comfusion
/
metasploit-framework
mirror of https://github.com/rapid7/metasploit-framework
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 319 Wiki Activity
Mirror of metasploit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39152 Commits
7 Branches
Tree: eb73a6914d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'eb73a6914d'
${ noResults }
metasploit-framework/lib/msf/core/exploit/ip.rb

ip.rb 2.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. # -*- coding: binary -*-

  2. module Msf

  3. 

  4. ###

  5. #

  6. # This module provides methods for communicating with a host over raw IP

  7. #

  8. ###

  9. module Exploit::Remote::Ip

  10. 

  11.   #

  12.   # Initializes an instance of an exploit module that sends

  13.   # raw IP datagrams.

  14.   #

  15.   def initialize(info = {})

  16.     super

  17. 

  18.     register_options(

  19.       [

  20.         Opt::RHOST,

  21.       ], Msf::Exploit::Remote::Ip)

  22.   end

  23. 

  24.   #

  25.   # Creates an IP socket for communicating with a remote host

  26.   #

  27.   def connect_ip(global = true, opts={})

  28. 

  29.     begin

  30.       nsock = Rex::Socket::Ip.create(

  31.         'Context'   =>

  32.           {

  33.             'Msf'        => framework,

  34.             'MsfExploit' => self,

  35.           })

  36. 

  37.       # Set this socket to the global socket as necessary

  38.       self.ip_sock = nsock if (global)

  39. 

  40.       # Add this socket to the list of sockets created by this exploit

  41.       add_socket(nsock)

  42. 

  43.       return nsock

  44.     rescue ::Exception => e

  45.       print_line(" ")

  46.       print_error(

  47.         "This module is configured to use a raw IP socket. " +

  48.         "On Unix systems, only the root user is allowed to create raw sockets. " +

  49.         "Please run the framework as root to use this module."

  50.       )

  51.       print_line(" ")

  52.       nil

  53.     end

  54.   end

  55. 

  56.   #

  57.   # Closes the IP socket

  58.   #

  59.   def disconnect_ip(nsock = self.ip_sock)

  60.     begin

  61.       if (nsock)

  62.         nsock.close

  63.       end

  64.     rescue IOError

  65.     end

  66. 

  67.     if (nsock == ip_sock)

  68.       self.ip_sock = nil

  69.     end

  70. 

  71.     # Remove this socket from the list of sockets created by this exploit

  72.     remove_socket(nsock)

  73.   end

  74. 

  75.   #

  76.   # Claims the IP socket if the payload so desires.

  77.   # No exploits use raw socket payloads yet...

  78.   #

  79.   def handler(nsock = self.ip_sock)

  80.     true

  81.   end

  82. 

  83.   #

  84.   # Performs cleanup, closes the socket if necessary

  85.   #

  86.   def cleanup

  87.     super

  88.     disconnect_ip

  89.   end

  90. 

  91.   #

  92.   # Sends a datagram to the host specified in RHOST

  93.   #

  94.   def ip_write(dgram)

  95.     return nil if not ip_sock

  96.     ip_sock.sendto(dgram, rhost)

  97.   end

  98. 

  99.   ##

  100.   #

  101.   # Wrappers for getters

  102.   #

  103.   ##

  104. 

  105.   #

  106.   # Returns the target host

  107.   #

  108.   def rhost

  109.     datastore['RHOST']

  110.   end

  111. 

  112. 

  113. protected

  114. 

  115.   attr_accessor :ip_sock

  116. 

  117. end

  118. end