Land #11135, strip comments from source code before uploading it to the target
parent
183ad8f842
commit
a9f6c81aa8
|
@ -115,6 +115,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
cmd_exec "chmod +x #{path}"
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2016-8655', file)
|
||||
end
|
||||
|
@ -211,7 +215,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile executable_path, exploit_data('chocobo_root.c')
|
||||
upload_and_compile executable_path, strip_comments(exploit_data('chocobo_root.c'))
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
upload_and_chmodx executable_path, exploit_data('chocobo_root')
|
||||
|
|
|
@ -106,6 +106,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
cmd_exec "chmod +x #{path}"
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2017-7308', file)
|
||||
end
|
||||
|
@ -201,7 +205,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile executable_path, exploit_data('poc.c')
|
||||
upload_and_compile executable_path, strip_comments(exploit_data('poc.c'))
|
||||
rm_f "#{executable_path}.c"
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
|
|
|
@ -131,6 +131,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
cmd_exec "chmod +x #{path}"
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2017-16995', file)
|
||||
end
|
||||
|
@ -214,7 +218,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile executable_path, exploit_data('exploit.c')
|
||||
upload_and_compile executable_path, strip_comments(exploit_data('exploit.c'))
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
upload_and_chmodx executable_path, exploit_data('exploit.out')
|
||||
|
|
|
@ -102,6 +102,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
cmd_exec "chmod +x #{path}"
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2018-1000001', file)
|
||||
end
|
||||
|
@ -196,7 +200,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
@executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile @executable_path, exploit_data('RationalLove.c')
|
||||
upload_and_compile @executable_path, strip_comments(exploit_data('RationalLove.c'))
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
upload_and_chmodx @executable_path, exploit_data('RationalLove')
|
||||
|
|
|
@ -119,6 +119,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
chmod path, 0755
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2018-18955', file)
|
||||
end
|
||||
|
@ -213,8 +217,8 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
subshell_path = "#{base_dir}/#{subshell_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile subuid_shell_path, exploit_data('subuid_shell.c')
|
||||
upload_and_compile subshell_path, exploit_data('subshell.c')
|
||||
upload_and_compile subuid_shell_path, strip_comments(exploit_data('subuid_shell.c'))
|
||||
upload_and_compile subshell_path, strip_comments(exploit_data('subshell.c'))
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
upload_and_chmodx subuid_shell_path, exploit_data('subuid_shell.out')
|
||||
|
|
|
@ -103,6 +103,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
register_file_for_cleanup path
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2010-3904', file)
|
||||
end
|
||||
|
@ -169,7 +173,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile executable_path, exploit_data('rds-fail.c')
|
||||
upload_and_compile executable_path, strip_comments(exploit_data('rds-fail.c'))
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
arch = kernel_hardware
|
||||
|
|
|
@ -89,6 +89,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
cmd_exec "chmod +x #{path}"
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2014-0038', file)
|
||||
end
|
||||
|
@ -160,7 +164,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile executable_path, exploit_data('recvmmsg.c')
|
||||
upload_and_compile executable_path, strip_comments(exploit_data('recvmmsg.c'))
|
||||
rm_f "#{executable_path}.c"
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
|
|
|
@ -108,6 +108,10 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
cmd_exec "chmod +x #{path}"
|
||||
end
|
||||
|
||||
def strip_comments(c_code)
|
||||
c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
|
||||
end
|
||||
|
||||
def exploit_data(file)
|
||||
::File.binread ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2017-1000112', file)
|
||||
end
|
||||
|
@ -198,7 +202,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
executable_path = "#{base_dir}/#{executable_name}"
|
||||
if live_compile?
|
||||
vprint_status 'Live compiling exploit on system...'
|
||||
upload_and_compile executable_path, exploit_data('exploit.c')
|
||||
upload_and_compile executable_path, strip_comments(exploit_data('exploit.c'))
|
||||
else
|
||||
vprint_status 'Dropping pre-compiled exploit on system...'
|
||||
upload_and_chmodx executable_path, exploit_data('exploit.out')
|
||||
|
|
Loading…
Reference in New Issue