Brent Cook
e25525b4a7
file:/ strings are special with some datastore options, causing them to read a file rather than emitting the exact string. This causes a couple of problems. 1. the valid? check needs to be special on assignment, since normalization really means normalizing the path, not playing with the value as we would do for other types 2. there are races or simply out-of-order assignments when running commands like 'services -p 80 -R', where the datastore option is assigned before the file is actually written. This is the 'easy' fix of disabling assignment validation (which we didn't have before anyway) for types that can expect a file:/ prefix.
49 lines
1.1 KiB
Ruby
49 lines
1.1 KiB
Ruby
# -*- coding: binary -*-
|
|
|
|
module Msf
|
|
|
|
###
|
|
#
|
|
# File system path option.
|
|
#
|
|
###
|
|
class OptPath < OptBase
|
|
def type
|
|
return 'path'
|
|
end
|
|
|
|
def validate_on_assignment?
|
|
false
|
|
end
|
|
|
|
# Generally, 'value' should be a file that exists.
|
|
def valid?(value)
|
|
return false if empty_required_value?(value)
|
|
if value and !value.empty?
|
|
if value =~ /^memory:\s*([0-9]+)/i
|
|
return false unless check_memory_location($1)
|
|
else
|
|
unless File.exists?(value)
|
|
return false
|
|
end
|
|
end
|
|
end
|
|
return super
|
|
end
|
|
|
|
# The AuthBrute mixin can take a memory address as well --
|
|
# currently, no other OptFile can make use of these objects.
|
|
# TODO: Implement memory:xxx to be more generally useful so
|
|
# the validator on OptFile isn't lying for non-AuthBrute.
|
|
def check_memory_location(id)
|
|
return false unless self.class.const_defined?(:ObjectSpace)
|
|
obj = ObjectSpace._id2ref(id.to_i) rescue nil
|
|
return false unless obj.respond_to? :acts_as_file?
|
|
return false unless obj.acts_as_file? # redundant?
|
|
return !!obj
|
|
end
|
|
|
|
end
|
|
|
|
end
|