diff --git a/plugins/aggregator.rb b/plugins/aggregator.rb index 6342776f94..d39ae4d528 100644 --- a/plugins/aggregator.rb +++ b/plugins/aggregator.rb @@ -7,7 +7,7 @@ # module Msf - Aggregator_yaml = "#{Msf::Config.config_directory}/aggregator.yaml" # location of the aggregator.yml containing saved aggregator creds + Aggregator_yaml = "#{Msf::Config.config_directory}/aggregator.yaml".freeze # location of the aggregator.yml containing saved aggregator creds class Plugin::Aggregator < Msf::Plugin class AggregatorCommandDispatcher @@ -111,7 +111,7 @@ module Msf def cmd_aggregator_save(*args) # if we are logged in, save session details to aggregator.yaml - if args.length > 0 || args[0] == '-h' + if !args.empty? || args[0] == '-h' usage_save return end @@ -123,9 +123,9 @@ module Msf group = 'default' - if (@host && @host.length > 0) && (@port && @port.length > 0 && @port.to_i > 0) - config = { "#{group}" => { 'server' => @host, 'port' => @port } } - ::File.open("#{Aggregator_yaml}", 'wb') { |f| f.puts YAML.dump(config) } + if (@host && !@host.empty?) && (@port && !@port.empty? && @port.to_i > 0) + config = { group.to_s => { 'server' => @host, 'port' => @port } } + ::File.open(Aggregator_yaml.to_s, 'wb') { |f| f.puts YAML.dump(config) } print_good("#{Aggregator_yaml} created.") else print_error('Missing server/port - reconnect and then try again.') @@ -134,15 +134,15 @@ module Msf end def cmd_aggregator_connect(*args) - if !args[0] && ::File.readable?("#{Aggregator_yaml}") - lconfig = YAML.load_file("#{Aggregator_yaml}") + if !args[0] && ::File.readable?(Aggregator_yaml.to_s) + lconfig = YAML.load_file(Aggregator_yaml.to_s) @host = lconfig['default']['server'] @port = lconfig['default']['port'] aggregator_login return end - if args.length == 0 || args[0].empty? || args[0] == '-h' + if args.empty? || args[0].empty? || args[0] == '-h' usage_connect return end @@ -202,7 +202,7 @@ module Msf print_status('Remote sessions') print_status('===============') print_status('') - if session_map.length == 0 + if session_map.empty? print_status('No remote sessions.') else unless isDetailed @@ -251,7 +251,7 @@ module Msf return end - if !aggregator_verify || args.length == 0 || args[0] == '-h' || \ + if !aggregator_verify || args.empty? || args[0] == '-h' || \ port.nil? || port.to_i <= 0 usage_cable_add return @@ -279,7 +279,7 @@ module Msf when 2 host, port = args end - if !aggregator_verify || args.length == 0 || args[0] == '-h' || host.nil? + if !aggregator_verify || args.empty? || args[0] == '-h' || host.nil? usage_cable_remove return end @@ -374,12 +374,12 @@ module Msf end def aggregator_login - if !((@host && @host.length > 0) && (@port && @port.length > 0 && @port.to_i > 0)) + if !((@host && !@host.empty?) && (@port && !@port.empty? && @port.to_i > 0)) usage_connect return end - if @host != 'localhost' and @host != '127.0.0.1' + if (@host != 'localhost') && (@host != '127.0.0.1') print_error('Warning: SSL connections are not verified in this release, it is possible for an attacker') print_error(' with the ability to man-in-the-middle the Aggregator traffic to capture the Aggregator') print_error(' traffic, if you are running this on an untrusted network.') @@ -429,7 +429,7 @@ module Msf multi_handler.datastore['LHOST'] = '127.0.0.1' # multi_handler.datastore['PAYLOAD'] = "multi/meterpreter/reverse_https" multi_handler.datastore['PAYLOAD'] = 'multi/meterpreter/reverse_http' - multi_handler.datastore['LPORT'] = "#{port}" + multi_handler.datastore['LPORT'] = port.to_s # %w(DebugOptions PrependMigrate PrependMigrateProc # InitialAutoRunScript AutoRunScript CAMPAIGN_ID HandlerSSLCert diff --git a/plugins/alias.rb b/plugins/alias.rb index 4203a5b732..9b6886bbe4 100644 --- a/plugins/alias.rb +++ b/plugins/alias.rb @@ -24,7 +24,8 @@ module Msf # # Returns the hash of commands supported by this dispatcher. # - def commands # driver.dispatcher_stack[3].commands + # driver.dispatcher_stack[3].commands + def commands { 'alias' => 'create or view an alias.' # "alias_clear" => "clear an alias (or all aliases).", @@ -40,7 +41,7 @@ module Msf # we parse args manually instead of using @@alias.opts.parse to handle special cases case args.length when 0 # print the list of current aliases - if @aliases.length == 0 + if @aliases.empty? return print_status('No aliases currently defined') else tbl = Rex::Text::Table.new( @@ -56,7 +57,7 @@ module Msf return print(tbl.to_s) end when 1 # display the alias if one matches this name (or help) - return cmd_alias_help if args[0] == '-h' or args[0] == '--help' + return cmd_alias_help if (args[0] == '-h') || (args[0] == '--help') if @aliases.keys.include?(args[0]) print_status("\'#{args[0]}\' is aliased to \'#{@aliases[args[0]]}\'") @@ -92,7 +93,7 @@ module Msf if clear # clear all aliases if "*" if name == '*' - @aliases.keys.each do |a| + @aliases.each_key do |a| deregister_alias(a) end print_status 'Cleared all aliases' @@ -121,7 +122,7 @@ module Msf # print_good "Alias validity = #{is_valid_alias.to_s}" is_sys_cmd = Rex::FileUtils.find_full_path(name) is_already_alias = @aliases.keys.include?(name) - if is_valid_alias and !is_sys_cmd and !is_already_alias + if is_valid_alias && !is_sys_cmd && !is_already_alias register_alias(name, value) elsif force if !is_valid_alias @@ -133,7 +134,7 @@ module Msf else print_error("#{name} already exists as a system command, use -f to force override") if is_sys_cmd print_error("#{name} is already an alias, use -f to force override") if is_already_alias - if !is_valid_alias and !force + if !is_valid_alias && !force print_error("\'#{name}\' is not a permitted name or \'#{value}\' is not valid/permitted") print_error("It's possible the responding dispatcher isn't loaded yet, try changing to the proper context or using -f to force") end @@ -259,7 +260,7 @@ module Msf driver.dispatcher_stack.each do |dispatcher| next unless dispatcher.respond_to?(:commands) next if dispatcher.commands.nil? - next if (dispatcher.commands.length == 0) + next if dispatcher.commands.empty? if dispatcher.respond_to?("cmd_#{value.split(' ').first}") # print_status "Dispatcher (#{dispatcher.name}) responds to cmd_#{value.split(" ").first}" @@ -280,7 +281,7 @@ module Msf # gather all the current commands the driver's dispatcher's have driver.dispatcher_stack.each do |dispatcher| next unless dispatcher.respond_to?(:commands) - next if (dispatcher.commands.nil? or dispatcher.commands.length == 0) + next if (dispatcher.commands.nil? || dispatcher.commands.empty?) items.concat(dispatcher.commands.keys) end @@ -289,7 +290,7 @@ module Msf return items end - end # end AliasCommandDispatcher class + end # # The constructor is called when an instance of the plugin is created. The @@ -334,5 +335,5 @@ module Msf 'Adds the ability to alias console commands' end - end ## End Plugin Class -end ## End Module + end +end diff --git a/plugins/beholder.rb b/plugins/beholder.rb index e1c8cddb47..8830433cbd 100644 --- a/plugins/beholder.rb +++ b/plugins/beholder.rb @@ -44,7 +44,7 @@ module Msf driver.print_status("Beholder is logging to #{config[:base]}") bool_options = %i[screenshot webcam keystrokes automigrate] bool_options.each do |o| - config[o] = !!(config[o].to_s =~ /^[yt1]/i) + config[o] = !(config[o].to_s =~ /^[yt1]/i).nil? end int_options = %i[idle freq] @@ -55,7 +55,7 @@ module Msf ::FileUtils.mkdir_p(config[:base]) loop do - framework.sessions.keys.each do |sid| + framework.sessions.each_key do |sid| if state[sid].nil? || (state[sid][:last_update] + config[:freq] < Time.now.to_f) process(sid) @@ -100,7 +100,7 @@ module Msf end def store_keystrokes(sid, data) - return unless data.length > 0 + return if data.empty? filename = capture_filename(sid) + '_keystrokes.txt' ::File.open(::File.join(config[:base], filename), 'wb') { |fd| fd.write(data) } @@ -302,7 +302,7 @@ module Msf def parse_config(*args) new_config = args.map { |x| x.split('=', 2) } new_config.each do |c| - unless @@beholder_config.has_key?(c.first.to_sym) + unless @@beholder_config.key?(c.first.to_sym) print_error("Invalid configuration option: #{c.first}") next end diff --git a/plugins/besecure.rb b/plugins/besecure.rb index 7eb6807135..643af1f922 100644 --- a/plugins/besecure.rb +++ b/plugins/besecure.rb @@ -54,7 +54,7 @@ module Msf # Verify the database is connected and usable def database? - if !(framework.db and framework.db.usable) + if !(framework.db && framework.db.usable) return false else return true @@ -65,7 +65,7 @@ module Msf # true if correct number of arguments and help was not requested. def args?(args, min = 1, max = nil) if !max then max = min end - if (args.length < min or args.length > max or args[0] == '-h') + if ((args.length < min) || (args.length > max) || (args[0] == '-h')) return false end @@ -98,7 +98,7 @@ module Msf def cmd_besecure_ssl_verify(*args) if args?(args) @ssl_verify = args[0] - if @ssl_verify != 'yes' and @ssl_verify != 'no' + if (@ssl_verify != 'yes') && (@ssl_verify != 'no') @ssl_verify = 'yes' end print_good(@ssl_verify) @@ -316,7 +316,7 @@ module Msf print_status('Only the NBE and XML formats are supported for importing.') end end - end # End beSECURE class + end #------------------------------ # Plugin initialization diff --git a/plugins/db_tracker.rb b/plugins/db_tracker.rb index e8cfb74912..198369a8c9 100644 --- a/plugins/db_tracker.rb +++ b/plugins/db_tracker.rb @@ -27,7 +27,7 @@ module Msf # Ignore local listening sockets return if !sock.peerhost - if (sock.peerhost != '0.0.0.0' and sock.peerport) + if ((sock.peerhost != '0.0.0.0') && sock.peerport) # Ignore sockets that didn't set up their context # to hold the framework in 'Msf' diff --git a/plugins/ffautoregen.rb b/plugins/ffautoregen.rb index 8283c7e037..3055cbc732 100644 --- a/plugins/ffautoregen.rb +++ b/plugins/ffautoregen.rb @@ -39,7 +39,7 @@ module Msf # This method handles the command. # def cmd_ffautoregen(*_args) - if !active_module or !(path = active_module.file_path) + if !active_module || !(path = active_module.file_path) print_line('Error: No active module selected') return nil end diff --git a/plugins/ips_filter.rb b/plugins/ips_filter.rb index 410418fc5e..858bcd9218 100644 --- a/plugins/ips_filter.rb +++ b/plugins/ips_filter.rb @@ -26,7 +26,7 @@ module Msf def on_socket_created(_comm, sock, param) # Sockets created by the exploit have MsfExploit set and MsfPayload not set - if (param.context['MsfExploit'] and !param.context['MsfPayload']) + if (param.context['MsfExploit'] && !param.context['MsfPayload']) sock.extend(IPSFilter::SocketTracer) sock.context = param.context end @@ -77,10 +77,6 @@ module IPSFilter return r end - def close(*args) - super(*args) - end - def ips_match(data) lp = localport rp = peerport @@ -100,11 +96,11 @@ module IPSFilter # Extend this as needed :-) SIGS = - [ - ['DCOM.C', ".*\\\x5c\x00\\\x5c\x00\x46\x00\x58\x00\x4e\x00\x42\x00\x46\x00\x58\x00\x46\x00\x58\x00.*\xcc\xe0\xfd\x7f.*"], - ['BLASTER', ".*\\\x5c\x00\\\x5c\x00\x46\x00\x58\x00\x4e\x00\x42\x00\x46\x00\x58\x00\x46\x00\x58\x00.*\xcc\xe0\xfd\x7f.*"], - ['REMACT', ".*\xb8\x4a\x9f\x4d\x1c\\}\xcf\x11\x86\x1e\x00\x20\xaf\x6e.*"], - ['x86 NOP SLED', "\x90\x90"], - ] + [ + ['DCOM.C', ".*\\\x5c\x00\\\x5c\x00\x46\x00\x58\x00\x4e\x00\x42\x00\x46\x00\x58\x00\x46\x00\x58\x00.*\xcc\xe0\xfd\x7f.*"], + ['BLASTER', ".*\\\x5c\x00\\\x5c\x00\x46\x00\x58\x00\x4e\x00\x42\x00\x46\x00\x58\x00\x46\x00\x58\x00.*\xcc\xe0\xfd\x7f.*"], + ['REMACT', ".*\xb8\x4a\x9f\x4d\x1c\\}\xcf\x11\x86\x1e\x00\x20\xaf\x6e.*"], + ['x86 NOP SLED', "\x90\x90"], + ].freeze end end diff --git a/plugins/lab.rb b/plugins/lab.rb index 8b68294667..f288c6a575 100644 --- a/plugins/lab.rb +++ b/plugins/lab.rb @@ -3,7 +3,7 @@ # $Revision$ ## -$:.unshift(File.join(__dir__, '..', 'lib', 'lab')) +$LOAD_PATH.unshift(File.join(__dir__, '..', 'lib', 'lab')) require 'yaml' @@ -70,7 +70,7 @@ module Msf res = args[0] good_res = nil - if (File.file? res and File.readable? res) + if (File.file?(res) && File.readable?(res)) # then the provided argument is an absolute path and is gtg. good_res = res elsif [ @@ -79,7 +79,7 @@ module Msf # ::Msf::Config.user_plugins_directory + File::SEPARATOR + "lab" ].each do |dir| res_path = dir + File::SEPARATOR + res - if (File.file?(res_path) and File.readable?(res_path)) + if (File.file?(res_path) && File.readable?(res_path)) good_res = res_path break end @@ -99,10 +99,10 @@ module Msf def cmd_lab_load_tabs(str, words) tabs = [] # return tabs if words.length > 1 - if (str and str =~ /^#{Regexp.escape(File::SEPARATOR)}/) + if (str && str =~ (/^#{Regexp.escape(File::SEPARATOR)}/)) # then you are probably specifying a full path so let's just use normal file completion return tab_complete_filenames(str, words) - elsif (!(words[1]) or !words[1].match(%r{^/})) + elsif (!(words[1]) || !words[1].match(%r{^/})) # then let's start tab completion in the data/lab directory begin [ @@ -295,7 +295,7 @@ module Msf return lab_usage if args.empty? if args[0] == 'all' - @controller.each { |vm| vm.suspend } + @controller.each(&:suspend) else args.each do |arg| if @controller.includes_hostname?(arg) && @controller.find_by_hostname(arg).running? @@ -311,7 +311,7 @@ module Msf if args[0] == 'all' print_line 'Resetting all lab vms.' - @controller.each { |vm| vm.reset } + @controller.each(&:reset) else args.each do |arg| if @controller.includes_hostname?(arg) && @controller.find_by_hostname(arg).running? @@ -444,7 +444,7 @@ module Msf ## def longest_cmd_size - commands.keys.map { |x| x.size }.sort.last + commands.keys.map(&:size).max end # No extended help yet, but this is where more detailed documentation @@ -580,5 +580,5 @@ module Msf 'Adds the ability to manage VMs' end - end ## End Class -end ## End Module + end +end diff --git a/plugins/msfd.rb b/plugins/msfd.rb index bcffba54f4..19ddc0f246 100644 --- a/plugins/msfd.rb +++ b/plugins/msfd.rb @@ -21,7 +21,7 @@ module Msf # # The default local hostname that the server listens on. # - DefaultHost = '127.0.0.1' + DefaultHost = '127.0.0.1'.freeze # # The default local port that the server listens on. @@ -97,18 +97,18 @@ module Msf # threads to handle the console interface for each client. # def run(opts = {}) - while true + loop do client = server.accept addr = Rex::Socket.resolv_nbo(client.peerhost) - if opts['HostsAllowed'] and + if opts['HostsAllowed'] && !opts['HostsAllowed'].find { |x| x == addr } client.close next end - if opts['HostsDenied'] and + if opts['HostsDenied'] && opts['HostsDenied'].find { |x| x == addr } client.close next diff --git a/plugins/msgrpc.rb b/plugins/msgrpc.rb index a97b96803d..53d3df02fa 100644 --- a/plugins/msgrpc.rb +++ b/plugins/msgrpc.rb @@ -20,12 +20,12 @@ module Msf # # The default local hostname that the server listens on. # - DefaultHost ||= '127.0.0.1' + DefaultHost = '127.0.0.1'.freeze # # The default local port that the server listens on. # - DefaultPort ||= 55552 + DefaultPort = 55552 # # ServerPort diff --git a/plugins/nessus.rb b/plugins/nessus.rb index 8ebe70da78..359862aec4 100644 --- a/plugins/nessus.rb +++ b/plugins/nessus.rb @@ -2,8 +2,8 @@ require 'nessus_rest' module Msf - PLUGIN_NAME = 'Nessus' - PLUGIN_DESCRIPTION = 'Nessus Bridge for Metasploit' + PLUGIN_NAME = 'Nessus'.freeze + PLUGIN_DESCRIPTION = 'Nessus Bridge for Metasploit'.freeze class Plugin::Nessus < Msf::Plugin @@ -31,7 +31,7 @@ module Msf end def msf_local - "#{Msf::Config.local_directory}" + Msf::Config.local_directory.to_s end def commands @@ -102,7 +102,7 @@ module Msf print_status("Creating Exploit Search Index - (#{xindex}) - this won't take long.") count = 0 # Use Msf::Config.config_directory as the location. - File.open("#{xindex}", 'w+') do |f| + File.open(xindex.to_s, 'w+') do |f| # need to add version line. f.puts(Msf::Framework::Version) framework.exploits.sort.each do |refname, mod| @@ -116,7 +116,7 @@ module Msf next if !o o.references.map do |x| - if !(x.ctx_id == 'URL') + if x.ctx_id != 'URL' if (x.ctx_id == 'MSB') stuff << "|#{x.ctx_val}" else @@ -133,9 +133,9 @@ module Msf end def nessus_index - if File.exist?("#{xindex}") + if File.exist?(xindex.to_s) # check if it's version line matches current version. - File.open("#{xindex}") do |f| + File.open(xindex.to_s) do |f| line = f.readline line.chomp! if line.to_i == Msf::Framework::RepoRevision @@ -150,7 +150,7 @@ module Msf end def nessus_login - if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0)) + if !((@user && !@user.empty?) && (@host && !@host.empty?) && (@port && !@port.empty? && (@port.to_i > 0)) && (@pass && !@pass.empty?)) print_status('You need to connect to a server first.') ncusage return @@ -172,7 +172,7 @@ module Msf end def nessus_verify_token - if @token.nil? or @token == '' + if @token.nil? || (@token == '') ncusage return false end @@ -197,7 +197,7 @@ module Msf end def nessus_verify_db - if !(framework.db and framework.db.active) + if !(framework.db && framework.db.active) print_error('No database has been configured, please use db_create/db_connect first') return false end @@ -316,11 +316,10 @@ module Msf @host = lconfig['default']['server'].to_s @port = lconfig['default']['port'].to_s nessus_login - return else ncusage - return end + return end if args[0] == '-h' @@ -339,7 +338,7 @@ module Msf print_error('You are already authenticated. Call nessus_logout before authenticating again') return end - if (args.length == 0 or args[0].empty?) + if (args.empty? || args[0].empty?) ncusage return end @@ -352,13 +351,11 @@ module Msf @user, @pass = cred.split(':', 2) targ ||= '127.0.0.1:8834' @host, @port = targ.split(':', 2) - @port ||= '8834' - @sslv = args[1] else @host, @port = args[0].split(':', 2) - @port ||= '8834' - @sslv = args[1] end + @port ||= '8834' + @sslv = args[1] when 3, 4, 5 ncusage return @@ -380,7 +377,7 @@ module Msf ncusage return end - if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0)) + if !((@user && !@user.empty?) && (@host && !@host.empty?) && (@port && !@port.empty? && (@port.to_i > 0)) && (@pass && !@pass.empty?)) ncusage return end @@ -413,10 +410,10 @@ module Msf return end group = 'default' - if ((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0)) + if ((@user && !@user.empty?) && (@host && !@host.empty?) && (@port && !@port.empty? && (@port.to_i > 0)) && (@pass && !@pass.empty?)) config = Hash.new - config = { "#{group}" => { 'username' => @user, 'password' => @pass, 'server' => @host, 'port' => @port } } - File.open("#{nessus_yaml}", 'w+') do |f| + config = { group.to_s => { 'username' => @user, 'password' => @pass, 'server' => @host, 'port' => @port } } + File.open(nessus_yaml.to_s, 'w+') do |f| f.puts YAML.dump(config) end print_good("#{nessus_yaml} created.") @@ -704,11 +701,10 @@ module Msf end print_line print_line tbl.to_s - return else print_error('Only completed scans can be used for vulnerability reporting') - return end + return end def cmd_nessus_report_host_details(*args) @@ -730,8 +726,8 @@ module Msf search_vuln = /#{args.shift}/nmi else scan_id = -arg, -host_id = args.shift + arg, + host_id = args.shift end end @@ -1199,7 +1195,7 @@ host_id = args.shift file_id = export['file'] print_good("The export file ID for scan ID #{scan_id} is #{file_id}") print_status('Checking export status...') - begin + loop do status = @n.scan_export_status(scan_id, file_id) print_status('Export status: ' + status['status']) if status['status'] == 'ready' @@ -1207,7 +1203,8 @@ host_id = args.shift end sleep(1) - end while (status['status'] == 'loading') + break unless (status['status'] == 'loading') + end if status['status'] == 'ready' print_status("The status of scan ID #{scan_id} export is ready") select(nil, nil, nil, 5) @@ -1250,7 +1247,7 @@ host_id = args.shift scan_ids << scan['id'] end end - if scan_ids.length > 0 + if !scan_ids.empty? scan_ids.each do |scan_id| @n.scan_pause(scan_id) end @@ -1308,7 +1305,7 @@ host_id = args.shift scan_ids << scan['id'] end end - if scan_ids.length > 0 + if !scan_ids.empty? scan_ids.each do |scan_id| @n.scan_stop(scan_id) end @@ -1366,7 +1363,7 @@ host_id = args.shift scan_ids << scan['id'] end end - if scan_ids.length > 0 + if !scan_ids.empty? scan_ids.each do |scan_id| @n.scan_resume(scan_id) end @@ -1493,7 +1490,7 @@ host_id = args.shift file_id = export['file'] print_good("The export file ID for scan ID #{scan_id} is #{file_id}") print_status('Checking export status...') - begin + loop do status = @n.scan_export_status(scan_id, file_id) print_status('Export status: ' + status['status']) if status['status'] == 'ready' @@ -1501,7 +1498,8 @@ host_id = args.shift end sleep(1) - end while (status['status'] == 'loading') + break unless (status['status'] == 'loading') + end if status['status'] == 'ready' print_good("The status of scan ID #{scan_id} export is ready") else @@ -1529,7 +1527,7 @@ host_id = args.shift when 2 scan_id = args[0] file_id = args[1] - begin + loop do status = @n.scan_export_status(scan_id, file_id) print_status('Export status: ' + status['status']) if status['status'] == 'ready' @@ -1537,7 +1535,8 @@ host_id = args.shift end sleep(1) - end while (status['status'] == 'loading') + break unless (status['status'] == 'loading') + end if status['status'] == 'ready' print_status("The status of scan ID #{scan_id} export is ready") else diff --git a/plugins/nexpose.rb b/plugins/nexpose.rb index c7be88f5a1..a104de235e 100644 --- a/plugins/nexpose.rb +++ b/plugins/nexpose.rb @@ -5,10 +5,11 @@ # # $Revision$ # +require 'English' require 'nexpose' module Msf - Nexpose_yaml = "#{Msf::Config.config_directory}/nexpose.yaml" # location of the nexpose.yml containing saved nexpose creds + Nexpose_yaml = "#{Msf::Config.config_directory}/nexpose.yaml".freeze # location of the nexpose.yml containing saved nexpose creds class Plugin::Nexpose < Msf::Plugin class NexposeCommandDispatcher @@ -44,7 +45,7 @@ module Msf end def nexpose_verify_db - if !(framework.db and framework.db.usable and framework.db.active) + if !(framework.db && framework.db.usable && framework.db.active) print_error('No database has been configured, please use db_create/db_connect first') return false end @@ -79,9 +80,9 @@ module Msf group = 'default' - if ((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0)) - config = { "#{group}" => { 'username' => @user, 'password' => @pass, 'server' => @host, 'port' => @port, 'trust_cert' => @trust_cert } } - ::File.open("#{Nexpose_yaml}", 'wb') { |f| f.puts YAML.dump(config) } + if ((@user && !@user.empty?) && (@host && !@host.empty?) && (@port && !@port.empty? && (@port.to_i > 0)) && (@pass && !@pass.empty?)) + config = { group.to_s => { 'username' => @user, 'password' => @pass, 'server' => @host, 'port' => @port, 'trust_cert' => @trust_cert } } + ::File.open(Nexpose_yaml.to_s, 'wb') { |f| f.puts YAML.dump(config) } print_good("#{Nexpose_yaml} created.") else print_error('Missing username/password/server/port - relogin and then try again.') @@ -92,8 +93,8 @@ module Msf def cmd_nexpose_connect(*args) return if !nexpose_verify_db - if !args[0] && ::File.readable?("#{Nexpose_yaml}") - lconfig = YAML.load_file("#{Nexpose_yaml}") + if !args[0] && ::File.readable?(Nexpose_yaml.to_s) + lconfig = YAML.load_file(Nexpose_yaml.to_s) @user = lconfig['default']['username'] @pass = lconfig['default']['password'] @host = lconfig['default']['server'] @@ -106,7 +107,7 @@ module Msf return end - if (args.length == 0 or args[0].empty? or args[0] == '-h') + if (args.empty? || args[0].empty? || (args[0] == '-h')) nexpose_usage return end @@ -153,12 +154,12 @@ module Msf end def nexpose_login - if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0)) + if !((@user && !@user.empty?) && (@host && !@host.empty?) && (@port && !@port.empty? && (@port.to_i > 0)) && (@pass && !@pass.empty?)) nexpose_usage return end - if (@host != 'localhost' and @host != '127.0.0.1' and (@trust_cert.nil? && @sslv != 'ok')) + if ((@host != 'localhost') && (@host != '127.0.0.1') && (@trust_cert.nil? && @sslv != 'ok')) # consider removing this message and replacing with check on trust_store, and if trust_store is not found validate @host already has a truly trusted cert? print_error('Warning: SSL connections are not verified in this release, it is possible for an attacker') print_error(' with the ability to man-in-the-middle the Nexpose traffic to capture the Nexpose') @@ -171,7 +172,7 @@ module Msf begin cmd_nexpose_disconnect rescue ::Interrupt - raise $! + raise $ERROR_INFO rescue ::Exception end @@ -254,7 +255,7 @@ module Msf def cmd_nexpose_command(*args) return if !nexpose_verify - if args.length == 0 + if args.empty? print_error('No command was specified') return end @@ -331,21 +332,21 @@ module Msf end def cmd_nexpose_discover(*args) - args << '-h' if args.length == 0 + args << '-h' if args.empty? args << '-t' args << 'aggressive-discovery' cmd_nexpose_scan(*args) end def cmd_nexpose_exhaustive(*args) - args << '-h' if args.length == 0 + args << '-h' if args.empty? args << '-t' args << 'exhaustive-audit' cmd_nexpose_scan(*args) end def cmd_nexpose_dos(*args) - args << '-h' if args.length == 0 + args << '-h' if args.empty? args << '-t' args << 'dos-audit' cmd_nexpose_scan(*args) @@ -469,14 +470,14 @@ module Msf count += 1 queue = [] - while ((ip = range.next_ip) and queue.length < opt_maxaddrs) + while ((ip = range.next_ip) && (queue.length < opt_maxaddrs)) - if (exclude_range and exclude_range.include?(ip)) + if (exclude_range && exclude_range.include?(ip)) print_status(" >> Skipping host #{ip} due to exclusion") if opt_verbose next end - if (include_range and !include_range.include?(ip)) + if (include_range && !include_range.include?(ip)) print_status(" >> Skipping host #{ip} due to inclusion filter") if opt_verbose next end @@ -526,7 +527,7 @@ module Msf rescue Nexpose::APIError => e nexpose_error_message = e.message nexpose_error_message.gsub!(/NexposeAPI: Action failed: /, '') - print_error "#{nexpose_error_message}" + print_error nexpose_error_message.to_s return end @@ -582,7 +583,7 @@ module Msf next if opt_preserve # Make sure the scan has finished clean up before attempting to delete the site - while true + loop do info = @nsc.scan_statistics(sid) break if info.status == 'stopped' || info.status == 'finished' @@ -646,7 +647,7 @@ module Msf ) rids = [] - refs.keys.each do |r| + refs.each_key do |r| rids << framework.db.find_or_create_ref(name: r) end @@ -668,7 +669,7 @@ module Msf # Do not use this UTF-8 encoded high-ascii art for non-UTF-8 or windows consoles lang = Rex::Compat.getenv('LANG') - if (lang and lang =~ /UTF-8/) + if (lang && lang =~ (/UTF-8/)) # Cygwin/Windows should not be reporting UTF-8 either... # (! (Rex::Compat.is_windows or Rex::Compat.is_cygwin)) banner = ['202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020200a20e29684e29684e29684202020e29684e29684202020202020202020202020e29684e29684e296842020e29684e29684e2968420202020202020202020202020202020202020202020202020202020202020202020202020202020200a20e29688e29688e29688202020e29688e2968820202020202020202020202020e29688e2968820e29684e29688e296882020202020202020202020202020202020202020202020202020202020202020202020202020202020200a20e29688e29688e29680e296882020e29688e29688202020e29684e29688e29688e29688e29688e296842020202020e29688e29688e29688e2968820202020e29688e29688e29684e29688e29688e29688e2968420202020e29684e29688e29688e29688e29688e29684202020e29684e29684e29688e29688e29688e29688e29688e29684202020e29684e29688e29688e29688e29688e2968420200a20e29688e2968820e29688e2968820e29688e296882020e29688e29688e29684e29684e29684e29684e29688e296882020202020e29688e296882020202020e29688e29688e296802020e29680e29688e296882020e29688e29688e296802020e29680e29688e296882020e29688e29688e29684e29684e29684e2968420e296802020e29688e29688e29684e29684e29684e29684e29688e29688200a20e29688e296882020e29688e29684e29688e296882020e29688e29688e29680e29680e29680e29680e29680e2968020202020e29688e29688e29688e2968820202020e29688e2968820202020e29688e296882020e29688e2968820202020e29688e29688202020e29680e29680e29680e29680e29688e29688e296842020e29688e29688e29680e29680e29680e29680e29680e29680200a20e29688e29688202020e29688e29688e296882020e29680e29688e29688e29684e29684e29684e29684e29688202020e29688e296882020e29688e29688202020e29688e29688e29688e29684e29684e29688e29688e296802020e29680e29688e29688e29684e29684e29688e29688e296802020e29688e29684e29684e29684e29684e29684e29688e296882020e29680e29688e29688e29684e29684e29684e29684e29688200a20e29680e29680202020e29680e29680e2968020202020e29680e29680e29680e29680e29680202020e29680e29680e296802020e29680e29680e296802020e29688e2968820e29680e29680e29680202020202020e29680e29680e29680e296802020202020e29680e29680e29680e29680e29680e296802020202020e29680e29680e29680e29680e2968020200a20202020202020202020202020202020202020202020202020202020202020e29688e29688202020202020202020202020202020202020202020202020202020202020202020202020200a202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020200a'].pack('H*') diff --git a/plugins/openvas.rb b/plugins/openvas.rb index e4fb80b246..f56672bd9a 100644 --- a/plugins/openvas.rb +++ b/plugins/openvas.rb @@ -97,7 +97,7 @@ module Msf # Verify the database is connected and usable def database? - if !(framework.db and framework.db.usable) + if !(framework.db && framework.db.usable) return false else return true @@ -118,7 +118,7 @@ module Msf # true if correct number of arguments and help was not requested. def args?(args, min = 1, max = nil) if !max then max = min end - if (args.length < min or args.length > max or args[0] == '-h') + if ((args.length < min) || (args.length > max) || (args[0] == '-h')) return false end @@ -177,7 +177,7 @@ module Msf user, pass, host, port, sslv = args # SSL warning. User is required to confirm. - if (host != 'localhost' and host != '127.0.0.1' and sslv != 'ok') + if ((host != 'localhost') && (host != '127.0.0.1') && (sslv != 'ok')) print_error('Warning: SSL connections are not verified in this release, it is possible for an attacker') print_error(' with the ability to man-in-the-middle the OpenVAS traffic to capture the OpenVAS') print_error(" credentials. If you are running this on a trusted network, please pass in 'ok'") @@ -564,7 +564,7 @@ module Msf raise OMPResponseError end - end # End OpenVAS class + end #------------------------------ # Plugin initialization diff --git a/plugins/pcap_log.rb b/plugins/pcap_log.rb index 23b416bcc2..f71715c222 100644 --- a/plugins/pcap_log.rb +++ b/plugins/pcap_log.rb @@ -15,7 +15,7 @@ module Msf class Plugin::PcapLog < Msf::Plugin # Only little-endian is supported in this implementation. - PCAP_FILE_HEADER = "\xD4\xC3\xB2\xA1\x02\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00\x00\x00\x01\x00\x00\x00" + PCAP_FILE_HEADER = "\xD4\xC3\xB2\xA1\x02\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00\x00\x00\x01\x00\x00\x00".freeze # # Implements a pcap console command dispatcher. diff --git a/plugins/request.rb b/plugins/request.rb index 388c2410e3..409131bfb8 100644 --- a/plugins/request.rb +++ b/plugins/request.rb @@ -6,7 +6,7 @@ module Msf class ConsoleCommandDispatcher include Msf::Ui::Console::CommandDispatcher - HELP_REGEX = /^-?-h(?:elp)?$/ + HELP_REGEX = /^-?-h(?:elp)?$/.freeze def name 'Request' @@ -33,7 +33,7 @@ module Msf # @return [nil] def cmd_request(*args) # short circuit the whole deal if they need help - return help if args.length == 0 + return help if args.empty? return help if args.length == 1 && args.first =~ HELP_REGEX # detect the request type from the uri which must be the last arg given @@ -268,7 +268,7 @@ module Msf opts[:headers]['Authorization'] = auth_str end - uri.path = '/' if uri.path.length == 0 + uri.path = '/' if uri.path.empty? begin http_client.connect @@ -322,7 +322,7 @@ module Msf # @return [nil] def output_line(opts, line) if opts[:output_file].nil? - if line[-2..-1] == "\r\n" + if line[-2..] == "\r\n" print_line(line[0..-3]) elsif line[-1] == "\n" print_line(line[0..-2]) @@ -370,5 +370,5 @@ module Msf 'Make requests from within Metasploit using various protocols.' end - end # end class -end # end module + end +end diff --git a/plugins/rssfeed.rb b/plugins/rssfeed.rb index 44a8e32102..85f71f8c80 100644 --- a/plugins/rssfeed.rb +++ b/plugins/rssfeed.rb @@ -68,7 +68,7 @@ module Msf def start_event_queue self.queue_thread = Rex::ThreadFactory.spawn('rss_plugin', false) do - while true + loop do while (event = queue.shift) generate_feed(event) end diff --git a/plugins/session_notifier.rb b/plugins/session_notifier.rb index 97c07e43c8..27c8361c3f 100644 --- a/plugins/session_notifier.rb +++ b/plugins/session_notifier.rb @@ -288,10 +288,10 @@ module Msf # https://gotify.net/docs/more-pushmsg uri_parser = URI.parse(gotify_address) message_text = - "Platform : #{session.platform}\n" \ - "Tunnel : #{session.tunnel_to_s}\n" \ - "Arch : #{session.arch}\n" \ - "Info : > #{session.info ? session.info.to_s : nil}" + "Platform : #{session.platform}\n" \ + "Tunnel : #{session.tunnel_to_s}\n" \ + "Arch : #{session.arch}\n" \ + "Info : > #{session.info ? session.info.to_s : nil}" json_post_data = JSON.pretty_generate({ title: "A #{session.platform}/#{session.type} Session is On!", message: message_text, diff --git a/plugins/socket_logger.rb b/plugins/socket_logger.rb index b8c5e07a2c..d292c93fe8 100644 --- a/plugins/socket_logger.rb +++ b/plugins/socket_logger.rb @@ -29,7 +29,7 @@ module Msf def on_socket_created(_comm, sock, param) # Sockets created by the exploit have MsfExploit set and MsfPayload not set - if param.context and param.context['MsfExploit'] and !param.context['MsfPayload'] + if param.context && param.context['MsfExploit'] && !param.context['MsfPayload'] sock.extend(SocketLogger::SocketTracer) sock.context = param.context sock.params = param @@ -94,7 +94,7 @@ module SocketLogger end def format_module_info - return '' unless params.context and params.context['MsfExploit'] + return '' unless params.context && params.context['MsfExploit'] if params.context['MsfExploit'].respond_to? :fullname return 'via ' + params.context['MsfExploit'].fullname end diff --git a/plugins/sounds.rb b/plugins/sounds.rb index 45f1fddaa4..f4db4fe863 100644 --- a/plugins/sounds.rb +++ b/plugins/sounds.rb @@ -45,7 +45,7 @@ module Msf def start_sound_queue self.queue_thread = Thread.new do - while true + loop do while (event = queue.shift) path = ::File.join(base, theme, "#{event}.wav") if ::File.exist?(path) diff --git a/plugins/sqlmap.rb b/plugins/sqlmap.rb index e70d839fd2..10a6aa9d3f 100644 --- a/plugins/sqlmap.rb +++ b/plugins/sqlmap.rb @@ -27,7 +27,7 @@ module Msf end def cmd_sqlmap_connect(*args) - if args.length == 0 + if args.empty? print_error('Need a host, and optionally a port') return end @@ -61,7 +61,7 @@ module Msf end def cmd_sqlmap_start_task(*args) - if args.length == 0 + if args.empty? print_error('Usage:') print_error('\tsqlmap_start_task []') return @@ -207,7 +207,7 @@ module Msf web_vuln_info[:pname] = v['parameter'] web_vuln_info[:method] = v['place'] web_vuln_info[:payload] = v['suffix'] - v['data'].values.each do |i| + v['data'].each_value do |i| web_vuln_info[:name] = i['title'] web_vuln_info[:description] = res.to_json web_vuln_info[:proof] = i['payload'] @@ -266,7 +266,7 @@ module Msf def cmd_sqlmap_list_tasks @hid_tasks ||= {} @tasks ||= {} - @hid_tasks.keys.each do |task| + @hid_tasks.each_key do |task| print_good("Task ID: #{task}") end end diff --git a/plugins/thread.rb b/plugins/thread.rb index 7013cc245d..2f9562e406 100644 --- a/plugins/thread.rb +++ b/plugins/thread.rb @@ -47,7 +47,7 @@ module Msf end @mythread = ::Thread.new do - while true + loop do print_line('--- test thread ---') select(nil, nil, nil, 5) end diff --git a/plugins/token_adduser.rb b/plugins/token_adduser.rb index a0bd72cd67..143f81222d 100644 --- a/plugins/token_adduser.rb +++ b/plugins/token_adduser.rb @@ -33,7 +33,7 @@ module Msf ) # This is ugly. - if (args.length == 0) + if args.empty? print_line('Usage: token_adduser [options] ') print_line(opts.usage) return diff --git a/plugins/token_hunter.rb b/plugins/token_hunter.rb index e924ac76bf..645ae1f017 100644 --- a/plugins/token_hunter.rb +++ b/plugins/token_hunter.rb @@ -84,14 +84,14 @@ module Msf ndom = nil end - if (!user.nil? and ndom and user.strip.downcase == needle.strip.downcase) + if (!user.nil? && ndom && (user.strip.downcase == needle.strip.downcase)) print_status("FOUND: #{session.sid} - #{session.session_host} - #{user} (delegation)") next end fdom, fusr = user.split('\\') - if (!fusr.nil? and !ndom and fusr.strip.downcase == nusr.strip.downcase) + if (!fusr.nil? && !ndom && (fusr.strip.downcase == nusr.strip.downcase)) print_status("FOUND: #{session.sid} - #{session.session_host} - #{user} (delegation)") end end @@ -108,13 +108,13 @@ module Msf ndom = nil end - if (!user.nil? and ndom and user.strip.downcase == needle.strip.downcase) + if (!user.nil? && ndom && (user.strip.downcase == needle.strip.downcase)) print_status(">> Found #{session.sid} - #{session.session_host} - #{user} (impersonation)") next end fdom, fusr = user.split('\\') - if (!fusr.nil? and !ndom and fusr.strip.downcase == nusr.strip.downcase) + if (!fusr.nil? && !ndom && (fusr.strip.downcase == nusr.strip.downcase)) print_status(">> Found #{session.sid} - #{session.session_host} - #{user} (impersonation)") end end diff --git a/plugins/wiki.rb b/plugins/wiki.rb index 2e20347143..476818d5d3 100644 --- a/plugins/wiki.rb +++ b/plugins/wiki.rb @@ -97,7 +97,7 @@ module Msf # Get the table we should be looking at command = args.shift - if command.nil? or !['creds', 'hosts', 'loot', 'services', 'vulns'].include?(command.downcase) + if command.nil? || !['creds', 'hosts', 'loot', 'services', 'vulns'].include?(command.downcase) usage(wiki_type) return end @@ -116,7 +116,7 @@ module Msf tbl_opts[:namespace] = next_opt(args) when '-p', '-P', '--port', '--ports' tbl_opts[:ports] = next_opts(args) - tbl_opts[:ports].map! { |p| p.to_i } + tbl_opts[:ports].map!(&:to_i) when '-s', '-S', '--search' tbl_opts[:search] = next_opt(args) when '-i', '-I', '--heading-size' @@ -227,10 +227,10 @@ module Msf tbl.header = 'Credentials' tbl.headeri = opts[:heading_size] framework.db.creds.each do |cred| - if !(opts[:hosts].nil? or opts[:hosts].empty?) && !(opts[:hosts].include? cred.service.host.address) + if !(opts[:hosts].nil? || opts[:hosts].empty?) && !(opts[:hosts].include? cred.service.host.address) next end - if !opts[:ports].nil? && !opts[:ports].any? { |p| cred.service.port.eql? p } + if !opts[:ports].nil? && opts[:ports].none? { |p| cred.service.port.eql? p } next end @@ -268,10 +268,10 @@ module Msf tbl.header = 'Hosts' tbl.headeri = opts[:heading_size] framework.db.hosts.each do |host| - if !(opts[:hosts].nil? or opts[:hosts].empty?) && !(opts[:hosts].include? host.address) + if !(opts[:hosts].nil? || opts[:hosts].empty?) && !(opts[:hosts].include? host.address) next end - if !opts[:ports].nil? && !(host.services.map { |s| s[:port] }).any? { |p| opts[:ports].include? p } + if !opts[:ports].nil? && (host.services.map { |s| s[:port] }).none? { |p| opts[:ports].include? p } next end @@ -311,10 +311,10 @@ module Msf tbl.header = 'Loot' tbl.headeri = opts[:heading_size] framework.db.loots.each do |loot| - if !(opts[:hosts].nil? or opts[:hosts].empty?) && !(opts[:hosts].include? loot.host.address) + if !(opts[:hosts].nil? || opts[:hosts].empty?) && !(opts[:hosts].include? loot.host.address) next end - if !(opts[:ports].nil? or opts[:ports].empty?) && (loot.service.nil? or loot.service.port.nil? or !opts[:ports].include? loot.service.port) + if !(opts[:ports].nil? || opts[:ports].empty?) && (loot.service.nil? || loot.service.port.nil? || !opts[:ports].include?(loot.service.port)) next end @@ -355,10 +355,10 @@ module Msf tbl.header = 'Services' tbl.headeri = opts[:heading_size] framework.db.services.each do |service| - if !(opts[:hosts].nil? or opts[:hosts].empty?) && !(opts[:hosts].include? service.host.address) + if !(opts[:hosts].nil? || opts[:hosts].empty?) && !(opts[:hosts].include? service.host.address) next end - if !(opts[:ports].nil? or opts[:ports].empty?) && !opts[:ports].any? { |p| service[:port].eql? p } + if !(opts[:ports].nil? || opts[:ports].empty?) && opts[:ports].none? { |p| service[:port].eql? p } next end @@ -395,10 +395,10 @@ module Msf tbl.header = 'Vulns' tbl.headeri = opts[:heading_size] framework.db.vulns.each do |vuln| - if !(opts[:hosts].nil? or opts[:hosts].empty?) && !(opts[:hosts].include? vuln.host.address) + if !(opts[:hosts].nil? || opts[:hosts].empty?) && !(opts[:hosts].include? vuln.host.address) next end - if !(opts[:ports].nil? or opts[:ports].empty?) && !opts[:ports].any? { |p| vuln.service.port.eql? p } + if !(opts[:ports].nil? || opts[:ports].empty?) && opts[:ports].none? { |p| vuln.service.port.eql? p } next end @@ -534,7 +534,7 @@ module Msf level = '=' * (-headeri + 7) str << "#{level} #{header} #{level}" else - str << "#{header}" + str << header.to_s end str << "\n" end diff --git a/plugins/wmap.rb b/plugins/wmap.rb index 90c1337dd4..54f2042db2 100644 --- a/plugins/wmap.rb +++ b/plugins/wmap.rb @@ -3,6 +3,7 @@ # Efrain Torres - et[ ] metasploit.com 2012 # +require 'English' require 'rabal/tree' module Msf @@ -32,38 +33,34 @@ module Msf end def cmd_wmap_vulns(*args) - args.push('-h') if args.length == 0 + args.push('-h') if args.empty? while (arg = args.shift) case arg when '-l' view_vulns - return when '-h' print_status('Usage: wmap_vulns [options]') print_line("\t-h Display this help text") print_line("\t-l Display web vulns table") print_line('') - return else print_error('Unknown flag.') - return end + return end end def cmd_wmap_modules(*args) - args.push('-h') if args.length == 0 + args.push('-h') if args.empty? while (arg = args.shift) case arg when '-l' view_modules - return when '-r' load_wmap_modules(true) - return when '-h' print_status('Usage: wmap_modules [options]') print_line("\t-h Display this help text") @@ -71,16 +68,15 @@ module Msf print_line("\t-r Reload wmap modules") print_line('') - return else print_error('Unknown flag.') - return end + return end end def cmd_wmap_targets(*args) - args.push('-h') if args.length == 0 + args.push('-h') if args.empty? while (arg = args.shift) case arg @@ -111,7 +107,7 @@ module Msf end def cmd_wmap_sites(*args) - args.push('-h') if args.length == 0 + args.push('-h') if args.empty? while (arg = args.shift) case arg @@ -145,10 +141,10 @@ module Msf return unless u - if l.nil? or l.empty? + if l.nil? || l.empty? l = 200 o = 'true' - elsif l == 'true' or l == 'false' + elsif (l == 'true') || (l == 'false') # Add check if unicode parameters is the second one o = l l = 200 @@ -163,7 +159,7 @@ module Msf view_site_tree(u, l, o) else # Parameters are digits - if !lastsites or lastsites.length == 0 + if !lastsites || lastsites.empty? view_sites print_status('Web sites ids. referenced from previous table.') end @@ -183,7 +179,7 @@ module Msf end # Skip the DB entirely if no matches - return if target_whitelist.length == 0 + return if target_whitelist.empty? unless targets self.targets = Hash.new @@ -215,7 +211,7 @@ module Msf self.rpcarr = Hash.new end - args.push('-h') if args.length == 0 + args.push('-h') if args.empty? while (arg = args.shift) case arg @@ -368,7 +364,7 @@ module Msf mname = '' inipathname = '/' - args.push('-h') if args.length == 0 + args.push('-h') if args.empty? while (arg = args.shift) case arg @@ -435,7 +431,7 @@ module Msf end end - if (rpcarr.length == 0) and (mode & wmap_show == 0) + if rpcarr.empty? && (mode & wmap_show == 0) print_error('NO WMAP NODES DEFINED. Executing local modules') self.runlocal = true end @@ -445,7 +441,7 @@ module Msf return end - if targets.keys.length == 0 + if targets.keys.empty? print_error('Targets have not been selected.') return end @@ -556,7 +552,7 @@ module Msf end # Module not part of profile or not match - next unless (using_p and eprofile.include? xref[0].split('/').last) or (using_m and xref[0].to_s.match(mname)) or (!using_m and !using_p) + next unless (using_p && eprofile.include?(xref[0].split('/').last)) || (using_m && xref[0].to_s.match(mname)) || (!using_m && !using_p) idx += 1 @@ -596,11 +592,11 @@ module Msf rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) end rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end rescue ::Exception - print_status(" >> Exception from #{xref[0]}: #{$!}") + print_status(" >> Exception from #{xref[0]}: #{$ERROR_INFO}") end end @@ -619,7 +615,7 @@ module Msf end # Module not part of profile or not match - next unless (using_p and eprofile.include? xref[0].split('/').last) or (using_m and xref[0].to_s.match(mname)) or (!using_m and !using_p) + next unless (using_p && eprofile.include?(xref[0].split('/').last)) || (using_m && xref[0].to_s.match(mname)) || (!using_m && !using_p) idx += 1 @@ -660,11 +656,11 @@ module Msf rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) end rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end rescue ::Exception - print_status(" >> Exception from #{xref[0]}: #{$!}") + print_status(" >> Exception from #{xref[0]}: #{$ERROR_INFO}") end end @@ -683,7 +679,7 @@ module Msf end # Module not part of profile or not match - next unless (using_p and eprofile.include? xref[0].split('/').last) or (using_m and xref[0].to_s.match(mname)) or (!using_m and !using_p) + next unless (using_p && eprofile.include?(xref[0].split('/').last)) || (using_m && xref[0].to_s.match(mname)) || (!using_m && !using_p) idx += 1 @@ -744,7 +740,7 @@ module Msf # Fixing paths # - if node.is_leaf? and !node.is_root? + if node.is_leaf? && !node.is_root? # # Later we can add here more checks to see if its a file # @@ -766,13 +762,13 @@ module Msf case wtype when :wmap_file - if node.is_leaf? and !node.is_root? + if node.is_leaf? && !node.is_root? # # Check if an exclusion regex has been defined # excludefilestr = framework.datastore['WMAP_EXCLUDE'] || wmap_exclude_files - if !(strpath.match(excludefilestr) && (!usinginipath or (usinginipath and strpath.match(inipathname)))) + if !(strpath.match(excludefilestr) && (!usinginipath || (usinginipath && strpath.match(inipathname)))) modopts['PATH'] = strpath print_status("Path: #{strpath}") @@ -781,12 +777,12 @@ module Msf rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) end rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end end when :wmap_dir - if ((node.is_leaf? and !strpath.include? '.') or node.is_root? or !node.is_leaf?) && (!usinginipath or (usinginipath and strpath.match(inipathname))) + if ((node.is_leaf? && !strpath.include?('.')) || node.is_root? || !node.is_leaf?) && (!usinginipath || (usinginipath && strpath.match(inipathname))) modopts['PATH'] = strpath print_status("Path: #{strpath}") @@ -796,14 +792,14 @@ module Msf rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) end rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end end end end rescue ::Exception - print_status(" >> Exception from #{xref[0]}: #{$!}") + print_status(" >> Exception from #{xref[0]}: #{$ERROR_INFO}") end end @@ -822,7 +818,7 @@ module Msf end # Module not part of profile or not match - next unless (using_p and eprofile.include? xref[0].split('/').last) or (using_m and xref[0].to_s.match(mname)) or (!using_m and !using_p) + next unless (using_p && eprofile.include?(xref[0].split('/').last)) || (using_m && xref[0].to_s.match(mname)) || (!using_m && !using_p) idx += 1 @@ -892,7 +888,7 @@ module Msf pn, pv, pt = p if pn if !pn.empty? - if !pv or pv.empty? + if !pv || pv.empty? # TODO: add value based on param name pv = 'aaa' end @@ -905,9 +901,9 @@ module Msf end end - datastr = temparr.join('&') if (temparr and !temparr.empty?) + datastr = temparr.join('&') if (temparr && !temparr.empty?) - if (utest_query.has_key?(signature(form.path, datastr)) == false) + if (utest_query.key?(signature(form.path, datastr)) == false) modopts['METHOD'] = form.method.upcase modopts['PATH'] = form.path @@ -924,7 +920,7 @@ module Msf # # TODO: Add headers, etc. # - if !usinginipath or (usinginipath and form.path.match(inipathname)) + if !usinginipath || (usinginipath && form.path.match(inipathname)) print_status "Path #{form.path}" # print_status("Unique PATH #{modopts['PATH']}") @@ -938,7 +934,7 @@ module Msf end utest_query[signature(form.path, datastr)] = 1 rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end else @@ -947,7 +943,7 @@ module Msf end end rescue ::Exception - print_status(" >> Exception from #{xref[0]}: #{$!}") + print_status(" >> Exception from #{xref[0]}: #{$ERROR_INFO}") end end @@ -968,7 +964,7 @@ module Msf end # Module not part of profile or not match - next unless !(using_p and eprofile.include? xref[0].split('/').last) or (using_m and xref[0].to_s.match(mname)) or (!using_m and !using_p) + next unless !(using_p && eprofile.include?(xref[0].split('/').last)) || (using_m && xref[0].to_s.match(mname)) || (!using_m && !using_p) idx += 1 @@ -1029,7 +1025,7 @@ module Msf pn, pv, pt = p if pn if !pn.empty? - if !pv or pv.empty? + if !pv || pv.empty? # TODO: add value based on param name pv = 'aaa' end @@ -1041,7 +1037,7 @@ module Msf end end - datastr = temparr.join('&') if (temparr and !temparr.empty?) + datastr = temparr.join('&') if (temparr && !temparr.empty?) modopts['METHOD'] = req.method.upcase modopts['PATH'] = req.path @@ -1055,7 +1051,7 @@ module Msf # # TODO: Add method, headers, etc. # - next unless !usinginipath or (usinginipath and req.path.match(inipathname)) + next unless !usinginipath || (usinginipath && req.path.match(inipathname)) print_status "Path #{req.path}" # print_status("Query PATH #{modopts['PATH']}") @@ -1068,12 +1064,12 @@ module Msf rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) end rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end end rescue ::Exception - print_status(" >> Exception from #{xref[0]}: #{$!}") + print_status(" >> Exception from #{xref[0]}: #{$ERROR_INFO}") end end @@ -1094,7 +1090,7 @@ module Msf end # Module not part of profile or not match - next unless !(using_p and eprofile.include? xref[0].split('/').last) or (using_m and xref[0].to_s.match(mname)) or (!using_m and !using_p) + next unless !(using_p && eprofile.include?(xref[0].split('/').last)) || (using_m && xref[0].to_s.match(mname)) || (!using_m && !using_p) idx += 1 @@ -1141,11 +1137,11 @@ module Msf rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) end rescue ::Exception - print_status(" >> Exception during launch from #{xref[0]}: #{$!}") + print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") end end rescue ::Exception - print_status(" >> Exception from #{xref[0]}: #{$!}") + print_status(" >> Exception from #{xref[0]}: #{$ERROR_INFO}") end end @@ -1168,7 +1164,7 @@ module Msf end def view_targets - if targets.nil? or targets.keys.length == 0 + if targets.nil? || targets.keys.empty? print_status 'No targets have been defined' return end @@ -1357,7 +1353,7 @@ module Msf end # Skip the DB entirely if no matches - return if target_whitelist.length == 0 + return if target_whitelist.empty? if !targets # First time targets are defined @@ -1418,7 +1414,7 @@ module Msf # lastsites contains a temporary array with vhost,url strings so the id can be # referenced in the array and prevent new sites added in the db to corrupt previous id list. def process_ids(idsstr) - if !lastsites or lastsites.length == 0 + if !lastsites || lastsites.empty? view_sites print_status('Web sites ids. referenced from previous table.') end @@ -1438,7 +1434,7 @@ module Msf end # Skip the DB entirely if no matches - return if target_whitelist.length == 0 + return if target_whitelist.empty? if !targets self.targets = Hash.new @@ -1500,7 +1496,7 @@ module Msf end # Skip the DB entirely if no matches - return if site_whitelist.length == 0 + return if site_whitelist.empty? site_whitelist.each do |ent| vhost, target = ent @@ -1574,7 +1570,7 @@ module Msf # Recursive function for printing the tree structure # def print_tree_recursive(tree, max_level, indent, prefix, is_last, unicode) - if !tree.nil? and tree.depth <= max_level + if !tree.nil? && (tree.depth <= max_level) print(' ' * indent) # Prefix serve to print the superior hierarchy @@ -1603,7 +1599,7 @@ module Msf i = 1 new_prefix = prefix + [is_last] tree.children.each_pair do |_, child| - is_last = !(i < c) + is_last = i >= c print_tree_recursive(child, max_level, indent, new_prefix, is_last, unicode) i += 1 end @@ -1616,7 +1612,7 @@ module Msf # def print_tree(tree, ip, max_level, unicode) indent = 4 - if !tree.nil? and tree.depth <= max_level + if !tree.nil? && (tree.depth <= max_level) if tree.depth == 0 print_line "\n" + (' ' * indent) + "%cya[#{tree.name}] (#{ip})%clr" end @@ -1624,7 +1620,7 @@ module Msf i = 1 c = tree.children.count tree.children.each_pair do |_, child| - print_tree_recursive(child, max_level, indent, [], !(i < c), unicode) + print_tree_recursive(child, max_level, indent, [], i >= c, unicode) i += 1 end @@ -1648,7 +1644,7 @@ module Msf query.split(/[&;]/n).each do |pairs| key, value = pairs.split('=', 2) - if params.has_key?(key) + if params.key?(key) # Error else params[key] = value @@ -1664,7 +1660,7 @@ module Msf begin istr = "#{host}|#{port}|#{ssl}|#{user}|#{pass}" - if rpcarr.has_key?(istr) and !bypass_exist and !rpcarr[istr].nil? + if rpcarr.key?(istr) && !bypass_exist && !rpcarr[istr].nil? print_error("Connection already exists #{istr}") else begin @@ -1733,7 +1729,7 @@ module Msf end if sess - if (jobify == false and sess.interactive?) + if ((jobify == false) && sess.interactive?) print_line driver.run_single("sessions -q -i #{sess.sid}") else @@ -1810,7 +1806,7 @@ module Msf # print_status(">>>#{res} #{mod}") if res - if res.has_key?('job_id') + if res.key?('job_id') return else print_error("Unable to execute module in node #{k} #{res}") @@ -1823,7 +1819,7 @@ module Msf idx += 1 end - if runlocal and !masstop + if runlocal && !masstop local_module_exec(mod, mtype, opts, nmaxjobs) end end @@ -1909,14 +1905,14 @@ module Msf idx = 0 rpcarr.each do |_k, rpccon| - if idx == i.to_i or i.upcase == 'ALL' + if (idx == i.to_i) || (i.upcase == 'ALL') # begin if !rpccon print_error("No connection to node #{idx}") else n = rpccon.call('job.list') n.each do |id, name| - if j == id.to_s or j.upcase == 'ALL' + if (j == id.to_s) || (j.upcase == 'ALL') rpccon.call('job.stop', id) print_status("Node #{idx} Killed job id #{id} #{name}") end @@ -2121,7 +2117,7 @@ module Msf end def active_rpc_nodes - if rpcarr.length == 0 + if rpcarr.empty? return 0 else idx = 0 @@ -2197,7 +2193,7 @@ module Msf # Load all wmap modules def load_wmap_modules(reload) - if reload or !wmapmodules + if reload || !wmapmodules print_status('Loading wmap modules...') self.wmapmodules = []