"stack overflow" in exploits most likely means "stack bof". In aux modules, it's "stack exhaustion"
parent
caee1bba28
commit
2d35cf4b66
|
@ -89,12 +89,13 @@ def check_single_file(dparts, fparts, f_rel)
|
||||||
# If an exploit module mentinos the word "stack overflow", chances are they mean "stack buffer overflow".
|
# If an exploit module mentinos the word "stack overflow", chances are they mean "stack buffer overflow".
|
||||||
# "stack overflow" means "stack exhaustion". See explanation:
|
# "stack overflow" means "stack exhaustion". See explanation:
|
||||||
# http://blogs.technet.com/b/srd/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx
|
# http://blogs.technet.com/b/srd/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx
|
||||||
# However, we will avoid flagging this term in auxiliary modules for now, because it might be a DoS attack.
|
|
||||||
# In that case, they might really mean stack exhaustion.
|
|
||||||
bad_term = true
|
bad_term = true
|
||||||
if content =~ /class Metasploit\d < Msf::Exploit::Remote/ and content.gsub("\n", "") =~ /stack[[:space:]]+overflow/i
|
if content =~ /class Metasploit\d < Msf::Exploit::Remote/ and content.gsub("\n", "") =~ /stack[[:space:]]+overflow/i
|
||||||
bad_term = false
|
bad_term = false
|
||||||
show_missing(f, 'WARNING: contains "stack overflow"', bad_term)
|
show_missing(f, 'WARNING: contains "stack overflow" You mean "stack buffer overflow"?', bad_term)
|
||||||
|
elsif content =~ /class Metasploit\d < Msf::Auxiliary/ and content.gsub("\n", "") =~ /stack[[:space:]]+overflow/i
|
||||||
|
bad_term = false
|
||||||
|
show_missing(f, 'WARNING: contains "stack overflow" You mean "stack exhaustion"?', bad_term)
|
||||||
end
|
end
|
||||||
|
|
||||||
# check criteria based on individual lines
|
# check criteria based on individual lines
|
||||||
|
|
Loading…
Reference in New Issue