Mirror of metasploit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

ip.rb 2.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. # -*- coding: binary -*-
  2. module Msf
  3. ###
  4. #
  5. # This module provides methods for communicating with a host over raw IP
  6. #
  7. ###
  8. module Exploit::Remote::Ip
  9. #
  10. # Initializes an instance of an exploit module that sends
  11. # raw IP datagrams.
  12. #
  13. def initialize(info = {})
  14. super
  15. register_options(
  16. [
  17. Opt::RHOST,
  18. ], Msf::Exploit::Remote::Ip)
  19. end
  20. #
  21. # Creates an IP socket for communicating with a remote host
  22. #
  23. def connect_ip(global = true, opts={})
  24. begin
  25. nsock = Rex::Socket::Ip.create(
  26. 'Context' =>
  27. {
  28. 'Msf' => framework,
  29. 'MsfExploit' => self,
  30. })
  31. # Set this socket to the global socket as necessary
  32. self.ip_sock = nsock if (global)
  33. # Add this socket to the list of sockets created by this exploit
  34. add_socket(nsock)
  35. return nsock
  36. rescue ::Exception => e
  37. print_line(" ")
  38. print_error(
  39. "This module is configured to use a raw IP socket. " +
  40. "On Unix systems, only the root user is allowed to create raw sockets. " +
  41. "Please run the framework as root to use this module."
  42. )
  43. print_line(" ")
  44. nil
  45. end
  46. end
  47. #
  48. # Closes the IP socket
  49. #
  50. def disconnect_ip(nsock = self.ip_sock)
  51. begin
  52. if (nsock)
  53. nsock.close
  54. end
  55. rescue IOError
  56. end
  57. if (nsock == ip_sock)
  58. self.ip_sock = nil
  59. end
  60. # Remove this socket from the list of sockets created by this exploit
  61. remove_socket(nsock)
  62. end
  63. #
  64. # Claims the IP socket if the payload so desires.
  65. # No exploits use raw socket payloads yet...
  66. #
  67. def handler(nsock = self.ip_sock)
  68. true
  69. end
  70. #
  71. # Performs cleanup, closes the socket if necessary
  72. #
  73. def cleanup
  74. super
  75. disconnect_ip
  76. end
  77. #
  78. # Sends a datagram to the host specified in RHOST
  79. #
  80. def ip_write(dgram)
  81. return nil if not ip_sock
  82. ip_sock.sendto(dgram, rhost)
  83. end
  84. ##
  85. #
  86. # Wrappers for getters
  87. #
  88. ##
  89. #
  90. # Returns the target host
  91. #
  92. def rhost
  93. datastore['RHOST']
  94. end
  95. protected
  96. attr_accessor :ip_sock
  97. end
  98. end