Class: Msf::Exploit::Remote

Inherits:
Msf::Exploit show all
Includes:
AutoTarget
Defined in:
lib/msf/core/exploit/remote.rb,
lib/msf/core/exploit/remote/unirpc.rb,
lib/msf/core/exploit/remote/http/nifi.rb,
lib/msf/core/exploit/remote/http/gitea.rb,
lib/msf/core/exploit/remote/http/jboss.rb,
lib/msf/core/exploit/remote/http/typo3.rb,
lib/msf/core/exploit/remote/http/gitlab.rb,
lib/msf/core/exploit/remote/http/joomla.rb,
lib/msf/core/exploit/remote/http/moodle.rb,
lib/msf/core/exploit/remote/http/pihole.rb,
lib/msf/core/exploit/remote/http/splunk.rb,
lib/msf/core/exploit/remote/http/webmin.rb,
lib/msf/core/exploit/remote/http/jenkins.rb,
lib/msf/core/exploit/remote/http/exchange.rb,
lib/msf/core/exploit/remote/java/rmi/util.rb,
lib/msf/core/exploit/remote/http/nagios_xi.rb,
lib/msf/core/exploit/remote/http/wordpress.rb,
lib/msf/core/exploit/remote/http/sharepoint.rb,
lib/msf/core/exploit/remote/java/rmi/client.rb,
lib/msf/core/exploit/remote/kerberos/client.rb,
lib/msf/core/exploit/remote/kerberos/ticket.rb,
lib/msf/core/exploit/remote/http/apache_solr.rb,
lib/msf/core/exploit/remote/http/http_cookie.rb,
lib/msf/core/exploit/remote/java/rmi/builder.rb,
lib/msf/core/exploit/remote/http/flask_unsign.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx.rb,
lib/msf/core/exploit/remote/kerberos/client/pac.rb,
lib/msf/core/exploit/remote/http/http_cookie_jar.rb,
lib/msf/core/exploit/remote/kerberos/client/base.rb,
lib/msf/core/exploit/remote/http/kubernetes/error.rb,
lib/msf/core/exploit/remote/http/php_filter_chain.rb,
lib/msf/core/exploit/remote/http/kubernetes/client.rb,
lib/msf/core/exploit/remote/kerberos/client/pkinit.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server.rb,
lib/msf/core/exploit/remote/kerberos/client/ap_request.rb,
lib/msf/core/exploit/remote/kerberos/client/as_request.rb,
lib/msf/core/exploit/remote/kerberos/client/as_response.rb,
lib/msf/core/exploit/remote/kerberos/client/tgs_request.rb,
lib/msf/core/exploit/remote/kerberos/client/tgs_response.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/connection.rb,
lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/builder.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server/builder.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/connection/builder.rb

Overview

The remote exploit class is a specialization of the exploit module class that is geared toward exploits that are performed against targets other than the local machine. This typically implies exploiting other machines via a network connection, though it is not limited to this scope.

Defined Under Namespace

Modules: AFP, Arkeia, AuthOption, AutoCheck, BrowserAutopwn, BrowserAutopwn2, BrowserExploitServer, BrowserProfileManager, CheckModule, DB2, DCERPC, DCERPC_EPM, DCERPC_LSA, DCERPC_MGMT, DNS, Dialup, Expect, FirefoxAddonGenerator, FirefoxPrivilegeEscalation, Ftp, FtpServer, Gdb, HTTP, HttpClient, HttpServer, Imap, Ip, Ipv6, Java, JndiInjection, Kerberos, LDAP, Log4Shell, MSSQL, MSSQL_COMMANDS, MSSQL_SQLI, MYSQL, MsIcpr, MsLsad, MsLsat, MsSamr, MsWkst, NDMP, NDMPSocket, Nuuo, Pop2, Postgres, RDP, RealPort, SIP, SMB, SMTPDeliver, SNMPClient, SSH, Smtp, SocketServer, SunRPC, TNS, Tcp, TcpServer, Telnet, TincdExploitClient, Udp, Unirpc, VIMSoap, WDBRPC, WDBRPC_Client, Web, WinRM, ZeroMQ

Constant Summary

Constants inherited from Module

Module::REPLICANT_EXTENSION_DS_KEY

Constants included from Module::ModuleInfo

Module::ModuleInfo::UpdateableOptions

Instance Attribute Summary collapse

Attributes inherited from Msf::Exploit

#active_timeout, #default_target, #fail_detail, #fail_reason, #needs_cleanup, #payload, #payload_info, #payload_instance, #session_count, #successful, #targets

Attributes inherited from Module

#error, #job_id, #license, #platform, #privileged, #references, #user_data

Attributes included from Framework::Offspring

#framework

Attributes included from Module::UUID

#uuid

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Module::Privileged

#priveli, #privileged

Attributes included from Module::Options

#options

Attributes included from Module::ModuleStore

#module_store

Attributes included from Module::ModuleInfo

#module_info

Attributes included from Module::FullName

#aliased_as

Attributes included from Module::DataStore

#datastore

Attributes included from Module::Author

#author

Attributes included from Module::Arch

#arch

Attributes included from Module::Alert

#alerts, #you_have_been_warned

Instance Method Summary collapse

Methods included from AutoTarget

#auto_target?, #auto_target_host, #auto_targeted_index, #filter_by_os, #filter_by_os_family, #filter_by_os_name, #filter_by_os_sp, #select_target

Methods inherited from Msf::Exploit

#add_handler, #aggressive?, #autofilter, #autofilter_ports, #autofilter_services, #cleanup, #compatible_encoders, #compatible_payloads, #define_context_encoding_reqs, #encode_begin, #encode_end, #encode_shellcode_stub, #exploit, #fail_with, #generate_payload, #generate_single_payload, #handle_exception, #handler, #handler_bind?, #handler_enabled?, #has_auto_target?, #init_compat, #interrupt_handler, #is_payload_compatible?, #make_fast_nops, #make_nops, mixins, #nop_generator, #nop_save_registers, #normalize_platform_arch, #on_new_session, #passive?, #pattern_create, #payload_append, #payload_append_encoder, #payload_badchars, #payload_disable_nops, #payload_encoder, #payload_encoder_options, #payload_encoder_type, #payload_extended_options, #payload_max_nops, #payload_min_nops, #payload_nop, #payload_prepend, #payload_prepend_encoder, #payload_space, #rand_char, #rand_text, #rand_text_alpha, #rand_text_alpha_lower, #rand_text_alpha_upper, #rand_text_alphanumeric, #rand_text_debug, #rand_text_english, #rand_text_hex, #rand_text_highascii, #rand_text_numeric, #regenerate_payload, #register_autofilter_ports, #register_autofilter_services, #report_failure, #reset_session_counts, #session_created?, #setup, #setup_fail_detail_from_exception, #stack_adjustment, #stance, #target, #target_arch, #target_index, #target_platform, type, #type, #wfs_delay

Methods inherited from Module

#adapted_refname, #adapter_refname, #black_listed_auth_filenames, cached?, #debugging?, #default_cred?, #default_options, #fail_with, #file_path, #framework, #has_check?, #orig_cls, #owner, #perform_extensions, #platform?, #platform_to_s, #post_auth?, #register_extensions, #register_parent, #replicant, #required_cred_options, #set_defaults, #stage_refname, #stager_refname, #workspace

Methods included from Module::Reliability

#reliability, #reliability_to_s

Methods included from Module::Stability

#stability, #stability_to_s

Methods included from Module::SideEffects

#side_effects, #side_effects_to_s

Methods included from Module::UUID

#generate_uuid

Methods included from Module::UI

#init_ui

Methods included from Module::UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from Module::UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from Module::UI::Line

#print_line, #print_line_prefix

Methods included from Module::UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Module::Type

#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?, #type

Methods included from Module::Ranking

#rank, #rank_to_h, #rank_to_s

Methods included from Module::Privileged

#privileged?

Methods included from Module::Options

#deregister_option_group, #deregister_options, #register_advanced_options, #register_evasion_options, #register_option_group, #register_options, #validate

Methods included from Module::Network

#comm, #support_ipv6?, #target_host, #target_port

Methods included from Module::ModuleStore

#[], #[]=

Methods included from Module::ModuleInfo

#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info

Methods included from Module::FullName

#aliases, #fullname, #promptname, #realname, #refname, #shortname

Methods included from Module::DataStore

#import_defaults, #import_target_defaults, #share_datastore

Methods included from Module::Compatibility

#compat, #compatible?, #init_compat

Methods included from Module::Author

#author_to_s, #each_author

Methods included from Module::Auth

#store_valid_credential

Methods included from Module::Arch

#arch?, #arch_to_s, #each_arch

Methods included from Module::Alert

#add_alert, #add_error, #add_info, #add_warning, #alert_user, #errors, #get_alerts, included, #infos, #is_usable?, #warnings, #without_prompt

Constructor Details

#initialize(info) ⇒ Remote

Initializes the socket array.



16
17
18
19
20
# File 'lib/msf/core/exploit/remote.rb', line 16

def initialize(info)
  super

  self.sockets = Array.new
end

Instance Attribute Details

#socketsObject (protected)

The list of sockets established by this exploit.



64
65
66
# File 'lib/msf/core/exploit/remote.rb', line 64

def sockets
  @sockets
end

Instance Method Details

#abort_socketsObject

This method is called once a new session has been created on behalf of this exploit instance and all socket connections created by this exploit should be closed.



48
49
50
51
52
53
54
55
56
57
# File 'lib/msf/core/exploit/remote.rb', line 48

def abort_sockets
  sockets.delete_if { |sock|

    begin
      sock.close
    rescue ::Exception
    end
    true
  }
end

#add_socket(sock) ⇒ Object

Adds a socket to the list of sockets opened by this exploit.



32
33
34
# File 'lib/msf/core/exploit/remote.rb', line 32

def add_socket(sock)
  self.sockets << sock
end

#exploit_typeObject

Returns the fact that this exploit is a remote exploit.



25
26
27
# File 'lib/msf/core/exploit/remote.rb', line 25

def exploit_type
  Exploit::Type::Remote
end

#remove_socket(sock) ⇒ Object

Removes a socket from the list of sockets.



39
40
41
# File 'lib/msf/core/exploit/remote.rb', line 39

def remove_socket(sock)
  self.sockets.delete(sock)
end