From fc42fef94135767ccdbf4530d6f851899a887491 Mon Sep 17 00:00:00 2001
From: Matt Miller <mmiller@hick.org>
Date: Tue, 15 Nov 2005 21:25:23 +0000
Subject: [PATCH] exploits now pass context when creating sockets

git-svn-id: file:///home/svn/incoming/trunk@3034 4d416f70-5f16-0410-b530-b9f4589650da
---
 lib/msf/core/exploit/tcp.rb         |  7 +++-
 lib/msf/core/exploit_driver.rb      |  3 ++
 lib/msf/core/handler/bind_tcp.rb    |  8 ++++-
 lib/msf/core/handler/reverse_tcp.rb |  8 ++++-
 lib/msf/core/payload.rb             |  6 ++++
 lib/rex/socket/parameters.rb        | 52 ++++++++++++++++++++++++++++-
 6 files changed, 80 insertions(+), 4 deletions(-)

diff --git a/lib/msf/core/exploit/tcp.rb b/lib/msf/core/exploit/tcp.rb
index c533557680..bd3989480a 100644
--- a/lib/msf/core/exploit/tcp.rb
+++ b/lib/msf/core/exploit/tcp.rb
@@ -32,7 +32,12 @@ module Exploit::Remote::Tcp
 			'PeerPort'  => datastore['RPORT'].to_i,
 			'LocalHost' => datastore['CHOST'] || "0.0.0.0",
 			'LocalPort' => datastore['CPORT'] ? datastore['CPORT'].to_i : 0,
-			'SSL'       => datastore['SSL'])
+			'SSL'       => datastore['SSL'],
+			'Context'   =>
+				{
+					'Msf'        => framework,
+					'MsfExploit' => self
+				})
 
 		# Set this socket to the global socket as necessary
 		self.sock = nsock if (global)
diff --git a/lib/msf/core/exploit_driver.rb b/lib/msf/core/exploit_driver.rb
index dd788c0294..15db080ce9 100644
--- a/lib/msf/core/exploit_driver.rb
+++ b/lib/msf/core/exploit_driver.rb
@@ -82,6 +82,9 @@ class ExploitDriver
 				"Incompatible payload", caller
 		end
 
+		# Associate the payload instance with the exploit
+		payload.assoc_exploit = exploit
+
 		# Finally, validate options on the exploit module to ensure that things
 		# are ready to operate as they should.
 		exploit.options.validate(exploit.datastore)
diff --git a/lib/msf/core/handler/bind_tcp.rb b/lib/msf/core/handler/bind_tcp.rb
index a393c094f6..b72d915674 100644
--- a/lib/msf/core/handler/bind_tcp.rb
+++ b/lib/msf/core/handler/bind_tcp.rb
@@ -83,7 +83,13 @@ module BindTcp
 						client = Rex::Socket::Tcp.create(
 							'PeerHost' => datastore['RHOST'],
 							'PeerPort' => datastore['LPORT'].to_i,
-							'Comm'     => comm)
+							'Comm'     => comm,
+							'Context'  =>
+								{
+									'Msf'        => framework,
+									'MsfPayload' => self,
+									'MsfExploit' => assoc_exploit
+								})
 					rescue Rex::ConnectionRefused
 						# Connection refused is a-okay
 					rescue
diff --git a/lib/msf/core/handler/reverse_tcp.rb b/lib/msf/core/handler/reverse_tcp.rb
index 17ea9f4999..8b52401dd1 100644
--- a/lib/msf/core/handler/reverse_tcp.rb
+++ b/lib/msf/core/handler/reverse_tcp.rb
@@ -56,7 +56,13 @@ module ReverseTcp
 		self.listener_sock = Rex::Socket::TcpServer.create(
 			'LocalHost' => datastore['LHOST'],
 			'LocalPort' => datastore['LPORT'].to_i,
-			'Comm'      => comm)
+			'Comm'      => comm,
+			'Context'   =>
+				{
+					'Msf'        => framework,
+					'MsfPayload' => self,
+					'MsfExploit' => assoc_exploit
+				})
 	end
 
 	#
diff --git a/lib/msf/core/payload.rb b/lib/msf/core/payload.rb
index ddf9e99fb6..fc65aa522f 100644
--- a/lib/msf/core/payload.rb
+++ b/lib/msf/core/payload.rb
@@ -318,6 +318,12 @@ class Payload < Msf::Module
 	#
 	attr_accessor :prepend_encoder
 
+	#
+	# If this payload is associated with an exploit, the assoc_exploit
+	# attribute will point to that exploit instance.
+	#
+	attr_accessor :assoc_exploit
+
 protected
 
 	##
diff --git a/lib/rex/socket/parameters.rb b/lib/rex/socket/parameters.rb
index 237a2df512..adf1b977f5 100644
--- a/lib/rex/socket/parameters.rb
+++ b/lib/rex/socket/parameters.rb
@@ -28,7 +28,50 @@ class Rex::Socket::Parameters
 	##
 
 	#
-	# Initializes the attributes from the supplied hash.
+	# Initializes the attributes from the supplied hash.  The following hash
+	# keys can be specified.
+	#
+	# PeerHost / PeerAddr
+	#
+	# 	The remote host to connect to.
+	#
+	# PeerPort
+	#
+	# 	The remote port to connect to.
+	#
+	# LocalHost / LocalAddr
+	#
+	# 	The local host to communicate from, if any.
+	#
+	# LocalPort
+	#
+	# 	The local port to communicate from, if any.
+	#
+	# Bare
+	#
+	# 	Create a bare socket.
+	#
+	# Server
+	#
+	# 	Whether or not this should be a server.
+	#
+	# SSL
+	#
+	# 	Whether or not SSL should be used.
+	#
+	# Comm
+	#
+	# 	The underlying Comm class to use to create the socket for this parameter
+	# 	set.
+	#
+	# Context
+	#
+	# 	A context hash that can allow users of this parameter class instance to
+	# 	determine who is responsible for requesting that a socket be created.
+	#
+	# Retries
+	#
+	# 	The number of times a connection should be retryed.
 	#
 	def initialize(hash)
 		if (hash['PeerHost'])
@@ -84,6 +127,9 @@ class Rex::Socket::Parameters
 		# The communication subsystem to use to create the socket
 		self.comm      = hash['Comm']
 
+		# The context that was passed in, if any.
+		self.context   = hash['Context'] || {}
+
 		# If no comm was supplied, try to use the comm that is best fit to
 		# handle the provided host based on the current routing table.
 		if (self.comm == nil and hash['PeerHost'])
@@ -184,6 +230,10 @@ class Rex::Socket::Parameters
 	#
 	attr_accessor :comm
 	#
+	# The context hash that was passed in to the structure.
+	#
+	attr_accessor :context
+	#
 	# The number of attempts that should be made.
 	#
 	attr_accessor :retries