summaryrefslogtreecommitdiff
path: root/net-analyzer/metasploit
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /net-analyzer/metasploit
reinit the tree, so we can have metadata
Diffstat (limited to 'net-analyzer/metasploit')
-rw-r--r--net-analyzer/metasploit/Manifest7
-rw-r--r--net-analyzer/metasploit/files/database.yml34
-rw-r--r--net-analyzer/metasploit/metadata.xml19
-rw-r--r--net-analyzer/metasploit/metasploit-4.14.16.ebuild332
-rw-r--r--net-analyzer/metasploit/metasploit-9999.ebuild329
5 files changed, 721 insertions, 0 deletions
diff --git a/net-analyzer/metasploit/Manifest b/net-analyzer/metasploit/Manifest
new file mode 100644
index 000000000000..bdbec41bf936
--- /dev/null
+++ b/net-analyzer/metasploit/Manifest
@@ -0,0 +1,7 @@
+AUX database.yml 613 SHA256 cd7761772acee89e6ff9743fbde33fd1e6d0ffd9d7c271e80be502a25be75dd7 SHA512 b178724382a88b87b9007f950fb5e8f93936f3e5a58f89c90f67120c4d50c98d4de758c8a6e321a0a68caa12ccab003d502377621bfe762279eb5ae2a3d5ff2b WHIRLPOOL ad8a6df2031de5c97299fbcf29d8c18e61fc16ff90d44d6cf1bb4849901cdb883cb5a3549ca8bf5ed0ebfba2056c23ffa302bbff74eb5dcb4005607ca037b833
+DIST metasploit-4.14.16.tar.gz 23726763 SHA256 c45e17fb3e63569294366806743d2cb0fe44b7173c031c019725ebf36f5922f2 SHA512 882968e68ff5adf10426f6e8480f3eac7cd9b289c1e641a91e537d31a434858f2c47b4f7b5bf23fcfc22eceecd2527eedb7eac3e9a8ad4a212187762b1b9aab2 WHIRLPOOL b634b804a701a0154b86ddb95f5159f80e76f7146032236fd32198af7f01f51dc56eef2f22eee2da2bbc382ed5fde51b5d8d5fcca1a9b5e81bb93a06c2f12b1d
+EBUILD metasploit-4.14.16.ebuild 11672 SHA256 6dc23e33d8e5a455edaf52ea967e94a2de4aa353024c765c37575e0b9a219c01 SHA512 5bfbefe00a16e6d78f6051ca4b418cda2e6a8ba236bbeb881ea759a4abb69127b6dfffbea0abccc24e359eadb35f56790e9a1d7ffccdad0fbebfe884e3dc379e WHIRLPOOL f4bdcafd5a6a3b0c3994c3fcee8c0ace1a3e051cbcf65894a0762367199fd84e8f02264305c6fe40623a4a42abd4c05b169d5e7b0c680b538a7abcd076925818
+EBUILD metasploit-9999.ebuild 11585 SHA256 c0e71affa08894d197c6185da2a792c3b9fceedafe2dbd7eb24b1511fe809e1e SHA512 c234cc0bbe2db31a2dca819f1e5ffdae99aaa8271c8ee5dbe930edadaafd803ae4704d41df1b4ad57c04bdde899d3b4e4f9c4fca617a63d8fe0c8e734abaecf6 WHIRLPOOL 881a687c58e39780e65bd4586c7951849641f8d8544a8b9cf5028039cb0fb0ed0b90ecb09566036479c3d8cf88442daf7a127e5de2cfe43a411d84b2879cf830
+MISC ChangeLog 9427 SHA256 afe42e48baf4e3cb767f0393917f1b1019216e2af9e700551112457ee7e67ca9 SHA512 62aee259db2202d9d17f17b111da4b1f241690857a2e2a00d08a68bc541a46fb553be9bac288fc3fb0f45d30cf981d43b9cc485f45e4ce1e5ef728e35ef16a56 WHIRLPOOL a0e5ee0592a70a309ddd54151c013250e429f07764f30977f85cf5da9d1ff400a5f4a7381a73f76431c426452bf254a982d4fe5124d7866e0f2861605d06adb1
+MISC ChangeLog-2015 18329 SHA256 f4aac7f141940c7457979d1c1c6ddb4a24176cdabda06133965eecea9a53dc7b SHA512 39a0952bf76bfaf5e6822317b4cc61bb8256a25da62bda84ddd8911d0e1ac1f0b85772786dbfdaded1958510a96584bfc3ddac7b62c5cb5b6ee3254b6d96c926 WHIRLPOOL d4d836f5f47ff7f231be2977a228a7039eb98ba8b486a3ddf8ee5105773cca6e41446641f04e23a8c2dcf184320c1549f17182cb1b46ab06bb4c0923eb9683b0
+MISC metadata.xml 853 SHA256 7d3505320c7de50c9e3e13bc9d8f288e25aeb99852968f5442b8af4ab334df17 SHA512 9af2dae0c12ae84ae2a7887fad0e7f5ea1d945a8b6e6674ba9e3c3bbff167b00a4aeff2da8b457ff8657f83d617dad67f633b260578a1e9608475fe45585cad0 WHIRLPOOL 8b7de86e174f467ad4ea075d39327caf3aa35ede4ee5f8db1d625396a8e75d5a5f74f1905680e924001dd09065c211f0260b8c9e6cb4848e772f4d2decde1753
diff --git a/net-analyzer/metasploit/files/database.yml b/net-analyzer/metasploit/files/database.yml
new file mode 100644
index 000000000000..403191669cca
--- /dev/null
+++ b/net-analyzer/metasploit/files/database.yml
@@ -0,0 +1,34 @@
+#
+# The tests currently use the development user
+# https://dev.metasploit.com/redmine/issues/8418
+#
+
+development:
+ adapter: "postgresql"
+ database: "msf_test_database"
+ username: "msf_test_user"
+ password: "secure"
+ port: 5432
+ host: "localhost"
+ pool: 256
+ timeout: 5
+
+production:
+ adapter: "postgresql"
+ database: "msf_database"
+ username: "msf_user"
+ password: "secure"
+ port: 5432
+ host: "localhost"
+ pool: 256
+ timeout: 5
+
+test:
+ adapter: "postgresql"
+ database: "msf_test_database"
+ username: "msf_test_user"
+ password: "secure"
+ port: 5432
+ host: "localhost"
+ pool: 256
+ timeout: 5
diff --git a/net-analyzer/metasploit/metadata.xml b/net-analyzer/metasploit/metadata.xml
new file mode 100644
index 000000000000..e449553f4ecd
--- /dev/null
+++ b/net-analyzer/metasploit/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>zerochaos@gentoo.org</email>
+ <name>Rick Farina</name>
+ <description>Very delicate package, ask before you touch please</description>
+ </maintainer>
+ <use>
+ <flag name="development">Install dependencies needed for metasploit and exploit development</flag>
+ <flag name="nexpose">Enable the plugin to integrate with nexpose</flag>
+ <flag name="openvas">Enable the plugin to integrate <pkg>net-analyzer/openvas</pkg></flag>
+ <flag name="oracle">Enable restricted oracle modules which have additional deps</flag>
+ <flag name="pcap">Enable libpcap for packet sniffing</flag>
+ </use>
+ <upstream>
+ <remote-id type="github">rapid7/metasploit-framework</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-analyzer/metasploit/metasploit-4.14.16.ebuild b/net-analyzer/metasploit/metasploit-4.14.16.ebuild
new file mode 100644
index 000000000000..1df710fce577
--- /dev/null
+++ b/net-analyzer/metasploit/metasploit-4.14.16.ebuild
@@ -0,0 +1,332 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+#never ever ever have more than one ruby in here
+USE_RUBY="ruby23"
+inherit eutils ruby-ng
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="https://github.com/rapid7/metasploit-framework.git"
+ EGIT_CHECKOUT_DIR="${WORKDIR}"/all
+ inherit git-r3
+ KEYWORDS=""
+ SLOT="9999"
+else
+ ##Tags https://github.com/rapid7/metasploit-framework/releases
+ MY_PV=${PV/_p/-}
+ SRC_URI="https://github.com/rapid7/metasploit-framework/archive/${MY_PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm"
+ RUBY_S="${PN}-framework-${MY_PV}"
+ inherit versionator
+ SLOT="$(get_version_component_range 1).$(get_version_component_range 2)"
+fi
+
+DESCRIPTION="Advanced framework for developing, testing, and using vulnerability exploit code"
+HOMEPAGE="http://www.metasploit.org/"
+LICENSE="BSD"
+IUSE="development +java nexpose openvas oracle +pcap test"
+
+#multiple known bugs with tests reported upstream and ignored
+#http://dev.metasploit.com/redmine/issues/8418 - worked around (fix user creation when possible)
+RESTRICT="test"
+
+RUBY_COMMON_DEPEND="virtual/ruby-ssl
+ >=dev-ruby/activesupport-4.2.6:4.2
+ >=dev-ruby/actionpack-4.2.6:4.2
+ >=dev-ruby/activerecord-4.2.6:4.2
+ dev-ruby/bcrypt-ruby
+ dev-ruby/bit-struct
+ >=dev-ruby/builder-3.0
+ dev-ruby/bundler
+ dev-ruby/filesize
+ >=dev-ruby/jsobfu-0.3.0
+ dev-ruby/json:*
+ dev-ruby/kissfft
+ dev-ruby/metasm:1.0.2
+ >=dev-ruby/metasploit_data_models-2.0.0
+ dev-ruby/meterpreter_bins:0.0.22
+ dev-ruby/metasploit-payloads:1.2.24
+ dev-ruby/metasploit_payloads-mettle:0.1.9
+ >=dev-ruby/metasploit-credential-2.0.0
+ >=dev-ruby/metasploit-concern-2.0.0
+ >=dev-ruby/metasploit-model-2.0.0
+ dev-ruby/msgpack
+ dev-ruby/net-ssh:*
+ dev-ruby/nokogiri
+ dev-ruby/octokit
+ dev-ruby/openssl-ccm:1.2.1
+ dev-ruby/patch_finder
+ >=dev-ruby/recog-2.0.14
+ dev-ruby/redcarpet
+ >=dev-ruby/rkelly-remix-0.0.6
+ =dev-ruby/rex-arch-0.1.4
+ dev-ruby/rex-bin_tools
+ dev-ruby/rex-core
+ dev-ruby/rex-encoder
+ dev-ruby/rex-exploitation
+ dev-ruby/rex-java
+ dev-ruby/rex-mime
+ dev-ruby/rex-nop
+ dev-ruby/rex-ole
+ dev-ruby/rex-powershell
+ dev-ruby/rex-random_identifier
+ dev-ruby/rex-registry
+ dev-ruby/rex-socket
+ dev-ruby/rex-sslscan
+ dev-ruby/rex-rop_builder
+ dev-ruby/rex-struct2
+ dev-ruby/rex-text
+ dev-ruby/rex-zip
+ dev-ruby/ruby_smb
+ dev-ruby/sqlite3
+ >=dev-ruby/pg-0.11
+ dev-ruby/packetfu:1.1.13
+ >=dev-ruby/rubyzip-1.1
+ >=dev-ruby/rb-readline-0.5.4
+ dev-ruby/robots
+ dev-ruby/sshkey
+ dev-ruby/tzinfo:*
+ dev-ruby/windows_error
+ dev-ruby/xmlrpc
+ java? ( dev-ruby/rjb )
+ nexpose? ( dev-ruby/nexpose )
+ openvas? ( dev-ruby/openvas-omp )
+ oracle? ( dev-ruby/ruby-oci8 )
+ pcap? ( dev-ruby/pcaprub:*
+ dev-ruby/network_interface )
+ development? ( dev-ruby/fivemat
+ dev-ruby/pry
+ dev-ruby/redcarpet
+ dev-ruby/yard
+ >=dev-ruby/rake-10.0.0
+ >=dev-ruby/factory_girl-4.1.0 )"
+ #lorcon doesn't support ruby21
+ #lorcon? ( net-wireless/lorcon[ruby] )
+ruby_add_bdepend "${RUBY_COMMON_DEPEND}
+ test? ( >=dev-ruby/factory_girl-4.1.0
+ dev-ruby/fivemat
+ dev-ruby/database_cleaner
+ >=dev-ruby/rspec-2.12
+ dev-ruby/shoulda-matchers
+ dev-ruby/timecop
+ >=dev-ruby/rake-10.0.0 )"
+ruby_add_rdepend "${RUBY_COMMON_DEPEND}"
+
+COMMON_DEPEND="dev-db/postgresql[server]
+ >=app-crypt/johntheripper-1.7.9-r1[-minimal]
+ net-analyzer/nmap"
+RDEPEND+=" ${COMMON_DEPEND}
+ >=app-eselect/eselect-metasploit-0.16"
+
+RESTRICT="strip"
+
+QA_PREBUILT="
+ usr/lib*/${PN}${SLOT}/data/templates/template_x86_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_armle_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x86_solaris.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux_dll.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x86_bsd.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x64_bsd.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_mipsbe_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_mipsle_linux.bin
+ usr/lib*/${PN}${SLOT}/data/meterpreter/msflinker_linux_x86.bin
+ usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_sniffer.lso
+ usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_networkpug.lso
+ usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_stdapi.lso
+ usr/lib*/${PN}${SLOT}/data/exploits/CVE-2013-2171.bin
+ usr/lib*/${PN}${SLOT}/data/exploits/CVE-2014-3153.elf
+ usr/lib*/${PN}${SLOT}/data/android/libs/x86/libndkstager.so
+ usr/lib*/${PN}${SLOT}/data/android/libs/mips/libndkstager.so
+ usr/lib*/${PN}${SLOT}/data/android/libs/armeabi/libndkstager.so
+ "
+
+pkg_setup() {
+ if use test; then
+ su postgres -c "dropdb msf_test_database" #this is intentionally allowed to fail
+ su postgres -c "createuser msf_test_user -d -S -R"
+ if [ $? -ne 0 ]; then
+ su postgres -c "dropuser msf_test_user" || die
+ su postgres -c "createuser msf_test_user -d -S -R" || die
+ fi
+ su postgres -c "createdb --owner=msf_test_user msf_test_database" || die
+ fi
+ ruby-ng_pkg_setup
+}
+
+all_ruby_unpack() {
+ if [[ ${PV} == "9999" ]] ; then
+ git-r3_src_unpack
+ else
+ default_src_unpack
+# mv "${WORKDIR}"/all/msf3/* "${WORKDIR}"/all
+# rm -r msf3
+ #msf_version=$(grep --color=never "CURRENT_VERSION =" ${S}/spec/lib/msf/core/framework_spec.rb)
+ #msf_version=${msf_version#*=}
+ fi
+}
+
+all_ruby_prepare() {
+ # add psexec patch from pull request 2657 to allow custom exe templates from any files, bypassing most AVs
+ #epatch "${FILESDIR}/agix_psexec_pull-2657.patch"
+ eapply_user
+
+ #remove random "cpuinfo" binaries which a only needed to detect which bundled john to run
+ rm -r data/cpuinfo
+
+ #remove unneeded ruby bundler versioning files
+ #Gemfile.lock contains the versions tested by the msf team but not the hard requirements
+ #we regen this file in each_ruby_prepare
+ rm Gemfile.lock
+
+ #The Gemfile contains real known deps
+ sed -i "/gem 'fivemat'/s/, '1.2.1'//" Gemfile || die
+ #use released packetfu
+ sed -i "s/1.1.13.pre/1.1.13/" metasploit-framework.gemspec || die
+ #git gems are only for ruby24 support and we are not there yet
+ sed -i "/git:/d" Gemfile || die
+
+ #now we edit the Gemfile based on use flags
+ if ! use pcap; then
+ sed -i -e "/^group :pcap do/,/^end$/d" Gemfile || die
+ fi
+ if ! use nexpose; then
+ sed -i -e "/nexpose/d" metasploit-framework.gemspec || die
+ fi
+ #no support for nessus right now
+ #if ! use nessus; then
+ sed -i -e "/nessus/d" metasploit-framework.gemspec || die
+ #fi
+ if ! use openvas; then
+ sed -i -e "/openvas-omp/d" metasploit-framework.gemspec || die
+ fi
+ #even if we pass --without=blah bundler still calculates the deps and messes us up
+ if ! use development; then
+ sed -i -e "/^group :development do/,/^end$/d" Gemfile || die
+ fi
+ if ! use test; then
+ sed -i -e "/^group :test/,/^end$/d" Gemfile || die
+ fi
+ if ! use test && ! use development; then
+ sed -i -e "/^group :development/,/^end$/d" Gemfile || die
+ fi
+ #We don't need simplecov
+ sed -i -e "/^group :coverage/,/^end$/d" Gemfile || die
+ sed -i -e "s#require 'simplecov'##" spec/spec_helper.rb || die
+
+ #we need to edit the gemspec too, since it tries to call git instead of anything sane
+ #probably a better way to fix this... if I care at some point
+ sed -i -e "/^ spec.files/,/^ }/d" metasploit-framework.gemspec || die
+
+ #https://bugs.gentoo.org/show_bug.cgi?id=584522 no tzinfo-data by choice in gentoo
+ sed -i '/tzinfo-data/d' metasploit-framework.gemspec
+
+ #let's bogart msfupdate
+ rm msfupdate
+ echo "#!/bin/sh" > msfupdate
+ echo "echo \"[*]\"" >> msfupdate
+ echo "echo \"[*] Attempting to update the Metasploit Framework...\"" >> msfupdate
+ echo "echo \"[*]\"" >> msfupdate
+ echo "echo \"\"" >> msfupdate
+ if [[ ${PV} == "9999" ]] ; then
+ echo "if [ -x /usr/bin/smart-live-rebuild ]; then" >> msfupdate
+ echo " smart-live-rebuild -f net-analyzer/metasploit" >> msfupdate
+ echo "else" >> msfupdate
+ echo " echo \"Please install app-portage/smart-live-rebuild for a better experience.\"" >> msfupdate
+ echo "emerge --oneshot \"=${CATEGORY}/${PF}\"" >> msfupdate
+ echo "fi" >> msfupdate
+ else
+ echo "echo \"Unable to update tagged version of metasploit.\"" >> msfupdate
+ echo "echo \"If you want the latest please install and eselect the live version (metasploit9999)\"" >> msfupdate
+ echo "echo \"emerge metasploit:9999 -vat && eselect metasploit set metasploit9999\"" >> msfupdate
+ fi
+ #this is set executable in src_install
+
+ #install our database.yml file before tests are run
+ cp "${FILESDIR}"/database.yml config/
+
+}
+
+each_ruby_prepare() {
+ MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle install --local || die
+ MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle check || die
+
+ #force all metasploit executables to use desired ruby version
+ #https://dev.metasploit.com/redmine/issues/8357
+ for file in $(ls -1 msf*)
+ do
+ #poorly adapted from python.eclass
+ sed -e "1s:^#![[:space:]]*\([^[:space:]]*/usr/bin/env[[:space:]]\)\?[[:space:]]*\([^[:space:]]*/\)\?ruby\([[:digit:]]\+\(\.[[:digit:]]\+\)\?\)\?\(\$\|[[:space:]].*\):#!\1\2${RUBY}:" -i "${file}" || die "Conversion of shebang in '${file}' failed"
+ done
+}
+
+each_ruby_test() {
+ #review dev-python/pymongo for ways to make the test compatible with FEATURES=network-sandbox
+
+ #we bogart msfupdate so no point in trying to test it
+ rm spec/msfupdate_spec.rb || die
+ #we don't really want to be uploading to virustotal during the tests
+ rm spec/tools/virustotal_spec.rb || die
+
+ # https://dev.metasploit.com/redmine/issues/8425
+ BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:create || die
+ BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:migrate || die
+
+ MSF_DATABASE_CONFIG=config/database.yml BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake || die
+ su postgres -c "dropuser msf_test_user" || die "failed to cleanup msf_test-user"
+}
+
+each_ruby_install() {
+ #Tests have already been run, we don't need this stuff
+ rm -r spec || die
+ rm -r test || die
+ rm Gemfile.lock || die
+
+ #I'm 99% sure that this will only work for as long as we only support one ruby version. Creativity will be needed if we wish to support multiple.
+ # should be as simple as copying everything into the target...
+ dodir /usr/$(get_libdir)/${PN}${SLOT}
+ cp -R * "${ED}"/usr/$(get_libdir)/${PN}${SLOT} || die "Copy files failed"
+ rm -Rf "${ED}"/usr/$(get_libdir)/${PN}${SLOT}/documentation "${ED}"/usr/$(get_libdir)/${PN}${SLOT}/README.md
+ fowners -R root:0 /
+
+}
+
+all_ruby_install() {
+ # do not remove LICENSE, bug #238137
+ dodir /usr/share/doc/${PF}
+ cp -R {documentation,README.md} "${ED}"/usr/share/doc/${PF} || die
+ dosym /usr/share/doc/${PF}/documentation /usr/$(get_libdir)/${PN}${SLOT}/documentation
+
+ fperms +x /usr/$(get_libdir)/${PN}${SLOT}/msfupdate
+
+ #tell revdep-rebuild to ignore binaries meant for the target
+ dodir /etc/revdep-rebuild
+ cat <<-EOF > "${ED}"/etc/revdep-rebuild/99-metasploit${SLOT}
+ #These dirs contain prebuilt binaries for running on the TARGET not the HOST
+ SEARCH_DIRS_MASK="/usr/lib*/${PN}${SLOT}/data/meterpreter"
+ SEARCH_DIRS_MASK="/usr/lib*/${PN}${SLOT}/data/exploits"
+ EOF
+}
+
+pkg_postinst() {
+ elog "Before use you should run 'env-update' and '. /etc/profile'"
+ elog "otherwise you may be missing important environmental variables."
+
+ elog "You need to prepare the database by running:"
+ elog "emerge --config postgresql"
+ elog "/etc/init.d/postgresql-<version> start"
+ elog "emerge --config =metasploit-${PV}"
+
+ "${EROOT}"/usr/bin/eselect metasploit set --use-old ${PN}${SLOT}
+
+ einfo
+ elog "Adjust /usr/lib/${PN}${SLOT}/config/database.yml if necessary"
+}
+
+pkg_config() {
+ einfo "If the following fails, it is likely because you forgot to start/config postgresql first"
+ su postgres -c "createuser msf_user -D -S -R"
+ su postgres -c "createdb --owner=msf_user msf_database"
+}
diff --git a/net-analyzer/metasploit/metasploit-9999.ebuild b/net-analyzer/metasploit/metasploit-9999.ebuild
new file mode 100644
index 000000000000..f2e549088f84
--- /dev/null
+++ b/net-analyzer/metasploit/metasploit-9999.ebuild
@@ -0,0 +1,329 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+#never ever ever have more than one ruby in here
+USE_RUBY="ruby23"
+inherit eutils ruby-ng
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="https://github.com/rapid7/metasploit-framework.git"
+ EGIT_CHECKOUT_DIR="${WORKDIR}"/all
+ inherit git-r3
+ KEYWORDS=""
+ SLOT="9999"
+else
+ ##Tags https://github.com/rapid7/metasploit-framework/releases
+ MY_PV=${PV/_p/-}
+ SRC_URI="https://github.com/rapid7/metasploit-framework/archive/${MY_PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm ~x86"
+ RUBY_S="${PN}-framework-${MY_PV}"
+ inherit versionator
+ SLOT="$(get_version_component_range 1).$(get_version_component_range 2)"
+fi
+
+DESCRIPTION="Advanced framework for developing, testing, and using vulnerability exploit code"
+HOMEPAGE="http://www.metasploit.org/"
+LICENSE="BSD"
+IUSE="development +java nexpose openvas oracle +pcap test"
+
+#multiple known bugs with tests reported upstream and ignored
+#http://dev.metasploit.com/redmine/issues/8418 - worked around (fix user creation when possible)
+RESTRICT="test"
+
+RUBY_COMMON_DEPEND="virtual/ruby-ssl
+ >=dev-ruby/activesupport-4.2.6:4.2
+ >=dev-ruby/actionpack-4.2.6:4.2
+ >=dev-ruby/activerecord-4.2.6:4.2
+ dev-ruby/bcrypt-ruby
+ dev-ruby/bit-struct
+ >=dev-ruby/builder-3.0
+ dev-ruby/bundler
+ dev-ruby/filesize
+ >=dev-ruby/jsobfu-0.3.0
+ dev-ruby/json:*
+ dev-ruby/kissfft
+ dev-ruby/metasm:1.0.2
+ >=dev-ruby/metasploit_data_models-2.0.0
+ dev-ruby/meterpreter_bins:0.0.22
+ dev-ruby/metasploit-payloads:1.2.28
+ dev-ruby/metasploit_payloads-mettle:0.1.9
+ >=dev-ruby/metasploit-credential-2.0.0
+ >=dev-ruby/metasploit-concern-2.0.0
+ >=dev-ruby/metasploit-model-2.0.0
+ dev-ruby/msgpack
+ dev-ruby/net-ssh:*
+ dev-ruby/nokogiri
+ dev-ruby/octokit
+ dev-ruby/openssl-ccm:1.2.1
+ dev-ruby/patch_finder
+ >=dev-ruby/recog-2.0.14
+ dev-ruby/redcarpet
+ >=dev-ruby/rkelly-remix-0.0.6
+ =dev-ruby/rex-arch-0.1.4
+ dev-ruby/rex-bin_tools
+ dev-ruby/rex-core
+ dev-ruby/rex-encoder
+ dev-ruby/rex-exploitation
+ dev-ruby/rex-java
+ dev-ruby/rex-mime
+ dev-ruby/rex-nop
+ dev-ruby/rex-ole
+ dev-ruby/rex-powershell
+ dev-ruby/rex-random_identifier
+ dev-ruby/rex-registry
+ dev-ruby/rex-socket
+ dev-ruby/rex-sslscan
+ dev-ruby/rex-rop_builder
+ dev-ruby/rex-struct2
+ dev-ruby/rex-text
+ dev-ruby/rex-zip
+ dev-ruby/ruby_smb
+ dev-ruby/sqlite3
+ >=dev-ruby/pg-0.11
+ dev-ruby/packetfu:1.1.13
+ >=dev-ruby/rubyzip-1.1
+ >=dev-ruby/rb-readline-0.5.4
+ dev-ruby/robots
+ dev-ruby/sshkey
+ dev-ruby/tzinfo:*
+ dev-ruby/windows_error
+ dev-ruby/xmlrpc
+ java? ( dev-ruby/rjb )
+ nexpose? ( dev-ruby/nexpose )
+ openvas? ( dev-ruby/openvas-omp )
+ oracle? ( dev-ruby/ruby-oci8 )
+ pcap? ( dev-ruby/pcaprub:*
+ dev-ruby/network_interface )
+ development? ( dev-ruby/fivemat
+ dev-ruby/pry
+ dev-ruby/redcarpet
+ dev-ruby/yard
+ >=dev-ruby/rake-10.0.0
+ >=dev-ruby/factory_girl-4.1.0 )"
+ #lorcon doesn't support ruby21
+ #lorcon? ( net-wireless/lorcon[ruby] )
+ruby_add_bdepend "${RUBY_COMMON_DEPEND}
+ test? ( >=dev-ruby/factory_girl-4.1.0
+ dev-ruby/fivemat
+ dev-ruby/database_cleaner
+ >=dev-ruby/rspec-2.12
+ dev-ruby/shoulda-matchers
+ dev-ruby/timecop
+ >=dev-ruby/rake-10.0.0 )"
+ruby_add_rdepend "${RUBY_COMMON_DEPEND}"
+
+COMMON_DEPEND="dev-db/postgresql[server]
+ >=app-crypt/johntheripper-1.7.9-r1[-minimal]
+ net-analyzer/nmap"
+RDEPEND+=" ${COMMON_DEPEND}
+ >=app-eselect/eselect-metasploit-0.16"
+
+RESTRICT="strip"
+
+QA_PREBUILT="
+ usr/lib*/${PN}${SLOT}/data/templates/template_x86_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_armle_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x86_solaris.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux_dll.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x86_bsd.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_x64_bsd.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_mipsbe_linux.bin
+ usr/lib*/${PN}${SLOT}/data/templates/template_mipsle_linux.bin
+ usr/lib*/${PN}${SLOT}/data/meterpreter/msflinker_linux_x86.bin
+ usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_sniffer.lso
+ usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_networkpug.lso
+ usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_stdapi.lso
+ usr/lib*/${PN}${SLOT}/data/exploits/CVE-2013-2171.bin
+ usr/lib*/${PN}${SLOT}/data/exploits/CVE-2014-3153.elf
+ usr/lib*/${PN}${SLOT}/data/android/libs/x86/libndkstager.so
+ usr/lib*/${PN}${SLOT}/data/android/libs/mips/libndkstager.so
+ usr/lib*/${PN}${SLOT}/data/android/libs/armeabi/libndkstager.so
+ "
+
+pkg_setup() {
+ if use test; then
+ su postgres -c "dropdb msf_test_database" #this is intentionally allowed to fail
+ su postgres -c "createuser msf_test_user -d -S -R"
+ if [ $? -ne 0 ]; then
+ su postgres -c "dropuser msf_test_user" || die
+ su postgres -c "createuser msf_test_user -d -S -R" || die
+ fi
+ su postgres -c "createdb --owner=msf_test_user msf_test_database" || die
+ fi
+ ruby-ng_pkg_setup
+}
+
+all_ruby_unpack() {
+ if [[ ${PV} == "9999" ]] ; then
+ git-r3_src_unpack
+ else
+ default_src_unpack
+# mv "${WORKDIR}"/all/msf3/* "${WORKDIR}"/all
+# rm -r msf3
+ #msf_version=$(grep --color=never "CURRENT_VERSION =" ${S}/spec/lib/msf/core/framework_spec.rb)
+ #msf_version=${msf_version#*=}
+ fi
+}
+
+all_ruby_prepare() {
+ # add psexec patch from pull request 2657 to allow custom exe templates from any files, bypassing most AVs
+ #epatch "${FILESDIR}/agix_psexec_pull-2657.patch"
+ eapply_user
+
+ #remove random "cpuinfo" binaries which a only needed to detect which bundled john to run
+ rm -r data/cpuinfo
+
+ #remove unneeded ruby bundler versioning files
+ #Gemfile.lock contains the versions tested by the msf team but not the hard requirements
+ #we regen this file in each_ruby_prepare
+ rm Gemfile.lock
+ #The Gemfile contains real known deps
+ sed -i "/gem 'fivemat'/s/, '1.2.1'//" Gemfile || die
+ #git gems are only for ruby24 support and we are not there yet
+ sed -i "/git:/d" Gemfile || die
+
+ #now we edit the Gemfile based on use flags
+ if ! use pcap; then
+ sed -i -e "/^group :pcap do/,/^end$/d" Gemfile || die
+ fi
+ if ! use nexpose; then
+ sed -i -e "/nexpose/d" metasploit-framework.gemspec || die
+ fi
+ #no support for nessus right now
+ #if ! use nessus; then
+ sed -i -e "/nessus/d" metasploit-framework.gemspec || die
+ #fi
+ if ! use openvas; then
+ sed -i -e "/openvas-omp/d" metasploit-framework.gemspec || die
+ fi
+ #even if we pass --without=blah bundler still calculates the deps and messes us up
+ if ! use development; then
+ sed -i -e "/^group :development do/,/^end$/d" Gemfile || die
+ fi
+ if ! use test; then
+ sed -i -e "/^group :test/,/^end$/d" Gemfile || die
+ fi
+ if ! use test && ! use development; then
+ sed -i -e "/^group :development/,/^end$/d" Gemfile || die
+ fi
+ #We don't need simplecov
+ sed -i -e "/^group :coverage/,/^end$/d" Gemfile || die
+ sed -i -e "s#require 'simplecov'##" spec/spec_helper.rb || die
+
+ #we need to edit the gemspec too, since it tries to call git instead of anything sane
+ #probably a better way to fix this... if I care at some point
+ sed -i -e "/^ spec.files/,/^ }/d" metasploit-framework.gemspec || die
+
+ #https://bugs.gentoo.org/show_bug.cgi?id=584522 no tzinfo-data by choice in gentoo
+ sed -i '/tzinfo-data/d' metasploit-framework.gemspec
+
+ #let's bogart msfupdate
+ rm msfupdate
+ echo "#!/bin/sh" > msfupdate
+ echo "echo \"[*]\"" >> msfupdate
+ echo "echo \"[*] Attempting to update the Metasploit Framework...\"" >> msfupdate
+ echo "echo \"[*]\"" >> msfupdate
+ echo "echo \"\"" >> msfupdate
+ if [[ ${PV} == "9999" ]] ; then
+ echo "if [ -x /usr/bin/smart-live-rebuild ]; then" >> msfupdate
+ echo " smart-live-rebuild -f net-analyzer/metasploit" >> msfupdate
+ echo "else" >> msfupdate
+ echo " echo \"Please install app-portage/smart-live-rebuild for a better experience.\"" >> msfupdate
+ echo "emerge --oneshot \"=${CATEGORY}/${PF}\"" >> msfupdate
+ echo "fi" >> msfupdate
+ else
+ echo "echo \"Unable to update tagged version of metasploit.\"" >> msfupdate
+ echo "echo \"If you want the latest please install and eselect the live version (metasploit9999)\"" >> msfupdate
+ echo "echo \"emerge metasploit:9999 -vat && eselect metasploit set metasploit9999\"" >> msfupdate
+ fi
+ #this is set executable in src_install
+
+ #install our database.yml file before tests are run
+ cp "${FILESDIR}"/database.yml config/
+
+}
+
+each_ruby_prepare() {
+ MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle install --local || die
+ MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle check || die
+
+ #force all metasploit executables to use desired ruby version
+ #https://dev.metasploit.com/redmine/issues/8357
+ for file in $(ls -1 msf*)
+ do
+ #poorly adapted from python.eclass
+ sed -e "1s:^#![[:space:]]*\([^[:space:]]*/usr/bin/env[[:space:]]\)\?[[:space:]]*\([^[:space:]]*/\)\?ruby\([[:digit:]]\+\(\.[[:digit:]]\+\)\?\)\?\(\$\|[[:space:]].*\):#!\1\2${RUBY}:" -i "${file}" || die "Conversion of shebang in '${file}' failed"
+ done
+}
+
+each_ruby_test() {
+ #review dev-python/pymongo for ways to make the test compatible with FEATURES=network-sandbox
+
+ #we bogart msfupdate so no point in trying to test it
+ rm spec/msfupdate_spec.rb || die
+ #we don't really want to be uploading to virustotal during the tests
+ rm spec/tools/virustotal_spec.rb || die
+
+ # https://dev.metasploit.com/redmine/issues/8425
+ BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:create || die
+ BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:migrate || die
+
+ MSF_DATABASE_CONFIG=config/database.yml BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake || die
+ su postgres -c "dropuser msf_test_user" || die "failed to cleanup msf_test-user"
+}
+
+each_ruby_install() {
+ #Tests have already been run, we don't need this stuff
+ rm -r spec || die
+ rm -r test || die
+ rm Gemfile.lock || die
+
+ #I'm 99% sure that this will only work for as long as we only support one ruby version. Creativity will be needed if we wish to support multiple.
+ # should be as simple as copying everything into the target...
+ dodir /usr/$(get_libdir)/${PN}${SLOT}
+ cp -R * "${ED}"/usr/$(get_libdir)/${PN}${SLOT} || die "Copy files failed"
+ rm -Rf "${ED}"/usr/$(get_libdir)/${PN}${SLOT}/documentation "${ED}"/usr/$(get_libdir)/${PN}${SLOT}/README.md
+ fowners -R root:0 /
+
+}
+
+all_ruby_install() {
+ # do not remove LICENSE, bug #238137
+ dodir /usr/share/doc/${PF}
+ cp -R {documentation,README.md} "${ED}"/usr/share/doc/${PF} || die
+ dosym /usr/share/doc/${PF}/documentation /usr/$(get_libdir)/${PN}${SLOT}/documentation
+
+ fperms +x /usr/$(get_libdir)/${PN}${SLOT}/msfupdate
+
+ #tell revdep-rebuild to ignore binaries meant for the target
+ dodir /etc/revdep-rebuild
+ cat <<-EOF > "${ED}"/etc/revdep-rebuild/99-metasploit${SLOT}
+ #These dirs contain prebuilt binaries for running on the TARGET not the HOST
+ SEARCH_DIRS_MASK="/usr/lib*/${PN}${SLOT}/data/meterpreter"
+ SEARCH_DIRS_MASK="/usr/lib*/${PN}${SLOT}/data/exploits"
+ EOF
+}
+
+pkg_postinst() {
+ elog "Before use you should run 'env-update' and '. /etc/profile'"
+ elog "otherwise you may be missing important environmental variables."
+
+ elog "You need to prepare the database by running:"
+ elog "emerge --config postgresql"
+ elog "/etc/init.d/postgresql-<version> start"
+ elog "emerge --config =metasploit-${PV}"
+
+ "${EROOT}"/usr/bin/eselect metasploit set --use-old ${PN}${SLOT}
+
+ einfo
+ elog "Adjust /usr/lib/${PN}${SLOT}/config/database.yml if necessary"
+}
+
+pkg_config() {
+ einfo "If the following fails, it is likely because you forgot to start/config postgresql first"
+ su postgres -c "createuser msf_user -D -S -R"
+ su postgres -c "createdb --owner=msf_user msf_database"
+}