lib/msf/core/exploit/check_module.rb

# -*- coding: binary -*-

#
# This mixin implements an exploit's check method by invoking an aux module
#

module Msf
module Exploit::Remote::CheckModule

  def initialize(info = {})
    super

    register_advanced_options([
      OptString.new('CheckModule', [true, 'Module to check with'])
    ])
  end

  # When this mixin is included, this method becomes the exploit's check method
  #
  # @return [Msf::Exploit::CheckCode] Whether or not the target is vulnerable
  def check
    # Instantiate the module
    mod = framework.modules.create(check_module)

    # Bail if we couldn't
    unless mod
      return CheckCode::Unsupported("Could not instantiate #{check_module}")
    end

    # Bail if it isn't aux
    if mod.type != Msf::MODULE_AUX
      return CheckCode::Unsupported("#{check_module} is not an auxiliary module")
    end

    # Bail if run isn't defined
    unless mod.respond_to?(:run)
      return CheckCode::Unsupported("#{check_module} does not define a run method")
    end

    print_status("Using #{check_module} as check")

    # Retrieve the module's return value
    res = mod.run_simple(
      'LocalInput'  => user_input,
      'LocalOutput' => user_output,
      'Options'     => datastore # XXX: This clobbers the datastore!
    )

    # Ensure return value is a CheckCode
    case res
    when Exploit::CheckCode
      # Return the CheckCode
      res
    when Hash
      # XXX: Find CheckCode associated with RHOST, which is set automatically
      checkcode = res[datastore['RHOST']]

      # Bail if module doesn't return a CheckCode
      unless checkcode.kind_of?(Exploit::CheckCode)
        return Exploit::CheckCode::Unsupported("#{check_module} does not return a CheckCode")
      end

      # Return the CheckCode
      checkcode
    else
      # Bail if module doesn't return a CheckCode
      Exploit::CheckCode::Unsupported("#{check_module} does not return a CheckCode")
    end
  end

  def check_module
    datastore['CheckModule']
  end

end
end
Refactor CheckScanner to CheckModule 2019-10-30 22:16:51 -05:00			`# -- coding: binary --`

			`#`
			`# This mixin implements an exploit's check method by invoking an aux module`
			`#`

			`module Msf`
			`module Exploit::Remote::CheckModule`

			`def initialize(info = {})`
			`super`

			`register_advanced_options([`
			`OptString.new('CheckModule', [true, 'Module to check with'])`
			`])`
			`end`

			`# When this mixin is included, this method becomes the exploit's check method`
			`#`
			`# @return [Msf::Exploit::CheckCode] Whether or not the target is vulnerable`
			`def check`
			`# Instantiate the module`
			`mod = framework.modules.create(check_module)`

			`# Bail if we couldn't`
			`unless mod`
Add instantiation error to CheckCode 2019-12-16 13:32:56 -06:00			`return CheckCode::Unsupported("Could not instantiate #{check_module}")`
Refactor CheckScanner to CheckModule 2019-10-30 22:16:51 -05:00			`end`

Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`# Bail if it isn't aux`
			`if mod.type != Msf::MODULE_AUX`
			`return CheckCode::Unsupported("#{check_module} is not an auxiliary module")`
Refactor CheckScanner to CheckModule 2019-10-30 22:16:51 -05:00			`end`

Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`# Bail if run isn't defined`
			`unless mod.respond_to?(:run)`
			`return CheckCode::Unsupported("#{check_module} does not define a run method")`
Add only targeting options and validate datastore 2019-11-07 10:27:58 -06:00			`end`

Add print saying what module 2019-12-16 18:42:06 -06:00			`print_status("Using #{check_module} as check")`

Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`# Retrieve the module's return value`
Improve error handling 2019-12-16 18:56:58 -06:00			`res = mod.run_simple(`
Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`'LocalInput' => user_input,`
			`'LocalOutput' => user_output,`
Clobber datastore in CheckModule again! 2020-01-13 16:33:22 -06:00			`'Options' => datastore # XXX: This clobbers the datastore!`
Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`)`

			`# Ensure return value is a CheckCode`
Improve error handling 2019-12-16 18:56:58 -06:00			`case res`
Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`when Exploit::CheckCode`
			`# Return the CheckCode`
Improve error handling 2019-12-16 18:56:58 -06:00			`res`
Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`when Hash`
Improve error handling 2019-12-16 18:56:58 -06:00			`# XXX: Find CheckCode associated with RHOST, which is set automatically`
			`checkcode = res[datastore['RHOST']]`

			`# Bail if module doesn't return a CheckCode`
			`unless checkcode.kind_of?(Exploit::CheckCode)`
			`return Exploit::CheckCode::Unsupported("#{check_module} does not return a CheckCode")`
			`end`

			`# Return the CheckCode`
			`checkcode`
Complete refactor of CheckModule 2019-12-16 18:35:52 -06:00			`else`
			`# Bail if module doesn't return a CheckCode`
			`Exploit::CheckCode::Unsupported("#{check_module} does not return a CheckCode")`
Refactor CheckScanner to CheckModule 2019-10-30 22:16:51 -05:00			`end`
			`end`

			`def check_module`
			`datastore['CheckModule']`
			`end`

			`end`
			`end`