Exploit模块的check方法用来检测一台远程主机是否有漏洞能够被利用。
check方法默认的实施仅返回check方法不被Exploit模块支持。
当然,一个完整的代码能够从check方法返回如下表所示的信息。
如果在我们编写Exploit模块的时候没有编写check方法,当我们在Msfconsole中输入check时,会调用 Msf::Module 中定义好的check方法,并返回 Msf::Exploit::CheckCode::Unsupported 这个常量。
根据Ruby语法,当我们在Exploit模块中再次定义check方法时,便会覆盖继承的check方法,从而我们可以具体情况选择返回值,例如:
def check
if ***
return Exploit::CheckCode::Vulnerable
end
return Exploit::CheckCode::Safe
end所有的常量信息在Msf::Exploit::CheckCode模块中定义如下:
| Unknown = [ 'unknown', "Cannot reliably check exploitability."] |
| Can't tell if the target is exploitable or not. This is recommended if the module fails to retrieve enough information from the target machine, such as due to a timeout. |
| Safe = [ 'safe', "The target is not exploitable." ] |
| The target is safe and is therefore not exploitable. This is recommended after the check fails to trigger the vulnerability, or even detect the service. |
| Detected = [ 'detected', "The target service is running, but could not be validated." ] |
| The target is running the service in question, but the check fails to determine whether the target is vulnerable or not. |
| Appears = [ 'appears', "The target appears to be vulnerable." ] |
| The target appears to be vulnerable. This is recommended if the vulnerability is determined based on passive reconnaissance. For example: version, banner grabbing, or having the resource that's known to be vulnerable. |
| Vulnerable = [ 'vulnerable', "The target is vulnerable." ] |
| The target is vulnerable. Only used if the check is able to actually take advantage of the bug, and obtain hard evidence. For example: executing a command on the target machine, and retrieve the output. |
| Unsupported = [ 'unsupported', "This exploit does not support check." ] |
| The exploit does not support the check method. |
常量数组中的第二个元素即为check方法的返回值,例如:
更多推荐
metasploit 中 exploit模块check方法简介
发布评论