Class: Msf::Exploit::CheckCode

Inherits:
Struct
  • Object
show all
Defined in:
lib/msf/core/exploit.rb

Overview

The various check codes that can be returned from the “check” routine. Please read the following wiki to learn how these codes are used: docs.metasploit.com/docs/development/developing-modules/guides/how-to-write-a-check-method.html

Constant Summary collapse

Unknown =

Can’t tell if the target is exploitable or not. This is recommended if the module fails to retrieve enough information from the target machine, such as due to a timeout.

self.Unknown()
Safe =

The target is safe and is therefore not exploitable. This is recommended after the check fails to trigger the vulnerability, or even detect the service.

self.Safe()
Detected =

The target is running the service in question, but the check fails to determine whether the target is vulnerable or not.

self.Detected()
Appears =

The target appears to be vulnerable. This is recommended if the vulnerability is determined based on passive reconnaissance. For example: version, banner grabbing, or having the resource that’s known to be vulnerable.

self.Appears()
Vulnerable =

The target is vulnerable. Only used if the check is able to actually take advantage of the bug, and obtain hard evidence. For example: executing a command on the target machine, and retrieve the output.

self.Vulnerable()
Unsupported =

The module does not support the check method.

self.Unsupported()

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(code, reason, details: {}) ⇒ CheckCode

Returns a new instance of CheckCode.



103
104
105
106
107
108
109
110
111
112
113
114
115
# File 'lib/msf/core/exploit.rb', line 103

def initialize(code, reason, details: {})
  msg = case code
    when 'unknown';     'Cannot reliably check exploitability.'
    when 'safe';        'The target is not exploitable.'
    when 'detected';    'The service is running, but could not be validated.'
    when 'appears';     'The target appears to be vulnerable.'
    when 'vulnerable';  'The target is vulnerable.'
    when 'unsupported'; 'This module does not support check.'
    else
      ''
  end
  super(code, "#{msg} #{reason}".strip, reason, details)
end

Instance Attribute Details

#codeObject

Returns the value of attribute code

Returns:

  • (Object)

    the current value of code



52
53
54
# File 'lib/msf/core/exploit.rb', line 52

def code
  @code
end

#detailsObject

Returns the value of attribute details

Returns:

  • (Object)

    the current value of details



52
53
54
# File 'lib/msf/core/exploit.rb', line 52

def details
  @details
end

#messageObject

Returns the value of attribute message

Returns:

  • (Object)

    the current value of message



52
53
54
# File 'lib/msf/core/exploit.rb', line 52

def message
  @message
end

#reasonObject

Returns the value of attribute reason

Returns:

  • (Object)

    the current value of reason



52
53
54
# File 'lib/msf/core/exploit.rb', line 52

def reason
  @reason
end

Class Method Details

.Appears(reason = nil, details: {}) ⇒ Object



76
77
78
# File 'lib/msf/core/exploit.rb', line 76

def Appears(reason = nil, details: {})
  self.new('appears', reason, details: details)
end

.Detected(reason = nil, details: {}) ⇒ Object



72
73
74
# File 'lib/msf/core/exploit.rb', line 72

def Detected(reason = nil, details: {})
  self.new('detected', reason, details: details)
end

.Safe(reason = nil, details: {}) ⇒ Object



68
69
70
# File 'lib/msf/core/exploit.rb', line 68

def Safe(reason = nil, details: {})
  self.new('safe', reason, details: details)
end

.Unknown(reason = nil, details: {}) ⇒ Object



64
65
66
# File 'lib/msf/core/exploit.rb', line 64

def Unknown(reason = nil, details: {})
  self.new('unknown', reason, details: details)
end

.Unsupported(reason = nil, details: {}) ⇒ Object



84
85
86
# File 'lib/msf/core/exploit.rb', line 84

def Unsupported(reason = nil, details: {})
  self.new('unsupported', reason, details: details)
end

.Vulnerable(reason = nil, details: {}) ⇒ Object



80
81
82
# File 'lib/msf/core/exploit.rb', line 80

def Vulnerable(reason = nil, details: {})
  self.new('vulnerable', reason, details: details)
end

Instance Method Details

#==(other) ⇒ Object

Deprecated, should use #===

If you need to determine whether a CheckCode has the same code and message as another one, Struct#eql? is the way to go.



93
94
95
# File 'lib/msf/core/exploit.rb', line 93

def ==(other)
  self === other
end

#===(other) ⇒ Object

Checks to see whether the other object is also a Msf::Exploit::CheckCode and if so, whether it shares the same code as this one.



99
100
101
# File 'lib/msf/core/exploit.rb', line 99

def ===(other)
  other.is_a?(self.class) && self.code == other.code
end