From cf726bc31abac068180173b0de8a899c2f3edd40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 14 May 2017 21:52:58 +0100 Subject: [PATCH] metasploit: 3.3.1 -> 4.14.17 use bundler env now fixes #8870 --- pkgs/tools/security/metasploit/Gemfile | 4 + pkgs/tools/security/metasploit/Gemfile.lock | 264 ++++++++ pkgs/tools/security/metasploit/default.nix | 49 +- pkgs/tools/security/metasploit/gemset.nix | 708 ++++++++++++++++++++ pkgs/tools/security/metasploit/shell.nix | 14 + 5 files changed, 1023 insertions(+), 16 deletions(-) create mode 100644 pkgs/tools/security/metasploit/Gemfile create mode 100644 pkgs/tools/security/metasploit/Gemfile.lock create mode 100644 pkgs/tools/security/metasploit/gemset.nix create mode 100644 pkgs/tools/security/metasploit/shell.nix diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile new file mode 100644 index 000000000000..52987d4bf8c8 --- /dev/null +++ b/pkgs/tools/security/metasploit/Gemfile @@ -0,0 +1,4 @@ +# frozen_string_literal: true +source "https://rubygems.org" + +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/4.14.17" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock new file mode 100644 index 000000000000..f19dc8b068e2 --- /dev/null +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -0,0 +1,264 @@ +GIT + remote: https://github.com/rapid7/metasploit-framework + revision: fd3da8f3350d6cf7f0449bf0ead4d51747525c0a + ref: refs/tags/4.14.17 + specs: + metasploit-framework (4.14.17) + actionpack (~> 4.2.6) + activerecord (~> 4.2.6) + activesupport (~> 4.2.6) + bcrypt + bit-struct + filesize + jsobfu + json + metasm + metasploit-concern + metasploit-credential + metasploit-model + metasploit-payloads (= 1.2.29) + metasploit_data_models + metasploit_payloads-mettle (= 0.1.9) + msgpack + nessus_rest + net-ssh + network_interface + nexpose + nokogiri + octokit + openssl-ccm + openvas-omp + packetfu + patch_finder + pcaprub + pg + railties + rb-readline + recog + redcarpet + rex-arch (= 0.1.4) + rex-bin_tools + rex-core + rex-encoder + rex-exploitation + rex-java + rex-mime + rex-nop + rex-ole + rex-powershell + rex-random_identifier + rex-registry + rex-rop_builder + rex-socket + rex-sslscan + rex-struct2 + rex-text + rex-zip + robots + ruby_smb + rubyntlm + rubyzip + sqlite3 + sshkey + tzinfo + tzinfo-data + windows_error + xmlrpc + +GEM + remote: https://rubygems.org/ + specs: + actionpack (4.2.8) + actionview (= 4.2.8) + activesupport (= 4.2.8) + rack (~> 1.6) + rack-test (~> 0.6.2) + rails-dom-testing (~> 1.0, >= 1.0.5) + rails-html-sanitizer (~> 1.0, >= 1.0.2) + actionview (4.2.8) + activesupport (= 4.2.8) + builder (~> 3.1) + erubis (~> 2.7.0) + rails-dom-testing (~> 1.0, >= 1.0.5) + rails-html-sanitizer (~> 1.0, >= 1.0.3) + activemodel (4.2.8) + activesupport (= 4.2.8) + builder (~> 3.1) + activerecord (4.2.8) + activemodel (= 4.2.8) + activesupport (= 4.2.8) + arel (~> 6.0) + activesupport (4.2.8) + i18n (~> 0.7) + minitest (~> 5.1) + thread_safe (~> 0.3, >= 0.3.4) + tzinfo (~> 1.1) + addressable (2.5.1) + public_suffix (~> 2.0, >= 2.0.2) + arel (6.0.4) + arel-helpers (2.3.0) + activerecord (>= 3.1.0, < 6) + bcrypt (3.1.11) + bindata (2.4.0) + bit-struct (0.16) + builder (3.2.3) + erubis (2.7.0) + faraday (0.12.1) + multipart-post (>= 1.2, < 3) + filesize (0.1.1) + i18n (0.8.1) + jsobfu (0.4.2) + rkelly-remix + json (2.1.0) + loofah (2.0.3) + nokogiri (>= 1.5.9) + metasm (1.0.3) + metasploit-concern (2.0.4) + activemodel (~> 4.2.6) + activesupport (~> 4.2.6) + railties (~> 4.2.6) + metasploit-credential (2.0.9) + metasploit-concern + metasploit-model + metasploit_data_models + pg + railties + rubyntlm + rubyzip + metasploit-model (2.0.4) + activemodel (~> 4.2.6) + activesupport (~> 4.2.6) + railties (~> 4.2.6) + metasploit-payloads (1.2.29) + metasploit_data_models (2.0.14) + activerecord (~> 4.2.6) + activesupport (~> 4.2.6) + arel-helpers + metasploit-concern + metasploit-model + pg + postgres_ext + railties (~> 4.2.6) + recog (~> 2.0) + metasploit_payloads-mettle (0.1.9) + mini_portile2 (2.1.0) + minitest (5.10.2) + msgpack (1.1.0) + multipart-post (2.0.0) + nessus_rest (0.1.6) + net-ssh (4.1.0) + network_interface (0.0.1) + nexpose (6.0.0) + nokogiri (1.7.2) + mini_portile2 (~> 2.1.0) + octokit (4.7.0) + sawyer (~> 0.8.0, >= 0.5.3) + openssl-ccm (1.2.1) + openvas-omp (0.0.4) + packetfu (1.1.13) + pcaprub + patch_finder (1.0.2) + pcaprub (0.12.4) + pg (0.20.0) + pg_array_parser (0.0.9) + postgres_ext (3.0.0) + activerecord (>= 4.0.0) + arel (>= 4.0.1) + pg_array_parser (~> 0.0.9) + public_suffix (2.0.5) + rack (1.6.6) + rack-test (0.6.3) + rack (>= 1.0) + rails-deprecated_sanitizer (1.0.3) + activesupport (>= 4.2.0.alpha) + rails-dom-testing (1.0.8) + activesupport (>= 4.2.0.beta, < 5.0) + nokogiri (~> 1.6) + rails-deprecated_sanitizer (>= 1.0.1) + rails-html-sanitizer (1.0.3) + loofah (~> 2.0) + railties (4.2.8) + actionpack (= 4.2.8) + activesupport (= 4.2.8) + rake (>= 0.8.7) + thor (>= 0.18.1, < 2.0) + rake (12.0.0) + rb-readline (0.5.4) + recog (2.1.6) + nokogiri + redcarpet (3.4.0) + rex-arch (0.1.4) + rex-text + rex-bin_tools (0.1.3) + metasm + rex-arch + rex-core + rex-struct2 + rex-text + rex-core (0.1.10) + rex-encoder (0.1.4) + metasm + rex-arch + rex-text + rex-exploitation (0.1.14) + jsobfu + metasm + rex-arch + rex-encoder + rex-text + rex-java (0.1.5) + rex-mime (0.1.5) + rex-text + rex-nop (0.1.1) + rex-arch + rex-ole (0.1.6) + rex-text + rex-powershell (0.1.72) + rex-random_identifier + rex-text + rex-random_identifier (0.1.2) + rex-text + rex-registry (0.1.3) + rex-rop_builder (0.1.3) + metasm + rex-core + rex-text + rex-socket (0.1.6) + rex-core + rex-sslscan (0.1.4) + rex-socket + rex-text + rex-struct2 (0.1.2) + rex-text (0.2.15) + rex-zip (0.1.3) + rex-text + rkelly-remix (0.0.7) + robots (0.10.1) + ruby_smb (0.0.12) + bindata + rubyntlm + windows_error + rubyntlm (0.6.2) + rubyzip (1.2.1) + sawyer (0.8.1) + addressable (>= 2.3.5, < 2.6) + faraday (~> 0.8, < 1.0) + sqlite3 (1.3.13) + sshkey (1.9.0) + thor (0.19.4) + thread_safe (0.3.6) + tzinfo (1.2.3) + thread_safe (~> 0.1) + tzinfo-data (1.2017.2) + tzinfo (>= 1.0.0) + windows_error (0.1.2) + xmlrpc (0.3.0) + +PLATFORMS + ruby + +DEPENDENCIES + metasploit-framework! + +BUNDLED WITH + 1.14.6 diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 41d9934191d7..5e21996caac8 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -1,34 +1,51 @@ -{ stdenv, fetchurl, makeWrapper, ruby }: +{ stdenv, fetchFromGitHub, makeWrapper, ruby, bundlerEnv, ncurses }: -stdenv.mkDerivation rec { +# Maintainer notes for updating: +# 1. increment version number in expression and in Gemfile +# 2. run $ nix-shell --command "bundler install && bundix" +# in metasploit in nixpkgs + +let + env = bundlerEnv { + inherit ruby; + name = "metasploit-bundler-env"; + gemdir = ./.; + }; +in stdenv.mkDerivation rec { name = "metasploit-framework-${version}"; - version = "3.3.1"; + version = "4.14.17"; - src = fetchurl { - url = "http://downloads.metasploit.com/data/releases/archive/framework-${version}.tar.bz2"; - sha256 = "07clzw1zfnqjhyydsc4mza238isai58p7aygh653qxsqb9a0j7qw"; + src = fetchFromGitHub { + owner = "rapid7"; + repo = "metasploit-framework"; + rev = version; + sha256 = "0g666lxin9f0v9vhfh3s913ym8fnh32rpfl1rpj8d8n1azch5fn0"; }; - buildInputs = [makeWrapper]; + buildInputs = [ makeWrapper ]; + + dontPatchelf = true; # stay away from exploit executables installPhase = '' - mkdir -p $out/share/msf - mkdir -p $out/bin + mkdir -p $out/{bin,share/msf} cp -r * $out/share/msf for i in $out/share/msf/msf*; do - makeWrapper $i $out/bin/$(basename $i) --prefix RUBYLIB : $out/share/msf/lib + bin=$out/bin/$(basename $i) + cat > $bin < {}; +stdenv.mkDerivation { + name = "env"; + buildInputs = [ + sqlite + libpcap + postgresql + libxml2 + libxslt + pkgconfig + bundix + ]; +}