Skip to content

Parse Exploit Requirements

Jump to bottom
Irtsa edited this page Feb 22, 2025 · 4 revisions

Will attempt to parse the requirements of exploits when they are passed to the function and return them in a dictionary. You will want to pass the result of metaxploit.scan_address(lib, address) directly to the function. Example:

lib = metaxploit.load("/lib/libssh.so")
addresses = metaxploit.scan(lib)
exploits = metaxploit.scan_address(lib, addresses[0])
print(parseExploitRequirements(exploits))



Source Code

parseExploitRequirements = function(exploits)
    list.applyFunction = function(func)
        for i in range(self.len - 1)
            self[i] = func(self[i])
        end for
        return self
    end function

    getExploitNames = function(exploits)
        exploits = exploits.split("Unsafe check: ")[1:]
        for i in range(exploits.len - 1)
            exploits[i] = exploits[i].split("<b>")[1].split("</b>")[0]
        end for
        return exploits
    end function

    getExploitRequirementType = function(requirement)
	if not requirement.indexOf("guest active user") == null then return "activeGuest"
        if not requirement.indexOf("an active user") == null then return "activeUser"
        if not requirement.indexOf("root active user") == null then return "activeRoot"
        if not requirement.indexOf("registered users equal") == null then return "registeredUsers:" + requirement.split("to ")[1].split("\.")[0]
        if not requirement.indexOf("port forwarding") == null then return "portForwards:" + requirement.split(" port forwarding")[0].replace(" ","")
        if not requirement.indexOf("namespace") == null then return ("namespace:" + requirement.split("namespace ")[1].split(" compiled")[0] + ":" + requirement.split(">= ")[1].replace(" ","")).replace("<b>","").replace("</b>","")
	if not requirement.indexOf("path") == null then return "path:" + requirement.split("path ")[1].split(" exists")[0]
        return "0"
    end function

    getCurrentRequirements = function(exploit)
        reqs = exploit.split("\*")[1:]
        if reqs.len == 0 then return []
        for i in range(reqs.len - 1)
            reqs[i] = getExploitRequirementType(reqs[i])
        end for
        return reqs
    end function

    ExploitNames = getExploitNames(exploits)
    ExploitRequirements = exploits.split("Unsafe check: ")[1:]
    ExploitRequirements.applyFunction(@getCurrentRequirements)

    Exploits = {}
    for i in range(ExploitNames.len - 1)
        Exploits[ExploitNames[i]] = ExploitRequirements[i]
    end for

	return Exploits
end function
Clone this wiki locally