mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-09-18 14:00:12 +02:00
Added wmap profiles capabilities to use as a method to run specific modules
git-svn-id: file:///home/svn/framework3/trunk@5988 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
3e19245054
commit
8547688d7d
23
data/wmap/wmap_sample_profile.txt
Normal file
23
data/wmap/wmap_sample_profile.txt
Normal file
@ -0,0 +1,23 @@
|
||||
#
|
||||
# WMAP Sample Profile
|
||||
# wmap_run -e /path/to/profile
|
||||
#
|
||||
frontpage
|
||||
frontpage_login
|
||||
lucky_punch
|
||||
options
|
||||
version
|
||||
wmap_backup_file
|
||||
wmap_blind_sql_query
|
||||
#wmap_brute_dirs
|
||||
wmap_copy_of_file
|
||||
wmap_dir_listing
|
||||
wmap_dir_scanner
|
||||
wmap_file_same_name_dir
|
||||
wmap_files_dir
|
||||
wmap_prev_dir_same_name_file
|
||||
wmap_replace_ext
|
||||
wmap_ssl_vhost
|
||||
wmap_verb_auth_bypass
|
||||
wmap_vhost_scanner
|
||||
writable
|
@ -216,6 +216,9 @@ module Wmap
|
||||
stamp = Time.now.to_f
|
||||
mode = 0
|
||||
|
||||
eprofile = []
|
||||
using_p = false
|
||||
|
||||
args.push("-h") if args.length == 0
|
||||
|
||||
while (arg = args.shift)
|
||||
@ -225,13 +228,38 @@ module Wmap
|
||||
when '-e'
|
||||
mode |= WMAP_EXPL
|
||||
|
||||
profile = args.shift
|
||||
|
||||
if profile
|
||||
print_status("Using profile #{profile}.")
|
||||
|
||||
begin
|
||||
File.open(profile).each do |str|
|
||||
if not str.include? '#'
|
||||
# Not a comment
|
||||
modname = str.strip
|
||||
if not modname.empty?
|
||||
eprofile << modname
|
||||
end
|
||||
end
|
||||
using_p = true
|
||||
end
|
||||
rescue
|
||||
print_error("Profile not found or invalid.")
|
||||
return
|
||||
end
|
||||
else
|
||||
print_status("Using ALL wmap enabled modules.")
|
||||
end
|
||||
|
||||
# Create report entry
|
||||
framework.db.create_report(0,'WMAP','REPORT',"#{selected_host},#{selected_port},#{selected_ssl}","Metasploit WMAP Report",'WMAP Scanner')
|
||||
when '-h'
|
||||
print_status("Usage: wmap_run [options]")
|
||||
print_line("\t-h Display this help text")
|
||||
print_line("\t-t Show all matching exploit modules")
|
||||
print_line("\t-e Launch exploits against all matched targets")
|
||||
print_line("\t-h Display this help text")
|
||||
print_line("\t-t Show all matching exploit modules")
|
||||
print_line("\t-e [profile] Launch profile test modules against all matched targets.")
|
||||
print_line("\t No profile runs all enabled modules.")
|
||||
|
||||
print_line("")
|
||||
return
|
||||
@ -276,28 +304,30 @@ module Wmap
|
||||
|
||||
penabled = e.wmap_enabled
|
||||
|
||||
if (penabled)
|
||||
#
|
||||
# First run the WMAP_SERVER plugins
|
||||
#
|
||||
case e.wmap_type
|
||||
when :WMAP_SERVER
|
||||
matches1[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_QUERY
|
||||
matches2[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_BODY
|
||||
matches3[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_HEADERS
|
||||
matches4[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_UNIQUE_QUERY
|
||||
matches5[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_GENERIC
|
||||
matches10[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_DIR, :WMAP_FILE
|
||||
matches[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
else
|
||||
# Black Hole
|
||||
end
|
||||
if penabled
|
||||
if not using_p or eprofile.include? n.split('/').last
|
||||
#
|
||||
# First run the WMAP_SERVER plugins
|
||||
#
|
||||
case e.wmap_type
|
||||
when :WMAP_SERVER
|
||||
matches1[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_QUERY
|
||||
matches2[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_BODY
|
||||
matches3[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_HEADERS
|
||||
matches4[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_UNIQUE_QUERY
|
||||
matches5[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_GENERIC
|
||||
matches10[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
when :WMAP_DIR, :WMAP_FILE
|
||||
matches[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||
else
|
||||
# Black Hole
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user