mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-11-05 14:57:30 +01:00
defanged mode
git-svn-id: file:///home/svn/framework3/trunk@4303 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
114050ef6b
commit
279c0e3e52
@ -43,6 +43,13 @@ module CommandDispatcher
|
||||
driver.active_module = mod
|
||||
end
|
||||
|
||||
#
|
||||
# Checks to see if the driver is defanged.
|
||||
#
|
||||
def defanged?
|
||||
driver.defanged?
|
||||
end
|
||||
|
||||
#
|
||||
# Logs an error message to the screen and the log file. The callstack is
|
||||
# also printed.
|
||||
|
@ -99,6 +99,7 @@ class Auxiliary
|
||||
# Executes an auxiliary module
|
||||
#
|
||||
def cmd_run(*args)
|
||||
defanged?
|
||||
|
||||
opt_str = nil
|
||||
action = mod.datastore['ACTION']
|
||||
|
@ -194,6 +194,8 @@ class Core
|
||||
# Goes into IRB scripting mode
|
||||
#
|
||||
def cmd_irb(*args)
|
||||
defanged?
|
||||
|
||||
print_status("Starting IRB shell...\n")
|
||||
|
||||
begin
|
||||
@ -254,6 +256,8 @@ class Core
|
||||
# the framework root plugin directory is used.
|
||||
#
|
||||
def cmd_load(*args)
|
||||
defanged?
|
||||
|
||||
if (args.length == 0)
|
||||
print_line(
|
||||
"Usage: load <path> [var=val var=val ...]\n\n" +
|
||||
@ -311,6 +315,8 @@ class Core
|
||||
# storage medium, such as a flatfile.
|
||||
#
|
||||
def cmd_persist(*args)
|
||||
defanged?
|
||||
|
||||
if (args.length == 0)
|
||||
args.unshift("-h")
|
||||
end
|
||||
@ -499,6 +505,8 @@ class Core
|
||||
# restarts of the console.
|
||||
#
|
||||
def cmd_save(*args)
|
||||
defanged?
|
||||
|
||||
# Save the console config
|
||||
driver.save_config
|
||||
|
||||
@ -521,6 +529,8 @@ class Core
|
||||
# Adds one or more search paths.
|
||||
#
|
||||
def cmd_loadpath(*args)
|
||||
defanged?
|
||||
|
||||
if (args.length == 0)
|
||||
print_error("No search paths were provided.")
|
||||
return true
|
||||
|
@ -45,7 +45,10 @@ class Exploit
|
||||
# Checks to see if a target is vulnerable.
|
||||
#
|
||||
def cmd_check(*args)
|
||||
defanged?
|
||||
|
||||
begin
|
||||
|
||||
mod.init_ui(
|
||||
driver.input,
|
||||
driver.output)
|
||||
@ -75,6 +78,8 @@ class Exploit
|
||||
# Launches an exploitation attempt.
|
||||
#
|
||||
def cmd_exploit(*args)
|
||||
defanged?
|
||||
|
||||
opt_str = nil
|
||||
payload = mod.datastore['PAYLOAD']
|
||||
encoder = mod.datastore['ENCODER']
|
||||
|
@ -95,6 +95,14 @@ class Driver < Msf::Ui::Driver
|
||||
|
||||
# Whether or not command passthru should be allowed
|
||||
self.command_passthru = (opts['AllowCommandPassthru'] == false) ? false : true
|
||||
|
||||
# Disables "dangerous" functionality of the console
|
||||
@defanged = opts['Defanged'] == true
|
||||
|
||||
# If we're defanged, then command passthru should be disabled
|
||||
if @defanged
|
||||
self.command_passthru = false
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
@ -259,6 +267,17 @@ class Driver < Msf::Ui::Driver
|
||||
#
|
||||
attr_accessor :active_module
|
||||
|
||||
#
|
||||
# If defanged is true, dangerous functionality, such as exploitation, irb,
|
||||
# and command shell passthru is disabled. In this case, an exception is
|
||||
# raised.
|
||||
#
|
||||
def defanged?
|
||||
if @defanged
|
||||
raise DefangedException
|
||||
end
|
||||
end
|
||||
|
||||
protected
|
||||
|
||||
attr_writer :framework # :nodoc:
|
||||
@ -330,6 +349,16 @@ protected
|
||||
|
||||
end
|
||||
|
||||
#
|
||||
# This exception is used to indicate that functionality is disabled due to
|
||||
# defanged being true
|
||||
#
|
||||
class DefangedException < ::Exception
|
||||
def to_s
|
||||
"This functionality is currently disabled (defanged mode)"
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -24,6 +24,9 @@ class OptsConsole
|
||||
opts.separator ""
|
||||
opts.separator "Specific options:"
|
||||
|
||||
opts.on("-d", "-d", "Execute the console as defanged") do
|
||||
options['Defanged'] = true
|
||||
end
|
||||
|
||||
opts.on("-r", "-r <filename>", "Execute the specified resource file") do |r|
|
||||
options['Resource'] = r
|
||||
|
Loading…
Reference in New Issue
Block a user