mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-11-05 14:57:30 +01:00
Added wmap profiles capabilities to use as a method to run specific modules
git-svn-id: file:///home/svn/framework3/trunk@5988 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
3e19245054
commit
8547688d7d
23
data/wmap/wmap_sample_profile.txt
Normal file
23
data/wmap/wmap_sample_profile.txt
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
#
|
||||||
|
# WMAP Sample Profile
|
||||||
|
# wmap_run -e /path/to/profile
|
||||||
|
#
|
||||||
|
frontpage
|
||||||
|
frontpage_login
|
||||||
|
lucky_punch
|
||||||
|
options
|
||||||
|
version
|
||||||
|
wmap_backup_file
|
||||||
|
wmap_blind_sql_query
|
||||||
|
#wmap_brute_dirs
|
||||||
|
wmap_copy_of_file
|
||||||
|
wmap_dir_listing
|
||||||
|
wmap_dir_scanner
|
||||||
|
wmap_file_same_name_dir
|
||||||
|
wmap_files_dir
|
||||||
|
wmap_prev_dir_same_name_file
|
||||||
|
wmap_replace_ext
|
||||||
|
wmap_ssl_vhost
|
||||||
|
wmap_verb_auth_bypass
|
||||||
|
wmap_vhost_scanner
|
||||||
|
writable
|
@ -216,6 +216,9 @@ module Wmap
|
|||||||
stamp = Time.now.to_f
|
stamp = Time.now.to_f
|
||||||
mode = 0
|
mode = 0
|
||||||
|
|
||||||
|
eprofile = []
|
||||||
|
using_p = false
|
||||||
|
|
||||||
args.push("-h") if args.length == 0
|
args.push("-h") if args.length == 0
|
||||||
|
|
||||||
while (arg = args.shift)
|
while (arg = args.shift)
|
||||||
@ -225,13 +228,38 @@ module Wmap
|
|||||||
when '-e'
|
when '-e'
|
||||||
mode |= WMAP_EXPL
|
mode |= WMAP_EXPL
|
||||||
|
|
||||||
|
profile = args.shift
|
||||||
|
|
||||||
|
if profile
|
||||||
|
print_status("Using profile #{profile}.")
|
||||||
|
|
||||||
|
begin
|
||||||
|
File.open(profile).each do |str|
|
||||||
|
if not str.include? '#'
|
||||||
|
# Not a comment
|
||||||
|
modname = str.strip
|
||||||
|
if not modname.empty?
|
||||||
|
eprofile << modname
|
||||||
|
end
|
||||||
|
end
|
||||||
|
using_p = true
|
||||||
|
end
|
||||||
|
rescue
|
||||||
|
print_error("Profile not found or invalid.")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
else
|
||||||
|
print_status("Using ALL wmap enabled modules.")
|
||||||
|
end
|
||||||
|
|
||||||
# Create report entry
|
# Create report entry
|
||||||
framework.db.create_report(0,'WMAP','REPORT',"#{selected_host},#{selected_port},#{selected_ssl}","Metasploit WMAP Report",'WMAP Scanner')
|
framework.db.create_report(0,'WMAP','REPORT',"#{selected_host},#{selected_port},#{selected_ssl}","Metasploit WMAP Report",'WMAP Scanner')
|
||||||
when '-h'
|
when '-h'
|
||||||
print_status("Usage: wmap_run [options]")
|
print_status("Usage: wmap_run [options]")
|
||||||
print_line("\t-h Display this help text")
|
print_line("\t-h Display this help text")
|
||||||
print_line("\t-t Show all matching exploit modules")
|
print_line("\t-t Show all matching exploit modules")
|
||||||
print_line("\t-e Launch exploits against all matched targets")
|
print_line("\t-e [profile] Launch profile test modules against all matched targets.")
|
||||||
|
print_line("\t No profile runs all enabled modules.")
|
||||||
|
|
||||||
print_line("")
|
print_line("")
|
||||||
return
|
return
|
||||||
@ -276,28 +304,30 @@ module Wmap
|
|||||||
|
|
||||||
penabled = e.wmap_enabled
|
penabled = e.wmap_enabled
|
||||||
|
|
||||||
if (penabled)
|
if penabled
|
||||||
#
|
if not using_p or eprofile.include? n.split('/').last
|
||||||
# First run the WMAP_SERVER plugins
|
#
|
||||||
#
|
# First run the WMAP_SERVER plugins
|
||||||
case e.wmap_type
|
#
|
||||||
when :WMAP_SERVER
|
case e.wmap_type
|
||||||
matches1[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_SERVER
|
||||||
when :WMAP_QUERY
|
matches1[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
matches2[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_QUERY
|
||||||
when :WMAP_BODY
|
matches2[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
matches3[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_BODY
|
||||||
when :WMAP_HEADERS
|
matches3[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
matches4[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_HEADERS
|
||||||
when :WMAP_UNIQUE_QUERY
|
matches4[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
matches5[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_UNIQUE_QUERY
|
||||||
when :WMAP_GENERIC
|
matches5[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
matches10[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_GENERIC
|
||||||
when :WMAP_DIR, :WMAP_FILE
|
matches10[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
matches[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
when :WMAP_DIR, :WMAP_FILE
|
||||||
else
|
matches[[selected_host,selected_port,selected_ssl,mtype[1]+'/'+n]]=true
|
||||||
# Black Hole
|
else
|
||||||
end
|
# Black Hole
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user