Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/spec/file_fixtures/modules/exploits/auto_target_windows.rb
Views: 11783
1class MetasploitModule < Msf::Exploit::Remote2include Exploit::Remote::Tcp3Rank = ManualRanking45def initialize(info = {})6super(update_info(info,7'Name' => 'Exploit Auto-Targeting for Windows',8'Description' => %q{ This module is a test bed for automatic targeting for Windows exploits. },9'Author' => [ 'thelightcosine' ],10'License' => MSF_LICENSE,11'Privileged' => true,12'DefaultOptions' =>13{14'WfsDelay' => 10,15'EXITFUNC' => 'thread'16},17'Payload' =>18{19'Space' => 3072,20'DisableNops' => true21},22'Platform' => 'win',23'Arch' => [ARCH_X86, ARCH_X64],24'Targets' =>25[26['Windows 2000 Universal',27{28'Ret' => 0x001f1cb0,29'Scratch' => 0x00020408,30}31], # JMP EDI SVCHOST.EXE3233#34# Standard return-to-ESI without NX bypass35# Warning: DO NOT CHANGE THE OFFSET OF THIS TARGET36#37['Windows XP SP0/SP1 Universal',38{39'Ret' => 0x01001361,40'Scratch' => 0x00020408,41}42], # JMP ESI SVCHOST.EXE4344# Standard return-to-ESI without NX bypass45['Windows 2003 SP0 Universal',46{47'Ret' => 0x0100129e,48'Scratch' => 0x00020408,49}50], # JMP ESI SVCHOST.EXE51# Metasploit's NX bypass for XP SP2/SP352['Windows XP SP3 English (NX)',53{54'Ret' => 0x6f88f807,55'DisableNX' => 0x6f8917c2,56'Scratch' => 0x0002040857}58]5960],61'DisclosureDate' => '1999-01-01'62))6364deregister_options('RPORT')65end6667def exploit68print_status("This exploit doesn't actually do anything")69print_status "Target Selected: #{target.name}"70end717273end7475