1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00

Add ForceExploit option

This commit is contained in:
Brendan Coles 2018-09-11 09:23:50 +00:00
parent 1582dacb0e
commit e75b5592f7
2 changed files with 8 additions and 6 deletions

View File

@ -36,10 +36,6 @@
Which session to use, which can be viewed with `sessions`
**WritableDir**
A writable directory file system path. (default: `/tmp`)
**SUID_PATH**
Path to suid executable (must be linked to a vulnerable version of `libnspr4.so`)

View File

@ -75,7 +75,10 @@ class MetasploitModule < Msf::Exploit::Local
# * /usr/bin/lpstat
# * /usr/lib/lp/bin/netpr
# * /usr/sbin/lpmove
OptString.new('SUID_PATH', [true, 'Path to suid executable (must be linked to a vulnerable version of libnspr4.so)', '/usr/bin/cancel']),
OptString.new('SUID_PATH', [true, 'Path to suid executable (must be linked to a vulnerable version of libnspr4.so)', '/usr/bin/cancel'])
]
register_advanced_options [
OptBool.new('ForceExploit', [false, 'Override check result', false]),
OptString.new('WritableDir', [true, 'A directory where we can write files', '/tmp'])
]
end
@ -165,7 +168,10 @@ class MetasploitModule < Msf::Exploit::Local
end
unless [CheckCode::Detected, CheckCode::Appears].include? check
fail_with Failure::NotVulnerable, 'Target is not vulnerable'
unless datastore['ForceExploit']
fail_with Failure::NotVulnerable, 'Target is not vulnerable. Set ForceExploit to override.'
end
print_warning 'Target does not appear to be vulnerable'
end
unless is_writable? datastore['WritableDir']