Take into account an integer-normalized datastore

unstable
HD Moore 2012-06-24 22:59:14 -05:00
parent f7ecc98923
commit e31a09203d
21 changed files with 24 additions and 25 deletions

View File

@ -66,8 +66,8 @@ class Metasploit3 < Msf::Auxiliary
def run
serverIP = datastore['RHOST']
if (datastore['RPORT'] != 80)
serverIP += ":" + datastore['RPORT']
if (datastore['RPORT'].o_i != 80)
serverIP += ":" + datastore['RPORT'].to_s
end
isapiURI = datastore['ISAPI']

View File

@ -1,4 +1,3 @@
##
# $Id$
##
@ -167,7 +166,7 @@ class Metasploit3 < Msf::Auxiliary
@evilchars = ['']
end
print_status("Connecting to host " + ip + " on port " + datastore['RPORT'])
print_status("Connecting to host " + ip + " on port " + datastore['RPORT'].to_s)
if (startstage == 1)
process_phase(1, "Fuzzing without command")

View File

@ -97,14 +97,14 @@ class Metasploit3 < Msf::Auxiliary
'Accept-Charset' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
'Keep-Alive' => '300',
'Connection' => 'keep-alive',
'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'],
'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'].to_s,
'Content-Type' => 'application/x-www-form-urlencoded',
}
}
@get_data_headers = {
'Host' => host,
'User-Agent' => useragent,
'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'],
'Referer' => proto + datastore['RHOST'] + ":" + datastore['RPORT'].to_s,
}
end

View File

@ -47,7 +47,7 @@ class Metasploit3 < Msf::Auxiliary
if datastore['RPORT'].to_i == 80 or datastore['RPORT'].to_i == 443
port = ""
else
port = ":" + datastore['RPORT']
port = ":" + datastore['RPORT'].to_s
end
info = (datastore['SSL'] ? "https" : "http") + "://#{target_host}#{port}/"

View File

@ -193,7 +193,7 @@ class Metasploit3 < Msf::Exploit::Remote
# UPLOAD
#
resource_uri = '/' + app_base + '.war'
service_url = 'http://' + datastore['SRVHOST'] + ':' + datastore['SRVPORT'] + resource_uri
service_url = 'http://' + datastore['SRVHOST'] + ':' + datastore['SRVPORT'].to_s + resource_uri
print_status("Starting up our web service on #{service_url} ...")
start_service({'Uri' => {
'Proc' => Proc.new { |cli, req|
@ -203,7 +203,7 @@ class Metasploit3 < Msf::Exploit::Remote
}})
if (datastore['WARHOST'])
service_url = 'http://' + datastore['WARHOST'] + ':' + datastore['SRVPORT'] + resource_uri
service_url = 'http://' + datastore['WARHOST'] + ':' + datastore['SRVPORT'].to_s + resource_uri
end
print_status("Asking the JBoss server to deploy (via MainDeployer) #{service_url}")

View File

@ -128,7 +128,7 @@ class Metasploit3 < Msf::Exploit::Remote
begin
socket = Rex::Socket.create_udp
upnp_location = "http://" + datastore['LHOST'] + ":" + datastore['SRVPORT']
upnp_location = "http://" + datastore['LHOST'] + ":" + datastore['SRVPORT'].to_s
print_status("Listening for UPNP requests on: #{upnp_location}")
print_status("Sending UPNP Discovery replies...")

View File

@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/PAYLOAD"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/PAYLOAD"
if (request.uri.match(/PAYLOAD/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -103,7 +103,7 @@ class Metasploit3 < Msf::Exploit::Remote
shellcode = Rex::Text.to_unescape(p.encoded)
url = ((datastore['SSL']) ? "https://" : "http://")
url << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(client.peerhost) : datastore['SRVHOST'])
url << ":" + datastore['SRVPORT']
url << ":" + datastore['SRVPORT'].to_s
url << get_resource
js = <<-ENDJS
#{js_heap_spray}

View File

@ -123,7 +123,7 @@ class Metasploit3 < Msf::Exploit::Remote
shellcode = Rex::Text.to_unescape(p.encoded)
url = ((datastore['SSL']) ? "https://" : "http://")
url << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(client.peerhost) : datastore['SRVHOST'])
url << ":" + datastore['SRVPORT']
url << ":" + datastore['SRVPORT'].to_s
url << get_resource
fname = rand_text_alphanumeric(4)

View File

@ -59,7 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -99,7 +99,7 @@ class Metasploit3 < Msf::Exploit::Remote
url = "http://"
url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
url += ":" + datastore['SRVPORT'] + get_resource() + "/"
url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/"
#VBScript variables
clsid = "79956462-F148-497F-B247-DF35A095F80B"

View File

@ -75,7 +75,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/#{@payload_rand}"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/#{@payload_rand}"
if (request.uri.match(/#{@payload_rand}/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
url_base = "http://"
url_base += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
url_base += ":" + datastore['SRVPORT'] + get_resource()
url_base += ":" + datastore['SRVPORT'].to_s + get_resource()
payload_url = url_base + "/payload"

View File

@ -68,7 +68,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -58,7 +58,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -76,7 +76,7 @@ class Metasploit3 < Msf::Exploit::Remote
url = "http://"
url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
url += ":" + datastore['SRVPORT'] + get_resource() + "/"
url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/"
content = <<-EOS
<?xml-stylesheet type="text/xml" href="#fragment"?>

View File

@ -69,7 +69,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/PAYLOAD"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/PAYLOAD"
if (request.uri.match(/PAYLOAD/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -61,7 +61,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -59,7 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)

View File

@ -64,7 +64,7 @@ class Metasploit3 < Msf::Exploit::Remote
payload_url = "http://"
payload_url += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
payload_url += ":" + datastore['SRVPORT'] + get_resource() + "/payload"
payload_url += ":" + datastore['SRVPORT'].to_s + get_resource() + "/payload"
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)