Exclude multi from automatic PAYLOAD selection
This commit is contained in:
parent
56fe6dea63
commit
b28d9517bc
|
@ -118,15 +118,16 @@ module Msf
|
|||
|
||||
# Returns a list of compatible payloads based on platform, architecture,
|
||||
# and size requirements.
|
||||
def compatible_payloads
|
||||
def compatible_payloads(excluded_platforms: [], excluded_archs: [])
|
||||
payloads = []
|
||||
|
||||
c_platform, c_arch = normalize_platform_arch
|
||||
|
||||
# The "All" platform name represents generic payloads
|
||||
results = Msf::Modules::Metadata::Cache.instance.find(
|
||||
'type' => [['payload'], []],
|
||||
'platform' => [[*c_platform.names, 'All'], []], # "All" for generic
|
||||
'arch' => [c_arch, []]
|
||||
'platform' => [[*c_platform.names, 'All'], excluded_platforms],
|
||||
'arch' => [c_arch, excluded_archs]
|
||||
)
|
||||
|
||||
results.each do |res|
|
||||
|
|
|
@ -814,19 +814,18 @@ class Exploit < Msf::Module
|
|||
return true
|
||||
end
|
||||
|
||||
#
|
||||
# Returns a list of compatible payloads based on platform, architecture,
|
||||
# and size requirements.
|
||||
#
|
||||
def compatible_payloads
|
||||
def compatible_payloads(excluded_platforms: [], excluded_archs: [])
|
||||
payloads = []
|
||||
|
||||
c_platform, c_arch = normalize_platform_arch
|
||||
|
||||
# The "All" platform name represents generic payloads
|
||||
results = Msf::Modules::Metadata::Cache.instance.find(
|
||||
'type' => [['payload'], []],
|
||||
'platform' => [[*c_platform.names, 'All'], []], # "All" for generic
|
||||
'arch' => [c_arch, []]
|
||||
'platform' => [[*c_platform.names, 'All'], excluded_platforms],
|
||||
'arch' => [c_arch, excluded_archs]
|
||||
)
|
||||
|
||||
results.each do |res|
|
||||
|
|
|
@ -290,17 +290,23 @@ class Exploit
|
|||
# Select a reasonable default payload and minimally configure it
|
||||
# TODO: Move this somewhere better or make it more dynamic?
|
||||
def self.choose_payload(mod)
|
||||
compatible_payloads = mod.compatible_payloads.map(&:first)
|
||||
compatible_payloads = mod.compatible_payloads(
|
||||
excluded_platforms: ['Multi'] # We don't want to select a multi payload
|
||||
).map(&:first)
|
||||
|
||||
# XXX: This approach is subpar, but at least this list has been reevaluated
|
||||
preferred_payloads = %w[
|
||||
meterpreter/reverse_https
|
||||
meterpreter/reverse_http
|
||||
meterpreter/reverse_tcp
|
||||
shell_reverse_tcp
|
||||
shell/reverse_tcp
|
||||
generic/shell_reverse_tcp
|
||||
generic/shell_bind_tcp
|
||||
# If there is only one compatible payload, return it immediately
|
||||
return compatible_payloads.first if compatible_payloads.length == 1
|
||||
|
||||
# XXX: This approach is subpar, and payloads should really be ranked!
|
||||
preferred_payloads = [
|
||||
# These payloads are generally reliable and common enough in practice
|
||||
'/meterpreter/reverse_tcp',
|
||||
'/shell/reverse_tcp',
|
||||
'cmd/unix/reverse_netcat',
|
||||
'cmd/windows/powershell_reverse_tcp',
|
||||
# Fall back on a generic payload to autoselect a specific payload
|
||||
'generic/shell_reverse_tcp',
|
||||
'generic/shell_bind_tcp'
|
||||
]
|
||||
|
||||
# XXX: Determine LHOST based on RHOST or an arbitrary internet address
|
||||
|
|
|
@ -769,13 +769,11 @@ module Msf
|
|||
end
|
||||
|
||||
# Choose a default payload when the module is used, not run
|
||||
if mod.datastore['PAYLOAD'].nil? && dispatcher.respond_to?(:choose_payload)
|
||||
if mod.datastore['PAYLOAD']
|
||||
print_status("Using configured payload #{mod.datastore['PAYLOAD']}")
|
||||
elsif dispatcher.respond_to?(:choose_payload)
|
||||
chosen_payload = dispatcher.choose_payload(mod)
|
||||
|
||||
# XXX: No vprint_status in this context
|
||||
if framework.datastore['VERBOSE'].to_s == 'true' && chosen_payload
|
||||
print_status("No payload configured, defaulting to #{chosen_payload}")
|
||||
end
|
||||
print_status("No payload configured, defaulting to #{chosen_payload}") if chosen_payload
|
||||
end
|
||||
|
||||
mod.init_ui(driver.input, driver.output)
|
||||
|
|
|
@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'Arch' => ARCH_ALL,
|
||||
'Targets' => [ [ 'Wildcard Target', {} ] ],
|
||||
'DefaultTarget' => 0,
|
||||
'DefaultOptions' => { 'PAYLOAD' => 'generic/shell_reverse_tcp' }
|
||||
)
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in New Issue