Class: Msf::Exploit::CheckCode

Inherits:

Struct

• Object
• Struct
• Msf::Exploit::CheckCode

Defined in:

lib/msf/core/exploit.rb

Overview

The various check codes that can be returned from the “check” routine. Please read the following wiki to learn how these codes are used: docs.metasploit.com/docs/development/developing-modules/guides/how-to-write-a-check-method.html

Constant Summary

Unknown =

Can’t tell if the target is exploitable or not. This is recommended if the module fails to retrieve enough information from the target machine, such as due to a timeout.

self.Unknown()

Safe =

The target is safe and is therefore not exploitable. This is recommended after the check fails to trigger the vulnerability, or even detect the service.

self.Safe()

Detected =

The target is running the service in question, but the check fails to determine whether the target is vulnerable or not.

self.Detected()

Appears =

The target appears to be vulnerable. This is recommended if the vulnerability is determined based on passive reconnaissance. For example: version, banner grabbing, or having the resource that’s known to be vulnerable.

self.Appears()

Vulnerable =

The target is vulnerable. Only used if the check is able to actually take advantage of the bug, and obtain hard evidence. For example: executing a command on the target machine, and retrieve the output.

self.Vulnerable()

Unsupported =

The module does not support the check method.

self.Unsupported()

Instance Attribute Summary

• #code ⇒ Object

  Returns the value of attribute code.

• #details ⇒ Object

  Returns the value of attribute details.

• #message ⇒ Object

  Returns the value of attribute message.

• #reason ⇒ Object

  Returns the value of attribute reason.

Class Method Summary

• .Appears(reason = nil, details: {}) ⇒ Object
• .Detected(reason = nil, details: {}) ⇒ Object
• .Safe(reason = nil, details: {}) ⇒ Object
• .Unknown(reason = nil, details: {}) ⇒ Object
• .Unsupported(reason = nil, details: {}) ⇒ Object
• .Vulnerable(reason = nil, details: {}) ⇒ Object

Instance Method Summary

• #==(other) ⇒ Object

  Deprecated, should use #===.

• #===(other) ⇒ Object

  Checks to see whether the other object is also a CheckCode and if so, whether it shares the same code as this one.

• #initialize(code, reason, details: {}) ⇒ CheckCode constructor

  A new instance of CheckCode.

Constructor Details

#initialize(code, reason, details: {}) ⇒ CheckCode

Returns a new instance of CheckCode.

# File 'lib/msf/core/exploit.rb', line 103

def initialize(code, reason, details: {})
  msg = case code
    when 'unknown';     'Cannot reliably check exploitability.'
    when 'safe';        'The target is not exploitable.'
    when 'detected';    'The service is running, but could not be validated.'
    when 'appears';     'The target appears to be vulnerable.'
    when 'vulnerable';  'The target is vulnerable.'
    when 'unsupported'; 'This module does not support check.'
    else
      ''
  end
  super(code, "#{msg} #{reason}".strip, reason, details)
end

Instance Attribute Details

#code ⇒ Object

Returns the value of attribute code

Returns:

• (Object) —

  the current value of code

# File 'lib/msf/core/exploit.rb', line 52

def code
  @code
end

#details ⇒ Object

Returns the value of attribute details

Returns:

• (Object) —

  the current value of details

# File 'lib/msf/core/exploit.rb', line 52

def details
  @details
end

#message ⇒ Object

Returns the value of attribute message

Returns:

• (Object) —

  the current value of message

# File 'lib/msf/core/exploit.rb', line 52

def message
  @message
end

#reason ⇒ Object

Returns the value of attribute reason

Returns:

• (Object) —

  the current value of reason

# File 'lib/msf/core/exploit.rb', line 52

def reason
  @reason
end

Class Method Details

.Appears(reason = nil, details: {}) ⇒ Object

# File 'lib/msf/core/exploit.rb', line 76

def Appears(reason = nil, details: {})
  self.new('appears', reason, details: details)
end

.Detected(reason = nil, details: {}) ⇒ Object

# File 'lib/msf/core/exploit.rb', line 72

def Detected(reason = nil, details: {})
  self.new('detected', reason, details: details)
end

.Safe(reason = nil, details: {}) ⇒ Object

# File 'lib/msf/core/exploit.rb', line 68

def Safe(reason = nil, details: {})
  self.new('safe', reason, details: details)
end

.Unknown(reason = nil, details: {}) ⇒ Object

# File 'lib/msf/core/exploit.rb', line 64

def Unknown(reason = nil, details: {})
  self.new('unknown', reason, details: details)
end

.Unsupported(reason = nil, details: {}) ⇒ Object

# File 'lib/msf/core/exploit.rb', line 84

def Unsupported(reason = nil, details: {})
  self.new('unsupported', reason, details: details)
end

.Vulnerable(reason = nil, details: {}) ⇒ Object

# File 'lib/msf/core/exploit.rb', line 80

def Vulnerable(reason = nil, details: {})
  self.new('vulnerable', reason, details: details)
end

Instance Method Details

#==(other) ⇒ Object

Deprecated, should use #===

If you need to determine whether a CheckCode has the same code and message as another one, Struct#eql? is the way to go.

# File 'lib/msf/core/exploit.rb', line 93

def ==(other)
  self === other
end

#===(other) ⇒ Object

Checks to see whether the other object is also a Msf::Exploit::CheckCode and if so, whether it shares the same code as this one.

# File 'lib/msf/core/exploit.rb', line 99

def ===(other)
  other.is_a?(self.class) && self.code == other.code
end