Skip to content

Commit

Permalink
Improve visual indentation logic for tables
Browse files Browse the repository at this point in the history
  • Loading branch information
@adfoster-r7
adfoster-r7 committed Feb 17, 2024
1 parent 94f0d24 commit eec2c56
Show file tree
Hide file tree
Showing 5 changed files with 114 additions and 102 deletions.
2 changes: 2 additions & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ source 'https://rubygems.org'
# spec.add_runtime_dependency '<name>', [<version requirements>]
gemspec name: 'metasploit-framework'

gem 'rex-text', git: 'https://github.com/adfoster-r7/rex-text', branch: 'allow-opting-out-of-removing-whitespace'

# separate from test as simplecov is not run on travis-ci
group :coverage do
# code coverage for tests
Expand Down
11 changes: 9 additions & 2 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
GIT
remote: https://github.com/adfoster-r7/rex-text
revision: 67a084f7da3ec867e16729148890fa205933989a
branch: allow-opting-out-of-removing-whitespace
specs:
rex-text (0.2.56)

PATH
remote: .
specs:
Expand Down Expand Up @@ -426,7 +433,6 @@ GEM
rex-socket
rex-text
rex-struct2 (0.1.4)
rex-text (0.2.53)
rex-zip (0.1.5)
rex-text
rexml (3.2.6)
Expand Down Expand Up @@ -562,6 +568,7 @@ DEPENDENCIES
pry-byebug
rake
redcarpet
rex-text!
rspec-rails
rspec-rerun
rubocop
Expand All @@ -572,4 +579,4 @@ DEPENDENCIES
yard

BUNDLED WITH
2.1.4
2.2.33
10 changes: 5 additions & 5 deletions lib/msf/ui/console/command_dispatcher/dns.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -401,6 +401,7 @@ def resolve_dns(*args)
'Prefix' => "\n",
'Postfix' => "\n",
'Columns' => ['Hostname', 'IP Address', 'Rule #', 'Rule', 'Resolver', 'Comm channel'],
'ColProps' => { 'Hostname' => { 'Strip' => false } },
'SortIndex' => -1,
'WordWrap' => false
)
Expand Down Expand Up @@ -631,6 +632,7 @@ def print_dns
'Prefix' => "\n",
'Postfix' => "\n",
'Columns' => ['Hostname', 'IPv4 Address', 'IPv6 Address'],
'ColProps' => { 'Hostname' => { 'Strip' => false } },
'SortIndex' => -1,
'WordWrap' => false
)
Expand All @@ -654,11 +656,7 @@ def print_dns
Rex::Proto::DNS::UpstreamResolver::Type::SYSTEM.to_s.downcase
].freeze

# XXX: By default rex-text tables strip preceding whitespace:
# https://github.com/rapid7/rex-text/blob/1a7b63993
# ca62fd9102665d6986f918ae42cae244e/lib/rex/text/table.rb#L221-L222
# So use https://en.wikipedia.org/wiki/Non-breaking_space as a workaround for now. A change should exist in Rex-Text to support this requirement
TABLE_INDENT = "\xc2\xa0\xc2\xa0\\_ ".freeze
TABLE_INDENT = " \\_ ".freeze

#
# Get user-friendly text for displaying the session that this entry would go through
Expand All @@ -685,13 +683,15 @@ def prettify_comm(comm, upstream_resolver)
def print_dns_set(heading, result_set, ids: [])
return if result_set.length == 0
columns = ['#', 'Rule', 'Resolver', 'Comm channel']
col_props = { 'Rule' => { 'Strip' => false } }

tbl = Table.new(
Table::Style::Default,
'Header' => heading,
'Prefix' => "\n",
'Postfix' => "\n",
'Columns' => columns,
'ColProps' => col_props,
'SortIndex' => -1,
'WordWrap' => false
)
Expand Down
6 changes: 2 additions & 4 deletions lib/msf/ui/console/command_dispatcher/modules.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -543,10 +543,7 @@ def cmd_search(*args)
show_child_items = total_children_rows > 1
next unless show_child_items

# XXX: By default rex-text tables strip preceding whitespace:
# https://github.com/rapid7/rex-text/blob/1a7b639ca62fd9102665d6986f918ae42cae244e/lib/rex/text/table.rb#L221-L222
# So use https://en.wikipedia.org/wiki/Non-breaking_space as a workaround for now. A change should exist in Rex-Text to support this requirement
indent = "\xc2\xa0\xc2\xa0\\_ "
indent = " \\_ "
# Note: We still use visual indicators for blank values as it's easier to read
# We can't always use a generic formatter/styler, as it would be applied to the 'parent' rows too
blank_value = '.'
Expand Down Expand Up @@ -1804,6 +1801,7 @@ def generate_module_table(type, search_terms = [], row_filter = nil) # :nodoc:
]
},
'Name' => {
'Strip' => false,
'Stylers' => [Msf::Ui::Console::TablePrint::HighlightSubstringStyler.new(search_terms)]
},
'Check' => {
Expand Down
187 changes: 96 additions & 91 deletions spec/lib/msf/ui/console/command_dispatcher/creds_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# frozen_string_literal: true
require 'spec_helper'


RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do

if ENV['REMOTE_DB']
Expand Down Expand Up @@ -67,52 +66,55 @@
context 'when the credential is present' do
it 'should show a user that matches the given expression' do
creds.cmd_creds('-u', username)
expect(@output).to eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------',
' thisuser thispass Password '
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
thisuser thispass Password
TABLE
end

it 'should not match a regular expression' do
creds.cmd_creds('-u', "^#{username}$")
expect(@output).to_not eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------',
' thisuser thispass Password '
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
TABLE
end

context 'and when the username is blank' do
it 'should show a user that matches the given expression' do
creds.cmd_creds('-u', blank_username)
expect(@output).to eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------',
' nonblank_pass Password '
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
nonblank_pass Password
TABLE
end
end
context 'and when the password is blank' do
it 'should show a user that matches the given expression' do
creds.cmd_creds('-P', blank_password)
expect(@output).to eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------',
' nonblank_user Password '
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
nonblank_user Password
TABLE
end
end
end
Expand All @@ -121,25 +123,27 @@
context 'due to a nonmatching username' do
it 'should return a blank set' do
creds.cmd_creds('-u', nomatch_username)
expect(@output).to eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------'
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
TABLE
end
end
context 'due to a nonmatching password' do
it 'should return a blank set' do
creds.cmd_creds('-P', nomatch_password)
expect(@output).to eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------'
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
TABLE
end
end
context 'showing new column of cracked_password for all the cracked passwords' do
Expand All @@ -158,25 +162,26 @@
realm: nil,
workspace: framework.db.workspace)
creds.cmd_creds('-u', 'this_username')
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type JtR Format cracked_password",
"---- ------ ------- ------ ------- ----- ------------ ---------- ----------------",
" this_username some_hash Nonreplayable hash this_cracked_password"
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
this_username some_hash Nonreplayable hash this_cracked_password
TABLE
end
it "should show the user given passwords on private column instead of cracked_password column" do
creds.cmd_creds('-u', 'thisuser')
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type JtR Format cracked_password",
"---- ------ ------- ------ ------- ----- ------------ ---------- ----------------",
" thisuser thispass Password "
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
thisuser thispass Password
TABLE
end
end
end
Expand Down Expand Up @@ -238,15 +243,15 @@
context 'password' do
it 'should show just the password' do
creds.cmd_creds('-t', 'password')
# Table matching really sucks
expect(@output).to eq([
'Credentials',
'===========',
'',
'host origin service public private realm private_type JtR Format cracked_password',
'---- ------ ------- ------ ------- ----- ------------ ---------- ----------------',
' thisuser thispass Password '
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
thisuser thispass Password
TABLE
end
it 'should show all the cores whose private is either password or the private is cracked password' do
common_public = FactoryBot.create(:metasploit_credential_username, username: "this_username")
Expand All @@ -263,15 +268,16 @@
realm: nil,
workspace: framework.db.workspace)
creds.cmd_creds('-t', 'password')
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type JtR Format cracked_password",
"---- ------ ------- ------ ------- ----- ------------ ---------- ----------------",
" thisuser thispass Password ",
" this_username this_cracked_password Password "
])
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
thisuser thispass Password
this_username this_cracked_password Password
TABLE
end
end

Expand All @@ -280,15 +286,15 @@
skip 'Weird uniqueness constraint on Core (workspace_id, public_id)'

creds.cmd_creds('-t', 'ntlm')
# Table matching really sucks
expect(@output).to =~ [
'Credentials',
'===========',
'',
'host service public private realm private_type JtR Format cracked_password',
'---- ------- ------ ------- ----- ------------ ---------- ----------------',
" thisuser #{ntlm_hash} NTLM hash"
]
expect(@output.join("\n")).to match_table <<~TABLE
Credentials
===========
host origin service public private realm private_type JtR Format cracked_password
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
thisuser 1443d06412d8c0e6e72c57ef50f76a05:27c433245e4763d074d30a05aae0af2c NTLM hash
TABLE
end
end
end
Expand Down Expand Up @@ -523,7 +529,6 @@
end
end


end
end
end
Expand Down

0 comments on commit eec2c56

Please sign in to comment.