Add Local Exploit Suggestor

Resolve #5647

modules/post/multi/recon/local_exploit_suggestor.rb

@@ -0,0 +1,127 @@
+##
+# This module requires Metasploit: http://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Post
+
+  def initialize(info={})
+    super(update_info(info,
+        'Name'          => 'Multi Recon Local Exploit Suggestor',
+        'Description'   => %q{
+          Save this for later!!!!
+        },
+        'License'       => MSF_LICENSE,
+        'Author'        => [ '_sinn3r, ' ],
+        'Platform'      => all_platforms,
+        'SessionTypes'  => [ 'meterpreter', 'shell' ]
+    ))
+      register_options( [
+          Msf::OptInt.new('SESSION', [ true, "The session to run this module on." ]),
+          Msf::OptBool.new('SHOW_DESCRIPTION', [true, "Displays a detailed description for the available exploits", false])
+      ],Msf::Post)
+  end
+#
+  def all_platforms
+    Msf::Module::Platform.subclasses.collect {|c| c.realname.downcase }
+  end
+
+  def get_target_arch
+    @target_arch ||= lambda {
+      return nil unless session
+      session.platform.split('/').first
+    }.call
+  end
+
+  def get_target_platform
+    @target_platform ||= lambda {
+      return nil unless session
+      platform = session.platform.split('/').second
+
+      if platform =~ /^win/
+        platform = 'win'
+      end
+
+      return platform
+    }.call
+  end
+
+  def is_module_arch?(mod)
+    mod_arch = mod.target.arch || mod.arch
+    mod_arch.include?(get_target_arch)
+  end
+
+  def is_module_options_ready?(mod)
+    mod.options.each_pair do |option_name, option|
+      if option.required && option.default.nil?
+        return false
+      end
+    end
+
+    true
+  end
+
+  def is_module_platform?(mod)
+    platform_obj = nil
+    begin
+      platform_obj = Msf::Module::Platform.find_platform(get_target_platform)
+    rescue ArgumentError
+      # When not found, find_platform raises an ArgumentError
+      return false
+    end
+
+    module_platforms = mod.target.platform ? mod.target.platform.platforms : mod.platform.platforms
+    module_platforms.include?(platform_obj)
+  end
+
+  def setup
+    print_status "Collecting local exploits . . ."
+    #Initializes an array
+    @local_exploits = []
+    # Collects exploits into an array
+    framework.exploits.each do |name, obj|
+      mod = framework.exploits.create(name)
+      mod.datastore.merge!(self.datastore)
+      # If the module matches the platform and architecture conditions, then add to @local_exploits
+       if mod.kind_of?(Msf::Exploit::Local) && mod.respond_to?(:check) && is_module_platform?(mod) && is_module_arch?(mod) && is_module_options_ready?(mod)
+         @local_exploits << mod
+       end
+     end
+  end
+
+  def run
+    @local_exploits.each do |m|
+    begin
+      checkcode = m.check
+        # See def is_check_interesting?
+        if is_check_interesting?(checkcode)
+          # Prints the full name and the checkcode message for the exploit
+          print_good("#{m.fullname}: #{checkcode.second}")
+          #If the datastore option is true, a detailed description will show
+          if datastore['SHOW_DESCRIPTION']
+            # Formatting for the description text
+            print_line Rex::Text.wordwrap(Rex::Text.compress(mod.description), 2, 70)
+            end
+          else
+            # Prints the full name and the checkcode message for the exploit
+            vprint_status("#{m.fullname}: #{checkcode.second}")
+          end
+     # Creates a log record in framework.log
+     rescue ::Exception => e
+       elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
+       vprint_error("#{m.shortname} failled to run: #{e.message}")
+     end
+  end
+  end
+
+  def is_check_interesting?(checkcode)
+    [
+      Msf::Exploit::CheckCode::Vulnerable,
+      Msf::Exploit::CheckCode::Appears,
+      Msf::Exploit::CheckCode::Detected
+    ].include?(checkcode)
+  end
+
+end