Land #6010, capture_sendto fixes
This commit is contained in:
commit
2ab779ad3d
|
@ -86,7 +86,7 @@ module Auxiliary::UDPScanner
|
|||
p.recalc
|
||||
print_status("Sending #{num_packets} packet(s) to #{ip} from #{srcip}")
|
||||
1.upto(num_packets) do |x|
|
||||
capture_sendto(p, ip)
|
||||
break unless capture_sendto(p, ip)
|
||||
end
|
||||
close_pcap
|
||||
end
|
||||
|
|
|
@ -89,7 +89,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
ackbpf = "tcp [8:4] == 0x#{(p.tcp_seq + 1).to_s(16)}"
|
||||
pcap.setfilter("tcp and tcp[13] == 18 and not host #{ip} and src port #{p.tcp_dst} and dst port #{p.tcp_src} and #{ackbpf}")
|
||||
capture_sendto(p, ip)
|
||||
break unless capture_sendto(p, ip)
|
||||
reply = probe_reply(pcap, to)
|
||||
next if reply.nil?
|
||||
|
||||
|
|
|
@ -45,10 +45,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
p.udp_dport = datastore['RPORT'].to_i
|
||||
p.payload = Rex::Text.rand_text(rand(0x20)) # UDP needs at least one data byte, may as well send a few.
|
||||
p.recalc
|
||||
capture_sendto(p, rhost)
|
||||
|
||||
capture_sendto(p, rhost) and print_status("Avahi should be down now")
|
||||
close_pcap
|
||||
|
||||
print_status("Avahi should be down now")
|
||||
end
|
||||
end
|
||||
|
|
|
@ -60,7 +60,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
p.tcp_sport = sport
|
||||
p.tcp_seq = rand(0x100000000)
|
||||
p.recalc
|
||||
capture_sendto(p,rhost)
|
||||
break unless capture_sendto(p,rhost)
|
||||
sent += 1
|
||||
end
|
||||
|
||||
|
|
|
@ -69,7 +69,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
probe = buildprobe(shost, sport, ip, rport)
|
||||
|
||||
capture_sendto(probe, ip)
|
||||
next unless capture_sendto(probe, ip)
|
||||
|
||||
reply = probereply(pcap, to)
|
||||
|
||||
|
|
|
@ -55,9 +55,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
to = (datastore['TIMEOUT'] || 500).to_f / 1000.0
|
||||
|
||||
# we copy the hosts because some may not be reachable and need to be ejected
|
||||
host_queue = hosts.dup
|
||||
# Spread the load across the hosts
|
||||
ports.each do |dport|
|
||||
hosts.each do |dhost|
|
||||
host_queue.each do |dhost|
|
||||
shost, sport = getsource(dhost)
|
||||
|
||||
pcap.setfilter(getfilter(shost, sport, dhost, dport))
|
||||
|
@ -65,7 +67,10 @@ class Metasploit3 < Msf::Auxiliary
|
|||
begin
|
||||
probe = buildprobe(shost, sport, dhost, dport)
|
||||
|
||||
capture_sendto(probe, dhost)
|
||||
unless capture_sendto(probe, dhost)
|
||||
host_queue.delete(dhost)
|
||||
next
|
||||
end
|
||||
|
||||
reply = probereply(pcap, to)
|
||||
|
||||
|
|
|
@ -53,9 +53,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
to = (datastore['TIMEOUT'] || 500).to_f / 1000.0
|
||||
|
||||
# we copy the hosts because some may not be reachable and need to be ejected
|
||||
host_queue = hosts.dup
|
||||
# Spread the load across the hosts
|
||||
ports.each do |dport|
|
||||
hosts.each do |dhost|
|
||||
host_queue.each do |dhost|
|
||||
shost, sport = getsource(dhost)
|
||||
|
||||
self.capture.setfilter(getfilter(shost, sport, dhost, dport))
|
||||
|
@ -63,7 +65,10 @@ class Metasploit3 < Msf::Auxiliary
|
|||
begin
|
||||
probe = buildprobe(shost, sport, dhost, dport)
|
||||
|
||||
capture_sendto(probe, dhost)
|
||||
unless capture_sendto(probe, dhost)
|
||||
host_queue.delete(dhost)
|
||||
next
|
||||
end
|
||||
|
||||
reply = probereply(self.capture, to)
|
||||
|
||||
|
|
|
@ -55,9 +55,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
to = (datastore['TIMEOUT'] || 500).to_f / 1000.0
|
||||
|
||||
# we copy the hosts because some may not be reachable and need to be ejected
|
||||
host_queue = hosts.dup
|
||||
# Spread the load across the hosts
|
||||
ports.each do |dport|
|
||||
hosts.each do |dhost|
|
||||
host_queue.each do |dhost|
|
||||
shost, sport = getsource(dhost)
|
||||
|
||||
pcap.setfilter(getfilter(shost, sport, dhost, dport))
|
||||
|
@ -65,7 +67,10 @@ class Metasploit3 < Msf::Auxiliary
|
|||
begin
|
||||
probe = buildprobe(shost, sport, dhost, dport)
|
||||
|
||||
capture_sendto(probe, dhost)
|
||||
unless capture_sendto(probe, dhost)
|
||||
host_queue.delete(dhost)
|
||||
next
|
||||
end
|
||||
|
||||
reply = probereply(pcap, to)
|
||||
|
||||
|
|
|
@ -43,9 +43,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
pcap = self.capture
|
||||
|
||||
capture_sendto(build_tcp_syn(ip), ip)
|
||||
|
||||
capture_sendto(build_icmp(ip), ip)
|
||||
capture_sendto(build_tcp_syn(ip), ip) and capture_sendto(build_icmp(ip), ip)
|
||||
|
||||
close_pcap
|
||||
end
|
||||
|
|
|
@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
print_status("#{rhost}:#{rport} Sending crafted SMB packet from #{shost}...")
|
||||
|
||||
capture_sendto(p, rhost)
|
||||
return unless capture_sendto(p, rhost)
|
||||
|
||||
handler
|
||||
end
|
||||
|
|
|
@ -204,10 +204,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
p.payload = sploit
|
||||
p.recalc
|
||||
|
||||
capture_sendto(p, rhost)
|
||||
sent = capture_sendto(p, rhost)
|
||||
close_pcap
|
||||
|
||||
handler
|
||||
handler if sent
|
||||
else
|
||||
print_status("Sending malformed LWRES packet to #{rhost}")
|
||||
connect_udp
|
||||
|
|
|
@ -215,7 +215,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
while true
|
||||
break if session_created? and datastore['ExitOnSession']
|
||||
capture_sendto(p, rhost)
|
||||
break unless capture_sendto(p, rhost)
|
||||
select(nil,nil,nil,datastore['DELAY'])
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue