Almost ready to run exploits via the web interface
git-svn-id: file:///home/svn/framework3/trunk@4434 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
904901d163
commit
8a70cb35ca
|
@ -4,46 +4,75 @@
|
|||
# Instance variables, final values, etc, go into views.
|
||||
|
||||
class ExploitsController < ApplicationController
|
||||
layout 'windows'
|
||||
|
||||
def list
|
||||
end
|
||||
layout 'windows'
|
||||
|
||||
def view
|
||||
@tmod = get_view_for_module("exploit", params[:refname])
|
||||
def list
|
||||
end
|
||||
|
||||
def view
|
||||
@tmod = get_view_for_module("exploit", params[:refname])
|
||||
|
||||
unless @tmod
|
||||
render_text "Unknown module specified."
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def exploit
|
||||
# Retrieve object to module with the given refname
|
||||
@tmod = get_view_for_module("exploit", params[:refname])
|
||||
unless @tmod
|
||||
render_text "Unknown module specified."
|
||||
def config
|
||||
# Retrieve object to module with the given refname
|
||||
@tmod = get_view_for_module("exploit", params[:refname])
|
||||
unless @tmod
|
||||
render_text "Unknown module specified."
|
||||
end
|
||||
|
||||
# Get target, using index given in 'target' parameter
|
||||
@target = @tmod.targets[params[:target].to_i]
|
||||
unless @target
|
||||
render_text "Unknown target specified."
|
||||
@target = @tmod.targets[params[:target].to_i]
|
||||
unless @target
|
||||
render_text "Unknown target specified."
|
||||
end
|
||||
|
||||
@cur_step = nil
|
||||
if params[:step]
|
||||
@cur_step = params[:step]
|
||||
end
|
||||
|
||||
if @cur_step == "config"
|
||||
@payload = @tmod.compatible_payloads[params[:payload].to_i]
|
||||
unless @payload
|
||||
render_text "Unknown payload specified or not supported."
|
||||
end
|
||||
elsif @cur_step == "ready"
|
||||
@tmod.datastore['TARGET'] = params[:target].to_i
|
||||
else
|
||||
@payloads = @tmod.compatible_payloads
|
||||
end
|
||||
end
|
||||
@cur_step = nil
|
||||
if params[:step]
|
||||
@cur_step = params[:step]
|
||||
end
|
||||
|
||||
if @cur_step == "config"
|
||||
@payload = @tmod.compatible_payloads[params[:payload].to_i]
|
||||
|
||||
unless @payload
|
||||
render_text "Unknown payload specified or not supported."
|
||||
end
|
||||
else
|
||||
@payloads = @tmod.compatible_payloads
|
||||
end
|
||||
end
|
||||
|
||||
def exploit
|
||||
# Retrieve object to module with the given refname
|
||||
@tmod = get_view_for_module("exploit", params[:refname])
|
||||
unless @tmod
|
||||
render_text "Unknown module specified."
|
||||
end
|
||||
|
||||
# Get target, using index given in 'target' parameter
|
||||
@target = @tmod.targets[params[:target].to_i]
|
||||
unless @target
|
||||
render_text "Unknown target specified."
|
||||
end
|
||||
|
||||
@cur_step = nil
|
||||
if params[:step]
|
||||
@cur_step = params[:step]
|
||||
end
|
||||
|
||||
|
||||
@payload = @tmod.compatible_payloads[params[:payload].to_i]
|
||||
|
||||
unless @payload
|
||||
render_text "Unknown payload specified or not supported."
|
||||
end
|
||||
|
||||
@tmod.datastore['TARGET'] = params[:target].to_i
|
||||
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -6,178 +6,24 @@
|
|||
</p>
|
||||
</tr>
|
||||
|
||||
<% if @cur_step == nil %>
|
||||
|
||||
<p>Select payload for <strong><%= h(@target.name) %></strong>:</p>
|
||||
|
||||
<tr>
|
||||
<th class="moduleOptionsHeader">Name</th>
|
||||
<th class="moduleOptionsHeader">Description</th>
|
||||
</tr>
|
||||
|
||||
<%
|
||||
rcol_a = 'item_row_col_a'
|
||||
rcol_b = 'item_row_col_b'
|
||||
rcol = rcol_b
|
||||
%>
|
||||
|
||||
<% @payloads.each_with_index do |p, idx| %>
|
||||
<tr class='<%=h rcol = (rcol == rcol_a) ? rcol_b : rcol_a %>'>
|
||||
<% o = p[1].new %>
|
||||
<td><%= link_to h(p[0]), :refname => @tmod.refname.gsub('/', ':'), :step => "config",
|
||||
:target => h(params[:target].to_i), :payload => idx %></td>
|
||||
<td><%= h(o.description) %></td>
|
||||
</tr>
|
||||
<% end %>
|
||||
|
||||
<% elsif @cur_step == "config" %>
|
||||
|
||||
<p>Exploit and payload configuration:</p>
|
||||
|
||||
<tr>
|
||||
<th colspan="2" class="moduleOptionsHeader">
|
||||
CURRENT CONFIGURATION -
|
||||
<%= link_to "change", :action => "exploit", :refname => h(params[:refname]) %>
|
||||
</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Target:</td>
|
||||
<td><%= @target.name %></td>
|
||||
<tr>
|
||||
<tr>
|
||||
<td>Exploit:</td>
|
||||
<td><%= @tmod.refname %></td>
|
||||
<tr>
|
||||
<tr>
|
||||
|
||||
<tr>
|
||||
<td>Payload:</td>
|
||||
<td><%= @payload[0] %></td>
|
||||
<tr>
|
||||
<tr>
|
||||
<td>Payload bad characters:</td>
|
||||
<td><%= Rex::Text::to_hex(@tmod.payload_badchars || '' ) %></td>
|
||||
<tr>
|
||||
|
||||
<tr>
|
||||
<th colspan="2" class="moduleOptionsHeader">OPTIONS</th>
|
||||
</tr>
|
||||
|
||||
<form action="/exploits/exploit" method="post">
|
||||
<%= hidden_field_tag "refname", h(params[:refname]) %>
|
||||
<%= hidden_field_tag "step", "ready" %>
|
||||
<%= hidden_field_tag "target", h(params[:target]) %>
|
||||
<%= hidden_field_tag "payload", h(params[:payload]) %>
|
||||
|
||||
<% @tmod.options.sort.each { |name, option|
|
||||
next if (option.advanced?)
|
||||
next if (option.evasion?) %>
|
||||
<tr>
|
||||
<td><strong><%= name %></strong></td>
|
||||
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
|
||||
<td>
|
||||
<input type="text" name="eopt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
|
||||
</td>
|
||||
</tr>
|
||||
<% } %>
|
||||
<% @payload[1].new.options.sort.each { |name, option|
|
||||
next if (option.advanced?)
|
||||
next if (option.evasion?) %>
|
||||
<tr>
|
||||
<td><strong><%= name %></strong></td>
|
||||
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
|
||||
<td>
|
||||
<input type="text" name="popt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
|
||||
</td>
|
||||
</tr>
|
||||
<% } %>
|
||||
|
||||
<tr>
|
||||
<th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<th colspan="2" class="moduleOptionsHeader">ADVANCED OPTIONS</th>
|
||||
</tr>
|
||||
|
||||
<% @tmod.options.sort.each { |name, option|
|
||||
next if not option.advanced? %>
|
||||
<tr>
|
||||
<td><strong><%= name %></strong></td>
|
||||
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
|
||||
<td>
|
||||
<input type="text" name="eopt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
|
||||
</td>
|
||||
</tr>
|
||||
<% } %>
|
||||
<% @payload[1].new.options.sort.each { |name, option|
|
||||
next if not option.advanced? %>
|
||||
<tr>
|
||||
<td><strong><%= name %></strong></td>
|
||||
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
|
||||
<td>
|
||||
<input type="text" name="popt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
|
||||
</td>
|
||||
</tr>
|
||||
<% } %>
|
||||
|
||||
<tr>
|
||||
<th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
|
||||
</tr>
|
||||
|
||||
<td>Target:</td>
|
||||
<td><%= @target.name %></td>
|
||||
<tr>
|
||||
<th colspan="2" class="moduleOptionsHeader">EVASION OPTIONS</th>
|
||||
</tr>
|
||||
|
||||
<% @tmod.options.sort.each { |name, option|
|
||||
next if not option.evasion? %>
|
||||
<tr>
|
||||
<td><strong><%= name %></strong></td>
|
||||
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
|
||||
<td>
|
||||
<input type="text" name="eopt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
|
||||
</td>
|
||||
</tr>
|
||||
<% } %>
|
||||
<% @payload[1].new.options.sort.each { |name, option|
|
||||
next if not option.evasion? %>
|
||||
<tr>
|
||||
<td><strong><%= name %></strong></td>
|
||||
<td><strong><%= (option.required?) ? "Required" : "Optional" %></strong></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
|
||||
<td>
|
||||
<input type="text" name="popt_<%= h(name) %>" value="<%= h(option.default || '') %>" />
|
||||
</td>
|
||||
</tr>
|
||||
<% } %>
|
||||
|
||||
<tr>
|
||||
<th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
|
||||
</tr>
|
||||
|
||||
</form>
|
||||
|
||||
<% elsif @cur_step == "ready" %>
|
||||
|
||||
<tr>
|
||||
<th colspan="2" class="moduleOptionsHeader">LAUNCHING EXPLOIT</th>
|
||||
</tr>
|
||||
|
||||
<% end %>
|
||||
|
||||
|
||||
</table>
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@
|
|||
Please select a target:
|
||||
<ul class="moduleTargets">
|
||||
<% @tmod.targets.each_with_index { |tgt, idx| %>
|
||||
<li><%= link_to h(tgt.name), :action => "exploit", :refname => @tmod.refname.gsub('/', ':'), :target => idx %></a></li>
|
||||
<li><%= link_to h(tgt.name), :action => "config", :refname => @tmod.refname.gsub('/', ':'), :target => idx %></a></li>
|
||||
<% } %>
|
||||
</ul>
|
||||
|
||||
|
|
|
@ -163,6 +163,8 @@ th.moduleOptionsHeader {
|
|||
background: #ddd;
|
||||
color: #000;
|
||||
text-transform: uppercase;
|
||||
margin-top: 1em;
|
||||
margin-bottom: 1em;
|
||||
}
|
||||
|
||||
.item_row_col_a {
|
||||
|
|
Loading…
Reference in New Issue