pkgs/tools/security/metasploit/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

{
  lib,
  stdenv,
  fetchFromGitHub,
  makeWrapper,
  ruby,
  bundlerEnv,
  testers,
  python3,
}:

let
  env = bundlerEnv {
    inherit ruby;
    name = "metasploit-bundler-env";
    gemdir = ./.;
  };
in
stdenv.mkDerivation (finalAttrs: {
  pname = "metasploit-framework";
  version = "6.4.131";

  src = fetchFromGitHub {
    owner = "rapid7";
    repo = "metasploit-framework";
    tag = finalAttrs.version;
    hash = "sha256-7u03A8H5vLQXekVLQ6oQtLwC6SW0JLqk37GUyjgtiZU=";
  };

  nativeBuildInputs = [
    makeWrapper
  ];

  buildInputs = [
    (python3.withPackages (ps: [ ps.requests ]))
  ];

  dontPatchELF = true; # stay away from exploit executables

  postPatch = ''
    # Patch the boot script to disable bootsnap.
    # Bootsnap tries to write cache files to the frozen /nix/store, causing a crash on startup.
    sed -i '/bootsnap\/setup/d' config/boot.rb

    # Remove the strict version check for ActionView.
    # Metasploit upstream enforces a specific patch version (e.g., 7.2.2.2), but our bundler
    # environment may resolve to a newer, compatible version (e.g., 7.2.3), causing the app to raise an exception.
    sed -i "/ActionView::VERSION::STRING == /d" config/application.rb
  '';

  installPhase = ''
    runHook preInstall

    mkdir -p $out/{bin,share/msf}

    cp -r * $out/share/msf

    grep -rl "^#\!.*python2$" $out/share/msf | xargs -d '\n' rm

    (
      cd $out/share/msf/
      for i in msf*; do
        makeWrapper ${env}/bin/bundle $out/bin/$i \
          --add-flags "exec ${ruby}/bin/ruby $out/share/msf/$i"
      done
    )

    makeWrapper ${env}/bin/bundle $out/bin/msf-pattern_create \
      --add-flags "exec ${ruby}/bin/ruby $out/share/msf/tools/exploit/pattern_create.rb"

    makeWrapper ${env}/bin/bundle $out/bin/msf-pattern_offset \
      --add-flags "exec ${ruby}/bin/ruby $out/share/msf/tools/exploit/pattern_offset.rb"

    runHook postInstall
  '';

  passthru.tests = {
    msfconsole-version = testers.testVersion {
      package = finalAttrs.finalPackage;
      command = "HOME=/tmp msfconsole -q -x 'version;exit'";
    };
  };

  # run with: nix-shell maintainers/scripts/update.nix --argstr path metasploit
  passthru.updateScript = ./update.sh;

  meta = {
    description = "Metasploit Framework - a collection of exploits";
    homepage = "https://docs.metasploit.com/";
    platforms = lib.platforms.unix;
    license = lib.licenses.bsd3;
    maintainers = with lib.maintainers; [
      fab
      makefu
      Misaka13514
    ];
    mainProgram = "msfconsole";
  };
})