metasploit-framework
https://github.com/rapid7/metasploit-framework
Ruby
Metasploit Framework
MetasploitModule#client_matches_browser
Returns true if an exploit for +browser+ (one of the +OperatingSystems+ constants) should be sent for a particilar client. +client_info+ should be something returned by +get_client+. If +client_info+ is nil then get_client failed and we have no knowledge of this client, so we can't assume anything about their browser. If the exploit does not specify a browser target, that means it it is generic and will work anywhere (or at least be able to autodetect). If the currently connected client's ua_name is nil, then the fingerprinting didn't work for some reason. Lastly, check to see if the client's browser matches the browser targetted by this group of exploits. In all of these cases, we need to send all the exploits in the list. In contrast, if we have all of that info and it doesn't match, we don't need to bother sending it.
Edit
git clone [email protected]:rapid7/metasploit-framework.git
cd metasploit-framework
open modules/auxiliary/server/browser_autopwn.rb
Contribute
# Make a new branchgit checkout -b -your-name--update-docs-MetasploitModule-client_matches_browser-for-pr
# Commit to gitgit add modules/auxiliary/server/browser_autopwn.rbgit commit -m "better docs for MetasploitModule#client_matches_browser"
# Open pull requestgem install hub # on a mac you can `brew install hub`
hub fork
git push <your name> -your-name--update-docs-MetasploitModule-client_matches_browser-for-pr
hub pull-request
# Celebrate!