Cleanup

git-svn-id: file:///home/svn/framework3/trunk@3846 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-28 00:24:34 +00:00 · 2006-08-28 00:24:34 +00:00 · 7a0c8d2c8d
parent e7ffef974c
commit 7a0c8d2c8d
6 changed files with 78 additions and 7 deletions
--- a/BUGS.txt
+++ b/BUGS.txt
@ -13,6 +13,7 @@ Metasploit Framework v3.0
 [Exploits]
 	* Exploits can crash when a handler sets .sock/.udp_sock to nil
 		- Persistent payloads, exploit tries to use nil as a socket
+		
 [msfconsole]
 	* Regex errors if unmatched {/[ sequences are tabbed
 		- use exploit/[<tab>
--- a/1
+++ b/1
@ -1 +0,0 @@
-3.0 Beta Release 1
--- a/documentation/LICENSE
+++ b/documentation/LICENSE
@ -33,24 +33,24 @@ modification of the Software itself]. "Extension" includes any module or
 plug-in that is intended (by design and coding) to, or can, be 
 dynamically loaded by the Software. 

-d. "Developer" means the then-current copyright holder(s) of the Software, 
+e. "Developer" means the then-current copyright holder(s) of the Software, 
 including, but not limited to, the Metasploit personnel and any 
 third-party contributors (or their successor(s) or transferee(s)). 

-e. "Documentation" means any and all end user, technical/programmer, 
+f. "Documentation" means any and all end user, technical/programmer, 
 network administrator, or other manuals, tutorials, or code samples 
 provided or offered by Developer with the Software, excluding those items 
 created by someone other than the Developer. 

-f. "Use" means to download, install, access, copy, execute, sell, or 
+g. "Use" means to download, install, access, copy, execute, sell, or 
 otherwise benefit from the Software (directly or indirectly, with or 
 without notice or knowledge of the Software's incorporation or 
 utilization in any larger application or product).

-g. "You" means the individual or organization that is using the Software 
+h. "You" means the individual or organization that is using the Software 
 under the License. 

-h. "Interface" means to execute, parse, or otherwise benefit from the use 
+i. "Interface" means to execute, parse, or otherwise benefit from the use 
 of the Software. 


--- a/lib/msf/core/framework.rb
+++ b/lib/msf/core/framework.rb
@ -15,7 +15,7 @@ class Framework
 	#
 	Major    = 3
 	Minor    = 0
-	Release  = "-beta-1"
+	Release  = "-beta-2-svn"
 	Version  = "#{Major}.#{Minor}#{Release}"
 	Revision = "$Revision$"
 	
--- a/lib/msf/core/module_manager.rb
+++ b/lib/msf/core/module_manager.rb
@ -742,6 +742,12 @@ protected
 			# Skip test-suite files
 			next if (file =~ /rb\.ts\.rb$/)

+			# Skip non-ruby files
+			next if (file !~ /\.rb$/i)
+
+			# Skip files with a leading period
+			next if (file =~ /^\./i)
+						
 			begin
 				load_module_from_file(path, file, loaded, recalc, counts, demand)
 			rescue NameError
@ -797,6 +803,7 @@ protected
 	# Loads a module from the supplied file.
 	#
 	def load_module_from_file(path, file, loaded, recalc, counts, demand = false)
+		
 		# If the file doesn't end in the expected extension...
 		return nil if (!file.match(/\.rb$/))

--- a/lib/rex/proto/smb/client.rb
+++ b/lib/rex/proto/smb/client.rb
@ -1149,6 +1149,70 @@ EVADE = Rex::Proto::SMB::Evasions
 	end


+	# Perform a transaction against a given pipe name (no null terminator)
+	def trans_nonull(pipe, param = '', body = '', setup_count = 0, setup_data = '', no_response = nil)
+		
+		pkt = CONST::SMB_TRANS_PKT.make_struct
+		self.smb_defaults(pkt['Payload']['SMB'])
+
+		# Packets larger than mlen will cause XP SP2 to disconnect us ;-(		
+		mlen = 4200
+		
+		# Figure out how much space is taken up by our current arguments
+		xlen =  pipe.length + param.length + body.length
+
+		filler1 = ''
+		filler2 = ''
+
+		# Fill any available space depending on the evasion settings
+		if (xlen < mlen)
+			filler1 = EVADE.make_offset_filler(evasion_opts['pad_data'], (mlen-xlen)/2)
+			filler2 = EVADE.make_offset_filler(evasion_opts['pad_data'], (mlen-xlen)/2)
+		end
+
+		# Squish the whole thing together
+		data = pipe + filler1 + param + filler2 + body
+		
+		# Throw some form of a warning out?
+		if (data.length > mlen)
+			# XXX This call will more than likely fail :-(
+		end
+		
+		# Calculate all of the offsets
+		base_offset = pkt.to_s.length + (setup_count * 2) - 4
+		param_offset = base_offset + pipe.length + filler1.length
+		data_offset = param_offset + filler2.length + param.length
+		
+		pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_TRANSACTION
+		pkt['Payload']['SMB'].v['Flags1'] = 0x18
+		pkt['Payload']['SMB'].v['Flags2'] = 0x2001
+		pkt['Payload']['SMB'].v['WordCount'] = 14 + setup_count
+		
+		pkt['Payload'].v['ParamCountTotal'] = param.length
+		pkt['Payload'].v['DataCountTotal'] = body.length
+		pkt['Payload'].v['ParamCountMax'] = 0
+		pkt['Payload'].v['DataCountMax'] = 0
+		pkt['Payload'].v['ParamCount'] = param.length
+		pkt['Payload'].v['ParamOffset'] = param_offset
+		pkt['Payload'].v['DataCount'] = body.length
+		pkt['Payload'].v['DataOffset'] = data_offset
+		pkt['Payload'].v['SetupCount'] = setup_count
+		pkt['Payload'].v['SetupData'] = setup_data
+					
+		pkt['Payload'].v['Payload'] = data
+		
+		if no_response
+			pkt['Payload'].v['Flags'] = 2
+		end
+	
+		response = self.smb_send(pkt.to_s)
+		if no_response
+			return response
+		end
+
+		return self.smb_recv_parse(CONST::SMB_COM_TRANSACTION)
+	end
+	
 	# Perform a transaction2 request using the specified subcommand, parameters, and data
 	def trans2(subcommand, param = '', body = '')