Path: blob/master/lib/msf/core/module/reference.rb
19500 views
# -*- coding: binary -*-12###3#4# A reference to some sort of information. This is typically a URL, but could5# be any type of referential value that people could use to research a topic.6#7###8class Msf::Module::Reference910#11# Serialize a reference from a string.12#13def self.from_s(str)14return self.new(str)15end1617#18# Initializes a reference from a string.19#20def initialize(in_str)21self.str = in_str22end2324#25# Compares references to see if they're equal.26#27def ==(tgt)28return (tgt.to_s == to_s)29end3031#32# Returns the reference as a string.33#34def to_s35return self.str36end3738#39# Serializes the reference instance from a string.40#41def from_s(in_str)42self.str = in_str43end4445#46# The reference string.47#48attr_reader :str4950protected5152attr_writer :str # :nodoc:5354end5556###57#58# A reference to a website.59#60###61class Msf::Module::SiteReference < Msf::Module::Reference6263#64# Class method that translates a URL into a site reference instance.65#66def self.from_s(str)67instance = self.new6869if (instance.from_s(str) == false)70return nil71end7273return instance74end7576#77# Initializes a site reference from an array. ary[0] is the site and78# ary[1] is the site context identifier, such as CVE.79#80def self.from_a(ary)81return nil if (ary.length < 2)8283self.new(ary[0], ary[1])84end8586#87# Initialize the site reference.88# If you're updating the references, please also update:89# * tools/module_reference.rb90# * https://docs.metasploit.com/docs/development/developing-modules/module-metadata/module-reference-identifiers.html91#92def initialize(in_ctx_id = 'Unknown', in_ctx_val = '')93self.ctx_id = in_ctx_id94self.ctx_val = in_ctx_val9596if in_ctx_id == 'CVE'97self.site = "https://nvd.nist.gov/vuln/detail/CVE-#{in_ctx_val}"98elsif in_ctx_id == 'CWE'99self.site = "https://cwe.mitre.org/data/definitions/#{in_ctx_val}.html"100elsif in_ctx_id == 'BID'101self.site = "http://www.securityfocus.com/bid/#{in_ctx_val}"102elsif in_ctx_id == 'MSB'103year = in_ctx_val[2..3]104century = year[0] == '9' ? '19' : '20'105self.site = "https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/#{century}#{year}/#{in_ctx_val}"106elsif in_ctx_id == 'EDB'107self.site = "https://www.exploit-db.com/exploits/#{in_ctx_val}"108elsif in_ctx_id == 'US-CERT-VU'109self.site = "https://www.kb.cert.org/vuls/id/#{in_ctx_val}"110elsif in_ctx_id == 'ZDI'111self.site = "http://www.zerodayinitiative.com/advisories/ZDI-#{in_ctx_val}"112elsif in_ctx_id == 'WPVDB'113self.site = "https://wpscan.com/vulnerability/#{in_ctx_val}"114elsif in_ctx_id == 'PACKETSTORM'115self.site = "https://packetstormsecurity.com/files/#{in_ctx_val}"116elsif in_ctx_id == 'URL'117self.site = in_ctx_val.to_s118elsif in_ctx_id == 'LOGO'119self.site = "Logo: #{in_ctx_val}"120elsif in_ctx_id == 'SOUNDTRACK'121self.site = "Soundtrack: #{in_ctx_val}"122elsif in_ctx_id == 'ATT&CK'123match = in_ctx_val.match(/\A(?<category>[A-Z]+)(?<id>[\d.]+)\z/)124path = Msf::Mitre::Attack::Categories::PATHS[match[:category]]125id_path = match[:id].gsub('.', '/')126self.site = "https://attack.mitre.org/#{path}/#{match[:category]}#{id_path}/"127else128self.site = in_ctx_id129self.site += " (#{in_ctx_val})" if (in_ctx_val)130end131end132133#134# Returns the absolute site URL.135#136def to_s137return site || ''138end139140#141# Serializes a site URL string.142#143def from_s(str)144if (/(http:\/\/|https:\/\/|ftp:\/\/)/.match(str))145self.site = str146self.ctx_id = 'URL'147self.ctx_val = self.site148else149return false150end151152return true153end154155#156# The site being referenced.157#158attr_reader :site159#160# The context identifier of the site, such as CVE.161#162attr_reader :ctx_id163#164# The context value of the reference, such as MS02-039165#166attr_reader :ctx_val167168protected169170attr_writer :site, :ctx_id, :ctx_val171172end173174175