Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use `#tr` instead of `#gsub` in Journey scanner #17257



Copy link

commented Oct 14, 2014

#tr is more efficient than #gsub and can be used as a drop in
replacement in this context.

enhance #17220

Use `#tr` instead of `#gsub`
`#tr` is more efficient than `#gsub` and can be used as a drop in
replacement in this context.

spastorino added a commit that referenced this pull request Oct 15, 2014

Merge pull request #17257 from Bounga/use_tr_instead_of_gsub_in_journ…

Use `#tr` instead of `#gsub` in Journey scanner

@spastorino spastorino merged commit 538c976 into rails:master Oct 15, 2014

1 check failed

continuous-integration/travis-ci The Travis CI build could not complete due to an error

This comment has been minimized.

Copy link

commented Oct 15, 2014

@Bounga Out of curiosity, I'd like to know more about how (and how much) tr is more efficient than gsub. Can you point me somewhere? 😃

@Bounga Bounga deleted the Bounga:use_tr_instead_of_gsub_in_journey_scanner branch Oct 15, 2014


This comment has been minimized.

Copy link
Contributor Author

commented Oct 15, 2014

@claudiob according to many benchmarks when you want to replace a single character (no regexp) by another one then tr is much more efficient than gsub. gsub is designed to be used with regexp and much more complex replacements.

Here is a good example: but I'm pretty sure you can find more benchmarks and blog posts about this topic. I'm not a big fan of benchmarks because it really depends on the context and how you're going to use the method / algorithm.

In the case of tr I am convinced it was implemented especially for this kind of simple operation where gsub is designed for more complex cases with regexp and multiple characters replacement in a single call.

If you find yourself chaining multiple tr then you can start thinking of a rewrite using gsub.

Hope it answer (partially) to you curiosity.

luisfcolon added a commit to luisfcolon/metasploit-framework that referenced this pull request Sep 25, 2018

Updating my fork (#1)
* Add Ghostscript failed restore exploit

* Eschew updating imagemagick_delegate

The hype is over, and the target was provided as a bonus. Now update the
module language to reflect that.

* Refactor targets to align with current style

* Add Linux dropper target

* Add module doc

* automatic module_metadata_base.json update

* Cleanup for foxit_reader_uaf

* automatic module_metadata_base.json update

* Refactor SSH mixins and update modules

* hash_dump now working properly up to Mac OS X High Sierra (10.13.6 included)

* automatic module_metadata_base.json update

* struts2_namespace_ognl updates from code review

Thanks to @wvu, @FireFart, and @wchen!

* added function to grab and store user and passwd

* Weekly dependency update

* modified doc to reflect new output

* modified line in scenarios output

* Address travis errors: Updated metadata and target OS logic

* Condense note transformation inside mod_meta_common

* Use a 'reduce' to transform notes

* Use a string hash key for documentation

* Refactor initialization of module's notes attribute

* Handling for Tomcat namespace issues, 'allowStaticMethodAccess' settings, and payload output

Depending on the configuration of the Tomcat server, `allowStaticMethodAccess` may already be set.  We now try to detect this as part of `profile_target`.  But that check might fail.  If so, we'll try our best and let the user control whether we prepend OGNL to enable `allowStaticMethodAccess` via the 'ENABLE_OGNL' option.

Additionally, sometimes enabling `allowStaticMethodAccess` will cause the OGNL query to fail.

Additionally additionally, some Tomcat configurations won't provide output from the payload.  We'll detect that the payload ran successfully, but tell the user there was no output.

* storing config file, changed regex

* modified regex lines

* Quote-block cleanup and improved error handling

* Fixup reverse_ord_tcp docs

* DRY up doc generator

* Add CVE reference to ghostscript_failed_restore.rb

* Move CVE ref to top as per ~standard~

* Make some small changes:

Changes made:

* DisclosureDate
* Privileged to false
* Remove gsub for ';'
* Set cmd/unix/generic as the default payload for ARCH_CMD (linux)

* automatic module_metadata_base.json update

* automatic module_metadata_base.json update

* fix pathing in mremoteng

* vi loves tabs but i dont

* save as xml since it is

* save xml files as xml

* automatic module_metadata_base.json update

* Normalize loot type OID

1. Include the vendor, product, and technology
2. Content type is already reported, extension changed
3. Original filename including extension is also reported

Can we get some sort of standard on the OID?

* automatic module_metadata_base.json update

* Fix store_loot OID

It's supposed to be a loot type, not the filename (now stored).

* automatic module_metadata_base.json update

* automatic module_metadata_base.json update

* automatic module_metadata_base.json update

* Fix crash when using sessions -x

* Fix Msf::Post::Solaris::Kernel class name

* Add Solaris libnspr NSPR_LOG_FILE Privilege Escalation module

* Check WritableDir is writable

* add gcc path for solaris

* Add ForceExploit option

* Minor fixups for `grep`

Use Shellwords to join words that have been shellsplit and will be
shellsplit again, and correctly reference a missing command name.

* Relocate option parsing error handling up a level

* Add mode to Shell#run_single to re-raise errors

* Add `repeat` command to loop msfconsole commands

* Replace 'and' with '&&'

* Update heartbleed description to mention `repeat`

* Fix missing exception capture

* Add SMB2 support to smb_enumshares

* Add check for Solaris system patches

* add chmod tab completion

* automatic module_metadata_base.json update

* Update warning message when loading mimikatz on new OSes

* Update description with correct patched release

* Fix Msf::Post::Solaris::System pidof method

* Cleanup is_root? method for Linux::Priv / Solaris::Priv

* automatic module_metadata_base.json update

* Typo fixes

* Print help when `repeat` is run with no commands

* Weekly dependency update

* first attempt at srsexec

* debugging srsexec

* move gather to escalate

* Add metadata for

* Undo metadata change for

* Revert doc changes to exploit.rb autofilter

I think the changes might have been accidental.


* Check DB is active before querying sessions

* Warn user about inactive sessions without DB

* srsexec working properly

* Remember to assign `self.prompt` in shell.rb

Not everything updates the prompt all the time, make them feel welcome.

* WIP: Initial CVE-2018-8440 / ALPC-TaskSched-LPE

* Refactor cmd_shell and add cmd_shell_{help,tabs}

* finish srsexec add docs

* msftidy

* Initial metadata setup

* use tr instead of gsub


* remove redundant hash merge

* use max instead of sort_by { |p| p.size }.last

`sort_by { |p| p.size }.last` is less readable compared to just using the `max` method

I believe this does basicall the exact same thing, ontop of being much faster in my micro benchmark.

The old method was, something like, 8 times slower.

* Leave notes type as a plain hash

* Consolidate notes reference in erb templates

* Upcase all the things

* Redo dllinjection

* changes from first review

* Add writable? method to Msf::Post::File - Fix rapid7#10644

* fix travis issues

* Update gcc path

* Fix links to https://

I have no idea how this happened in my own code. I was seeing https://.

* add ios blur dos module

* Update gcc path for Solaris

* improve div tags

* update description

* Update gcc path for Solaris

* Add check for Solaris system patch revision

* Background payload execution

* use max instead of sort[-1]

* use tr instead of gsub

* use delete! insteas of gsub

* use tr instead of gsub

* use tr insteas of gsub

* Add references, clean up code.

* deregister_options RHOSTS

* getting user credentials

* automatic module_metadata_base.json update

* Updated VS solution and module

* install docker-compose manually

* comment better

* deregister RHOSTS as well

* automatic module_metadata_base.json update

* Add Solaris 'EXTREMEPARR' dtappgather Privilege Escalation module

* Fix issue when kill a non-existent job.

* Fix issue when kill a job with non-integer jobid

* Add a comment

* Move AKA reference to Notes hash

* Fix crash issue when auto complete the session option.

* added documentation for module

* removed remaining line from template

* storing user credentials

* changed wording and line numbers

* added check for valid apikey, changed available?

* randomize number, use vars_get

* changed available? expression

* renamed/relocated files, changed uri

* Use System Directory

* Specific target, add process option

* use max_by &:size instead of max

this should fix the issue in the PR

* Add documentation

* Added description to module

* changed location of dolibarr module/documentation

* automatic module_metadata_base.json update

* automatic module_metadata_base.json update

* Update documentation

* automatic module_metadata_base.json update

* Inject Payload to Memory First

* Remove uploading payload dll to disk

* Rename Pimcore and Dolibarr SQLi modules

* automatic module_metadata_base.json update

* Add spec test for cmd_set_tabs.

* Remove unused code

* Remove additional unused code

* Weekly dependency update

* Fix remaining typos

* automatic module_metadata_base.json update

* update mettle version

* Update Payload cached sizes

* automatic module_metadata_base.json update

* Add LEAK_COUNT option to Heartbleed

I should have done this in 2014, but I'm a slacker.

* print when not verbose

* automatic module_metadata_base.json update

* automatic module_metadata_base.json update

* Prefer to_s over || ''

Oops, I wasn't thinking clearly. to_s is cleaner.

* Prefer to_s.empty?

Oh, hell, do it here, too.

* automatic module_metadata_base.json update

* Remove stray quote from raise in writable? method

Didn't break the string but looked funny.

* Fix NameError in cmd_shell due to renamed variable

I missed this while refactoring. I didn't use the var after all. :'(

* Prefer ye olde TeX-style quotes

This was @bcoles' initial commit. I agree. Looks good with the raise.

* Update documentation

* Move setup info, remove accessors

* Msftidy

* Code cleanup, feedback from bcoles

* Create credential table.

* Create credential table.

* Update documentation to match new output.

* specify meterpreter, update documentation

Warning is after spell...

* automatic module_metadata_base.json update

* Add pry command to Meterpreter

* Add pry -h

* Print nicely about what object you're in

* Update tested versions

* automatic module_metadata_base.json update

* Improve the context to be more percise.

* automatic module_metadata_base.json update

* Add documentation for rapid7#10652

* fix typo

* automatic module_metadata_base.json update

* fix user enumeration methods, be more robust

* use non-system users for hashdump

* automatic module_metadata_base.json update

* Fix undefined method `session` issue, thx wchen-r7

* Add require readline to fix uninit issue.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
3 participants
You can’t perform that action at this time.