infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use a semi-intelligent OptEnum for CMDSTAGER::FLAVOR

bug/bundler_fix
Spencer McIntyre 2014-04-30 09:54:44 -04:00
parent 219153c887
commit 952c935730
2 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
lib/msf/core/exploit/cmdstager.rb
View File

@ -44,10 +44,25 @@ module Exploit::CmdStager
def initialize(info = {}) def initialize(info = {})
super super
flavors = []
if module_info['CmdStagerFlavor']
flavors = Array(module_info['CmdStagerFlavor'])
else
targets.each do |target|
flavors += Array(target.opts['CmdStagerFlavor']) if target.opts['CmdStagerFlavor']
end
flavors.uniq!
end
if flavors.empty?
flavors = STAGERS.keys
end
flavors = flavors.map { |flavor| flavor.to_s }
flavors.unshift('auto')
register_advanced_options( register_advanced_options(
[ [
OptEnum.new('CMDSTAGER::FLAVOR', [ false, 'The CMD Stager to use.']), OptEnum.new('CMDSTAGER::FLAVOR', [false, 'The CMD Stager to use.', 'auto', flavors]),
OptString.new('CMDSTAGER::DECODER', [ false, 'The decoder stub to use.']) OptString.new('CMDSTAGER::DECODER', [false, 'The decoder stub to use.'])
], self.class) ], self.class)
end end
@ -143,7 +158,7 @@ module Exploit::CmdStager
def select_cmdstager(opts = {}) def select_cmdstager(opts = {})
self.flavor = select_flavor(opts) self.flavor = select_flavor(opts)
raise ArgumentError, "Unable to select CMD Stager" if flavor.nil? raise ArgumentError, "Unable to select CMD Stager" if flavor.nil?
raise ArgumentError, "The CMD Stager selected isn't compatible with the target" unless compatible_flavor?(flavor) raise ArgumentError, "The CMD Stager '#{flavor}' isn't compatible with the target" unless compatible_flavor?(flavor)
self.decoder = select_decoder(opts) self.decoder = select_decoder(opts)
end end
@ -205,7 +220,9 @@ module Exploit::CmdStager
# @return [nil] if a flavor can not be selected. # @return [nil] if a flavor can not be selected.
def select_flavor(opts = {}) def select_flavor(opts = {})
return opts[:flavor].to_sym if opts.include?(:flavor) return opts[:flavor].to_sym if opts.include?(:flavor)
return datastore['CMDSTAGER::FLAVOR'].to_sym unless datastore['CMDSTAGER::FLAVOR'].blank? unless datastore['CMDSTAGER::FLAVOR'].blank? or datastore['CMDSTAGER::FLAVOR'] == 'auto'
return datastore['CMDSTAGER::FLAVOR'].to_sym
end
guess_flavor guess_flavor
end end

1
modules/exploits/multi/ssh/sshexec.rb
View File

@ -78,7 +78,6 @@ class Metasploit3 < Msf::Exploit::Remote
register_advanced_options( register_advanced_options(
[ [
OptEnum.new('CMDSTAGER::FLAVOR', [ true, 'The flavor of CMD stager to use', 'bourne', [ 'bourne', 'echo', 'printf' ]]),
OptBool.new('SSH_DEBUG', [ false, 'Enable SSH debugging output (Extreme verbosity!)', false]) OptBool.new('SSH_DEBUG', [ false, 'Enable SSH debugging output (Extreme verbosity!)', false])
] ]
) )