module Msf
module Ui
module Console
module CommandDispatcher

class Exploit

	include Msf::Ui::Console::ModuleCommandDispatcher

	@@exploit_opts = Rex::Parser::Arguments.new(
		"-e" => [ true,  "The payload encoder to use.  If none is specified, ENCODER is used." ],
		"-h" => [ false, "Help banner."                                                        ],
		"-n" => [ true,  "The NOP generator to use.  If none is specified, NOP is used."       ],
		"-o" => [ true,  "A comma separated list of options in VAR=VAL format."                ],
		"-p" => [ true,  "The payload to use.  If none is specified, PAYLOAD is used."         ],
		"-t" => [ true,  "The target index to use.  If none is specified, TARGET is used."     ],
		"-v" => [ false, "Enable verbose output."                                              ],
		"-z" => [ false, "Do not interact with the session after successful exploitation."     ])

	def commands
		{
			"check"   => "Check to see if a target is vulnerable",
			"exploit" => "Launch an exploit attempt",
		}
	end

	def name
		"Exploit"
	end

	#
	# Checks to see if a target is vulnerable
	#
	def cmd_check(*args)
		begin
			code = mod.check

			if (code)
				stat = '[*]'

				if (code == Msf::Exploit::CheckCode::Vulnerable)
					stat = '[+]'
				end
					
				print_line(stat + ' ' + code[1])
			else
				print_error(
					"Check failed: The state could not be determined.")
			end
		rescue
			log_error("Check failed: #{$!}.")
		end
	end

	#
	# Launches an exploitation attempt
	#
	def cmd_exploit(*args)
		opt_str = nil
		verbose = false
		payload = mod.datastore['PAYLOAD']
		encoder = mod.datastore['ENCODER']
		target  = mod.datastore['TARGET']
		nop     = mod.datastore['NOP']
		bg      = false

		@@exploit_opts.parse(args) { |opt, idx, val|
			case opt
				when '-e'
					encoder = val
				when '-n'
					nop = val
				when '-o'
					opt_str = val
				when '-p'
					payload = val
				when '-t'
					target = val.to_i
				when '-z'
					bg = true
				when '-v'
					verbose = true
				when '-h'
					print(
						"Usage: exploit [options]\n\n" +
						"Launches an exploitation attempt.\n" +
						@@exploit_opts.usage)
					return false
			end
		}

		if (verbose)
		end

		begin
			session = mod.exploit_simple(
				'Encoder'   => encoder,
				'Payload'   => payload,
				'Target'    => target,
				'Nop'       => nop,
				'OptionStr' => opt_str)
		rescue
			log_error("Exploit failed: #{$!}")
			return false
		end

		# If we were given a session, let's see what we can do with it
		if (session)
			# If we aren't told to run in the background and the session can be
			# interacted with, start interacting with it by issuing the session
			# interaction command.
			if (bg == false and session.interactive?)
				driver.run_single("session -q -i #{session.sid}")
			# Otherwise, log that we created a session
			else
				print_status("Session #{session.sid} created.")
			end
		else
			print_status("Exploit completed, no session was created.")
		end
	end

end

end end end end