* add request fragmentation as an IDS evasion
git-svn-id: file:///home/svn/incoming/trunk@3563 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
223d22c2e6
commit
1f9b1d3806
|
@ -18,9 +18,15 @@ module Exploit::Remote::SunRPC
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super
|
super
|
||||||
|
|
||||||
|
register_evasion_options(
|
||||||
|
[
|
||||||
|
OptBool.new('ONCRPC::tcp_request_fragmentation', [false, 'Enable fragmentation of TCP ONC/RPC requests', 'false']),
|
||||||
|
], Msf::Exploit::Remote::SunRPC
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
register_advanced_options(
|
register_advanced_options(
|
||||||
[
|
[
|
||||||
# XXX: Frags...
|
|
||||||
# XXX: Use portmapper to do call
|
# XXX: Use portmapper to do call
|
||||||
], Msf::Exploit::Remote::SunRPC)
|
], Msf::Exploit::Remote::SunRPC)
|
||||||
|
|
||||||
|
@ -35,6 +41,10 @@ module Exploit::Remote::SunRPC
|
||||||
|
|
||||||
def sunrpc_create(protocol, program, version)
|
def sunrpc_create(protocol, program, version)
|
||||||
self.rpcobj = Rex::Proto::SunRPC::Client.new(datastore['RHOST'], datastore['RPORT'], protocol, program, version)
|
self.rpcobj = Rex::Proto::SunRPC::Client.new(datastore['RHOST'], datastore['RPORT'], protocol, program, version)
|
||||||
|
if datastore['ONCRPC::tcp_request_fragmentation'] == true
|
||||||
|
self.rpcobj.should_fragment = 1
|
||||||
|
end
|
||||||
|
|
||||||
# if datastore['XPORT']
|
# if datastore['XPORT']
|
||||||
# rpcobj.pport = datastore['XPORT']
|
# rpcobj.pport = datastore['XPORT']
|
||||||
# else
|
# else
|
||||||
|
|
Loading…
Reference in New Issue