Kill defanged mode

external/zsh/_msfconsole

@@ -23,7 +23,6 @@
 _arguments \
   {-a,--ask}"[Ask before exiting Metasploit or accept 'exit -y']" \
   "-c[Load the specified configuration file]:configuration file:_files" \
-  {-d,--defanged}"[Execute the console as defanged]" \
   {-E,--environment}"[Specify the database environment to load from the configuration]:environment:(production development)" \
   {-h,--help}"[Show help text]" \
   {-L,--real-readline}"[Use the system Readline library instead of RbReadline]" \

lib/metasploit/framework/command/console.rb

@@ -80,7 +80,6 @@ class Metasploit::Framework::Command::Console < Metasploit::Framework::Command::
       driver_options['DatabaseMigrationPaths'] = options.database.migrations_paths
       driver_options['DatabaseYAML'] = options.database.config
       driver_options['DeferModuleLoads'] = options.modules.defer_loads
-      driver_options['Defanged'] = options.console.defanged
       driver_options['DisableBanner'] = options.console.quiet
       driver_options['DisableDatabase'] = options.database.disable
       driver_options['LocalOutput'] = options.console.local_output

lib/metasploit/framework/parsed_options/console.rb

@@ -10,7 +10,6 @@ class Metasploit::Framework::ParsedOptions::Console < Metasploit::Framework::Par
 
         options.console.commands = []
         options.console.confirm_exit = false
-        options.console.defanged = false
         options.console.local_output = nil
         options.console.plugins = []
         options.console.quiet = false
@@ -40,10 +39,6 @@ class Metasploit::Framework::ParsedOptions::Console < Metasploit::Framework::Par
           options.console.confirm_exit = true
         end
 
-        option_parser.on('-d', '--defanged', 'Execute the console as defanged') do
-          options.console.defanged = true
-        end
-
         option_parser.on('-L', '--real-readline', 'Use the system Readline library instead of RbReadline') do
           options.console.real_readline = true
         end

lib/msf/ui/console/command_dispatcher.rb

@@ -60,12 +60,6 @@ module CommandDispatcher
   def active_session=(mod)
     driver.active_session = mod
   end
-  #
-  # Checks to see if the driver is defanged.
-  #
-  def defanged?
-    driver.defanged?
-  end
 
   #
   # Logs an error message to the screen and the log file.  The callstack is

lib/msf/ui/console/command_dispatcher/auxiliary.rb

@@ -72,8 +72,6 @@ class Auxiliary
   # Executes an auxiliary module
   #
   def cmd_run(*args)
-    defanged?
-
     opt_str = nil
     action  = mod.datastore['ACTION']
     jobify  = false

lib/msf/ui/console/command_dispatcher/core.rb

@@ -95,10 +95,6 @@ class Core
     "-h" => [ false, "Help banner."                                   ],
     "-e" => [ true,  "Expression to evaluate."                        ])
 
-  # The list of data store elements that cannot be set when in defanged
-  # mode.
-  DefangedProhibitedDataStoreElements = [ "MsfModulePaths" ]
-
   # Constant for disclosure date formatting in search functions
   DISCLOSURE_DATE_FORMAT = "%Y-%m-%d"
 
@@ -868,8 +864,6 @@ class Core
   # Goes into IRB scripting mode
   #
   def cmd_irb(*args)
-    defanged?
-
     expressions = []
 
     # Parse the command options
@@ -1218,8 +1212,6 @@ class Core
   # the framework root plugin directory is used.
   #
   def cmd_load(*args)
-    defanged?
-
     if (args.length == 0)
       cmd_load_help
       return false
@@ -1476,8 +1468,6 @@ class Core
   # restarts of the console.
   #
   def cmd_save(*args)
-    defanged?
-
     # Save the console config
     driver.save_config
 
@@ -1508,8 +1498,6 @@ class Core
   # Adds one or more search paths.
   #
   def cmd_loadpath(*args)
-    defanged?
-
     if (args.length == 0 or args.include? "-h")
       cmd_loadpath_help
       return true
@@ -2166,12 +2154,6 @@ class Core
       @cache_payloads = nil
     end
 
-    # Security check -- make sure the data store element they are setting
-    # is not prohibited
-    if global and DefangedProhibitedDataStoreElements.include?(name)
-      defanged?
-    end
-
     # If the driver indicates that the value is not valid, bust out.
     if (driver.on_variable_set(global, name, value) == false)
       print_error("The value specified for #{name} is not valid.")

lib/msf/ui/console/command_dispatcher/exploit.rb

@@ -49,8 +49,6 @@ class Exploit
   # Launches an exploitation attempt.
   #
   def cmd_exploit(*args)
-    defanged?
-
     opt_str = nil
     payload = mod.datastore['PAYLOAD']
     encoder = mod.datastore['ENCODER']

lib/msf/ui/console/command_dispatcher/post.rb

@@ -78,8 +78,6 @@ class Post
   # Executes an auxiliary module
   #
   def cmd_run(*args)
-    defanged?
-
     opt_str = nil
     jobify  = false
     quiet   = false

lib/msf/ui/console/driver.rb

@@ -144,14 +144,6 @@ class Driver < Msf::Ui::Driver
     # Whether or not to confirm before exiting
     self.confirm_exit = opts['ConfirmExit']
 
-    # Disables "dangerous" functionality of the console
-    @defanged = opts['Defanged']
-
-    # If we're defanged, then command passthru should be disabled
-    if @defanged
-      self.command_passthru = false
-    end
-
     # Parse any specified database.yml file
     if framework.db.usable and not opts['SkipDatabaseInit']
 
@@ -630,17 +622,6 @@ class Driver < Msf::Ui::Driver
   #
   attr_accessor :active_resource
 
-  #
-  # If defanged is true, dangerous functionality, such as exploitation, irb,
-  # and command shell passthru is disabled.  In this case, an exception is
-  # raised.
-  #
-  def defanged?
-    if @defanged
-      raise DefangedException
-    end
-  end
-
   def stop
     framework.events.on_ui_stop()
     super
@@ -769,17 +750,6 @@ protected
   end
 end
 
-#
-# This exception is used to indicate that functionality is disabled due to
-# defanged being true
-#
-class DefangedException < ::Exception
-  def to_s
-    "This functionality is currently disabled (defanged mode)"
-  end
-end
-
-
 end
 end
 end

lib/msf/ui/console/module_command_dispatcher.rb

@@ -122,8 +122,6 @@ module ModuleCommandDispatcher
   # Checks to see if a target is vulnerable.
   #
   def cmd_check(*args)
-    defanged?
-
     ip_range_arg = args.shift || mod.datastore['RHOSTS'] || framework.datastore['RHOSTS'] || ''
     opt = Msf::OptAddressRange.new('RHOSTS')
 
@@ -176,7 +174,7 @@ module ModuleCommandDispatcher
 
   def check_simple(instance=nil)
     unless instance
-      instance = mod 
+      instance = mod
     end
 
     rhost = instance.datastore['RHOST']