This adds named parameters for all of the current array-index based
options. It also allows specifying the description as the 2nd parameter,
allowing the 'required' parameter to be implicitly false (the most
common value).
A simple parameter like:
OptAddress.new('ReverseListenerBindAddress',
[false, 'The specific IP address to bind to on the local system']),
Can now be rewritten as:
OptAddress.new('ReverseListenerBindAddress',
'The specific IP address to bind to on the local system'),
More complex options are also now easier to read:
OptString.new(
'HttpUserAgent',
'The user-agent that the payload should use',
default: Rex::UserAgent.shortest,
aliases: ['MeterpreterUserAgent']
),
This also makes dealing with enums easier because default is implicit
unless specified. This:
OptEnum.new('PayloadProxyType',
[true, 'The proxy type, HTTP or SOCKS', 'HTTP', ['HTTP', 'SOCKS']]),
Becomes:
OptEnum.new('HttpProxyType',
'The proxy type, HTTP or SOCKS', required: true, enums: ['HTTP', 'SOCKS'])
This maintains full backward compatibility with existing code as well.
Changes from a "hope we get at most one message at a time" model to
something beginning to resemble a state machine. Also logs error output
and fails the MSF module when the external module fails.
The HTTP client mixin provides a #send_request_cgi method which
forcibly disconnects the client after receiving a response. This
terminates certain types of resulting sessions which depend on the
connection from the client to maintain a subprocess housing the
shell invocation.
Provide a disconnect boolean option to #send_request_cgi which
is checked in the disconnect(c) call after receiving the response.
Testing:
Locally tested on in-house exploit module written for disclosure
report.
TODO:
Discuss possibility of implementing fully asynchronous methods
like #send_request_cgi_async which won't bother getting a response
for cases such as the module mentioned above which is a command
injection via unfiltered POST var.
ftp.rb was doing a shutdown without a close on data
(not command) sockets. This can cause CLOSE_WAIT
for extended periods in certain circumstances-ending
only when msf itself is closed.
Brent Cook