From bd4aeefe33e63f613512604e47bfca7b2187697d Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 3 Nov 2019 16:06:58 +0000 Subject: gentoo resync : 03.11.2019 --- net-analyzer/metasploit/Manifest | 6 +- net-analyzer/metasploit/metadata.xml | 1 - .../metasploit/metasploit-4.17.21-r5.ebuild | 353 -------------------- .../metasploit/metasploit-4.17.21-r6.ebuild | 355 +++++++++++++++++++++ net-analyzer/metasploit/metasploit-9999.ebuild | 16 +- 5 files changed, 367 insertions(+), 364 deletions(-) delete mode 100644 net-analyzer/metasploit/metasploit-4.17.21-r5.ebuild create mode 100644 net-analyzer/metasploit/metasploit-4.17.21-r6.ebuild (limited to 'net-analyzer/metasploit') diff --git a/net-analyzer/metasploit/Manifest b/net-analyzer/metasploit/Manifest index c573681025dd..55f7b4ae071b 100644 --- a/net-analyzer/metasploit/Manifest +++ b/net-analyzer/metasploit/Manifest @@ -1,5 +1,5 @@ AUX database.yml 613 BLAKE2B c724103b21f7650e4c6a221a22984cbff1be21ae761b62666db5d048e087f3d4e891e30b75fcacdcb5dc2fc369dd8dff4de042d6b87f47bffffeb45bd05aca46 SHA512 b178724382a88b87b9007f950fb5e8f93936f3e5a58f89c90f67120c4d50c98d4de758c8a6e321a0a68caa12ccab003d502377621bfe762279eb5ae2a3d5ff2b DIST metasploit-4.17.21.tar.gz 28812125 BLAKE2B 15ff8ccac99d783b7b9cd20d6512df551b3143b4947d2f347b2558d1bafd2861d41fe6b051034c75cd25030ad85d26f261ffe9149dd27d551f92f17fcc0b4075 SHA512 00763f515bc6b556d4dbe15a7c58fac3c7febb64fb339fd5c05ad2b18b5b55bdf8815daca35f24bb22bea3d376db4f4610918730d813079e5ac3f8d5ad16d2d9 -EBUILD metasploit-4.17.21-r5.ebuild 12470 BLAKE2B 15d5d3b943bfaadcd355d5aa8eb6691296929c9b969c66374230ed708b3d3c94f73733fdd482bff7a9ca8b4760ba2931deffdf138f1ba6c3c272906df2837ab2 SHA512 49247dc10f2689bba6f34ec5fe1da5ca589009800bf7b35f3516fe08eea015c1ea9bdd39f48bdfc5544b167bdd9fad0c50f8690c48d5da482910029b74e30873 -EBUILD metasploit-9999.ebuild 12236 BLAKE2B 9a52de12c903d51345700cdef81c206cf18416fecb12375c698d93aadd04fc8ae9f245ebeb5f04ac982ba71d4ad8cdda78cf5753d102c88657d4e8bb5d973d5f SHA512 29bbe0fbf7316a662c08bf0a71593e339ce0293f8b8edfc9515aaf49a6c76b45e359b9dbb50a8908a7e07787874bdbe9beee1917ad1026ff41b42528e42210b9 -MISC metadata.xml 853 BLAKE2B 9b0b2e6c82a4df1327ded8b8381fa1e557ba4353ae5dab9665e7b59950d36e61faead5d8672e2cc10dad68b5a3250126a7fb1c4edc7f6814f28ea3f6df663473 SHA512 9af2dae0c12ae84ae2a7887fad0e7f5ea1d945a8b6e6674ba9e3c3bbff167b00a4aeff2da8b457ff8657f83d617dad67f633b260578a1e9608475fe45585cad0 +EBUILD metasploit-4.17.21-r6.ebuild 12576 BLAKE2B 03151033fc8bab37f09633a20922ce46dfc6fb63e2360595f51cf47f65eaba83939b76cef3ca74bcc40f80a39cc7828e3829a8993582c19fabbfe27e2ea6b073 SHA512 0cedeb24e1bbd58f4de8a83e4eb324d8cd80149c26225776bc1feaedb793953a0aaa95fd4610ef596dcdd620d9a3840e1b80e031264527ca413e614c4d166c69 +EBUILD metasploit-9999.ebuild 12342 BLAKE2B 200e886af2935c5a4c865d2c5cc3f906bdb9445971d78ca05d7541d7da6c6ba0d35bd40cec62fbb746d69a6d1aebc1a3d1db0a4dcbee2fb9501272f38a4ae497 SHA512 83a43d2be1cd706057503969d039d3525e6ba2e43c288198bc4ca4a50fa26f1e2c3382f4f58d66686a7bc6b1c6f1bcff3922197819089070b397f3e7f60cc952 +MISC metadata.xml 760 BLAKE2B 1d242b9a6216631670676d4f2653fd86a414c00fd52a0f29903004b6848b95abf543e3c2fe59617b629104e886a061dede551a61c911d8e09b82d70c03c9788e SHA512 c8b659a986e68a5f063ff7637fc5f3ea1939aae6ac22844292f30587cb6396ab7f02bd08c1d28739d07887ac23b7989f956197b345a90e14a98600b3150ed4f7 diff --git a/net-analyzer/metasploit/metadata.xml b/net-analyzer/metasploit/metadata.xml index e449553f4ecd..1edaa58c665f 100644 --- a/net-analyzer/metasploit/metadata.xml +++ b/net-analyzer/metasploit/metadata.xml @@ -9,7 +9,6 @@ Install dependencies needed for metasploit and exploit development Enable the plugin to integrate with nexpose - Enable the plugin to integrate net-analyzer/openvas Enable restricted oracle modules which have additional deps Enable libpcap for packet sniffing diff --git a/net-analyzer/metasploit/metasploit-4.17.21-r5.ebuild b/net-analyzer/metasploit/metasploit-4.17.21-r5.ebuild deleted file mode 100644 index e980b733098c..000000000000 --- a/net-analyzer/metasploit/metasploit-4.17.21-r5.ebuild +++ /dev/null @@ -1,353 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -#never ever ever have more than one ruby in here -USE_RUBY="ruby24" -inherit eutils ruby-ng - -if [[ ${PV} == "9999" ]] ; then - EGIT_REPO_URI="https://github.com/rapid7/metasploit-framework.git" - EGIT_BRANCH="4.x" - EGIT_CHECKOUT_DIR="${WORKDIR}"/all - inherit git-r3 - KEYWORDS="~arm" - SLOT="9999" -else - ##Tags https://github.com/rapid7/metasploit-framework/releases - MY_PV=${PV/_p/-} - SRC_URI="https://github.com/rapid7/metasploit-framework/archive/${MY_PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 ~arm ~x86" - RUBY_S="${PN}-framework-${MY_PV}" - inherit eapi7-ver - SLOT="$(ver_cut 1).$(ver_cut 2)" -fi - -DESCRIPTION="Advanced framework for developing, testing, and using vulnerability exploit code" -HOMEPAGE="http://www.metasploit.org/" -LICENSE="BSD" -IUSE="development +java nexpose openvas oracle +pcap test" - -#multiple known bugs with tests reported upstream and ignored -#http://dev.metasploit.com/redmine/issues/8418 - worked around (fix user creation when possible) -RESTRICT="test" - -#grep spec.add_runtime_dependency metasploit-framework.gemspec | sort -RUBY_COMMON_DEPEND="virtual/ruby-ssl - >=dev-ruby/actionpack-4.2.6:4.2 - >=dev-ruby/activerecord-4.2.6:4.2 - >=dev-ruby/activesupport-4.2.6:4.2 - dev-ruby/backports - dev-ruby/bcrypt-ruby - dev-ruby/bcrypt_pbkdf - dev-ruby/bit-struct - dev-ruby/bundler - dev-ruby/dnsruby - dev-ruby/faker - dev-ruby/faraday - dev-ruby/filesize:* - dev-ruby/jsobfu:* - dev-ruby/json:* - dev-ruby/metasm:* - dev-ruby/metasploit-concern - =dev-ruby/rake-10.0.0 - >=dev-ruby/factory_girl-4.1.0 )" - #lorcon doesn't support ruby21 - #lorcon? ( net-wireless/lorcon[ruby] ) -ruby_add_bdepend "${RUBY_COMMON_DEPEND} - test? ( >=dev-ruby/factory_girl-4.1.0 - dev-ruby/fivemat - dev-ruby/database_cleaner - >=dev-ruby/rspec-2.12 - dev-ruby/shoulda-matchers - dev-ruby/timecop - >=dev-ruby/rake-10.0.0 )" -ruby_add_rdepend "${RUBY_COMMON_DEPEND}" - -COMMON_DEPEND="dev-db/postgresql[server] - || ( app-crypt/johntheripper-jumbo >=app-crypt/johntheripper-1.7.9-r1[-minimal(-)] ) - net-analyzer/nmap" -RDEPEND+=" ${COMMON_DEPEND} - >=app-eselect/eselect-metasploit-0.16" - -RESTRICT="strip" - -QA_PREBUILT=" - usr/lib*/${PN}${SLOT}/data/templates/template_x86_linux.bin - usr/lib*/${PN}${SLOT}/data/templates/template_armle_linux.bin - usr/lib*/${PN}${SLOT}/data/templates/template_x86_solaris.bin - usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux.bin - usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux_dll.bin - usr/lib*/${PN}${SLOT}/data/templates/template_x86_bsd.bin - usr/lib*/${PN}${SLOT}/data/templates/template_x64_bsd.bin - usr/lib*/${PN}${SLOT}/data/templates/template_mipsbe_linux.bin - usr/lib*/${PN}${SLOT}/data/templates/template_mipsle_linux.bin - usr/lib*/${PN}${SLOT}/data/meterpreter/msflinker_linux_x86.bin - usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_sniffer.lso - usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_networkpug.lso - usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_stdapi.lso - usr/lib*/${PN}${SLOT}/data/exploits/CVE-2013-2171.bin - usr/lib*/${PN}${SLOT}/data/exploits/CVE-2014-3153.elf - usr/lib*/${PN}${SLOT}/data/exploits/mysql/lib_mysqludf_sys_32.so - usr/lib*/${PN}${SLOT}/data/exploits/* - usr/lib*/${PN}${SLOT}/data/android/libs/x86/libndkstager.so - usr/lib*/${PN}${SLOT}/data/android/libs/mips/libndkstager.so - usr/lib*/${PN}${SLOT}/data/android/libs/armeabi/libndkstager.so - usr/lib*/${PN}${SLOT}/data/templates/template_x86_linux_dll.bin - usr/lib*/${PN}${SLOT}/data/templates/template_armle_linux_dll.bin - usr/lib*/${PN}${SLOT}/data/templates/template_aarch64_linux.bin - " - -pkg_setup() { - if use test; then - su postgres -c "dropdb msf_test_database" #this is intentionally allowed to fail - su postgres -c "createuser msf_test_user -d -S -R" - if [ $? -ne 0 ]; then - su postgres -c "dropuser msf_test_user" || die - su postgres -c "createuser msf_test_user -d -S -R" || die - fi - su postgres -c "createdb --owner=msf_test_user msf_test_database" || die - fi - ruby-ng_pkg_setup -} - -all_ruby_unpack() { - if [[ ${PV} == "9999" ]] ; then - git-r3_src_unpack - else - default_src_unpack -# mv "${WORKDIR}"/all/msf3/* "${WORKDIR}"/all -# rm -r msf3 - #msf_version=$(grep --color=never "CURRENT_VERSION =" ${S}/spec/lib/msf/core/framework_spec.rb) - #msf_version=${msf_version#*=} - fi -} - -all_ruby_prepare() { - # add psexec patch from pull request 2657 to allow custom exe templates from any files, bypassing most AVs - #epatch "${FILESDIR}/agix_psexec_pull-2657.patch" - eapply_user - - #remove random "cpuinfo" binaries which a only needed to detect which bundled john to run - rm -r data/cpuinfo - - #remove unneeded ruby bundler versioning files - #Gemfile.lock contains the versions tested by the msf team but not the hard requirements - #we regen this file in each_ruby_prepare - rm Gemfile.lock - - #The Gemfile contains real known deps - sed -i "/gem 'fivemat'/s/, '1.2.1'//" Gemfile || die - #use released packetfu - sed -i "s/1.1.13.pre/1.1.13/" metasploit-framework.gemspec || die - #use the stable pg - #https://github.com/rapid7/metasploit-framework/issues/10234 - sed -i "s/dependency 'pg', '0.20.0'/dependency 'pg', '0.21.0'/" metasploit-framework.gemspec || die - #git gems are only for ruby24 support and we are not there yet - sed -i "/git:/d" Gemfile || die - - #now we edit the Gemfile based on use flags - if ! use pcap; then - sed -i -e "/^group :pcap do/,/^end$/d" Gemfile || die - fi - if ! use nexpose; then - sed -i -e "/nexpose/d" metasploit-framework.gemspec || die - fi - #no support for nessus right now - #if ! use nessus; then - sed -i -e "/nessus/d" metasploit-framework.gemspec || die - #fi - if ! use openvas; then - sed -i -e "/openvas-omp/d" metasploit-framework.gemspec || die - fi - #even if we pass --without=blah bundler still calculates the deps and messes us up - if ! use development; then - sed -i -e "/^group :development do/,/^end$/d" Gemfile || die - fi - if ! use test; then - sed -i -e "/^group :test/,/^end$/d" Gemfile || die - fi - if ! use test && ! use development; then - sed -i -e "/^group :development/,/^end$/d" Gemfile || die - fi - #We don't need simplecov - sed -i -e "/^group :coverage/,/^end$/d" Gemfile || die - sed -i -e "s#require 'simplecov'##" spec/spec_helper.rb || die - - #we need to edit the gemspec too, since it tries to call git instead of anything sane - #probably a better way to fix this... if I care at some point - sed -i -e "/^ spec.files/,/^ }/d" metasploit-framework.gemspec || die - - #https://bugs.gentoo.org/show_bug.cgi?id=584522 no tzinfo-data by choice in gentoo - sed -i '/tzinfo-data/d' metasploit-framework.gemspec - - #fails without faraday in Gemfile.lock - #despite activesupport(?) needing it, it doesn't end up there :-( - sed -i "/'activesupport'/a \ \ spec.add_runtime_dependency 'faraday'" metasploit-framework.gemspec - - #let's bogart msfupdate - rm msfupdate - echo "#!/bin/sh" > msfupdate - echo "echo \"[*]\"" >> msfupdate - echo "echo \"[*] Attempting to update the Metasploit Framework...\"" >> msfupdate - echo "echo \"[*]\"" >> msfupdate - echo "echo \"\"" >> msfupdate - if [[ ${PV} == "9999" ]] ; then - echo "if [ -x /usr/bin/smart-live-rebuild ]; then" >> msfupdate - echo " smart-live-rebuild -f net-analyzer/metasploit" >> msfupdate - echo "else" >> msfupdate - echo " echo \"Please install app-portage/smart-live-rebuild for a better experience.\"" >> msfupdate - echo "emerge --oneshot \"=${CATEGORY}/${PF}\"" >> msfupdate - echo "fi" >> msfupdate - else - echo "echo \"Unable to update tagged version of metasploit.\"" >> msfupdate - echo "echo \"If you want the latest please install and eselect the live version (metasploit9999)\"" >> msfupdate - echo "echo \"emerge metasploit:9999 -vat && eselect metasploit set metasploit9999\"" >> msfupdate - fi - #this is set executable in src_install - - #install our database.yml file before tests are run - cp "${FILESDIR}"/database.yml config/ - -} - -each_ruby_prepare() { - MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle install --local || die - MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle check || die - - #force all metasploit executables to use desired ruby version - #https://dev.metasploit.com/redmine/issues/8357 - for file in $(ls -1 msf*) - do - #poorly adapted from python.eclass - sed -e "1s:^#![[:space:]]*\([^[:space:]]*/usr/bin/env[[:space:]]\)\?[[:space:]]*\([^[:space:]]*/\)\?ruby\([[:digit:]]\+\(\.[[:digit:]]\+\)\?\)\?\(\$\|[[:space:]].*\):#!\1\2${RUBY}:" -i "${file}" || die "Conversion of shebang in '${file}' failed" - done -} - -each_ruby_test() { - #review dev-python/pymongo for ways to make the test compatible with FEATURES=network-sandbox - - #we bogart msfupdate so no point in trying to test it - rm spec/msfupdate_spec.rb || die - #we don't really want to be uploading to virustotal during the tests - rm spec/tools/virustotal_spec.rb || die - - # https://dev.metasploit.com/redmine/issues/8425 - BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:create || die - BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:migrate || die - - MSF_DATABASE_CONFIG=config/database.yml BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake || die - su postgres -c "dropuser msf_test_user" || die "failed to cleanup msf_test-user" -} - -each_ruby_install() { - #Tests have already been run, we don't need this stuff - rm -r spec || die - rm -r test || die - rm Gemfile.lock || die - - #I'm 99% sure that this will only work for as long as we only support one ruby version. Creativity will be needed if we wish to support multiple. - # should be as simple as copying everything into the target... - dodir /usr/lib/${PN}${SLOT} - cp -R * "${ED}"/usr/lib/${PN}${SLOT} || die "Copy files failed" - rm -Rf "${ED}"/usr/lib/${PN}${SLOT}/documentation "${ED}"/usr/lib${PN}${SLOT}/README.md - fowners -R root:0 / - -} - -all_ruby_install() { - # do not remove LICENSE, bug #238137 - dodir /usr/share/doc/${PF} - cp -R {documentation,README.md} "${ED}"/usr/share/doc/${PF} || die - ln -s "../../share/doc/${PF}/documentation" "${ED}/usr/lib/${PN}${SLOT}/documentation" - - fperms +x /usr/lib/${PN}${SLOT}/msfupdate - - #tell revdep-rebuild to ignore binaries meant for the target - dodir /etc/revdep-rebuild - cat <<-EOF > "${ED}"/etc/revdep-rebuild/99-metasploit${SLOT} - #These dirs contain prebuilt binaries for running on the TARGET not the HOST - SEARCH_DIRS_MASK="/usr/lib/${PN}${SLOT}/data/meterpreter" - SEARCH_DIRS_MASK="/usr/lib/${PN}${SLOT}/data/exploits" - EOF -} - -pkg_postinst() { - elog "Before use you should run 'env-update' and '. /etc/profile'" - elog "otherwise you may be missing important environmental variables." - - elog "You need to prepare the database by running:" - elog "emerge --config postgresql" - elog "/etc/init.d/postgresql- start" - elog "emerge --config =metasploit-${PV}" - - "${EROOT}"/usr/bin/eselect metasploit set --use-old ${PN}${SLOT} - - einfo - elog "Adjust /usr/lib/${PN}${SLOT}/config/database.yml if necessary" -} - -pkg_config() { - einfo "If the following fails, it is likely because you forgot to start/config postgresql first" - su postgres -c "createuser msf_user -D -S -R" - su postgres -c "createdb --owner=msf_user msf_database" -} diff --git a/net-analyzer/metasploit/metasploit-4.17.21-r6.ebuild b/net-analyzer/metasploit/metasploit-4.17.21-r6.ebuild new file mode 100644 index 000000000000..db815de8d1d6 --- /dev/null +++ b/net-analyzer/metasploit/metasploit-4.17.21-r6.ebuild @@ -0,0 +1,355 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +#never ever ever have more than one ruby in here +USE_RUBY="ruby24" +inherit eutils ruby-ng + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="https://github.com/rapid7/metasploit-framework.git" + EGIT_BRANCH="4.x" + EGIT_CHECKOUT_DIR="${WORKDIR}"/all + inherit git-r3 + KEYWORDS="~arm" + SLOT="9999" +else + ##Tags https://github.com/rapid7/metasploit-framework/releases + MY_PV=${PV/_p/-} + SRC_URI="https://github.com/rapid7/metasploit-framework/archive/${MY_PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~x86" + RUBY_S="${PN}-framework-${MY_PV}" + inherit eapi7-ver + SLOT="$(ver_cut 1).$(ver_cut 2)" +fi + +DESCRIPTION="Advanced framework for developing, testing, and using vulnerability exploit code" +HOMEPAGE="http://www.metasploit.org/" +LICENSE="BSD" +IUSE="development +java nexpose oracle +pcap test" + +#multiple known bugs with tests reported upstream and ignored +#http://dev.metasploit.com/redmine/issues/8418 - worked around (fix user creation when possible) +RESTRICT="test" + +#grep spec.add_runtime_dependency metasploit-framework.gemspec | sort +RUBY_COMMON_DEPEND="virtual/ruby-ssl + >=dev-ruby/actionpack-4.2.6:4.2 + >=dev-ruby/activerecord-4.2.6:4.2 + >=dev-ruby/activesupport-4.2.6:4.2 + dev-ruby/backports + dev-ruby/bcrypt-ruby + dev-ruby/bcrypt_pbkdf + dev-ruby/bit-struct + dev-ruby/bundler + dev-ruby/dnsruby + dev-ruby/faker:0 + dev-ruby/faraday + dev-ruby/filesize:* + dev-ruby/jsobfu:* + dev-ruby/json:* + dev-ruby/metasm:* + dev-ruby/metasploit-concern + =dev-ruby/rake-10.0.0 + >=dev-ruby/factory_girl-4.1.0 )" + #lorcon doesn't support ruby21 + #lorcon? ( net-wireless/lorcon[ruby] ) +ruby_add_bdepend "${RUBY_COMMON_DEPEND} + test? ( >=dev-ruby/factory_girl-4.1.0 + dev-ruby/fivemat + dev-ruby/database_cleaner + >=dev-ruby/rspec-2.12 + dev-ruby/shoulda-matchers + dev-ruby/timecop + >=dev-ruby/rake-10.0.0 )" +ruby_add_rdepend "${RUBY_COMMON_DEPEND}" + +COMMON_DEPEND="dev-db/postgresql[server] + || ( app-crypt/johntheripper-jumbo >=app-crypt/johntheripper-1.7.9-r1[-minimal(-)] ) + net-analyzer/nmap" +RDEPEND+=" ${COMMON_DEPEND} + >=app-eselect/eselect-metasploit-0.16" + +RESTRICT="strip" + +QA_PREBUILT=" + usr/lib*/${PN}${SLOT}/data/templates/template_x86_linux.bin + usr/lib*/${PN}${SLOT}/data/templates/template_armle_linux.bin + usr/lib*/${PN}${SLOT}/data/templates/template_x86_solaris.bin + usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux.bin + usr/lib*/${PN}${SLOT}/data/templates/template_x64_linux_dll.bin + usr/lib*/${PN}${SLOT}/data/templates/template_x86_bsd.bin + usr/lib*/${PN}${SLOT}/data/templates/template_x64_bsd.bin + usr/lib*/${PN}${SLOT}/data/templates/template_mipsbe_linux.bin + usr/lib*/${PN}${SLOT}/data/templates/template_mipsle_linux.bin + usr/lib*/${PN}${SLOT}/data/meterpreter/msflinker_linux_x86.bin + usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_sniffer.lso + usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_networkpug.lso + usr/lib*/${PN}${SLOT}/data/meterpreter/ext_server_stdapi.lso + usr/lib*/${PN}${SLOT}/data/exploits/CVE-2013-2171.bin + usr/lib*/${PN}${SLOT}/data/exploits/CVE-2014-3153.elf + usr/lib*/${PN}${SLOT}/data/exploits/mysql/lib_mysqludf_sys_32.so + usr/lib*/${PN}${SLOT}/data/exploits/* + usr/lib*/${PN}${SLOT}/data/android/libs/x86/libndkstager.so + usr/lib*/${PN}${SLOT}/data/android/libs/mips/libndkstager.so + usr/lib*/${PN}${SLOT}/data/android/libs/armeabi/libndkstager.so + usr/lib*/${PN}${SLOT}/data/templates/template_x86_linux_dll.bin + usr/lib*/${PN}${SLOT}/data/templates/template_armle_linux_dll.bin + usr/lib*/${PN}${SLOT}/data/templates/template_aarch64_linux.bin + " + +pkg_setup() { + if use test; then + su postgres -c "dropdb msf_test_database" #this is intentionally allowed to fail + su postgres -c "createuser msf_test_user -d -S -R" + if [ $? -ne 0 ]; then + su postgres -c "dropuser msf_test_user" || die + su postgres -c "createuser msf_test_user -d -S -R" || die + fi + su postgres -c "createdb --owner=msf_test_user msf_test_database" || die + fi + ruby-ng_pkg_setup +} + +all_ruby_unpack() { + if [[ ${PV} == "9999" ]] ; then + git-r3_src_unpack + else + default_src_unpack +# mv "${WORKDIR}"/all/msf3/* "${WORKDIR}"/all +# rm -r msf3 + #msf_version=$(grep --color=never "CURRENT_VERSION =" ${S}/spec/lib/msf/core/framework_spec.rb) + #msf_version=${msf_version#*=} + fi +} + +all_ruby_prepare() { + # add psexec patch from pull request 2657 to allow custom exe templates from any files, bypassing most AVs + #epatch "${FILESDIR}/agix_psexec_pull-2657.patch" + eapply_user + + #remove random "cpuinfo" binaries which a only needed to detect which bundled john to run + rm -r data/cpuinfo + + #remove unneeded ruby bundler versioning files + #Gemfile.lock contains the versions tested by the msf team but not the hard requirements + #we regen this file in each_ruby_prepare + rm Gemfile.lock + + #The Gemfile contains real known deps + sed -i "/gem 'fivemat'/s/, '1.2.1'//" Gemfile || die + #use released packetfu + sed -i "s/1.1.13.pre/1.1.13/" metasploit-framework.gemspec || die + #use the stable pg + #https://github.com/rapid7/metasploit-framework/issues/10234 + sed -i "s/dependency 'pg', '0.20.0'/dependency 'pg', '0.21.0'/" metasploit-framework.gemspec || die + #git gems are only for ruby24 support and we are not there yet + sed -i "/git:/d" Gemfile || die + + #now we edit the Gemfile based on use flags + if ! use pcap; then + sed -i -e "/^group :pcap do/,/^end$/d" Gemfile || die + fi + if ! use nexpose; then + sed -i -e "/nexpose/d" metasploit-framework.gemspec || die + fi + #no support for nessus right now + #if ! use nessus; then + sed -i -e "/nessus/d" metasploit-framework.gemspec || die + #fi + + #OpenVAS support dropped on net-analyzer/metasploit. Bug:692076 + #openvas-omp is deprecated and masked for removal. Bug:692076 + #Remove openvas-omp in gemspec. Bug:698762 + sed -i -e "/openvas-omp/d" metasploit-framework.gemspec || die + + #even if we pass --without=blah bundler still calculates the deps and messes us up + if ! use development; then + sed -i -e "/^group :development do/,/^end$/d" Gemfile || die + fi + if ! use test; then + sed -i -e "/^group :test/,/^end$/d" Gemfile || die + fi + if ! use test && ! use development; then + sed -i -e "/^group :development/,/^end$/d" Gemfile || die + fi + #We don't need simplecov + sed -i -e "/^group :coverage/,/^end$/d" Gemfile || die + sed -i -e "s#require 'simplecov'##" spec/spec_helper.rb || die + + #we need to edit the gemspec too, since it tries to call git instead of anything sane + #probably a better way to fix this... if I care at some point + sed -i -e "/^ spec.files/,/^ }/d" metasploit-framework.gemspec || die + + #https://bugs.gentoo.org/show_bug.cgi?id=584522 no tzinfo-data by choice in gentoo + sed -i '/tzinfo-data/d' metasploit-framework.gemspec + + #fails without faraday in Gemfile.lock + #despite activesupport(?) needing it, it doesn't end up there :-( + sed -i "/'activesupport'/a \ \ spec.add_runtime_dependency 'faraday'" metasploit-framework.gemspec + + #let's bogart msfupdate + rm msfupdate + echo "#!/bin/sh" > msfupdate + echo "echo \"[*]\"" >> msfupdate + echo "echo \"[*] Attempting to update the Metasploit Framework...\"" >> msfupdate + echo "echo \"[*]\"" >> msfupdate + echo "echo \"\"" >> msfupdate + if [[ ${PV} == "9999" ]] ; then + echo "if [ -x /usr/bin/smart-live-rebuild ]; then" >> msfupdate + echo " smart-live-rebuild -f net-analyzer/metasploit" >> msfupdate + echo "else" >> msfupdate + echo " echo \"Please install app-portage/smart-live-rebuild for a better experience.\"" >> msfupdate + echo "emerge --oneshot \"=${CATEGORY}/${PF}\"" >> msfupdate + echo "fi" >> msfupdate + else + echo "echo \"Unable to update tagged version of metasploit.\"" >> msfupdate + echo "echo \"If you want the latest please install and eselect the live version (metasploit9999)\"" >> msfupdate + echo "echo \"emerge metasploit:9999 -vat && eselect metasploit set metasploit9999\"" >> msfupdate + fi + #this is set executable in src_install + + #install our database.yml file before tests are run + cp "${FILESDIR}"/database.yml config/ + +} + +each_ruby_prepare() { + MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle install --local || die + MSF_ROOT="." BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle check || die + + #force all metasploit executables to use desired ruby version + #https://dev.metasploit.com/redmine/issues/8357 + for file in $(ls -1 msf*) + do + #poorly adapted from python.eclass + sed -e "1s:^#![[:space:]]*\([^[:space:]]*/usr/bin/env[[:space:]]\)\?[[:space:]]*\([^[:space:]]*/\)\?ruby\([[:digit:]]\+\(\.[[:digit:]]\+\)\?\)\?\(\$\|[[:space:]].*\):#!\1\2${RUBY}:" -i "${file}" || die "Conversion of shebang in '${file}' failed" + done +} + +each_ruby_test() { + #review dev-python/pymongo for ways to make the test compatible with FEATURES=network-sandbox + + #we bogart msfupdate so no point in trying to test it + rm spec/msfupdate_spec.rb || die + #we don't really want to be uploading to virustotal during the tests + rm spec/tools/virustotal_spec.rb || die + + # https://dev.metasploit.com/redmine/issues/8425 + BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:create || die + BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake db:migrate || die + + MSF_DATABASE_CONFIG=config/database.yml BUNDLE_GEMFILE=Gemfile ${RUBY} -S bundle exec rake || die + su postgres -c "dropuser msf_test_user" || die "failed to cleanup msf_test-user" +} + +each_ruby_install() { + #Tests have already been run, we don't need this stuff + rm -r spec || die + rm -r test || die + rm Gemfile.lock || die + + #I'm 99% sure that this will only work for as long as we only support one ruby version. Creativity will be needed if we wish to support multiple. + # should be as simple as copying everything into the target... + dodir /usr/lib/${PN}${SLOT} + cp -R * "${ED}"/usr/lib/${PN}${SLOT} || die "Copy files failed" + rm -Rf "${ED}"/usr/lib/${PN}${SLOT}/documentation "${ED}"/usr/lib${PN}${SLOT}/README.md + fowners -R root:0 / + +} + +all_ruby_install() { + # do not remove LICENSE, bug #238137 + dodir /usr/share/doc/${PF} + cp -R {documentation,README.md} "${ED}"/usr/share/doc/${PF} || die + ln -s "../../share/doc/${PF}/documentation" "${ED}/usr/lib/${PN}${SLOT}/documentation" + + fperms +x /usr/lib/${PN}${SLOT}/msfupdate + + #tell revdep-rebuild to ignore binaries meant for the target + dodir /etc/revdep-rebuild + cat <<-EOF > "${ED}"/etc/revdep-rebuild/99-metasploit${SLOT} + #These dirs contain prebuilt binaries for running on the TARGET not the HOST + SEARCH_DIRS_MASK="/usr/lib/${PN}${SLOT}/data/meterpreter" + SEARCH_DIRS_MASK="/usr/lib/${PN}${SLOT}/data/exploits" + EOF +} + +pkg_postinst() { + elog "Before use you should run 'env-update' and '. /etc/profile'" + elog "otherwise you may be missing important environmental variables." + + elog "You need to prepare the database by running:" + elog "emerge --config postgresql" + elog "/etc/init.d/postgresql- start" + elog "emerge --config =metasploit-${PV}" + + "${EROOT}"/usr/bin/eselect metasploit set --use-old ${PN}${SLOT} + + einfo + elog "Adjust /usr/lib/${PN}${SLOT}/config/database.yml if necessary" +} + +pkg_config() { + einfo "If the following fails, it is likely because you forgot to start/config postgresql first" + su postgres -c "createuser msf_user -D -S -R" + su postgres -c "createdb --owner=msf_user msf_database" +} diff --git a/net-analyzer/metasploit/metasploit-9999.ebuild b/net-analyzer/metasploit/metasploit-9999.ebuild index 49691b5c0747..42bf6440d53d 100644 --- a/net-analyzer/metasploit/metasploit-9999.ebuild +++ b/net-analyzer/metasploit/metasploit-9999.ebuild @@ -27,7 +27,7 @@ fi DESCRIPTION="Advanced framework for developing, testing, and using vulnerability exploit code" HOMEPAGE="http://www.metasploit.org/" LICENSE="BSD" -IUSE="development +java nexpose openvas oracle +pcap test" +IUSE="development +java nexpose oracle +pcap test" #multiple known bugs with tests reported upstream and ignored #http://dev.metasploit.com/redmine/issues/8418 - worked around (fix user creation when possible) @@ -44,7 +44,7 @@ RUBY_COMMON_DEPEND="virtual/ruby-ssl dev-ruby/bit-struct dev-ruby/bundler dev-ruby/dnsruby - dev-ruby/faker + dev-ruby/faker:0 dev-ruby/filesize:* dev-ruby/jsobfu:* dev-ruby/json:* @@ -91,7 +91,7 @@ RUBY_COMMON_DEPEND="virtual/ruby-ssl dev-ruby/ruby-macho dev-ruby/rubyntlm dev-ruby/ruby_smb:* - dev-ruby/rubyzip + dev-ruby/rubyzip:* dev-ruby/sqlite3 dev-ruby/sshkey dev-ruby/tzinfo:* @@ -100,7 +100,6 @@ RUBY_COMMON_DEPEND="virtual/ruby-ssl dev-ruby/xmlrpc java? ( dev-ruby/rjb ) nexpose? ( dev-ruby/nexpose ) - openvas? ( dev-ruby/openvas-omp ) oracle? ( dev-ruby/ruby-oci8 ) pcap? ( dev-ruby/pcaprub:* dev-ruby/network_interface ) @@ -215,9 +214,12 @@ all_ruby_prepare() { #if ! use nessus; then sed -i -e "/nessus/d" metasploit-framework.gemspec || die #fi - if ! use openvas; then - sed -i -e "/openvas-omp/d" metasploit-framework.gemspec || die - fi + + #OpenVAS support dropped on net-analyzer/metasploit. Bug:692076 + #openvas-omp is deprecated and masked for removal. Bug:692076 + #Remove openvas-omp in gemspec. Bug:698762 + sed -i -e "/openvas-omp/d" metasploit-framework.gemspec || die + #even if we pass --without=blah bundler still calculates the deps and messes us up if ! use development; then sed -i -e "/^group :development do/,/^end$/d" Gemfile || die -- cgit v1.2.3