metasploit-framework icon indicating copy to clipboard operation
metasploit-framework copied to clipboard

Published 20 hours ago verified publisher icon rapid7

Update show options to be case insensitive

Open adfoster-r7 opened this issue 2 years ago • 1 comments
trafficstars

Steps to reproduce

Use the ldap_query module and set the action to lowercase run_query_file, and note that the module action doesn't appear:

msf6 auxiliary(gather/ldap_query) > set action run_query_file
action => run_query_file
msf6 auxiliary(gather/ldap_query) > show options

Module options (auxiliary/gather/ldap_query):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   BASE_DN                         no        LDAP base DN if you already have it
   BIND_DN                         no        The username to authenticate to LDAP server
   BIND_PW                         no        Password for the BIND_DN
   OUTPUT_FORMAT  table            yes       The output format to use (Accepted: csv, table, json)
   RHOSTS         127.0.0.1        yes       The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
   RPORT          389              yes       The target port
   SSL            false            no        Enable SSL on the LDAP connection


View the full module info with the info, or info -d command.

Now use the ldap_query module and set the action to uppercase RUN_QUERY_FILE, and note that the module action does appear:

msf6 auxiliary(gather/ldap_query) > set action RUN_QUERY_FILE
action => RUN_QUERY_FILE
msf6 auxiliary(gather/ldap_query) > show options

Module options (auxiliary/gather/ldap_query):

   Name             Current Setting  Required  Description
   ----             ---------------  --------  -----------
   BASE_DN                           no        LDAP base DN if you already have it
   BIND_DN                           no        The username to authenticate to LDAP server
   BIND_PW                           no        Password for the BIND_DN
   OUTPUT_FORMAT    table            yes       The output format to use (Accepted: csv, table, json)
   QUERY_FILE_PATH                   yes       Path to the JSON or YAML file to load and run queries from
   RHOSTS           127.0.0.1        yes       The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
   RPORT            389              yes       The target port
   SSL              false            no        Enable SSL on the LDAP connection


Auxiliary action:

   Name            Description
   ----            -----------
   RUN_QUERY_FILE  Execute a custom set of LDAP queries from the JSON or YAML file specified by QUERY_FILE.

Expected behavior

show options should be case insensitive when showing the selected action

Current behavior

The action does not appear

Metasploit version

msf6 auxiliary(gather/ldap_query) > version
Framework: 6.2.32-dev-281020379c
Console  : 6.2.32-dev-281020379c

adfoster-r7 avatar Jan 10 '23 12:01 adfoster-r7

I want to grab this :P

ArkaprabhaChakraborty avatar Jan 22 '23 11:01 ArkaprabhaChakraborty

Unassigning, user does not seem to have forked the Metasploit Framework repo and so I think this task may have been abandoned.

gwillcox-r7 avatar Feb 13 '23 15:02 gwillcox-r7

I want to grab this issue.

manishkumarr1017 avatar Feb 18 '23 05:02 manishkumarr1017

Resolved with https://github.com/rapid7/metasploit-framework/pull/17663 which has now been landed.

gwillcox-r7 avatar Feb 18 '23 19:02 gwillcox-r7