dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixes for some socket association stuff 

git-svn-id: file:///home/svn/incoming/trunk@3233 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
Matt Miller 2005-12-15 04:46:52 +00:00
parent 6d087fe0f3
commit 410770bae6
4 changed files with 56 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/msf/core/exploit.rb
View File

@ -166,6 +166,20 @@ class Exploit < Msf::Module
Exploit::Type::Remote Exploit::Type::Remote
end end
#
# Adds a socket to the list of sockets opened by this exploit.
#
def add_socket(sock)
self.sockets << sock
end
#
# Removes a socket from the list of sockets.
#
def remove_socket(sock)
self.sockets.delete(sock)
end
# #
# This method is called once a new session has been created on behalf of # This method is called once a new session has been created on behalf of
# this exploit instance and all socket connections created by this # this exploit instance and all socket connections created by this

3
lib/msf/core/exploit/dcerpc.rb
View File

@ -42,6 +42,8 @@ module Exploit::Remote::DCERPC
end end
def dcerpc_bind (h) def dcerpc_bind (h)
opts = { 'Msf' => framework, 'MsfExploit' => self }
if datastore['DCERPCFragSize'] if datastore['DCERPCFragSize']
opts['frag_size'] = datastore['DCERPCFragSize'] opts['frag_size'] = datastore['DCERPCFragSize']
end end
@ -51,6 +53,7 @@ module Exploit::Remote::DCERPC
end end
self.dcerpc = Rex::Proto::DCERPC::Client.new(h, dcerpc_socket(), opts) self.dcerpc = Rex::Proto::DCERPC::Client.new(h, dcerpc_socket(), opts)
if self.handle.protocol == 'ncacn_np' if self.handle.protocol == 'ncacn_np'
self.simple = self.dcerpc.smb # expose the simple client if we have access to it self.simple = self.dcerpc.smb # expose the simple client if we have access to it
end end

10
lib/rex/proto/dcerpc/client.rb
View File

@ -64,21 +64,25 @@ require 'rex/proto/smb/exceptions'
# Create the appropriate socket based on protocol # Create the appropriate socket based on protocol
def socket_setup() def socket_setup()
ctx = { 'Msf' => options['Msf'], 'MsfExploit' => options['MsfExploit'] }
self.socket = case self.handle.protocol self.socket = case self.handle.protocol
when 'ncacn_ip_tcp' then Rex::Socket.create_tcp('PeerHost' => self.handle.address, 'PeerPort' => self.handle.options[0]) when 'ncacn_ip_tcp' then Rex::Socket.create_tcp('PeerHost' => self.handle.address, 'PeerPort' => self.handle.options[0], 'Context' => ctx)
when 'ncacn_np' then begin when 'ncacn_np' then begin
socket = '' socket = ''
begin begin
timeout(10) { timeout(10) {
socket = Rex::Socket.create_tcp('PeerHost' => self.handle.address, 'PeerPort' => 445) socket = Rex::Socket.create_tcp('PeerHost' => self.handle.address, 'PeerPort' => 445, 'Context' => ctx)
} }
rescue Timeout::Error, Rex::ConnectionRefused rescue Timeout::Error, Rex::ConnectionRefused
socket = Rex::Socket.create_tcp('PeerHost' => self.handle.address, 'PeerPort' => 139) socket = Rex::Socket.create_tcp('PeerHost' => self.handle.address, 'PeerPort' => 139, 'Context' => ctx)
end end
socket socket
end end
else nil else nil
end end
# Add this socket to the exploit's list of open sockets
options['MsfExploit'].add_socket(self.socket) if (options['MsfExploit'])
end end
def smb_connect() def smb_connect()

1
modules/exploits/windows/dcerpc/ms03_026_dcom.rb
View File

@ -180,7 +180,6 @@ class Exploits::Windows::Dcerpc::MS03_026_DCOM < Msf::Exploit::Remote
begin begin
dcerpc_call(0, stubdata) dcerpc_call(0, stubdata)
rescue Rex::Proto::DCERPC::Exceptions::NoResponse rescue Rex::Proto::DCERPC::Exceptions::NoResponse
print_status('server did not respond, but we do not expect it to.')
end end
handler handler