Wee, works

git-svn-id: file:///home/svn/incoming/trunk@3258 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/core/module.rb

@@ -221,34 +221,47 @@ class Module
 		else
 			return true
 		end
-
+		
 		# Enumerate each compatibility item in our hash to find out
 		# if we're compatible with this sucker.
-		ch.each_pair { |k,v|
-			
+		ch.each_pair do |k,v|
+
 			# Get the value of the current key from the module, such as
 			# the ConnectionType for a stager (ws2ord, for instance).
 			mval = mod.module_info[k]
 
-			# Skip zee nils that the module has.
-			next if (mval == nil or v == nil)
-
-			# Delimit values by spaces so as to be able to indicate more than one.
-			v.split(/ /).each { |sv|
-
-				# If the supplied module's value is not contained within the supported
-				# values for this module or this module indicated a negation of
-				# the value stated by the supplied module, then we have detected
-				# ourselves a bit of an incompatibility and we just can't have that.
-				if (!(sv =~ /#{mval}/) or
-					 (sv =~ /-#{mval}/))
-					dlog("Module #{mod.refname} is incompatible with #{self.refname} for #{k}: limiter was #{sv}, value was #{mval}", 
-						'core', LEV_1)
+			
+			# Match an empty compat item only if the module does not define it
+			next if not (v and mval)
+				
+			# Reject a filled compat item on one side, but not the other
+			return false if not (v and mval)
+	
+			# Track how many of our values matched the module
+			mcnt = 0
+			
+			# Values are whitespace separated
+			sv = v.split(/\s+/)
+			mv = mval.split(/\s+/)
+			
+			sv.each do |x|
 
+				# Verify that any negate values are not matched
+				if (x[0].chr == '-' and mv.include?(x[1, x.length-1]))
+					dlog("Module #{mod.refname} is incompatible with #{self.refname} for #{k}: limiter was #{x}, value was #{mval}", 'core', LEV_1)
 					return false
 				end
-			}
-		}
+
+				mcnt += 1 if mv.include?(x)
+			end
+			
+			# No values matched, reject this module
+			if (mcnt == 0)
+				dlog("Module #{mod.refname} is incompatible with #{self.refname} for #{k}: limiter was #{v}, value was #{mval}", 'core', LEV_1)			
+				return false
+			end
+
+		end
 
 		# If we get here, we're compatible.
 		return true

modules/exploits/solaris/telnet/solaris_ttyprompt.rb

@@ -30,10 +30,9 @@ class Exploits::Solaris::Telnet::TTYPrompt_Auth_Bypass < Msf::Exploit::Remote
 					'Space'    => 2000,
 					'BadChars' => "",
 				},
-			'PayloadCompat'  =>
+			'PayloadCompat' =>
 				{
-					"PayloadType"    => "cmd +interact",
-					"ConnectionType" => CompatDefaults::Payload['ConnectionType'],
+					"PayloadType"    => "cmd cmd_interact",
 				},
 			'Targets'        => 
 				[

modules/payloads/singles/cmd/unix/generic.rb

@@ -20,7 +20,7 @@ module Generic
 			'Author'        => 'hdm',
 			'Platform'      => 'unix',
 			'Arch'          => ARCH_CMD,
-			'Handler'       => Msf::Handler::FindShell,
+			'Handler'       => Msf::Handler::None,
 			'Session'       => Msf::Sessions::CommandShell,
 			'PayloadType'   => 'cmd',
 			'Payload'       =>

modules/payloads/singles/cmd/unix/interact.rb

@@ -22,7 +22,7 @@ module Interact
 			'Arch'          => ARCH_CMD,
 			'Handler'       => Msf::Handler::FindShell,
 			'Session'       => Msf::Sessions::CommandShell,
-			'PayloadType'   => 'cmd interact',
+			'PayloadType'   => 'cmd_interact',
 			'Payload'       =>
 				{
 					'Offsets' => { },