Offensive Thinking

Internet Thoughtcrime

October 2009



2009-10-18 Metasploit Readline Support

I already wanted to write about this two weeks ago, but better late than never.

I noticed back then that after updating Metasploit from SVN, the Readline support was broken. GNU Readline is something awesome. It is a library that allows command line editing and has Emacs and Vi keybindings. This means that whenever a command line program supports Readline, I can use my beloved this-stuff-is-hardwired-in-my-brain Vi keys. It even has normal and insert mode. If you want to try it yourself, you just have to define it in your ~/.inputrc. Mine, for example, reads:

        set editing-mode vi
        set keymap vi
        set convert-meta on

Programs supporting Readline are e.g. IRB and IPython. Very neat stuff.

So, Metasploit has Readline support, too. And it broke (for me) with revision 7089 due to a switch to a Readline library written in pure Ruby. Switching to a pure Ruby implementation is a good thing, as it further reduces platform dependencies, but this one crashed on me because it didn’t know about the Vi movement modes.

I sent a mail to the Metasploit mailinglist detailing the problem, which is why I originally planned to write this blog post: HD answered and fixed the problem ca. 70 minutes after my post (by disabling the feature, but at least Metasploit worked again). And when in a later post he mentioned that he might reenable the old code using GNU Readline and I raised my hand to support this, he promptly added a command line switch (try -L). This time it took about 6 hours. As someone else in the thread put it: “talk about customer service”! So, thanks again for the quick reaction HD.

2009-10-02 Website Rewrite - nanoc3 and Haml

I haven’t posted a new thought in an long time, the reason being twofold:

1. Work. I can’t even keep up writing posts for RedTeam.

2. Arch Linux recently switched to Ruby 1.9.1 which is the new official stable version.

Now, the problem was that I used Markaby for all the web pages, excluding the blog posts (which use RedCloth). Markaby currently doesn’t support Ruby 1.9, and since _why’s disappearance, I won’t hold my breath this’ll happen anytime soon. So I bit the bullet and translated everything to Haml. While I was doing this, I noticed that nanoc was also available in a new, but incompatible version 3. As I was already changing so many pages, I took the extra work and also rewrote the website for nanoc3.

I hope I didn’t miss anything and I will definitely try to post more frequently now that the switch has been made, which took me a while. You can start by reading the post from Sept. 15, which I wrote before I realised the site’s b0rked and didn’t bother to remove and add on a later date.


« Sep 2009