Skip to content

metasploit: 3.3.1 -> 4.14.17 #25788

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 15, 2017
Merged

metasploit: 3.3.1 -> 4.14.17 #25788

merged 4 commits into from
May 15, 2017
+1,039 −19

Conversation

Mic92
Copy link
Member

@Mic92 Mic92 commented May 14, 2017
edited
Loading

Motivation for this change

cc @makefu for testing

fixes #8870

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • Linux
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

Sorry, something went wrong.

@mention-bot
Copy link

@Mic92, thanks for your PR! By analyzing the history of the files in this pull request, we identified @joachifm, @dezgeg and @lseppala to be potential reviewers.

@pSub pSub added the 8.has: package (update) This PR updates a package to a newer version label May 15, 2017
@TomSmeets
Copy link
Contributor

TomSmeets commented May 15, 2017
edited
Loading

When I try to install msf on nixos using your branch I get an invalid hash error

building path(s) ‘/nix/store/vvzn75zxnl5xrvc6479hn06cs2gpn0ja-metasploit-framework-fd3da8f’
exporting https://github.com/rapid7/metasploit-framework (rev fd3da8f3350d6cf7f0449bf0ead4d51747525c0a) into /nix/store/vvzn75zxnl5xrvc6479hn06cs2gpn0ja-metasploit-framework-fd3da8f
Initialized empty Git repository in /nix/store/vvzn75zxnl5xrvc6479hn06cs2gpn0ja-metasploit-framework-fd3da8f/.git/
remote: Counting objects: 9451, done.        
remote: Compressing objects: 100% (8195/8195), done.        
remote: Total 9451 (delta 1283), reused 3817 (delta 700), pack-reused 0        
Receiving objects: 100% (9451/9451), 24.86 MiB | 3.14 MiB/s, done.
Resolving deltas: 100% (1283/1283), done.
From https://github.com/rapid7/metasploit-framework
 * tag               4.14.17    -> FETCH_HEAD
Switched to a new branch 'fetchgit'
output path ‘/nix/store/vvzn75zxnl5xrvc6479hn06cs2gpn0ja-metasploit-framework-fd3da8f’ has r:sha256 hash ‘1r04drq34qfbhmhp0mqnm13vrycr7dcq670zk8xqiif5rhbij6qv’ when ‘100axxiibg5qx3xpv9znxxrkaa8jkcds5ln1qipna696026vvnnq’ was expected
cannot build derivation ‘/nix/store/dqs9zv6pn0ykcffysqjfj9ikwxffa7mc-ruby2.3.4-metasploit-framework-4.14.17.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/a24x99wkbwbalxj2gq3fz1xhp8c784bh-metasploit-bundler-env.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/2qkdkaqhsqkqawi7fpvalsq5axmzwli6-metasploit-framework-4.14.17.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/imxzb8qi1dfcdrnd6npr9vz0sljz86jb-system-path.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/l79yyrmici6lwgib1y61027fmk8yyilz-nixos-system-lambda-medion-17.09.git.f3dea82.drv’: 1 dependencies couldn't be built
error: build of ‘/nix/store/l79yyrmici6lwgib1y61027fmk8yyilz-nixos-system-lambda-medion-17.09.git.f3dea82.drv’ failed

@makefu
Copy link
Contributor

makefu commented May 15, 2017

i can confirm, updating the hash of metasploit-framework to 1r04drq34qfbhmhp0mqnm13vrycr7dcq670zk8xqiif5rhbij6qv fixes the issue. i will play around a bit with the modules to check everything works

@makefu
Copy link
Contributor

makefu commented May 15, 2017
edited
Loading

Metasploit modules show up in the msfconsole and the ones i've tested work as expected 👍

diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix
index c6bf6f27e0..f4e4b91fcd 100644
--- a/pkgs/tools/security/metasploit/gemset.nix
+++ b/pkgs/tools/security/metasploit/gemset.nix
@@ -179,7 +179,7 @@
     source = {
       fetchSubmodules = false;
       rev = "fd3da8f3350d6cf7f0449bf0ead4d51747525c0a";
-      sha256 = "100axxiibg5qx3xpv9znxxrkaa8jkcds5ln1qipna696026vvnnq";
+      sha256 = "1r04drq34qfbhmhp0mqnm13vrycr7dcq670zk8xqiif5rhbij6qv";
       type = "git";
       url = "https://github.com/rapid7/metasploit-framework";
     };

@Mic92 Mic92 merged commit d83f1bf into NixOS:master May 15, 2017
@Mic92 Mic92 deleted the metasploit branch May 15, 2017 20:50
@fpletz
Copy link
Member

fpletz commented May 22, 2017

Thanks for the update! We still have the wrong hash on master, though:

output path ‘/nix/store/x7dgkzib8danf8dyd8siq9jwcs6x8800-metasploit-framework-fd3da8f’ has r:sha256 hash ‘0gjzwrmb1z9wbpbgxmz0bxz63l894vwpv4ixj9nd7acnxfx9027r’ when ‘1r04drq34qfbhmhp0mqnm13vrycr7dcq670zk8xqiif5rhbij6qv’ was expected
cannot build derivation ‘/nix/store/y4h12hzybq02d33f7cd40hi3vdz90qwj-ruby2.3.4-metasploit-framework-4.14.17.drv’: 1 dependencies couldn't be built

@Mic92 Do you know why the hash changes? Is the metasploit-framework gem in the gemset even necessary?

@makefu
Copy link
Contributor

makefu commented May 23, 2017
edited
Loading

@fpletz it seems like they (rapid7) force-push the release regularly ... I've subscribed to the release feed and in the last between 16. and 21. this happened three times for release 4.14.17.

the best thing might be to pin the git revision and still name it after the real version

@makefu makefu mentioned this pull request May 23, 2017
Closed
@Mic92
Copy link
Member Author

Mic92 commented May 23, 2017

What the hack. This is evil.

@Mic92
Copy link
Member Author

Mic92 commented May 23, 2017
edited
Loading

If we stick to git revisions: Can they be garbage collected by github, if they are not referenced?

@Mic92
Copy link
Member Author

Mic92 commented May 24, 2017

@makefu you fork the repo and we take this as source repo until upstream stops doing strange stuff.

@makefu
Copy link
Contributor

makefu commented May 29, 2017

@Mic92 it would probably better to pin the git ref to the latest hash in the Gemfile and default.nix, right? That way we can stay on upstream but still have stable source inputs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
8.has: package (update) This PR updates a package to a newer version
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

metasploit: package needs to be updated
7 participants
@Mic92 @mention-bot @TomSmeets @makefu @fpletz @matthewbauer @pSub