From 2fab2122c3b7e5e81c68ededd63fb6c6d628887c Mon Sep 17 00:00:00 2001 From: adfoster-r7 Date: Thu, 9 Jul 2026 16:29:14 +0100 Subject: [PATCH] Debug c2 erros --- .github/workflows/add_to_project.yml | 19 - .../workflows/command_shell_acceptance.yml | 241 ------------ .github/workflows/docs.yml | 63 --- .github/workflows/extended_tests.yml | 68 ---- .github/workflows/labels.yml | 229 ----------- .github/workflows/ldap_acceptance.yml | 173 --------- .github/workflows/lint.yml | 68 ---- .github/workflows/mssql_acceptance.yml | 184 --------- .github/workflows/mysql_acceptance.yml | 187 --------- .github/workflows/postgres_acceptance.yml | 191 --------- .github/workflows/schedule-stale.yml | 55 --- .github/workflows/shared_gem_verify.yml | 69 ---- .github/workflows/shared_gem_verify_rails.yml | 116 ------ .../shared_meterpreter_acceptance.yml | 64 +-- .github/workflows/shared_smb_acceptance.yml | 195 ---------- .github/workflows/smb_acceptance.yml | 46 --- .github/workflows/ssh_acceptance.yml | 171 -------- .github/workflows/verify.yml | 119 ------ .../weekly-data-and-external-tool-updater.yml | 98 ----- .github/workflows/weekly-dependencies-pr.yml | 69 ---- Gemfile.lock | 4 +- metasploit-framework.gemspec | 2 +- spec/allure_config.rb | 15 + .../acceptance/session/windows_meterpreter.rb | 364 ------------------ 24 files changed, 54 insertions(+), 2756 deletions(-) delete mode 100644 .github/workflows/add_to_project.yml delete mode 100644 .github/workflows/command_shell_acceptance.yml delete mode 100644 .github/workflows/docs.yml delete mode 100644 .github/workflows/extended_tests.yml delete mode 100644 .github/workflows/labels.yml delete mode 100644 .github/workflows/ldap_acceptance.yml delete mode 100644 .github/workflows/lint.yml delete mode 100644 .github/workflows/mssql_acceptance.yml delete mode 100644 .github/workflows/mysql_acceptance.yml delete mode 100644 .github/workflows/postgres_acceptance.yml delete mode 100644 .github/workflows/schedule-stale.yml delete mode 100644 .github/workflows/shared_gem_verify.yml delete mode 100644 .github/workflows/shared_gem_verify_rails.yml delete mode 100644 .github/workflows/shared_smb_acceptance.yml delete mode 100644 .github/workflows/smb_acceptance.yml delete mode 100644 .github/workflows/ssh_acceptance.yml delete mode 100644 .github/workflows/verify.yml delete mode 100644 .github/workflows/weekly-data-and-external-tool-updater.yml delete mode 100644 .github/workflows/weekly-dependencies-pr.yml diff --git a/.github/workflows/add_to_project.yml b/.github/workflows/add_to_project.yml deleted file mode 100644 index fb1fad8dc186e..0000000000000 --- a/.github/workflows/add_to_project.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Add pull request to the kanban board - -on: - pull_request_target: - types: - - opened - - reopened - -jobs: - add-to-project: - name: Add pull request to the kanban board - runs-on: ubuntu-latest - steps: - - uses: actions/add-to-project@v1.0.2 - with: - project-url: https://github.com/orgs/rapid7/projects/17 - # smcintyre/GITHUB_PROJECT_TOKEN (PAT), Expires on Wed, Jan 27 2027 - github-token: ${{ secrets.GH_PROJECT_TOKEN }} - diff --git a/.github/workflows/command_shell_acceptance.yml b/.github/workflows/command_shell_acceptance.yml deleted file mode 100644 index a4c26df5ed08a..0000000000000 --- a/.github/workflows/command_shell_acceptance.yml +++ /dev/null @@ -1,241 +0,0 @@ -name: Command Shell Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - workflow_dispatch: - inputs: - metasploitPayloadsCommit: - description: 'metasploit-payloads branch you want to test' - required: true - default: 'master' - mettleCommit: - description: 'mettle branch you want to test' - required: true - default: 'master' - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metasploit-framework.gemspec' - - 'Gemfile.lock' - - 'data/templates/**' - - 'modules/payloads/**' - - 'lib/msf/core/payload/**' - - 'lib/msf/core/handler/**' - - 'lib/msf/core/post/**' - - 'lib/msf/core/session/**' - - 'lib/msf/base/sessions/**' - - 'tools/dev/**' - - 'test/modules/post/**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - # Run all test individually, note there is a separate final job for aggregating the test results - test: - strategy: - fail-fast: false - matrix: - include: - # Powershell - - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2022 } - - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2025 } - - # Linux - - { command_shell: { name: linux }, ruby: '3.4', os: ubuntu-latest } - - # CMD - - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2022 } - - # TODO: Tests currently fail: - # - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2025 } - - # Python SSL - - { command_shell: { name: python_ssl_2_6 }, ruby: '3.4', os: ubuntu-latest } - - { command_shell: { name: python_ssl_2_7 }, ruby: '3.4', os: ubuntu-latest } - - { command_shell: { name: python_ssl_3_4 }, ruby: '3.4', os: ubuntu-latest } - - { command_shell: { name: python_ssl_3_13 }, ruby: '3.4', os: ubuntu-latest } - - runs-on: ${{ matrix.os }} - - timeout-minutes: 50 - - env: - RAILS_ENV: test - HOST_RUNNER_IMAGE: ${{ matrix.os }} - SESSION: 'command_shell/${{ matrix.command_shell.name }}' - SESSION_RUNTIME_VERSION: ${{ matrix.command_shell.runtime_version }} - BUNDLE_WITHOUT: "coverage development" - - name: ${{ matrix.command_shell.name }} ${{ matrix.command_shell.runtime_version }} ${{ matrix.os }} - steps: - - name: Install system dependencies (Linux) - if: runner.os == 'Linux' - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761 - if: ${{ matrix.command_shell.name == 'php' }} - with: - php-version: ${{ matrix.command_shell.runtime_version }} - tools: none - - - name: Install system dependencies (Windows) - shell: pwsh - if: runner.os == 'Windows' - run: | - $ErrorActionPreference = 'Stop' - # pcap dependencies - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - Invoke-WebRequest -Uri 'https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip' -OutFile 'C:\Windows\Temp\WpdPack_4_1_2.zip' -SkipCertificateCheck - $expected = 'ea799cf2f26e4afb1892938070fd2b1ca37ce5cf75fec4349247df12b784edbd' - $actual = (Get-FileHash 'C:\Windows\Temp\WpdPack_4_1_2.zip' -Algorithm SHA256).Hash.ToLower() - if ($actual -ne $expected) { throw "WpdPack_4_1_2.zip SHA256 mismatch: expected $expected, got $actual" } - - choco install 7zip -y --no-progress - if ($LASTEXITCODE -ne 0) { throw "choco install 7zip failed with exit code $LASTEXITCODE" } - - 7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\" - if ($LASTEXITCODE -ne 0) { throw "7z extraction failed with exit code $LASTEXITCODE" } - - # The job checkout structure is: - # . - # └── metasploit-framework - - - name: Checkout metasploit-framework code - uses: actions/checkout@v4 - with: - path: metasploit-framework - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup '${{ matrix.ruby }}' Ruby - # Skip for now to ensure CI passes on Windows server 2025 powershell tests - #env: - # BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c - with: - ruby-version: ${{ matrix.ruby }} - bundler-cache: true - working-directory: metasploit-framework - cache-version: 5 - - - name: Pull pyenv container image - if: startsWith(matrix.command_shell.name, 'python_ssl') - run: docker pull public.ecr.aws/n5b4u6h0/zerosteiner/pyenv@sha256:e686265001ee43333f14c896d8362970e816c5a7c661a6fa7e37a90770c9108a - working-directory: metasploit-framework - - - name: Acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/command_shell_spec.rb - working-directory: metasploit-framework - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: raw-data-${{ matrix.command_shell.name }}-${{ matrix.command_shell.runtime_version }}-${{ matrix.os }} - path: metasploit-framework/tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: test - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - # use the default version from the .ruby-version file - ruby-version: '.ruby-version' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml deleted file mode 100644 index 7b358f1f2a3f9..0000000000000 --- a/.github/workflows/docs.yml +++ /dev/null @@ -1,63 +0,0 @@ -name: Build Docs - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - - weekly-dependency-updates - paths: - - docs - pull_request: - branches-ignore: - - weekly-dependency-updates - -jobs: - # Ensures that the docs site builds successfully. Note that this workflow does not deploy the docs site. - build: - runs-on: ubuntu-latest - timeout-minutes: 60 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.3' - - name: Ruby ${{ matrix.ruby }} - steps: - - name: Checkout code - uses: actions/checkout@v4 - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - working-directory: docs - - - name: build - working-directory: docs - run: | - bundle exec ruby build.rb --production diff --git a/.github/workflows/extended_tests.yml b/.github/workflows/extended_tests.yml deleted file mode 100644 index c587b7fdd74d5..0000000000000 --- a/.github/workflows/extended_tests.yml +++ /dev/null @@ -1,68 +0,0 @@ -name: Extended Tests - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - # This action can update/close pull requests - pull-requests: write - repository-projects: none - security-events: none - statuses: none - -on: - pull_request_target: - branches: - - '*' - paths: - - '**/**ldap**' - - '**/**kerberos**' - - '**/**gss**' - -jobs: - add-labels: - runs-on: ubuntu-latest - steps: - - uses: actions/github-script@v6 - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within - // the multiline comment strings in the following config. When editing this file, using JavaScript - // syntax highlighting might be easier. - // - // This script has intentionally been inlined instead of using third-party Github actions for both - // security and performance reasons. - const currentLabelNames = context.payload.pull_request.labels.map(label => label.name); - const newLabelName = "additional-testing-required"; - const comment = ` - Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected. - - We've added the \`${newLabelName}\` label to indicate that additional testing is required before this pull request can be merged. - For maintainers, this means visiting [here](https://jenkins-metasploit.build.r7ops.com/job/pro_manual_test_trigger/). - `; - - if (!currentLabelNames.includes(newLabelName)) { - await github.rest.issues.addLabels({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - labels: [newLabelName] - }); - - const precedingWhitespaceLength = comment.split("\n")[1].search(/\S/); - const commentWithoutPrecedingWhitespace = comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim(); - await github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: commentWithoutPrecedingWhitespace - }); - } diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml deleted file mode 100644 index 1454d3fb589ac..0000000000000 --- a/.github/workflows/labels.yml +++ /dev/null @@ -1,229 +0,0 @@ -name: Labels - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - # This action can update/close issues - issues: write - discussions: none - packages: none - pages: none - # This action can update/close pull requests - pull-requests: write - repository-projects: none - security-events: none - statuses: none - -on: - pull_request_target: - types: [labeled] - issues: - types: [labeled] - -jobs: - handle-labels: - runs-on: ubuntu-latest - steps: - - uses: actions/github-script@v6 - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within - // the multiline comment strings in the following config. When editing this file, using JavaScript - // syntax highlighting might be easier. - // - // This script has intentionally been inlined instead of using third-party Github actions for both - // security and performance reasons. - const allConfig = { - pullRequests: { - attic: { - close: true, - comment: ` - Thanks for your contribution to Metasploit Framework! We've looked at this pull request, and we agree that it seems like a good addition to Metasploit, but it looks like it is not quite ready to land. We've labeled it \`attic\` and closed it for now. - - What does this generally mean? It could be one or more of several things: - - - It doesn't look like there has been any activity on this pull request in a while (60 days or more). - - We may not have the proper access or equipment to test this pull request, or the contributor doesn't have time to work on it right now. - - Sometimes the implementation isn't quite right and a different approach is necessary. - - Pull requests in the attic are open for community pickup — if you're a community member looking for something to work on, feel free to pick this up and carry it across the finish line. The original author may or may not return, if they do and want to continue the work, we'd welcome that too. - If you'd like to revive this PR, please comment below expressing your interest, then open a new pull request that references this one, and we'll be happy to review it. - ` - }, - 'needs-docs': { - close: false, - comment: ` - Thanks for your pull request! Before this can be merged, we need the following documentation for your module: - - - [Writing Module Documentation](https://docs.metasploit.com/docs/development/quality/writing-module-documentation.html) - - [Template](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/module_doc_template.md) - - [Examples](https://github.com/rapid7/metasploit-framework/tree/master/documentation/modules) - ` - }, - 'needs-linting': { - close: false, - comment: ` - Thanks for your pull request! Before this pull request can be merged, it must pass the checks of our automated linting tools. - - We use Rubocop and msftidy to ensure the quality of our code. This can be ran from the root directory of Metasploit: - - \`\`\` - rubocop - tools/dev/msftidy.rb - \`\`\` - - You can automate most of these changes with the \`-a\` flag: - - \`\`\` - rubocop -a - \`\`\` - - Please update your branch after these have been made, and reach out if you have any problems. - ` - }, - 'needs-unique-branch': { - close: true, - comment: ` - Thanks for your pull request! We require for all contributed code to come from a **from a unique branch** in your repository before it can be merged. - - Please create a new branch in your fork of framework and resubmit this from that branch. - - If you are using Git on the command line that may look like: - - \`\`\` - # Checkout the master branch - git checkout master - - # Create a new branch for your feature - git checkout -b - - # Add your new files - git add modules/my-cool-new-module - - # Commit your changes with a relevant message - git commit - - # Push your changes to GitHub - git push origin - - # Now browse to the following URL and create your pull request! - # - https://github.com/rapid7/metasploit-framework/pulls - \`\`\` - - This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed. - - Please do resubmit from a unique branch, we greatly value your contribution! :tada: - ` - }, - 'needs-testing-environment': { - close: false, - comment: ` - Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected. - - We have been unable to test this module successfully. This may be due to software or hardware requirements we cannot replicate. - - To help unblock this pull request, please: - - - Comment with links to documentation on how to set up an environment, and provide exact software version numbers to use - - Or comment guided steps on how to set up our environment for testing this module - - Or send pcaps/screenshots/recordings of it working - you can email us msfdev[at]rapid7.com - - Once there's a clear path for testing and evaluating this module, we can progress with this further. - ` - }, - 'needs-pull-request-template': { - close: false, - comment: ` - When creating a pull request, please ensure that the default pull request template has been updated with the required details. - ` - }, - }, - issues: { - termux: { - close: true, - comment: ` - Metasploit installation on Termux is not supported. Refer to the following for more information: - - * https://github.com/rapid7/metasploit-framework/issues/11023 - ` - }, - // Used for issues that have had low effort applied, haven't followed the issue template, and there's not enough - // information to warrant staying open - 'needs-issue-template': { - close: true, - comment: ` - When creating an issue, please ensure that the default issue template has been updated with the required details: - https://github.com/rapid7/metasploit-framework/issues/new/choose - - Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue. - ` - }, - // Used for issues that have attempted to provide some details, but more information is required. This can be - // useful for older issues, or issues that have been raised without following the issue template fully and have - // useful comments present that stop it from being closed outright. - 'needs-more-information': { - close: false, - comment: ` - It looks like there's not enough information to replicate this issue. Please provide any relevant output and logs which may be useful in diagnosing the issue. - - This includes: - - - All of the item points within this [template](https://github.com/rapid7/metasploit-framework/blob/master/.github/ISSUE_TEMPLATE/bug_report.md) - - The result of the \`debug\` command in your Metasploit console - - Screenshots showing the issues you're having - - Exact replication steps - - The easier it is for us to replicate and debug an issue means there's a higher chance of this issue being resolved. - ` - }, - // Used for issues that have zero effort applied, potentially bot related - // https://github.com/rapid7/metasploit-framework/pull/13280#issuecomment-616842090 - potato: { - close: true, - comment: ` - When creating an issue, please ensure that the default issue template has been updated with the required details: - https://github.com/rapid7/metasploit-framework/issues/new/choose - - Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue. - ` - }, - attic: { - close: true, - comment: ` - Thanks for your contribution to Metasploit Framework! We've looked at this issue, and unfortunately we do not currently have the bandwidth to prioritize this issue. - - We've labeled this as \`attic\` and closed it for now. If you believe this issue has been closed in error, or that it should be prioritized, please comment with additional information. - ` - } - } - }; - - const issueType = context.eventName === 'issues' ? 'issues' : 'pullRequests'; - const config = allConfig[issueType][context.payload.label.name]; - if (!config) { - return; - } - - if (config.comment) { - const precedingWhitespaceLength = config.comment.split("\n")[1].search(/\S/); - const commentWithoutPrecedingWhitespace = config.comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim(); - await github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: commentWithoutPrecedingWhitespace - }); - } - if (config.close) { - await github.rest.issues.update({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - state: 'closed' - }); - } diff --git a/.github/workflows/ldap_acceptance.yml b/.github/workflows/ldap_acceptance.yml deleted file mode 100644 index a60944c6a6905..0000000000000 --- a/.github/workflows/ldap_acceptance.yml +++ /dev/null @@ -1,173 +0,0 @@ -name: LDAP Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**ldap**' - - 'lib/metasploit/framework/tcp/**' - - 'lib/metasploit/framework/login_scanner/**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - ldap: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: LDAP Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run samba/ldap docker container - working-directory: 'test/ldap' - run: | - docker compose build - docker compose up --wait -d - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: latest - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/ldap_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ldap-acceptance-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - ldap - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml deleted file mode 100644 index 5c69676bd07e8..0000000000000 --- a/.github/workflows/lint.yml +++ /dev/null @@ -1,68 +0,0 @@ -name: Lint - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - - weekly-dependency-updates - pull_request: - branches-ignore: - - weekly-dependency-updates - -jobs: - msftidy: - runs-on: ubuntu-latest - timeout-minutes: 60 - - env: - BUNDLE_WITHOUT: "coverage development pcap" - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - - name: Lint msftidy - steps: - - name: Install system dependencies - run: sudo apt-get install libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - # Required to checkout HEAD^ and 3a046f01dae340c124dd3895e670983aef5fe0c5 for the msftidy script - # https://github.com/actions/checkout/tree/5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f#checkout-head - with: - fetch-depth: 0 - - - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Run msftidy - run: | - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge - ls -la ./.git/hooks - ./.git/hooks/post-merge - - - name: Verify encoding - run: | - bundle exec ruby tools/dev/verify_encoding.rb diff --git a/.github/workflows/mssql_acceptance.yml b/.github/workflows/mssql_acceptance.yml deleted file mode 100644 index c2e948f8dbef3..0000000000000 --- a/.github/workflows/mssql_acceptance.yml +++ /dev/null @@ -1,184 +0,0 @@ -name: MSSQL Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**mssql**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - mssql: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - services: - mssql: - image: ${{ matrix.docker_image }} - ports: ["1433:1433"] - env: - MSSQL_SA_PASSWORD: yourStrong(!)Password - ACCEPT_EULA: 'Y' - options: >- - --health-cmd "/opt/mssql-tools18/bin/sqlcmd -U sa -P 'yourStrong(!)Password' -C -Q 'select 1' -b -o /dev/null" - --health-interval 10s - --health-timeout 5s - --health-retries 5 - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - docker_image: - - mcr.microsoft.com/mssql/server:2022-latest - - mcr.microsoft.com/mssql/server:2019-latest - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - - name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Extract runtime version - run: | - echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV - echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d '/:')" >> $GITHUB_ENV - env: - DOCKER_IMAGE: ${{ matrix.docker_image }} - OS: ${{ matrix.os }} - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }} - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/mssql_spec.rb - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - mssql - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/mysql_acceptance.yml b/.github/workflows/mysql_acceptance.yml deleted file mode 100644 index 1101dc9a418fc..0000000000000 --- a/.github/workflows/mysql_acceptance.yml +++ /dev/null @@ -1,187 +0,0 @@ -name: MySQL Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**mysql**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - mysql: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - services: - mysql: - image: ${{ matrix.target.version }} - ports: ["3306:3306"] - env: - MYSQL_ROOT_PASSWORD: password - options: >- - --health-cmd "${{ matrix.target.health_cmd }}" - --health-interval 10s - --health-timeout 10s - --health-retries 5 - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - target: - - { version: "mariadb:latest", health_cmd: "mariadb -uroot -ppassword -e 'SELECT version()'" } - - { version: "mysql:latest", health_cmd: "mysql -uroot -ppassword -e 'SELECT version()'" } - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: ${{ matrix.target.version }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Extract runtime version - run: | - echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV - echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV - env: - DOCKER_IMAGE: ${{ matrix.target.version }} - OS: ${{ matrix.os }} - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }} - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/mysql_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - mysql - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/postgres_acceptance.yml b/.github/workflows/postgres_acceptance.yml deleted file mode 100644 index d93f5d3f04490..0000000000000 --- a/.github/workflows/postgres_acceptance.yml +++ /dev/null @@ -1,191 +0,0 @@ -name: Postgres Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**postgres**' - - 'lib/metasploit/framework/tcp/**' - - 'lib/metasploit/framework/login_scanner/**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - postgres: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - services: - postgres: - image: ${{ matrix.docker_image }} - ports: ["5432:5432"] - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: password - options: >- - --health-cmd "pg_isready --username postgres" - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - docker_image: - - postgres:9.4 - - postgres:16.2 - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Extract runtime version - run: | - echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV - echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV - env: - DOCKER_IMAGE: ${{ matrix.docker_image }} - OS: ${{ matrix.os }} - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }} - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/postgres_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - postgres - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/schedule-stale.yml b/.github/workflows/schedule-stale.yml deleted file mode 100644 index 2f1e4231abe2b..0000000000000 --- a/.github/workflows/schedule-stale.yml +++ /dev/null @@ -1,55 +0,0 @@ -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - # This action can update/close issues - issues: write - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - schedule: - - cron: "0 15 * * 1-5" - -name: Stale Bot workflow - -jobs: - build: - name: stale - runs-on: ubuntu-latest - steps: - - name: stale - id: stale - uses: actions/stale@v3 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - days-before-stale: 30 - days-before-close: 30 - operations-per-run: 75 - stale-issue-message: | - Hi! - - This issue has been left open with no activity for a while now. - - We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. - If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open! - - As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. - close-issue-message: | - Hi again! - - It’s been 60 days since anything happened on this issue, so we are going to close it. - Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else. - - As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. - exempt-issue-labels: | - discussion,not-stale,confirmed,easy,newbie-friendly,suggestion,suggestion-module,suggestion-feature,suggestion-docs,ascii-utf8-issues,database,feature,enhancement,library - debug-only: false diff --git a/.github/workflows/shared_gem_verify.yml b/.github/workflows/shared_gem_verify.yml deleted file mode 100644 index 68f00d7d786f2..0000000000000 --- a/.github/workflows/shared_gem_verify.yml +++ /dev/null @@ -1,69 +0,0 @@ -name: Shared Gem Verify -on: - workflow_call: - inputs: - test_commands: - description: 'Test commands' - required: false - default: "bundle exec rspec" - type: string - dependencies: - description: 'Array of system dependencies to install' - required: false - default: "[]" - type: string - -jobs: - test: - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - strategy: - fail-fast: false - matrix: - ruby: - - '3.2' - - '3.3' - - '3.4' - os: - - ubuntu-22.04 - - ubuntu-24.04 - - ubuntu-latest - - windows-2022 - - windows-2025 - - macos-15-intel - - env: - RAILS_ENV: test - - name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - if: ${{ inputs.dependencies != '[]' && !contains(matrix.os, 'macos') && !contains(matrix.os, 'windows') }} - run: | - dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]') - for dep in $dependencies; do - sudo apt-get -y --no-install-recommends install "$dep" - done - shell: bash - - - name: Install system dependencies (Windows) - if: ${{ contains(matrix.os, 'windows') && inputs.dependencies != '[]' }} - run: | - $dependencies = (echo '${{ inputs.dependencies }}' | jq -r '.[]') - foreach ($dep in $dependencies) { - choco install $dep -y - } - shell: pwsh - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: ${{ matrix.ruby }} - bundler-cache: true - - - name: Test - run: ${{ inputs.test_commands }} diff --git a/.github/workflows/shared_gem_verify_rails.yml b/.github/workflows/shared_gem_verify_rails.yml deleted file mode 100644 index 52eff703a4aea..0000000000000 --- a/.github/workflows/shared_gem_verify_rails.yml +++ /dev/null @@ -1,116 +0,0 @@ -name: Shared Gem Verify Rails/PostgreSQL -on: - workflow_call: - inputs: - test_commands: - description: 'Test commands' - required: false - default: "bundle exec rspec" - type: string - dependencies: - description: 'Array of system dependencies to install' - required: false - default: "[]" - type: string - additional_rails_versions: - description: 'Additional Rails version requirements as a JSON array (for example: ["~> 8.1.0"])' - required: false - default: "[]" - type: string - # Caller example: - # with: - # additional_rails_versions: '["~> 8.1.0", "~> 8.2.0"]' - -jobs: - prepare_matrix: - runs-on: ubuntu-latest - outputs: - rails_versions: ${{ steps.merge_rails_versions.outputs.rails_versions }} - steps: - - name: Build Rails version matrix - id: merge_rails_versions - run: | - default_rails_versions='["~> 7.0.0","~> 7.1.0","~> 7.2.0"]' - additional_rails_versions='${{ inputs.additional_rails_versions }}' - - rails_versions=$(jq -cn \ - --argjson defaults "$default_rails_versions" \ - --argjson extras "$additional_rails_versions" \ - '$defaults + $extras | unique') - - echo "rails_versions=$rails_versions" >> "$GITHUB_OUTPUT" - shell: bash - - test: - needs: prepare_matrix - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - strategy: - fail-fast: false - matrix: - ruby: - - '3.2' - - '3.3' - - '3.4' - rails: ${{ fromJSON(needs.prepare_matrix.outputs.rails_versions) }} - postgres: - - '14.19' - - '16.8' - os: - - ubuntu-latest - - env: - RAILS_ENV: test - RAILS_VERSION: ${{ matrix.rails }} - - name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - Rails ${{ matrix.rails }} - PostgreSQL ${{ matrix.postgres }} - steps: - - name: Install system dependencies - run: | - dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]') - for dep in $dependencies; do - sudo apt-get -y --no-install-recommends install "$dep" - done - shell: bash - - - name: Set up PostgreSQL service - run: | - docker run --name postgres -d -p 5432:5432 \ - -e POSTGRES_USER=postgres \ - -e POSTGRES_PASSWORD=postgres \ - --health-cmd="pg_isready" \ - --health-interval="10s" \ - --health-timeout="5s" \ - --health-retries=5 \ - postgres:${{ matrix.postgres }} - - - name: Wait for PostgreSQL to be healthy - run: | - docker exec postgres sh -c 'until pg_isready -U postgres; do echo waiting for postgres; sleep 2; done; echo postgres is ready' - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: ${{ matrix.ruby }} - bundler-cache: true - - - name: Update Rails version - run: | - # Add the gem explicitly if it doesn't exist - if ! grep -q "gem ['\"]rails['\"]" Gemfile; then - echo 'gem "rails"' >> Gemfile - fi - - # Ensure the gem is on the latest version - ruby -pi -e "gsub(/gem ['\"]rails['\"](, *['\"].*['\"])?/, \"gem 'rails', '${{ matrix.rails }}'\")" Gemfile - bundle update - bundle install - bundle show rails - shell: bash - - - name: Test - run: ${{ inputs.test_commands }} diff --git a/.github/workflows/shared_meterpreter_acceptance.yml b/.github/workflows/shared_meterpreter_acceptance.yml index a5ead47544831..07ced4d2b6b12 100644 --- a/.github/workflows/shared_meterpreter_acceptance.yml +++ b/.github/workflows/shared_meterpreter_acceptance.yml @@ -66,34 +66,28 @@ jobs: strategy: fail-fast: false matrix: - os: - - macos-15-intel - - windows-2022 - - ubuntu-latest - ruby: - - '3.4' - meterpreter: - # Python - - { name: python, runtime_version: 3.8 } - - { name: python, runtime_version: 3.11 } - - # Java - - { name: java, runtime_version: 8 } - - { name: java, runtime_version: 21 } - - # PHP - - { name: php, runtime_version: 5.3 } - - { name: php, runtime_version: 7.4 } - - { name: php, runtime_version: 8.3 } include: # Windows Meterpreter - - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022 } - # TODO: Screenshotting behavior fails: - # - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2025 } - - # Mettle - - { meterpreter: { name: mettle }, os: macos-15-intel } - - { meterpreter: { name: mettle }, os: ubuntu-latest } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 1 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 2 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 3 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 4 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 5 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 6 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 7 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 8 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 9 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 10 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 11 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 12 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 13 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 14 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 15 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 16 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 17 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 18 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 19 } + - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022, run_id: 20 } runs-on: ${{ matrix.os }} @@ -357,8 +351,22 @@ jobs: # bundle exec rspec .\spec\acceptance # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried + shell: bash run: | - bundle exec rspec spec/acceptance/meterpreter_spec.rb + for i in $(seq 1 20); do + echo "--- Acceptance run $i ---" + bundle exec rspec spec/acceptance/meterpreter_spec.rb || true + if [ -d tmp/allure-raw-data ]; then + mv tmp/allure-raw-data tmp/allure-raw-data-run-$i + fi + done + # Merge all per-run directories back under tmp/allure-raw-data for the archive step + mkdir -p tmp/allure-raw-data + for i in $(seq 1 20); do + if [ -d tmp/allure-raw-data-run-$i ]; then + cp -r tmp/allure-raw-data-run-$i/. tmp/allure-raw-data/run-$i/ + fi + done working-directory: metasploit-framework - name: Archive results @@ -366,7 +374,7 @@ jobs: uses: actions/upload-artifact@v4 with: # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: raw-data-${{ matrix.meterpreter.name }}-${{ matrix.meterpreter.runtime_version }}-${{ matrix.os }} + name: raw-data-${{ matrix.meterpreter.name }}-${{ matrix.meterpreter.runtime_version }}-${{ matrix.os }}-${{ matrix.run_id }} path: metasploit-framework/tmp/allure-raw-data # Generate a final report from the previous test results diff --git a/.github/workflows/shared_smb_acceptance.yml b/.github/workflows/shared_smb_acceptance.yml deleted file mode 100644 index 7639a93b73425..0000000000000 --- a/.github/workflows/shared_smb_acceptance.yml +++ /dev/null @@ -1,195 +0,0 @@ -name: Shared SMB Acceptance -on: - workflow_call: - inputs: - # Defaults set as '' will use the current branch as their commit - metasploit_framework_commit: - description: "metasploit-framework commit to build with" - default: '' - required: false - type: string - build_smb: - description: "Whether or not to build ruby_smb" - default: false - required: false - type: boolean - -jobs: - smb: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - - env: - RAILS_ENV: test - SMB_USERNAME: acceptance_tests_user - SMB_PASSWORD: acceptance_tests_password - BUNDLE_WITHOUT: "coverage development pcap" - - name: SMB Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - # The job checkout structure is: - # . - # ├── metasploit-framework - # └── ruby_smb - - name: Checkout ruby_smb - uses: actions/checkout@v4 - with: - repository: rapid7/ruby_smb - path: ruby_smb - - - name: Get ruby_smb version - if: ${{ inputs.build_smb }} - run: | - echo "RUBY_SMB_VERSION=$(grep -oh '[0-9].[0-9].[0-9]*' lib/ruby_smb/version.rb)" | tee -a $GITHUB_ENV - working-directory: ruby_smb - - - name: Build ruby_smb gem - if: ${{ inputs.build_smb }} - run: | - gem build ruby_smb.gemspec - working-directory: ruby_smb - - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout metasploit-framework code - uses: actions/checkout@v4 - with: - repository: rapid7/metasploit-framework - path: metasploit-framework - ref: ${{ inputs.metasploit_framework_commit }} - - - name: Run docker container - working-directory: 'metasploit-framework' - run: | - cd test/smb - docker compose build - docker compose up --wait -d - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - working-directory: 'metasploit-framework' - - - name: Copy ruby_smb gem into metasploit-framework - if: ${{ inputs.build_smb }} - run: | - cp ../ruby_smb/ruby_smb-${{ env.RUBY_SMB_VERSION }}.gem . - working-directory: metasploit-framework - - - name: Install ruby_smb gem - if: ${{ inputs.build_smb }} - run: | - bundle exec gem install ruby_smb-${{ env.RUBY_SMB_VERSION }}.gem - bundle config unset deployment - bundle update ruby_smb - bundle install - working-directory: metasploit-framework - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: 'latest' - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/smb_spec.rb - working-directory: metasploit-framework - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: smb_acceptance-${{ matrix.os }} - path: metasploit-framework/tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - smb - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - repository: rapid7/metasploit-framework - path: metasploit-framework - ref: ${{ inputs.metasploit_framework_commit }} - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - working-directory: metasploit-framework - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - working-directory: metasploit-framework - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/smb_acceptance.yml b/.github/workflows/smb_acceptance.yml deleted file mode 100644 index e2ec45c868b08..0000000000000 --- a/.github/workflows/smb_acceptance.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: SMB Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**smb**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - build: - uses: ./.github/workflows/shared_smb_acceptance.yml diff --git a/.github/workflows/ssh_acceptance.yml b/.github/workflows/ssh_acceptance.yml deleted file mode 100644 index 03db162dcff96..0000000000000 --- a/.github/workflows/ssh_acceptance.yml +++ /dev/null @@ -1,171 +0,0 @@ -name: SSH Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metasploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**ssh**' - - 'lib/metasploit/framework/tcp/**' - - 'lib/metasploit/framework/login_scanner/**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - ssh: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - - env: - RAILS_ENV: test - SSH_USERNAME: acceptance_tests_user - SSH_PASSWORD: acceptance_tests_password - BUNDLE_WITHOUT: "coverage development pcap" - - name: SSH Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run docker container - working-directory: 'test/ssh' - run: | - docker compose build - docker compose up --wait -d - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: 'latest' - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/ssh_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: ssh-acceptance-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - ssh - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '3.2' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml deleted file mode 100644 index 33c4438b00717..0000000000000 --- a/.github/workflows/verify.yml +++ /dev/null @@ -1,119 +0,0 @@ -name: Verify - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - - weekly-dependency-updates - pull_request: - branches-ignore: - - weekly-dependency-updates - -jobs: - build: - runs-on: ubuntu-latest - timeout-minutes: 60 - name: Docker Build - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: docker-compose build - run: | - docker compose build - - test: - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - - services: - postgres: - image: postgres:9.6 - ports: ["5432:5432"] - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - options: >- - --health-cmd "pg_isready --username postgres" - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - - '3.3' - - '3.4' - os: - - ubuntu-latest - include: - - os: ubuntu-latest - ruby: '3.2' - test_cmd: 'bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" MSF_FEATURE_DEFER_MODULE_LOADS=1' - test_cmd: - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" - # Used for testing the remote data service - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1 - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" REMOTE_DB=1 - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - # https://github.com/orgs/community/discussions/26952 - - name: Support longpaths - if: runner.os == 'Windows' - run: git config --system core.longpaths true - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Create database - run: | - cp config/database.yml.github_actions config/database.yml - bundle exec rake --version - bundle exec rake db:create - bundle exec rake db:migrate - # fail build if db/schema.rb update is not committed - git diff --exit-code db/schema.rb - - - name: ${{ matrix.test_cmd }} - run: | - echo "${CMD}" - bash -c "${CMD}" - env: - CMD: ${{ matrix.test_cmd }} diff --git a/.github/workflows/weekly-data-and-external-tool-updater.yml b/.github/workflows/weekly-data-and-external-tool-updater.yml deleted file mode 100644 index 8fe9673e92533..0000000000000 --- a/.github/workflows/weekly-data-and-external-tool-updater.yml +++ /dev/null @@ -1,98 +0,0 @@ -name: Weekly Data and External Tool Updater - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: write - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: write - repository-projects: none - security-events: none - statuses: none - -on: - schedule: - # Run once a week (e.g., every Monday at 01:00 UTC) - - cron: '0 1 * * 1' - workflow_dispatch: # Allows manual triggering from the Actions tab - -jobs: - update-data-files: - runs-on: ubuntu-latest - - if: github.repository_owner == 'rapid7' - - env: - BUNDLE_WITHOUT: "coverage development pcap" - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - - steps: - - name: Install system dependencies - run: sudo apt-get install libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Run Ruby updater scripts - run: | - ruby tools/dev/update_wordpress_vulnerabilities.rb - ruby tools/dev/update_joomla_components.rb - ruby tools/dev/update_user_agent_strings.rb - ruby tools/dev/check_external_scripts.rb -u - - name: Remove vendor folder # prevent git from adding it - run: rm -rf vendor - - - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: Update report - base: master - branch: weekly-updates - committer: github-actions[bot] - author: github-actions[bot] - title: "Weekly Data Update" - draft: false - body: | - This pull request was created automatically by a GitHub Action to update data files and external scripts. - The following tools were run: - - ruby tools/dev/update_wordpress_vulnerabilities.rb - - ruby tools/dev/update_joomla_components.rb - - ruby tools/dev/update_user_agent_strings.rb - - ruby tools/dev/check_external_scripts.rb -u - ## Verification - ### Wordpress/Joomla Files - - [ ] Do a sanity check, do the additions look legit? - - [ ] Start `msfconsole` - - [ ] `use modules/auxiliary/scanner/http/wordpress_scanner` - - [ ] **Verify** it runs - ### JTR Files - - [ ] Do a sanity check, do the additions look legit? - - [ ] See https://docs.metasploit.com/docs/using-metasploit/intermediate/hashes-and-password-cracking.html#example-hashes for hashes and cracking - ### SharpHound - - [ ] Start `msfconsole` - - [ ] get a shell on a DC or box connected to a dc - - [ ] `use post/windows/gather/bloodhound` - - [ ] `set session` - - [ ] `run` - - [ ] **Verify** it runs w/o erroring - - [ ] `set method disk` - - [ ] **Verify** it runs w/o erroring diff --git a/.github/workflows/weekly-dependencies-pr.yml b/.github/workflows/weekly-dependencies-pr.yml deleted file mode 100644 index d529c93d5a494..0000000000000 --- a/.github/workflows/weekly-dependencies-pr.yml +++ /dev/null @@ -1,69 +0,0 @@ -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - # This action can update/close issues - issues: write - discussions: none - packages: none - pages: none - pull-requests: write - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches: - - weekly-dependency-updates - paths: - - 'Gemfile.lock' - -name: Weekly dependency PR workflow - -jobs: - create-pull-request: - runs-on: ubuntu-latest - steps: - - name: Create Pull Request - uses: actions/github-script@v6 - with: - script: | - const { repo, owner } = context.repo; - console.log('repo:'); - console.log(JSON.stringify(repo, null, 4)); - console.log('owner:'); - console.log(JSON.stringify(owner, null, 4)); - const hasPR = await github.rest.pulls.list({ - owner, - repo, - head: owner + ':' + '${{ github.ref_name }}' - }); - console.log('hasPR:'); - console.log(JSON.stringify({ data: hasPR.data, status: hasPR.status }, null, 4)); - if (Array.isArray(hasPR.data) && !hasPR.data.length) { - const result = await github.rest.pulls.create({ - title: 'Weekly dependency updates', - owner, - repo, - head: '${{ github.ref_name }}', - base: 'master', - body: [ - 'This PR is auto-generated by [actions/github-script](https://github.com/actions/github-script). ', - '`bundle update` revealed the following gems have new version to be evaluated for update.' - ].join('\n') - }); - console.log('result:'); - console.log(JSON.stringify({ data: result.data, status: result.status }, null, 4)); - const labelResult = await github.rest.issues.addLabels({ - owner, - repo, - issue_number: result.data.number, - labels: ['automation', 'rn-no-release-notes'] - }); - console.log('labelResult:'); - console.log(JSON.stringify({ data: labelResult.data, status: labelResult.status }, null, 4)); - } diff --git a/Gemfile.lock b/Gemfile.lock index 7c45ad9595080..cf29a41009a81 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -61,7 +61,7 @@ PATH metasploit-concern metasploit-credential (>= 6.0.21) metasploit-model - metasploit-payloads (= 2.0.246.pre.7) + metasploit-payloads (= 2.0.246.pre.9) metasploit_data_models (>= 6.0.15) metasploit_payloads-mettle (= 1.0.48.pre.3) mqtt @@ -369,7 +369,7 @@ GEM drb mutex_m railties (>= 7.0, < 8.1) - metasploit-payloads (2.0.246.pre.7) + metasploit-payloads (2.0.246.pre.9) metasploit_data_models (6.0.18) activerecord (>= 7.0, < 8.1) activesupport (>= 7.0, < 8.1) diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec index efd66fd6aafc8..52349ed678b74 100644 --- a/metasploit-framework.gemspec +++ b/metasploit-framework.gemspec @@ -74,7 +74,7 @@ Gem::Specification.new do |spec| # are needed when there's no database spec.add_runtime_dependency 'metasploit-model' # Needed for Meterpreter - spec.add_runtime_dependency 'metasploit-payloads', '2.0.246.pre.7' + spec.add_runtime_dependency 'metasploit-payloads', '2.0.246.pre.9' # Needed for the next-generation POSIX Meterpreter spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.48.pre.3' # Needed by msfgui and other rpc components diff --git a/spec/allure_config.rb b/spec/allure_config.rb index 84b0e33a9f7a2..f6b0c9a99afcc 100644 --- a/spec/allure_config.rb +++ b/spec/allure_config.rb @@ -2,6 +2,21 @@ require "active_support" require "active_support/core_ext/object" +# Print allure attachments to stdout so they are visible in CI logs without needing the allure report +module AllureStdoutPrinter + def add_attachment(name:, source:, type:, test_case: true) + separator = '-' * 60 + $stdout.puts "\n#{separator}" + $stdout.puts "ALLURE ATTACHMENT: #{name}" + $stdout.puts separator + $stdout.puts source.to_s + $stdout.puts separator + $stdout.flush + super + end +end +Allure.singleton_class.prepend(AllureStdoutPrinter) + AllureRspec.configure do |config| config.results_directory = "tmp/allure-raw-data" config.clean_results_directory = true diff --git a/spec/support/acceptance/session/windows_meterpreter.rb b/spec/support/acceptance/session/windows_meterpreter.rb index a223c0acb6c92..2b8786792bfa9 100644 --- a/spec/support/acceptance/session/windows_meterpreter.rb +++ b/spec/support/acceptance/session/windows_meterpreter.rb @@ -3,24 +3,6 @@ module Acceptance::Session::WindowsMeterpreter WINDOWS_METERPRETER = { payloads: [ - { - name: "windows/meterpreter/reverse_tcp", - extension: ".exe", - platforms: [:windows], - execute_cmd: ["${payload_path}"], - executable: true, - generate_options: { - '-f': "exe" - }, - datastore: { - global: {}, - module: { - # Not supported by Windows Meterpreter - # MeterpreterTryToFork: false, - MeterpreterDebugBuild: true - } - } - }, { name: "windows/x64/meterpreter/reverse_tcp", extension: ".exe", @@ -41,326 +23,6 @@ module Acceptance::Session::WindowsMeterpreter } ], module_tests: [ - { - name: "post/test/services", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Windows only test" - } - ], - [ - :osx, - { - skip: true, - reason: "Windows only test" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/cmd_exec", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/extapi", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/file", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/get_env", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/meterpreter", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/railgun", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/railgun_reverse_lookups", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/registry", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Windows only test" - } - ], - [ - :osx, - { - skip: true, - reason: "Windows only test" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, - { - name: "post/test/search", - platforms: [ - [ - :linux, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - [ - :osx, - { - skip: true, - reason: "Payload not compiled for platform" - } - ], - :windows - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } - }, { name: "post/test/socket_channels", platforms: [:linux, :osx, :windows], @@ -382,32 +44,6 @@ module Acceptance::Session::WindowsMeterpreter ] } } - }, - { - name: "post/test/unix", - platforms: [ - :linux, - :osx, - [ - :windows, - { - skip: true, - reason: "Unix only test" - } - ] - ], - skipped: false, - lines: { - linux: { - known_failures: [] - }, - osx: { - known_failures: [] - }, - windows: { - known_failures: [] - } - } } ] }