* add request fragmentation as an IDS evasion
git-svn-id: file:///home/svn/incoming/trunk@3563 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
223d22c2e6
commit
1f9b1d3806
|
@ -18,9 +18,15 @@ module Exploit::Remote::SunRPC
|
|||
def initialize(info = {})
|
||||
super
|
||||
|
||||
register_evasion_options(
|
||||
[
|
||||
OptBool.new('ONCRPC::tcp_request_fragmentation', [false, 'Enable fragmentation of TCP ONC/RPC requests', 'false']),
|
||||
], Msf::Exploit::Remote::SunRPC
|
||||
)
|
||||
|
||||
|
||||
register_advanced_options(
|
||||
[
|
||||
# XXX: Frags...
|
||||
# XXX: Use portmapper to do call
|
||||
], Msf::Exploit::Remote::SunRPC)
|
||||
|
||||
|
@ -35,6 +41,10 @@ module Exploit::Remote::SunRPC
|
|||
|
||||
def sunrpc_create(protocol, program, version)
|
||||
self.rpcobj = Rex::Proto::SunRPC::Client.new(datastore['RHOST'], datastore['RPORT'], protocol, program, version)
|
||||
if datastore['ONCRPC::tcp_request_fragmentation'] == true
|
||||
self.rpcobj.should_fragment = 1
|
||||
end
|
||||
|
||||
# if datastore['XPORT']
|
||||
# rpcobj.pport = datastore['XPORT']
|
||||
# else
|
||||
|
|
Loading…
Reference in New Issue