Check job workspace

wchen-r7 · wchen-r7 · commit 89aa00cfc482 · 2015-07-10T13:09:42.000-05:00
diff --git a/lib/msf/core/exploit/browser_autopwnv2.rb b/lib/msf/core/exploit/browser_autopwnv2.rb
@@ -140,11 +140,10 @@ def set_exploit_options(xploit)
       xploit.datastore['DisablePayloadHandler'] = true
       xploit.datastore['BrowserProfilePrefix']  = browser_profile_prefix
       xploit.datastore['URIPATH']               = "/#{assign_module_resource}"
+      xploit.datastore['WORKSPACE']             = self.workspace
 
-      # TODO: Pass additional parameters
-      # TODO: Pass WORKSPACE and other options down to the sub module
-      # TODO: Add BAPv2 tracking information (?)
-      # TODO: Change exploit output options?
+      # TODO: Add BAPv2 tracking information (?) - HD
+      # TODO: Change exploit output options?     - HD
     end
 
 
@@ -153,7 +152,7 @@ def set_exploit_options(xploit)
     # @param resource [String] The resource to check.
     # @return [TrueClass] Resource is taken.
     # @return [FalseClass] Resource is not taken.
-    # TODO: Prevent partial prefix match
+    # TODO: Prevent partial prefix match - HD
     def is_resource_taken?(resource)
       taken = false
 
@@ -207,7 +206,7 @@ def sort_bap_exploits
     # @return [Hash] A hash with each module list sorted by disclosure date.
     def sort_date_in_group(bap_groups)
       bap_groups.each_pair do |ranking, module_list|
-        # TODO: Handle wonky dates in local modules better
+        # TODO: Handle wonky dates in local modules better - HD
         bap_groups[ranking] = module_list.sort_by {|m| Date.parse(m.disclosure_date.to_s)}.reverse
       end
     end
@@ -335,14 +334,11 @@ def start_payload_listeners
         multi_handler.datastore['SessionExpirationTimeout'] = datastore['SessionExpirationTimeout'] if datastore['SessionExpirationTimeout']
         multi_handler.datastore['SessionCommunicationTimeout'] = datastore['SessionCommunicationTimeout'] if datastore['SessionCommunicationTimeout']
 
-
-        # TODO: Pass WORKSPACE and other options down to the sub module
-
         # Configurable only by BAP
         multi_handler.datastore['ExitOnSession'] = false
         multi_handler.datastore['EXITFUNC']      = 'thread'
+        multi_handler.datastore['WORKSPACE']     = self.workspace
 
-        # TODO: BAPv2 specific options / tracking would go here
 
         # Now we're ready to start the handler
         multi_handler.exploit_simple(
@@ -697,11 +693,13 @@ def is_ip_targeted?(cli_ip)
     #
     # @return [Fixnum] A session count.
     def session_count
-      # TODO: Restrict these to the active workspace
       total = 0
 
       payload_job_ids.each do |id|
-        total += framework.jobs[id.to_s].ctx.first.session_count
+        job_workspace = framework.jobs[id.to_s].ctx.first.datastore['WORKSPACE']
+        if job_workspace == self.workspace
+          total += framework.jobs[id.to_s].ctx.first.session_count
+        end
       end
 
       total
