PAYLOAD: adduser.rb - Checks on the PASS parameter

[hdm at metasploit.com (HD Moore)]

On Fri, 2009-09-11 at 02:05 +0200, ChrisJohnRiley wrote:

> I?m trying to implement a few checks in a custom version of the adduser.rb payload (length and password complexity 
> rules on the PASS parameter). Although I?ve the checks are functioning (see DEBUG messages), I can?t seem to get the 
> payload to exit out cleanly and cancel the exploit (Msf::OptionValidateError ???).


What interface are you testing with? Raising an ArgumentError from the
generate function works fine for msfconsole (it stops the exploit). If
you are using this with a client-side exploit where payload generation
is delayed, this wouldn't show up until a client accessed the exploit
service.

msf exploit(handler) > exploit 

[-] Exploit failed: Password for the adduser payload must be 14
characters or less

Besides the constraints on the basic option types, there is no other way
to place a check on the raw option value before launching the exploit
right now. If this becomes an issue, we can add an
option_validator(oname) method to each module, which can provide a
true/false return based on its own rules.


-HD