Skip to content

Commit a66a878

Browse files
ChocapikkChocapikk
committed
Docs: Add GHSA, OSV, and ATT&CK reference examples
1 parent 6154d53 commit a66a878

1 file changed

Lines changed: 22 additions & 17 deletions

File tree

docs/metasploit-framework.wiki/Module-Reference-Identifiers.md

Lines changed: 22 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,26 +1,29 @@
11
## On this page
2-
* [List of supported reference identifiers](#list-of-supported-reference-identifiers)
3-
* [Code example of references in a module](#code-example-of-references-in-a-module)
2+
- [On this page](#on-this-page)
3+
- [List of supported reference identifiers](#list-of-supported-reference-identifiers)
4+
- [Code example of references in a module](#code-example-of-references-in-a-module)
45

56

67
A reference in a Metasploit module is a source of information related to the module. This can be a link to the vulnerability advisory, a news article, a blog post about a specific technique the module uses, a specific tweet, etc. The more you have the better. However, you should not use this as a form of advertisement.
78

89
## List of supported reference identifiers
910

10-
ID | Source | Code Example
11-
------------- | ------------- | -------------
12-
CVE | cvedetails.com | ```['CVE', '2014-9999']```
13-
CWE | cwe.mitre.org | ```['CWE', '90']```
14-
BID | securityfocus.com | ```['BID', '1234']```
15-
MSB | technet.microsoft.com | ```['MSB', 'MS13-055']```
16-
EDB | exploit-db.com | ```['EDB', '1337']```
17-
US-CERT-VU | kb.cert.org | ```['US-CERT-VU', '800113']```
18-
ZDI | zerodayinitiative.com | ```['ZDI', '10-123']```
19-
WPVDB | wpvulndb.com | ```['WPVDB', '7615']```
20-
PACKETSTORM | packetstormsecurity.com | ```['PACKETSTORM', '132721']```
21-
GHSA | github.com/advisories or github.com/owner/repo/security/advisories | ```['GHSA', 'xxxx-xxxx-xxxx']``` or ```['GHSA', 'xxxx-xxxx-xxxx', 'owner/repo']```
22-
URL | anything | ```['URL', 'http://example.com/blog.php?id=123']```
23-
AKA (_deprecated_*) | anything | ~~`['AKA', 'shellshock']`~~
11+
| ID | Source | Code Example |
12+
| ------------------- | ------------------------------------------------------------------ | ---------------------------------------------------------------------------------- |
13+
| CVE | cvedetails.com | ```['CVE', '2014-9999']``` |
14+
| CWE | cwe.mitre.org | ```['CWE', '90']``` |
15+
| BID | securityfocus.com | ```['BID', '1234']``` |
16+
| MSB | technet.microsoft.com | ```['MSB', 'MS13-055']``` |
17+
| EDB | exploit-db.com | ```['EDB', '1337']``` |
18+
| US-CERT-VU | kb.cert.org | ```['US-CERT-VU', '800113']``` |
19+
| ZDI | zerodayinitiative.com | ```['ZDI', '10-123']``` |
20+
| WPVDB | wpvulndb.com | ```['WPVDB', '7615']``` |
21+
| PACKETSTORM | packetstormsecurity.com | ```['PACKETSTORM', '132721']``` |
22+
| GHSA | github.com/advisories or github.com/owner/repo/security/advisories | ```['GHSA', 'xxxx-xxxx-xxxx']``` or ```['GHSA', 'xxxx-xxxx-xxxx', 'owner/repo']``` |
23+
| OSV | osv.dev | ```['OSV', 'GHSA-xxxx-xxxx-xxxx']``` |
24+
| ATT&CK | attack.mitre.org | ```['ATT&CK', 'T1190']``` |
25+
| URL | anything | ```['URL', 'http://example.com/blog.php?id=123']``` |
26+
| AKA (_deprecated_*) | anything | ~~`['AKA', 'shellshock']`~~ |
2427

2528
> **Good to know**
2629
> AKA names for modules are no longer stored as a reference identifier, but rather in the `Notes` metadata field as shown in the example below.
@@ -42,8 +45,10 @@ class MetasploitModule < Msf::Exploit::Remote
4245
'License' => MSF_LICENSE,
4346
'Author' => [ 'Unknown' ],
4447
'References' => [
45-
[ 'CVE', '2014-9999' ],
48+
['CVE', '2014-9999'],
4649
['BID', '1234'],
50+
['GHSA', 'xxxx-xxxx-xxxx'], # global advisory
51+
['GHSA', 'xxxx-xxxx-xxxx', 'owner/repo'], # repository-scoped advisory
4752
['URL', 'http://example.com/blog.php?id=123']
4853
],
4954
'Platform' => 'win',

0 commit comments

Comments
 (0)