Class: Msf::Exploit::Remote

Inherits:

Msf::Exploit

• Object
• Module
• Msf::Exploit
• Msf::Exploit::Remote

Includes:

AutoTarget

Defined in:

lib/msf/core/exploit/remote.rb,
lib/msf/core/exploit/remote/unirpc.rb,
lib/msf/core/exploit/remote/http/nifi.rb,
lib/msf/core/exploit/remote/http/gitea.rb,
lib/msf/core/exploit/remote/http/jboss.rb,
lib/msf/core/exploit/remote/http/typo3.rb,
lib/msf/core/exploit/remote/http/gitlab.rb,
lib/msf/core/exploit/remote/http/joomla.rb,
lib/msf/core/exploit/remote/http/moodle.rb,
lib/msf/core/exploit/remote/http/pihole.rb,
lib/msf/core/exploit/remote/http/splunk.rb,
lib/msf/core/exploit/remote/http/webmin.rb,
lib/msf/core/exploit/remote/http/jenkins.rb,
lib/msf/core/exploit/remote/http/exchange.rb,
lib/msf/core/exploit/remote/java/rmi/util.rb,
lib/msf/core/exploit/remote/http/nagios_xi.rb,
lib/msf/core/exploit/remote/http/wordpress.rb,
lib/msf/core/exploit/remote/http/sharepoint.rb,
lib/msf/core/exploit/remote/java/rmi/client.rb,
lib/msf/core/exploit/remote/kerberos/client.rb,
lib/msf/core/exploit/remote/kerberos/ticket.rb,
lib/msf/core/exploit/remote/http/apache_solr.rb,
lib/msf/core/exploit/remote/http/http_cookie.rb,
lib/msf/core/exploit/remote/java/rmi/builder.rb,
lib/msf/core/exploit/remote/http/flask_unsign.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx.rb,
lib/msf/core/exploit/remote/kerberos/client/pac.rb,
lib/msf/core/exploit/remote/http/http_cookie_jar.rb,
lib/msf/core/exploit/remote/kerberos/client/base.rb,
lib/msf/core/exploit/remote/http/kubernetes/error.rb,
lib/msf/core/exploit/remote/http/php_filter_chain.rb,
lib/msf/core/exploit/remote/http/kubernetes/client.rb,
lib/msf/core/exploit/remote/kerberos/client/pkinit.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server.rb,
lib/msf/core/exploit/remote/kerberos/client/ap_request.rb,
lib/msf/core/exploit/remote/kerberos/client/as_request.rb,
lib/msf/core/exploit/remote/kerberos/client/as_response.rb,
lib/msf/core/exploit/remote/kerberos/client/tgs_request.rb,
lib/msf/core/exploit/remote/kerberos/client/tgs_response.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/connection.rb,
lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/builder.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/server/builder.rb,
lib/msf/core/exploit/remote/java/rmi/client/jmx/connection/builder.rb

Overview

The remote exploit class is a specialization of the exploit module class that is geared toward exploits that are performed against targets other than the local machine. This typically implies exploiting other machines via a network connection, though it is not limited to this scope.

Defined Under Namespace

Modules: AFP, Arkeia, AuthOption, AutoCheck, BrowserAutopwn, BrowserAutopwn2, BrowserExploitServer, BrowserProfileManager, CheckModule, DB2, DCERPC, DCERPC_EPM, DCERPC_LSA, DCERPC_MGMT, DNS, Dialup, Expect, FirefoxAddonGenerator, FirefoxPrivilegeEscalation, Ftp, FtpServer, Gdb, HTTP, HttpClient, HttpServer, Imap, Ip, Ipv6, Java, JndiInjection, Kerberos, LDAP, Log4Shell, MSSQL, MSSQL_COMMANDS, MSSQL_SQLI, MYSQL, MsIcpr, MsLsad, MsLsat, MsSamr, MsWkst, NDMP, NDMPSocket, Nuuo, Pop2, Postgres, RDP, RealPort, SIP, SMB, SMTPDeliver, SNMPClient, SSH, Smtp, SocketServer, SunRPC, TNS, Tcp, TcpServer, Telnet, TincdExploitClient, Udp, Unirpc, VIMSoap, WDBRPC, WDBRPC_Client, Web, WinRM, ZeroMQ

Constant Summary

Constants inherited from Module

Module::REPLICANT_EXTENSION_DS_KEY

Constants included from Module::ModuleInfo

Module::ModuleInfo::UpdateableOptions

Instance Attribute Summary

• #sockets ⇒ Object protected

  The list of sockets established by this exploit.

Attributes inherited from Msf::Exploit

#active_timeout, #default_target, #fail_detail, #fail_reason, #needs_cleanup, #payload, #payload_info, #payload_instance, #session_count, #successful, #targets

Attributes inherited from Module

#error, #job_id, #license, #platform, #privileged, #references, #user_data

Attributes included from Framework::Offspring

#framework

Attributes included from Module::UUID

#uuid

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Module::Privileged

#priveli, #privileged

Attributes included from Module::Options

#options

Attributes included from Module::ModuleStore

#module_store

Attributes included from Module::ModuleInfo

#module_info

Attributes included from Module::FullName

#aliased_as

Attributes included from Module::DataStore

#datastore

Attributes included from Module::Author

#author

Attributes included from Module::Arch

#arch

Attributes included from Module::Alert

#alerts, #you_have_been_warned

Instance Method Summary

• #abort_sockets ⇒ Object

  This method is called once a new session has been created on behalf of this exploit instance and all socket connections created by this exploit should be closed.

• #add_socket(sock) ⇒ Object

  Adds a socket to the list of sockets opened by this exploit.

• #exploit_type ⇒ Object

  Returns the fact that this exploit is a remote exploit.

• #initialize(info) ⇒ Remote constructor

  Initializes the socket array.

• #remove_socket(sock) ⇒ Object

  Removes a socket from the list of sockets.

Methods included from AutoTarget

#auto_target?, #auto_target_host, #auto_targeted_index, #filter_by_os, #filter_by_os_family, #filter_by_os_name, #filter_by_os_sp, #select_target

Methods inherited from Msf::Exploit

#add_handler, #aggressive?, #autofilter, #autofilter_ports, #autofilter_services, #cleanup, #compatible_encoders, #compatible_payloads, #define_context_encoding_reqs, #encode_begin, #encode_end, #encode_shellcode_stub, #exploit, #fail_with, #generate_payload, #generate_single_payload, #handle_exception, #handler, #handler_bind?, #handler_enabled?, #has_auto_target?, #init_compat, #interrupt_handler, #is_payload_compatible?, #make_fast_nops, #make_nops, mixins, #nop_generator, #nop_save_registers, #normalize_platform_arch, #on_new_session, #passive?, #pattern_create, #payload_append, #payload_append_encoder, #payload_badchars, #payload_disable_nops, #payload_encoder, #payload_encoder_options, #payload_encoder_type, #payload_extended_options, #payload_max_nops, #payload_min_nops, #payload_nop, #payload_prepend, #payload_prepend_encoder, #payload_space, #rand_char, #rand_text, #rand_text_alpha, #rand_text_alpha_lower, #rand_text_alpha_upper, #rand_text_alphanumeric, #rand_text_debug, #rand_text_english, #rand_text_hex, #rand_text_highascii, #rand_text_numeric, #regenerate_payload, #register_autofilter_ports, #register_autofilter_services, #report_failure, #reset_session_counts, #session_created?, #setup, #setup_fail_detail_from_exception, #stack_adjustment, #stance, #target, #target_arch, #target_index, #target_platform, #type, type, #wfs_delay

Methods inherited from Module

#adapted_refname, #adapter_refname, #black_listed_auth_filenames, cached?, #debugging?, #default_cred?, #default_options, #fail_with, #file_path, #framework, #has_check?, #orig_cls, #owner, #perform_extensions, #platform?, #platform_to_s, #post_auth?, #register_extensions, #register_parent, #replicant, #required_cred_options, #set_defaults, #stage_refname, #stager_refname, #workspace

Methods included from Module::Reliability

#reliability, #reliability_to_s

Methods included from Module::Stability

#stability, #stability_to_s

Methods included from Module::SideEffects

#side_effects, #side_effects_to_s

Methods included from Module::UUID

#generate_uuid

Methods included from Module::UI

#init_ui

Methods included from Module::UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from Module::UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from Module::UI::Line

#print_line, #print_line_prefix

Methods included from Module::UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Module::Type

#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?, #type

Methods included from Module::Ranking

#rank, #rank_to_h, #rank_to_s

Methods included from Module::Privileged

#privileged?

Methods included from Module::Options

#deregister_option_group, #deregister_options, #register_advanced_options, #register_evasion_options, #register_option_group, #register_options, #validate

Methods included from Module::Network

#comm, #support_ipv6?, #target_host, #target_port

Methods included from Module::ModuleStore

#[], #[]=

Methods included from Module::ModuleInfo

#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info

Methods included from Module::FullName

#aliases, #fullname, #promptname, #realname, #refname, #shortname

Methods included from Module::DataStore

#import_defaults, #import_target_defaults, #share_datastore

Methods included from Module::Compatibility

#compat, #compatible?, #init_compat

Methods included from Module::Author

#author_to_s, #each_author

Methods included from Module::Auth

#store_valid_credential

Methods included from Module::Arch

#arch?, #arch_to_s, #each_arch

Methods included from Module::Alert

#add_alert, #add_error, #add_info, #add_warning, #alert_user, #errors, #get_alerts, included, #infos, #is_usable?, #warnings, #without_prompt

Constructor Details

#initialize(info) ⇒ Remote

Initializes the socket array.

# File 'lib/msf/core/exploit/remote.rb', line 16

def initialize(info)
  super

  self.sockets = Array.new
end

Instance Attribute Details

#sockets ⇒ Object (protected)

The list of sockets established by this exploit.

# File 'lib/msf/core/exploit/remote.rb', line 64

def sockets
  @sockets
end

Instance Method Details

#abort_sockets ⇒ Object

This method is called once a new session has been created on behalf of this exploit instance and all socket connections created by this exploit should be closed.

# File 'lib/msf/core/exploit/remote.rb', line 48

def abort_sockets
  sockets.delete_if { |sock|

    begin
      sock.close
    rescue ::Exception
    end
    true
  }
end

#add_socket(sock) ⇒ Object

Adds a socket to the list of sockets opened by this exploit.

# File 'lib/msf/core/exploit/remote.rb', line 32

def add_socket(sock)
  self.sockets << sock
end

#exploit_type ⇒ Object

Returns the fact that this exploit is a remote exploit.

# File 'lib/msf/core/exploit/remote.rb', line 25

def exploit_type
  Exploit::Type::Remote
end

#remove_socket(sock) ⇒ Object

Removes a socket from the list of sockets.

# File 'lib/msf/core/exploit/remote.rb', line 39

def remove_socket(sock)
  self.sockets.delete(sock)
end