Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Http print standardization #343

Merged
merged 8 commits into from Apr 25, 2012
Merged

Http print standardization #343

merged 8 commits into from Apr 25, 2012

Conversation

jlee-r7
Copy link
Contributor

@jlee-r7 jlee-r7 commented Apr 18, 2012

This implements output standardization for browser exploits via the HttpServer mixin. Format is similar to what was being done manually before but is easier to use (just normal print_status usage) and makes module code easier to read.

Example output:

[*] 192.168.99.1     browser_autopwn - Reporting: {:os_name=>"Linux", :os_lang=>"en-US", :arch=>"x86"}
[*] 192.168.99.1     browser_autopwn - Responding with 2 exploits
[*] 192.168.99.1     java_atomicreferencearray - 192.168.99.1:39437 - Sending Java AtomicReferenceArray Type Violation Vulnerability
[*] 192.168.99.1     java_atomicreferencearray - Generated jar to drop (5284 bytes).

@egypt
Save the connecting client in thread-local storage
3ad3caf 
Allows print_* overrides to show it when it's available.
@egypt
Add defaults to the print_* method arguments
a86bdf8 
Fixes breakage with modules that use print_line() or similar.

This commit also includes some RDoc additions and markup fixes
@egypt
Un-standardize printing in browser modules
d0eb383 
This is now handled by the HttpServer mixin
@egypt
Missed one.
b077efb
@egypt
Couple of small rdoc cleanups
627ae30
@egypt
Merge branch 'rapid7' into http-print-standardization
f9b2fe8 
Conflicts:
	modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb
	modules/exploits/windows/browser/apple_quicktime_rtsp.rb
	modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
@egypt
Merge branch 'rapid7' into http-print-standardization
1f577b2
@wchen-r7
Copy link
Contributor

Looking into it right now.

@wchen-r7
Copy link
Contributor

So it looks like if a browser module prints a message like this:
print_status("#{client.peerhost}:#{client.peerport} - Using msvcrt ROP")

The IP:Port will get printed twice. Only one module does this in windows/browsers, and that's fixed in my local branch. Will commit it.

@wchen-r7
Copy link
Contributor

Another scenario that can result the ip:port being printed twice:
print_status("Sending html to #{cli.peerhost}:#{cli.peerport}")

Which will have the following output:
[*] 10.0.1.79 browser_test - Sending html to 10.0.1.79:3995

A lot of modules do this. Here are the ones I found under windows/browser:
http://pastebin.com/raw.php?i=ewgtrUWM

@todb-r7
Copy link

todb-r7 commented Apr 18, 2012

I agree with @wchen-r7 -- in order to land this, either the mixin's print_status will have to handle the case where the module's print_status is trying to already print rhost:rport, or all the modules will have to be updated. (It'd be nice to see the latter so future copy-pasters won't screw themselves up)

@wchen-r7
Copy link
Contributor

Talked to egypt. So we've concluded it's probably best to hold on to this pull request until the release.

@wchen-r7 wchen-r7 merged commit 9cdd891 into rapid7:master Apr 25, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jlee-r7 @wchen-r7 @todb-r7 @egypt