2019-06-22 21:36:42 -04:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
|
|
|
|
|
module Msf::Sessions
|
2021-07-23 10:58:13 -04:00
|
|
|
###
|
2019-06-22 21:36:42 -04:00
|
|
|
#
|
2021-07-23 10:58:13 -04:00
|
|
|
# This class provides basic interaction with a ChannelFD
|
|
|
|
|
# abstraction provided by the Rex::Proto::Ssh wrapper
|
|
|
|
|
# around HrrRbSsh.
|
2019-06-22 21:36:42 -04:00
|
|
|
#
|
2021-07-23 10:58:13 -04:00
|
|
|
# Date: June 22, 2019
|
|
|
|
|
# Author: RageLtMan
|
2019-06-22 21:36:42 -04:00
|
|
|
#
|
2021-07-23 10:58:13 -04:00
|
|
|
###
|
|
|
|
|
class SshCommandShellReverse < Msf::Sessions::CommandShell
|
2019-06-22 21:36:42 -04:00
|
|
|
|
2021-07-23 10:58:13 -04:00
|
|
|
#
|
|
|
|
|
# This interface supports basic interaction.
|
|
|
|
|
#
|
|
|
|
|
include Msf::Session::Basic
|
2019-06-22 21:36:42 -04:00
|
|
|
|
2021-07-23 10:58:13 -04:00
|
|
|
#
|
|
|
|
|
# This interface supports interacting with a single command shell.
|
|
|
|
|
#
|
|
|
|
|
include Msf::Session::Provider::SingleCommandShell
|
2019-06-22 21:36:42 -04:00
|
|
|
|
2021-07-23 10:58:13 -04:00
|
|
|
##
|
|
|
|
|
#
|
|
|
|
|
# Returns the session description.
|
|
|
|
|
#
|
|
|
|
|
def desc
|
|
|
|
|
'SSH command shell'
|
2019-06-22 21:36:42 -04:00
|
|
|
end
|
|
|
|
|
|
2022-08-03 21:43:32 +01:00
|
|
|
def shell_command(cmd, timeout = 5)
|
2021-07-23 10:58:13 -04:00
|
|
|
# Send the command to the session's stdin.
|
|
|
|
|
shell_write(cmd + "\n")
|
2019-06-22 21:36:42 -04:00
|
|
|
|
2022-08-03 21:43:32 +01:00
|
|
|
etime = ::Time.now.to_f + timeout
|
|
|
|
|
buff = ""
|
2019-06-22 21:36:42 -04:00
|
|
|
|
2021-07-23 10:58:13 -04:00
|
|
|
# Keep reading data until no more data is available or the timeout is
|
|
|
|
|
# reached.
|
2022-08-03 21:43:32 +01:00
|
|
|
while ::Time.now.to_f < etime && ::IO.select([rstream.fd_rd], nil, nil, timeout)
|
2021-07-23 10:58:13 -04:00
|
|
|
res = shell_read(-1, 0.01)
|
|
|
|
|
buff << res if res
|
2022-08-03 21:43:32 +01:00
|
|
|
timeout = etime - ::Time.now.to_f
|
2019-06-22 21:36:42 -04:00
|
|
|
end
|
2021-07-23 10:58:13 -04:00
|
|
|
|
|
|
|
|
buff
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
|
|
def _interact_stream
|
|
|
|
|
fdr = [rstream.fd_rd, user_input.fd]
|
|
|
|
|
fdw = [rstream.fd_wr, user_input.fd]
|
|
|
|
|
while interacting
|
|
|
|
|
sd = Rex::ThreadSafe.select(fdr, nil, fdw, 0.5)
|
|
|
|
|
next unless sd
|
|
|
|
|
|
|
|
|
|
if sd[0].include? rstream.fd_rd
|
|
|
|
|
user_output.print(shell_read)
|
|
|
|
|
end
|
|
|
|
|
if sd[0].include? user_input.fd
|
|
|
|
|
run_single((user_input.gets || '').chomp("\n"))
|
|
|
|
|
end
|
|
|
|
|
Thread.pass
|
2019-06-22 21:36:42 -04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2021-07-23 10:58:13 -04:00
|
|
|
end
|
2019-06-22 21:36:42 -04:00
|
|
|
end
|
