pkgsrc-WIP-changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

routersploit: Avoid more hardcoded relative paths



Module Name:	pkgsrc-wip
Committed By:	Leonardo Taccari <leot%NetBSD.org@localhost>
Pushed By:	leot
Date:		Mon Apr 8 15:30:01 2019 +0200
Changeset:	de71684a9d197352508280f3ce817d373569cb86

Modified Files:
	routersploit/distinfo
Added Files:
	routersploit/patches/patch-routersploit_core_exploit_payloads.py
	routersploit/patches/patch-routersploit_core_exploit_shell.py

Log Message:
routersploit: Avoid more hardcoded relative paths

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=de71684a9d197352508280f3ce817d373569cb86

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 routersploit/distinfo                              |  2 +
 .../patch-routersploit_core_exploit_payloads.py    | 61 ++++++++++++++++++++++
 .../patch-routersploit_core_exploit_shell.py       | 45 ++++++++++++++++
 3 files changed, 108 insertions(+)

diffs:
diff --git a/routersploit/distinfo b/routersploit/distinfo
index 1d2081dbf9..2cf6d51dff 100644
--- a/routersploit/distinfo
+++ b/routersploit/distinfo
@@ -4,6 +4,8 @@ SHA1 (routersploit-3.4.0.tar.gz) = a614706c1367fa576e55642d4696faec205d66d8
 RMD160 (routersploit-3.4.0.tar.gz) = a568e886b85896d574065c9b04b96471253606b0
 SHA512 (routersploit-3.4.0.tar.gz) = 9182598105c4d1c971dc63ac24059469dd1862af204f59994cfc85012091663a85faee4c7c04cce573eef1fa91525b44a3963b8c24460d3b31595c4ef6a6c4e5
 Size (routersploit-3.4.0.tar.gz) = 465082 bytes
+SHA1 (patch-routersploit_core_exploit_payloads.py) = 7c2a76451355e69509df94bf3f102b3b88742d48
+SHA1 (patch-routersploit_core_exploit_shell.py) = bb3d8138abde0d2f8661ce79e3145310b4ce1253
 SHA1 (patch-routersploit_core_exploit_utils.py) = 99631397a08220e9054eb976a85a752ccdb7772b
 SHA1 (patch-routersploit_modules_exploits_generic_ssh__auth__keys.py) = 3865470d9613bd66487a53c72b3e6cbdbe9dbb83
 SHA1 (patch-routersploit_modules_scanners_autopwn.py) = 5824b6fbad2523d08caf6d615aeb9a040310296f
diff --git a/routersploit/patches/patch-routersploit_core_exploit_payloads.py b/routersploit/patches/patch-routersploit_core_exploit_payloads.py
new file mode 100644
index 0000000000..d99d37235f
--- /dev/null
+++ b/routersploit/patches/patch-routersploit_core_exploit_payloads.py
@@ -0,0 +1,61 @@
+$NetBSD$
+
+Use index_modules() instead of pickup up modules in ${PWD} (and mostly likely
+failing).
+
+Patch shared upstream via:
+
+ <https://github.com/threat9/routersploit/pull/578>
+
+--- routersploit/core/exploit/payloads.py.orig	2018-10-17 17:30:53.000000000 +0000
++++ routersploit/core/exploit/payloads.py
+@@ -1,4 +1,3 @@
+-import os
+ import importlib
+ from collections import namedtuple
+ from struct import pack
+@@ -22,6 +21,7 @@ from routersploit.core.exploit.printer i
+ )
+ 
+ from routersploit.core.exploit.utils import (
++    index_modules,
+     random_text,
+ )
+ 
+@@ -122,25 +122,19 @@ class BasePayload(BaseExploit):
+         raise NotImplementedError()
+ 
+     def get_encoders(self):
+-        path = "routersploit/modules/encoders/{}".format(self.architecture)
+-
+         encoders = []
+ 
+-        try:
+-            files = os.listdir(path)
+-        except FileNotFoundError:
+-            return []
+-
+-        for f in files:
+-            if not f.startswith("__") and f.endswith(".py"):
+-                encoder = f.replace(".py", "")
+-                module_path = "{}/{}".format(path, encoder).replace("/", ".")
+-                module = getattr(importlib.import_module(module_path), "Encoder")
+-                encoders.append((
+-                    "{}/{}".format(self.architecture, encoder),
+-                    module._Encoder__info__["name"],
+-                    module._Encoder__info__["description"],
+-                ))
++        # get all encoders for given architecture
++        all_encoders = [e for e in index_modules() if "encoders.{}".format(self.architecture) in e]
++
++        for e in all_encoders:
++            encoder = e.replace("encoders.{}.".format(self.architecture), "").replace(".", "/")
++            module = getattr(importlib.import_module('routersploit.modules' + e), "Encoder")
++            encoders.append((
++                "{}/{}".format(self.architecture, encoder),
++                module._Encoder__info__["name"],
++                module._Encoder__info__["description"],
++            ))
+ 
+         return encoders
+ 
diff --git a/routersploit/patches/patch-routersploit_core_exploit_shell.py b/routersploit/patches/patch-routersploit_core_exploit_shell.py
new file mode 100644
index 0000000000..0c258b7bf6
--- /dev/null
+++ b/routersploit/patches/patch-routersploit_core_exploit_shell.py
@@ -0,0 +1,45 @@
+$NetBSD$
+
+Use index_modules() instead of pickup up modules in ${PWD} (and mostly likely
+failing).
+
+Patch shared upstream via:
+
+ <https://github.com/threat9/routersploit/pull/578>
+
+--- routersploit/core/exploit/shell.py.orig	2018-10-17 17:30:53.000000000 +0000
++++ routersploit/core/exploit/shell.py
+@@ -4,8 +4,6 @@ import binascii
+ from http.server import BaseHTTPRequestHandler, HTTPServer
+ import threading
+ import time
+-from os import listdir
+-from os.path import isfile, join
+ import importlib
+ 
+ from routersploit.core.exploit.printer import (
+@@ -18,6 +16,7 @@ from routersploit.core.exploit.printer i
+ )
+ 
+ from routersploit.core.exploit.utils import (
++    index_modules,
+     random_text,
+ )
+ 
+@@ -28,14 +27,11 @@ def shell(exploit, architecture="", meth
+     options = []
+ 
+     if architecture and method:
+-        path = "routersploit/modules/payloads/{}/".format(architecture)
+-
+         # get all payloads for given architecture
+-        all_payloads = [f.split(".")[0] for f in listdir(path) if isfile(join(path, f)) and f.endswith(".py") and f != "__init__.py"]
++        all_payloads = [p for p in index_modules() if "payloads.{}".format(architecture) in p]
+ 
+-        payload_path = path.replace("/", ".")
+         for p in all_payloads:
+-            module = getattr(importlib.import_module("{}{}".format(payload_path, p)), 'Payload')
++            module = getattr(importlib.import_module('routersploit.modules.' + p), 'Payload')
+ 
+             # if method/arch is cmd then filter out payloads
+             if method is "cmd":


Home | Main Index | Thread Index | Old Index