From 4e20b8f369fbce5bbb966679f8aefba78a4dbf79 Mon Sep 17 00:00:00 2001 From: wchen-r7 Date: Thu, 29 Oct 2015 13:22:59 -0500 Subject: [PATCH] Fix #5875, Add report_vuln for Msf::Exploit::CheckCode::Vulnerable Msf::Exploit::CheckCode::Vulnerable requires the module to be explicit, as in actually triggering the bug and get a vulnerable response, therefore it should be appropriate to use report_vuln to report it. Other vuln check codes (such as Appears, or Detected, etc) will not call report_vuln, because it's not explicit enough. --- lib/msf/ui/console/module_command_dispatcher.rb | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/msf/ui/console/module_command_dispatcher.rb b/lib/msf/ui/console/module_command_dispatcher.rb index 7583e93a44..07bcef3693 100644 --- a/lib/msf/ui/console/module_command_dispatcher.rb +++ b/lib/msf/ui/console/module_command_dispatcher.rb @@ -164,6 +164,16 @@ module ModuleCommandDispatcher end end + def report_vuln(instance) + framework.db.report_vuln( + workspace: instance.workspace, + host: instance.rhost, + name: instance.name, + info: "This was flagged as vulnerable by the explicit check of #{instance.fullname}.", + refs: instance.references + ) + end + def check_simple(instance=nil) unless instance instance = mod @@ -184,6 +194,7 @@ module ModuleCommandDispatcher if (code and code.kind_of?(Array) and code.length > 1) if (code == Msf::Exploit::CheckCode::Vulnerable) print_good("#{peer} - #{code[1]}") + report_vuln(instance) else print_status("#{peer} - #{code[1]}") end