infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Revamped os, platform, arch detection. Added count for exploits being tried

bug/bundler_fix
Mo Sadek 2015-07-30 09:36:02 -05:00
parent 1521c8f87e
commit 7aa78dfd4e
1 changed files with 37 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
modules/post/multi/recon/local_exploit_suggestor.rb
View File

@ -37,6 +37,7 @@ class Metasploit3 < Msf::Post
end
def all_platforms
Msf::Module::Platform.subclasses.collect {|c| c.realname.downcase }
end
@ -44,16 +45,19 @@ class Metasploit3 < Msf::Post
def get_target_arch
@target_arch ||= lambda {
return nil unless session
session.platform.split('/').first
return '' unless session
arch = ''
arch = session.platform.split('/').first if session.platform.include?('/')
return '' if ARCH_TYPES.include?(arch)
return arch
}.call
end
def get_target_platform
@target_platform ||= lambda {
return nil unless session
platform = session.platform.split('/').second
return '' unless session
platform = session.platform.include?('/') ? session.platform.split('/').second : session.platform
if platform =~ /^win/
platform = 'win'
@ -69,15 +73,18 @@ class Metasploit3 < Msf::Post
mod_arch.include?(get_target_arch)
end
def is_module_options_ready?(mod)
mod.options.each_pair do |option_name, option|
if option.required && option.default.nil? && mod.datastore[option_name].blank?
return false
end
end
true
end
def is_module_platform?(mod)
platform_obj = nil
begin
@ -86,15 +93,18 @@ class Metasploit3 < Msf::Post
# When not found, find_platform raises an ArgumentError
return false
end
module_platforms = mod.target.platform ? mod.target.platform.platforms : mod.platform.platforms
module_platforms.include?(platform_obj)
end
def set_module_options(mod)
mod.datastore.merge!(self.datastore)
mod.datastore['SESSION'] = session.sid if !mod.datastore['SESSION'] && session
end
def setup
print_status "Collecting local exploits..."
#Initializes an array
@ -104,17 +114,22 @@ class Metasploit3 < Msf::Post
mod = framework.exploits.create(name)
next unless mod
set_module_options(mod)
if mod.kind_of?(Msf::Exploit::Local) &&
mod.respond_to?(:check) &&
if mod.kind_of?(Msf::Exploit::Local) &&
mod.respond_to?(:check) &&
is_module_platform?(mod) &&
is_module_arch?(mod) &&
is_module_options_ready?(mod)
@local_exploits << mod
end
end
if !get_target_arch.empty? && is_module_arch?(mod)
@local_exploits << mod
else
@local_exploits << mod
end
end
end
end
def run
print_status("Number of exploits being tried: #{@local_exploits.length}")
@local_exploits.each do |m|
begin
checkcode = m.check
@ -125,22 +140,21 @@ class Metasploit3 < Msf::Post
#If the datastore option is true, a detailed description will show
if datastore['ShowDescription']
# Formatting for the description text
print_line("\n")
print_line Rex::Text.wordwrap(Rex::Text.compress(m.description), 2, 70)
end
end
else
# Prints the full name and the checkcode message for the exploit
vprint_status("#{m.fullname}: #{checkcode.second}")
end
# Creates a log record in framework.log
rescue ::Exception => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
vprint_error("#{m.shortname} failled to run: #{e.message}")
end
end
if @local_exploits.length < 1
print_error "No suggestions available. "
end
rescue Rex::Post::Meterpreter::RequestError => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
vprint_error("#{e.class} #{m.shortname} failled to run: #{e.message}")
end
if @local_exploits.length < 1
print_error "No suggestions available. "
end
end
end
def is_check_interesting?(checkcode)
@ -152,14 +166,14 @@ class Metasploit3 < Msf::Post
end
def print_status(msg='')
super("#{session.sock.peerhost} - #{msg}")
super("#{session.session_host} - #{msg}")
end
def print_good(msg='')
super("#{session.sock.peerhost} - #{msg}")
super("#{session.session_host} - #{msg}")
end
def print_error(msg='')
super("#{session.sock.peerhost} - #{msg}")
super("#{session.session_host} - #{msg}")
end
end