Fix autoadd problem in post/windows/manage/autoroute

[sn0wfa11]

Error Description

In PR #6515, I submitted the "autoadd" feature. A function called is_routable? was added that was different from the original code that was submitted. This function contains errors that are causing invalid routes to be added.

Running a test using the current code, this is the output:

[*]     Running command run post/windows/manage/autoroute
[*] Running module against SHADOW
[*] Searching for subnets to autoroute.
[+] Route added to subnet 192.168.1.145/255.255.255.0
[+] Route added to subnet 192.168.1.255/255.255.255.0
[+] Route added to subnet 192.168.14.1/255.255.255.0
[+] Route added to subnet 192.168.14.255/255.255.255.0
[+] Route added to subnet 192.168.179.1/255.255.255.0
[+] Route added to subnet 192.168.179.255/255.255.255.0
[+] Route added to subnet 192.168.202.1/255.255.255.0
[+] Route added to subnet 192.168.202.255/255.255.255.0

These routes are incorrect and do not work.

Fix

The routing check elsif route.subnet =~ /[\d\.]+\.0$/ is causing part of the error and was removed for the fix.

Also, this line: elsif route.subnet == '255.255.255.255' should be: elseif route.netmask == '255.255.255.255'

Once these changes are made the output is:

[*]     Running command run post/windows/manage/autoroute
[*] Running module against SHADOW
[*] Searching for subnets to autoroute.
[+] Route added to subnet 192.168.1.0/255.255.255.0
[+] Route added to subnet 192.168.14.0/255.255.255.0
[+] Route added to subnet 192.168.179.0/255.255.255.0
[+] Route added to subnet 192.168.202.0/255.255.255.0

Which are correct routes.

[wchen-r7]

@jhale85446 So the reason I modified your code was because when I was testing, it would not add a route to my VPN:

meterpreter > ifconfig

Interface  1
============
Name         : MS TCP Loopback interface
Hardware MAC : 00:00:00:00:00:00
MTU          : 1520
IPv4 Address : 127.0.0.1


Interface  2
============
Name         : AMD PCNET Family PCI Ethernet Adapter - Packet Scheduler Miniport
Hardware MAC : 00:0c:29:dc:91:c1
MTU          : 1500
IPv4 Address : 192.168.146.128
IPv4 Netmask : 255.255.255.0


Interface  3
============
Name         : VMware Accelerated AMD PCNet Adapter - Packet Scheduler Miniport
Hardware MAC : 00:0c:29:dc:91:cb
MTU          : 1500


Interface 65541
============
Name         : Bluetooth Device (Personal Area Network)
Hardware MAC : 28:cf:e9:12:f7:58
MTU          : 1500


Interface 131078
============
Name         : WAN (PPP/SLIP) Interface
Hardware MAC : 00:53:45:00:00:00
MTU          : 1400
IPv4 Address : 192.168.1.100
IPv4 Netmask : 255.255.255.255

meterpreter > run post/windows/manage/autoroute

[*] Running module against WEI-3B699B1A81A
[*] Searching for subnets to autoroute.
[+] Route added to subnet 192.168.146.0/255.255.255.0
meterpreter > 

This PR actually brings back that problem. I can go ahead and land this PR anyway because it's breaking on your side, but I'll file another issue for this, and I think we will have to come back and visit it again.

[sn0wfa11]

@wchen-r7, thank you. I understand what you were trying to accomplish and have also noticed that it is not routing to VPN's. I would be happy to look into this to see if I can come up with a solution. Can I contact you directly if I have any questions while working on it?

[wchen-r7]

@jhale85446 Yes, please feel free to contact me: wei_chen[at]rapid7.com. If you want, I can explain to you exactly how I set up my test lab (it's really just a basic PPTP server on ubuntu with a XP connected to it)