Class: Msf::Exploit::CheckCode

Inherits:
Struct
  • Object
show all
Defined in:
lib/msf/core/exploit.rb

Overview

The various check codes that can be returned from the “check'' routine. Please read the following wiki to learn how these codes are used: github.com/rapid7/metasploit-framework/wiki/How-to-write-a-check()-method

Constant Summary collapse

Unknown =

Can't tell if the target is exploitable or not. This is recommended if the module fails to retrieve enough information from the target machine, such as due to a timeout.

self.Unknown()
Safe =

The target is safe and is therefore not exploitable. This is recommended after the check fails to trigger the vulnerability, or even detect the service.

self.Safe()
Detected =

The target is running the service in question, but the check fails to determine whether the target is vulnerable or not.

self.Detected()
Appears =

The target appears to be vulnerable. This is recommended if the vulnerability is determined based on passive reconnaissance. For example: version, banner grabbing, or having the resource that's known to be vulnerable.

self.Appears()
Vulnerable =

The target is vulnerable. Only used if the check is able to actually take advantage of the bug, and obtain hard evidence. For example: executing a command on the target machine, and retrieve the output.

self.Vulnerable()
Unsupported =

The module does not support the check method.

self.Unsupported()

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(code, reason) ⇒ CheckCode

Returns a new instance of CheckCode.


123
124
125
126
127
128
129
130
131
132
133
134
135
# File 'lib/msf/core/exploit.rb', line 123

def initialize(code, reason)
  msg = case code
    when 'unknown';     'Cannot reliably check exploitability.'
    when 'safe';        'The target is not exploitable.'
    when 'detected';    'The service is running, but could not be validated.'
    when 'appears';     'The target appears to be vulnerable.'
    when 'vulnerable';  'The target is vulnerable.'
    when 'unsupported'; 'This module does not support check.'
    else
      ''
  end
  super(code, "#{msg} #{reason}".strip, reason)
end

Instance Attribute Details

#codeObject

Returns the value of attribute code

Returns:

  • (Object)

    the current value of code


72
73
74
# File 'lib/msf/core/exploit.rb', line 72

def code
  @code
end

#messageObject

Returns the value of attribute message

Returns:

  • (Object)

    the current value of message


72
73
74
# File 'lib/msf/core/exploit.rb', line 72

def message
  @message
end

#reasonObject

Returns the value of attribute reason

Returns:

  • (Object)

    the current value of reason


72
73
74
# File 'lib/msf/core/exploit.rb', line 72

def reason
  @reason
end

Class Method Details

.Appears(reason = nil) ⇒ Object


96
97
98
# File 'lib/msf/core/exploit.rb', line 96

def Appears(reason = nil)
  self.new('appears', reason)
end

.Detected(reason = nil) ⇒ Object


92
93
94
# File 'lib/msf/core/exploit.rb', line 92

def Detected(reason = nil)
  self.new('detected', reason)
end

.Safe(reason = nil) ⇒ Object


88
89
90
# File 'lib/msf/core/exploit.rb', line 88

def Safe(reason = nil)
  self.new('safe', reason)
end

.Unknown(reason = nil) ⇒ Object


84
85
86
# File 'lib/msf/core/exploit.rb', line 84

def Unknown(reason = nil)
  self.new('unknown', reason)
end

.Unsupported(reason = nil) ⇒ Object


104
105
106
# File 'lib/msf/core/exploit.rb', line 104

def Unsupported(reason = nil)
  self.new('unsupported', reason)
end

.Vulnerable(reason = nil) ⇒ Object


100
101
102
# File 'lib/msf/core/exploit.rb', line 100

def Vulnerable(reason = nil)
  self.new('vulnerable', reason)
end

Instance Method Details

#==(other) ⇒ Object

Deprecated, should use #===

If you need to determine whether a CheckCode has the same code and message as another one, Struct#eql? is the way to go.


113
114
115
# File 'lib/msf/core/exploit.rb', line 113

def ==(other)
  self === other
end

#===(other) ⇒ Object

Checks to see whether the other object is also a Msf::Exploit::CheckCode and if so, whether it shares the same code as this one.


119
120
121
# File 'lib/msf/core/exploit.rb', line 119

def ===(other)
  other.is_a?(self.class) && self.code == other.code
end