infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

sanity check that external modules start with #! before executing

GSoC/Meterpreter_Web_Console
Brent Cook 2018-04-07 16:31:34 -05:00
parent 07524f3829
commit 28ebe9d102
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/msf/core/modules/loader/executable.rb
View File

@ -40,7 +40,11 @@ class Msf::Modules::Loader::Executable < Msf::Modules::Loader::Base
# Try to load modules from all the files in the supplied path
Rex::Find.find(full_entry_path) do |entry_descendant_path|
if File.executable?(entry_descendant_path) && !File.directory?(entry_descendant_path)
if File.executable?(entry_descendant_path) &&
!File.directory?(entry_descendant_path) &&
# Assume that all modules are scripts for now, workaround
# filesystems where all files are labeled as executable.
File.read(entry_descendant_path, 2) == "#!"
entry_descendant_pathname = Pathname.new(entry_descendant_path)
relative_entry_descendant_pathname = entry_descendant_pathname.relative_path_from(full_entry_pathname)
relative_entry_descendant_path = relative_entry_descendant_pathname.to_s