Put is_payload_compatible? in exploit.rb

wchen-r7 · wchen-r7 · commit b33ace2f4414 · 2015-05-29T15:07:59.000-05:00
diff --git a/lib/msf/core/exploit.rb b/lib/msf/core/exploit.rb
@@ -698,6 +698,39 @@ def target_arch
     (target and target.arch) ? target.arch : (arch == []) ? nil : arch
   end
 
+  def is_payload_compatible?(payload_name)
+    c_platform = (target and target.platform) ? target.platform : platform
+    c_arch     = (target and target.arch)     ? target.arch     : (arch == []) ? nil : arch
+    c_arch   ||= [ ARCH_X86 ]
+
+    framework.payloads.each_module(
+      'Platform' => c_platform,
+      'Arch'     => c_arch ) { |name, mod|
+
+      # Skip over payloads that are too big
+      if ((payload_space) and
+          (framework.payloads.sizes[name]) and
+          (framework.payloads.sizes[name] > payload_space))
+        dlog("#{refname}: Skipping payload #{name} for being too large", 'core',
+          LEV_1)
+        next
+      end
+
+      # Are we compatible in terms of conventions and connections and
+      # what not?
+      next if (compatible?(framework.payloads.instance(name)) == false)
+
+      # If the payload is privileged but the exploit does not give
+      # privileged access, then fail it.
+      next if (self.privileged == false and framework.payloads.instance(name).privileged == true)
+
+      # This one be compatible!
+      return true if payload_name == name
+    }
+
+    false
+  end
+
   #
   # Returns a list of compatible payloads based on platform, architecture,
   # and size requirements.
diff --git a/lib/msf/ui/console/driver.rb b/lib/msf/ui/console/driver.rb
@@ -571,7 +571,7 @@ def on_variable_set(glob, var, val)
 
         if (framework and framework.payloads.valid?(val) == false)
           return false
-        elsif active_module.type == 'exploit' && !is_payload_compatible?(active_module, val)
+        elsif active_module.type == 'exploit' && !active_module.is_payload_compatible?(val)
           return false
         elsif (active_module)
           active_module.datastore.clear_non_user_defined
@@ -591,15 +591,6 @@ def on_variable_set(glob, var, val)
     end
   end
 
-
-  def is_payload_compatible?(m, payload_name)
-    m.compatible_payloads.each do |k|
-      return true if k[0] == payload_name
-    end
-
-    false
-  end
-
   #
   # Called when a variable is unset.  If this routine returns false it is an
   # indication that the variable should not be allowed to be unset.
