This commit brings configurability to TCP Servers as to which Comm they use. The ReverseListenerComm and ListenerComm advanced options can be used to prevent a given listener from trying to bind a listener over the pivoted routed. This is useful for a number of situations and not possible to configure explicitly before.
git-svn-id: file:///home/svn/framework3/trunk@10534 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
6a06a95f2f
commit
1b4190df38
|
@ -2905,6 +2905,11 @@ class DBManager
|
|||
:state => Msf::HostState::Alive
|
||||
)
|
||||
|
||||
if host.name.to_s.empty?
|
||||
host.name = vhost
|
||||
host.save!
|
||||
end
|
||||
|
||||
serv = serv ? serv : find_or_create_service(
|
||||
:workspace => wspace,
|
||||
:host => host,
|
||||
|
|
|
@ -75,10 +75,19 @@ module Exploit::Remote::HttpServer
|
|||
def start_service(opts = {})
|
||||
check_dependencies
|
||||
|
||||
|
||||
comm = datastore['ListenerComm']
|
||||
if (comm.to_s == "local")
|
||||
comm = ::Rex::Socket::Comm::Local
|
||||
else
|
||||
comm = nil
|
||||
end
|
||||
|
||||
# Default the server host and port to what is required by the mixin.
|
||||
opts = {
|
||||
'ServerHost' => datastore['SRVHOST'],
|
||||
'ServerPort' => datastore['SRVPORT'],
|
||||
'Comm' => comm
|
||||
}.update(opts)
|
||||
|
||||
# Start a new HTTP server service.
|
||||
|
@ -90,7 +99,8 @@ module Exploit::Remote::HttpServer
|
|||
{
|
||||
'Msf' => framework,
|
||||
'MsfExploit' => self,
|
||||
}
|
||||
},
|
||||
opts['Comm']
|
||||
)
|
||||
|
||||
self.service.server_name = 'Apache'
|
||||
|
|
|
@ -288,6 +288,12 @@ module Exploit::Remote::TcpServer
|
|||
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']]),
|
||||
OptAddress.new('SRVHOST', [ true, "The local host to listen on.", '0.0.0.0' ]),
|
||||
OptPort.new('SRVPORT', [ true, "The local port to listen on.", 8080 ]),
|
||||
|
||||
], Msf::Exploit::Remote::TcpServer)
|
||||
|
||||
register_advanced_options(
|
||||
[
|
||||
OptString.new('ListenerComm', [ false, 'The specific communication channel to use for this service']),
|
||||
], Msf::Exploit::Remote::TcpServer)
|
||||
|
||||
register_evasion_options(
|
||||
|
@ -355,10 +361,18 @@ module Exploit::Remote::TcpServer
|
|||
def start_service(*args)
|
||||
begin
|
||||
|
||||
comm = datastore['ListenerComm']
|
||||
if comm == "local"
|
||||
comm = ::Rex::Socket::Comm::Local
|
||||
else
|
||||
comm = nil
|
||||
end
|
||||
|
||||
self.service = Rex::Socket::TcpServer.create(
|
||||
'LocalHost' => srvhost,
|
||||
'LocalPort' => srvport,
|
||||
'SSL' => ssl,
|
||||
'Comm' => comm,
|
||||
'Context' =>
|
||||
{
|
||||
'Msf' => framework,
|
||||
|
|
|
@ -50,7 +50,8 @@ module ReverseTcp
|
|||
register_advanced_options(
|
||||
[
|
||||
OptInt.new('ReverseConnectRetries', [ true, 'The number of connection attempts to try before exiting the process', 5 ]),
|
||||
OptAddress.new('ReverseListenerBindAddress', [ false, 'The specific IP address to bind to on the local system'])
|
||||
OptAddress.new('ReverseListenerBindAddress', [ false, 'The specific IP address to bind to on the local system']),
|
||||
OptString.new('ReverseListenerComm', [ false, 'The specific communication channel to use for this listener']),
|
||||
], Msf::Handler::ReverseTcp)
|
||||
|
||||
|
||||
|
@ -76,6 +77,13 @@ module ReverseTcp
|
|||
|
||||
addrs = [ Rex::Socket.addr_ntoa(addr), any ]
|
||||
|
||||
comm = datastore['ReverseListenerComm']
|
||||
if comm.to_s == "local"
|
||||
comm = ::Rex::Socket::Comm::Local
|
||||
else
|
||||
comm = nil
|
||||
end
|
||||
|
||||
if not datastore['ReverseListenerBindAddress'].to_s.empty?
|
||||
# Only try to bind to this specific interface
|
||||
addrs = [ datastore['ReverseListenerBindAddress'] ]
|
||||
|
@ -89,6 +97,7 @@ module ReverseTcp
|
|||
self.listener_sock = Rex::Socket::TcpServer.create(
|
||||
'LocalHost' => ip,
|
||||
'LocalPort' => datastore['LPORT'].to_i,
|
||||
'Comm' => comm,
|
||||
'Context' =>
|
||||
{
|
||||
'Msf' => framework,
|
||||
|
@ -98,7 +107,7 @@ module ReverseTcp
|
|||
|
||||
ex = false
|
||||
|
||||
comm_used = Rex::Socket::SwitchBoard.best_comm( ip )
|
||||
comm_used = comm || Rex::Socket::SwitchBoard.best_comm( ip )
|
||||
comm_used = Rex::Socket::Comm::Local if comm_used == nil
|
||||
|
||||
if( comm_used.respond_to?( :type ) and comm_used.respond_to?( :sid ) )
|
||||
|
|
|
@ -99,7 +99,7 @@ class Server
|
|||
# Initializes an HTTP server as listening on the provided port and
|
||||
# hostname.
|
||||
#
|
||||
def initialize(port = 80, listen_host = '0.0.0.0', ssl = false, context = {})
|
||||
def initialize(port = 80, listen_host = '0.0.0.0', ssl = false, context = {}, comm = nil)
|
||||
self.listen_host = listen_host
|
||||
self.listen_port = port
|
||||
self.context = context
|
||||
|
@ -107,6 +107,7 @@ class Server
|
|||
self.resources = {}
|
||||
self.server_name = DefaultServer
|
||||
self.ssl = ssl
|
||||
self.comm = comm
|
||||
end
|
||||
|
||||
#
|
||||
|
@ -132,7 +133,8 @@ class Server
|
|||
'LocalHost' => self.listen_host,
|
||||
'LocalPort' => self.listen_port,
|
||||
'Context' => self.context,
|
||||
'SSL' => self.ssl
|
||||
'SSL' => self.ssl,
|
||||
'Comm' => self.comm
|
||||
)
|
||||
|
||||
# Register callbacks
|
||||
|
@ -254,7 +256,7 @@ class Server
|
|||
cli.send_response(resp)
|
||||
end
|
||||
|
||||
attr_accessor :listen_port, :listen_host, :server_name, :context, :ssl
|
||||
attr_accessor :listen_port, :listen_host, :server_name, :context, :ssl, :comm
|
||||
attr_accessor :listener, :resources
|
||||
|
||||
protected
|
||||
|
|
|
@ -440,11 +440,12 @@ module Socket
|
|||
#
|
||||
##
|
||||
|
||||
def self.source_address(dest='50.50.50.50')
|
||||
def self.source_address(dest='50.50.50.50', comm = ::Rex::Socket::Comm::Local)
|
||||
begin
|
||||
s = self.create_udp(
|
||||
'PeerHost' => dest,
|
||||
'PeerPort' => 31337
|
||||
'PeerPort' => 31337,
|
||||
'Comm' => comm
|
||||
)
|
||||
r = s.getsockname[1]
|
||||
s.close
|
||||
|
|
Loading…
Reference in New Issue