infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added CHOST/CPORT as advanced options. Split out uncommon SMB options as advanced 

git-svn-id: file:///home/svn/framework3/trunk@4429 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2007-02-18 07:02:47 +00:00
parent 7136d6bbd4
commit 1d1f55f9e9
9 changed files with 125 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
data/msfweb/app/views/exploits/exploit.rhtml
View File

@ -15,8 +15,15 @@
<th class="moduleOptionsHeader">Description</th> <th class="moduleOptionsHeader">Description</th>
</tr> </tr>
<%
rcol_a = 'item_row_col_a'
rcol_b = 'item_row_col_b'
rcol = rcol_b
%>
<% @payloads.each_with_index do |p, idx| %> <% @payloads.each_with_index do |p, idx| %>
<tr><% o = p[1].new %> <tr class='<%=h rcol = (rcol == rcol_a) ? rcol_b : rcol_a %>'>
<% o = p[1].new %>
<td><%= link_to h(p[0]), :refname => @tmod.refname.gsub('/', ':'), :step => "config", <td><%= link_to h(p[0]), :refname => @tmod.refname.gsub('/', ':'), :step => "config",
:target => h(params[:target].to_i), :payload => idx %></td> :target => h(params[:target].to_i), :payload => idx %></td>
<td><%= h(o.description) %></td> <td><%= h(o.description) %></td>
@ -47,7 +54,7 @@
<tr> <tr>
<tr> <tr>
<td>Payload bad characters:</td> <td>Payload bad characters:</td>
<td><%= Rex::Text::to_hex(@tmod.payload_badchars) %></td> <td><%= Rex::Text::to_hex(@tmod.payload_badchars || '' ) %></td>
<tr> <tr>
<tr> <tr>
@ -60,7 +67,7 @@
<%= hidden_field_tag "target", h(params[:target]) %> <%= hidden_field_tag "target", h(params[:target]) %>
<%= hidden_field_tag "payload", h(params[:payload]) %> <%= hidden_field_tag "payload", h(params[:payload]) %>
<% @tmod.options.each { |name, option| <% @tmod.options.sort.each { |name, option|
next if (option.advanced?) next if (option.advanced?)
next if (option.evasion?) %> next if (option.evasion?) %>
<tr> <tr>
@ -74,7 +81,7 @@
</td> </td>
</tr> </tr>
<% } %> <% } %>
<% @payload[1].new.options.each { |name, option| <% @payload[1].new.options.sort.each { |name, option|
next if (option.advanced?) next if (option.advanced?)
next if (option.evasion?) %> next if (option.evasion?) %>
<tr> <tr>
@ -90,9 +97,79 @@
<% } %> <% } %>
<tr> <tr>
<th colspan="2"><%= submit_tag "Exploit" %></th> <th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
</tr> </tr>
<tr>
<th colspan="2" class="moduleOptionsHeader">ADVANCED OPTIONS</th>
</tr>
<% @tmod.options.sort.each { |name, option|
next if not option.advanced? %>
<tr>
<td><strong><%= name %></strong></td>
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
</tr>
<tr>
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
<td>
<input type="text" name="eopt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
</td>
</tr>
<% } %>
<% @payload[1].new.options.sort.each { |name, option|
next if not option.advanced? %>
<tr>
<td><strong><%= name %></strong></td>
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
</tr>
<tr>
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
<td>
<input type="text" name="popt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
</td>
</tr>
<% } %>
<tr>
<th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
</tr>
<tr>
<th colspan="2" class="moduleOptionsHeader">EVASION OPTIONS</th>
</tr>
<% @tmod.options.sort.each { |name, option|
next if not option.evasion? %>
<tr>
<td><strong><%= name %></strong></td>
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
</tr>
<tr>
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
<td>
<input type="text" name="eopt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
</td>
</tr>
<% } %>
<% @payload[1].new.options.sort.each { |name, option|
next if not option.evasion? %>
<tr>
<td><strong><%= name %></strong></td>
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
</tr>
<tr>
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
<td>
<input type="text" name="popt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
</td>
</tr>
<% } %>
<tr>
<th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
</tr>
</form> </form>
<% elsif @cur_step == "ready" %> <% elsif @cur_step == "ready" %>

2
data/msfweb/app/views/exploits/view.rhtml
View File

@ -48,7 +48,7 @@
<tr width="100%" align="center"> <tr width="100%" align="center">
<blockquote> <blockquote>
<p class="moduleDescription"> <p class="moduleDescription">
Available targets: Please select a target:
<ul class="moduleTargets"> <ul class="moduleTargets">
<% @tmod.targets.each_with_index { |tgt, idx| %> <% @tmod.targets.each_with_index { |tgt, idx| %>
<li><%= link_to h(tgt.name), :action => "exploit", :refname => @tmod.refname.gsub('/', ':'), :target => idx %></a></li> <li><%= link_to h(tgt.name), :action => "exploit", :refname => @tmod.refname.gsub('/', ':'), :target => idx %></a></li>

2
data/msfweb/public/javascripts/application.js
View File

@ -168,7 +168,7 @@ function create_window_ajax(target_url, wid, wtitle, wwidth, wheight) {
* Height and width are fixed, should be working values in all cases. * Height and width are fixed, should be working values in all cases.
*/ */
function openModuleWindow(mtype, refname, wtitle) { function openModuleWindow(mtype, refname, wtitle) {
var mWin = create_window_ajax("/" + mtype + "/view?refname=" + refname, mtype + "-view-" + obtainWindowId(), wtitle, 650, 350); var mWin = create_window_ajax("/" + mtype + "/view?refname=" + refname, mtype + "-view-" + obtainWindowId(), wtitle, 700, 350);
mWin.setDestroyOnClose(); mWin.setDestroyOnClose();
mWin.showCenter(); mWin.showCenter();
} }

13
data/msfweb/public/stylesheets/windows.css
View File

@ -10,7 +10,7 @@ body {
background: #fff; background: #fff;
color: #000; color: #000;
font-family: Sans, Arial, sans-serif; font-family: Sans, Arial, sans-serif;
font-size: 10pt; font-size: 10px;
} }
thead { thead {
@ -163,9 +163,18 @@ p.moduleDescription {
float: left; float: left;
} }
th.moduleOptionsHeader { th.moduleOptionsHeader {
background: #ddd; background: #ddd;
color: #000; color: #000;
text-transform: uppercase; text-transform: uppercase;
} }
.item_row_col_a {
background: white;
padding: 0.25em;
}
.item_row_col_b {
background: #eeeeee;
padding: 0.25em;
}

2
lib/msf/core/constants.rb
View File

@ -53,7 +53,7 @@ end
# #
# Licenses # Licenses
MSF_LICENSE = "Metasploit Framework License v1.0" MSF_LICENSE = "Metasploit Framework License"
GPL_LICENSE = "GNU Public License v2.0" GPL_LICENSE = "GNU Public License v2.0"
BSD_LICENSE = "BSD License" BSD_LICENSE = "BSD License"
ARTISTIC_LICENSE = "Perl Artistic License" ARTISTIC_LICENSE = "Perl Artistic License"

17
lib/msf/core/exploit/smb.rb
View File

@ -43,16 +43,19 @@ module Exploit::Remote::SMB
], Msf::Exploit::Remote::SMB) ], Msf::Exploit::Remote::SMB)
register_advanced_options(
[
OptBool.new('SMBDirect', [ true, 'The target port is a raw SMB service (not NetBIOS)', 'True' ]),
OptString.new('SMBUser', [ false, 'The username to authenticate as', '']),
OptString.new('SMBPass', [ false, 'The password for the specified username', '']),
OptString.new('SMBDomain', [ false, 'The Windows domain to use for authentication', 'WORKGROUP']),
OptString.new('SMBName', [ true, 'The NetBIOS hostname (required for port 139 connections)', '*SMBSERVER'])
], Msf::Exploit::Remote::SMB)
register_options( register_options(
[ [
Opt::RHOST, Opt::RHOST,
OptInt.new('RPORT', [ true, 'Set the SMB service port', 445]), OptInt.new('RPORT', [ true, 'Set the SMB service port', 445])
OptBool.new('SMBDirect', [ true, 'The target port is a raw SMB service (not NetBIOS)', 'True' ]),
OptString.new('SMBUSER', [ false, 'The username to authenticate as', '']),
OptString.new('SMBPASS', [ false, 'The password for the specified username', '']),
OptString.new('SMBDOM', [ false, 'The Windows domain to use for authentication', 'WORKGROUP']),
OptString.new('SMBNAME', [ true, 'The NetBIOS hostname (required for port 139 connections)', '*SMBSERVER'])
], Msf::Exploit::Remote::SMB) ], Msf::Exploit::Remote::SMB)
end end

13
lib/msf/core/exploit/tcp.rb
View File

@ -62,12 +62,19 @@ module Exploit::Remote::Tcp
register_options( register_options(
[ [
Opt::RHOST, Opt::RHOST,
Opt::RPORT, Opt::RPORT
Opt::SSL,
Opt::Proxies
], Msf::Exploit::Remote::Tcp ], Msf::Exploit::Remote::Tcp
) )
register_advanced_options(
[
Opt::SSL,
Opt::Proxies,
Opt::CPORT,
Opt::CHOST
], Msf::Exploit::Remote::Tcp
)
register_evasion_options( register_evasion_options(
[ [
OptInt.new('TCP::max_send_size', [false, 'Maxiumum tcp segment size. (0 = disable)', 0]), OptInt.new('TCP::max_send_size', [false, 'Maxiumum tcp segment size. (0 = disable)', 0]),

7
lib/msf/core/exploit/udp.rb
View File

@ -19,6 +19,13 @@ module Exploit::Remote::Udp
Opt::RHOST, Opt::RHOST,
Opt::RPORT, Opt::RPORT,
], Msf::Exploit::Remote::Udp) ], Msf::Exploit::Remote::Udp)
register_advanced_options(
[
Opt::CPORT,
Opt::CHOST
], Msf::Exploit::Remote::Tcp
)
end end
# #

3
lib/msf/core/option_container.rb
View File

@ -629,8 +629,9 @@ module Opt
'LHOST' => [ OptAddress, 'nil', true, '"The local address"' ], 'LHOST' => [ OptAddress, 'nil', true, '"The local address"' ],
'LPORT' => [ OptPort, 'nil', true, '"The local port"' ], 'LPORT' => [ OptPort, 'nil', true, '"The local port"' ],
'CPORT' => [ OptPort, 'nil', false, '"The local client port"' ], 'CPORT' => [ OptPort, 'nil', false, '"The local client port"' ],
'CHOST' => [ OptAddress, 'nil', false, '"The local client address"' ],
'SSL' => [ OptBool, 'false', false, '"Use SSL"' ], 'SSL' => [ OptBool, 'false', false, '"Use SSL"' ],
'Proxies' => [ OptString, 'nil', 'false', '"proxy chain"'], 'Proxies' => [ OptString, 'nil', 'false', '"Use a proxy chain"'],
} }
# #