RubyGems - metasploit-payloads - Versions diffs - 2.0.152 → 2.0.154 - Mend

metasploit-payloads 2.0.152 → 2.0.154

Files changed (96) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/.gitignore +1 -0
data/.rspec +1 -0
data/Gemfile +4 -0
data/data/android/meterpreter.dex +0 -0
data/data/android/meterpreter.jar +0 -0
data/data/android/metstage.jar +0 -0
data/data/android/shell.jar +0 -0
data/data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class +0 -0
data/data/java/javapayload/stage/Meterpreter.class +0 -0
data/data/java/metasploit/AESEncryption.class +0 -0
data/data/java/metasploit/Payload.class +0 -0
data/data/meterpreter/dump_sam.x64.debug.dll +0 -0
data/data/meterpreter/dump_sam.x64.dll +0 -0
data/data/meterpreter/dump_sam.x86.debug.dll +0 -0
data/data/meterpreter/dump_sam.x86.dll +0 -0
data/data/meterpreter/elevator.x64.debug.dll +0 -0
data/data/meterpreter/elevator.x64.dll +0 -0
data/data/meterpreter/elevator.x86.debug.dll +0 -0
data/data/meterpreter/elevator.x86.dll +0 -0
data/data/meterpreter/ext_server_bofloader.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_bofloader.x64.dll +0 -0
data/data/meterpreter/ext_server_bofloader.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_bofloader.x86.dll +0 -0
data/data/meterpreter/ext_server_espia.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_espia.x64.dll +0 -0
data/data/meterpreter/ext_server_espia.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_espia.x86.dll +0 -0
data/data/meterpreter/ext_server_extapi.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_extapi.x64.dll +0 -0
data/data/meterpreter/ext_server_extapi.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_extapi.x86.dll +0 -0
data/data/meterpreter/ext_server_incognito.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_incognito.x64.dll +0 -0
data/data/meterpreter/ext_server_incognito.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_incognito.x86.dll +0 -0
data/data/meterpreter/ext_server_kiwi.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_kiwi.x64.dll +0 -0
data/data/meterpreter/ext_server_kiwi.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_kiwi.x86.dll +0 -0
data/data/meterpreter/ext_server_lanattacks.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_lanattacks.x64.dll +0 -0
data/data/meterpreter/ext_server_lanattacks.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_lanattacks.x86.dll +0 -0
data/data/meterpreter/ext_server_peinjector.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_peinjector.x64.dll +0 -0
data/data/meterpreter/ext_server_peinjector.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_peinjector.x86.dll +0 -0
data/data/meterpreter/ext_server_powershell.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_powershell.x64.dll +0 -0
data/data/meterpreter/ext_server_powershell.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_powershell.x86.dll +0 -0
data/data/meterpreter/ext_server_priv.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_priv.x64.dll +0 -0
data/data/meterpreter/ext_server_priv.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_priv.x86.dll +0 -0
data/data/meterpreter/ext_server_python.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_python.x64.dll +0 -0
data/data/meterpreter/ext_server_python.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_python.x86.dll +0 -0
data/data/meterpreter/ext_server_sniffer.x64.dll +0 -0
data/data/meterpreter/ext_server_sniffer.x86.dll +0 -0
data/data/meterpreter/ext_server_stdapi.jar +0 -0
data/data/meterpreter/ext_server_stdapi.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_stdapi.x64.dll +0 -0
data/data/meterpreter/ext_server_stdapi.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_stdapi.x86.dll +0 -0
data/data/meterpreter/ext_server_unhook.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_unhook.x64.dll +0 -0
data/data/meterpreter/ext_server_unhook.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_unhook.x86.dll +0 -0
data/data/meterpreter/ext_server_winpmem.x64.debug.dll +0 -0
data/data/meterpreter/ext_server_winpmem.x64.dll +0 -0
data/data/meterpreter/ext_server_winpmem.x86.debug.dll +0 -0
data/data/meterpreter/ext_server_winpmem.x86.dll +0 -0
data/data/meterpreter/meterpreter.jar +0 -0
data/data/meterpreter/metsrv.x64.debug.dll +0 -0
data/data/meterpreter/metsrv.x64.dll +0 -0
data/data/meterpreter/metsrv.x86.debug.dll +0 -0
data/data/meterpreter/metsrv.x86.dll +0 -0
data/data/meterpreter/screenshot.x64.debug.dll +0 -0
data/data/meterpreter/screenshot.x64.dll +0 -0
data/data/meterpreter/screenshot.x86.debug.dll +0 -0
data/data/meterpreter/screenshot.x86.dll +0 -0
data/lib/metasploit-payloads/error.rb +36 -0
data/lib/metasploit-payloads/version.rb +1 -1
data/lib/metasploit-payloads.rb +93 -4
data/manifest +97 -0
data/manifest.uuid +1 -0
data/metasploit-payloads.gemspec +1 -0
data/spec/metasploit_payloads/metasploit_payloads_spec.rb +249 -0
data/spec/spec_helper.rb +103 -0
data.tar.gz.sig +0 -0
metadata +8 -2
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c6b614521a8692d83dbdcd888ead1fc78a44ea4227f23d159d2094a719225e6e
-  data.tar.gz: ec7bac3aa3dcd14c96abc36c31bef56fbaf9a1f7d285a42fef9eb8adbc7a6382
+  metadata.gz: 8be6e3a79a976f76e3bdcd7131211f87d506e1d7951c8570970a00cca95d0685
+  data.tar.gz: 2aec19188104778d80c4626f306f11d8eb290f2e56b34b2881b59692c4fd5567
 SHA512:
-  metadata.gz: 1a1213c5d5c798902dfa47de56486b54ae3800d10f68af6d3545d93a395d38d37a29506d24037c32c3762b45bacd5ad277b107df1a9770f88684c8c4b84c0819
-  data.tar.gz: fc0e78c139ec19c9fa293427ce59db005ce95b3b29fd028d07a0b481d342647ab62b8dabd7ffcb4c6b7621241885b1900d381d21bfcc0c61588cd24795df467c
+  metadata.gz: 352963fe40d6ce798c357c117dfaca9bdf99f5a504bc89b56586e5c0f8a852c896605a800db41c525ca4a350a06b1f37258f14da2fc93b43fd5d14719f4cf863
+  data.tar.gz: 261e198987bd0aa0f4e05319fd31145781c83cf456f13148047174489f43be9e7aa4f452a156e9244773fac8599ebfd9ee610adcbeb4ab2f7266ca67757c9180

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/.gitignore CHANGED Viewed

@@ -7,6 +7,7 @@ InstalledFiles
 lib/bundler/man
 rdoc
 spec/reports
+spec/examples.txt
 test/tmp
 test/version_tmp
 tmp

data/.rspec ADDED Viewed

	@@ -0,0 +1 @@
1	+ --require spec_helper

data/Gemfile CHANGED Viewed

@@ -2,3 +2,7 @@ source 'https://rubygems.org'
 # Specify your gem's dependencies in meterpreter_binaries.gemspec
 gemspec
+group :test do
+  gem 'rspec'
+end

data/data/android/meterpreter.dex CHANGED Viewed

Binary file

data/data/android/meterpreter.jar CHANGED Viewed

Binary file

data/data/android/metstage.jar CHANGED Viewed

Binary file

data/data/android/shell.jar CHANGED Viewed

Binary file

data/data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class CHANGED Viewed

Binary file

data/data/java/javapayload/stage/Meterpreter.class CHANGED Viewed

Binary file

data/data/java/metasploit/AESEncryption.class CHANGED Viewed

Binary file

data/data/java/metasploit/Payload.class CHANGED Viewed

Binary file

data/data/meterpreter/dump_sam.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/dump_sam.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/dump_sam.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/dump_sam.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.jar CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/meterpreter.jar CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.dll CHANGED Viewed

Binary file

data/lib/metasploit-payloads/error.rb ADDED Viewed

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+module MetasploitPayloads
+  class Error < StandardError
+  end
+  # Error raised when a Metasploit Payloads file doesn't exist.
+  class NotFoundError < Error
+    attr_reader :path
+    def initialize(path = '')
+      @path = path
+      super("Meterpreter path #{@path} not found. Ensure antivirus is not enabled, or reinstall Metasploit.")
+    end
+  end
+  # Error raised when the user does not have read permissions for a Metasploit Payloads file
+  class NotReadableError < Error
+    attr_reader :path
+    def initialize(path = '')
+      @path = path
+      super("Meterpreter path #{@path} is not readable. Check if you have read access and try again.")
+    end
+  end
+  # Error raised when a Metasploit Payloads file's hash does not match what is defined in the manifest file.
+  class HashMismatchError < Error
+    attr_reader :path
+    def initialize(path = '')
+      @path = path
+      super("Meterpreter path #{@path} does not match the hash defined in the Metasploit Payloads manifest file.")
+    end
+  end
+end

data/lib/metasploit-payloads/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.152'
+  VERSION = '2.0.154'
   def self.version
     VERSION

data/lib/metasploit-payloads.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 # -*- coding:binary -*-
+require 'openssl' unless defined? OpenSSL::Digest
 require 'metasploit-payloads/version' unless defined? MetasploitPayloads::VERSION
+require 'metasploit-payloads/error' unless defined? MetasploitPayloads::Error
 #
 # This module dispenses Metasploit payload binary files
@@ -10,6 +12,56 @@ module MetasploitPayloads
   METERPRETER_SUBFOLDER = 'meterpreter'
   USER_DATA_SUBFOLDER   = 'payloads'
+  #
+  # @return [Array<Hash<String, Symbol>>] An array of filenames with warnings. Provides a file name and error.
+  #  Empty if all needed Meterpreter files exist and have the correct hash.
+  def self.manifest_errors
+    manifest_errors = []
+    begin
+      manifest_contents = ::File.binread(manifest_path)
+    rescue => e
+      return [{ path: manifest_path, error: e }]
+    end
+    begin
+      manifest_uuid_contents = ::File.binread(manifest_uuid_path)
+    rescue => e
+      manifest_errors.append({ path: manifest_uuid_path, error: e })
+    end
+    # Check if the hash of the manifest file is correct.
+    if manifest_uuid_contents
+      manifest_digest = ::OpenSSL::Digest.new('SHA3-256', manifest_contents)
+      uuid_matches = (manifest_uuid_contents.chomp == manifest_digest.to_s)
+      unless uuid_matches
+        e = ::MetasploitPayloads::HashMismatchError.new(manifest_path)
+        manifest_errors.append({ path: manifest_path, error: e })
+      end
+    end
+    manifest_contents.each_line do |line|
+      filename, hash_type, hash = line.chomp.split(':')
+      begin
+        # self.path prepends the gem data directory, which is already present in the manifest file.
+        out_path = self.path(filename.sub('./data/', ''))
+        # self.path can return a path to the gem data, or user's local data.
+        bundled_file = out_path.start_with?(data_directory)
+        if bundled_file
+          file_hash_match = (::OpenSSL::Digest.new(hash_type, ::File.binread(out_path)).to_s == hash)
+          unless file_hash_match
+            e = ::MetasploitPayloads::HashMismatchError.new(out_path)
+            manifest_errors.append({ path: e.path, error: e })
+          end
+        end
+      rescue ::MetasploitPayloads::NotFoundError, ::MetasploitPayloads::NotReadableError => e
+        manifest_errors.append({ path: e.path, error: e })
+      end
+    end
+    manifest_errors
+  end
   #
   # Get the path to an extension based on its name (no prefix).
   #
@@ -17,6 +69,14 @@ module MetasploitPayloads
     path(METERPRETER_SUBFOLDER, "#{EXTENSION_PREFIX}#{ext_name}.#{binary_suffix}")
   end
+  #
+  # Get the path for the first readable path in the provided arguments.
+  # Start with the provided `extra_paths` then fall back to the `gem_path`.
+  #
+  # @param [String] gem_path a path to the gem
+  # @param [Array<String>] extra_paths a path to any extra paths that should be evaluated for local files before `gem_path`
+  # @raise [NotReadableError] if the user doesn't have read permissions for the currently-evaluated path
+  # @return [String,nil] A readable path or nil
   def self.readable_path(gem_path, *extra_paths)
     # Try the MSF path first to see if the file exists, allowing the MSF data
     # folder to override what is in the gem. This is very helpful for
@@ -24,12 +84,18 @@ module MetasploitPayloads
     # each time. We only do this is MSF is installed.
     extra_paths.each do |extra_path|
       if ::File.readable? extra_path
-        warn_local_path(extra_path) if ::File.readable? gem_path
+        warn_local_path(extra_path)
         return extra_path
+      else
+        # Raise rather than falling back;
+        # If there is a local file present, let's assume that the user wants to use it (e.g. local dev. changes)
+        # rather than having MSF Console falling back to the files in the gem
+        raise ::MetasploitPayloads::NotReadableError, extra_path, caller if ::File.exist?(extra_path)
       end
     end
     return gem_path if ::File.readable? gem_path
+    raise ::MetasploitPayloads::NotReadableError, gem_path, caller if ::File.exist?(gem_path)
     nil
   end
@@ -37,21 +103,36 @@ module MetasploitPayloads
   #
   # Get the path to a meterpreter binary by full name.
   #
+  # @param [String] name The name of the requested binary without any file extensions
+  # @param [String] binary_suffix The binary extension, without the leading '.' char (e.g. `php`, `jar`)
+  # @param [Boolean] debug Request a debug version of the binary. This adds a
+  #  leading '.debug' to the extension if looking for a DLL file.
   def self.meterpreter_path(name, binary_suffix, debug: false)
     binary_suffix = binary_suffix&.gsub(/dll$/, 'debug.dll') if debug
     path(METERPRETER_SUBFOLDER, "#{name}.#{binary_suffix}".downcase)
   end
   #
-  # Get the full path to any file packaged in this gem by local path and name.
+  # Get the full path to any file packaged in this gem or other Metasploit Framework directories by local path and name.
   #
+  # @param [Array<String>] path_parts requested path parts that will be joined
+  # @raise [NotFoundError] if the requested path/file does not exist
+  # @raise [NotReadableError] if the requested file exists but the user doesn't have read permissions
+  # @return [String,nil] A path or nil
   def self.path(*path_parts)
     gem_path = expand(data_directory, ::File.join(path_parts))
     if metasploit_installed?
       user_path = expand(Msf::Config.config_directory, ::File.join(USER_DATA_SUBFOLDER, path_parts))
       msf_path = expand(Msf::Config.data_directory, ::File.join(path_parts))
+      out_path = readable_path(gem_path, user_path, msf_path)
+    else
+      out_path = readable_path(gem_path)
     end
-    readable_path(gem_path, user_path, msf_path)
+    return out_path unless out_path.nil?
+    raise ::MetasploitPayloads::NotFoundError, ::File.join(gem_path), caller unless ::File.exist?(gem_path)
+    nil
   end
   #
@@ -61,7 +142,7 @@ module MetasploitPayloads
     file_path = path(path_parts)
     if file_path.nil?
       full_path = ::File.join(path_parts)
-      fail RuntimeError, "#{full_path} not found", caller
+      raise ::MetasploitPayloads::NotFoundError, full_path, caller
     end
     ::File.binread(file_path)
@@ -203,5 +284,13 @@ module MetasploitPayloads
       things
     end
+    def manifest_path
+      ::File.realpath(::File.join(::File.dirname(__FILE__), '..', 'manifest'))
+    end
+    def manifest_uuid_path
+      ::File.realpath(::File.join(::File.dirname(__FILE__), '..', 'manifest.uuid'))
+    end
   end
 end

data/manifest ADDED Viewed

@@ -0,0 +1,97 @@
+./data/android/apk/AndroidManifest.xml:SHA3-256:cff0a10406eef30a6e8b558efa6695a2e183f11ada105e2fc2342ab174f1fc95
+./data/android/apk/classes.dex:SHA3-256:0ca34b9e74428678ca808e3601eb30ec78256d76a38c8eecf26e5f419837b769
+./data/android/apk/resources.arsc:SHA3-256:9a6f5eb5cb24fb1f83808a67c692e66c1a698d6222db2000b8b07e595689311f
+./data/android/meterpreter.dex:SHA3-256:6105628e55ccab5412f899bc8bb563796b53f5941d48283ff892abc09fbd1c6a
+./data/android/meterpreter.jar:SHA3-256:644553f5c9616780c1b8f420a90614b88da5b18ff1a774896d87fa7810798896
+./data/android/metstage.jar:SHA3-256:9dadc846e9cd52534631574bd1a5665dd0efb81dfdf26e435d4a0036a546ee27
+./data/android/shell.jar:SHA3-256:db129427fc3d9195f254cf6e9c4bd75eb0c077ab115a76c72aebae1d406ff3d4
+./data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class:SHA3-256:a5a729165ff85444ee954f19590782def0a66b1941e89f3cb5baed1df72818c8
+./data/java/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.class:SHA3-256:386dd1d33383a0d1ac221bf4b914d8b648f5f47aefb3cad0e8d16988854e1762
+./data/java/javapayload/stage/Meterpreter.class:SHA3-256:9124d682defeba42a88c766bee21c4d4a0c7c37f63f1928a2614c4d1bea2fecf
+./data/java/javapayload/stage/Shell.class:SHA3-256:78aeee685de937bd62a5364ca1a16a798f1c963968b829bcfcb675723d4f8650
+./data/java/javapayload/stage/Stage.class:SHA3-256:d99ce29ee9dfc87830e114bf872c7f75c40eac6f759a85537a661dfdea62a003
+./data/java/javapayload/stage/StreamForwarder.class:SHA3-256:d2b38771450580a68f7ff6131798d53ff979f2bcd2e5b0f444f6d90a25274599
+./data/java/metasploit/AESEncryption.class:SHA3-256:66007714b525a8151208e133755f7e0fe1fbf1bd27fe11618722d428886fbb69
+./data/java/metasploit/JMXPayload.class:SHA3-256:74a131478fd1afa1c863cc000674cf145182ece98e8f8cfba5e406022d6be0e9
+./data/java/metasploit/JMXPayloadMBean.class:SHA3-256:58e5dd1100a80110264f249e01eca58a56ed05f255f70fc30b67e1c0859d7873
+./data/java/metasploit/Payload.class:SHA3-256:c53080cf5ab6ea1d57cd1430419234fc0146e0d5cb970db569e4ddabcf3e0c66
+./data/java/metasploit/PayloadServlet.class:SHA3-256:56f7c3d907ec4cea0a0685627fe5be2edc021e5fd13a62d26846bfc41373d0bb
+./data/java/metasploit/PayloadTrustManager.class:SHA3-256:e2d25c8b3e43f584e198e46c2576b367f96275800a96a42fd2dc2c81059a3c41
+./data/java/metasploit/RMILoader.class:SHA3-256:4add539548d76e0142ff5e6ccdba6ee4b21191354be1a40499cb2a745b480bee
+./data/java/metasploit/RMIPayload.class:SHA3-256:0d3e96836a8c3591f4bc827b33c4edb0b4f505a9f17cb0bdb27a367fb71d53c3
+./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:785cee32f256748d7581c2c99b2c7fc785b80cc4b98c04b23663083d9cbb63fe
+./data/meterpreter/dump_sam.x64.dll:SHA3-256:802b6fd59c81271de108ed34629591a54e595d4674b2994bcf193c3f14541f21
+./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:6a20175fdbc8c81fa1a8a7acf5b1bcd3a446361bc62df655bea03ee6f020946a
+./data/meterpreter/dump_sam.x86.dll:SHA3-256:b2586ce65fbc44ca65e3e1bb306e98ddc443731ad68dded7dc421a1a1a7eb044
+./data/meterpreter/elevator.x64.debug.dll:SHA3-256:8baefe56b2f90fdf0c30242aa64410fcf9388781542c25f1122f2eabc1c4b60d
+./data/meterpreter/elevator.x64.dll:SHA3-256:3c0aea83b1ff9ed1b5c577a8f5c9a609cc5ed49986fb73aa3a75939cf2ab6f1b
+./data/meterpreter/elevator.x86.debug.dll:SHA3-256:acbf23f52c53752019f41612ade31cb363ed5bbed93b1bad053120bb90aeb33e
+./data/meterpreter/elevator.x86.dll:SHA3-256:bac995312f1833e90cc5ab65989baa011c0367630b0fea948b618004435c0d56
+./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:6ea2c2337477ccd1c5b8d3970638c19dac5fcd87fd344eb44d1e3f5edbf20115
+./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:20e680450f461dbc94cae49dcee97447ebb0c73c75355445c63a88cc51f0a233
+./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:3ade3073d62002e9f4b5846d3caf83a01fde51b8c00ad27721bee0688990bb7a
+./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:73e81d200d754ea9dd6dc1784cac396fad577f3ffd9b912a34211d2b3309cf5f
+./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:291edf708eea4a682de78fc9e43dc9bf9a45447783b5bb98e13645e868bb589a
+./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:07841363017e9f77f564a9c67b3b00e2b032b8715fe7fb80540772f404936d7e
+./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:6429005b28c1d1088d1c7bb043b1abb07b60b1de2832a178c9fb772b99850ad0
+./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:dc675fd01b4f9bab251877e843e7f7c6117678d7e9d6da2389b5d612aac7198f
+./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:1235b5aede8db36c99786272f92130d9f8fc3aff4ea4312c54b7ecb5ef9f5f26
+./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:0622c13932e5b92f6648b03f6b30993f169bf945ee311ebc1b3e7cef74b8b075
+./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:dd9b373b5cbff2dded38eee4619cb6f2cc64b263157cf94494d15c1e94dc27cf
+./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:8b5fa9ca4ad31f38bb00609dfcbdaf1db8554847a3bdbf302218cad9555f5e7d
+./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:e74587432b16a267901ddaca692ec9e7a85fde753796ced495635f101a123127
+./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:933ea101fdb29646f762d7e0ba2a3147c3579fa857857c39841c28c03328e148
+./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:79379c113c07b6294d9ef90f59a055a08dc2cbd3817bf592bb32f8c165789a0c
+./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:daa959d55cee072928715bb814fb93f1b8aac6ba2b6e9d85315a319e1f9f6911
+./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:71638f41ac701e4f32e888d9060f5bbbc053283399ac6c2229469bbb6b523d15
+./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:7f0a56cc9e8ee86da54163813c23c4a3bc8070fe498d61ebf19b02dc47f261fe
+./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:1f714bdd7e29191f40dee22c89696c7eeb6c5932f7aeeee798f3ca75ed52b345
+./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:ae534cada086f1727716795222b3b89d2a0534da6ca2bd65bc119db156830904
+./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:55e8fd764ac6d3b6eb9724dcb3c058ff5ab37f7e51fe2f15fe7dda82820bbfd5
+./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:653baca1f7394ebe3f72b7518dd0267912f4e4f843e5439043f66e9c87794505
+./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:ac9ae1499d78c6b0814344b97a931b8cd8537e8e01949c7e6aea957d4d0948b8
+./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:cd2add87348966311b2a8239cad43cfcadb966209b7a40989b25a6d1744f6377
+./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:559d62001bddb7b3c0fb5388bd01e19d5c3a0139dabb1160dbe1022fc7c006ac
+./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:e4be6ccbd3c6d8d46401e5da1eeebce71a7a323bbd36763da91196d4d2169231
+./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:d64c816321063138be26d8025b5bb835d8e4a109edcce9d807a12626d2781f89
+./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:198aff2d850d53037140bd219d61d67172e736b33299608d01446f2043829f62
+./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:a1759c33feb673ad69d343c21e81a32174d8382aa8e4780a05a616456e99e5f5
+./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:927157d6c4c9ed97ac6c44c5eb3d32c4e8af75788e1a4bda9135993d2f9cb179
+./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:f23072816c21859eba191193959c7ce67f41bc93488643a763a64900ab6d4cd0
+./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:254b1b3755cf040918896b959d1ff1b25404c11056b2502a2bdde7bd35c031dc
+./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:f051cacdd39eb770c3be0fa2ccd2a4f64e23e51687d6caa43b3b99313b94ccbd
+./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:443f7a82d5cb1486c751751b31723be137f5f77867ae69a3a39d22ef244c1502
+./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:36024f9ee7071ad2700eea3dcd4f6e947d58ebf0d55b3e636a4b8d0a91210f26
+./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:7b316484d3dc6acead1fceb9b61b676d5ae27291ddc91ca001ae811d12f68635
+./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:c642d56929929c56d1173df0770fc31070bebd325569795a1d74ac555fda80a1
+./data/meterpreter/ext_server_python.x64.dll:SHA3-256:86cfa76153a941c73559f878b1e2b1fee3754749205819ed269e5d7f33502f3f
+./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:a17feaed376a0352888ada4fafda64e08ee18fc03704986def611d0957b35807
+./data/meterpreter/ext_server_python.x86.dll:SHA3-256:6875f74994f247dc878f9c7449bf92d0b3a201a932c41305b3e29406e7e370de
+./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:c61f200a5cdeb37ad4e75754b5ca3e039bd646d808e6a52a489a51a3dd53a30d
+./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:608f90d349bffec26e9d88591b764a71e9a739b7be76acc83a9272d266b4ea2f
+./data/meterpreter/ext_server_stdapi.jar:SHA3-256:c064899075585b124102f7015ba6d0ab8aa5e773377ebed7e69cd467d3b6aa26
+./data/meterpreter/ext_server_stdapi.php:SHA3-256:92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5
+./data/meterpreter/ext_server_stdapi.py:SHA3-256:3ed09316bdc2038873e5a3dc42bd8d725fdb66cf93a0f87300876d1e64ce6b3c
+./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:154c8ed4e92d92de6f60bd4c26ea7f8fab376bbd2712463313f1c103effaa1d7
+./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:93326c89324f7b55880afd9c4fa2814547400a4573eb219df19ec5ecc4b4365d
+./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:4dfce463d19f4a406d82cef018abdb83b3eaac8ce2d2da76fdd2701328369f03
+./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:8e05104a76b0de05a738c3677a353b8c11e7427ebbc3e8a58bebe75d608de708
+./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:d62db48cb7436eaddbc555213a8bd1dc859abe6325e10a18787a40a4ee7a14a2
+./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:ac42b7ed5916ae528237268716dbebca4f192dd44aa110a6a27e736640afed05
+./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:0ffe18aa87b330a2114fe773eb348357625c4ea79012d7e536954509500e060b
+./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:449eda2f641c1ac36266304494647b538062123a1b09d80d291bf499e3760617
+./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:15e1303ee7c80da536ddd8de4ae68f7ac698b170d9df3d8f73ac635550e4704f
+./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:b676cdc0a285b8bf058c5a4eedfd2e0a9e7319dd03690c6d5848d8b680f22589
+./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:bc5fe4881328848a7188469f23344db547ac3ba0282683a5dbbc9a9420fb64f3
+./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:ac760dbc5623c425ecefb8249eaee78d8a94b808f8dbac387292f77d60b26be9
+./data/meterpreter/meterpreter.jar:SHA3-256:fc4bd122c9df063808270708e91a0da546de2c7a139bbfa000af65f6b0727dff
+./data/meterpreter/meterpreter.php:SHA3-256:9389b1548410438d93ce12a2e276b7b2e77046845e6fca43b419b516de3871f9
+./data/meterpreter/meterpreter.py:SHA3-256:a4ed4d3bb4c28c208a3f00453ccd1c50bb958cc8c20905599e7ba40a3259dba5
+./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:c957f05143173351574d10ee9ee8e7e752a73bbbe46d1566dce89826e26dd19d
+./data/meterpreter/metsrv.x64.dll:SHA3-256:30cd3b37fe9af1a1882367b94e458f3ceba6792ab3833f15c3b41d895fa20f7d
+./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:abac7c6fc2deec55731649a38c6f4529dd9c8cd4398a9f9eacdc7696f5e1ea94
+./data/meterpreter/metsrv.x86.dll:SHA3-256:10266591ea8eaafab8abdbfc9553c4d873aebdebeaf1e9b0ea6ad9d79c458f0b
+./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:41ab6d6d31c4e7b19061a4b1d56ccf0eb45f16982b35c4e82713681aca4e99b5
+./data/meterpreter/screenshot.x64.dll:SHA3-256:9f9f2273bde229ba0bfe17b305d842428d465ccf98206c4573222baae1ef1fa2
+./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:dc30868b1bd6a58115fac0926a107b473de2ad76e31f83719dd025fe2124f248
+./data/meterpreter/screenshot.x86.dll:SHA3-256:225efea4164a0ce9dabe263da6df8f03bcac21daef7d13a19896690ebb5f78c7

data/manifest.uuid ADDED Viewed

	@@ -0,0 +1 @@
1	+ db210e75d5f3ab01cbd7d01be778ba52a03fe35438314094c412ff489a878dae

data/metasploit-payloads.gemspec CHANGED Viewed

@@ -17,6 +17,7 @@ Gem::Specification.new do |spec|
   spec.files         = `git ls-files`.split("\n")
   spec.files        += Dir['data/**/*']
+  spec.files        += Dir['manifest', 'manifest.uuid']
   spec.executables   = []
   spec.require_paths = ['lib']

data/spec/metasploit_payloads/metasploit_payloads_spec.rb ADDED Viewed

@@ -0,0 +1,249 @@
+# frozen_string_literal: true
+require 'metasploit-payloads'
+RSpec.describe ::MetasploitPayloads do
+  describe '::VERSION' do
+    it 'has a version number' do
+      expect(::MetasploitPayloads::VERSION).not_to be nil
+    end
+  end
+  describe '::Error' do
+    it 'has an Error class' do
+      expect(::MetasploitPayloads::Error.superclass).to be(::StandardError)
+    end
+    it 'has a NotFoundError class' do
+      expect(::MetasploitPayloads::NotFoundError.superclass).to be(::MetasploitPayloads::Error)
+    end
+    it 'has a NotReadableError class' do
+      expect(::MetasploitPayloads::NotReadableError.superclass).to be(::MetasploitPayloads::Error)
+    end
+    it 'has a HashMismatchError class' do
+      expect(::MetasploitPayloads::HashMismatchError.superclass).to be(::MetasploitPayloads::Error)
+    end
+  end
+  describe '#readable_path' do
+    let(:sample_file) { { name: 'meterpreter/meterpreter.py' } }
+    before :each do
+      allow(::File).to receive(:exist?).and_call_original
+      allow(::File).to receive(:readable?).and_call_original
+    end
+    context 'when the path is not readable' do
+      it 'raises a ::MetasploitPayloads::NotReadableError' do
+        allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
+        allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(false)
+        expect { subject.readable_path(sample_file[:name]) }.to raise_error(::MetasploitPayloads::NotReadableError)
+      end
+    end
+    context 'when the path does not exist' do
+      it 'returns nil' do
+        allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(false)
+        allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(false)
+        expect(subject.readable_path(sample_file[:name])).to eq(nil)
+      end
+    end
+    context 'when the path exists and is readable' do
+      it 'returns the correct path' do
+        allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
+        allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(true)
+        expect(subject.readable_path(sample_file[:name])).to eq(sample_file[:name])
+      end
+    end
+  end
+  describe '#path' do
+    let(:sample_file) { { name: 'meterpreter/meterpreter.py' } }
+    before :each do
+      allow(::File).to receive(:exist?).and_call_original
+      allow(::File).to receive(:readable?).and_call_original
+      allow(::MetasploitPayloads).to receive(:expand).and_call_original
+      allow(::MetasploitPayloads).to receive(:expand)
+        .with(::MetasploitPayloads.data_directory, sample_file[:name])
+        .and_return(sample_file[:name])
+    end
+    [
+      { context: 'is not readable', exist: true, readable: false, expected: ::MetasploitPayloads::NotReadableError },
+      { context: 'does not exist', exist: false, readable: false, expected: ::MetasploitPayloads::NotFoundError }
+    ].each do |test|
+      context "when the path #{test[:context]}" do
+        it "raises #{test[:expected]}" do
+          allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(test[:exist])
+          allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(test[:readable])
+          expect { subject.path(sample_file[:name]) }.to raise_error(test[:expected])
+        end
+      end
+    end
+    context 'when the path exists and is readable' do
+      it 'returns the correct path' do
+        allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
+        allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(true)
+        expect(subject.path(sample_file[:name])).to eq(sample_file[:name])
+      end
+    end
+  end
+  describe '#manifest_errors' do
+    let(:hash_type) { 'SHA3-256' }
+    let(:hash) { { type: hash_type, value: '92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5' } }
+    let(:sample_file) { { name: 'meterpreter/ext_server_stdapi.php', contents: 'sample_data', hash: hash } }
+    let(:manifest_values) { ["./data/#{sample_file[:name]}", sample_file[:hash][:type], sample_file[:hash][:value]] }
+    let(:manifest) { manifest_values.join(':') }
+    let(:manifest_uuid) { ::OpenSSL::Digest.new(hash_type, manifest).to_s }
+    let(:manifest_path) { 'manifest' }
+    let(:manifest_uuid_path) { 'manifest.uuid' }
+    before :each do
+      allow(::MetasploitPayloads).to receive(:manifest_path).and_call_original
+      allow(::MetasploitPayloads).to receive(:manifest_path).and_return(manifest_path)
+      allow(::MetasploitPayloads).to receive(:manifest_uuid_path).and_call_original
+      allow(::MetasploitPayloads).to receive(:manifest_uuid_path).and_return(manifest_uuid_path)
+      allow(::File).to receive(:binread).and_call_original
+      allow(::File).to receive(:binread).with(sample_file[:name]).and_return(sample_file[:contents])
+      allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_path)).and_return(manifest)
+      allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_uuid_path)).and_return(manifest_uuid)
+      allow(::OpenSSL::Digest).to receive(:new).and_call_original
+      allow(::OpenSSL::Digest).to receive(:new).with(hash_type,
+                                                     sample_file[:contents]).and_return(sample_file[:hash][:value])
+    end
+    context 'when manifest hash does not match' do
+      it 'result includes the manifest file' do
+        allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_uuid_path))
+                                          .and_return('mismatched_manifest_hash')
+        path = ::MetasploitPayloads.send(:manifest_path)
+        e = ::MetasploitPayloads::HashMismatchError.new(path)
+        expect(subject.manifest_errors).to include({ path: path, error: e })
+      end
+    end
+    context 'when manifest hash does match' do
+      it 'result does not include manifest' do
+        path = ::MetasploitPayloads.send(:manifest_uuid_path)
+        e = ::MetasploitPayloads::HashMismatchError.new(path)
+        expect(subject.manifest_errors).not_to include({ path: path, error: e })
+      end
+    end
+    context 'when there are no file warnings' do
+      it 'returns an empty array' do
+        allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_return(sample_file[:name])
+        allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
+        full_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
+        allow(::File).to receive(:readable?).with(full_file_path).and_return(true)
+        allow(::File).to receive(:binread).with(full_file_path).and_return(sample_file[:contents])
+        expect(subject.manifest_errors).to eq([])
+      end
+    end
+    [
+      { context: 'does not exist', error_class: ::MetasploitPayloads::NotFoundError },
+      { context: 'is not readable', error_class: ::MetasploitPayloads::NotReadableError }
+    ].each do |test|
+      context "when a file #{test[:context]}" do
+        it 'includes the correct error' do
+          error = test[:error_class].new(sample_file[:name])
+          allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
+          expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
+        end
+      end
+    end
+    context 'when a bundled file hash does not match' do
+      it 'includes the correct error' do
+        allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
+        full_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
+        allow(::File).to receive(:readable?).with(full_file_path).and_return(true)
+        allow(::File).to receive(:binread).with(full_file_path).and_return('mismatched_file_contents')
+        e = ::MetasploitPayloads::HashMismatchError.new(full_file_path)
+        expect(subject.manifest_errors).to include({ path: full_file_path, error: e })
+      end
+    end
+    context 'when the manifest file' do
+      context 'does not exist' do
+        it 'only includes the manifest error' do
+          # path = ::MetasploitPayloads.send(:manifest_path)
+          e = ::Errno::ENOENT.new(manifest_path)
+          allow(::File).to receive(:binread).with(manifest_path).and_raise(e)
+          expect(subject.manifest_errors).to eq([{ path: manifest_path, error: e }])
+        end
+      end
+      context 'cannot be read' do
+        it 'only includes the manifest error' do
+          e = ::Errno::EACCES.new(manifest_path)
+          allow(::File).to receive(:binread).with(manifest_path).and_raise(e)
+          expect(subject.manifest_errors).to eq([{ path: manifest_path, error: e }])
+        end
+      end
+    end
+    context 'when the manifest.uuid file' do
+      context 'does not exist' do
+        it 'includes the correct error' do
+          e = ::Errno::ENOENT.new(manifest_uuid_path)
+          allow(::File).to receive(:binread).with(manifest_uuid_path).and_raise(e)
+          expect(subject.manifest_errors).to include({ path: manifest_uuid_path, error: e })
+        end
+      end
+    end
+    context 'when manifest is readable and manifest.uuid is not readable' do
+      before :each do
+        allow(::File).to receive(:binread).with(manifest_uuid_path).and_raise(::Errno::EACCES.new(manifest_uuid_path))
+      end
+      it 'correctly evaluates a file hash mismatch' do
+        bundled_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
+        error = ::MetasploitPayloads::HashMismatchError.new(bundled_file_path)
+        allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_return(bundled_file_path)
+        allow(::File).to receive(:binread).with(bundled_file_path).and_return('sample_mismatched_contents')
+        expect(subject.manifest_errors).to include({ path: bundled_file_path, error: error })
+      end
+      it 'correctly evaluates a missing file' do
+        error = ::MetasploitPayloads::NotFoundError.new(sample_file[:name])
+        allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
+        expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
+      end
+      it 'correctly evaluates an unreadable file' do
+        error = ::MetasploitPayloads::NotReadableError.new(sample_file[:name])
+        allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
+        expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
+      end
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+require 'metasploit_payloads/metasploit_payloads_spec'
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause
+# this file to always be loaded, without a need to explicitly require it in any
+# files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, consider making
+# a separate helper file that requires the additional dependencies and performs
+# the additional setup, and require it from the spec files that actually need
+# it.
+#
+# The `.rspec` file also contains a few flags that are not defaults but that
+# users commonly want.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # This option will default to `true` in RSpec 4. It makes the `description`
+    # and `failure_message` of custom matchers include text for helper methods
+    # defined using `chain`, e.g.:
+    #     be_bigger_than(2).and_smaller_than(4).description
+    #     # => "be bigger than 2 and smaller than 4"
+    # ...rather than:
+    #     # => "be bigger than 2"
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended, and will default to
+    # `true` in RSpec 4.
+    mocks.verify_partial_doubles = true
+  end
+  # This option will default to `:apply_to_host_groups` in RSpec 4 (and will
+  # have no way to turn it off -- the option exists only for backwards
+  # compatibility in RSpec 3). It causes shared context metadata to be
+  # inherited by the metadata hash of host groups and examples, rather than
+  # triggering implicit auto-inclusion in groups with matching metadata.
+  config.shared_context_metadata_behavior = :apply_to_host_groups
+  # The settings below are suggested to provide a good initial experience
+  # with RSpec, but feel free to customize to your heart's content.
+  # This allows you to limit a spec run to individual examples or groups
+  # you care about by tagging them with `:focus` metadata. When nothing
+  # is tagged with `:focus`, all examples get run. RSpec also provides
+  # aliases for `it`, `describe`, and `context` that include `:focus`
+  # metadata: `fit`, `fdescribe` and `fcontext`, respectively.
+  config.filter_run_when_matching :focus
+  # Allows RSpec to persist some state between runs in order to support
+  # the `--only-failures` and `--next-failure` CLI options. We recommend
+  # you configure your source control system to ignore this file.
+  config.example_status_persistence_file_path = 'spec/examples.txt'
+  # Limits the available syntax to the non-monkey patched syntax that is
+  # recommended. For more details, see:
+  # https://rspec.info/features/3-12/rspec-core/configuration/zero-monkey-patching-mode/
+  config.disable_monkey_patching!
+  # This setting enables warnings. It's recommended, but in some cases may
+  # be too noisy due to issues in dependencies.
+  config.warnings = true
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+end

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.152
+  version: 2.0.154
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2023-09-28 00:00:00.000000000 Z
+date: 2023-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -137,6 +137,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rspec"
 - CONTRIBUTING.md
 - Gemfile
 - LICENSE
@@ -240,8 +241,13 @@ files:
 - data/meterpreter/screenshot.x86.debug.dll
 - data/meterpreter/screenshot.x86.dll
 - lib/metasploit-payloads.rb
+- lib/metasploit-payloads/error.rb
 - lib/metasploit-payloads/version.rb
+- manifest
+- manifest.uuid
 - metasploit-payloads.gemspec
+- spec/metasploit_payloads/metasploit_payloads_spec.rb
+- spec/spec_helper.rb
 homepage: http://www.metasploit.com
 licenses:
 - 3-clause (or "modified") BSD

metadata.gz.sig CHANGED Viewed

Binary file