Better performance
wchen-r7
parent
ef57afbfcf
commit
88e58cbdc5
|
|
@ -176,6 +176,7 @@ module Msf
|
|||
|
||||
# Checks if a resource is already taken or not.
|
||||
#
|
||||
# @param resource [String] The resource to check.
|
||||
# @return [TrueClass] Resource is taken.
|
||||
# @return [FalseClass] Resource is not taken.
|
||||
def is_resource_taken?(resource)
|
||||
|
|
@ -227,7 +228,7 @@ module Msf
|
|||
|
||||
# Sorts a grouped module list by disclosure date.
|
||||
#
|
||||
# @param [Hash] bap_groups A grouped module list.
|
||||
# @param bap_groups [Hash] A grouped module list.
|
||||
# @return [Hash] A hash with each module list sorted by disclosure date.
|
||||
def sort_date_in_group(bap_groups)
|
||||
bap_groups.each_pair do |ranking, module_list|
|
||||
|
|
@ -238,7 +239,7 @@ module Msf
|
|||
|
||||
# Sorts a module list by ranking.
|
||||
#
|
||||
# @param [Hash] bap_groups A grouped module list.
|
||||
# @param bap_groups [Hash] A grouped module list.
|
||||
# @return [Hash] A hash grouped by ranking.
|
||||
def sort_group_by_rank(bap_groups)
|
||||
Hash[bap_groups.sort_by {|k,v| k}.reverse]
|
||||
|
|
@ -265,7 +266,7 @@ module Msf
|
|||
# Modifies @bap_exploit by replacing it with the rearranged module list.
|
||||
#
|
||||
# @see #bap_exploits The read-only attribute.
|
||||
# @param [Hash] bap_groups A grouped module list.
|
||||
# @param bap_groups [Hash] A grouped module list.
|
||||
# @return [void]
|
||||
def finalize_sorted_modules(bap_groups)
|
||||
@bap_exploits = []
|
||||
|
|
@ -281,7 +282,7 @@ module Msf
|
|||
# Returns a payload name. Either this will be the user's choice, or falls back to a default one.
|
||||
#
|
||||
# @see DEFAULT_PAYLOADS The default settings.
|
||||
# @param [Symbol] platform Platform name.
|
||||
# @param platform [Symbol] Platform name.
|
||||
# @return [String] Payload name.
|
||||
def get_selected_payload_name(platform)
|
||||
payload_name = datastore["PAYLOAD_#{platform.to_s.upcase}"]
|
||||
|
|
@ -300,7 +301,7 @@ module Msf
|
|||
|
||||
# Returns the selected payload's LPORT.
|
||||
#
|
||||
# @param [Symbol] platform
|
||||
# @param platform [Symbol]
|
||||
# @return [Fixnum]
|
||||
def get_selected_payload_lport(platform)
|
||||
datastore["PAYLOAD_#{platform.to_s.upcase}_LPORT"]
|
||||
|
|
@ -367,7 +368,7 @@ module Msf
|
|||
|
||||
# Returns the human-readable version of the rank.
|
||||
#
|
||||
# @param [Fixnum] rank
|
||||
# @param rank [Fixnum]
|
||||
# @return [String]
|
||||
def parse_rank(rank)
|
||||
RankingName[rank].to_s.capitalize
|
||||
|
|
@ -377,8 +378,8 @@ module Msf
|
|||
# Checks whether the payload is compatible with the module based on platform information.
|
||||
# Best for single-platform modules and for performance.
|
||||
#
|
||||
# @param [Object] m Module.
|
||||
# @param [Symbol] payload_platform Payload platform.
|
||||
# @param m [Object] Module.
|
||||
# @param payload_platform [Symbol] Payload platform.
|
||||
# @return [TrueClass] Payload is compatible.
|
||||
# @return [FalseClass] Payload is not compatible.
|
||||
def is_payload_platform_compatible?(m, payload_platform)
|
||||
|
|
@ -394,20 +395,14 @@ module Msf
|
|||
end
|
||||
|
||||
|
||||
# Checks whether the payload is compatible with the module based on the module's compatibility list.
|
||||
# Best for multi-platform modules. This is much slower than #is_payload_platform_compatible?
|
||||
# Checks whether the payload is compatible with the module based on the module's compatibility list
|
||||
#
|
||||
# @note This method is really slow, and it's really noticeable with Flash exploits because they're
|
||||
# multi-platform. In our testing, every Flash that ends up using this code takes about 0.4 second
|
||||
# to initialize when on average each BES should only take 0.1 to load. Evetnaully this will get
|
||||
# worse. Luke is in the process of improving module searching (by caching), and that should make
|
||||
# this problem go away. If not, we'll have to avoid using compatible_payloads and do our own thing.
|
||||
# @param [Object] m Module.
|
||||
# @param [String] payload_name
|
||||
# @param compatible_payloads [Array] A list of payloads that are compatible
|
||||
# @param payload_name [String]
|
||||
# @return [TrueClass] Payload is compatible.
|
||||
# @return [FalseClass] Payload is not compatible.
|
||||
def is_payload_compatible?(m, payload_name)
|
||||
m.compatible_payloads.each do |k|
|
||||
def is_payload_compatible?(compatible_payloads, payload_name)
|
||||
compatible_payloads.each do |k|
|
||||
return true if k[0] == payload_name
|
||||
end
|
||||
|
||||
|
|
@ -417,9 +412,9 @@ module Msf
|
|||
|
||||
# Checks if the module is multi-platform based on the directory path.
|
||||
#
|
||||
# @param [Object] m Module.
|
||||
# @return [TrueClass] Module is multi-platform.
|
||||
# @return [FalseClass] Module is not multi-platform.
|
||||
# @param m [Object] Module.
|
||||
# @return Module [TrueClass] is multi-platform.
|
||||
# @return Module [FalseClass] is not multi-platform.
|
||||
def is_multi_platform_exploit?(m)
|
||||
m.fullname.include?('multi/')
|
||||
end
|
||||
|
|
@ -427,11 +422,13 @@ module Msf
|
|||
|
||||
# Returns an appropriate payload that's compatible with the module.
|
||||
#
|
||||
# @param [Object] m A module that's been initialized.
|
||||
# @param m [Object] A module that's been initialized.
|
||||
# @return [Array] Payload name. Example: 'windows/meterpreter/reverse_tcp'
|
||||
def select_payload(m)
|
||||
compatible_payloads = []
|
||||
|
||||
module_payloads = nil
|
||||
|
||||
DEFAULT_PAYLOADS.each_pair do |platform, info|
|
||||
payload_choice = {
|
||||
:payload_name => get_selected_payload_name(platform),
|
||||
|
|
@ -441,8 +438,14 @@ module Msf
|
|||
if !is_multi_platform_exploit?(m) && !m.platform.platforms.empty? && is_payload_platform_compatible?(m, platform)
|
||||
compatible_payloads << payload_choice
|
||||
break
|
||||
elsif is_payload_compatible?(m, payload_choice[:payload_name])
|
||||
compatible_payloads << payload_choice
|
||||
else
|
||||
# The #compatible_payloads method is super expensive (slow). By doing it this way,
|
||||
# I managed to shave off seconds.
|
||||
module_payloads ||= m.compatible_payloads
|
||||
|
||||
if is_payload_compatible?(module_payloads, payload_choice[:payload_name])
|
||||
compatible_payloads << payload_choice
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -628,8 +631,8 @@ module Msf
|
|||
|
||||
# Logs a click that includes the suitable exploit list.
|
||||
#
|
||||
# @param [String] ip The target's IP address.
|
||||
# @param [String] data (Optional) CSV data that contains the exploit list.
|
||||
# @param ip [String] The target's IP address.
|
||||
# @param data [String] (Optional) CSV data that contains the exploit list.
|
||||
# @return [void]
|
||||
def log_click(ip, data='')
|
||||
report_note(
|
||||
|
|
|
|||
|
|
@ -629,17 +629,17 @@ describe Msf::Exploit::Remote::BrowserAutopwnv2 do
|
|||
end
|
||||
|
||||
describe '#is_payload_compatible?' do
|
||||
let(:windows_exploit) { create_fake_ms14_064 }
|
||||
let(:windows_exploit_payloads) { create_fake_ms14_064.compatible_payloads }
|
||||
|
||||
context 'when a valid payload name is given' do
|
||||
it 'returns true' do
|
||||
expect(subject.is_payload_compatible?(windows_exploit, windows_meterpreter_reverse_tcp)).to be_truthy
|
||||
expect(subject.is_payload_compatible?(windows_exploit_payloads, windows_meterpreter_reverse_tcp)).to be_truthy
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an invalid payload name is given' do
|
||||
it 'returns false' do
|
||||
expect(subject.is_payload_compatible?(windows_exploit, linux_meterpreter_reverse_tcp)).to be_falsey
|
||||
expect(subject.is_payload_compatible?(windows_exploit_payloads, linux_meterpreter_reverse_tcp)).to be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue