#182: nmap_notation.diff - Metasploit - Trac

external/source/dllinject/srv.c

old	new
104	104	/* Run the code */
105	105	fprintf(stderr,"Oops.. I'm 0wned.\n");
106	106
	107	#if _WIN32
107	108	__asm mov edi, new_s
	109	#else
	110	asm("mov %0, %%edi" ::"m"(new_s):"edi");
	111	#endif
108	112
109	113	funct = (int (*)()) buf;
110	114	(int)(*funct)();

lib/msf/core/option_container.rb

old	new
354	354	if (value =~ /^file:(.*)/)
355	355	path = $1
356	356	begin
357		value = File.readlines(path).map{ \|s\| s.strip}.join(",")
	357	value = File.readlines(path).map{ \|s\| s.strip}.join(" ")
358	358	rescue ::Errno::ENOENT, ::Errno::EISDIR
359	359	value = nil
360	360	end
…	…
363	363	sets = []
364	364	return '' if not value
365	365
366		ranges = value.split(',')
367		ranges.each do \|range\|
368		begin
369		case range
370		when /[0-9]+-[0-9]+/
371		tmp = range.split('-')
372		next if tmp.length != 2
	366	#ranges = value.split(',')
	367	#ranges.each do \|range\|
	368	# begin
	369	# case range
	370	# when /[0-9]+-[0-9]+/
	371	# tmp = range.split('-')
	372	# next if tmp.length != 2
373	373
374		if (Rex::Socket.addr_atoi(tmp[0]) <= Rex::Socket.addr_atoi(tmp[1]))
375		sets << tmp
376		end
	374	# if (Rex::Socket.addr_atoi(tmp[0]) <= Rex::Socket.addr_atoi(tmp[1]))
	375	# sets << tmp
	376	# end
377	377
378		when /\//
379		sets << Rex::Socket.cidr_crack(range)
380		else
381		tmp = Rex::Socket.addr_itoa(Rex::Socket.addr_atoi(range))
382		sets << [tmp, tmp]
383		end
384		rescue ::Exception => e
385		raise e
386		end
387		end
	378	# when /\//
	379	# sets << Rex::Socket.cidr_crack(range)
	380	# else
	381	# tmp = Rex::Socket.addr_itoa(Rex::Socket.addr_atoi(range))
	382	# sets << [tmp, tmp]
	383	# end
	384	# rescue ::Exception => e
	385	# raise e
	386	# end
	387	#end
388	388
389		return sets.map{\|i\| i[0]+'-'+i[1]}.join(',')
	389	#return sets.map{\|i\| i[0]+'-'+i[1]}.join(',')
390	390	end
391	391
392	392	def valid?(value)
393	393	return false if empty_required_value?(value)
394	394
395	395	if (value != nil and value.empty? == false)
396		begin
397		return (normalize(value).length > 0 ? true : false)
398		rescue
399		return false
400		end
	396	return (Rex::Socket::RangeWalker.parse(value).length > 0 ? true : false)
401	397	end
402	398
403	399	return super

lib/rex/socket/range_walker.rb

old	new
3	3	module Rex
4	4	module Socket
5	5
6		~~###~~
7		#
8		~~# This class provides an interface to enumerating an IP range~~
9		#
10		~~###~~
11	6	class RangeWalker
	7	def initialize(parseme)
	8	@addresses = RangeWalker.parse(parseme)
	9	@index = 0
	10	end
12	11
13		#
14		# Initializes a walker instance using the supplied range
15		#
16		def initialize(ranges)
17
18		self.ranges = []
19
20		ranges.split(',').each do \|range\|
21		a,b = range.split('-')
22		b \|\|= a
	12	def each(&block)
	13	@addresses.each &block
	14	end
23	15
24		a = Rex::Socket.addr_atoi(a)
25		b = Rex::Socket.addr_atoi(b)
	16	def self.parse(parseme)
	17	addrs = []
	18	parseme.split(' ').each { \|arg\|
	19	if arg =~ /\//
	20	# then it's CIDR notation and needs special case
	21	if arg =~ /[,-]/
	22	raise Rex::ArgumentError, "Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges)"
	23	return false
	24	end
	25	start,stop = Rex::Socket.cidr_crack(arg)
	26	while start != stop
	27	addrs.push start
	28	# FIXME this is an overly simplistic regex
	29	# Should this somehow be accomplished using
	30	# Rex::Socket.addr_* instead of a regex?
	31	start =~ /([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/
	32	a = $1.to_i
	33	b = $2.to_i
	34	c = $3.to_i
	35	d = $4.to_i
	36	if ((255 < a) or (255 < b) or (255 < c) or (255 < d))
	37	raise Rex::ArgumentError, "Improper CIDR notation (can't be greater than 255)"
	38	return false
	39	end
	40	if d == 255
	41	if c == 255
	42	if b == 255
	43	a += 1
	44	b = 0
	45	else
	46	b += 1
	47	end
	48	c = 0
	49	else
	50	c += 1
	51	end
	52	d = 1
	53	else
	54	d += 1
	55	end
	56	start = a.to_s + "." + b.to_s + "." + c.to_s + "." + d.to_s
	57	end
	58	next
	59	end # CIDR
26	60
27		if (b < a)
28		t = a
29		a = b
30		b = t
	61	if arg =~ /[^-0-9,.*]/
	62	# then it's a domain name and we should send it on to addr_atoi
	63	# unmolested to force a DNS lookup
	64	addrs.push Rex::Socket.addr_itoa(Rex::Socket.addr_atoi(arg))
	65	next
	66	end # DNS name
	67
	68	# if we get to this point, the argument should be an nmap-style
	69	# host range x.x.x.x where x can be simply "*" or any combination
	70	# and repitition of:
	71	# i,n
	72	# n-m
	73	# i,n-m
	74	# n-m,i
	75	# ensuring that n is never greater than m
	76	#
	77	# non-unique elements will be removed
	78	# e.g.:
	79	# 10.1.1.1-3,2-2,2 => ["10.1.1.1", "10.1.1.2", "10.1.1.3"]
	80	# 10.1.1.1-3,7 => ["10.1.1.1", "10.1.1.2", "10.1.1.3", "10.1.1.7"]
	81	bytes = []
	82	sections = arg.split('.')
	83	sections.each { \|section\|
	84	if section == "*"
	85	# should this include broadcast?
	86	section = "0-254"
	87	end
	88	ranges = section.split(',')
	89	if ranges.empty?
	90	raise Rex::ArgumentParseError, "Empty range"
	91	return false
	92	end
	93	sets = []
	94	ranges.each { \|r\|
	95	bounds = r.split('-')
	96	if (
	97	bounds.empty? or bounds.length > 2 or bounds[0].to_i > 255 or (
	98	(2 == bounds.length) and (
	99	bounds[1].to_i > 255 or bounds[0].to_i > bounds[1].to_i)
	100	)
	101	)
	102	raise Rex::ArgumentError, "Improper bounds for range."
	103	return false
	104	end
	105	if bounds[1]
	106	(bounds[0].to_i .. bounds[1].to_i).each { \|i\|
	107	sets.push i.to_s
	108	}
	109	elsif bounds[0]
	110	sets.push(bounds[0])
	111	end
	112	}
	113	bytes.push(sets)
	114	}
	115
	116	# combinitorically squish all of the quads together into valid ip
	117	# addresses
	118	#
	119	# e.g.:
	120	# [["1","2"],["3"],["4"],["5","6"]]
	121	# =>
	122	# ["1.3.4.5","1.3.4.6","2.3.4.5","2.3.4.6"]
	123	for a in bytes[0]
	124	for b in bytes[1]
	125	for c in bytes[2]
	126	for d in bytes[3]
	127	ip = a + "." + b + "." + c + "." + d
	128	addrs.push ip
	129	end
	130	end
	131	end
31	132	end
32
33		self.ranges << [a,b]
34		end
35
36		reset
	133	} # each arg
	134
	135	return addrs.uniq
37	136	end
38	137
39		#
40		~~# Resets the subnet walker back to its original state.~~
41		#
42	138	def reset
43		self.curr_range = 0
44		self.curr_ip = self.ranges[0][0]
45		self.num_ips = 0
46		self.ranges.each {\|r\| self.num_ips += r[1]-r[0] + 1 }
	139	@index = 0
47	140	end
48	141
49		#
50		~~# Returns the next IP address.~~
51		#
52	142	def next_ip
53		if (self.curr_ip > self.ranges[self.curr_range][1])
54		if (self.curr_range == self.ranges.length - 1)
55		return nil
56		end
57		self.curr_range += 1
58		self.curr_ip = self.ranges[self.curr_range][0]
	143	if (@index > self.num_ips)
	144	self.reset
	145	return nil
	146	else
	147	return @addresses[@index += 1]
59	148	end
60
61		~~addr = Rex::Socket.addr_itoa(self.curr_ip)~~
62		~~self.curr_ip += 1~~
63		~~return addr~~
64	149	end
65	150
66		#
67		# The total number of IPs within the range
68		#
69		attr_reader :num_ips
70
71		protected
72
73		attr_writer :num_ips # :nodoc:
74		attr_accessor :addr_start, :addr_stop, :curr_ip, :curr_range, :ranges # :nodoc:
75
	151	def num_ips
	152	@addresses.length
	153	end
76	154	end
77	155
78	156	end
79	157	end
	158

Ticket #182: nmap_notation.diff

external/source/dllinject/srv.c

lib/msf/core/option_container.rb

lib/rex/socket/range_walker.rb

Download in other formats: