infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Strengthening up the checks for valid formats for CIDR address ranges when passed to Rex::Socket::RangeWalker 

git-svn-id: file:///home/svn/framework3/trunk@9366 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Tod Beardsley 2010-05-25 20:46:00 +00:00
parent 3a5d4792ee
commit 563ab310dc
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/rex/socket/range_walker.rb
View File

@ -37,10 +37,18 @@ class RangeWalker
parseme.split(' ').each { |arg| parseme.split(' ').each { |arg|
if arg.include?("/") if arg.include?("/")
# Then it's CIDR notation and needs special case # Then it's CIDR notation and needs special case
if arg =~ /[,-]/ return false if arg =~ /[,-]/ # Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges)
# Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges) return false if arg.scan("/").size > 1 # ..but there are too many slashes
return false ip_part,mask_part = arg.split("/")
return false if ip_part.nil? or ip_part.empty? or mask_part.nil? or mask_part.empty?
return false if mask_part !~ /^[0-9]{1,2}$/ # Illegal mask -- numerals only
return false if mask_part.to_i > 32 # This too -- between 0 and 32.
begin
Rex::Socket.addr_atoi(ip_part) # This allows for "www.metasploit.com/24" which is fun.
rescue Resolv::ResolvError
return false # Can't resolve the ip_part, so bail.
end end
expanded = expand_cidr(arg) expanded = expand_cidr(arg)
if expanded if expanded
ranges += expanded ranges += expanded