adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Instead of raising, offer advice on BPF filtering

Browse Source 
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
This commit is contained in:
Tod Beardsley
2012-12-27 15:18:18 -06:00
parent c6533621a0
commit c2586d0907
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/auxiliary/server/icmp_exfil.rb
+4 -1
View File
@@ -127,7 +127,10 @@ class Metasploit3 < Msf::Auxiliary
# -(Windows) netsh firewall set opmode mode = ENABLE
if packet.icmp_type == 0 and packet.icmp_code == 0 and packet.ip_saddr == @iface_ip
raise RuntimeError , "Dectected ICMP echo response. Disable OS ICMP handling!"
print_error "Dectected ICMP echo response. You must either disable ICMP handling"
print_error "or try a more restrictive BPF filter. You might try:"
print_error " set BPF_FILTER icmp and not src #{datastore['LOCALIP']}"
return
end
if @record