search

rapid7 / rex-socket

The Rex Socket Abstraction Library
Other
12 stars 33 forks source link

Fix deprecation warning in socks proxy support #54

Closed adfoster-r7 closed 1 year ago

adfoster-r7 commented 1 year ago

Original issue https://github.com/rapid7/metasploit-framework/issues/15849

Fix deprecation warning in socks proxy support

Steps:

use server/socks_proxy
run

use scanner/http/title
run proxies=socks5:127.0.0.1:1080 https://google.com

Before

Warning generated:

msf6 auxiliary(scanner/http/title) > run proxies=socks5:127.0.0.1:1080 https://google.com
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version

[+] [142.250.200.46:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

After

No warning

msf6 auxiliary(scanner/http/title) > run proxies=socks5:127.0.0.1:1080 https://google.com

[+] [142.250.200.46:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
gwillcox-r7 commented 1 year ago

With updates I get no warning:

msf6 > use auxiliary/scanner/http/title 
msf6 auxiliary(scanner/http/title) > use auxiliary/server/socks_proxy 
msf6 auxiliary(server/socks_proxy) > show options

Module options (auxiliary/server/socks_proxy):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   PASSWORD                   no        Proxy password for SOCKS5 listener
   SRVHOST   0.0.0.0          yes       The local host or network interface to listen on. This must be an address on the local machine or 0
                                        .0.0.0 to listen on all addresses.
   SRVPORT   1080             yes       The port to listen on
   USERNAME                   no        Proxy username for SOCKS5 listener
   VERSION   5                yes       The SOCKS version to use (Accepted: 4a, 5)

Auxiliary action:

   Name   Description
   ----   -----------
   Proxy  Run a SOCKS proxy server

View the full module info with the info, or info -d command.

msf6 auxiliary(server/socks_proxy) > run
[*] Auxiliary module running as background job 0.
msf6 auxiliary(server/socks_proxy) > 
[*] Starting the SOCKS proxy server

msf6 auxiliary(server/socks_proxy) > jobs

Jobs
====

  Id  Name                           Payload  Payload opts
  --  ----                           -------  ------------
  0   Auxiliary: server/socks_proxy

msf6 auxiliary(server/socks_proxy) > use scanner/http/title
msf6 auxiliary(scanner/http/title) > run proxies=socks5:127.0.0.1:1080 https://google.com

[+] [142.251.32.174:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned 1 of 5 hosts (20% complete)
[*] Scanned 2 of 5 hosts (40% complete)
[*] Scanned 3 of 5 hosts (60% complete)
[*] Scanned 4 of 5 hosts (80% complete)
[*] Scanned 5 of 5 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/http/title) >
gwillcox-r7 commented 1 year ago

Before update we see this, confirms that this fixes the warning issue:

msf6 > use auxiliary/server/socks_proxy
msf6 auxiliary(server/socks_proxy) > run
[*] Auxiliary module running as background job 0.
msf6 auxiliary(server/socks_proxy) > 
[*] Starting the SOCKS proxy server

msf6 auxiliary(server/socks_proxy) > use scanner/http/title
msf6 auxiliary(scanner/http/title) > run proxies=socks5:127.0.0.1:1080 https://google.com
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version

[+] [142.250.114.113:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned  1 of 10 hosts (10% complete)
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version
[+] [142.250.114.102:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned  2 of 10 hosts (20% complete)
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version
[+] [142.250.114.139:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned  3 of 10 hosts (30% complete)
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version
[+] [142.250.114.101:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned  4 of 10 hosts (40% complete)
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version
[+] [142.250.114.138:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned  5 of 10 hosts (50% complete)
NOTE: Rex::Socket.gethostbyname is deprecated, use getaddress, resolve_nbo, or similar instead. It will be removed in the next Major version
[+] [142.250.114.100:443] [C:301] [R:https://www.google.com/] [S:gws] 301 Moved
[*] Scanned  6 of 10 hosts (60% complete)
[*] Scanned  7 of 10 hosts (70% complete)
[*] Scanned  8 of 10 hosts (80% complete)
[*] Scanned  9 of 10 hosts (90% complete)
[*] Scanned 10 of 10 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/http/title) >