Class: Msf::Module::SiteReference
- Defined in:
- lib/msf/core/module/reference.rb
Overview
A reference to a website.
Instance Attribute Summary collapse
-
#ctx_id ⇒ Object
The context identifier of the site, such as CVE.
-
#ctx_repo ⇒ Object
The context repository for GHSA references (optional).
-
#ctx_val ⇒ Object
The context value of the reference, such as MS02-039.
-
#site ⇒ Object
The site being referenced.
Attributes inherited from Reference
Class Method Summary collapse
-
.from_a(ary) ⇒ Object
Initializes a site reference from an array.
-
.from_s(str) ⇒ Object
Class method that translates a URL into a site reference instance.
Instance Method Summary collapse
-
#from_s(str) ⇒ Object
Serializes a site URL string.
-
#initialize(in_ctx_id = 'Unknown', in_ctx_val = '', in_ctx_repo = nil) ⇒ SiteReference
constructor
Initialize the site reference.
-
#to_s ⇒ Object
Returns the absolute site URL.
Methods inherited from Reference
Constructor Details
#initialize(in_ctx_id = 'Unknown', in_ctx_val = '', in_ctx_repo = nil) ⇒ SiteReference
Initialize the site reference. If you’re updating the references, please also update:
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 |
# File 'lib/msf/core/module/reference.rb', line 96 def initialize(in_ctx_id = 'Unknown', in_ctx_val = '', in_ctx_repo = nil) # Ensure ctx_id and ctx_val are strings (handle constants like ATT&CK techniques) in_ctx_id = in_ctx_id.to_s if in_ctx_id.respond_to?(:to_s) && !in_ctx_id.is_a?(String) in_ctx_val = in_ctx_val.to_s if in_ctx_val.respond_to?(:to_s) && !in_ctx_val.is_a?(String) self.ctx_id = in_ctx_id self.ctx_val = in_ctx_val self.ctx_repo = in_ctx_repo if in_ctx_id == 'CVE' self.site = "https://nvd.nist.gov/vuln/detail/CVE-#{in_ctx_val}" elsif in_ctx_id == 'CWE' self.site = "https://cwe.mitre.org/data/definitions/#{in_ctx_val}.html" elsif in_ctx_id == 'BID' self.site = "http://www.securityfocus.com/bid/#{in_ctx_val}" elsif in_ctx_id == 'MSB' year = in_ctx_val[2..3] century = year[0] == '9' ? '19' : '20' self.site = "https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/#{century}#{year}/#{in_ctx_val}" elsif in_ctx_id == 'EDB' self.site = "https://www.exploit-db.com/exploits/#{in_ctx_val}" elsif in_ctx_id == 'US-CERT-VU' self.site = "https://www.kb.cert.org/vuls/id/#{in_ctx_val}" elsif in_ctx_id == 'ZDI' self.site = "http://www.zerodayinitiative.com/advisories/ZDI-#{in_ctx_val}" elsif in_ctx_id == 'WPVDB' self.site = "https://wpscan.com/vulnerability/#{in_ctx_val}" elsif in_ctx_id == 'PACKETSTORM' self.site = "https://packetstormsecurity.com/files/#{in_ctx_val}" elsif in_ctx_id == 'GHSA' # Handle both formats: with or without GHSA- prefix ghsa_id = in_ctx_val.start_with?('GHSA-') ? in_ctx_val : "GHSA-#{in_ctx_val}" # Use repo-specific URL if repo is provided, otherwise use global format if in_ctx_repo && !in_ctx_repo.empty? self.site = "https://github.com/#{in_ctx_repo}/security/advisories/#{ghsa_id}" else self.site = "https://github.com/advisories/#{ghsa_id}" end elsif in_ctx_id == 'OSV' self.site = "https://osv.dev/vulnerability/#{in_ctx_val}" elsif in_ctx_id == 'URL' self.site = in_ctx_val.to_s elsif in_ctx_id == 'LOGO' self.site = "Logo: #{in_ctx_val}" elsif in_ctx_id == 'SOUNDTRACK' self.site = "Soundtrack: #{in_ctx_val}" elsif in_ctx_id == 'ATT&CK' match = in_ctx_val.match(/\A(?<category>[A-Z]+)(?<id>[\d.]+)\z/) path = Msf::Mitre::Attack::Categories::PATHS[match[:category]] id_path = match[:id].gsub('.', '/') self.site = "https://attack.mitre.org/#{path}/#{match[:category]}#{id_path}/" else self.site = in_ctx_id self.site += " (#{in_ctx_val})" if (in_ctx_val) end end |
Instance Attribute Details
#ctx_id ⇒ Object
The context identifier of the site, such as CVE.
182 183 184 |
# File 'lib/msf/core/module/reference.rb', line 182 def ctx_id @ctx_id end |
#ctx_repo ⇒ Object
The context repository for GHSA references (optional)
190 191 192 |
# File 'lib/msf/core/module/reference.rb', line 190 def ctx_repo @ctx_repo end |
#ctx_val ⇒ Object
The context value of the reference, such as MS02-039
186 187 188 |
# File 'lib/msf/core/module/reference.rb', line 186 def ctx_val @ctx_val end |
#site ⇒ Object
The site being referenced.
178 179 180 |
# File 'lib/msf/core/module/reference.rb', line 178 def site @site end |
Class Method Details
.from_a(ary) ⇒ Object
82 83 84 85 86 87 88 |
# File 'lib/msf/core/module/reference.rb', line 82 def self.from_a(ary) return nil if (ary.length < 2) # Reject if first element is an array (nested array structure) return nil if ary[0].kind_of?(Array) self.new(ary[0], ary[1], ary[2]) end |
.from_s(str) ⇒ Object
Class method that translates a URL into a site reference instance.
67 68 69 70 71 72 73 74 75 |
# File 'lib/msf/core/module/reference.rb', line 67 def self.from_s(str) instance = self.new if (instance.from_s(str) == false) return nil end return instance end |
Instance Method Details
#from_s(str) ⇒ Object
Serializes a site URL string.
163 164 165 166 167 168 169 170 171 172 173 |
# File 'lib/msf/core/module/reference.rb', line 163 def from_s(str) if (/(http:\/\/|https:\/\/|ftp:\/\/)/.match(str)) self.site = str self.ctx_id = 'URL' self.ctx_val = self.site else return false end return true end |
#to_s ⇒ Object
Returns the absolute site URL.
156 157 158 |
# File 'lib/msf/core/module/reference.rb', line 156 def to_s return site || '' end |