infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix #414 globaly defined datastore values are now rewriten before RHOSTS, RPORT, SSL are set. Support of hostnames instead of ips. Minor version changes 

git-svn-id: file:///home/svn/framework3/trunk@7262 4d416f70-5f16-0410-b530-b9f4589650da
unstable
et 2009-10-25 22:20:59 +00:00
parent 6dfaaef295
commit 7a24a5495e
2 changed files with 100 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

175
lib/msf/ui/console/command_dispatcher/wmap.rb
View File

@ -13,8 +13,8 @@ module Wmap
require 'active_record'
#
# MSF WMAP Web scanner ET LowNOISE
# et[cron]cyberspace.org
# MSF WMAP Web scanner ET
# et[cron]metasploit.com
#
#
@ -60,6 +60,11 @@ module Wmap
end
def cmd_wmap_targets(*args)
# Default behavior to handle hosts names in the db as RHOSTS only
# accepts IP addresses
accept_hostnames = true
resolv_hosts = false
args.push("-h") if args.length == 0
@ -95,19 +100,33 @@ module Wmap
end
if Rex::Socket.dotted_ip?(uri_host)
hip = uri_host
hip = uri_host
framework.db.create_target(hip, uri_port, uri_ssl, 0)
print_status("Added target #{hip} #{uri_port} #{uri_ssl}")
framework.db.create_request(hip,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
print_status("Added request #{uri_path} #{query}")
else
print_error("RHOSTS only accepts IP addresses: #{uri_host}")
if accept_hostnames
framework.db.create_target(uri_host, uri_port, uri_ssl, 0)
print_status("Added target #{uri_host} #{uri_port} #{uri_ssl}")
framework.db.create_request(uri_host,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
print_status("Added request #{uri_host} #{query}")
else
print_error("RHOSTS only accepts IP addresses: #{req.host}")
hip = Rex::Socket.resolv_to_dotted(uri_host)
print_status("Host #{uri_host} resolved as #{hip}.")
if resolv_hosts
hip = Rex::Socket.resolv_to_dotted(req.host)
framework.db.create_target(hip, uri_port, uri_ssl, 0)
print_status("Added target #{hip} #{uri_port} #{uri_ssl}")
framework.db.create_request(hip,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
print_status("Added request #{uri_path} #{query}")
end
end
end
framework.db.create_target(hip, uri_port, uri_ssl, 0)
print_status("Added target #{hip} #{uri_port} #{uri_ssl}")
framework.db.create_request(hip,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
print_status("Added request #{uri_path} #{query}")
end
when '-p'
print_status(" Id. Host\t\t\t\t\tPort\tSSL")
@ -132,23 +151,24 @@ module Wmap
end
print_status("Done.")
when '-r'
# Default behavior to handle hosts names in the db as RHOSTS only
# accepts IP addresses
resolv_hosts = false
framework.db.delete_all_targets
framework.db.each_distinct_target do |req|
if Rex::Socket.dotted_ip?(req.host)
framework.db.create_target(req.host, req.port, req.ssl, 0)
print_status("Added. #{req.host} #{req.port} #{req.ssl}")
else
print_error("RHOSTS only accepts IP addresses: #{req.host}")
if accept_hostnames
framework.db.create_target(req.host, req.port, req.ssl, 0)
print_status("Added host #{req.host}")
else
print_error("RHOSTS only accepts IP addresses: #{req.host}")
if resolv_hosts
hip = Rex::Socket.resolv_to_dotted(req.host)
framework.db.create_target(hip, req.port, req.ssl, 0)
print_status("Added host #{req.host} resolved as #{hip}.")
end
if resolv_hosts
hip = Rex::Socket.resolv_to_dotted(req.host)
framework.db.create_target(hip, req.port, req.ssl, 0)
print_status("Added host #{req.host} resolved as #{hip}.")
end
end
end
end
when '-s'
@ -415,13 +435,6 @@ module Wmap
#
if (mode & WMAP_EXPL != 0)
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
@ -430,6 +443,13 @@ module Wmap
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# Run the plugins that only need to be
# launched once.
@ -481,21 +501,20 @@ module Wmap
# The code is just a proof-of-concept and will be expanded in the future
#
if (mode & WMAP_EXPL != 0)
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
#
self.framework.datastore.each do |gkey,gval|
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
#
self.framework.datastore.each do |gkey,gval|
mod.datastore[gkey]=gval
end
mod.datastore['SSL'] = xref[2].to_s
#
# Run the plugins that only need to be
@ -611,6 +630,13 @@ module Wmap
# The code is just a proof-of-concept and will be expanded in the future
#
if (mode & WMAP_EXPL != 0)
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
#
self.framework.datastore.each do |gkey,gval|
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
@ -619,14 +645,6 @@ module Wmap
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
#
self.framework.datastore.each do |gkey,gval|
mod.datastore[gkey]=gval
end
#
# Run the plugins for each request that have a distinct
# GET/POST URI QUERY string.
@ -708,14 +726,7 @@ module Wmap
# The code is just a proof-of-concept and will be expanded in the future
#
if (mode & WMAP_EXPL != 0)
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
@ -724,6 +735,13 @@ module Wmap
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# Run the plugins for each request that have a distinct
# GET/POST URI QUERY string.
@ -792,14 +810,7 @@ module Wmap
# The code is just a proof-of-concept and will be expanded in the future
#
if (mode & WMAP_EXPL != 0)
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
@ -808,6 +819,13 @@ module Wmap
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# Run the plugins for each request for all headers
# This can be improved alot . Later versions
@ -876,7 +894,14 @@ module Wmap
#
# The code is just a proof-of-concept and will be expanded in the future
#
if (mode & WMAP_EXPL != 0)
if (mode & WMAP_EXPL != 0)
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
#
self.framework.datastore.each do |gkey,gval|
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
@ -885,14 +910,6 @@ module Wmap
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
#
self.framework.datastore.each do |gkey,gval|
mod.datastore[gkey]=gval
end
#
# Run the plugins for each request for all headers
# This can be improved alot . Later versions
@ -964,14 +981,7 @@ module Wmap
# The code is just a proof-of-concept and will be expanded in the future
#
if (mode & WMAP_EXPL != 0)
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# For modules to have access to the global datastore
# i.e. set -g DOMAIN test.com
@ -980,6 +990,13 @@ module Wmap
mod.datastore[gkey]=gval
end
#
# Parameters passed in hash xref
#
mod.datastore['RHOSTS'] = xref[0]
mod.datastore['RPORT'] = xref[1].to_s
mod.datastore['SSL'] = xref[2].to_s
#
# Run the plugins that only need to be
# launched once.

5
plugins/db_wmap.rb
View File

@ -12,6 +12,9 @@ module Msf
#
###
WMAPVersion = "0.6"
WMAPAuthor = "et [ ] metasploit.com"
class Plugin::DBWmap < Msf::Plugin
#
@ -59,7 +62,7 @@ class Plugin::DBWmap < Msf::Plugin
add_console_dispatcher(WmapSQLiteCommandDispatcher)
add_console_dispatcher(WmapDatabaseCommandDispatcher)
print_status("=[ WMAP v0.3 - ET LoWNOISE")
print_status("=[ WMAP v#{WMAPVersion} - #{WMAPAuthor}")
end