Permalink
Browse files

Prefer Ruby style for single word collections

According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.

This change converts all Payloads to this format if there is more than
one payload to choose from.

It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.

See:
  https://github.com/bbatsov/ruby-style-guide#collections
  • Loading branch information...
1 parent 081c279 commit c547e84fa71cf30847a53431f68ec26f08f03700 @todb-r7 todb-r7 committed Sep 24, 2013
Showing with 140 additions and 140 deletions.
  1. +1 −1 modules/exploits/hpux/lpd/cleanup_exec.rb
  2. +1 −1 modules/exploits/irix/lpd/tagprinter_exec.rb
  3. +1 −1 modules/exploits/linux/http/dlink_diagnostic_exec_noauth.rb
  4. +1 −1 modules/exploits/linux/http/dlink_dir615_up_exec.rb
  5. +1 −1 modules/exploits/linux/http/dlink_upnp_exec_noauth.rb
  6. +1 −1 modules/exploits/linux/http/dolibarr_cmd_exec.rb
  7. +1 −1 modules/exploits/linux/http/dreambox_openpli_shell.rb
  8. +1 −1 modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb
  9. +1 −1 modules/exploits/linux/http/linksys_e1500_apply_exec.rb
  10. +1 −1 modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb
  11. +1 −1 modules/exploits/linux/http/linksys_wrt54gl_apply_exec.rb
  12. +1 −1 modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb
  13. +1 −1 modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb
  14. +1 −1 modules/exploits/linux/http/webcalendar_settings_exec.rb
  15. +1 −1 modules/exploits/linux/local/zpanel_zsudo.rb
  16. +1 −1 modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb
  17. +1 −1 modules/exploits/linux/samba/setinfopolicy_heap.rb
  18. +1 −1 modules/exploits/multi/browser/firefox_svg_plugin.rb
  19. +1 −1 modules/exploits/multi/browser/firefox_xpi_bootstrapped_addon.rb
  20. +1 −1 modules/exploits/multi/browser/java_atomicreferencearray.rb
  21. +1 −1 modules/exploits/multi/browser/java_calendar_deserialize.rb
  22. +1 −1 modules/exploits/multi/browser/java_getsoundbank_bof.rb
  23. +1 −1 modules/exploits/multi/browser/java_jre17_driver_manager.rb
  24. +1 −1 modules/exploits/multi/browser/java_jre17_exec.rb
  25. +1 −1 modules/exploits/multi/browser/java_jre17_glassfish_averagerangestatisticimpl.rb
  26. +1 −1 modules/exploits/multi/browser/java_jre17_jaxws.rb
  27. +1 −1 modules/exploits/multi/browser/java_jre17_jmxbean.rb
  28. +1 −1 modules/exploits/multi/browser/java_jre17_jmxbean_2.rb
  29. +1 −1 modules/exploits/multi/browser/java_jre17_method_handle.rb
  30. +1 −1 modules/exploits/multi/browser/java_jre17_provider_skeleton.rb
  31. +1 −1 modules/exploits/multi/browser/java_jre17_reflection_types.rb
  32. +1 −1 modules/exploits/multi/browser/java_rhino.rb
  33. +1 −1 modules/exploits/multi/browser/java_setdifficm_bof.rb
  34. +1 −1 modules/exploits/multi/browser/java_signed_applet.rb
  35. +1 −1 modules/exploits/multi/browser/java_storeimagearray.rb
  36. +1 −1 modules/exploits/multi/browser/java_trusted_chain.rb
  37. +1 −1 modules/exploits/multi/browser/java_verifier_field_access.rb
  38. +1 −1 modules/exploits/multi/fileformat/maple_maplet.rb
  39. +1 −1 modules/exploits/multi/fileformat/peazip_command_injection.rb
  40. +1 −1 modules/exploits/multi/handler.rb
  41. +1 −1 modules/exploits/multi/http/ajaxplorer_checkinstall_exec.rb
  42. +1 −1 modules/exploits/multi/http/auxilium_upload_exec.rb
  43. +1 −1 modules/exploits/multi/http/axis2_deployer.rb
  44. +1 −1 modules/exploits/multi/http/eaton_nsm_code_exec.rb
  45. +1 −1 modules/exploits/multi/http/familycms_less_exec.rb
  46. +1 −1 modules/exploits/multi/http/gitorious_graph.rb
  47. +1 −1 modules/exploits/multi/http/horde_href_backdoor.rb
  48. +1 −1 modules/exploits/multi/http/hp_sitescope_uploadfileshandler.rb
  49. +1 −1 modules/exploits/multi/http/jboss_bshdeployer.rb
  50. +1 −1 modules/exploits/multi/http/jboss_deploymentfilerepository.rb
  51. +1 −1 modules/exploits/multi/http/jboss_invoke_deploy.rb
  52. +1 −1 modules/exploits/multi/http/jboss_maindeployer.rb
  53. +1 −1 modules/exploits/multi/http/manageengine_search_sqli.rb
  54. +1 −1 modules/exploits/multi/http/mobilecartly_upload_exec.rb
  55. +1 −1 modules/exploits/multi/http/mutiny_subnetmask_exec.rb
  56. +1 −1 modules/exploits/multi/http/op5_welcome.rb
  57. +1 −1 modules/exploits/multi/http/openfire_auth_bypass.rb
  58. +1 −1 modules/exploits/multi/http/phptax_exec.rb
  59. +1 −1 modules/exploits/multi/http/plone_popen2.rb
  60. +1 −1 modules/exploits/multi/http/qdpm_upload_exec.rb
  61. +1 −1 modules/exploits/multi/http/sflog_upload_exec.rb
  62. +1 −1 modules/exploits/multi/http/snortreport_exec.rb
  63. +1 −1 modules/exploits/multi/http/sonicwall_gms_upload.rb
  64. +1 −1 modules/exploits/multi/http/splunk_mappy_exec.rb
  65. +1 −1 modules/exploits/multi/http/splunk_upload_app_exec.rb
  66. +1 −1 modules/exploits/multi/http/spree_search_exec.rb
  67. +1 −1 modules/exploits/multi/http/spree_searchlogic_exec.rb
  68. +1 −1 modules/exploits/multi/http/struts_code_exec.rb
  69. +1 −1 modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
  70. +1 −1 modules/exploits/multi/http/struts_code_exec_parameters.rb
  71. +1 −1 modules/exploits/multi/http/struts_default_action_mapper.rb
  72. +1 −1 modules/exploits/multi/http/struts_include_params.rb
  73. +1 −1 modules/exploits/multi/http/stunshell_exec.rb
  74. +1 −1 modules/exploits/multi/http/tomcat_mgr_deploy.rb
  75. +1 −1 modules/exploits/multi/http/v0pcr3w_exec.rb
  76. +1 −1 modules/exploits/multi/http/zenworks_control_center_upload.rb
  77. +1 −1 modules/exploits/multi/misc/batik_svg_java.rb
  78. +1 −1 modules/exploits/multi/misc/hp_vsa_exec.rb
  79. +1 −1 modules/exploits/multi/misc/indesign_server_soap.rb
  80. +1 −1 modules/exploits/multi/misc/java_rmi_server.rb
  81. +1 −1 modules/exploits/multi/misc/pbot_exec.rb
  82. +1 −1 modules/exploits/multi/misc/ra1nx_pubcall_exec.rb
  83. +1 −1 modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb
  84. +1 −1 modules/exploits/multi/realserver/describe.rb
  85. +1 −1 modules/exploits/multi/sap/sap_mgmt_con_osexec_payload.rb
  86. +1 −1 modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb
  87. +1 −1 modules/exploits/multi/sap/sap_soap_rfc_sxpg_command_exec.rb
  88. +1 −1 modules/exploits/multi/ssh/sshexec.rb
  89. +1 −1 modules/exploits/multi/svn/svnserve_date.rb
  90. +1 −1 modules/exploits/osx/browser/safari_file_policy.rb
  91. +1 −1 modules/exploits/solaris/lpd/sendmail_exec.rb
  92. +1 −1 modules/exploits/solaris/sunrpc/sadmind_exec.rb
  93. +1 −1 modules/exploits/solaris/sunrpc/ypupdated_exec.rb
  94. +1 −1 modules/exploits/solaris/telnet/fuser.rb
  95. +1 −1 modules/exploits/solaris/telnet/ttyprompt.rb
  96. +1 −1 modules/exploits/unix/local/setuid_nmap.rb
  97. +1 −1 modules/exploits/unix/webapp/basilic_diff_exec.rb
  98. +1 −1 modules/exploits/unix/webapp/guestbook_ssi_exec.rb
  99. +1 −1 modules/exploits/unix/webapp/havalite_upload_exec.rb
  100. +1 −1 modules/exploits/unix/webapp/libretto_upload_exec.rb
  101. +1 −1 modules/exploits/unix/webapp/mitel_awc_exec.rb
  102. +1 −1 modules/exploits/unix/webapp/nagios3_history_cgi.rb
  103. +1 −1 modules/exploits/unix/webapp/narcissus_backend_exec.rb
  104. +1 −1 modules/exploits/unix/webapp/oracle_vm_agent_utl.rb
  105. +1 −1 modules/exploits/unix/webapp/projectpier_upload_exec.rb
  106. +1 −1 modules/exploits/windows/browser/java_basicservice_impl.rb
  107. +1 −1 modules/exploits/windows/browser/java_cmm.rb
  108. +1 −1 modules/exploits/windows/http/oracle_btm_writetofile.rb
  109. +1 −1 modules/exploits/windows/http/zenworks_uploadservlet.rb
  110. +1 −1 modules/payloads/singles/generic/debug_trap.rb
  111. +1 −1 modules/payloads/singles/generic/tight_loop.rb
  112. +1 −1 modules/payloads/singles/java/jsp_shell_bind_tcp.rb
  113. +1 −1 modules/payloads/singles/java/jsp_shell_reverse_tcp.rb
  114. +1 −1 modules/post/multi/escalate/cups_root_file_read.rb
  115. +1 −1 modules/post/multi/escalate/metasploit_pcaplog.rb
  116. +1 −1 modules/post/multi/gather/apple_ios_backup.rb
  117. +1 −1 modules/post/multi/gather/dns_bruteforce.rb
  118. +1 −1 modules/post/multi/gather/dns_reverse_lookup.rb
  119. +1 −1 modules/post/multi/gather/dns_srv_lookup.rb
  120. +1 −1 modules/post/multi/gather/enum_vbox.rb
  121. +1 −1 modules/post/multi/gather/env.rb
  122. +1 −1 modules/post/multi/gather/fetchmailrc_creds.rb
  123. +1 −1 modules/post/multi/gather/filezilla_client_cred.rb
  124. +1 −1 modules/post/multi/gather/find_vmx.rb
  125. +1 −1 modules/post/multi/gather/firefox_creds.rb
  126. +1 −1 modules/post/multi/gather/gpg_creds.rb
  127. +1 −1 modules/post/multi/gather/multi_command.rb
  128. +1 −1 modules/post/multi/gather/netrc_creds.rb
  129. +1 −1 modules/post/multi/gather/pidgin_cred.rb
  130. +1 −1 modules/post/multi/gather/ping_sweep.rb
  131. +1 −1 modules/post/multi/gather/skype_enum.rb
  132. +1 −1 modules/post/multi/gather/ssh_creds.rb
  133. +1 −1 modules/post/multi/gather/thunderbird_creds.rb
  134. +1 −1 modules/post/multi/general/close.rb
  135. +1 −1 modules/post/multi/general/execute.rb
  136. +1 −1 modules/post/multi/manage/multi_post.rb
  137. +1 −1 modules/post/multi/manage/record_mic.rb
  138. +1 −1 modules/post/multi/manage/sudo.rb
  139. +1 −1 modules/post/multi/manage/system_session.rb
  140. +1 −1 modules/post/windows/gather/resolve_hosts.rb
@@ -35,7 +35,7 @@ def initialize(info = {})
[ 'URL', 'http://archives.neohapsis.com/archives/hp/2002-q3/0064.html'],
],
- 'Platform' => [ 'unix', 'hpux' ],
+ 'Platform' => %w{ hpux unix },
'Arch' => ARCH_CMD,
'Payload' =>
{
@@ -28,7 +28,7 @@ def initialize(info = {})
['URL', 'http://www.lsd-pl.net/code/IRIX/irx_lpsched.c'],
],
'Privileged' => false,
- 'Platform' => ['unix', 'irix'],
+ 'Platform' => %w{ irix unix },
'Arch' => ARCH_CMD,
'Payload' =>
{
@@ -47,7 +47,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Mar 05 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -43,7 +43,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Feb 07 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -41,7 +41,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Jul 05 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true,
@@ -40,7 +40,7 @@ def initialize(info={})
{
'PayloadType' => 'cmd'
},
- 'Platform' => ['unix', 'linux'],
+ 'Platform' => %w{ linux unix },
'Targets' =>
[
# Older versions are probably also vulnerable according to
@@ -35,7 +35,7 @@ def initialize(info = {})
[ 'URL', 'http://openpli.org/wiki/Webif' ],
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-007' ]
],
- 'Platform' => ['unix', 'linux'],
+ 'Platform' => %w{ linux unix },
'Arch' => ARCH_CMD,
'Privileged' => true,
'Payload' =>
@@ -51,7 +51,7 @@ def initialize(info={})
# Based on the default Ubuntu 10.04 VM appliance
'RequiredCmd' => 'generic telnet netcat perl python'
},
- 'Platform' => ['unix', 'linux'],
+ 'Platform' => %w{ linux unix },
'Targets' =>
[
['GroundWork 6.7.0', {}]
@@ -40,7 +40,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Feb 05 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -42,7 +42,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Feb 11 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -42,7 +42,7 @@ module since it modifies the router configuration while exploitation, even when
],
'DisclosureDate' => 'Jan 18 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -42,7 +42,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Feb 06 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -42,7 +42,7 @@ def initialize(info = {})
],
'DisclosureDate' => 'Feb 15 2013',
'Privileged' => true,
- 'Platform' => ['linux','unix'],
+ 'Platform' => %w{ linux unix },
'Payload' =>
{
'DisableNops' => true
@@ -34,7 +34,7 @@ def initialize(info={})
['EDB', '18775']
],
'Arch' => ARCH_CMD,
- 'Platform' => ['unix', 'linux'],
+ 'Platform' => %w{ linux unix },
'Compat' =>
{
'PayloadType' => 'cmd'
@@ -29,7 +29,7 @@ def initialize(info={})
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r', 'juan vazquez' ],
'DisclosureDate' => 'Jun 07 2013',
- 'Platform' => [ 'unix', 'linux'],
+ 'Platform' => %w{ linux unix },
'Arch' => [ ARCH_CMD, ARCH_X86 ],
'SessionTypes' => [ 'shell', 'meterpreter' ],
'Targets' =>
@@ -38,7 +38,7 @@ def initialize(info = {})
[ 'URL', 'https://community.rapid7.com/thread/2253' ]
],
'DisclosureDate' => 'Feb 7 2011',
- 'Platform' => [ 'unix','linux'],
+ 'Platform' => %w{ linux unix },
'Arch' => ARCH_CMD,
'Payload' =>
{
@@ -54,7 +54,7 @@ def initialize(info = {})
'DisableNops' => true,
'Space' => 600,
},
- 'Platform' => ['unix', 'linux'],
+ 'Platform' => %w{ linux unix },
# smbd process is killed soon after being exploited, need fork with meterpreter
'DefaultOptions' => { "PrependSetreuid" => true, "PrependSetregid" => true, "PrependFork" => true, "AppendExit" => true, "WfsDelay" => 5},
'Targets' =>
@@ -37,7 +37,7 @@ def initialize(info = {})
[
[ 'Automatic',
{
- 'Platform' => ['win', 'linux', 'osx'],
+ 'Platform' => %w{ linux osx win },
'Arch' => ARCH_X86
}
],
@@ -39,7 +39,7 @@ def initialize( info = {} )
[ 'URL', 'http://dvlabs.tippingpoint.com/blog/2007/06/27/xpi-the-next-malware-vector' ]
],
'DisclosureDate' => 'Jun 27 2007',
- 'Platform' => [ 'java', 'win', 'osx', 'linux', 'solaris' ],
+ 'Platform' => %w{ java linux osx solaris win },
'Payload' => { 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -46,7 +46,7 @@ def initialize( info = {} )
['URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0507'],
['URL', 'https://community.rapid7.com/community/metasploit/blog/2012/03/29/cve-2012-0507--java-strikes-again']
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux', 'solaris' ],
+ 'Platform' => %w{ java linux osx solaris win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -42,7 +42,7 @@ def initialize( info = {} )
[ 'URL', 'http://blog.cr0.org/2009/05/write-once-own-everyone.html' ],
[ 'URL', 'http://sunsolve.sun.com/search/document.do?assetkey=1-26-244991-1' ]
],
- 'Platform' => [ 'win', 'osx', 'linux', 'solaris' ],
+ 'Platform' => %w{ linux osx solaris win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -60,7 +60,7 @@ def initialize(info = {})
[ 'J2SE 1.6_16 Automatic',
{
- 'Platform' => ['win', 'linux', 'osx'],
+ 'Platform' => %w{ linux osx win },
'Arch' => [ARCH_X86, ARCH_PPC]
}
],
@@ -44,7 +44,7 @@ def initialize( info = {} )
[ 'URL', 'http://immunityproducts.blogspot.com/2013/04/yet-another-java-security-warning-bypass.html' ],
[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-13-076/' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -55,7 +55,7 @@ def initialize( info = {} )
[ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day' ],
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=852051']
],
- 'Platform' => [ 'java', 'win', 'linux' ],
+ 'Platform' => %w{ java linux win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -42,7 +42,7 @@ def initialize( info = {} )
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5076' ],
[ 'URL', 'http://www.security-explorations.com/materials/se-2012-01-report.pdf' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'DisableNops' => true },
'Targets' =>
[
@@ -39,7 +39,7 @@ def initialize( info = {} )
[ 'URL', 'http://malware.dontneedcoffee.com/2012/11/cool-ek-hello-my-friend-cve-2012-5067.html' ],
[ 'URL', 'http://blogs.technet.com/b/mmpc/archive/2012/11/15/a-technical-analysis-on-new-java-vulnerability-cve-2012-5076.aspx' ]
],
- 'Platform' => [ 'java', 'win' ],
+ 'Platform' => %w{ java win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -43,7 +43,7 @@ def initialize( info = {} )
[ 'URL', 'http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/' ],
[ 'URL', 'http://pastebin.com/cUG2ayjh' ] #Who authored the code on pastebin? I can't read Russian :-(
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -46,7 +46,7 @@ def initialize( info = {} )
[ 'URL', 'http://pastebin.com/QWU1rqjf' ],
[ 'URL', 'http://malware.dontneedcoffee.com/2013/02/cve-2013-0431-java-17-update-11.html' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -40,7 +40,7 @@ def initialize( info = {} )
[ 'URL', 'http://www.security-explorations.com/materials/SE-2012-01-ORACLE-5.pdf' ],
[ 'URL', 'http://www.security-explorations.com/materials/se-2012-01-report.pdf' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'DisableNops' => true },
'Targets' =>
[
@@ -43,7 +43,7 @@ def initialize( info = {} )
[ 'URL', 'http://www.security-explorations.com/materials/SE-2012-01-ORACLE-12.pdf' ],
[ 'URL', 'http://www.security-explorations.com/materials/se-2012-01-61.zip' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -45,7 +45,7 @@ def initialize( info = {} )
[ 'URL', 'http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f' ],
[ 'URL', 'http://immunityproducts.blogspot.com/2013/04/yet-another-java-security-warning-bypass.html' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux' ],
+ 'Platform' => %w{ java linux osx win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -41,7 +41,7 @@ def initialize( info = {} )
[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-11-305/' ],
[ 'URL', 'http://schierlm.users.sourceforge.net/CVE-2011-3544.html' ],
],
- 'Platform' => [ 'java', 'win', 'linux' ],
+ 'Platform' => %w{ java linux win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -60,7 +60,7 @@ def initialize(info = {})
[ 'J2SE 1.6_16 Automatic',
{
- 'Platform' => ['win', 'linux', 'osx'],
+ 'Platform' => %w{ linux osx win },
'Arch' => [ARCH_X86, ARCH_PPC]
}
],
@@ -44,7 +44,7 @@ def initialize( info = {} )
# list of trusted Certificate Authorities by java version
[ 'URL', 'http://www.spikezilla-software.com/blog/?p=21' ]
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux', 'solaris' ],
+ 'Platform' => %w{ java linux osx solaris win },
'Payload' => { 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -42,7 +42,7 @@ def initialize( info = {} )
[ 'URL', 'http://packetstormsecurity.com/files/122777/' ],
[ 'URL', 'http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040' ]
],
- 'Platform' => [ 'java', 'win', 'linux' ],
+ 'Platform' => %w{ java linux win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -39,7 +39,7 @@ def initialize( info = {} )
[ 'OSVDB', '63483' ],
[ 'URL', 'http://slightlyrandombrokenthoughts.blogspot.com/2010/04/java-trusted-method-chaining-cve-2010.html' ],
],
- 'Platform' => [ 'java', 'win', 'linux' ],
+ 'Platform' => %w{ java linux win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -45,7 +45,7 @@ def initialize( info = {} )
['URL', 'http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/rev/253e7c32def9'],
['URL', 'http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/rev/8f86ad60699b']
],
- 'Platform' => [ 'java', 'win', 'osx', 'linux', 'solaris' ],
+ 'Platform' => %w{ java linux osx solaris win },
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
[
@@ -81,7 +81,7 @@ def initialize(info = {})
['Universal CMD',
{
'Arch' => ARCH_CMD,
- 'Platform' => ['unix', 'win', 'linux']
+ 'Platform' => %w{ linux unix win }
}
]
@@ -39,7 +39,7 @@ def initialize(info = {})
[ 'URL', 'http://peazip.sourceforge.net/' ],
[ 'EDB', '8881' ]
],
- 'Platform' => ['unix', 'win', 'linux'],
+ 'Platform' => %w{ linux unix win },
'Arch' => ARCH_CMD,
'Payload' =>
{
@@ -32,7 +32,7 @@ def initialize(info = {})
'BadChars' => '',
'DisableNops' => true,
},
- 'Platform' => [ 'win', 'linux', 'solaris', 'unix', 'osx', 'bsd', 'php', 'java', 'ruby', 'js', 'python', 'android' ],
+ 'Platform' => %w{ android bsd java js linux osx php python ruby solaris unix win },
'Arch' => ARCH_ALL,
'Targets' => [ [ 'Wildcard Target', { } ] ],
'DefaultTarget' => 0
@@ -44,7 +44,7 @@ def initialize(info = {})
'RequiredCmd' => 'generic perl ruby python bash telnet'
}
},
- 'Platform' => ['unix', 'bsd', 'linux', 'osx', 'win'],
+ 'Platform' => %w{ bsd linux osx unix win },
'Arch' => ARCH_CMD,
'Targets' => [[ 'AjaXplorer 2.5.5 or older', { }]],
'DisclosureDate' => 'Apr 4 2010',
@@ -37,7 +37,7 @@ def initialize(info={})
{
'BadChars' => "\x00"
},
- 'Platform' => ['linux', 'php'],
+ 'Platform' => %w{ linux php },
'Targets' =>
[
[ 'Generic (PHP Payload)', { 'Arch' => ARCH_PHP, 'Platform' => 'php' } ],
@@ -29,7 +29,7 @@ def initialize(info = {})
[ 'CVE', '2010-0219' ],
[ 'OSVDB', '68662' ]
],
- 'Platform' => [ 'java', 'win', 'linux' ], # others?
+ 'Platform' => %w{ java linux win }, # others?
'Targets' =>
[
[ 'Java', {
@@ -41,7 +41,7 @@ def initialize(info = {})
'DisableNops' => true,
'Space' => 4000
},
- 'Platform' => ['php', 'linux'],
+ 'Platform' => %w{ linux php },
'Arch' => ARCH_PHP,
'Targets' =>
Oops, something went wrong.

5 comments on commit c547e84

Contributor

Meatballs1 replied Sep 25, 2013

Anyone coming from pretty much any language knows what type a ['blah'] is. Really not clear to non-rubyists what %w{ linux win } produces!

Can it not be used for single platform types otherwise it becomes inconsistant and people using a single platform module as template will tend to just add a value to the array as normal? %w{ win }

Contributor

kernelsmith replied Sep 25, 2013

I'm still not pro sigil (what the % operators are called generically), but it's probably because it feels like a perlism to me and I don't like the sigils or $ special variables from trying to from their overuse on OpenSuSe Build System back end. The only aigial I've found really useful is r%{}x for regexps that ignore whitespace and allow comments without the need for escapes.

Contributor

todb replied Sep 25, 2013

I do think the platforms should be alphabetized. I also like one item per line in an array as most diff/merge tools handle showing and merging line additions and deletions better than partial line changes.

Please sign in to comment.