infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changed up the way mixins are handled, all exploits just require 'msf/core' and 

all current mixins will be loaded. Egghunter was moved to a mixin and generates
based on target arch and platform.


git-svn-id: file:///home/svn/incoming/trunk@3111 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2005-11-26 00:04:26 +00:00
parent c22ba98ad6
commit fb8b56f55f
20 changed files with 57 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/msf/core/constants.rb
View File

@ -7,23 +7,6 @@
module Msf
#
# Architecture constants
#
ARCH_ANY = '_any_'
ARCH_X86 = 'x86'
ARCH_MIPS = 'mips'
ARCH_PPC = 'ppc'
ARCH_SPARC = 'sparc'
ARCH_TYPES =
[
ARCH_X86,
ARCH_MIPS,
ARCH_PPC,
ARCH_SPARC
]
ARCH_ALL = ARCH_TYPES
#
# Module types
#

21
lib/msf/core/exploit.rb
View File

@ -193,11 +193,24 @@ class Exploit < Msf::Module
end
require 'msf/core/exploit/brute'
require 'msf/core/exploit/tcp'
require 'msf/core/exploit/dcerpc'
require 'msf/core/exploit/smb'
#
# All exploit mixins should be added to the list below
#
# Behavior
require 'msf/core/exploit/brute'
# Payload
require 'msf/core/exploit/egghunter'
require 'msf/core/exploit/seh'
# Protocol
require 'msf/core/exploit/tcp'
require 'msf/core/exploit/smb'
require 'msf/core/exploit/ftp'
require 'msf/core/exploit/http'
require 'msf/core/exploit/dcerpc'
#
# Creates an instance of the exploit module. Mad skillz.
#

3
lib/rex/arch.rb
View File

@ -10,6 +10,9 @@ module Rex
###
module Arch
#
# Architecture classes
#
require 'rex/arch/x86'
require 'rex/arch/sparc'

16
lib/rex/constants.rb
View File

@ -60,3 +60,19 @@ LEV_2 = 2
LEV_3 = 3
#
# Architecture constants
#
ARCH_ANY = '_any_'
ARCH_X86 = 'x86'
ARCH_MIPS = 'mips'
ARCH_PPC = 'ppc'
ARCH_SPARC = 'sparc'
ARCH_TYPES =
[
ARCH_X86,
ARCH_MIPS,
ARCH_PPC,
ARCH_SPARC
]
ARCH_ALL = ARCH_TYPES

3
lib/rex/exploitation/egghunter.rb
View File

@ -1,4 +1,5 @@
require 'rex/text'
require 'rex/arch'
module Rex
module Exploitation
@ -23,7 +24,7 @@ class Egghunter
Alias = "win"
module X86
Alias = "x86"
Alias = ARCH_X86
#
# The egg hunter stub for win/x86.

2
lib/rex/exploitation/egghunter.rb.ut.rb
View File

@ -16,7 +16,7 @@ class Rex::Exploitation::Egghunter::UnitTest < Test::Unit::TestCase
r = Klass.new('win')
assert_nil(r.generate)
r = Klass.new('win', 'x86')
r = Klass.new('win', Rex::Arch::ARCH_X86)
assert_not_nil(r.generate)
assert_not_nil(r.generate[0])
assert_not_nil(r.generate[1])

1
modules/exploits/osx/afp/afp_loginext.rb
View File

@ -1,3 +1,4 @@
require 'msf/core'
module Msf

2
modules/exploits/osx/ftp/webstar_ftp_user.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

3
modules/exploits/windows/aim_goaway.rb
View File

@ -1,5 +1,4 @@
require 'msf/core/exploit/seh'
require 'msf/core/exploit/http'
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/3cdaemon_ftp_user.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/freeftpd_user.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

1
modules/exploits/windows/ftp/globalscapeftp_input.rb
View File

@ -1,4 +1,3 @@
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/netterm_netftpd_user.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/oracle9i_xdb_ftp_unlock.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

5
modules/exploits/windows/ftp/servu_mdtm.rb
View File

@ -1,10 +1,11 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf
class Exploits::Windows::Ftp::ServUMDTMOverflow < Msf::Exploit::Remote
include Exploit::Remote::Ftp
include Exploit::Remote::Egghunter
def initialize(info = {})
super(update_info(info,
@ -126,6 +127,8 @@ class Exploits::Windows::Ftp::ServUMDTMOverflow < Msf::Exploit::Remote
end
def exploit
p generate_egghunter
connect_login
print_status("Trying target #{target.name}...")

2
modules/exploits/windows/ftp/slimftpd_list_concat.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/warftpd_165_user.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

2
modules/exploits/windows/ftp/wsftp_server_503_mkd.rb
View File

@ -1,4 +1,4 @@
require 'msf/core/exploit/ftp'
require 'msf/core'
module Msf

9
modules/exploits/windows/ms03_020_ie_objecttype.rb
View File

@ -1,14 +1,11 @@
require 'rex/exploitation/egghunter'
require 'msf/core/exploit/http'
require 'msf/core'
module Msf
class Exploits::Windows::MS03_020_Ie_ObjectType < Msf::Exploit::Remote
#
# This module acts as an HTTP server
#
include Exploit::Remote::HttpServer
include Exploit::Remote::Egghunter
def initialize(info = {})
super(update_info(info,
@ -78,7 +75,7 @@ class Exploits::Windows::MS03_020_Ie_ObjectType < Msf::Exploit::Remote
# Pack the values
ret = [ ret ].pack('V')
clean = [ clean ].pack('V')
hunter = Rex::Exploitation::Egghunter.new('win', 'x86').generate(payload_badchars)
hunter = generate_egghunter()
egg = hunter[1]
# Now, build out the HTTP response payload