add harvester improvement and bug fixes

readme/CHANGELOG

@@ -1,3 +1,11 @@
+~~~~~~~~~~~~~~~~
+version 7.7.2
+~~~~~~~~~~~~~~~~
+
+* fix endswith nonetype error
+* fix directory traversal issue (thanks Spencer - awesome PR)
+* add automatic IP detection for settings in credential harvester
+
 ~~~~~~~~~~~~~~~~
 version 7.7.1
 ~~~~~~~~~~~~~~~~

src/core/set.py

@@ -352,8 +352,12 @@ try:
                                         "This option is used for what IP the server will POST to.")
                                     print_info(
                                         "If you're using an external IP, use your external IP for this")
-                                    ipaddr = raw_input(
-                                        setprompt(["2"], "IP address for the POST back in Harvester/Tabnabbing"))
+                                    rhost = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+                                    rhost.connect(('google.com', 0))
+                                    rhost.settimeout(2)
+                                    revipaddr = rhost.getsockname()[0]
+                                    ipaddr = raw_input(setprompt(["2"], "IP address for the POST back in Harvester/Tabnabbing [" + revipaddr + "]"))
+                                    if ipaddr == "": ipaddr=revipaddr
 
                                 if check_options("IPADDR=") != 0:
                                     ipaddr = check_options("IPADDR=")

src/core/set.version

@@ -1 +1 @@
-7.7.1
+7.7.2

src/core/setcore.py

@@ -332,7 +332,7 @@ def meta_path():
 
         # pull from config first
         msf_path = check_config("METASPLOIT_PATH=")
-        if not msf_path.endswith("/"):
+        if not str(msf_path.endswith("/")):
             msf_path = msf_path + "/"
         if os.path.isfile(msf_path + "msfconsole"):
             trigger = 1