Fix #414 globaly defined datastore values are now rewriten before RHOSTS, RPORT, SSL are set. Support of hostnames instead of ips. Minor version changes
git-svn-id: file:///home/svn/framework3/trunk@7262 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
6dfaaef295
commit
7a24a5495e
|
@ -13,8 +13,8 @@ module Wmap
|
|||
require 'active_record'
|
||||
|
||||
#
|
||||
# MSF WMAP Web scanner ET LowNOISE
|
||||
# et[cron]cyberspace.org
|
||||
# MSF WMAP Web scanner ET
|
||||
# et[cron]metasploit.com
|
||||
#
|
||||
|
||||
#
|
||||
|
@ -60,6 +60,11 @@ module Wmap
|
|||
end
|
||||
|
||||
def cmd_wmap_targets(*args)
|
||||
# Default behavior to handle hosts names in the db as RHOSTS only
|
||||
# accepts IP addresses
|
||||
accept_hostnames = true
|
||||
resolv_hosts = false
|
||||
|
||||
|
||||
args.push("-h") if args.length == 0
|
||||
|
||||
|
@ -95,19 +100,33 @@ module Wmap
|
|||
end
|
||||
|
||||
if Rex::Socket.dotted_ip?(uri_host)
|
||||
hip = uri_host
|
||||
hip = uri_host
|
||||
framework.db.create_target(hip, uri_port, uri_ssl, 0)
|
||||
print_status("Added target #{hip} #{uri_port} #{uri_ssl}")
|
||||
|
||||
framework.db.create_request(hip,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
|
||||
print_status("Added request #{uri_path} #{query}")
|
||||
else
|
||||
print_error("RHOSTS only accepts IP addresses: #{uri_host}")
|
||||
if accept_hostnames
|
||||
framework.db.create_target(uri_host, uri_port, uri_ssl, 0)
|
||||
print_status("Added target #{uri_host} #{uri_port} #{uri_ssl}")
|
||||
|
||||
framework.db.create_request(uri_host,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
|
||||
print_status("Added request #{uri_host} #{query}")
|
||||
else
|
||||
print_error("RHOSTS only accepts IP addresses: #{req.host}")
|
||||
|
||||
hip = Rex::Socket.resolv_to_dotted(uri_host)
|
||||
print_status("Host #{uri_host} resolved as #{hip}.")
|
||||
if resolv_hosts
|
||||
hip = Rex::Socket.resolv_to_dotted(req.host)
|
||||
|
||||
framework.db.create_target(hip, uri_port, uri_ssl, 0)
|
||||
print_status("Added target #{hip} #{uri_port} #{uri_ssl}")
|
||||
|
||||
framework.db.create_request(hip,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
|
||||
print_status("Added request #{uri_path} #{query}")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
framework.db.create_target(hip, uri_port, uri_ssl, 0)
|
||||
print_status("Added target #{hip} #{uri_port} #{uri_ssl}")
|
||||
|
||||
framework.db.create_request(hip,uri_port,uri_ssl,'GET',uri_path,'',query,'','','','')
|
||||
print_status("Added request #{uri_path} #{query}")
|
||||
end
|
||||
when '-p'
|
||||
print_status(" Id. Host\t\t\t\t\tPort\tSSL")
|
||||
|
@ -132,23 +151,24 @@ module Wmap
|
|||
end
|
||||
print_status("Done.")
|
||||
when '-r'
|
||||
# Default behavior to handle hosts names in the db as RHOSTS only
|
||||
# accepts IP addresses
|
||||
resolv_hosts = false
|
||||
|
||||
framework.db.delete_all_targets
|
||||
framework.db.each_distinct_target do |req|
|
||||
if Rex::Socket.dotted_ip?(req.host)
|
||||
framework.db.create_target(req.host, req.port, req.ssl, 0)
|
||||
print_status("Added. #{req.host} #{req.port} #{req.ssl}")
|
||||
else
|
||||
print_error("RHOSTS only accepts IP addresses: #{req.host}")
|
||||
if accept_hostnames
|
||||
framework.db.create_target(req.host, req.port, req.ssl, 0)
|
||||
print_status("Added host #{req.host}")
|
||||
else
|
||||
print_error("RHOSTS only accepts IP addresses: #{req.host}")
|
||||
|
||||
if resolv_hosts
|
||||
hip = Rex::Socket.resolv_to_dotted(req.host)
|
||||
framework.db.create_target(hip, req.port, req.ssl, 0)
|
||||
print_status("Added host #{req.host} resolved as #{hip}.")
|
||||
end
|
||||
if resolv_hosts
|
||||
hip = Rex::Socket.resolv_to_dotted(req.host)
|
||||
framework.db.create_target(hip, req.port, req.ssl, 0)
|
||||
print_status("Added host #{req.host} resolved as #{hip}.")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
when '-s'
|
||||
|
@ -415,13 +435,6 @@ module Wmap
|
|||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
|
@ -430,6 +443,13 @@ module Wmap
|
|||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# Run the plugins that only need to be
|
||||
# launched once.
|
||||
|
@ -481,21 +501,20 @@ module Wmap
|
|||
# The code is just a proof-of-concept and will be expanded in the future
|
||||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
#
|
||||
self.framework.datastore.each do |gkey,gval|
|
||||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
#
|
||||
self.framework.datastore.each do |gkey,gval|
|
||||
mod.datastore[gkey]=gval
|
||||
end
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# Run the plugins that only need to be
|
||||
|
@ -611,6 +630,13 @@ module Wmap
|
|||
# The code is just a proof-of-concept and will be expanded in the future
|
||||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
#
|
||||
self.framework.datastore.each do |gkey,gval|
|
||||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
|
@ -619,14 +645,6 @@ module Wmap
|
|||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
#
|
||||
self.framework.datastore.each do |gkey,gval|
|
||||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Run the plugins for each request that have a distinct
|
||||
# GET/POST URI QUERY string.
|
||||
|
@ -708,14 +726,7 @@ module Wmap
|
|||
# The code is just a proof-of-concept and will be expanded in the future
|
||||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
|
@ -724,6 +735,13 @@ module Wmap
|
|||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# Run the plugins for each request that have a distinct
|
||||
# GET/POST URI QUERY string.
|
||||
|
@ -792,14 +810,7 @@ module Wmap
|
|||
# The code is just a proof-of-concept and will be expanded in the future
|
||||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
|
@ -808,6 +819,13 @@ module Wmap
|
|||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# Run the plugins for each request for all headers
|
||||
# This can be improved alot . Later versions
|
||||
|
@ -876,7 +894,14 @@ module Wmap
|
|||
#
|
||||
# The code is just a proof-of-concept and will be expanded in the future
|
||||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
#
|
||||
self.framework.datastore.each do |gkey,gval|
|
||||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
|
@ -885,14 +910,6 @@ module Wmap
|
|||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
#
|
||||
self.framework.datastore.each do |gkey,gval|
|
||||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Run the plugins for each request for all headers
|
||||
# This can be improved alot . Later versions
|
||||
|
@ -964,14 +981,7 @@ module Wmap
|
|||
# The code is just a proof-of-concept and will be expanded in the future
|
||||
#
|
||||
if (mode & WMAP_EXPL != 0)
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
|
||||
#
|
||||
# For modules to have access to the global datastore
|
||||
# i.e. set -g DOMAIN test.com
|
||||
|
@ -980,6 +990,13 @@ module Wmap
|
|||
mod.datastore[gkey]=gval
|
||||
end
|
||||
|
||||
#
|
||||
# Parameters passed in hash xref
|
||||
#
|
||||
mod.datastore['RHOSTS'] = xref[0]
|
||||
mod.datastore['RPORT'] = xref[1].to_s
|
||||
mod.datastore['SSL'] = xref[2].to_s
|
||||
|
||||
#
|
||||
# Run the plugins that only need to be
|
||||
# launched once.
|
||||
|
|
|
@ -12,6 +12,9 @@ module Msf
|
|||
#
|
||||
###
|
||||
|
||||
WMAPVersion = "0.6"
|
||||
WMAPAuthor = "et [ ] metasploit.com"
|
||||
|
||||
class Plugin::DBWmap < Msf::Plugin
|
||||
|
||||
#
|
||||
|
@ -59,7 +62,7 @@ class Plugin::DBWmap < Msf::Plugin
|
|||
add_console_dispatcher(WmapSQLiteCommandDispatcher)
|
||||
add_console_dispatcher(WmapDatabaseCommandDispatcher)
|
||||
|
||||
print_status("=[ WMAP v0.3 - ET LoWNOISE")
|
||||
print_status("=[ WMAP v#{WMAPVersion} - #{WMAPAuthor}")
|
||||
end
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue