New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add IBM Tivoli Storage Manager Fastback Denial of Service module #6547
Conversation
sock.put(p) | ||
disconnect | ||
print_status("Packet sent!") | ||
rescue ::Exception => ex |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rescuing ::Exception
is not a recommended practice. Your module would catch things that should not be handled by it (for example, exceptions that should be handled by msfconsole). You want to be more specific :-)
I once tried to document what the Tcp mixin might raise in here, feel free to check it out:
https://github.com/rapid7/metasploit-framework/wiki/How-to-use-the-Msf%3A%3AExploit%3A%3ARemote%3A%3ATcp-mixin
Hi @wwebb-r7, sorry we didn't make this clear. At Metasploit, all exploit modules are required to pop a shell. If it doesn't (in this case, looks like just a DoS), then you would have to move this module to the auxiliary category. In your case, probably in https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/misc. You may browse around for code examples :-) |
Made exception handling changes and moved module to module/auxiliary/dos/misc |
Thanks. |
Inherit from Msf::Auxiliary |
Tested on version 6.1.4000:
|
PR merged. Congrats! :-) |
This module triggers the denial of service condition detailed at https://www.exploit-db.com/exploits/38979/