From 4b30f3ef1a67550d3f0e55343afd5f350ba9915d Mon Sep 17 00:00:00 2001 From: HD Moore Date: Mon, 3 Nov 2008 15:29:51 +0000 Subject: [PATCH] Update the check() comments to reflect new information >:( git-svn-id: file:///home/svn/framework3/trunk@5825 4d416f70-5f16-0410-b530-b9f4589650da --- modules/auxiliary/scanner/smb/ms08_067_netapi.rb | 6 ++++++ modules/exploits/windows/smb/ms08_067_netapi.rb | 9 ++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/modules/auxiliary/scanner/smb/ms08_067_netapi.rb b/modules/auxiliary/scanner/smb/ms08_067_netapi.rb index 5de3b7240d..dccb3902ea 100644 --- a/modules/auxiliary/scanner/smb/ms08_067_netapi.rb +++ b/modules/auxiliary/scanner/smb/ms08_067_netapi.rb @@ -43,6 +43,12 @@ class Metasploit3 < Msf::Auxiliary ], self.class) end + # + # This method is based on the python script: http://labs.portcullis.co.uk/download/ms08-067_check.py + # There are two problems with this method: + # 1. It can sometimes lead to a crash of svchost.exe due to a race condition + # 2. The Python script may be based on a Nessus plugin, which violates the Tenable license + # # Overload the RPORT setting def rport diff --git a/modules/exploits/windows/smb/ms08_067_netapi.rb b/modules/exploits/windows/smb/ms08_067_netapi.rb index 45171817be..d05b810d7d 100644 --- a/modules/exploits/windows/smb/ms08_067_netapi.rb +++ b/modules/exploits/windows/smb/ms08_067_netapi.rb @@ -378,9 +378,12 @@ class Metasploit3 < Msf::Exploit::Remote =end # - # Vulnerability check technique borrowed from ms08-067_check.py - # Written by Bernardo Damele A. G. - # + # This method is based on the python script: http://labs.portcullis.co.uk/download/ms08-067_check.py + # There are two problems with this method: + # 1. It can sometimes lead to a crash of svchost.exe due to a race condition + # 2. The Python script may be based on a Nessus plugin, which violates the Tenable license + # + def check print_status("Connecting to the target...")