2012-06-29 00:18:28 -05:00
|
|
|
# -*- coding: binary -*-
|
2014-11-13 11:11:34 -06:00
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Standard Library
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
require 'monitor'
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Project
|
|
|
|
|
#
|
|
|
|
|
|
2014-06-02 12:54:46 -05:00
|
|
|
require 'metasploit/framework/version'
|
2020-09-22 02:56:51 +01:00
|
|
|
require 'rex/socket/ssl'
|
|
|
|
|
require 'metasploit/framework/thread_factory_provider'
|
2005-05-21 17:57:00 +00:00
|
|
|
module Msf
|
|
|
|
|
|
|
|
|
|
###
|
|
|
|
|
#
|
|
|
|
|
# This class is the primary context that modules, scripts, and user
|
|
|
|
|
# interfaces interact with. It ties everything together.
|
|
|
|
|
#
|
|
|
|
|
###
|
|
|
|
|
class Framework
|
2014-11-13 11:11:34 -06:00
|
|
|
include MonitorMixin
|
2005-07-14 06:34:58 +00:00
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Versioning information
|
|
|
|
|
#
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2014-06-02 12:54:46 -05:00
|
|
|
Major = Metasploit::Framework::Version::MAJOR
|
|
|
|
|
Minor = Metasploit::Framework::Version::MINOR
|
|
|
|
|
Point = Metasploit::Framework::Version::PATCH
|
|
|
|
|
Release = "-#{Metasploit::Framework::Version::PRERELEASE}"
|
2015-07-02 15:30:58 -05:00
|
|
|
Version = Metasploit::Framework::VERSION
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2009-11-09 03:22:24 +00:00
|
|
|
Revision = "$Revision$"
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-07-13 18:06:12 +00:00
|
|
|
#
|
|
|
|
|
# Mixin meant to be included into all classes that can have instances that
|
|
|
|
|
# should be tied to the framework, such as modules.
|
|
|
|
|
#
|
|
|
|
|
module Offspring
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-10-19 03:37:22 +00:00
|
|
|
#
|
|
|
|
|
# A reference to the framework instance from which this offspring was
|
|
|
|
|
# derived.
|
|
|
|
|
#
|
2009-11-09 01:50:44 +00:00
|
|
|
attr_accessor :framework
|
2005-07-13 18:06:12 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2017-07-07 13:33:42 -05:00
|
|
|
require 'metasploit/framework/data_service/proxy/core'
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-10-19 03:37:22 +00:00
|
|
|
#
|
|
|
|
|
# Creates an instance of the framework context.
|
|
|
|
|
#
|
2014-11-13 13:23:17 -06:00
|
|
|
def initialize(options={})
|
|
|
|
|
self.options = options
|
2014-11-13 11:11:34 -06:00
|
|
|
# call super to initialize MonitorMixin. #synchronize won't work without this.
|
|
|
|
|
super()
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2009-01-02 07:29:56 +00:00
|
|
|
# Allow specific module types to be loaded
|
2014-11-13 13:23:17 -06:00
|
|
|
types = options[:module_types] || Msf::MODULE_TYPES
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2023-09-14 10:47:26 +01:00
|
|
|
self.history_manager = Rex::Ui::Text::Shell::HistoryManager.new
|
|
|
|
|
|
2022-08-08 01:40:15 +01:00
|
|
|
self.features = FeatureManager.instance
|
|
|
|
|
self.features.load_config
|
|
|
|
|
|
2006-03-21 04:37:48 +00:00
|
|
|
self.events = EventDispatcher.new(self)
|
2009-01-02 07:29:56 +00:00
|
|
|
self.modules = ModuleManager.new(self,types)
|
2005-07-14 06:34:58 +00:00
|
|
|
self.datastore = DataStore.new
|
2005-09-22 04:53:46 +00:00
|
|
|
self.jobs = Rex::JobContainer.new
|
2019-05-23 11:49:43 -05:00
|
|
|
self.analyze = Analyze.new(self)
|
2005-11-19 16:25:26 +00:00
|
|
|
self.plugins = PluginManager.new(self)
|
2015-07-02 14:58:43 -05:00
|
|
|
self.browser_profiles = Hash.new
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-11-12 06:19:49 +00:00
|
|
|
# Configure the thread factory
|
2014-11-13 14:08:26 -06:00
|
|
|
Rex::ThreadFactory.provider = Metasploit::Framework::ThreadFactoryProvider.new(framework: self)
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2017-12-28 21:00:03 -05:00
|
|
|
# Configure the SSL certificate generator
|
2020-09-22 02:56:51 +01:00
|
|
|
require 'msf/core/cert_provider'
|
2017-12-29 01:35:23 -05:00
|
|
|
Rex::Socket::Ssl.cert_provider = Msf::Ssl::CertProvider
|
2023-11-09 16:26:53 +11:00
|
|
|
|
2024-03-12 09:33:27 -04:00
|
|
|
if options.include?('CustomDnsResolver') && Msf::FeatureManager.instance.enabled?(Msf::FeatureManager::DNS)
|
2023-11-09 16:26:53 +11:00
|
|
|
self.dns_resolver = options['CustomDnsResolver']
|
2023-11-22 15:45:03 +11:00
|
|
|
self.dns_resolver.set_framework(self)
|
2023-11-09 16:26:53 +11:00
|
|
|
Rex::Socket._install_global_resolver(self.dns_resolver)
|
|
|
|
|
end
|
2017-12-28 21:00:03 -05:00
|
|
|
|
2010-01-15 00:32:48 +00:00
|
|
|
subscriber = FrameworkEventSubscriber.new(self)
|
|
|
|
|
events.add_exploit_subscriber(subscriber)
|
|
|
|
|
events.add_session_subscriber(subscriber)
|
|
|
|
|
events.add_general_subscriber(subscriber)
|
|
|
|
|
events.add_db_subscriber(subscriber)
|
|
|
|
|
events.add_ui_subscriber(subscriber)
|
2005-05-22 07:14:16 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2009-12-01 21:42:14 +00:00
|
|
|
def inspect
|
2010-01-14 18:57:54 +00:00
|
|
|
"#<Framework (#{sessions.length} sessions, #{jobs.length} jobs, #{plugins.length} plugins#{db.active ? ", #{db.driver} database active" : ""})>"
|
2009-12-01 21:42:14 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
2005-10-19 03:37:22 +00:00
|
|
|
# Returns the module set for encoders.
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
2005-05-22 07:14:16 +00:00
|
|
|
def encoders
|
|
|
|
|
return modules.encoders
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
2005-10-19 03:37:22 +00:00
|
|
|
# Returns the module set for exploits.
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
2005-05-22 07:25:15 +00:00
|
|
|
def exploits
|
|
|
|
|
return modules.exploits
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
|
|
|
|
# Returns the module set for nops
|
|
|
|
|
#
|
2005-05-22 07:14:16 +00:00
|
|
|
def nops
|
|
|
|
|
return modules.nops
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
|
|
|
|
# Returns the module set for payloads
|
|
|
|
|
#
|
2005-05-22 07:25:15 +00:00
|
|
|
def payloads
|
|
|
|
|
return modules.payloads
|
2005-05-22 07:14:16 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
2006-01-24 03:59:44 +00:00
|
|
|
# Returns the module set for auxiliary modules
|
2005-07-12 14:32:44 +00:00
|
|
|
#
|
2006-01-24 03:59:44 +00:00
|
|
|
def auxiliary
|
|
|
|
|
return modules.auxiliary
|
2005-05-21 17:57:00 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-12-27 17:46:42 +00:00
|
|
|
#
|
|
|
|
|
# Returns the module set for post modules
|
|
|
|
|
#
|
|
|
|
|
def post
|
|
|
|
|
return modules.post
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2018-08-02 11:54:38 -05:00
|
|
|
def evasion
|
|
|
|
|
return modules.evasion
|
|
|
|
|
end
|
|
|
|
|
|
2005-11-24 03:31:23 +00:00
|
|
|
#
|
|
|
|
|
# Returns the framework version in Major.Minor format.
|
|
|
|
|
#
|
|
|
|
|
def version
|
2009-11-09 01:50:44 +00:00
|
|
|
Version
|
2005-11-24 03:31:23 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2023-11-07 06:32:03 +11:00
|
|
|
#
|
|
|
|
|
# DNS resolver for the framework
|
|
|
|
|
#
|
|
|
|
|
attr_reader :dns_resolver
|
2005-10-19 03:37:22 +00:00
|
|
|
#
|
|
|
|
|
# Event management interface for registering event handler subscribers and
|
|
|
|
|
# for interacting with the correlation engine.
|
|
|
|
|
#
|
2005-05-21 17:57:00 +00:00
|
|
|
attr_reader :events
|
2005-10-19 03:37:22 +00:00
|
|
|
#
|
|
|
|
|
# Module manager that contains information about all loaded modules,
|
|
|
|
|
# regardless of type.
|
|
|
|
|
#
|
2005-05-22 07:14:16 +00:00
|
|
|
attr_reader :modules
|
2005-10-19 03:37:22 +00:00
|
|
|
#
|
|
|
|
|
# The global framework datastore that can be used by modules.
|
|
|
|
|
#
|
2005-07-14 06:34:58 +00:00
|
|
|
attr_reader :datastore
|
2005-10-19 03:37:22 +00:00
|
|
|
#
|
2006-01-24 03:59:44 +00:00
|
|
|
# The framework instance's aux manager. The aux manager is responsible
|
2015-04-13 13:21:41 +05:00
|
|
|
# for collecting and cataloging all aux information that comes in from
|
2006-01-24 03:59:44 +00:00
|
|
|
# aux modules.
|
2005-10-29 13:47:07 +00:00
|
|
|
#
|
2006-01-24 03:59:44 +00:00
|
|
|
attr_reader :auxmgr
|
2005-10-29 13:47:07 +00:00
|
|
|
#
|
2005-10-19 03:37:22 +00:00
|
|
|
# Background job management specific to things spawned from this instance
|
|
|
|
|
# of the framework.
|
|
|
|
|
#
|
2005-09-22 04:53:46 +00:00
|
|
|
attr_reader :jobs
|
2005-11-19 16:25:26 +00:00
|
|
|
#
|
|
|
|
|
# The framework instance's plugin manager. The plugin manager is
|
|
|
|
|
# responsible for exposing an interface that allows for the loading and
|
|
|
|
|
# unloading of plugins.
|
|
|
|
|
#
|
|
|
|
|
attr_reader :plugins
|
2015-05-20 00:28:32 -05:00
|
|
|
#
|
2015-07-02 14:58:43 -05:00
|
|
|
# The framework instance's browser profile store. These profiles are
|
|
|
|
|
# generated by client-side modules and need to be shared across
|
|
|
|
|
# different contexts.
|
|
|
|
|
#
|
|
|
|
|
attr_reader :browser_profiles
|
2019-01-09 16:41:06 -06:00
|
|
|
#
|
|
|
|
|
# The framework instance's analysis utility. Provide method to analyze
|
|
|
|
|
# framework objects to offer related objects/actions available.
|
|
|
|
|
#
|
|
|
|
|
attr_reader :analyze
|
2020-07-07 13:46:41 +01:00
|
|
|
#
|
|
|
|
|
# The framework instance's feature manager. The feature manager is responsible
|
|
|
|
|
# for configuring feature flags that can change characteristics of framework.
|
2023-09-14 10:47:26 +01:00
|
|
|
# @return [Msf::FeatureManager]
|
2020-07-07 13:46:41 +01:00
|
|
|
attr_reader :features
|
2014-11-13 13:38:53 -06:00
|
|
|
|
2023-09-14 10:47:26 +01:00
|
|
|
# The framework instance's history manager, responsible for managing command history
|
|
|
|
|
# in different contexts
|
|
|
|
|
# @return [Rex::Ui::Text::Shell::HistoryManager]
|
|
|
|
|
attr_reader :history_manager
|
2019-09-13 10:05:45 -05:00
|
|
|
|
2006-03-21 04:37:48 +00:00
|
|
|
#
|
2017-07-07 13:33:42 -05:00
|
|
|
# The framework instance's data service proxy
|
|
|
|
|
#
|
|
|
|
|
# @return [Metasploit::Framework::DataService::DataProxy]
|
2014-11-13 13:38:53 -06:00
|
|
|
def db
|
2023-05-05 13:50:38 +01:00
|
|
|
return @db if @db
|
|
|
|
|
|
2014-11-13 13:38:53 -06:00
|
|
|
synchronize {
|
2018-01-19 15:16:19 -06:00
|
|
|
@db ||= get_db
|
2014-11-13 13:38:53 -06:00
|
|
|
}
|
|
|
|
|
end
|
2014-11-13 11:12:43 -06:00
|
|
|
|
2014-11-13 13:17:57 -06:00
|
|
|
# Session manager that tracks sessions associated with this framework
|
|
|
|
|
# instance over the course of their lifetime.
|
|
|
|
|
#
|
|
|
|
|
# @return [Msf::SessionManager]
|
|
|
|
|
def sessions
|
2023-05-05 13:50:38 +01:00
|
|
|
return @sessions if @sessions
|
|
|
|
|
|
2014-11-13 13:17:57 -06:00
|
|
|
synchronize {
|
|
|
|
|
@sessions ||= Msf::SessionManager.new(self)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2010-11-12 06:19:49 +00:00
|
|
|
# The framework instance's thread manager. The thread manager
|
|
|
|
|
# provides a cleaner way to manage spawned threads
|
|
|
|
|
#
|
2014-11-13 11:12:43 -06:00
|
|
|
# @return [Msf::ThreadManager]
|
|
|
|
|
def threads
|
2023-05-05 13:50:38 +01:00
|
|
|
return @threads if @threads
|
|
|
|
|
|
2014-11-13 11:12:43 -06:00
|
|
|
synchronize {
|
|
|
|
|
@threads ||= Msf::ThreadManager.new(self)
|
|
|
|
|
}
|
|
|
|
|
end
|
2010-12-27 17:46:42 +00:00
|
|
|
|
2014-11-13 14:21:35 -06:00
|
|
|
# Whether {#threads} has been initialized
|
|
|
|
|
#
|
|
|
|
|
# @return [true] if {#threads} has been initialized
|
|
|
|
|
# @return [false] otherwise
|
|
|
|
|
def threads?
|
|
|
|
|
synchronize {
|
|
|
|
|
instance_variable_defined? :@threads
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2020-08-14 11:08:40 +01:00
|
|
|
def search(search_string)
|
|
|
|
|
search_params = Msf::Modules::Metadata::Search.parse_search_string(search_string)
|
|
|
|
|
Msf::Modules::Metadata::Cache.instance.find(search_params)
|
2017-06-24 15:09:32 -05:00
|
|
|
end
|
|
|
|
|
|
2020-12-09 14:47:22 +00:00
|
|
|
#
|
|
|
|
|
# EICAR Canary
|
|
|
|
|
# @return [Boolean] Should return true if the EICAR file has been corrupted
|
|
|
|
|
def eicar_corrupted?
|
|
|
|
|
path = ::File.expand_path(::File.join(
|
|
|
|
|
::File.dirname(__FILE__),"..", "..", "..", "data", "eicar.com")
|
|
|
|
|
)
|
|
|
|
|
return true unless ::File.exist?(path)
|
|
|
|
|
|
2022-03-10 18:03:35 +00:00
|
|
|
data = ::File.read(path, mode: 'rb')
|
2020-12-09 14:47:22 +00:00
|
|
|
return true unless Digest::SHA1.hexdigest(data) == "3395856ce81f2b7382dee72602f798b642f14140"
|
|
|
|
|
|
|
|
|
|
false
|
|
|
|
|
|
2020-12-10 17:24:30 +00:00
|
|
|
# If anything goes wrong assume AV got us
|
|
|
|
|
rescue ::Exception
|
|
|
|
|
true
|
2020-12-09 14:47:22 +00:00
|
|
|
end
|
|
|
|
|
|
2005-05-21 17:57:00 +00:00
|
|
|
protected
|
|
|
|
|
|
2014-11-13 13:23:17 -06:00
|
|
|
# @!attribute options
|
|
|
|
|
# Options passed to {#initialize}
|
|
|
|
|
#
|
|
|
|
|
# @return [Hash]
|
|
|
|
|
attr_accessor :options
|
|
|
|
|
|
2023-11-07 06:32:03 +11:00
|
|
|
attr_writer :dns_resolver #:nodoc:
|
2005-10-19 03:37:22 +00:00
|
|
|
attr_writer :events # :nodoc:
|
|
|
|
|
attr_writer :modules # :nodoc:
|
|
|
|
|
attr_writer :datastore # :nodoc:
|
2006-01-24 03:59:44 +00:00
|
|
|
attr_writer :auxmgr # :nodoc:
|
2005-10-19 03:37:22 +00:00
|
|
|
attr_writer :jobs # :nodoc:
|
2005-11-19 16:25:26 +00:00
|
|
|
attr_writer :plugins # :nodoc:
|
2006-03-21 04:37:48 +00:00
|
|
|
attr_writer :db # :nodoc:
|
2015-07-02 14:58:43 -05:00
|
|
|
attr_writer :browser_profiles # :nodoc:
|
2019-01-09 16:41:06 -06:00
|
|
|
attr_writer :analyze # :nodoc:
|
2023-09-14 10:47:26 +01:00
|
|
|
attr_writer :features # :nodoc:
|
|
|
|
|
attr_writer :history_manager # :nodoc:
|
2018-01-19 15:16:19 -06:00
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def get_db
|
2018-04-10 18:31:02 -04:00
|
|
|
unless options['DisableDatabase']
|
2018-01-19 15:16:19 -06:00
|
|
|
db_manager = Msf::DBManager.new(self)
|
|
|
|
|
options[:db_manager] = db_manager
|
2018-04-10 18:31:02 -04:00
|
|
|
unless options['SkipDatabaseInit']
|
|
|
|
|
db_manager.init_db(options)
|
|
|
|
|
end
|
2018-01-19 15:16:19 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
Metasploit::Framework::DataService::DataProxy.new(options)
|
|
|
|
|
end
|
|
|
|
|
|
2005-05-21 17:57:00 +00:00
|
|
|
end
|
|
|
|
|
|
2010-01-15 00:32:48 +00:00
|
|
|
class FrameworkEventSubscriber
|
|
|
|
|
include Framework::Offspring
|
|
|
|
|
def initialize(framework)
|
|
|
|
|
self.framework = framework
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-01-15 00:32:48 +00:00
|
|
|
def report_event(data)
|
2010-01-15 04:34:12 +00:00
|
|
|
if framework.db.active
|
|
|
|
|
framework.db.report_event(data)
|
|
|
|
|
end
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2020-09-22 02:56:51 +01:00
|
|
|
include Msf::GeneralEventSubscriber
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-03-17 14:07:45 +00:00
|
|
|
#
|
2010-03-16 19:32:54 +00:00
|
|
|
# Generic handler for module events
|
|
|
|
|
#
|
|
|
|
|
def module_event(name, instance, opts={})
|
2010-01-15 04:34:12 +00:00
|
|
|
if framework.db.active
|
2010-02-26 18:45:24 +00:00
|
|
|
event = {
|
2010-02-26 18:52:22 +00:00
|
|
|
:workspace => framework.db.find_workspace(instance.workspace),
|
2010-03-17 14:07:45 +00:00
|
|
|
:name => name,
|
|
|
|
|
:username => instance.owner,
|
2010-02-26 18:45:24 +00:00
|
|
|
:info => {
|
2010-03-11 14:33:48 +00:00
|
|
|
:module_name => instance.fullname,
|
2010-03-27 02:39:52 +00:00
|
|
|
:module_uuid => instance.uuid
|
2010-03-16 19:32:54 +00:00
|
|
|
}.merge(opts)
|
2010-02-26 18:45:24 +00:00
|
|
|
}
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-02-26 18:45:24 +00:00
|
|
|
report_event(event)
|
2010-01-15 04:34:12 +00:00
|
|
|
end
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::GeneralEventSubscriber implementors
|
2010-03-16 19:32:54 +00:00
|
|
|
def on_module_run(instance)
|
|
|
|
|
opts = { :datastore => instance.datastore.to_h }
|
|
|
|
|
module_event('module_run', instance, opts)
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::GeneralEventSubscriber implementors
|
2010-03-16 19:32:54 +00:00
|
|
|
def on_module_complete(instance)
|
|
|
|
|
module_event('module_complete', instance)
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::GeneralEventSubscriber implementors
|
2010-03-16 19:32:54 +00:00
|
|
|
def on_module_error(instance, exception=nil)
|
|
|
|
|
module_event('module_error', instance, :exception => exception.to_s)
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-01-15 00:32:48 +00:00
|
|
|
include ::Msf::UiEventSubscriber
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
2017-10-16 17:07:26 -05:00
|
|
|
# :category: ::Msf::UiEventSubscriber implementors
|
2010-01-15 00:32:48 +00:00
|
|
|
def on_ui_command(command)
|
2017-10-16 17:07:26 -05:00
|
|
|
if (framework.db and framework.db.active)
|
|
|
|
|
report_event(:name => "ui_command", :info => {:command => command})
|
|
|
|
|
end
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::UiEventSubscriber implementors
|
2010-01-15 00:32:48 +00:00
|
|
|
def on_ui_stop()
|
2017-10-16 17:07:26 -05:00
|
|
|
if (framework.db and framework.db.active)
|
|
|
|
|
report_event(:name => "ui_stop")
|
|
|
|
|
end
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::UiEventSubscriber implementors
|
2010-01-15 00:32:48 +00:00
|
|
|
def on_ui_start(rev)
|
|
|
|
|
#
|
2011-04-22 19:49:44 +00:00
|
|
|
# The database is not active at startup time unless msfconsole was
|
|
|
|
|
# started with a database.yml, so this event won't always be saved to
|
|
|
|
|
# the db. Not great, but best we can do.
|
2010-01-15 00:32:48 +00:00
|
|
|
#
|
2011-04-22 19:49:44 +00:00
|
|
|
info = { :revision => rev }
|
|
|
|
|
report_event(:name => "ui_start", :info => info)
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
|
|
|
|
|
2010-01-15 00:32:48 +00:00
|
|
|
include ::Msf::SessionEvent
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2011-04-18 16:29:15 +00:00
|
|
|
#
|
|
|
|
|
# Generic handler for session events
|
|
|
|
|
#
|
|
|
|
|
def session_event(name, session, opts={})
|
2012-02-28 18:28:47 -07:00
|
|
|
address = session.session_host
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-02-28 18:28:47 -07:00
|
|
|
if not (address and address.length > 0)
|
2020-06-11 13:09:25 +01:00
|
|
|
elog("Session with no session_host/target_host/tunnel_peer. Session Info: #{session.inspect}")
|
2011-04-18 16:29:15 +00:00
|
|
|
return
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2011-04-18 16:29:15 +00:00
|
|
|
if framework.db.active
|
|
|
|
|
ws = framework.db.find_workspace(session.workspace)
|
2020-05-01 21:45:38 +08:00
|
|
|
opts.each_key do |attr|
|
2020-05-19 21:38:21 +08:00
|
|
|
opts[attr].force_encoding('UTF-8') if opts[attr].is_a?(String)
|
2020-05-01 21:45:38 +08:00
|
|
|
end
|
|
|
|
|
|
2011-04-18 16:29:15 +00:00
|
|
|
event = {
|
|
|
|
|
:workspace => ws,
|
|
|
|
|
:username => session.username,
|
|
|
|
|
:name => name,
|
|
|
|
|
:host => address,
|
|
|
|
|
:info => {
|
|
|
|
|
:session_id => session.sid,
|
|
|
|
|
:session_info => session.info,
|
|
|
|
|
:session_uuid => session.uuid,
|
|
|
|
|
:session_type => session.type,
|
|
|
|
|
:username => session.username,
|
|
|
|
|
:target_host => address,
|
|
|
|
|
:via_exploit => session.via_exploit,
|
|
|
|
|
:via_payload => session.via_payload,
|
|
|
|
|
:tunnel_peer => session.tunnel_peer,
|
|
|
|
|
:exploit_uuid => session.exploit_uuid
|
|
|
|
|
}.merge(opts)
|
|
|
|
|
}
|
|
|
|
|
report_event(event)
|
|
|
|
|
end
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
|
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2010-01-15 00:32:48 +00:00
|
|
|
def on_session_open(session)
|
2011-04-18 16:29:15 +00:00
|
|
|
opts = { :datastore => session.exploit_datastore.to_h, :critical => true }
|
|
|
|
|
session_event('session_open', session, opts)
|
2011-04-07 21:59:32 +00:00
|
|
|
framework.db.report_session(:session => session)
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2010-03-22 01:13:58 +00:00
|
|
|
def on_session_upload(session, lpath, rpath)
|
2011-04-18 16:29:15 +00:00
|
|
|
session_event('session_upload', session, :local_path => lpath, :remote_path => rpath)
|
2011-04-07 21:59:32 +00:00
|
|
|
framework.db.report_session_event({
|
|
|
|
|
:etype => 'upload',
|
|
|
|
|
:session => session,
|
|
|
|
|
:local_path => lpath,
|
|
|
|
|
:remote_path => rpath
|
|
|
|
|
})
|
2010-03-22 01:13:58 +00:00
|
|
|
end
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2010-03-22 20:56:22 +00:00
|
|
|
def on_session_download(session, rpath, lpath)
|
2011-04-18 16:29:15 +00:00
|
|
|
session_event('session_download', session, :local_path => lpath, :remote_path => rpath)
|
2011-04-07 21:59:32 +00:00
|
|
|
framework.db.report_session_event({
|
|
|
|
|
:etype => 'download',
|
|
|
|
|
:session => session,
|
|
|
|
|
:local_path => lpath,
|
|
|
|
|
:remote_path => rpath
|
|
|
|
|
})
|
2010-03-22 01:13:58 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2010-02-23 05:59:30 +00:00
|
|
|
def on_session_close(session, reason='')
|
2011-04-18 16:29:15 +00:00
|
|
|
session_event('session_close', session)
|
2011-04-07 21:59:32 +00:00
|
|
|
if session.db_record
|
|
|
|
|
# Don't bother saving here, the session's cleanup method will take
|
|
|
|
|
# care of that later.
|
|
|
|
|
session.db_record.close_reason = reason
|
2011-04-18 15:59:25 +00:00
|
|
|
session.db_record.closed_at = Time.now.utc
|
2011-04-07 21:59:32 +00:00
|
|
|
end
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2011-04-07 21:59:32 +00:00
|
|
|
#def on_session_interact(session)
|
|
|
|
|
# $stdout.puts('session_interact', session.inspect)
|
|
|
|
|
#end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2010-01-15 00:32:48 +00:00
|
|
|
def on_session_command(session, command)
|
2011-04-18 16:29:15 +00:00
|
|
|
session_event('session_command', session, :command => command)
|
2011-04-07 21:59:32 +00:00
|
|
|
framework.db.report_session_event({
|
|
|
|
|
:etype => 'command',
|
|
|
|
|
:session => session,
|
|
|
|
|
:command => command
|
|
|
|
|
})
|
2010-01-15 00:32:48 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2010-02-26 21:55:30 +00:00
|
|
|
def on_session_output(session, output)
|
2010-03-11 19:18:39 +00:00
|
|
|
# Break up the output into chunks that will fit into the database.
|
|
|
|
|
buff = output.dup
|
|
|
|
|
chunks = []
|
|
|
|
|
if buff.length > 1024
|
|
|
|
|
while buff.length > 0
|
|
|
|
|
chunks << buff.slice!(0,1024)
|
|
|
|
|
end
|
|
|
|
|
else
|
|
|
|
|
chunks << buff
|
|
|
|
|
end
|
|
|
|
|
chunks.each { |chunk|
|
2011-04-18 16:29:15 +00:00
|
|
|
session_event('session_output', session, :output => chunk)
|
2011-04-07 21:59:32 +00:00
|
|
|
framework.db.report_session_event({
|
|
|
|
|
:etype => 'output',
|
|
|
|
|
:session => session,
|
|
|
|
|
:output => chunk
|
|
|
|
|
})
|
2010-03-11 19:18:39 +00:00
|
|
|
}
|
2010-02-26 21:55:30 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2011-04-07 21:59:32 +00:00
|
|
|
def on_session_route(session, route)
|
2020-11-30 05:09:18 +00:00
|
|
|
framework.db.report_session_route({session: session, route: route})
|
2011-04-07 21:59:32 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2011-04-07 21:59:32 +00:00
|
|
|
def on_session_route_remove(session, route)
|
2020-11-30 05:09:18 +00:00
|
|
|
framework.db.report_session_route_remove({session: session, route: route})
|
2011-04-07 21:59:32 +00:00
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2011-04-26 21:57:01 +00:00
|
|
|
def on_session_script_run(session, script)
|
|
|
|
|
framework.db.report_session_event({
|
|
|
|
|
:etype => 'script_run',
|
|
|
|
|
:session => session,
|
|
|
|
|
:local_path => script
|
|
|
|
|
})
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2012-04-16 19:34:21 -06:00
|
|
|
##
|
|
|
|
|
# :category: ::Msf::SessionEvent implementors
|
2011-04-26 21:57:01 +00:00
|
|
|
def on_session_module_run(session, mod)
|
|
|
|
|
framework.db.report_session_event({
|
|
|
|
|
:etype => 'module_run',
|
|
|
|
|
:session => session,
|
|
|
|
|
:local_path => mod.fullname
|
|
|
|
|
})
|
|
|
|
|
end
|
2013-08-30 16:28:33 -05:00
|
|
|
|
2010-01-28 00:00:00 +00:00
|
|
|
#
|
2010-01-15 00:32:48 +00:00
|
|
|
# This is covered by on_module_run and on_session_open, so don't bother
|
|
|
|
|
#
|
|
|
|
|
#include ExploitEvent
|
|
|
|
|
#def on_exploit_success(exploit, session)
|
|
|
|
|
#end
|
|
|
|
|
|
|
|
|
|
end
|
2008-11-10 22:15:23 +00:00
|
|
|
end
|
