Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
module Msf
4
  ###
5
  #
6
  # This module provides methods for working with NFS
7
  #
8
  ###
9
  module Auxiliary::Nfs
10
    include Auxiliary::Scanner
11

12
    def initialize(info = {})
13
      super
14
      register_options(
15
        [
16
          OptAddressLocal.new('LHOST', [false, 'IP to match shares against', Rex::Socket.source_address]),
17
          OptString.new('HOSTNAME', [false, 'Hostname to match shares against', ''])
18
        ]
19
      )
20
    end
21

22
    def can_mount?(locations, mountable = true, hostname = '', lhost = '')
23
      # attempts to validate if we'll be able to open it or not based on:
24
      # 1. its a wildcard, thus we can open it
25
      # 2. hostname isn't blank and its in the list
26
      # 3. our IP is explicitly listed
27
      # 4. theres a CIDR notation that we're included in.
28
      return true unless mountable
29
      return true if locations.include? '*'
30
      return true if !hostname.blank? && locations.include?(hostname)
31
      return true if !lhost.empty? && locations.include?(lhost)
32

33
      locations.each do |location|
34
        # if it has a subnet mask, convert it to cidr
35
        if %r{(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})} =~ location
36
          location = "#{Regexp.last_match(1)}#{Rex::Socket.addr_atoc(Regexp.last_match(2))}"
37
        end
38
        return true if Rex::Socket::RangeWalker.new(location).include?(lhost)
39
        # at this point we assume its a hostname, so we use Ruby's File fnmatch so that it processes the wildcards
40
        # as its a quick and easy way to use glob matching for wildcards and get a boolean response
41
        return true if File.fnmatch(location, hostname)
42
      end
43
      false
44
    end
45
  end
46
end
47

48