Skip to content

Commit

Permalink
Land #12754, ForceExploit for 4.3BSD exploits
Browse files Browse the repository at this point in the history
  • Loading branch information
@wvu-r7
wvu-r7 committed Dec 24, 2019
2 parents 337d18d + 01b6bc1 commit e89a596
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 2 deletions.
10 changes: 9 additions & 1 deletion modules/exploits/bsd/finger/morris_fingerd_bof.rb
View file
Expand Up @@ -55,6 +55,10 @@ def initialize(info = {})
))

register_options([Opt::RPORT(79)])

register_advanced_options([
OptBool.new('ForceExploit', [false, 'Override check result', false])
])
end

def check
Expand All @@ -71,14 +75,18 @@ def check
end

CheckCode::Safe
rescue Rex::ConnectionError => e
rescue EOFError, Rex::ConnectionError => e
vprint_error(e.message)
CheckCode::Unknown
ensure
disconnect
end

def exploit
unless check == CheckCode::Detected || datastore['ForceExploit']
fail_with(Failure::NotVulnerable, 'Set ForceExploit to override')
end

# Start by generating our custom VAX shellcode
shellcode = payload.encoded

Expand Down
7 changes: 6 additions & 1 deletion modules/exploits/unix/smtp/morris_sendmail_debug.rb
View file
Expand Up @@ -52,6 +52,7 @@ def initialize(info = {})
register_options([Opt::RPORT(25)])

register_advanced_options([
OptBool.new('ForceExploit', [false, 'Override check result', false]),
OptFloat.new('SendExpectTimeout', [true, 'Timeout per send/expect', 3.5])
])
end
Expand All @@ -78,14 +79,18 @@ def check
end

checkcode
rescue Rex::ConnectionError => e
rescue EOFError, Rex::ConnectionError => e
vprint_error(e.message)
CheckCode::Unknown
ensure
disconnect
end

def exploit
unless check == CheckCode::Appears || datastore['ForceExploit']
fail_with(Failure::NotVulnerable, 'Set ForceExploit to override')
end

# We don't care who the user is, so randomize it
from = rand_text_alphanumeric(8..42)

Expand Down

0 comments on commit e89a596

Please sign in to comment.