module Msf ### # # This module provides methods for communicating with a host over UDP # ### module Exploit::Remote::Udp # # Initializes an instance of an exploit module that exploits a # vulnerability in a UDP service # def initialize(info = {}) super register_options( [ Opt::RHOST, Opt::RPORT, ], Msf::Exploit::Remote::Udp) register_advanced_options( [ Opt::CPORT, Opt::CHOST ], Msf::Exploit::Remote::Tcp ) end # # Creates a UDP socket for communicating with a remote host # def connect_udp(global = true) nsock = Rex::Socket::Udp.create( 'PeerHost' => rhost, 'PeerPort' => rport.to_i, 'LocalHost' => chost || "0.0.0.0", 'LocalPort' => cport ? cport.to_i : 0, 'Context' => { 'Msf' => framework, 'MsfExploit' => self, }) # Set this socket to the global socket as necessary self.udp_sock = nsock if (global) # Add this socket to the list of sockets created by this exploit sockets << nsock return nsock end # # Closes the UDP socket # def disconnect_udp(nsock = self.udp_sock) begin if (nsock) nsock.shutdown nsock.close end rescue IOError end if (nsock == udp_sock) self.udp_sock = nil end # Remove this socket from the list of sockets created by this exploit sockets.delete(nsock) end # # Performs cleanup, disconnects the socket if necessary # def cleanup super disconnect_udp end ## # # Wrappers for getters # ## # # Returns the target host # def rhost datastore['RHOST'] end # # Returns the remote port # def rport datastore['RPORT'] end # # Returns the local host # def lhost datastore['LHOST'] end # # Returns the local port # def lport datastore['LPORT'] end # # Returns the local host for outgoing connections # def chost datastore['CHOST'] end # # Returns the local port for outgoing connections # def cport datastore['CPORT'] end protected attr_accessor :udp_sock end end