- Defined in:
The various check codes that can be returned from the “check'' routine. Please read the following wiki to learn how these codes are used: github.com/rapid7/metasploit-framework/wiki/How-to-write-a-check()-method
Constant Summary collapse
- Unknown =
Can't tell if the target is exploitable or not. This is recommended if the module fails to retrieve enough information from the target machine, such as due to a timeout.
[ 'unknown', "Cannot reliably check exploitability."]
- Safe =
The target is safe and is therefore not exploitable. This is recommended after the check fails to trigger the vulnerability, or even detect the service.
[ 'safe', "The target is not exploitable." ]
- Detected =
The target is running the service in question, but the check fails to determine whether the target is vulnerable or not.
[ 'detected', "The target service is running, but could not be validated." ]
- Appears =
The target appears to be vulnerable. This is recommended if the vulnerability is determined based on passive reconnaissance. For example: version, banner grabbing, or having the resource that's known to be vulnerable.
[ 'appears', "The target appears to be vulnerable." ]
- Vulnerable =
The target is vulnerable. Only used if the check is able to actually take advantage of the bug, and obtain hard evidence. For example: executing a command on the target machine, and retrieve the output.
[ 'vulnerable', "The target is vulnerable." ]
- Unsupported =
The module does not support the check method.
[ 'unsupported', "This module does not support check." ]