metasploit-framework/lib/msf/core/module/target.rb

require 'msf/core'

###
#
# A target for an exploit.
#
###
class Msf::Module::Target

	###
	#
	# Bruteforce
	# ----------
	#
	# Target-specific brute force information, such as the addresses
	# to step, the step size (if the framework default is bad), and
	# other stuff.
	#
	###
	class Bruteforce < Hash
		def initialize(hash)
			update(hash)
		end

		#
		# Returns a hash of addresses that should be stepped during
		# exploitation and passed in to the bruteforce exploit
		# routine.
		#
		def start_addresses
			if (self['Start'] and self['Start'].kind_of?(Hash) == false)
				return {'Address' => self['Start'] } 
			else
				return self['Start']
			end
		end

		#
		# Returns a hash of addresses that should be stopped at once
		# they are reached.
		#
		def stop_addresses
			if (self['Stop'] and self['Stop'].kind_of?(Hash) == false)
				return {'Address' => self['Stop'] } 
			else
				return self['Stop']
			end
		end

		#
		# The step size to use, or zero if the framework should figure
		# it out.
		#
		def step_size
			self['Step'] || 0
		end

		#
		# Returns the default step direction
		#
		def default_direction
			dd = self['DefaultDirection']

			if (dd and dd.to_s.match(/(-1|backward)/i))
				return -1
			end

			return 1
		end

		#
		# The delay to add between attempts
		#
		def delay
			self['Delay'].to_i || 0
		end
	end

	#
	# Serialize from an array to a Target instance
	#
	def self.from_a(ary)
		return nil if (ary.length < 2)

		self.new(ary.shift, ary.shift)
	end

	#
	# Transforms the supplied source into an array of Target's
	#
	def self.transform(src)
		Rex::Transformer.transform(src, Array, [ self, String ], 'Target')
	end

	#
	# Init it up!
	#
	def initialize(name, opts)
		opts = {} if (!opts)

		self.name           = name
		self.platform       = Msf::Module::PlatformList.from_a(opts['Platform'])
		self.save_registers = opts['SaveRegisters']
		self.ret            = opts['Ret']
		self.opts           = opts
	
		if (opts['Arch'])
			self.arch = Rex::Transformer.transform(opts['Arch'], Array, 
				[ String ], 'Arch')
		end

		# Does this target have brute force information?
		if (opts['Bruteforce'])
			self.bruteforce = Bruteforce.new(opts['Bruteforce'])
		end
	end

	#
	# Index the options directly
	#
	def [](key)
		opts[key]
	end

	#
	# Returns whether or not this is a bruteforce target, forces boolean
	# result.
	#
	def bruteforce?
		return (bruteforce != nil)
	end

	##
	#
	# Target-specific payload modifications
	#
	##

	def payload_prepend
		opts['Payload'] ? opts['Payload']['Prepend'] : nil
	end

	def payload_append
		opts['Payload'] ? opts['Payload']['Append'] : nil
	end

	def payload_prepend_encoder
		opts['Payload'] ? opts['Payload']['PrependEncoder'] : nil
	end

	def payload_stack_adjustment
		opts['Payload'] ? opts['Payload']['StackAdjustment'] : nil
	end

	def payload_max_nops
		opts['Payload'] ? opts['Payload']['MaxNops'] : nil
	end
	
	def payload_min_nops
		opts['Payload'] ? opts['Payload']['MinNops'] : nil
	end
	
	def payload_space
		opts['Payload'] ? opts['Payload']['Space'] : nil
	end

	attr_reader :name, :platform, :arch, :opts, :ret, :save_registers
	attr_reader :bruteforce

protected

	attr_writer :name, :platform, :arch, :opts, :ret, :save_registers
	attr_writer :bruteforce

end
mass require moving of /lib git-svn-id: file:///home/svn/incoming/trunk@2690 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-09 21:18:49 +00:00			`require 'msf/core'`
moved data types around git-svn-id: file:///home/svn/incoming/trunk@2572 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 00:03:23 +00:00
			`###`
			`#`
			`# A target for an exploit.`
			`#`
			`###`
			`class Msf::Module::Target`

brute force target info git-svn-id: file:///home/svn/incoming/trunk@2740 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-12 22:33:46 +00:00			`###`
			`#`
			`# Bruteforce`
			`# ----------`
			`#`
			`# Target-specific brute force information, such as the addresses`
			`# to step, the step size (if the framework default is bad), and`
			`# other stuff.`
			`#`
			`###`
			`class Bruteforce < Hash`
			`def initialize(hash)`
			`update(hash)`
			`end`

			`#`
			`# Returns a hash of addresses that should be stepped during`
			`# exploitation and passed in to the bruteforce exploit`
			`# routine.`
			`#`
			`def start_addresses`
			`if (self['Start'] and self['Start'].kind_of?(Hash) == false)`
			`return {'Address' => self['Start'] }`
			`else`
			`return self['Start']`
			`end`
			`end`

			`#`
			`# Returns a hash of addresses that should be stopped at once`
			`# they are reached.`
			`#`
			`def stop_addresses`
			`if (self['Stop'] and self['Stop'].kind_of?(Hash) == false)`
			`return {'Address' => self['Stop'] }`
			`else`
			`return self['Stop']`
			`end`
			`end`

			`#`
			`# The step size to use, or zero if the framework should figure`
			`# it out.`
			`#`
			`def step_size`
			`self['Step'] \|\| 0`
			`end`

			`#`
			`# Returns the default step direction`
			`#`
			`def default_direction`
			`dd = self['DefaultDirection']`

			`if (dd and dd.to_s.match(/(-1\|backward)/i))`
			`return -1`
			`end`

			`return 1`
			`end`

			`#`
			`# The delay to add between attempts`
			`#`
			`def delay`
			`self['Delay'].to_i \|\| 0`
			`end`
			`end`

moved data types around git-svn-id: file:///home/svn/incoming/trunk@2572 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 00:03:23 +00:00			`#`
			`# Serialize from an array to a Target instance`
			`#`
			`def self.from_a(ary)`
			`return nil if (ary.length < 2)`

yoyoyoyoyoy git-svn-id: file:///home/svn/incoming/trunk@2580 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 18:03:56 +00:00			`self.new(ary.shift, ary.shift)`
moved data types around git-svn-id: file:///home/svn/incoming/trunk@2572 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 00:03:23 +00:00			`end`

			`#`
			`# Transforms the supplied source into an array of Target's`
			`#`
			`def self.transform(src)`
			`Rex::Transformer.transform(src, Array, [ self, String ], 'Target')`
			`end`

yoyoyoyoyoy git-svn-id: file:///home/svn/incoming/trunk@2580 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 18:03:56 +00:00			`#`
			`# Init it up!`
			`#`
			`def initialize(name, opts)`
			`opts = {} if (!opts)`

started working on exploit stuff, changed aliases a bit for windows payloads, pimped targets to the max, added wrappers to exploit for payload stuff git-svn-id: file:///home/svn/incoming/trunk@2729 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-11 15:34:31 +00:00			`self.name = name`
some work on compatible payload stuff git-svn-id: file:///home/svn/incoming/trunk@2753 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-14 14:46:18 +00:00			`self.platform = Msf::Module::PlatformList.from_a(opts['Platform'])`
started working on exploit stuff, changed aliases a bit for windows payloads, pimped targets to the max, added wrappers to exploit for payload stuff git-svn-id: file:///home/svn/incoming/trunk@2729 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-11 15:34:31 +00:00			`self.save_registers = opts['SaveRegisters']`
			`self.ret = opts['Ret']`
			`self.opts = opts`
some work on compatible payload stuff git-svn-id: file:///home/svn/incoming/trunk@2753 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-14 14:46:18 +00:00
			`if (opts['Arch'])`
			`self.arch = Rex::Transformer.transform(opts['Arch'], Array,`
			`[ String ], 'Arch')`
			`end`
brute force target info git-svn-id: file:///home/svn/incoming/trunk@2740 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-12 22:33:46 +00:00
			`# Does this target have brute force information?`
			`if (opts['Bruteforce'])`
			`self.bruteforce = Bruteforce.new(opts['Bruteforce'])`
			`end`
moved data types around git-svn-id: file:///home/svn/incoming/trunk@2572 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 00:03:23 +00:00			`end`

yoyoyoyoyoy git-svn-id: file:///home/svn/incoming/trunk@2580 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 18:03:56 +00:00			`#`
			`# Index the options directly`
			`#`
			`def [](key)`
			`opts[key]`
			`end`

commenting git-svn-id: file:///home/svn/incoming/trunk@2738 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-12 14:32:44 +00:00			`#`
			`# Returns whether or not this is a bruteforce target, forces boolean`
			`# result.`
			`#`
			`def bruteforce?`
			`return (bruteforce != nil)`
			`end`

added target specific stuff, generic stack adjustment, etc git-svn-id: file:///home/svn/incoming/trunk@2924 4d416f70-5f16-0410-b530-b9f4589650da 2005-10-01 05:55:15 +00:00			`##`
			`#`
			`# Target-specific payload modifications`
			`#`
			`##`

			`def payload_prepend`
			`opts['Payload'] ? opts['Payload']['Prepend'] : nil`
			`end`

			`def payload_append`
			`opts['Payload'] ? opts['Payload']['Append'] : nil`
			`end`

			`def payload_prepend_encoder`
			`opts['Payload'] ? opts['Payload']['PrependEncoder'] : nil`
			`end`

bug fixes in x86 asm, jmp call additive, payload generation, and new exploit git-svn-id: file:///home/svn/incoming/trunk@3021 4d416f70-5f16-0410-b530-b9f4589650da 2005-11-11 01:22:03 +00:00			`def payload_stack_adjustment`
			`opts['Payload'] ? opts['Payload']['StackAdjustment'] : nil`
			`end`

added target specific stuff, generic stack adjustment, etc git-svn-id: file:///home/svn/incoming/trunk@2924 4d416f70-5f16-0410-b530-b9f4589650da 2005-10-01 05:55:15 +00:00			`def payload_max_nops`
			`opts['Payload'] ? opts['Payload']['MaxNops'] : nil`
			`end`

			`def payload_min_nops`
			`opts['Payload'] ? opts['Payload']['MinNops'] : nil`
			`end`

			`def payload_space`
			`opts['Payload'] ? opts['Payload']['Space'] : nil`
			`end`

some work on compatible payload stuff git-svn-id: file:///home/svn/incoming/trunk@2753 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-14 14:46:18 +00:00			`attr_reader :name, :platform, :arch, :opts, :ret, :save_registers`
commenting git-svn-id: file:///home/svn/incoming/trunk@2738 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-12 14:32:44 +00:00			`attr_reader :bruteforce`

			`protected`

some work on compatible payload stuff git-svn-id: file:///home/svn/incoming/trunk@2753 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-14 14:46:18 +00:00			`attr_writer :name, :platform, :arch, :opts, :ret, :save_registers`
commenting git-svn-id: file:///home/svn/incoming/trunk@2738 4d416f70-5f16-0410-b530-b9f4589650da 2005-07-12 14:32:44 +00:00			`attr_writer :bruteforce`
unit testage git-svn-id: file:///home/svn/incoming/trunk@2573 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 00:33:38 +00:00
moved data types around git-svn-id: file:///home/svn/incoming/trunk@2572 4d416f70-5f16-0410-b530-b9f4589650da 2005-06-05 00:03:23 +00:00			`end`