name|relative-path]]' + # '[[Custom name|./relative-path.md]]' def extract_relative_links(markdown) existing_links = @links new_links = {} - markdown.scan(/(\[\[([\w_ '().:,-]+)(?:\|([\w_ '():,.-]+))?\]\])/) do |full_match, left, right| + markdown.scan(/(\[\[([\w\/_ '().:,-]+)(?:\|([\w\/_ '():,.-]+))?\]\])/) do |full_match, left, right| old_path = (right || left) new_path = new_path_for(old_path) if existing_links[full_match] && existing_links[full_match][:new_path] != new_path @@ -233,7 +237,8 @@ module Build old_path = old_path.gsub(' ', '-') matched_pages = pages.select do |page| !page[:folder] && - File.basename(page[:path]).downcase == "#{File.basename(old_path)}.md".downcase + (File.basename(page[:path]).downcase == "#{File.basename(old_path)}.md".downcase || + File.basename(page[:path]).downcase == "#{File.basename(old_path)}".downcase) end if matched_pages.empty? raise "Missing path for #{old_path}" diff --git a/docs/metasploit-framework.wiki/Definition-of-Module-Reliability,-Side-Effects,-and-Stability.md b/docs/metasploit-framework.wiki/Definition-of-Module-Reliability-Side-Effects-and-Stability.md similarity index 100% rename from docs/metasploit-framework.wiki/Definition-of-Module-Reliability,-Side-Effects,-and-Stability.md rename to docs/metasploit-framework.wiki/Definition-of-Module-Reliability-Side-Effects-and-Stability.md diff --git a/docs/metasploit-framework.wiki/GSoC-2022-Project-Ideas.md b/docs/metasploit-framework.wiki/GSoC-2022-Project-Ideas.md index f198ce1a7d..6fab15055d 100644 --- a/docs/metasploit-framework.wiki/GSoC-2022-Project-Ideas.md +++ b/docs/metasploit-framework.wiki/GSoC-2022-Project-Ideas.md @@ -58,7 +58,7 @@ Difficulty: 4/5 Enhance existing Metasploit Goliath dashboard that allows observation of an active engagement. Data visualization would include, but not be limited to: host node graph with activity indicators and heat maps. The main idea here is to create a visualization tool that helps users understand data that has been gathered into Metasploit during usage in some useful way. Proposals should note where the service will live, how a user will use the service, and how you will provide a maintainable and extendable consumer for the data that is exposed. -See [Metasploit 'Goliath' Demo (msf-red)](https://www.youtube.com/watch?v=hvuy6A-ie1g&feature=youtu.be&t=176) for a demo video of Goliath in action. You can also read more on Metasploit Goliath at [Metasploit-Data-Service-Enhancements-(Goliath)](https://github.com/rapid7/metasploit-framework/wiki/Metasploit-Data-Service-Enhancements-%28Goliath%29) +See [Metasploit 'Goliath' Demo (msf-red)](https://www.youtube.com/watch?v=hvuy6A-ie1g&feature=youtu.be&t=176) for a demo video of Goliath in action. You can also read more on Metasploit Goliath at [Metasploit-Data-Service-Enhancements-(Goliath)](./Metasploit-Data-Service-Enhancements-Goliath) Size: Medium/Large (Depends on proposal) Difficulty 3/5 diff --git a/docs/metasploit-framework.wiki/Generating-`ysoserial`-Java-serialized-objects.md b/docs/metasploit-framework.wiki/Generating-ysoserial-Java-serialized-objects.md similarity index 100% rename from docs/metasploit-framework.wiki/Generating-`ysoserial`-Java-serialized-objects.md rename to docs/metasploit-framework.wiki/Generating-ysoserial-Java-serialized-objects.md diff --git a/docs/metasploit-framework.wiki/Handling-Module-Failures-with-`fail_with`.md b/docs/metasploit-framework.wiki/Handling-Module-Failures-with-fail_with.md similarity index 100% rename from docs/metasploit-framework.wiki/Handling-Module-Failures-with-`fail_with`.md rename to docs/metasploit-framework.wiki/Handling-Module-Failures-with-fail_with.md diff --git a/docs/metasploit-framework.wiki/Home.md b/docs/metasploit-framework.wiki/Home.md index f4744f86f6..7a09a5e631 100644 --- a/docs/metasploit-framework.wiki/Home.md +++ b/docs/metasploit-framework.wiki/Home.md @@ -10,7 +10,7 @@ Are you anxious to get your [Metasploit Development Environment](https://github. - [[Using Metasploit]] - [[Using Git]] - [[Reporting a Bug]] -- [[Navigating and Understanding Metasploit's Codebase]] +- [[Navigating and Understanding Metasploit's Codebase|./Navigating-and-Understanding-Metasploits-Codebase.md]] # Contributing @@ -53,10 +53,10 @@ Are you anxious to get your [Metasploit Development Environment](https://github. - [[How to use WbemExec for a write privilege attack on Windows]] - [[How to write a browser exploit using BrowserExploitServer]] - [[How to write a browser exploit using HttpServer]] -- [[How to write a check() method]] +- [[How to write a check method]] - [[How to write a HTTP LoginScanner Module]] - [[How to write a module using HttpServer and HttpClient]] -- [How to zip files with Msf::Util::EXE.to_zip](https://github.com/rapid7/metasploit-framework/wiki/How-to-zip-files-with-Msf-Util-EXE.to_zip) +- [[How to zip files with Msf::Util::EXE.to_zip|./How-to-zip-files-with-Msf-Util-EXE-to_zip.md]] - [[How to use Metasploit Framework Compiler Windows to compile C code]] - [[How to use Metasploit Framework Obfuscation CRandomizer]] - [[How to decrypt RC4 with Metasploit Framework Compiler]] @@ -64,7 +64,7 @@ Are you anxious to get your [Metasploit Development Environment](https://github. - [[How to XOR with Metasploit Framework Compiler]] - [[Using ReflectiveDll Injection]] - [[Oracle Usage]] -- [[Definition of Module Reliability, Side Effects, and Stability]] +- [[Definition of Module Reliability, Side Effects, and Stability|./Definition-of-Module-Reliability-Side-Effects-and-Stability.md]] # Metasploit Payloads # diff --git a/docs/metasploit-framework.wiki/How-to-use-a-Metasploit-module-appropriately.md b/docs/metasploit-framework.wiki/How-to-use-a-Metasploit-module-appropriately.md index ba38fa9502..724c5af5da 100644 --- a/docs/metasploit-framework.wiki/How-to-use-a-Metasploit-module-appropriately.md +++ b/docs/metasploit-framework.wiki/How-to-use-a-Metasploit-module-appropriately.md @@ -20,7 +20,7 @@ This may sound surprising, but sometimes we get asked questions that are already * **Which ones have been tested**: When a module is developed, usually the exploit isn't tested against every single setup if there are too many. Usually the developers will just try to test whatever they can get their hands on. So if your target isn't mentioned here, keep in mind there is no guarantee it's going to work 100%. The safest thing to do is to actually recreate the environment your target has, and test the exploit before hitting the real thing. -* **What conditions the server must meet in order to be exploitable**: Quite often, a vulnerability requires multiple conditions to be exploitable. In some cases you can rely on the exploit's [check command](https://github.com/rapid7/metasploit-framework/wiki/How-to-write-a-check%28%29-method), because when Metasploit flags something as vulnerable, it actually exploited the bug. For browser exploits using the BrowserExploitServer mixin, it will also check exploitable requirements before loading the exploit. But automation isn't always there, so you should try to find this information before running that "exploit" command. Sometimes it's just common sense, really. For example: a web application's file upload feature might be abused to upload a web-based backdoor, and stuff like that usually requires the upload folder to be accessible for the user. If your target doesn't meet the requirement(s), there is no point to try. +* **What conditions the server must meet in order to be exploitable**: Quite often, a vulnerability requires multiple conditions to be exploitable. In some cases you can rely on the exploit's [check command](How-to-write-a-check-method.md), because when Metasploit flags something as vulnerable, it actually exploited the bug. For browser exploits using the BrowserExploitServer mixin, it will also check exploitable requirements before loading the exploit. But automation isn't always there, so you should try to find this information before running that "exploit" command. Sometimes it's just common sense, really. For example: a web application's file upload feature might be abused to upload a web-based backdoor, and stuff like that usually requires the upload folder to be accessible for the user. If your target doesn't meet the requirement(s), there is no point to try. You can use the info command to see the module's description: @@ -90,4 +90,4 @@ https://github.com/rapid7/metasploit-framework/pull/[PULL REQUEST NUMBER HERE] 2. Select label "module". 3. In the search box, enter additional keywords related to the module. The module's title probably provides the best keywords. -Note: If the module was written before Nov 2011, you WILL NOT find the pull request for it. \ No newline at end of file +Note: If the module was written before Nov 2011, you WILL NOT find the pull request for it. diff --git a/docs/metasploit-framework.wiki/How-to-write-a-check()-method.md b/docs/metasploit-framework.wiki/How-to-write-a-check-method.md similarity index 100% rename from docs/metasploit-framework.wiki/How-to-write-a-check()-method.md rename to docs/metasploit-framework.wiki/How-to-write-a-check-method.md diff --git a/docs/metasploit-framework.wiki/How-to-zip-files-with-Msf-Util-EXE.to_zip.md b/docs/metasploit-framework.wiki/How-to-zip-files-with-Msf-Util-EXE-to_zip.md similarity index 100% rename from docs/metasploit-framework.wiki/How-to-zip-files-with-Msf-Util-EXE.to_zip.md rename to docs/metasploit-framework.wiki/How-to-zip-files-with-Msf-Util-EXE-to_zip.md diff --git a/docs/metasploit-framework.wiki/Metasploit-Data-Service-Enhancements-(Goliath).md b/docs/metasploit-framework.wiki/Metasploit-Data-Service-Enhancements-Goliath.md similarity index 100% rename from docs/metasploit-framework.wiki/Metasploit-Data-Service-Enhancements-(Goliath).md rename to docs/metasploit-framework.wiki/Metasploit-Data-Service-Enhancements-Goliath.md diff --git a/docs/metasploit-framework.wiki/msfdb:-Database-Features-&-How-to-Set-up-a-Database-for-Metasploit.md b/docs/metasploit-framework.wiki/Metasploit-Database-Support.md similarity index 100% rename from docs/metasploit-framework.wiki/msfdb:-Database-Features-&-How-to-Set-up-a-Database-for-Metasploit.md rename to docs/metasploit-framework.wiki/Metasploit-Database-Support.md diff --git a/docs/metasploit-framework.wiki/RFC---Metasploit-URL-support.md b/docs/metasploit-framework.wiki/Metasploit-URL-support-proposal.md similarity index 100% rename from docs/metasploit-framework.wiki/RFC---Metasploit-URL-support.md rename to docs/metasploit-framework.wiki/Metasploit-URL-support-proposal.md diff --git a/docs/metasploit-framework.wiki/Navigating-and-Understanding-Metasploit's-Codebase.md b/docs/metasploit-framework.wiki/Navigating-and-Understanding-Metasploits-Codebase.md similarity index 100% rename from docs/metasploit-framework.wiki/Navigating-and-Understanding-Metasploit's-Codebase.md rename to docs/metasploit-framework.wiki/Navigating-and-Understanding-Metasploits-Codebase.md diff --git a/docs/metasploit-framework.wiki/SQL-Injection-(SQLi)-Libraries.md b/docs/metasploit-framework.wiki/SQL-Injection-Libraries.md similarity index 100% rename from docs/metasploit-framework.wiki/SQL-Injection-(SQLi)-Libraries.md rename to docs/metasploit-framework.wiki/SQL-Injection-Libraries.md diff --git a/docs/metasploit-framework.wiki/Testing-Rex-and-other-Gem-File-Updates-With-Gemfile.local-and-Gemfile.local.example.md b/docs/metasploit-framework.wiki/Using-local-gems.md similarity index 100% rename from docs/metasploit-framework.wiki/Testing-Rex-and-other-Gem-File-Updates-With-Gemfile.local-and-Gemfile.local.example.md rename to docs/metasploit-framework.wiki/Using-local-gems.md diff --git a/docs/navigation.rb b/docs/navigation.rb index 497847e00b..986f6f51c6 100644 --- a/docs/navigation.rb +++ b/docs/navigation.rb @@ -138,8 +138,8 @@ NAVIGATION_CONFIG = [ path: 'Hashes-and-Password-Cracking.md' }, { - path: 'msfdb:-Database-Features-&-How-to-Set-up-a-Database-for-Metasploit.md', - new_base_name: 'Metasploit-Database-Support.md', + old_wiki_path: 'msfdb:-Database-Features-&-How-to-Set-up-a-Database-for-Metasploit.md', + path: 'Metasploit-Database-Support.md', title: 'Database Support' }, ] @@ -276,8 +276,8 @@ NAVIGATION_CONFIG = [ nav_order: 3 }, { - path: "Navigating-and-Understanding-Metasploit's-Codebase.md", - new_base_name: 'Navigating-and-Understanding-Metasploits-Codebase.md', + old_wiki_path: "Navigating-and-Understanding-Metasploit's-Codebase.md", + path: 'Navigating-and-Understanding-Metasploits-Codebase.md', title: 'Navigating the codebase' }, { @@ -348,8 +348,8 @@ NAVIGATION_CONFIG = [ path: 'How-to-use-command-stagers.md' }, { - path: 'How-to-write-a-check()-method.md', - new_base_name: 'How-to-write-a-check-method.md' + old_wiki_path: 'How-to-write-a-check()-method.md', + path: 'How-to-write-a-check-method.md' }, { path: 'How-to-check-Microsoft-patch-levels-for-your-exploit.md' @@ -396,13 +396,13 @@ NAVIGATION_CONFIG = [ title: 'Railgun' }, { - path: 'How-to-zip-files-with-Msf-Util-EXE.to_zip.md', - new_base_name: 'How-to-zip-files-with-Msf-Util-EXE-to_zip.md', + old_wiki_path: 'How-to-zip-files-with-Msf-Util-EXE.to_zip.md', + path: 'How-to-zip-files-with-Msf-Util-EXE-to_zip.md', title: 'Zip' }, { - path: 'Handling-Module-Failures-with-`fail_with`.md', - new_base_name: 'Handling-Module-Failures-with-fail_with.md', + old_wiki_path: 'Handling-Module-Failures-with-`fail_with`.md', + path: 'Handling-Module-Failures-with-fail_with.md', title: 'Fail_with' }, { @@ -414,8 +414,8 @@ NAVIGATION_CONFIG = [ title: 'Fileformat' }, { - path: 'SQL-Injection-(SQLi)-Libraries.md', - new_base_name: 'SQL-Injection-Libraries.md', + old_wiki_path: 'SQL-Injection-(SQLi)-Libraries.md', + path: 'SQL-Injection-Libraries.md', title: 'SQL Injection' }, { @@ -464,8 +464,8 @@ NAVIGATION_CONFIG = [ path: 'Dot-Net-Deserialization.md' }, { - path: 'Generating-`ysoserial`-Java-serialized-objects.md', - new_base_name: 'Generating-ysoserial-Java-serialized-objects.md', + old_wiki_path: 'Generating-`ysoserial`-Java-serialized-objects.md', + path: 'Generating-ysoserial-Java-serialized-objects.md', title: 'Java Deserialization' } ] @@ -546,8 +546,8 @@ NAVIGATION_CONFIG = [ path: 'Module-Reference-Identifiers.md' }, { - path: 'Definition-of-Module-Reliability,-Side-Effects,-and-Stability.md', - new_base_name: 'Definition-of-Module-Reliability-Side-Effects-and-Stability.md' + old_wiki_path: 'Definition-of-Module-Reliability,-Side-Effects,-and-Stability.md', + path: 'Definition-of-Module-Reliability-Side-Effects-and-Stability.md' }, ] } @@ -597,8 +597,8 @@ NAVIGATION_CONFIG = [ title: 'Adding and Updating' }, { - path: 'Testing-Rex-and-other-Gem-File-Updates-With-Gemfile.local-and-Gemfile.local.example.md', - new_base_name: 'using-local-gems.md', + old_wiki_path: 'Testing-Rex-and-other-Gem-File-Updates-With-Gemfile.local-and-Gemfile.local.example.md', + path: 'Using-local-gems.md', title: 'Using local Gems' }, { @@ -696,8 +696,8 @@ NAVIGATION_CONFIG = [ path: 'MSF6-Feature-Proposals.md' }, { - path: 'RFC---Metasploit-URL-support.md', - new_base_name: 'Metasploit-URL-support-proposal.md' + old_wiki_path: 'RFC---Metasploit-URL-support.md', + path: 'Metasploit-URL-support-proposal.md' }, { path: 'Uberhandler.md' @@ -740,8 +740,8 @@ NAVIGATION_CONFIG = [ path: 'Metasploit-Breaking-Changes.md' }, { - path: 'Metasploit-Data-Service-Enhancements-(Goliath).md', - new_base_name: 'Metasploit-Data-Service-Enhancements-Goliath.md', + old_wiki_path: 'Metasploit-Data-Service-Enhancements-(Goliath).md', + path: 'Metasploit-Data-Service-Enhancements-Goliath.md', title: 'Metasploit Data Service' }, ]