Detect IPv6 address for Host on init - Githubissues

rapid7 / rex-socket

The Rex Socket Abstraction Library

Other

12 stars 33 forks source link

Detect IPv6 address for Host on init #55

Closed sempervictus closed 1 year ago

sempervictus commented 1 year ago

Fix https://github.com/rapid7/metasploit-framework/issues/17461 by making Rex::Socket::Host aware of the address type passed to it during initialization.

Testing:

> Rex::Socket::RangeWalker.new('localhost').to_enum.to_a
=> ["127.0.0.1", "::1"]
> Rex::Socket::RangeWalker.new('localhost').include?(("0000:"*7)+"0001")
=> true

Notes: This doesn't actually fix the logical absurdity of having mixed layer 3 address types within a Range & RangeWalker. This is yet another bandaid over an architectural concern.

sempervictus commented 1 year ago

Lets get this one landed - its not controversial past what i said in the commit, which is an architectural concern we dont want to tackle right now (unless someone's game to sort out fully dual-stacking the L3 logic and then guarding the separation other than explicit 4to6 and back translations).

gwillcox-r7 commented 1 year ago

This in testing is not matching what I see from your tests:

Using rex-socket 0.1.46 (was 0.1.47) from https://github.com/sempervictus/rex-socket.git (at /home/gwillcox/git/rex-socket@e5a99ec)
*cut for brevity*
Using metasploit-framework 6.3.6 from source at `.`
Bundle complete! 17 Gemfile dependencies, 193 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
 ~/git/metasploit-framework │ master !2 ?34  ./msfconsole                          ✔ │ 3s │ 3.0.5  │ 11:17:29 

IIIIII    dTb.dTb        _.---._
module, why not try the reload command
Metasploit Documentation: https://docs.metasploit.com/

msf6 > irb
[*] Starting IRB shell...
[*] You are in the "framework" object

irb: warn: can't alias jobs from irb_jobs.
>> Rex::Socket::RangeWalker.new('localhost').to_enum.to_a
=> ["127.0.0.1"]
>> Rex::Socket::RangeWalker.new('localhost').include?(("0000:"*7)+"0001")
=> false
>>

sempervictus commented 1 year ago

@gwillcox-r7 - does your hostsfile define an IPv6 localhost? Alternatively (and part of the reason for doing this) using #43, you can make your own static entry: Rex::Socket.class_variable_get(:@@resolver).cache.add_static('localhost', '::1', 'AAAA') which then permits you to

Rex::Socket::RangeWalker.new('localhost').to_enum.to_a
=> ["127.0.0.1", "::1"]
Rex::Socket::RangeWalker.new('localhost').include?(("0000:"*7)+"0001")
=> true

gwillcox-r7 commented 1 year ago

Sorry deleted earlier comment as I realized it does, here is what it presently looks like:

127.0.0.1 localhost
127.0.1.1 gwillcox-Virtual-Machine
10.10.10.216 git.laboratory.htb

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

gwillcox-r7 commented 1 year ago

Hmm I'm guessing this may come down to my host file having ip6-localhost as the IPv6 hostname vs localhost. This seems to work fine:

[2] pry(#<Msf::Framework>)> Rex::Socket::RangeWalker.new('localhost').to_enum.to_a => ["127.0.0.1"]
[3] pry(#<Msf::Framework>)> Rex::Socket::RangeWalker.new('ip6-localhost').to_enum.to_a
[3] pry(#<Msf::Framework>)> Rex::Socket::RangeWalker.new('ip6-localhost').to_enum.to_a=> ["::1"]
[4] pry(#<Msf::Framework>)>

gwillcox-r7 commented 1 year ago

Ok looks like that was the issue and this is now working as expected:

>> Rex::Socket::RangeWalker.new('localhost').to_enum.to_a
=> ["::1", "127.0.0.1"]

Changed the line to this:

::1     ip6-localhost ip6-loopback localhost

gwillcox-r7 commented 1 year ago

And other test works:

>> Rex::Socket::RangeWalker.new('localhost').include?(("0000:"*7)+"0001")
=> true
>>

gwillcox-r7 commented 1 year ago

Going to upload an update to use the is_ipv6? change and then this should be good to land. Thanks @sempervictus!