Issue #7188 resolved #8063
Issue #7188 resolved #8063
Conversation
| @@ -82,12 +82,15 @@ def setup_handler | |||
| 'MsfPayload' => self, | |||
| 'MsfExploit' => assoc_exploit | |||
| }) | |||
|
|
|||
| if (ip=='127.0.0.1' || ip=='127.0.0.2' || ip=='127.0.0.3' || ip=='127.0.0.4'|| ip=='127.0.0.5'||ip=='127.0.0.6' || ip=='127.0.0.7' || ip=='127.0.0.8') | |||
There was a problem hiding this comment.
How about a little syntactic sugar?
localhost_ips = []
(1..8).each do |num|
localhost_ips << "127.0.0.#{num}"
end
if localhost_ips.include?(ip)
print_error("Please note that errors might be experienced with this choice of address for LHOST.")
end
There was a problem hiding this comment.
You can keep it simple:
if ip =~ /^127\.0\.0\.[1-8]$/
There was a problem hiding this comment.
My original suggestion from the issue was to check if this is in the loopback subnet 127.0.0.0/8, not just the first 8 addresses. The proper check function would look something like this (I'm sure the rescue could be tightened up, but I prefer test functions to really only return booleans where possible):
require 'ipaddr'
def is_loopback_addr(addr)
begin
a = IPAddr.new(addr.to_s)
return true if IPAddr.new('127.0.0.1/8') === a
return true if IPAddr.new('::1') === a
rescue
end
false
end
[IPAddr.new('127.0.0.1'), '127.0.0.1', '127.255.255.255', '::1', 'dog'].each do |addr|
puts "#{addr} is loopback: #{is_loopback_addr(addr)}"
endThere was a problem hiding this comment.
This returns the following experimental values:
127.0.0.1 is loopback: true
127.0.0.1 is loopback: true
127.255.255.255 is loopback: true
::1 is loopback: true
dog is loopback: false
|
Isn't this already an open PR? (#8041) |
|
Nice catch @thecarterb |
|
Yes, we're attempting to deconflict. |
|
Close, but this isn't the right fix. This PR is also made from a master branch, which usually is easier to fix with a new PR. See https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md#code-contributions about creating topic branches for PRs. Closing for now. See comment above as well about how to test for subnet membership for an IP address. Thanks, do try again! |
|
Thanks.. I'll surely look into it... |
|
Also, since we have an earlier PR #8041, suggest we continue discussion there. Thanks! |
|
How do I issue a PR in an open discussion? |
|
Well, I'd say make suggestions at that PR, rather than hijacking with an alternate. Let's keep the discussion in one place. You could also pull the other contributor's fork as a remote, and send him a pull request on his topic branch. |
Tell us what this change does. If you're fixing a bug, please mention
the github issue number.
Issue number #7188
Verification
List the steps needed to make sure this thing works
msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost 127.0.0.1
set lport 4444
exploit
Verify: It will set lhost to 127.0.0.1 and will print a warning : "Please note that errors might be experienced with this choice of address for LHOST."
set lhost 127.0.0.54
set lport 4444
exploit
Verify: It will set lhost to 127.0.0.54 and will not print a warning.