Working version

bug/bundler_fix
Stuart Morgan 2015-05-20 20:29:23 +01:00
parent 1ec231c28d
commit c4fc2132d8
1 changed files with 63 additions and 22 deletions

View File

@ -31,19 +31,12 @@ class Metasploit3 < Msf::Post
[
OptAddress.new('TARGET' , [ true, 'Destination IP address.']),
OptString.new('PORTS', [true, 'Ports to test (e.g. 80,443,100-110).','80,443']),
OptInt.new('TIMEOUT', [true, 'Timeout for the ICMP socket.', 500]),
OptInt.new('THREADS' , [true, 'Number of simultaneous threads/connections to try.','20']),
], self.class)
end
def tcp_setup
handler = client.railgun.ws2_32.socket('AF_INET', 'SOCK_STREAM', 'IPPROTO_TCP')
if handler['GetLastError'] == 0
vprint_status('TCP socket created successfully')
return handler
else
print_error("There was an error setting the TCP socket; GetLastError: #{handler['GetLastError']}")
return nil
end
client.railgun.ws2_32.socket('AF_INET', 'SOCK_STREAM', 'IPPROTO_TCP')
end
def connections(remote, dst_port, h_tcp)
@ -56,23 +49,71 @@ class Metasploit3 < Msf::Post
def run
session.railgun.ws2_32
h_tcp = tcp_setup
successful = []
remote = datastore['TARGET']
to = datastore['TIMEOUT']
thread_num = datastore['THREADS']
ports = Rex::Socket.portspec_crack(datastore['PORTS'])
ports.each do |dport|
print_status("Connecting to #{remote}:#{dport}")
r = connections(remote, dport, h_tcp['return'])
if r['GetLastError'] == 0
print_status('TCP socket created successfully')
else
print_error("There was an error setting the TCP socket; GetLastError: #{r['GetLastError']}")
end
workload_ports = []
workload_cycle = 0
completed_cycle = false
# Now we need to divvy up the ports into pots for each thread
while(not ports.nil? and not ports.empty?) do
# If that group hasn't had its own ports array yet, give it some
workload_ports[workload_cycle] = [] if workload_ports[workload_cycle].nil?
# Add the port to the array to test
workload_ports[workload_cycle] << ports.shift
# Now increase the cycle until it goes above threads
workload_cycle = workload_cycle + 1
if workload_cycle > thread_num
completed_cycle = true
workload_cycle = 0
end
end
client.railgun.ws2_32.closesocket(h_tcp['return'])
return 0
if completed_cycle == false and thread_num > workload_cycle
thread_num = workload_cycle
print_status("Reduced threads to #{thread_num} because there is not enough work for the remaining threads.")
else
print_status("Number of threads: #{thread_num}")
end
print_status("Generating traffic to #{remote}...")
a = []
0.upto(thread_num-1) do |num|
a << framework.threads.spawn("Module(#{self.refname})", false, workload_ports[num]) do |portlist|
h_tcp = tcp_setup
if h_tcp['return'] == 0
print_error("[#{num}] Error setting up socket for #{remote}; Error: #{h_tcp['GetLastError']}")
break
else
print_status("[#{num}] Set up socket for #{remote}; Handle: #{h_tcp['return']}")
end
portlist.each do |dport|
vprint_status("[#{num}] Connecting to #{remote}:#{dport}")
r = connections(remote, dport, h_tcp['return'])
if r['GetLastError'] == 0
vprint_status("[#{num}] Connection made successfully #{dport}")
successful << dport
else
vprint_status("[#{num}] There was an error setting the TCP socket (port #{dport}) Error: #{r['GetLastError']}")
end
end
client.railgun.ws2_32.closesocket(h_tcp['return'])
end
end
a.map { |x| x.join }
print_status("Traffic generation to #{remote} completed.")
return 0
end
end