lib/msf/core/post/linux/system.rb

require 'msf/core/post/common'
require 'msf/core/post/file'

module Msf
class Post
module Linux
module System
	include ::Msf::Post::Common
		include ::Msf::Post::File

		# Returns a Hash containing Distribution Name, Version and Kernel Information
		def get_sysinfo
			system_data = {}
			etc_files = cmd_exec("ls /etc").split()

			# Debian
			if etc_files.include?("debian_version")
				kernel_version = cmd_exec("uname -a")
				if kernel_version =~ /Ubuntu/
					version = read_file("/etc/issue").gsub(/\n|\\n|\\l/,'')
					system_data[:distro] = "ubuntu"
					system_data[:version] = version
					system_data[:kernel] = kernel_version
				else
					version = read_file("/etc/issue").gsub(/\n|\\n|\\l/,'')
					system_data[:distro] = "debian"
					system_data[:version] = version
					system_data[:kernel] = kernel_version
				end

			# Amazon
			elsif etc_files.include?("system-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/system-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "amazon"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# Fedora
			elsif etc_files.include?("fedora-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/fedora-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "fedora"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# Oracle Linux
			elsif etc_files.include?("enterprise-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/enterprise-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "oracle"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# RedHat
			elsif etc_files.include?("redhat-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/redhat-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "redhat"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# Arch
			elsif etc_files.include?("arch-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/arch-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "arch"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# Slackware
			elsif etc_files.include?("slackware-version")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/slackware-version").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "slackware"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# Mandrake
			elsif etc_files.include?("mandrake-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/mandrake-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "mandrake"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			#SuSE
			elsif etc_files.include?("SuSE-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/SuSE-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "suse"
				system_data[:version] = version
				system_data[:kernel] = kernel_version

			# Gentoo
			elsif etc_files.include?("gentoo-release")
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/gentoo-release").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "gentoo"
				system_data[:version] = version
				system_data[:kernel] = kernel_version
			else

				# Others
				kernel_version = cmd_exec("uname -a")
				version = read_file("/etc/issue").gsub(/\n|\\n|\\l/,'')
				system_data[:distro] = "linux"
				system_data[:version] = version
				system_data[:kernel] = kernel_version
			end
			return system_data
		end

		# Returns an array of hashes each representing a user
		# Keys are name, uid, gid, info, dir and shell
		def get_users
			users = []
			cmd_out = cmd_exec("cat /etc/passwd").split("\n")
			cmd_out.each do |l|
				entry = {}
				user_field = l.split(":")
				entry[:name] = user_field[0]
				entry[:uid] = user_field[2]
				entry[:gid] = user_field[3]
				entry[:info] = user_field[4]
				entry[:dir] = user_field[5]
				entry[:shell] = user_field[6]
				users << entry
			end
			return users
		end

		# Returns an array of hashes each hash representing a user group
		# Keys are name, gid and users
		def get_groups
			groups = []
			cmd_out = cmd_exec("cat /etc/group").split("\n")
			cmd_out.each do |l|
				entry = {}
				user_field = l.split(":")
				entry[:name] = user_field[0]
				entry[:gid] = user_field[2]
				entry[:users] = user_field[3]
				groups << entry
			end
			return groups
		end


end # System
end #Linux
end # Post
end # Msf
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`require 'msf/core/post/common'`
			`require 'msf/core/post/file'`

			`module Msf`
			`class Post`
Change Post Mixin for Linux platform in its own separate class 2011-06-20 23:27:57 +00:00			`module Linux`
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`module System`
Added calls to enumerate users and groups to linux post mixin 2011-06-02 22:21:28 +00:00			`include ::Msf::Post::Common`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`include ::Msf::Post::File`
Linux initial post libraries 2011-06-01 22:48:55 +00:00
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`# Returns a Hash containing Distribution Name, Version and Kernel Information`
Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`def get_sysinfo`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`system_data = {}`
			`etc_files = cmd_exec("ls /etc").split()`

			`# Debian`
			`if etc_files.include?("debian_version")`
			`kernel_version = cmd_exec("uname -a")`
			`if kernel_version =~ /Ubuntu/`
			`version = read_file("/etc/issue").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "ubuntu"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`
			`else`
			`version = read_file("/etc/issue").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "debian"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`
			`end`

Added Amazon Linux the version used with EC2 AMI 2011-06-13 01:37:04 +00:00			`# Amazon`
			`elsif etc_files.include?("system-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/system-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "amazon"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`# Fedora`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`elsif etc_files.include?("fedora-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/fedora-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "fedora"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`# Oracle Linux`
			`elsif etc_files.include?("enterprise-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/enterprise-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "oracle"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

			`# RedHat`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`elsif etc_files.include?("redhat-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/redhat-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "redhat"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`# Arch`
			`elsif etc_files.include?("arch-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/arch-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "arch"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

			`# Slackware`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`elsif etc_files.include?("slackware-version")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/slackware-version").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "slackware"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`# Mandrake`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`elsif etc_files.include?("mandrake-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/mandrake-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "mandrake"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`#SuSE`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`elsif etc_files.include?("SuSE-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/SuSE-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "suse"`
			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`

Added Oracle Linux and Arch Linux support and change the call to standardize it with other mixins 2011-06-09 12:50:36 +00:00			`# Gentoo`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`elsif etc_files.include?("gentoo-release")`
			`kernel_version = cmd_exec("uname -a")`
			`version = read_file("/etc/gentoo-release").gsub(/\n\|\\n\|\\l/,'')`
			`system_data[:distro] = "gentoo"`
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`
			`else`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00
			`# Others`
			`kernel_version = cmd_exec("uname -a")`
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`version = read_file("/etc/issue").gsub(/\n\|\\n\|\\l/,'')`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`system_data[:distro] = "linux"`
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`system_data[:version] = version`
			`system_data[:kernel] = kernel_version`
			`end`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`return system_data`
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`end`

fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`# Returns an array of hashes each representing a user`
			`# Keys are name, uid, gid, info, dir and shell`
			`def get_users`
			`users = []`
			`cmd_out = cmd_exec("cat /etc/passwd").split("\n")`
			`cmd_out.each do \|l\|`
			`entry = {}`
			`user_field = l.split(":")`
			`entry[:name] = user_field[0]`
			`entry[:uid] = user_field[2]`
			`entry[:gid] = user_field[3]`
			`entry[:info] = user_field[4]`
			`entry[:dir] = user_field[5]`
			`entry[:shell] = user_field[6]`
			`users << entry`
			`end`
			`return users`
			`end`
Added calls to enumerate users and groups to linux post mixin 2011-06-02 22:21:28 +00:00
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`# Returns an array of hashes each hash representing a user group`
			`# Keys are name, gid and users`
			`def get_groups`
			`groups = []`
			`cmd_out = cmd_exec("cat /etc/group").split("\n")`
			`cmd_out.each do \|l\|`
			`entry = {}`
			`user_field = l.split(":")`
			`entry[:name] = user_field[0]`
			`entry[:gid] = user_field[2]`
			`entry[:users] = user_field[3]`
			`groups << entry`
			`end`
			`return groups`
			`end`
Added calls to enumerate users and groups to linux post mixin 2011-06-02 22:21:28 +00:00

Linux initial post libraries 2011-06-01 22:48:55 +00:00			`end # System`
Change Post Mixin for Linux platform in its own separate class 2011-06-20 23:27:57 +00:00			`end #Linux`
Linux initial post libraries 2011-06-01 22:48:55 +00:00			`end # Post`
			`end # Msf`