Class: Msf::Exploit::Remote
- Inherits:
-
Msf::Exploit
- Object
- Module
- Msf::Exploit
- Msf::Exploit::Remote
- Includes:
- AutoTarget
- Defined in:
- lib/msf/core/exploit/remote.rb,
lib/msf/core/exploit/remote/unirpc.rb,
lib/msf/core/exploit/remote/http/nifi.rb,
lib/msf/core/exploit/remote/http/gitea.rb,
lib/msf/core/exploit/remote/http/jboss.rb,
lib/msf/core/exploit/remote/http/typo3.rb,
lib/msf/core/exploit/remote/http/gitlab.rb,
lib/msf/core/exploit/remote/http/joomla.rb,
lib/msf/core/exploit/remote/http/moodle.rb,
lib/msf/core/exploit/remote/http/pihole.rb,
lib/msf/core/exploit/remote/http/splunk.rb,
lib/msf/core/exploit/remote/http/webmin.rb,
lib/msf/core/exploit/remote/http/jenkins.rb,
lib/msf/core/exploit/remote/http/exchange.rb,
lib/msf/core/exploit/remote/java/rmi/util.rb,
lib/msf/core/exploit/remote/http/nagios_xi.rb,
lib/msf/core/exploit/remote/http/wordpress.rb,
lib/msf/core/exploit/remote/http/sharepoint.rb,
lib/msf/core/exploit/remote/java/rmi/client.rb,
lib/msf/core/exploit/remote/kerberos/client.rb,
lib/msf/core/exploit/remote/kerberos/ticket.rb,
lib/msf/core/exploit/remote/http/apache_solr.rb,
lib/msf/core/exploit/remote/http/http_cookie.rb,
lib/msf/core/exploit/remote/java/rmi/builder.rb,
lib/msf/core/exploit/remote/http/flask_unsign.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx.rb,
lib/msf/core/exploit/remote/kerberos/client/pac.rb,
lib/msf/core/exploit/remote/http/http_cookie_jar.rb,
lib/msf/core/exploit/remote/kerberos/client/base.rb,
lib/msf/core/exploit/remote/http/kubernetes/error.rb,
lib/msf/core/exploit/remote/http/php_filter_chain.rb,
lib/msf/core/exploit/remote/http/kubernetes/client.rb,
lib/msf/core/exploit/remote/kerberos/client/pkinit.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server.rb,
lib/msf/core/exploit/remote/kerberos/client/ap_request.rb,
lib/msf/core/exploit/remote/kerberos/client/as_request.rb,
lib/msf/core/exploit/remote/kerberos/client/as_response.rb,
lib/msf/core/exploit/remote/kerberos/client/tgs_request.rb,
lib/msf/core/exploit/remote/kerberos/client/tgs_response.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/connection.rb,
lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/builder.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server/builder.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/connection/builder.rb
Overview
The remote exploit class is a specialization of the exploit module class that is geared toward exploits that are performed against targets other than the local machine. This typically implies exploiting other machines via a network connection, though it is not limited to this scope.
Defined Under Namespace
Modules: AFP, Arkeia, AuthOption, AutoCheck, BrowserAutopwn, BrowserAutopwn2, BrowserExploitServer, BrowserProfileManager, CheckModule, DB2, DCERPC, DCERPC_EPM, DCERPC_LSA, DCERPC_MGMT, DNS, Dialup, Expect, FirefoxAddonGenerator, FirefoxPrivilegeEscalation, Ftp, FtpServer, Gdb, HTTP, HttpClient, HttpServer, Imap, Ip, Ipv6, Java, JndiInjection, Kerberos, LDAP, Log4Shell, MSSQL, MSSQL_COMMANDS, MSSQL_SQLI, MYSQL, MsIcpr, MsLsad, MsLsat, MsSamr, MsWkst, NDMP, NDMPSocket, Nuuo, Pop2, Postgres, RDP, RealPort, SIP, SMB, SMTPDeliver, SNMPClient, SSH, Smtp, SocketServer, SunRPC, TNS, Tcp, TcpServer, Telnet, TincdExploitClient, Udp, Unirpc, VIMSoap, WDBRPC, WDBRPC_Client, Web, WinRM, ZeroMQ
Constant Summary
Constants inherited from Module
Module::REPLICANT_EXTENSION_DS_KEY
Constants included from Module::ModuleInfo
Module::ModuleInfo::UpdateableOptions
Instance Attribute Summary collapse
-
#sockets ⇒ Object
protected
The list of sockets established by this exploit.
Attributes inherited from Msf::Exploit
#active_timeout, #default_target, #fail_detail, #fail_reason, #needs_cleanup, #payload, #payload_info, #payload_instance, #session_count, #successful, #targets
Attributes inherited from Module
#error, #job_id, #license, #platform, #privileged, #references, #user_data
Attributes included from Framework::Offspring
Attributes included from Module::UUID
Attributes included from Rex::Ui::Subscriber::Input
Attributes included from Rex::Ui::Subscriber::Output
Attributes included from Module::Privileged
Attributes included from Module::Options
Attributes included from Module::ModuleStore
Attributes included from Module::ModuleInfo
Attributes included from Module::FullName
Attributes included from Module::DataStore
Attributes included from Module::Author
Attributes included from Module::Arch
Attributes included from Module::Alert
#alerts, #you_have_been_warned
Instance Method Summary collapse
-
#abort_sockets ⇒ Object
This method is called once a new session has been created on behalf of this exploit instance and all socket connections created by this exploit should be closed.
-
#add_socket(sock) ⇒ Object
Adds a socket to the list of sockets opened by this exploit.
-
#exploit_type ⇒ Object
Returns the fact that this exploit is a remote exploit.
-
#initialize(info) ⇒ Remote
constructor
Initializes the socket array.
-
#remove_socket(sock) ⇒ Object
Removes a socket from the list of sockets.
Methods included from AutoTarget
#auto_target?, #auto_target_host, #auto_targeted_index, #filter_by_os, #filter_by_os_family, #filter_by_os_name, #filter_by_os_sp, #select_target
Methods inherited from Msf::Exploit
#add_handler, #aggressive?, #autofilter, #autofilter_ports, #autofilter_services, #cleanup, #compatible_encoders, #compatible_payloads, #define_context_encoding_reqs, #encode_begin, #encode_end, #encode_shellcode_stub, #exploit, #fail_with, #generate_payload, #generate_single_payload, #handle_exception, #handler, #handler_bind?, #handler_enabled?, #has_auto_target?, #init_compat, #interrupt_handler, #is_payload_compatible?, #make_fast_nops, #make_nops, mixins, #nop_generator, #nop_save_registers, #normalize_platform_arch, #on_new_session, #passive?, #pattern_create, #payload_append, #payload_append_encoder, #payload_badchars, #payload_disable_nops, #payload_encoder, #payload_encoder_options, #payload_encoder_type, #payload_extended_options, #payload_max_nops, #payload_min_nops, #payload_nop, #payload_prepend, #payload_prepend_encoder, #payload_space, #rand_char, #rand_text, #rand_text_alpha, #rand_text_alpha_lower, #rand_text_alpha_upper, #rand_text_alphanumeric, #rand_text_debug, #rand_text_english, #rand_text_hex, #rand_text_highascii, #rand_text_numeric, #regenerate_payload, #register_autofilter_ports, #register_autofilter_services, #report_failure, #reset_session_counts, #session_created?, #setup, #setup_fail_detail_from_exception, #stack_adjustment, #stance, #target, #target_arch, #target_index, #target_platform, type, #type, #wfs_delay
Methods inherited from Module
#adapted_refname, #adapter_refname, #black_listed_auth_filenames, cached?, #debugging?, #default_cred?, #default_options, #fail_with, #file_path, #framework, #has_check?, #orig_cls, #owner, #perform_extensions, #platform?, #platform_to_s, #post_auth?, #register_extensions, #register_parent, #replicant, #required_cred_options, #set_defaults, #stage_refname, #stager_refname, #workspace
Methods included from Module::Reliability
#reliability, #reliability_to_s
Methods included from Module::Stability
Methods included from Module::SideEffects
#side_effects, #side_effects_to_s
Methods included from Module::UUID
Methods included from Module::UI
Methods included from Module::UI::Message
#print_error, #print_good, #print_prefix, #print_status, #print_warning
Methods included from Module::UI::Message::Verbose
#vprint_error, #vprint_good, #vprint_status, #vprint_warning
Methods included from Module::UI::Line
#print_line, #print_line_prefix
Methods included from Module::UI::Line::Verbose
Methods included from Rex::Ui::Subscriber
Methods included from Rex::Ui::Subscriber::Input
Methods included from Rex::Ui::Subscriber::Output
#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning
Methods included from Module::Type
#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?, #type
Methods included from Module::Ranking
Methods included from Module::Privileged
Methods included from Module::Options
#deregister_option_group, #deregister_options, #register_advanced_options, #register_evasion_options, #register_option_group, #register_options, #validate
Methods included from Module::Network
#comm, #support_ipv6?, #target_host, #target_port
Methods included from Module::ModuleStore
Methods included from Module::ModuleInfo
#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info
Methods included from Module::FullName
#aliases, #fullname, #promptname, #realname, #refname, #shortname
Methods included from Module::DataStore
#import_defaults, #import_target_defaults, #share_datastore
Methods included from Module::Compatibility
#compat, #compatible?, #init_compat
Methods included from Module::Author
Methods included from Module::Auth
Methods included from Module::Arch
#arch?, #arch_to_s, #each_arch
Methods included from Module::Alert
#add_alert, #add_error, #add_info, #add_warning, #alert_user, #errors, #get_alerts, included, #infos, #is_usable?, #warnings, #without_prompt
Constructor Details
#initialize(info) ⇒ Remote
Initializes the socket array.
16 17 18 19 20 |
# File 'lib/msf/core/exploit/remote.rb', line 16 def initialize(info) super self.sockets = Array.new end |
Instance Attribute Details
#sockets ⇒ Object (protected)
The list of sockets established by this exploit.
64 65 66 |
# File 'lib/msf/core/exploit/remote.rb', line 64 def sockets @sockets end |
Instance Method Details
#abort_sockets ⇒ Object
This method is called once a new session has been created on behalf of this exploit instance and all socket connections created by this exploit should be closed.
48 49 50 51 52 53 54 55 56 57 |
# File 'lib/msf/core/exploit/remote.rb', line 48 def abort_sockets sockets.delete_if { |sock| begin sock.close rescue ::Exception end true } end |
#add_socket(sock) ⇒ Object
Adds a socket to the list of sockets opened by this exploit.
32 33 34 |
# File 'lib/msf/core/exploit/remote.rb', line 32 def add_socket(sock) self.sockets << sock end |
#exploit_type ⇒ Object
Returns the fact that this exploit is a remote exploit.
25 26 27 |
# File 'lib/msf/core/exploit/remote.rb', line 25 def exploit_type Exploit::Type::Remote end |
#remove_socket(sock) ⇒ Object
Removes a socket from the list of sockets.
39 40 41 |
# File 'lib/msf/core/exploit/remote.rb', line 39 def remove_socket(sock) self.sockets.delete(sock) end |