Metasploit mailing list archives

Some mod. info. references don't produce valid URLs

From: Joshua TAYLOR <joshuaaaron () gmail com>
Date: Wed, 31 Aug 2011 13:02:32 -0400

Hi all,

I've been gathering some information programmatically from the
framework (loading the framework, iterating through modules, etc), and
have come across some reference info values that produce some invalid
URLs later (i.e., the SiteReference.site field of the reference isn't
a valid URL).

I've observed this in two contexts.  The first is where a reference
should have a context id of 'URL' but has something else. E.g., the
auxiliary/scanner/dect/call_scanner module has

                        'References'     => [ ['Dedected', 'http://www.dedected.org&apos;] ]

which produces the string

"Dedected (http://www.dedected.org)"

which isn't a URI.  In this case, the call_scanner code really ought to be

                        'References'     => [ ['URL', 'http://www.dedected.org&apos;] ]

The second is where a reference context value has improper characters
(space, in all the instances I've seen).  This is sometimes from an
extra space somewhere e.g., in the
hp_easy_printer_care_xmlsimpleaccessor exploit which has an extra
space in the ctx_val:

                        'References'     =>
                                [
                                        [ 'CVE', '2011-2404 '],

and in one case (exploit/windows/browser/amaya_bdo) the context value
is a comma separated string rather than multiple entries:

                        'References'     =>
                                [
                                        ...
                                        [ 'BID', '33046, 33047' ],

I don't know that the framework ever uses these values as URLs, so
it's not a bug in that sense, but the intent is that they should be
URLs (and that's what I'm looking for).  I've got a list of the
modules that contain these malformed entries;  what would be the
proper way to handle these?  A bug report?  Diffs on a developer list?
 Something else?

Thanks in advance,
//JT

-- 
Joshua Taylor, http://www.cs.rpi.edu/~tayloj/
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

Some mod. info. references don't produce valid URLs Joshua TAYLOR (Aug 31)
- Re: Some mod. info. references don't produce valid URLs HD Moore (Aug 31)
  - Re: Some mod. info. references don't produce valid URLs Joshua TAYLOR (Sep 01)
  - Re: Some mod. info. references don't produce valid URLs Joshua TAYLOR (Sep 06)
    - Impersonation with Incognito haZard0us (Sep 06)
    - Re: Impersonation with Incognito c0lists (Sep 06)