1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00

enhanced logging a bit, added a few badchars to ie obj type, improving job support

git-svn-id: file:///home/svn/incoming/trunk@2868 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
Matt Miller 2005-09-23 05:51:09 +00:00
parent 40da41eb8d
commit 3116a654d4
10 changed files with 25 additions and 18 deletions

View File

@ -97,7 +97,7 @@ class EncodedPayload
self.encoded = self.encoder.encode(self.raw, reqs['BadChars'])
rescue
wlog("#{pinst.refname}: Failed to encode payload with encoder #{encoder.refname}: #{$!}",
'core', LEV_1)
'core', LEV_2)
next
end

View File

@ -167,7 +167,7 @@ class Encoder < Module
# Last but not least, do one last badchar pass to see if the stub +
# encoded payload leads to any bad char issues...
if ((badchar_idx = has_badchars?(state.encoded, badchars)) != nil)
raise BadcharError.new(state.encoded, badchar_idx, stub.length, badchars[badchar_idx]),
raise BadcharError.new(state.encoded, badchar_idx, stub.length, state.encoded[badchar_idx]),
"The #{self.name} encoder failed to encode without bad characters.",
caller
end

View File

@ -167,12 +167,12 @@ protected
# provided.
uopts = {
'Proc' => Proc.new { |cli, req|
on_request_uri(cli, req)
on_request_uri(cli, req)
},
'Path' => random_uri
}.update(opts['Uri'] || {})
print_status("HTTP Server URL: http://#{opts['ServerHost']}:#{opts['ServerPort']}#{uopts['Path']}")
print_status("Using URL: http://#{opts['ServerHost']}:#{opts['ServerPort']}#{uopts['Path']}")
add_resource(uopts)
end

View File

@ -140,8 +140,6 @@ module Exploit::Remote::TcpServer
# service that corresponds with what the client has requested.
#
def exploit
print_status("Server starting...");
start_service
print_status("Server started.");

View File

@ -140,7 +140,7 @@ class Core
#
def cmd_jobs(*args)
if (args.length == 0)
args.unshift("-h")
args.unshift("-l")
end
# Parse the command options

View File

@ -141,6 +141,7 @@ protected
end
rescue
elog("Error in stream server listener monitor: #{$!}")
rlog(ExceptionCallStack)
end while true
end
@ -162,6 +163,7 @@ protected
}
rescue
elog("Error in stream server client monitor: #{$!}")
rlog(ExceptionCallStack)
end while true
end

View File

@ -95,6 +95,8 @@ end
# still be directed at the correct log file.
#
###
ExceptionCallStack = "__EXCEPTCALLSTACK__"
def dlog(msg, src = 'core', level = 0, from = caller)
$dispatcher.log(LOG_DEBUG, src, level, msg, from)
end
@ -112,6 +114,10 @@ def ilog(msg, src = 'core', level = 0, from = caller)
end
def rlog(msg, src = 'core', level = 0, from = caller)
if (msg == ExceptionCallStack)
msg = "\nCall stack:\n" + $@.join("\n") + "\n"
end
$dispatcher.log(LOG_RAW, src, level, msg, from)
end
@ -125,3 +131,4 @@ end
# Creates the global log dispatcher
$dispatcher = Rex::Logging::LogDispatcher.new

View File

@ -38,6 +38,7 @@ class Flatfile
code = 'i'
end
fd.write("[#{get_current_timestamp}] [#{code}(#{level})] #{src}: #{msg}\n")
fd.flush
end
end

View File

@ -25,19 +25,17 @@ module ThreadSafe
def self.select(rfd = nil, wfd = nil, efd = nil, t = nil)
left = t
callcc { |ctx|
begin
# Poll the set supplied to us at least once.
rv = ::IO.select(rfd, wfd, efd, DefaultCycle)
begin
# Poll the set supplied to us at least once.
rv = ::IO.select(rfd, wfd, efd, DefaultCycle)
ctx.call(rv) if (rv)
return rv if (rv)
# Decrement the amount of time left by the polling cycle
left -= DefaultCycle if (left)
# Decrement the amount of time left by the polling cycle
left -= DefaultCycle if (left)
# Keep chugging until we run out of time, if time was supplied.
end while ((left == nil) or (left > 0))
}
# Keep chugging until we run out of time, if time was supplied.
end while ((left == nil) or (left > 0))
end
#

View File

@ -29,6 +29,7 @@ class Exploits::Windows::MS03_020_Ie_ObjectType < Msf::Exploit::Remote
{
'Space' => 1000,
'MaxNops' => 0,
'BadChars' => "\x8b\xe2", # Prevent UTF-8-ification
},
'Targets' =>
[
@ -39,7 +40,7 @@ class Exploits::Windows::MS03_020_Ie_ObjectType < Msf::Exploit::Remote
'Platform' => 'win',
'Rets' =>
[
0x7ffdec50, # Windows NT: samlib jmp esp
0x777e85ab, # Windows NT: samlib jmp esp
0x71ab1d54, # Windows XP: ws2_32 push esp/ret SP0/1
0x77d1f92f, # Windows 2003: user32 jmp esp SP0/1
],