From 1f9b1d3806fabd7444f08e83d8adf06ea092b4d1 Mon Sep 17 00:00:00 2001
From: bmc <>
Date: Wed, 8 Mar 2006 19:14:10 +0000
Subject: [PATCH] * add request fragmentation as an IDS evasion

git-svn-id: file:///home/svn/incoming/trunk@3563 4d416f70-5f16-0410-b530-b9f4589650da
---
 lib/msf/core/exploit/sunrpc.rb | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/lib/msf/core/exploit/sunrpc.rb b/lib/msf/core/exploit/sunrpc.rb
index 1c8eb598b1..08115a154e 100644
--- a/lib/msf/core/exploit/sunrpc.rb
+++ b/lib/msf/core/exploit/sunrpc.rb
@@ -17,10 +17,16 @@ module Exploit::Remote::SunRPC
 
 	def initialize(info = {})
 		super
-	
+
+		register_evasion_options(
+			[
+				OptBool.new('ONCRPC::tcp_request_fragmentation', [false, 'Enable fragmentation of TCP ONC/RPC requests', 'false']),
+			], Msf::Exploit::Remote::SunRPC
+		)
+
+
 		register_advanced_options(
 			[
-# XXX: Frags...
 # XXX: Use portmapper to do call
 			], Msf::Exploit::Remote::SunRPC)
 
@@ -35,6 +41,10 @@ module Exploit::Remote::SunRPC
 
 	def sunrpc_create(protocol, program, version)
 		self.rpcobj = Rex::Proto::SunRPC::Client.new(datastore['RHOST'], datastore['RPORT'], protocol, program, version)
+		if datastore['ONCRPC::tcp_request_fragmentation'] == true
+			self.rpcobj.should_fragment = 1
+		end
+
 #		if datastore['XPORT']
 #			rpcobj.pport = datastore['XPORT']
 #		else