From f1857d63504c0964d50f25c72a4be9dab58b7be9 Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 28 Mar 2016 09:02:07 -0500 Subject: [PATCH] Kill defanged mode --- external/zsh/_msfconsole | 1 - lib/metasploit/framework/command/console.rb | 1 - .../framework/parsed_options/console.rb | 5 ---- lib/msf/ui/console/command_dispatcher.rb | 6 ---- .../console/command_dispatcher/auxiliary.rb | 2 -- lib/msf/ui/console/command_dispatcher/core.rb | 18 ----------- .../ui/console/command_dispatcher/exploit.rb | 2 -- lib/msf/ui/console/command_dispatcher/post.rb | 2 -- lib/msf/ui/console/driver.rb | 30 ------------------- .../ui/console/module_command_dispatcher.rb | 4 +-- 10 files changed, 1 insertion(+), 70 deletions(-) diff --git a/external/zsh/_msfconsole b/external/zsh/_msfconsole index 1a012fb62c..6cf529e91b 100644 --- a/external/zsh/_msfconsole +++ b/external/zsh/_msfconsole @@ -23,7 +23,6 @@ _arguments \ {-a,--ask}"[Ask before exiting Metasploit or accept 'exit -y']" \ "-c[Load the specified configuration file]:configuration file:_files" \ - {-d,--defanged}"[Execute the console as defanged]" \ {-E,--environment}"[Specify the database environment to load from the configuration]:environment:(production development)" \ {-h,--help}"[Show help text]" \ {-L,--real-readline}"[Use the system Readline library instead of RbReadline]" \ diff --git a/lib/metasploit/framework/command/console.rb b/lib/metasploit/framework/command/console.rb index 797d8dcdc0..cc28346152 100644 --- a/lib/metasploit/framework/command/console.rb +++ b/lib/metasploit/framework/command/console.rb @@ -80,7 +80,6 @@ class Metasploit::Framework::Command::Console < Metasploit::Framework::Command:: driver_options['DatabaseMigrationPaths'] = options.database.migrations_paths driver_options['DatabaseYAML'] = options.database.config driver_options['DeferModuleLoads'] = options.modules.defer_loads - driver_options['Defanged'] = options.console.defanged driver_options['DisableBanner'] = options.console.quiet driver_options['DisableDatabase'] = options.database.disable driver_options['LocalOutput'] = options.console.local_output diff --git a/lib/metasploit/framework/parsed_options/console.rb b/lib/metasploit/framework/parsed_options/console.rb index 66052a00d6..0789cf06ae 100644 --- a/lib/metasploit/framework/parsed_options/console.rb +++ b/lib/metasploit/framework/parsed_options/console.rb @@ -10,7 +10,6 @@ class Metasploit::Framework::ParsedOptions::Console < Metasploit::Framework::Par options.console.commands = [] options.console.confirm_exit = false - options.console.defanged = false options.console.local_output = nil options.console.plugins = [] options.console.quiet = false @@ -40,10 +39,6 @@ class Metasploit::Framework::ParsedOptions::Console < Metasploit::Framework::Par options.console.confirm_exit = true end - option_parser.on('-d', '--defanged', 'Execute the console as defanged') do - options.console.defanged = true - end - option_parser.on('-L', '--real-readline', 'Use the system Readline library instead of RbReadline') do options.console.real_readline = true end diff --git a/lib/msf/ui/console/command_dispatcher.rb b/lib/msf/ui/console/command_dispatcher.rb index c8bcd12e52..0d3155c755 100644 --- a/lib/msf/ui/console/command_dispatcher.rb +++ b/lib/msf/ui/console/command_dispatcher.rb @@ -60,12 +60,6 @@ module CommandDispatcher def active_session=(mod) driver.active_session = mod end - # - # Checks to see if the driver is defanged. - # - def defanged? - driver.defanged? - end # # Logs an error message to the screen and the log file. The callstack is diff --git a/lib/msf/ui/console/command_dispatcher/auxiliary.rb b/lib/msf/ui/console/command_dispatcher/auxiliary.rb index b667c6367c..19bf3fb964 100644 --- a/lib/msf/ui/console/command_dispatcher/auxiliary.rb +++ b/lib/msf/ui/console/command_dispatcher/auxiliary.rb @@ -72,8 +72,6 @@ class Auxiliary # Executes an auxiliary module # def cmd_run(*args) - defanged? - opt_str = nil action = mod.datastore['ACTION'] jobify = false diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index c619956d06..a586a87d2b 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -95,10 +95,6 @@ class Core "-h" => [ false, "Help banner." ], "-e" => [ true, "Expression to evaluate." ]) - # The list of data store elements that cannot be set when in defanged - # mode. - DefangedProhibitedDataStoreElements = [ "MsfModulePaths" ] - # Constant for disclosure date formatting in search functions DISCLOSURE_DATE_FORMAT = "%Y-%m-%d" @@ -868,8 +864,6 @@ class Core # Goes into IRB scripting mode # def cmd_irb(*args) - defanged? - expressions = [] # Parse the command options @@ -1218,8 +1212,6 @@ class Core # the framework root plugin directory is used. # def cmd_load(*args) - defanged? - if (args.length == 0) cmd_load_help return false @@ -1476,8 +1468,6 @@ class Core # restarts of the console. # def cmd_save(*args) - defanged? - # Save the console config driver.save_config @@ -1508,8 +1498,6 @@ class Core # Adds one or more search paths. # def cmd_loadpath(*args) - defanged? - if (args.length == 0 or args.include? "-h") cmd_loadpath_help return true @@ -2166,12 +2154,6 @@ class Core @cache_payloads = nil end - # Security check -- make sure the data store element they are setting - # is not prohibited - if global and DefangedProhibitedDataStoreElements.include?(name) - defanged? - end - # If the driver indicates that the value is not valid, bust out. if (driver.on_variable_set(global, name, value) == false) print_error("The value specified for #{name} is not valid.") diff --git a/lib/msf/ui/console/command_dispatcher/exploit.rb b/lib/msf/ui/console/command_dispatcher/exploit.rb index fac610ed38..7d73935782 100644 --- a/lib/msf/ui/console/command_dispatcher/exploit.rb +++ b/lib/msf/ui/console/command_dispatcher/exploit.rb @@ -49,8 +49,6 @@ class Exploit # Launches an exploitation attempt. # def cmd_exploit(*args) - defanged? - opt_str = nil payload = mod.datastore['PAYLOAD'] encoder = mod.datastore['ENCODER'] diff --git a/lib/msf/ui/console/command_dispatcher/post.rb b/lib/msf/ui/console/command_dispatcher/post.rb index 8ea990a66d..7b64a01098 100644 --- a/lib/msf/ui/console/command_dispatcher/post.rb +++ b/lib/msf/ui/console/command_dispatcher/post.rb @@ -78,8 +78,6 @@ class Post # Executes an auxiliary module # def cmd_run(*args) - defanged? - opt_str = nil jobify = false quiet = false diff --git a/lib/msf/ui/console/driver.rb b/lib/msf/ui/console/driver.rb index e73eb55724..5e2222a168 100644 --- a/lib/msf/ui/console/driver.rb +++ b/lib/msf/ui/console/driver.rb @@ -144,14 +144,6 @@ class Driver < Msf::Ui::Driver # Whether or not to confirm before exiting self.confirm_exit = opts['ConfirmExit'] - # Disables "dangerous" functionality of the console - @defanged = opts['Defanged'] - - # If we're defanged, then command passthru should be disabled - if @defanged - self.command_passthru = false - end - # Parse any specified database.yml file if framework.db.usable and not opts['SkipDatabaseInit'] @@ -630,17 +622,6 @@ class Driver < Msf::Ui::Driver # attr_accessor :active_resource - # - # If defanged is true, dangerous functionality, such as exploitation, irb, - # and command shell passthru is disabled. In this case, an exception is - # raised. - # - def defanged? - if @defanged - raise DefangedException - end - end - def stop framework.events.on_ui_stop() super @@ -769,17 +750,6 @@ protected end end -# -# This exception is used to indicate that functionality is disabled due to -# defanged being true -# -class DefangedException < ::Exception - def to_s - "This functionality is currently disabled (defanged mode)" - end -end - - end end end diff --git a/lib/msf/ui/console/module_command_dispatcher.rb b/lib/msf/ui/console/module_command_dispatcher.rb index a78b6f8107..12fe0fcae2 100644 --- a/lib/msf/ui/console/module_command_dispatcher.rb +++ b/lib/msf/ui/console/module_command_dispatcher.rb @@ -122,8 +122,6 @@ module ModuleCommandDispatcher # Checks to see if a target is vulnerable. # def cmd_check(*args) - defanged? - ip_range_arg = args.shift || mod.datastore['RHOSTS'] || framework.datastore['RHOSTS'] || '' opt = Msf::OptAddressRange.new('RHOSTS') @@ -176,7 +174,7 @@ module ModuleCommandDispatcher def check_simple(instance=nil) unless instance - instance = mod + instance = mod end rhost = instance.datastore['RHOST']