Joshua Drake
14e147c931
git-svn-id: file:///home/svn/framework3/trunk@11093 4d416f70-5f16-0410-b530-b9f4589650da
53 lines
1018 B
Ruby
53 lines
1018 B
Ruby
module Msf
|
|
module Exploit::RServices
|
|
|
|
def initialize(info = {})
|
|
super
|
|
|
|
register_options(
|
|
[
|
|
OptString.new('LOCALUSER', [ false, 'The remote username to test' ]),
|
|
], Msf::Exploit::RServices
|
|
)
|
|
end
|
|
|
|
def connect_from_privileged_port(start_port = 1023)
|
|
cport = start_port
|
|
while cport > 512
|
|
#vprint_status("Trying to connect from port #{cport} ...")
|
|
sd = nil
|
|
begin
|
|
sd = connect(true, { 'CPORT' => cport })
|
|
|
|
#
|
|
# XXX: This is NOT optimal. Unfortunately, unreachable hosts will be
|
|
# retried around 512 times :-/ Ticket #3206 tracks this.
|
|
#
|
|
rescue Rex::HostUnreachable
|
|
# Ignore and try again
|
|
|
|
rescue Rex::AddressInUse
|
|
# Ignore and try again
|
|
|
|
rescue Rex::ConnectionError
|
|
vprint_error("Unable to connect: #{$!}")
|
|
return false
|
|
|
|
end
|
|
|
|
break if sd
|
|
cport -= 1
|
|
end
|
|
|
|
if not sock
|
|
print_error("#{target_host}:#{rport} - Unable to bind to privileged port")
|
|
return false
|
|
end
|
|
|
|
#vprint_status("Connected from #{cport}")
|
|
return true
|
|
end
|
|
|
|
end
|
|
end
|