Merge remote-tracking branch 'origin/master' into acronis-rce

h00die-gr3y · Nov 27, 2024 · a945a54 · a945a54
2 parents 3a2aa0f + 07ce1aa
commit a945a54
Show file tree

Hide file tree

Showing 159 changed files with 11,075 additions and 3,389 deletions.
diff --git a/.github/workflows/command_shell_acceptance.yml b/.github/workflows/command_shell_acceptance.yml
@@ -66,7 +66,7 @@ jobs:
           - windows-2019
           - ubuntu-20.04
         ruby:
-          - 3.0.2
+          - 3.1.5
         include:
           # Powershell
           - { command_shell: { name: powershell }, os: windows-2019 }

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -32,7 +32,7 @@ jobs:
   # Ensures that the docs site builds successfully. Note that this workflow does not deploy the docs site.
   build:
     runs-on: ubuntu-latest
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     strategy:
       fail-fast: true

diff --git a/.github/workflows/ldap_acceptance.yml b/.github/workflows/ldap_acceptance.yml
@@ -44,7 +44,7 @@ on:
 jobs:
   ldap:
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     strategy:
       fail-fast: true

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -29,7 +29,7 @@ on:
 jobs:
   msftidy:
     runs-on: ubuntu-latest
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     env:
       BUNDLE_WITHOUT: "coverage development pcap"

diff --git a/.github/workflows/mssql_acceptance.yml b/.github/workflows/mssql_acceptance.yml
@@ -44,7 +44,7 @@ on:
 jobs:
   mssql:
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     services:
       mssql:

diff --git a/.github/workflows/mysql_acceptance.yml b/.github/workflows/mysql_acceptance.yml
@@ -44,7 +44,7 @@ on:
 jobs:
   mysql:
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     services:
       mysql:

diff --git a/.github/workflows/postgres_acceptance.yml b/.github/workflows/postgres_acceptance.yml
@@ -44,7 +44,7 @@ on:
 jobs:
   postgres:
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     services:
       postgres:
@@ -54,7 +54,7 @@ jobs:
           POSTGRES_USER: postgres
           POSTGRES_PASSWORD: password
         options: >-
-          --health-cmd pg_isready
+          --health-cmd "pg_isready --username postgres"
           --health-interval 10s
           --health-timeout 5s
           --health-retries 5

diff --git a/.github/workflows/shared_meterpreter_acceptance.yml b/.github/workflows/shared_meterpreter_acceptance.yml
@@ -70,7 +70,7 @@ jobs:
           - windows-2019
           - ubuntu-20.04
         ruby:
-          - 3.0.2
+          - 3.1.5
         meterpreter:
           # Python
           - { name: python, runtime_version: 3.6 }
@@ -158,8 +158,7 @@ jobs:
 
       - name: Get mettle version
         if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          echo "METTLE_VERSION=$(grep -oh '[0-9].[0-9].[0-9]*' lib/metasploit_payloads/mettle/version.rb)" | tee -a $GITHUB_ENV
+        run: echo "METTLE_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" lib/metasploit_payloads/mettle/version.rb)" | tee -a $GITHUB_ENV
         working-directory: mettle
 
       - name: Prerequisite mettle gem setup
@@ -244,13 +243,39 @@ jobs:
         working-directory: metasploit-framework
 
       - name: Checkout metasploit-payloads
-        if: ${{ inputs.build_metasploit_payloads }}
+        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
         uses: actions/checkout@v4
         with:
           repository: rapid7/metasploit-payloads
           path: metasploit-payloads
           ref: ${{ inputs.metasploit_payloads_commit }}
 
+      - name: Get metasploit-payloads version
+        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
+        shell: bash
+        run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV
+        working-directory: metasploit-payloads
+
+      - name: Build metasploit-payloads gem
+        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
+        run: gem build ./gem/metasploit-payloads.gemspec
+        working-directory: metasploit-payloads
+
+      - name: Copy metasploit-payloads gem into metasploit-framework
+        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
+        shell: bash
+        run: cp ../metasploit-payloads/metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem .
+        working-directory: metasploit-framework
+
+      - name: Install metasploit-payloads gem
+        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
+        run: |
+          bundle exec gem install metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem
+          bundle config unset deployment
+          bundle update metasploit-payloads
+          bundle install
+        working-directory: metasploit-framework
+
       - name: Build Windows payloads via Visual Studio 2019 Build (Windows)
         shell: cmd
         if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2019' && inputs.build_metasploit_payloads }}

diff --git a/.github/workflows/shared_smb_acceptance.yml b/.github/workflows/shared_smb_acceptance.yml
@@ -17,7 +17,7 @@ on:
 jobs:
   smb:
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     strategy:
       fail-fast: true

diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
@@ -29,7 +29,7 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
-    timeout-minutes: 40
+    timeout-minutes: 60
     name: Docker Build
     steps:
       - name: Checkout code
@@ -41,7 +41,7 @@ jobs:
 
   test:
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
+    timeout-minutes: 60
 
     services:
       postgres:
@@ -51,7 +51,7 @@ jobs:
           POSTGRES_USER: postgres
           POSTGRES_PASSWORD: postgres
         options: >-
-          --health-cmd pg_isready
+          --health-cmd "pg_isready --username postgres"
           --health-interval 10s
           --health-timeout 5s
           --health-retries 5
@@ -63,12 +63,10 @@ jobs:
           - '3.1'
           - '3.2'
           - '3.3'
-          - '3.4.0-preview1'
+          - '3.4.0-preview2'
         os:
           - ubuntu-20.04
           - ubuntu-latest
-        exclude:
-          - { os: ubuntu-latest, ruby: '3.0' }
         include:
           - os: ubuntu-latest
             ruby: '3.1'

diff --git a/.mailmap b/.mailmap
@@ -121,6 +121,7 @@ m-1-k-3 <m-1-k-3@github>               Michael Messner <[email protected]>
 Meatballs1 <Meatballs1@github>         <[email protected]>
 Meatballs1 <Meatballs1@github>         <[email protected]>
 mubix <mubix@github>                   Rob Fuller <[email protected]>
+mwalas-r7 <mwalas-r7@github>           <[email protected]>
 net-ninja <[email protected]>       Steven Seeley <[email protected]>
 nevdull77 <nevdull77@github>           Patrik Karlsson <[email protected]>
 nmonkee <nmonkee@github>               nmonkee <[email protected]>

diff --git a/.ruby-version b/.ruby-version
@@ -1 +1 @@
-3.1.5
+3.2.5
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ruby:3.1.6-alpine3.20 AS builder
+FROM ruby:3.2.5-alpine3.20 AS builder
 LABEL maintainer="Rapid7"
 
 ARG BUNDLER_CONFIG_ARGS="set no-cache 'true' set system 'true' set without 'development test coverage'"
@@ -53,7 +53,7 @@ RUN mkdir -p $TOOLS_HOME/bin && \
     cd go/src && \
     ./make.bash
 
-FROM ruby:3.1.5-alpine3.18
+FROM ruby:3.2.5-alpine3.20
 LABEL maintainer="Rapid7"
 ARG TARGETARCH
 
@@ -65,16 +65,15 @@ ENV METASPLOIT_GROUP=metasploit
 # used for the copy command
 RUN addgroup -S $METASPLOIT_GROUP
 
-RUN apk add --no-cache bash sqlite-libs nmap nmap-scripts nmap-nselibs \
-    postgresql-libs python3 py3-pip ncurses libcap su-exec alpine-sdk \
+RUN apk add --no-cache curl bash sqlite-libs nmap nmap-scripts nmap-nselibs \
+    postgresql-libs python3 py3-pip py3-impacket py3-requests ncurses libcap su-exec alpine-sdk \
     openssl-dev nasm
 RUN\
     if [ "${TARGETARCH}" = "arm64" ];\
 	then apk add --no-cache gcc musl-dev python3-dev libffi-dev gcompat;\
     else apk add --no-cache mingw-w64-gcc;\
     fi
 
-
 RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
 RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)
 
@@ -86,9 +85,6 @@ RUN chown -R root:metasploit $APP_HOME/
 RUN chmod 664 $APP_HOME/Gemfile.lock
 RUN gem update --system
 RUN cp -f $APP_HOME/docker/database.yml $APP_HOME/config/database.yml
-RUN curl -L -O https://raw.githubusercontent.com/pypa/get-pip/f84b65709d4b20221b7dbee900dbf9985a81b5d4/public/get-pip.py && python3 get-pip.py && rm get-pip.py
-RUN pip install impacket
-RUN pip install requests
 
 ENV GOPATH=$TOOLS_HOME/go
 ENV GOROOT=$TOOLS_HOME/bin/go