Fix UDP scanner mixin with multicast addresses
This fixes #8828 by only binding UDP sockets when we have unicast targets. If we have multicast, prefer unbound sockets. This also brings in the 'ipaddress' gem for identifying multicast addresses. It looks like it could replace a lot of custom-built functionality in rex-socket, including RangeWalker. Will need to see how efficient it is.bug/bundler_fix
parent
031f48725f
commit
17aef43bb8
|
@ -11,6 +11,7 @@ PATH
|
|||
bit-struct
|
||||
dnsruby
|
||||
filesize
|
||||
ipaddress
|
||||
jsobfu
|
||||
json
|
||||
metasm
|
||||
|
@ -128,6 +129,7 @@ GEM
|
|||
fivemat (1.3.5)
|
||||
hashery (2.1.2)
|
||||
i18n (0.8.6)
|
||||
ipaddress (0.8.3)
|
||||
jsobfu (0.4.2)
|
||||
rkelly-remix
|
||||
json (2.1.0)
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
# -*- coding: binary -*-
|
||||
|
||||
require 'ipaddress'
|
||||
|
||||
module Msf
|
||||
|
||||
###
|
||||
|
@ -43,18 +45,20 @@ module Auxiliary::UDPScanner
|
|||
datastore['BATCHSIZE'].to_i
|
||||
end
|
||||
|
||||
def udp_socket(ip, port)
|
||||
def udp_socket(ip, port, bind_peer: true)
|
||||
key = "#{ip}:#{port}:#{bind_peer ? 'bound' : 'unbound'}"
|
||||
@udp_sockets_mutex.synchronize do
|
||||
key = "#{ip}:#{port}"
|
||||
unless @udp_sockets.key?(key)
|
||||
@udp_sockets[key] =
|
||||
Rex::Socket::Udp.create({
|
||||
sock_info = {
|
||||
'LocalHost' => datastore['CHOST'] || nil,
|
||||
'LocalPort' => datastore['CPORT'] || 0,
|
||||
'PeerHost' => ip,
|
||||
'PeerPort' => port,
|
||||
'Context' => { 'Msf' => framework, 'MsfExploit' => self }
|
||||
})
|
||||
}
|
||||
if bind_peer
|
||||
sock_info['PeerHost'] = ip
|
||||
sock_info['PeerPort'] = port
|
||||
end
|
||||
@udp_sockets[key] = Rex::Socket::Udp.create(sock_info)
|
||||
add_socket(@udp_sockets[key])
|
||||
end
|
||||
return @udp_sockets[key]
|
||||
|
@ -123,10 +127,15 @@ module Auxiliary::UDPScanner
|
|||
data = data.to_binary_s if data.respond_to?('to_binary_s')
|
||||
|
||||
resend_count = 0
|
||||
sock = nil
|
||||
|
||||
begin
|
||||
sock = udp_socket(ip, port)
|
||||
unless IPAddress(ip).multicast?
|
||||
sock = udp_socket(ip, port, bind_peer: true)
|
||||
sock.send(data, 0)
|
||||
else
|
||||
sock = udp_socket(ip, port, bind_peer: false)
|
||||
sock.sendto(data, ip, port, 0)
|
||||
end
|
||||
|
||||
rescue ::Errno::ENOBUFS
|
||||
resend_count += 1
|
||||
|
@ -136,8 +145,7 @@ module Auxiliary::UDPScanner
|
|||
end
|
||||
|
||||
scanner_recv(0.1)
|
||||
|
||||
::IO.select(nil, nil, nil, 0.25)
|
||||
sleep(0.25)
|
||||
|
||||
retry
|
||||
|
||||
|
|
|
@ -54,6 +54,8 @@ Gem::Specification.new do |spec|
|
|||
spec.add_runtime_dependency 'backports'
|
||||
# Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
|
||||
spec.add_runtime_dependency 'bcrypt'
|
||||
# Address manipulation (TODO: evaluate to replace rex-socket address handling)
|
||||
spec.add_runtime_dependency 'ipaddress'
|
||||
# Needed for Javascript obfuscation
|
||||
spec.add_runtime_dependency 'jsobfu'
|
||||
# Needed for some admin modules (scrutinizer_add_user.rb)
|
||||
|
|
Loading…
Reference in New Issue