As this repo it is no longer in external/source directory, the deploy
targets need to know where the Framework repository is. This defaults to
../metasploit-framework, but can be changed via -D deploy.path= command
line switch.
[#49402505]
rvm stable (1.19.6) has deprecated .rvmrc in favor of the .ruby-version
file used by other ruby version switchers and .ruby-gemset. These files
only contain strings to be looked up instead of bash or sh code, so it's
also a safer format than the old script in the .rvmrc.
- classes.dex gets mangled on windows; use binary mode when reading it
- UnknownHostExceptions on API Level 3 emulator because of trailing
whitespace after the hostname/IP
- Work around integer overflow at year 2038 when signing the payload
Convert the dx calls from build.sh to equivalent exec calls in Maven
deploy profile.
While this commit takes into account differences between Windows and *nix,
it was only tested on Windows, and the resulting binaries have not been
tested at all!
In addition, I was not able to pass individual .class file names to dx
without getting a "class name does not match path" error, so I changed it
to copy all required classes into a temp directory and call dx from there.
I also changed the cross-project paths to refer to the respective Maven
classpath, so in case you do an individual project build, the library
dependencies are taken from the Maven repository instead of taking them
from the target/ directory of the projects directly.
Include the animal-scents for Android API in this commit, so that users
who do not have Android SDK can still check meterpreter API compatibility
with Android API. Some classes, like screenshot have been excluded since
they need AWT (but they are excluded in Android Meterpreter anyway).
To regenerate the scents file, run
mvn -Dandroid.sdk.path=... -P regenerate package
Apparently Android API 3 does not know the getMTU() function, which was
added in Java 1.6, and in Android API Level 9 (Gingerbread). Therefore,
fall back to the 1.4 version that does not need this API.
Apparently, getNetworkPrefixLength can return -1, which confuses the Ruby
side. Therefore fall back to guessing the prefix in this case, as we do it
for Java <= 1.6.
[#46224565]
The following rake tasks are added and work similar to how they work in
rails apps:
* db:create
* db:drop
* db:migrate
* db:migrate:status
* db:rollback
* db:schema:dump
* db:schema:load
* db:seed (but no db seeds defined at this time)
* db:setup
* db:version
The hidden task db:test:prepare is also available, which means `rake
spec` can depend on it so that the test database is dropped and
recreated from the development database when running specs (Although
there are yet to be database tests, this branch is in preparation for
that work that will be split between multiple developers.)
The BindTCP test contained a race condition: if the bind payload took
longer to load than the handler, it could result in a
ConnectException: Connection refused: connect
Work around this by retrying the connection up to 10 times, with 500ms
delay in between.
Downgrad JUnit version since JUnit 4 can only work with -target 1.5 or
higher class files.
Covered are Shell and Meterpreter stage, StreamForwarder, MemoryBuffer,
AESEncryption and Payload (Bind, Reverse, Spawn, AESPassword).
Check JavaPayload and Java Meterpreter against version incompatibilities
for Java 1.2, 1.3, 1.4, 1.5, and 1.6.
Note that webcam_audio_record is currently excluded from the checks, as it
uses Sun proprietary API for building the WAV file and is therefore
failing the build (and will most likely crash Meterpreter if run on a JVM
of version 1.4 or later that is not based on the Sun/Oracle JVM).
Possible workarounds (apart from either removing the module or changing it
to produce empty files when WAV creation is not supported) include
implementing the WAV file writer ourselves or providing raw PCM files
instead.
Add the .travis.yml so that travis-ci.org knows which rubies (1.8.7 and
1.9.3 to run rake against. Add the build status button to the README.md
so that people can see if the specs are passing from the main
rapid7/metasploit-framework page on github just like other open source
projects.
