Land #5688, remove msfcli
commit
07d05828d0
|
@ -253,21 +253,13 @@ class Msf::Modules::Loader::Base
|
|||
# @return [Hash{String => Integer}] Maps module type to number of
|
||||
# modules loaded
|
||||
def load_modules(path, options={})
|
||||
options.assert_valid_keys(:force, :whitelist)
|
||||
options.assert_valid_keys(:force)
|
||||
|
||||
force = options[:force]
|
||||
count_by_type = {}
|
||||
recalculate_by_type = {}
|
||||
|
||||
# This is used to avoid loading the same thing twice
|
||||
loaded_items = []
|
||||
|
||||
each_module_reference_name(path, options) do |parent_path, type, module_reference_name|
|
||||
# In msfcli mode, if a module is already loaded, avoid loading it again
|
||||
next if loaded_items.include?(module_reference_name) and options[:whitelist]
|
||||
|
||||
# Keep track of loaded modules in msfcli mode
|
||||
loaded_items << module_reference_name if options[:whitelist]
|
||||
load_module(
|
||||
parent_path,
|
||||
type,
|
||||
|
|
|
@ -56,24 +56,7 @@ class Msf::Modules::Loader::Directory < Msf::Modules::Loader::Base
|
|||
# The module_reference_name doesn't have a file extension
|
||||
module_reference_name = module_reference_name_from_path(relative_entry_descendant_path)
|
||||
|
||||
# If the modules argument is set, this means we only want to load specific ones instead
|
||||
# of loading everything to memory - see msfcli.
|
||||
if whitelist.empty?
|
||||
# Load every module we see, which is the default behavior.
|
||||
yield path, type, module_reference_name
|
||||
else
|
||||
whitelist.each do |pattern|
|
||||
# We have to use entry_descendant_path to see if this is the module we want, because
|
||||
# this is easier to identify the module type just by looking at the file path.
|
||||
# For example, if module_reference_name is used (or a parsed relative path), you can't
|
||||
# really tell if php/generic is a NOP module, a payload, or an encoder.
|
||||
if entry_descendant_path =~ pattern
|
||||
yield path, type, module_reference_name
|
||||
else
|
||||
next
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -30,7 +30,6 @@ Gem::Specification.new do |spec|
|
|||
spec.bindir = '.'
|
||||
spec.executables = [
|
||||
'msfbinscan',
|
||||
'msfcli',
|
||||
'msfconsole',
|
||||
'msfd',
|
||||
'msfelfscan',
|
||||
|
|
|
@ -21,10 +21,6 @@ class Metasploit3 < Msf::Auxiliary
|
|||
This module will check the certificate of the specified web servers
|
||||
to ensure the subject and issuer match the supplied pattern and that the certificate
|
||||
is not expired.
|
||||
|
||||
Note: Be sure to check your expression if using msfcli, shells tend to not like certain
|
||||
things and will strip/interpret them (= is a perfect example). It is better to use in
|
||||
console.
|
||||
}
|
||||
)
|
||||
|
||||
|
|
608
msfcli
608
msfcli
|
@ -1,608 +0,0 @@
|
|||
#!/usr/bin/env ruby
|
||||
# -*- coding: binary -*-
|
||||
#
|
||||
# This user interface allows users to interact with the framework through a
|
||||
# command line interface (CLI) rather than having to use a prompting console
|
||||
# or web-based interface.
|
||||
#
|
||||
|
||||
$stderr.puts "[!] ************************************************************************"
|
||||
$stderr.puts "[!] * The utility msfcli is deprecated! *"
|
||||
$stderr.puts "[!] * It will be removed on or about 2015-06-18 *"
|
||||
$stderr.puts "[!] * Please use msfconsole -r or -x instead *"
|
||||
$stderr.puts "[!] * Details: https://github.com/rapid7/metasploit-framework/pull/3802 *"
|
||||
$stderr.puts "[!] ************************************************************************"
|
||||
|
||||
msfbase = __FILE__
|
||||
while File.symlink?(msfbase)
|
||||
msfbase = File.expand_path(File.readlink(msfbase), File.dirname(msfbase))
|
||||
end
|
||||
|
||||
$:.unshift(File.expand_path(File.join(File.dirname(msfbase), 'lib')))
|
||||
|
||||
class Msfcli
|
||||
#
|
||||
# Attributes
|
||||
#
|
||||
|
||||
# @attribute framework
|
||||
# @return [Msf::Simple::Framework]
|
||||
|
||||
#
|
||||
# initialize
|
||||
#
|
||||
|
||||
def initialize(args)
|
||||
@args = {}
|
||||
@indent = ' '
|
||||
|
||||
@args[:module_name] = args.shift # First argument should be the module name
|
||||
@args[:mode] = args.pop || 'h' # Last argument should be the mode
|
||||
@args[:params] = args # Whatever is in the middle should be the params
|
||||
|
||||
if @args[:module_name] =~ /^exploit(s)*\//i
|
||||
@args[:module_name] = @args[:module_name].split('/')
|
||||
@args[:module_name] = @args[:module_name][1, @args[:module_name].length] * "/"
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
# Instance Methods
|
||||
#
|
||||
|
||||
# The framework to create and list modules.
|
||||
#
|
||||
# @return [Msf::Simple::Framework]
|
||||
def framework
|
||||
@framework ||= Msf::Simple::Framework.create({'DeferModuleLoads'=>true})
|
||||
end
|
||||
|
||||
# Sets {#framework}.
|
||||
#
|
||||
# @raise [ArgumentError] if {#framework} already set
|
||||
def framework=(framework)
|
||||
if instance_variable_defined? :@framework
|
||||
fail ArgumentError.new("framework already set")
|
||||
end
|
||||
|
||||
@framework = framework
|
||||
end
|
||||
|
||||
#
|
||||
# Returns a usage Rex table
|
||||
#
|
||||
def usage (str = nil, extra = nil)
|
||||
tbl = Rex::Ui::Text::Table.new(
|
||||
'Header' => "Usage: #{$0} <exploit_name> <option=value> [mode]",
|
||||
'Indent' => 4,
|
||||
'Columns' => ['Mode', 'Description']
|
||||
)
|
||||
|
||||
tbl << ['(H)elp', "You're looking at it baby!"]
|
||||
tbl << ['(S)ummary', 'Show information about this module']
|
||||
tbl << ['(O)ptions', 'Show available options for this module']
|
||||
tbl << ['(M)issing', 'Show empty required options for this module']
|
||||
tbl << ['(A)dvanced', 'Show available advanced options for this module']
|
||||
tbl << ['(I)DS Evasion', 'Show available ids evasion options for this module']
|
||||
tbl << ['(P)ayloads', 'Show available payloads for this module']
|
||||
tbl << ['(T)argets', 'Show available targets for this exploit module']
|
||||
tbl << ['(AC)tions', 'Show available actions for this module']
|
||||
tbl << ['(C)heck', 'Run the check routine of the selected module']
|
||||
tbl << ['(E)xecute', 'Execute the selected module']
|
||||
|
||||
tbl.to_s
|
||||
|
||||
$stdout.puts "Error: #{str}\n\n" if str
|
||||
$stdout.puts tbl.to_s + "\n"
|
||||
$stdout.puts "Examples:" + "\n"
|
||||
$stdout.puts "msfcli exploit/multi/handler payload=windows/meterpreter/reverse_tcp lhost=IP E" + "\n"
|
||||
$stdout.puts "msfcli auxiliary/scanner/http/http_version rhosts=IP encoder= post= nop= E" + "\n"
|
||||
$stdout.puts extra + "\n" if extra
|
||||
$stdout.puts
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Loads up everything in framework, and then returns the module list
|
||||
#
|
||||
def dump_module_list
|
||||
# This is what happens if the user doesn't specify a module name:
|
||||
# msfcli will end up loading EVERYTHING to memory to show you a help
|
||||
# menu plus a list of modules available. Really expensive if you ask me.
|
||||
$stdout.puts "[*] Please wait while we load the module tree..."
|
||||
self.framework = Msf::Simple::Framework.create
|
||||
ext = ''
|
||||
|
||||
tbl = Rex::Ui::Text::Table.new(
|
||||
'Header' => 'Exploits',
|
||||
'Indent' => 4,
|
||||
'Columns' => [ 'Name', 'Description' ])
|
||||
|
||||
framework.exploits.each_module { |name, mod|
|
||||
tbl << [ 'exploit/' + name, mod.new.name ]
|
||||
}
|
||||
ext << tbl.to_s + "\n"
|
||||
|
||||
tbl = Rex::Ui::Text::Table.new(
|
||||
'Header' => 'Auxiliary',
|
||||
'Indent' => 4,
|
||||
'Columns' => [ 'Name', 'Description' ])
|
||||
|
||||
framework.auxiliary.each_module { |name, mod|
|
||||
tbl << [ 'auxiliary/' + name, mod.new.name ]
|
||||
}
|
||||
|
||||
ext << tbl.to_s + "\n"
|
||||
ext
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Payload naming style is kind of inconsistent, so instead of
|
||||
# finding the exact path name, we provide the most educated guess (whitelist)
|
||||
# based on platform/stage type/session type/payload name suffix/etc.
|
||||
#
|
||||
def guess_payload_name(p)
|
||||
matches = []
|
||||
payload = p.split('/')
|
||||
platform = payload[0]
|
||||
suffix = payload[-1]
|
||||
stage_types = ['singles', 'stagers', 'stages']
|
||||
session_types = ['meterpreter', 'shell']
|
||||
arch = ''
|
||||
|
||||
# Rule out some possibilities
|
||||
if p =~ /meterpreter/i
|
||||
session_types.delete('shell')
|
||||
stage_types.delete('singles')
|
||||
end
|
||||
if p =~ /shell\/.+$/i
|
||||
session_types.delete('meterpreter')
|
||||
stage_types.delete('singles')
|
||||
end
|
||||
|
||||
if p =~ /x64/i
|
||||
arch = 'x64'
|
||||
elsif p =~ /x86/i
|
||||
arch = 'x86'
|
||||
end
|
||||
|
||||
# Determine if the payload is staged. If it is, then
|
||||
# we need to load that staged module too.
|
||||
if session_types.include?('shell') and stage_types.include?('stages')
|
||||
if arch == 'x64'
|
||||
matches << /stages\/#{platform}\/x64\/shell/
|
||||
elsif arch == 'x86'
|
||||
matches << /stages\/#{platform}\/x86\/shell/
|
||||
else
|
||||
matches << /stages\/#{platform}\/shell/
|
||||
end
|
||||
elsif session_types.include?('meterpreter') and stage_types.include?('stages')
|
||||
if arch == 'x64'
|
||||
matches << /stages\/#{platform}\/x64\/meterpreter/
|
||||
elsif arch == 'x86'
|
||||
matches << /stages\/#{platform}\/x86\/meterpreter/
|
||||
else
|
||||
matches << /stages\/#{platform}\/meterpreter/
|
||||
end
|
||||
end
|
||||
|
||||
# Guess the second possible match
|
||||
stage_types *= "|"
|
||||
session_types *= "|"
|
||||
|
||||
if arch == 'x64'
|
||||
matches << /payloads\/(#{stage_types})\/#{platform}\/x64\/.*(#{suffix})\.rb$/
|
||||
elsif arch == 'x86'
|
||||
matches << /payloads\/(#{stage_types})\/#{platform}\/x86\/.*(#{suffix})\.rb$/
|
||||
else
|
||||
matches << /payloads\/(#{stage_types})\/#{platform}\/.*(#{suffix})\.rb$/
|
||||
end
|
||||
|
||||
matches
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Returns a whitelist for encoder modules
|
||||
#
|
||||
def guess_encoder_name(e)
|
||||
[/encoders\/#{e}/]
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Returns a whitelist for nop modules
|
||||
#
|
||||
def guess_nop_name(n)
|
||||
[/nops\/#{n}/]
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Returns a whitelist for post modules
|
||||
#
|
||||
def guess_post_name(p)
|
||||
[/post\/#{p}/]
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Returns possible patterns like exploit/aux, encoders, nops we want to
|
||||
# load to the whitelist.
|
||||
#
|
||||
def generate_whitelist
|
||||
whitelist = []
|
||||
whitelist << /#{@args[:module_name]}/ # Add exploit
|
||||
|
||||
# nil = not set, empty = manually set to load nothing
|
||||
encoder_val = nil
|
||||
nops_val = nil
|
||||
post_val = nil
|
||||
payload_param = ''
|
||||
junk_args = []
|
||||
|
||||
@args[:params].each { |args|
|
||||
var, val = args.split('=', 2)
|
||||
next if val.nil?
|
||||
|
||||
case var.downcase
|
||||
when 'payload'
|
||||
payload_param = val
|
||||
if val.empty?
|
||||
junk_args << args
|
||||
else
|
||||
whitelist.concat(guess_payload_name(val))
|
||||
end
|
||||
|
||||
when 'encoder'
|
||||
encoder_val = val
|
||||
if val.empty?
|
||||
junk_args << args
|
||||
else
|
||||
whitelist.concat(guess_encoder_name(val))
|
||||
end
|
||||
|
||||
when 'nop'
|
||||
nops_val = val
|
||||
if val.empty?
|
||||
junk_args << args
|
||||
else
|
||||
whitelist.concat(guess_nop_name(val))
|
||||
end
|
||||
|
||||
when 'post'
|
||||
post_val = val
|
||||
if val.empty?
|
||||
junk_args << args
|
||||
else
|
||||
whitelist.concat(guess_post_name(val))
|
||||
end
|
||||
end
|
||||
}
|
||||
|
||||
# Cleanup empty args
|
||||
junk_args.each { |args| @args[:params].delete(args) }
|
||||
|
||||
# If it's an exploit and no payload set, load them all.
|
||||
if @args[:module_name] !~ /auxiliary\// and payload_param.empty?
|
||||
whitelist << /payloads\/.+/
|
||||
end
|
||||
|
||||
# Add post modules list if not set
|
||||
if post_val.nil?
|
||||
whitelist << /post\/.+/
|
||||
end
|
||||
|
||||
# Add default encoders if not set
|
||||
# This one is needed no matter what
|
||||
whitelist << /encoders\/generic\/*/
|
||||
if encoder_val.nil?
|
||||
if payload_param =~ /^.+\.x64.+/
|
||||
whitelist << /encoders\/x64\/.+/
|
||||
elsif payload_param =~ /^.+\.x86.+/
|
||||
whitelist << /encoders\/x86\/.+/
|
||||
else
|
||||
whitelist << /encoders\/.+/
|
||||
end
|
||||
end
|
||||
|
||||
# Add default NOP modules if not set
|
||||
if nops_val.nil?
|
||||
whitelist << /nops\/.+/
|
||||
end
|
||||
|
||||
whitelist
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Initializes exploit/payload/encoder/nop modules.
|
||||
#
|
||||
def init_modules
|
||||
$stdout.puts "[*] Initializing modules..."
|
||||
|
||||
module_name = @args[:module_name]
|
||||
modules = {
|
||||
:module => nil, # aux or exploit instance
|
||||
:payload => nil, # payload instance
|
||||
:encoder => nil, # encoder instance
|
||||
:nop => nil # nop instance
|
||||
}
|
||||
|
||||
whitelist = generate_whitelist
|
||||
|
||||
# Load up all the possible modules, this is where things get slow again
|
||||
framework.init_module_paths({:whitelist=>whitelist})
|
||||
if (framework.modules.module_load_error_by_path.length > 0)
|
||||
print("Warning: The following modules could not be loaded!\n\n")
|
||||
|
||||
framework.modules.module_load_error_by_path.each do |path, error|
|
||||
print("\t#{path}: #{error}\n\n")
|
||||
end
|
||||
|
||||
return {}
|
||||
end
|
||||
|
||||
# Determine what type of module it is
|
||||
if module_name =~ /exploit\/(.*)/
|
||||
modules[:module] = framework.exploits.create($1)
|
||||
elsif module_name =~ /auxiliary\/(.*)/
|
||||
modules[:module] = framework.auxiliary.create($1)
|
||||
elsif module_name =~ /post\/(.*)/
|
||||
modules[:module] = framework.post.create($1)
|
||||
else
|
||||
modules[:module] = framework.exploits.create(module_name)
|
||||
if modules[:module].nil?
|
||||
# Try falling back on aux modules
|
||||
modules[:module] = framework.auxiliary.create(module_name)
|
||||
end
|
||||
end
|
||||
|
||||
if modules[:module].nil?
|
||||
# Still nil? Ok then, probably invalid
|
||||
return {}
|
||||
end
|
||||
|
||||
modules[:module].init_ui(
|
||||
Rex::Ui::Text::Input::Stdio.new,
|
||||
Rex::Ui::Text::Output::Stdio.new
|
||||
)
|
||||
|
||||
# Import options
|
||||
begin
|
||||
modules[:module].datastore.import_options_from_s(@args[:params].join('_|_'), '_|_')
|
||||
rescue Rex::ArgumentParseError => e
|
||||
raise e
|
||||
end
|
||||
|
||||
# Create the payload to use
|
||||
if (modules[:module].datastore['PAYLOAD'])
|
||||
modules[:payload] = framework.payloads.create(modules[:module].datastore['PAYLOAD'])
|
||||
if modules[:payload]
|
||||
modules[:payload].datastore.import_options_from_s(@args[:params].join('_|_'), '_|_')
|
||||
end
|
||||
end
|
||||
|
||||
# Create the encoder to use
|
||||
if modules[:module].datastore['ENCODER']
|
||||
modules[:encoder] = framework.encoders.create(modules[:module].datastore['ENCODER'])
|
||||
if modules[:encoder]
|
||||
modules[:encoder].datastore.import_options_from_s(@args[:params].join('_|_'), '_|_')
|
||||
end
|
||||
end
|
||||
|
||||
# Create the NOP to use
|
||||
if modules[:module].datastore['NOP']
|
||||
modules[:nop] = framework.nops.create(modules[:module].datastore['NOP'])
|
||||
if modules[:nop]
|
||||
modules[:nop].datastore.import_options_from_s(@args[:params].join('_|_'), '_|_')
|
||||
end
|
||||
end
|
||||
|
||||
modules
|
||||
end
|
||||
|
||||
|
||||
def show_summary(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_module(m[:module], @indent))
|
||||
$stdout.puts("\n" + readable.dump_module(m[:payload], @indent)) if m[:payload]
|
||||
$stdout.puts("\n" + readable.dump_module(m[:encoder], @indent)) if m[:encoder]
|
||||
$stdout.puts("\n" + readable.dump_module(m[:nop], @indent)) if m[:nop]
|
||||
end
|
||||
|
||||
|
||||
def show_options(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_options(m[:module], @indent))
|
||||
$stdout.puts("\nPayload:\n\n" + readable.dump_options(m[:payload], @indent)) if m[:payload]
|
||||
$stdout.puts("\nEncoder:\n\n" + readable.dump_options(m[:encoder], @indent)) if m[:encoder]
|
||||
$stdout.puts("\nNOP\n\n" + readable.dump_options(m[:nop], @indent)) if m[:nop]
|
||||
end
|
||||
|
||||
|
||||
def show_missing(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_options(m[:module], @indent, true))
|
||||
$stdout.puts("\nPayload:\n\n" + readable.dump_options(m[:payload], @indent, true)) if m[:payload]
|
||||
$stdout.puts("\nEncoder:\n\n" + readable.dump_options(m[:encoder], @indent, true)) if m[:encoder]
|
||||
$stdout.puts("\nNOP\n\n" + readable.dump_options(m[:nop], @indent, true)) if m[:nop]
|
||||
end
|
||||
|
||||
|
||||
def show_advanced(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_advanced_options(m[:module], @indent))
|
||||
$stdout.puts("\nPayload:\n\n" + readable.dump_advanced_options(m[:payload], @indent)) if m[:payload]
|
||||
$stdout.puts("\nEncoder:\n\n" + readable.dump_advanced_options(m[:encoder], @indent)) if m[:encoder]
|
||||
$stdout.puts("\nNOP:\n\n" + readable.dump_advanced_options(m[:nop], @indent)) if m[:nop]
|
||||
end
|
||||
|
||||
|
||||
def show_ids_evasion(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_evasion_options(m[:module], @indent))
|
||||
$stdout.puts("\nPayload:\n\n" + readable.dump_evasion_options(m[:payload], @indent)) if m[:payload]
|
||||
$stdout.puts("\nEncoder:\n\n" + readable.dump_evasion_options(m[:encoder], @indent)) if m[:encoder]
|
||||
$stdout.puts("\nNOP:\n\n" + readable.dump_evasion_options(m[:nop], @indent)) if m[:nop]
|
||||
end
|
||||
|
||||
|
||||
def show_payloads(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
txt = "Compatible payloads"
|
||||
$stdout.puts("\n" + readable.dump_compatible_payloads(m[:module], @indent, txt))
|
||||
end
|
||||
|
||||
|
||||
def show_targets(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_exploit_targets(m[:module], @indent))
|
||||
end
|
||||
|
||||
|
||||
def show_actions(m)
|
||||
readable = Msf::Serializer::ReadableText
|
||||
$stdout.puts("\n" + readable.dump_module_actions(m[:module], @indent))
|
||||
end
|
||||
|
||||
|
||||
def show_check(m)
|
||||
begin
|
||||
if (code = m[:module].check_simple(
|
||||
'LocalInput' => Rex::Ui::Text::Input::Stdio.new,
|
||||
'LocalOutput' => Rex::Ui::Text::Output::Stdio.new))
|
||||
stat = (code == Msf::Exploit::CheckCode::Vulnerable) ? '[+]' : '[*]'
|
||||
|
||||
$stdout.puts("#{stat} #{code[1]}")
|
||||
else
|
||||
$stdout.puts("Check failed: The state could not be determined.")
|
||||
end
|
||||
rescue
|
||||
$stdout.puts("Check failed: #{$!}")
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
def execute_module(m)
|
||||
con = Msf::Ui::Console::Driver.new(
|
||||
Msf::Ui::Console::Driver::DefaultPrompt,
|
||||
Msf::Ui::Console::Driver::DefaultPromptChar,
|
||||
{
|
||||
'Framework' => framework,
|
||||
# When I use msfcli, chances are I want speed, so ASCII art fanciness
|
||||
# probably isn't much of a big deal for me.
|
||||
'DisableBanner' => true
|
||||
})
|
||||
|
||||
module_class = (m[:module].fullname =~ /^auxiliary/ ? 'auxiliary' : 'exploit')
|
||||
|
||||
con.run_single("use #{module_class}/#{m[:module].refname}")
|
||||
|
||||
# Assign console parameters
|
||||
@args[:params].each do |arg|
|
||||
k,v = arg.split("=", 2)
|
||||
con.run_single("set #{k} #{v}")
|
||||
end
|
||||
|
||||
# Run the exploit
|
||||
con.run_single("exploit")
|
||||
|
||||
# If we have sessions or jobs, keep running
|
||||
if framework.sessions.length > 0 or framework.jobs.length > 0
|
||||
con.run
|
||||
else
|
||||
con.run_single("quit")
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
#
|
||||
# Selects a mode chosen by the user and run it
|
||||
#
|
||||
def engage_mode(modules)
|
||||
case @args[:mode].downcase
|
||||
when 'h'
|
||||
usage
|
||||
when "s"
|
||||
show_summary(modules)
|
||||
when "o"
|
||||
show_options(modules)
|
||||
when "m"
|
||||
show_missing(modules)
|
||||
when "a"
|
||||
show_advanced(modules)
|
||||
when "i"
|
||||
show_ids_evasion(modules)
|
||||
when "p"
|
||||
if modules[:module].file_path =~ /auxiliary\//i
|
||||
$stdout.puts("\nError: This type of module does not support payloads")
|
||||
else
|
||||
show_payloads(modules)
|
||||
end
|
||||
when "t"
|
||||
puts
|
||||
if modules[:module].file_path =~ /auxiliary\//i
|
||||
$stdout.puts("\nError: This type of module does not support targets")
|
||||
else
|
||||
show_targets(modules)
|
||||
end
|
||||
when "ac"
|
||||
if modules[:module].kind_of?(Msf::Module::HasActions)
|
||||
show_actions(modules)
|
||||
else
|
||||
$stdout.puts("\nError: This type of module does not support actions")
|
||||
end
|
||||
when "c"
|
||||
show_check(modules)
|
||||
when "e"
|
||||
execute_module(modules)
|
||||
else
|
||||
usage("Invalid mode #{@args[:mode]}")
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
def run!
|
||||
if @args[:module_name] == "-h"
|
||||
usage()
|
||||
exit
|
||||
end
|
||||
|
||||
$:.unshift(ENV['MSF_LOCAL_LIB']) if ENV['MSF_LOCAL_LIB']
|
||||
require 'msfenv'
|
||||
require 'msf/ui'
|
||||
require 'msf/base'
|
||||
|
||||
if @args[:module_name].nil?
|
||||
ext = dump_module_list
|
||||
usage(nil, ext)
|
||||
exit
|
||||
end
|
||||
|
||||
begin
|
||||
modules = init_modules
|
||||
rescue Rex::ArgumentParseError => e
|
||||
puts "[!] Error: #{e.message}\n\n"
|
||||
exit
|
||||
end
|
||||
|
||||
if modules[:module].nil?
|
||||
usage("Invalid module: #{@args[:module_name]}")
|
||||
exit
|
||||
end
|
||||
|
||||
# Process special var/val pairs...
|
||||
Msf::Ui::Common.process_cli_arguments(framework, @args[:params])
|
||||
|
||||
engage_mode(modules)
|
||||
$stdout.puts
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
if __FILE__ == $PROGRAM_NAME
|
||||
cli = Msfcli.new(ARGV)
|
||||
cli.run!
|
||||
end
|
|
@ -1,812 +0,0 @@
|
|||
require 'spec_helper'
|
||||
|
||||
load Metasploit::Framework.root.join('msfcli').to_path
|
||||
|
||||
require 'msfenv'
|
||||
require 'msf/ui'
|
||||
require 'msf/base'
|
||||
|
||||
|
||||
describe Msfcli, :content do
|
||||
subject(:msfcli) {
|
||||
described_class.new(args)
|
||||
}
|
||||
|
||||
#
|
||||
# methods
|
||||
#
|
||||
|
||||
# Get stdout:
|
||||
# http://stackoverflow.com/questions/11349270/test-output-to-command-line-with-rspec
|
||||
def get_stdout(&block)
|
||||
out = $stdout
|
||||
$stdout = fake = StringIO.new
|
||||
begin
|
||||
yield
|
||||
ensure
|
||||
$stdout = out
|
||||
end
|
||||
fake.string
|
||||
end
|
||||
|
||||
#
|
||||
# lets
|
||||
#
|
||||
|
||||
let(:args) {
|
||||
[]
|
||||
}
|
||||
|
||||
context "#initialize" do
|
||||
context 'with module name' do
|
||||
let(:args) {
|
||||
[
|
||||
module_name,
|
||||
*params
|
||||
]
|
||||
}
|
||||
|
||||
let(:module_name) {
|
||||
'multi/handler'
|
||||
}
|
||||
|
||||
let(:params) {
|
||||
%w{payload=windows/meterpreter/reverse_tcp lhost=127.0.0.1}
|
||||
}
|
||||
|
||||
let(:parsed_args) {
|
||||
msfcli.instance_variable_get(:@args)
|
||||
}
|
||||
|
||||
context 'multi/handler' do
|
||||
context 'with mode' do
|
||||
let(:args) {
|
||||
super() + [mode]
|
||||
}
|
||||
|
||||
context 'E' do
|
||||
let(:mode) {
|
||||
'E'
|
||||
}
|
||||
|
||||
it 'parses module name into :module_name arg' do
|
||||
expect(parsed_args[:module_name]).to eq(module_name)
|
||||
end
|
||||
|
||||
it 'parses mode into :mode arg' do
|
||||
expect(parsed_args[:mode]).to eq(mode)
|
||||
end
|
||||
|
||||
it 'parses module parameters between module name and mode' do
|
||||
expect(parsed_args[:params]).to eq(params)
|
||||
end
|
||||
end
|
||||
|
||||
context 's' do
|
||||
let(:mode) {
|
||||
's'
|
||||
}
|
||||
|
||||
it "parses mode as 's' (summary)" do
|
||||
expect(parsed_args[:mode]).to eq(mode)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'without mode' do
|
||||
let(:args) {
|
||||
[
|
||||
module_name
|
||||
]
|
||||
}
|
||||
|
||||
it "parses mode as 'h' (help) by default" do
|
||||
expect(parsed_args[:mode]).to eq('h')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'exploit/windows/browser/ie_cbutton_uaf' do
|
||||
let(:module_name) {
|
||||
'exploit/windows/browser/ie_cbutton_uaf'
|
||||
}
|
||||
|
||||
it "strips 'exploit/' prefix for :module_name" do
|
||||
expect(parsed_args[:module_name]).to eq('windows/browser/ie_cbutton_uaf')
|
||||
end
|
||||
end
|
||||
|
||||
context 'exploit/windows/browser/ie_cbutton_uaf' do
|
||||
let(:module_name) {
|
||||
'exploits/windows/browser/ie_cbutton_uaf'
|
||||
}
|
||||
|
||||
it "strips 'exploits/' prefix for :module_name" do
|
||||
expect(parsed_args[:module_name]).to eq('windows/browser/ie_cbutton_uaf')
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "#usage" do
|
||||
it "prints Usage" do
|
||||
out = get_stdout {
|
||||
msfcli.usage
|
||||
}
|
||||
|
||||
expect(out).to include('Usage')
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
# This one is slow because we're loading all modules
|
||||
#
|
||||
context "#dump_module_list" do
|
||||
include_context 'Metasploit::Framework::Spec::Constants cleaner'
|
||||
|
||||
let(:framework) {
|
||||
msfcli.framework
|
||||
}
|
||||
|
||||
it 'dumps a listof modules' do
|
||||
tbl = ''
|
||||
|
||||
stdout = get_stdout {
|
||||
tbl = msfcli.dump_module_list
|
||||
}
|
||||
|
||||
expect(tbl).to include 'Exploits'
|
||||
expect(stdout).to include 'Please wait'
|
||||
end
|
||||
end
|
||||
|
||||
context "#guess_payload_name" do
|
||||
subject(:guess_payload_name) {
|
||||
msfcli.guess_payload_name(payload_reference_name)
|
||||
}
|
||||
|
||||
context 'with windows/meterpreter/reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'windows/meterpreter/reverse_tcp'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/windows\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/windows\/.*(reverse_tcp)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with windows/shell/reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'windows/shell/reverse_tcp'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/windows\/shell/,
|
||||
/payloads\/(stagers|stages)\/windows\/.*(reverse_tcp)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with php/meterpreter_reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'php/meterpreter_reverse_tcp'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/php\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/php\/.*(meterpreter_reverse_tcp)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with linux/x86/meterpreter/reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'linux/x86/meterpreter/reverse_tcp'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/linux\/x86\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/linux\/x86\/.*(reverse_tcp)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with java/meterpreter/reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'java/meterpreter/reverse_tcp'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/java\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/java\/.*(reverse_tcp)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with cmd/unix/reverse' do
|
||||
let(:payload_reference_name) {
|
||||
'cmd/unix/reverse'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/cmd\/shell/,
|
||||
/payloads\/(singles|stagers|stages)\/cmd\/.*(reverse)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with bsd/x86/shell_reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'bsd/x86/shell_reverse_tcp'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[
|
||||
/stages\/bsd\/x86\/shell/,
|
||||
/payloads\/(singles|stagers|stages)\/bsd\/x86\/.*(shell_reverse_tcp)\.rb$/
|
||||
]
|
||||
)
|
||||
}
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
context "#guess_encoder_name" do
|
||||
subject(:guess_encoder_name) {
|
||||
msfcli.guess_encoder_name(encoder_reference_name)
|
||||
}
|
||||
|
||||
context 'with x86/shikata_ga_nai' do
|
||||
let(:encoder_reference_name) {
|
||||
'x86/shikata_ga_nai'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[/encoders\/#{encoder_reference_name}/]
|
||||
)
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
context "#guess_nop_name" do
|
||||
subject(:guess_nop_name) {
|
||||
msfcli.guess_nop_name(nop_reference_name)
|
||||
}
|
||||
|
||||
context 'with x86/shikata_ga_nai' do
|
||||
let(:nop_reference_name) {
|
||||
'x86/single_byte'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to eq(
|
||||
[/nops\/#{nop_reference_name}/]
|
||||
)
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
context "#generate_whitelist" do
|
||||
subject(:generate_whitelist) {
|
||||
msfcli.generate_whitelist.map(&:to_s)
|
||||
}
|
||||
|
||||
let(:args) {
|
||||
[
|
||||
'multi/handler',
|
||||
"payload=#{payload_reference_name}",
|
||||
'lhost=127.0.0.1',
|
||||
mode
|
||||
]
|
||||
}
|
||||
|
||||
let(:mode) {
|
||||
'E'
|
||||
}
|
||||
|
||||
context 'with payload' do
|
||||
context 'linux/x86/reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'linux/x86/reverse_tcp'
|
||||
}
|
||||
|
||||
context 'with encoder' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "encoder=#{encoder_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context 'x86/fnstenv_mov' do
|
||||
let(:encoder_reference_name) {
|
||||
'x86/fnstenv_mov'
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to match_array(
|
||||
[
|
||||
/multi\/handler/,
|
||||
/stages\/linux\/x86\/shell/,
|
||||
/payloads\/(singles|stagers|stages)\/linux\/x86\/.*(reverse_tcp)\.rb$/,
|
||||
/encoders\/x86\/fnstenv_mov/,
|
||||
/post\/.+/,
|
||||
/encoders\/generic\/*/,
|
||||
/nops\/.+/
|
||||
].map(&:to_s)
|
||||
)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'windows/meterpreter/reverse_tcp' do
|
||||
let(:payload_reference_name) {
|
||||
'windows/meterpreter/reverse_tcp'
|
||||
}
|
||||
|
||||
context 'with default options' do
|
||||
it {
|
||||
is_expected.to match_array(
|
||||
[
|
||||
/multi\/handler/,
|
||||
/stages\/windows\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/windows\/.*(reverse_tcp)\.rb$/,
|
||||
/post\/.+/,
|
||||
/encoders\/generic\/*/,
|
||||
/encoders\/.+/,
|
||||
/nops\/.+/
|
||||
].map(&:to_s)
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
context 'with encoder' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "encoder=#{encoder_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context "''" do
|
||||
let(:encoder_reference_name) do
|
||||
"''"
|
||||
end
|
||||
|
||||
context 'with post' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "post=#{post_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context "''" do
|
||||
let(:post_reference_name) do
|
||||
"''"
|
||||
end
|
||||
|
||||
context "with nop" do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "nop=#{nop_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context "''" do
|
||||
let(:nop_reference_name) {
|
||||
"''"
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to match_array(
|
||||
[
|
||||
/multi\/handler/,
|
||||
/stages\/windows\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/windows\/.*(reverse_tcp)\.rb$/,
|
||||
/encoders\/''/,
|
||||
/post\/''/,
|
||||
/nops\/''/,
|
||||
/encoders\/generic\/*/
|
||||
].map(&:to_s)
|
||||
)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "<blank>" do
|
||||
let(:encoder_reference_name) do
|
||||
""
|
||||
end
|
||||
|
||||
context 'with post' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "post=#{post_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context "<blank>" do
|
||||
let(:post_reference_name) do
|
||||
""
|
||||
end
|
||||
|
||||
context "with nop" do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "nop=#{nop_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context "<blank>" do
|
||||
let(:nop_reference_name) {
|
||||
""
|
||||
}
|
||||
|
||||
it {
|
||||
is_expected.to match_array(
|
||||
[
|
||||
/multi\/handler/,
|
||||
/stages\/windows\/meterpreter/,
|
||||
/payloads\/(stagers|stages)\/windows\/.*(reverse_tcp)\.rb$/,
|
||||
/encoders\/generic\/*/
|
||||
].map(&:to_s)
|
||||
)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "#init_modules" do
|
||||
include_context 'Metasploit::Framework::Spec::Constants cleaner'
|
||||
|
||||
let(:args) {
|
||||
[
|
||||
module_name,
|
||||
mode
|
||||
]
|
||||
}
|
||||
|
||||
let(:framework) {
|
||||
msfcli.framework
|
||||
}
|
||||
|
||||
let(:mode) {
|
||||
'S'
|
||||
}
|
||||
|
||||
context 'with exploit/windows/smb/psexec' do
|
||||
let(:module_name) {
|
||||
'exploit/windows/smb/psexec'
|
||||
}
|
||||
|
||||
it 'creates the module in :module' do
|
||||
modules = {}
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules[:module]).to be_an Msf::Exploit
|
||||
expect(modules[:module].fullname).to eq(module_name)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with auxiliary/server/browser_autopwn' do
|
||||
let(:module_name) {
|
||||
'auxiliary/server/browser_autopwn'
|
||||
}
|
||||
|
||||
it 'creates the module in :module' do
|
||||
modules = {}
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules[:module]).to be_an Msf::Auxiliary
|
||||
expect(modules[:module].fullname).to eq(module_name)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with post/windows/gather/credentials/gpp' do
|
||||
let(:module_name) {
|
||||
'post/windows/gather/credentials/gpp'
|
||||
}
|
||||
|
||||
it 'creates the module in :module' do
|
||||
modules = {}
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules[:module]).to be_an Msf::Post
|
||||
expect(modules[:module].fullname).to eq(module_name)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with exploit/multi/handler' do
|
||||
let(:module_name) {
|
||||
'multi/handler'
|
||||
}
|
||||
|
||||
it 'creates the module in :module' do
|
||||
modules = {}
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules[:module]).to be_an Msf::Exploit
|
||||
expect(modules[:module].refname).to eq(module_name)
|
||||
end
|
||||
|
||||
context 'with payload' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "payload=#{payload_reference_name}")
|
||||
}
|
||||
}
|
||||
|
||||
context 'windows/meterpreter/reverse_tcp' do
|
||||
let(:payload_reference_name) do
|
||||
'windows/meterpreter/reverse_tcp'
|
||||
end
|
||||
|
||||
it 'creates payload in :payload' do
|
||||
modules = {}
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules[:payload]).to be_an Msf::Payload
|
||||
expect(modules[:payload].refname).to eq(payload_reference_name)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'with data store options' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "#{data_store_key}=#{data_store_value}")
|
||||
}
|
||||
}
|
||||
|
||||
let(:data_store_key) {
|
||||
'lhost'
|
||||
}
|
||||
|
||||
let(:data_store_value) {
|
||||
'127.0.0.1'
|
||||
}
|
||||
|
||||
it 'sets data store on :module' do
|
||||
modules = {}
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules[:module].datastore[data_store_key]).to eq(data_store_value)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'with invalid module name' do
|
||||
let(:module_name) {
|
||||
'invalid/module/name'
|
||||
}
|
||||
|
||||
it 'returns empty modules Hash' do
|
||||
modules = nil
|
||||
|
||||
Kernel.quietly {
|
||||
modules = msfcli.init_modules
|
||||
}
|
||||
|
||||
expect(modules).to eq({})
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "#engage_mode" do
|
||||
include_context 'Metasploit::Framework::Spec::Constants cleaner'
|
||||
|
||||
subject(:engage_mode) {
|
||||
msfcli.engage_mode(modules)
|
||||
}
|
||||
|
||||
let(:args) {
|
||||
[
|
||||
module_name,
|
||||
mode
|
||||
]
|
||||
}
|
||||
|
||||
let(:framework) {
|
||||
msfcli.framework
|
||||
}
|
||||
|
||||
let(:modules) {
|
||||
msfcli.init_modules
|
||||
}
|
||||
|
||||
context 'with auxiliary/scanner/http/http_put' do
|
||||
let(:module_name) {
|
||||
'auxiliary/scanner/http/http_put'
|
||||
}
|
||||
|
||||
context 'with mode' do
|
||||
context 'ac' do
|
||||
let(:mode) {
|
||||
'ac'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/DELETE/)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'with auxiliary/scanner/http/http_version' do
|
||||
let(:module_name) {
|
||||
'auxiliary/scanner/http/http_version'
|
||||
}
|
||||
|
||||
context 'with mode' do
|
||||
context 'A' do
|
||||
let(:mode) {
|
||||
'A'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/UserAgent/)
|
||||
}
|
||||
end
|
||||
|
||||
context 'I' do
|
||||
let(:mode) {
|
||||
'I'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/Insert fake relative directories into the uri/)
|
||||
}
|
||||
end
|
||||
|
||||
context 'O' do
|
||||
let(:mode) {
|
||||
'O'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/The target address range or CIDR identifier/)
|
||||
}
|
||||
end
|
||||
|
||||
context 'P' do
|
||||
let(:mode) {
|
||||
'P'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/This type of module does not support payloads/)
|
||||
}
|
||||
end
|
||||
|
||||
context 's' do
|
||||
let(:mode) {
|
||||
's'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match %r{Module: auxiliary/scanner/http/http_version}
|
||||
}
|
||||
end
|
||||
|
||||
context 't' do
|
||||
let(:mode) {
|
||||
't'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/This type of module does not support targets/)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'with windows/browser/ie_cbutton_uaf' do
|
||||
let(:module_name) {
|
||||
'windows/browser/ie_cbutton_uaf'
|
||||
}
|
||||
|
||||
context 'with mode' do
|
||||
context 'ac' do
|
||||
let(:mode) {
|
||||
'ac'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/This type of module does not support actions/)
|
||||
}
|
||||
end
|
||||
|
||||
context 'P' do
|
||||
let(:mode) {
|
||||
'P'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/windows\/meterpreter\/reverse_tcp/)
|
||||
}
|
||||
end
|
||||
|
||||
context 'T' do
|
||||
let(:mode) {
|
||||
'T'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/IE 8 on Windows 7/)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'with windows/smb/ms08_067_netapi' do
|
||||
let(:args) {
|
||||
super().tap { |args|
|
||||
args.insert(-2, "RHOST=127.0.0.1")
|
||||
}
|
||||
}
|
||||
|
||||
let(:module_name) {
|
||||
'windows/smb/ms08_067_netapi'
|
||||
}
|
||||
|
||||
context 'with mode C' do
|
||||
let(:mode) {
|
||||
'C'
|
||||
}
|
||||
|
||||
specify {
|
||||
expect(get_stdout { engage_mode }).to match(/#{Msf::Exploit::CheckCode::Unknown[1]}/)
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,3 +1,3 @@
|
|||
#!/bin/sh
|
||||
CPUPROFILE_FREQUENCY=500 CPUPROFILE=profile.dat RUBYOPT="-r`gem which perftools | tail -1`" ruby msfcli z
|
||||
CPUPROFILE_FREQUENCY=500 CPUPROFILE=profile.dat RUBYOPT="-r`gem which perftools | tail -1`" ruby msfconsole -x "exit" z
|
||||
pprof.rb --gif profile.dat > profile.gif
|
||||
|
|
Loading…
Reference in New Issue