fixed check_for_msf() to check in $PATH

[atucom]

Changed the check_for_msf() function to search the $PATH for the msfconsole executable. It previously was searching for an environment variable named 'msfconsole'.

[Ekultek]

Yes because when msf is installed msfconsole is added to your ENV vars

[atucom]

I think that may be a package manager specific thing because I don't see a msfconsole var when I run env on my Kali VM nor on an ubuntu AWS Lightsail instance where I 'bundle install'ed metasploit from their git repo.

I do however see it listed in my $PATH on both boxes.

[Ekultek]

Could be, we can edit it so that it’ll look for both?

[Ekultek]

return os.getenv(“msfconsole”, False) or distutils.spawn.find_executable("msfconsole") would work

[atucom]

So it looks like it doesn't matter what it returns as long as its not False. If I export msfconsole as garbage, autosploit doesn't use it as a path, it ignores the contents of the var entirely. I added some print statements and ran it below:

root@autosploit# 6
------------------------------
('msfconsole env = ', 'ASDASLDKJASLD')
[+] you will need to do some configuration to MSF.
please keep in mind that sending connections back to your local host is probably not a smart idea.
[?] enter your workspace name: test
[?] enter your LHOST: 0.0.0.0
[?] enter your LPORT: 2020
just before exploiter. ruby_exec: False msf_path: None
[?] a total of 285 modules have been sorted by relevance, would you like to display them[y/N]: n
[?] use relevant modules[y/N]: y
[+] starting exploitation with sorted modules (total of 285)
[+] launching exploit 'exploit/windows/firewall/blackice_pam_icq; exploit' against host '1.1.1.1'
^C/root/metasploit-framework/lib/msf/core/opt_base.rb:29:in `initialize': Interrupt

Above shows that ruby_exec is False and msf_path is None so the template defaults to just running "msfconsole".

Is the intended functionality of check_for_msf() to return a boolean of whether or not msfconsole is found in $PATH? or is it to return the path to msfconsole?

[Ekultek]

The intended functionality for it is to check if msfconsole is in your ENV PATH, by getting the env-var for it. It will either return False in which case the ruby executable will have to be called on the msfconsole file (it doesn't come +x by default, that I'm aware of anyways). From there if it returns False it will call ruby <PATH>/msfconsole <COMMANDS>. If it returns anything other then False it will run as msfconsole <COMMANDS> assuming that you have the console in your PATH somewhere

Like I said return os.getenv(“msfconsole”, False) or distutils.spawn.find_executable("msfconsole") will work

[atucom]

Updated with new line

[Ekultek]

Merged