Module: Msf::Exploit::Remote::Ip

Defined in:

lib/msf/core/exploit/remote/ip.rb

Overview

This module provides methods for communicating with a host over raw IP

Instance Attribute Summary

• #ip_sock ⇒ Object protected

  Returns the value of attribute ip_sock.

Instance Method Summary

• #cleanup ⇒ Object

  Performs cleanup, closes the socket if necessary.

• #connect_ip(global = true, opts = {}) ⇒ Object

  Creates an IP socket for communicating with a remote host.

• #disconnect_ip(nsock = self.ip_sock) ⇒ Object

  Closes the IP socket.

• #handler(nsock = self.ip_sock) ⇒ Object

  Claims the IP socket if the payload so desires.

• #initialize(info = {}) ⇒ Object

  Initializes an instance of an exploit module that sends raw IP datagrams.

• #ip_write(dgram) ⇒ Object

  Sends a datagram to the host specified in RHOST.

• #rhost ⇒ Object

  Returns the target host.

Instance Attribute Details

#ip_sock ⇒ Object (protected)

Returns the value of attribute ip_sock.

# File 'lib/msf/core/exploit/remote/ip.rb', line 115

def ip_sock
  @ip_sock
end

Instance Method Details

#cleanup ⇒ Object

Performs cleanup, closes the socket if necessary

# File 'lib/msf/core/exploit/remote/ip.rb', line 86

def cleanup
  super
  disconnect_ip
end

#connect_ip(global = true, opts = {}) ⇒ Object

Creates an IP socket for communicating with a remote host

# File 'lib/msf/core/exploit/remote/ip.rb', line 27

def connect_ip(global = true, opts={})

  begin
    nsock = Rex::Socket::Ip.create(
      'Context'   =>
        {
          'Msf'        => framework,
          'MsfExploit' => self,
        })

    # Set this socket to the global socket as necessary
    self.ip_sock = nsock if (global)

    # Add this socket to the list of sockets created by this exploit
    add_socket(nsock)

    return nsock
  rescue ::Exception => e
    print_line(" ")
    print_error(
      "This module is configured to use a raw IP socket. " +
      "On Unix systems, only the root user is allowed to create raw sockets. " +
      "Please run the framework as root to use this module."
    )
    print_line(" ")
    nil
  end
end

#disconnect_ip(nsock = self.ip_sock) ⇒ Object

Closes the IP socket

# File 'lib/msf/core/exploit/remote/ip.rb', line 59

def disconnect_ip(nsock = self.ip_sock)
  begin
    if (nsock)
      nsock.close
    end
  rescue IOError
  end

  if (nsock == ip_sock)
    self.ip_sock = nil
  end

  # Remove this socket from the list of sockets created by this exploit
  remove_socket(nsock)
end

#handler(nsock = self.ip_sock) ⇒ Object

Claims the IP socket if the payload so desires. No exploits use raw socket payloads yet…

# File 'lib/msf/core/exploit/remote/ip.rb', line 79

def handler(nsock = self.ip_sock)
  true
end

#initialize(info = {}) ⇒ Object

Initializes an instance of an exploit module that sends raw IP datagrams.

# File 'lib/msf/core/exploit/remote/ip.rb', line 15

def initialize(info = {})
  super

  register_options(
    [
      Opt::RHOST,
    ], Msf::Exploit::Remote::Ip)
end

#ip_write(dgram) ⇒ Object

Sends a datagram to the host specified in RHOST

# File 'lib/msf/core/exploit/remote/ip.rb', line 94

def ip_write(dgram)
  return nil if not ip_sock
  ip_sock.sendto(dgram, rhost)
end

#rhost ⇒ Object

Returns the target host

# File 'lib/msf/core/exploit/remote/ip.rb', line 108

def rhost
  datastore['RHOST']
end