Such as vim -i NONE. This may allow command injection via arguments.
However, you can already start an arbitrary program by setting
LocalEditor or escaping the editor.
msf > setg LocalEditor /bin/sh
LocalEditor => /bin/sh
msf > edit -i
[*] Launching /bin/sh -i
$
We use active_module instead of cmd_use to invalidate @cache_payloads,
since the ivar is no longer shared between cmd_set and cmd_use.
Fixes#8483. See #7655.
The -S flag for console commands, backed by search functionality
in Rex' tables, originally pushed upstream in #1604 (iirc), lacks
coverage for a number of commands which benefit a good deal from
inline filtering of the potentially large number of results.
Push more -S flags and surrounding table functionality upstream
to provide coverage for the console commands included in framework.
Include a fix for deleting hosts when DB references are a problem.
Include a fix for the upstream route command wherein scope must be
defined for the routing target by assuming a /32 without explicit
definition.
Note:
With this in place, console behavior when filtering results is
roughly analagous to the R7 filtering in web UI, which should help
those of us trying to use both maintain corresponding workflows.
Testing:
Used in-house for years, though changes to the diff from upstream
and our fork (expunging some internal code) are untested, so would
appreciate eyes and hands on.
this moves the following methods into common
arg_host_range ( used in creds and db )
arg_port_range ( used in creds and db )
set_rhosts_from_addrs ( used in creds and db )
show_options ( used in jobs and modules )
msf > use auxiliary/admin/http/nuuo_nvrmini_reset
msf auxiliary(nuuo_nvrmini_reset) > show
show actions show all show encoders show exploits show missing show options show plugins show targets
show advanced show auxiliary show evasion show info show nops show payloads show post
Matthew Kienow