Prevent session interaction using the web console (since its so broken)
git-svn-id: file:///home/svn/framework3/trunk@4342 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
a310616f18
commit
4d7e93a272
|
@ -1,6 +1,7 @@
|
||||||
# Author: LMH <lmh@info-pull.com>
|
#
|
||||||
# Description: The AJAX console controller of msfweb v.3. Handles commands,
|
# Author: Metasploit LLC
|
||||||
# operations and sessions carried over the web interface.
|
# Description: The AJAX console controller of msfweb
|
||||||
|
#
|
||||||
class ConsoleController < ApplicationController
|
class ConsoleController < ApplicationController
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
|
@ -30,10 +30,6 @@ class WebConsole
|
||||||
attr_accessor :prompt
|
attr_accessor :prompt
|
||||||
attr_accessor :killed
|
attr_accessor :killed
|
||||||
|
|
||||||
def eof?
|
|
||||||
self.pipe_input.eof?
|
|
||||||
end
|
|
||||||
|
|
||||||
def intrinsic_shell?
|
def intrinsic_shell?
|
||||||
true
|
true
|
||||||
end
|
end
|
||||||
|
@ -45,9 +41,40 @@ class WebConsole
|
||||||
def _print_prompt
|
def _print_prompt
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Wrapper methods around input pipe
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
def close
|
||||||
|
self.pipe_input.close
|
||||||
|
end
|
||||||
|
|
||||||
|
def put(*args)
|
||||||
|
self.pipe_input.put(*args)
|
||||||
|
end
|
||||||
|
|
||||||
|
def gets
|
||||||
|
self.pipe_input.gets
|
||||||
|
end
|
||||||
|
|
||||||
def pgets
|
def pgets
|
||||||
self.pipe_input.gets
|
self.pipe_input.gets
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def eof?
|
||||||
|
self.pipe_input.eof?
|
||||||
|
end
|
||||||
|
|
||||||
|
def fd(*args)
|
||||||
|
raise ::RuntimeError, "Session interaction should be performed via the Sessions tab"
|
||||||
|
self.pipe_input.fd(*args)
|
||||||
|
end
|
||||||
|
|
||||||
|
def sysread(*args)
|
||||||
|
self.pipe_input.sysread(*args)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
|
@ -58,16 +85,8 @@ class WebConsole
|
||||||
def supports_color?
|
def supports_color?
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_exploit(*args)
|
|
||||||
args.push('-z')
|
|
||||||
$stderr.puts "Weeeeeeeeeeee!"
|
|
||||||
super(*args)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
|
|
||||||
def initialize(framework, console_id)
|
def initialize(framework, console_id)
|
||||||
# Configure the framework
|
# Configure the framework
|
||||||
self.framework = framework
|
self.framework = framework
|
||||||
|
|
Loading…
Reference in New Issue