From d67b55d195b7df3969b821cdfbcf5e5eb9b1749e Mon Sep 17 00:00:00 2001
From: HD Moore <hd_moore@rapid7.com>
Date: Tue, 13 Oct 2015 15:56:18 -0700
Subject: [PATCH] Fix autofilter values for aggressive modules

---
 modules/exploits/freebsd/http/watchguard_cmd_exec.rb         | 4 ++++
 modules/exploits/linux/antivirus/escan_password_exec.rb      | 4 ++++
 modules/exploits/multi/http/coldfusion_rds.rb                | 4 ++++
 modules/exploits/multi/http/jboss_maindeployer.rb            | 4 ++++
 modules/exploits/multi/http/oracle_reports_rce.rb            | 4 ++++
 modules/exploits/multi/http/struts_default_action_mapper.rb  | 4 ++++
 modules/exploits/multi/misc/arkeia_agent_exec.rb             | 5 +++++
 modules/exploits/multi/misc/java_jmx_server.rb               | 4 ++++
 modules/exploits/unix/webapp/google_proxystylesheet_exec.rb  | 4 ++++
 modules/exploits/unix/webapp/joomla_akeeba_unserialize.rb    | 4 ++++
 modules/exploits/unix/webapp/wp_pixabay_images_upload.rb     | 4 ++++
 modules/exploits/windows/http/rejetto_hfs_exec.rb            | 4 ++++
 .../exploits/windows/scada/ge_proficy_cimplicity_gefebt.rb   | 4 ++++
 13 files changed, 53 insertions(+)

diff --git a/modules/exploits/freebsd/http/watchguard_cmd_exec.rb b/modules/exploits/freebsd/http/watchguard_cmd_exec.rb
index c48c552383..56553b4540 100644
--- a/modules/exploits/freebsd/http/watchguard_cmd_exec.rb
+++ b/modules/exploits/freebsd/http/watchguard_cmd_exec.rb
@@ -277,4 +277,8 @@ class Metasploit4 < Msf::Exploit::Remote
     send_response(cli, @pl)
   end
 
+  def autofilter
+    true
+  end
+
 end
diff --git a/modules/exploits/linux/antivirus/escan_password_exec.rb b/modules/exploits/linux/antivirus/escan_password_exec.rb
index df378d022c..38ad269906 100644
--- a/modules/exploits/linux/antivirus/escan_password_exec.rb
+++ b/modules/exploits/linux/antivirus/escan_password_exec.rb
@@ -107,6 +107,10 @@ class Metasploit3 < Msf::Exploit::Remote
     end
   end
 
+  def autofilter
+    true
+  end
+
   def exploit
     @pl           = generate_payload_exe
     if @pl.blank?
diff --git a/modules/exploits/multi/http/coldfusion_rds.rb b/modules/exploits/multi/http/coldfusion_rds.rb
index 33e0c92090..bdeb327d67 100644
--- a/modules/exploits/multi/http/coldfusion_rds.rb
+++ b/modules/exploits/multi/http/coldfusion_rds.rb
@@ -148,6 +148,10 @@ class Metasploit3 < Msf::Exploit::Remote
     end
   end
 
+  def autofilter
+    true
+  end
+
   #task scheduler is pretty bad at handling binary files and likes to mess up our meterpreter :-(
   #instead we use a CFML filedropper to embed our payload and execute it.
   #this also removes the dependancy of using the probe.cfm to execute the file.
diff --git a/modules/exploits/multi/http/jboss_maindeployer.rb b/modules/exploits/multi/http/jboss_maindeployer.rb
index 846fd9daba..514a6a45b3 100644
--- a/modules/exploits/multi/http/jboss_maindeployer.rb
+++ b/modules/exploits/multi/http/jboss_maindeployer.rb
@@ -326,6 +326,10 @@ class Metasploit3 < Msf::Exploit::Remote
     res
   end
 
+  def autofilter
+    true
+  end
+
   # Try to autodetect the target platform
   def detect_platform(res)
     if (res.body =~ /<td.*?OSName.*?(Linux|FreeBSD|Windows).*?<\/td>/m)
diff --git a/modules/exploits/multi/http/oracle_reports_rce.rb b/modules/exploits/multi/http/oracle_reports_rce.rb
index a51b98785f..d95a151255 100644
--- a/modules/exploits/multi/http/oracle_reports_rce.rb
+++ b/modules/exploits/multi/http/oracle_reports_rce.rb
@@ -170,6 +170,10 @@ class Metasploit3 < Msf::Exploit::Remote
     send_response(cli, @pl)
   end
 
+  def autofilter
+    true
+  end
+
   def upload_payload
     print_status "#{peer} - Uploading payload ..."
     path = "/#{@local_path}#{@payload_dir}#{@payload_name}"
diff --git a/modules/exploits/multi/http/struts_default_action_mapper.rb b/modules/exploits/multi/http/struts_default_action_mapper.rb
index f2365c7e34..af4acfdf6a 100644
--- a/modules/exploits/multi/http/struts_default_action_mapper.rb
+++ b/modules/exploits/multi/http/struts_default_action_mapper.rb
@@ -343,6 +343,10 @@ class Metasploit3 < Msf::Exploit::Remote
     send_response(cli, @pl)
   end
 
+  def autofilter
+    true
+  end
+
   # wait for the data to be sent
   def wait_payload
     print_status("#{rhost}:#{rport} - Waiting for the victim to request the payload...")
diff --git a/modules/exploits/multi/misc/arkeia_agent_exec.rb b/modules/exploits/multi/misc/arkeia_agent_exec.rb
index 0087620e60..8570d5745b 100644
--- a/modules/exploits/multi/misc/arkeia_agent_exec.rb
+++ b/modules/exploits/multi/misc/arkeia_agent_exec.rb
@@ -552,4 +552,9 @@ class Metasploit3 < Msf::Exploit::Remote
       register_files_for_cleanup("c:\\#{@down_file}.exe")
     end
   end
+
+  def autofilter
+    true
+  end
+
 end
diff --git a/modules/exploits/multi/misc/java_jmx_server.rb b/modules/exploits/multi/misc/java_jmx_server.rb
index 5c1f979d8e..d5221281f4 100644
--- a/modules/exploits/multi/misc/java_jmx_server.rb
+++ b/modules/exploits/multi/misc/java_jmx_server.rb
@@ -93,6 +93,10 @@ class Metasploit3 < Msf::Exploit::Remote
     end
   end
 
+  def autofilter
+    return true
+  end
+
   def check
     connect
 
diff --git a/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb b/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb
index 131a9b0928..bc505ad66f 100644
--- a/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb
+++ b/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb
@@ -59,6 +59,10 @@ class Metasploit3 < Msf::Exploit::Remote
     send_response(cli, data)
   end
 
+  def autofilter
+    true
+  end
+
   def check
     res = send_request_cgi({
       'uri'      => '/search',
diff --git a/modules/exploits/unix/webapp/joomla_akeeba_unserialize.rb b/modules/exploits/unix/webapp/joomla_akeeba_unserialize.rb
index 7d7ba20d87..4319647596 100644
--- a/modules/exploits/unix/webapp/joomla_akeeba_unserialize.rb
+++ b/modules/exploits/unix/webapp/joomla_akeeba_unserialize.rb
@@ -146,4 +146,8 @@ class Metasploit3 < Msf::Exploit::Remote
     send_not_found(cli)
   end
 
+  def autofilter
+    true
+  end
+
 end
diff --git a/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb b/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb
index 81ab361db5..8ad684d180 100644
--- a/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb
+++ b/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb
@@ -63,6 +63,10 @@ class Metasploit3 < Msf::Exploit::Remote
       "#{get_uri}.php"
   end
 
+  def autofilter
+    true
+  end
+
   def call_payload(file_name)
     res = send_request_cgi({
       'method' => 'GET',
diff --git a/modules/exploits/windows/http/rejetto_hfs_exec.rb b/modules/exploits/windows/http/rejetto_hfs_exec.rb
index 47b5642b25..7c24bcaf8f 100644
--- a/modules/exploits/windows/http/rejetto_hfs_exec.rb
+++ b/modules/exploits/windows/http/rejetto_hfs_exec.rb
@@ -81,6 +81,10 @@ class Metasploit3 < Msf::Exploit::Remote
     remove_resource(get_resource)
   end
 
+  def autofilter
+    true
+  end
+
   def primer
     file_name = rand_text_alpha(rand(10)+5)
     file_ext = '.vbs'
diff --git a/modules/exploits/windows/scada/ge_proficy_cimplicity_gefebt.rb b/modules/exploits/windows/scada/ge_proficy_cimplicity_gefebt.rb
index 8afbdce80d..5b423dfa65 100644
--- a/modules/exploits/windows/scada/ge_proficy_cimplicity_gefebt.rb
+++ b/modules/exploits/windows/scada/ge_proficy_cimplicity_gefebt.rb
@@ -74,6 +74,10 @@ class Metasploit3 < Msf::Exploit::Remote
     end
   end
 
+  def autofilter
+    true
+  end
+
   def process_get(cli, request)
     if request.uri =~ /#{@basename}(\d)\.bcl/
       print_status("GET => Payload")