2017-03-31 17:06:28 -05:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
require 'msf/core/modules/external'
|
|
|
|
|
|
|
|
|
|
class Msf::Modules::External::Shim
|
2018-07-24 12:02:54 -05:00
|
|
|
def self.generate(module_path, framework)
|
|
|
|
|
mod = Msf::Modules::External.new(module_path, framework: framework)
|
2018-10-06 05:52:34 -05:00
|
|
|
return nil unless mod.meta
|
2017-03-31 17:06:28 -05:00
|
|
|
case mod.meta['type']
|
2018-06-19 11:29:09 -05:00
|
|
|
when 'remote_exploit'
|
|
|
|
|
remote_exploit(mod)
|
2017-05-08 14:26:24 -05:00
|
|
|
when 'remote_exploit_cmd_stager'
|
2017-04-11 09:27:54 -05:00
|
|
|
remote_exploit_cmd_stager(mod)
|
2017-08-07 13:31:46 -05:00
|
|
|
when 'capture_server'
|
|
|
|
|
capture_server(mod)
|
2017-11-20 17:19:14 -06:00
|
|
|
when 'dos'
|
|
|
|
|
dos(mod)
|
2018-03-20 10:19:57 -05:00
|
|
|
when 'single_scanner'
|
2018-02-02 13:59:38 -06:00
|
|
|
single_scanner(mod)
|
2018-05-07 15:05:44 -05:00
|
|
|
when 'single_host_login_scanner'
|
|
|
|
|
single_host_login_scanner(mod)
|
2018-03-20 10:19:57 -05:00
|
|
|
when 'multi_scanner'
|
2018-01-16 20:49:20 -06:00
|
|
|
multi_scanner(mod)
|
2019-01-28 13:22:22 -05:00
|
|
|
when 'evasion'
|
|
|
|
|
evasion(mod)
|
2017-09-22 11:42:32 -05:00
|
|
|
else
|
2018-05-04 15:55:21 -05:00
|
|
|
nil
|
2017-03-31 17:06:28 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-05-08 14:26:24 -05:00
|
|
|
def self.render_template(name, meta = {})
|
|
|
|
|
template = File.join(File.dirname(__FILE__), 'templates', name)
|
|
|
|
|
ERB.new(File.read(template)).result(binding)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.common_metadata(meta = {})
|
|
|
|
|
render_template('common_metadata.erb', meta)
|
|
|
|
|
end
|
|
|
|
|
|
2018-05-14 11:32:22 -05:00
|
|
|
def self.common_check(meta = {})
|
|
|
|
|
render_template('common_check.erb', meta)
|
|
|
|
|
end
|
|
|
|
|
|
2018-07-03 10:01:48 -05:00
|
|
|
def self.mod_meta_common(mod, meta = {}, ignore_options: [])
|
2019-01-29 09:09:58 -05:00
|
|
|
meta[:path] = mod.path.dump
|
|
|
|
|
meta[:name] = mod.meta['name'].dump
|
|
|
|
|
meta[:description] = mod.meta['description'].dump
|
|
|
|
|
meta[:authors] = mod.meta['authors'].map(&:dump).join(",\n ")
|
|
|
|
|
meta[:license] = mod.meta['license'].nil? ? 'MSF_LICENSE' : mod.meta['license']
|
2019-01-31 13:41:18 -05:00
|
|
|
meta[:options] = mod_meta_common_options(mod, ignore_options: ignore_options)
|
|
|
|
|
meta[:advanced_options] = mod_meta_common_options(mod, ignore_options: ignore_options, advanced: true)
|
2019-01-29 09:09:58 -05:00
|
|
|
meta[:capabilities] = mod.meta['capabilities']
|
|
|
|
|
meta[:notes] = transform_notes(mod.meta['notes'])
|
2019-01-29 11:29:18 -05:00
|
|
|
|
2019-02-02 15:01:05 -05:00
|
|
|
if mod.meta['describe_payload_options'].nil?
|
|
|
|
|
mod.meta['describe_payload_options'] = {}
|
2019-01-29 11:29:18 -05:00
|
|
|
end
|
2019-02-02 15:01:05 -05:00
|
|
|
meta[:default_options] = mod.meta['describe_payload_options'].map do |name, value|
|
2019-01-29 11:29:18 -05:00
|
|
|
"#{name.dump} => #{value.inspect}"
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
|
2019-01-29 09:09:58 -05:00
|
|
|
meta
|
|
|
|
|
end
|
2017-05-08 14:26:24 -05:00
|
|
|
|
2019-01-31 13:41:18 -05:00
|
|
|
def self.mod_meta_common_options(mod, ignore_options: [], advanced: false)
|
2018-11-30 11:36:39 -06:00
|
|
|
# Set modules without options to have an empty map
|
2019-01-31 13:41:18 -05:00
|
|
|
if mod.meta['options'].nil?
|
|
|
|
|
mod.meta['options'] = {}
|
2018-11-30 11:36:39 -06:00
|
|
|
end
|
|
|
|
|
|
2019-01-31 13:41:18 -05:00
|
|
|
options = mod.meta['options'].map do |n, o|
|
|
|
|
|
next if ignore_options.include? n
|
|
|
|
|
next unless o.fetch('advanced', false) == advanced
|
2018-02-02 13:59:38 -06:00
|
|
|
|
2018-02-02 14:40:04 -06:00
|
|
|
if o['values']
|
|
|
|
|
"Opt#{o['type'].camelize}.new(#{n.dump},
|
|
|
|
|
[#{o['required']}, #{o['description'].dump}, #{o['default'].inspect}, #{o['values'].inspect}])"
|
|
|
|
|
else
|
|
|
|
|
"Opt#{o['type'].camelize}.new(#{n.dump},
|
|
|
|
|
[#{o['required']}, #{o['description'].dump}, #{o['default'].inspect}])"
|
|
|
|
|
end
|
2019-01-31 13:41:18 -05:00
|
|
|
end
|
|
|
|
|
options.reject! { |o| o.nil? }
|
|
|
|
|
options.join(",\n ")
|
2017-03-31 17:06:28 -05:00
|
|
|
end
|
|
|
|
|
|
2017-05-05 00:46:06 -05:00
|
|
|
def self.mod_meta_exploit(mod, meta = {})
|
2018-06-19 16:46:20 -05:00
|
|
|
meta[:rank] = mod.meta['rank'].nil? ? 'NormalRanking' : "#{mod.meta['rank'].capitalize}Ranking"
|
2017-08-07 13:31:46 -05:00
|
|
|
meta[:date] = mod.meta['date'].dump
|
2017-05-08 15:34:09 -05:00
|
|
|
meta[:wfsdelay] = mod.meta['wfsdelay'] || 5
|
2017-05-05 00:46:06 -05:00
|
|
|
meta[:privileged] = mod.meta['privileged'].inspect
|
|
|
|
|
meta[:platform] = mod.meta['targets'].map do |t|
|
|
|
|
|
t['platform'].dump
|
|
|
|
|
end.uniq.join(",\n ")
|
2018-06-15 15:19:45 -05:00
|
|
|
meta[:arch] = mod.meta['targets'].map do |t|
|
|
|
|
|
t['arch'].dump
|
|
|
|
|
end.uniq.join(",\n ")
|
2017-08-07 13:31:46 -05:00
|
|
|
meta[:references] = mod.meta['references'].map do |r|
|
|
|
|
|
"[#{r['type'].upcase.dump}, #{r['ref'].dump}]"
|
|
|
|
|
end.join(",\n ")
|
2017-05-05 00:46:06 -05:00
|
|
|
meta[:targets] = mod.meta['targets'].map do |t|
|
|
|
|
|
"[#{t['platform'].dump} + ' ' + #{t['arch'].dump}, {'Arch' => ARCH_#{t['arch'].upcase}, 'Platform' => #{t['platform'].dump} }]"
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
meta
|
2017-03-31 17:06:28 -05:00
|
|
|
end
|
|
|
|
|
|
2018-06-19 11:29:09 -05:00
|
|
|
def self.remote_exploit(mod)
|
2018-06-15 15:19:45 -05:00
|
|
|
meta = mod_meta_common(mod)
|
|
|
|
|
meta = mod_meta_exploit(mod, meta)
|
2018-06-19 11:29:09 -05:00
|
|
|
render_template('remote_exploit.erb', meta)
|
2018-06-15 15:19:45 -05:00
|
|
|
end
|
|
|
|
|
|
2017-05-05 00:46:06 -05:00
|
|
|
def self.remote_exploit_cmd_stager(mod)
|
2018-07-03 10:01:48 -05:00
|
|
|
meta = mod_meta_common(mod, ignore_options: ['command'])
|
2017-05-05 00:46:06 -05:00
|
|
|
meta = mod_meta_exploit(mod, meta)
|
2017-05-08 14:26:24 -05:00
|
|
|
meta[:command_stager_flavor] = mod.meta['payload']['command_stager_flavor'].dump
|
2017-05-10 13:04:12 -05:00
|
|
|
render_template('remote_exploit_cmd_stager.erb', meta)
|
2017-03-31 17:06:28 -05:00
|
|
|
end
|
2017-08-07 13:31:46 -05:00
|
|
|
|
|
|
|
|
def self.capture_server(mod)
|
|
|
|
|
meta = mod_meta_common(mod)
|
|
|
|
|
render_template('capture_server.erb', meta)
|
|
|
|
|
end
|
2017-11-20 17:19:14 -06:00
|
|
|
|
2018-02-02 13:59:38 -06:00
|
|
|
def self.single_scanner(mod)
|
2018-07-03 10:01:48 -05:00
|
|
|
meta = mod_meta_common(mod, ignore_options: ['rhost'])
|
2018-02-02 13:59:38 -06:00
|
|
|
meta[:date] = mod.meta['date'].dump
|
|
|
|
|
meta[:references] = mod.meta['references'].map do |r|
|
|
|
|
|
"[#{r['type'].upcase.dump}, #{r['ref'].dump}]"
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
render_template('single_scanner.erb', meta)
|
|
|
|
|
end
|
|
|
|
|
|
2018-05-07 15:05:44 -05:00
|
|
|
def self.single_host_login_scanner(mod)
|
2018-07-03 10:01:48 -05:00
|
|
|
meta = mod_meta_common(mod, ignore_options: ['rhost'])
|
2018-05-07 15:05:44 -05:00
|
|
|
meta[:date] = mod.meta['date'].dump
|
|
|
|
|
meta[:references] = mod.meta['references'].map do |r|
|
|
|
|
|
"[#{r['type'].upcase.dump}, #{r['ref'].dump}]"
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
|
|
|
|
|
render_template('single_host_login_scanner.erb', meta)
|
|
|
|
|
end
|
|
|
|
|
|
2018-01-16 20:49:20 -06:00
|
|
|
def self.multi_scanner(mod)
|
|
|
|
|
meta = mod_meta_common(mod)
|
|
|
|
|
meta[:date] = mod.meta['date'].dump
|
|
|
|
|
meta[:references] = mod.meta['references'].map do |r|
|
|
|
|
|
"[#{r['type'].upcase.dump}, #{r['ref'].dump}]"
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
|
|
|
|
|
render_template('multi_scanner.erb', meta)
|
|
|
|
|
end
|
|
|
|
|
|
2017-11-20 17:19:14 -06:00
|
|
|
def self.dos(mod)
|
|
|
|
|
meta = mod_meta_common(mod)
|
|
|
|
|
meta[:date] = mod.meta['date'].dump
|
|
|
|
|
meta[:references] = mod.meta['references'].map do |r|
|
|
|
|
|
"[#{r['type'].upcase.dump}, #{r['ref'].dump}]"
|
2017-11-20 17:50:59 -06:00
|
|
|
end.join(",\n ")
|
|
|
|
|
|
2017-11-20 17:19:14 -06:00
|
|
|
render_template('dos.erb', meta)
|
|
|
|
|
end
|
2018-08-27 15:50:56 -05:00
|
|
|
|
2019-01-28 13:22:22 -05:00
|
|
|
def self.evasion(mod)
|
2019-02-01 11:54:22 -05:00
|
|
|
meta = mod_meta_common(mod, ignore_options: ['payload_raw', 'payload_encoded', 'target'])
|
2019-01-28 13:22:22 -05:00
|
|
|
meta[:platform] = mod.meta['targets'].map do |t|
|
|
|
|
|
t['platform'].dump
|
|
|
|
|
end.uniq.join(",\n ")
|
|
|
|
|
meta[:arch] = mod.meta['targets'].map do |t|
|
|
|
|
|
t['arch'].dump
|
|
|
|
|
end.uniq.join(",\n ")
|
|
|
|
|
meta[:references] = mod.meta['references'].map do |r|
|
|
|
|
|
"[#{r['type'].upcase.dump}, #{r['ref'].dump}]"
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
meta[:targets] = mod.meta['targets'].map do |t|
|
|
|
|
|
if t['name']
|
|
|
|
|
"[#{t['name'].dump}, {'Arch' => ARCH_#{t['arch'].upcase}, 'Platform' => #{t['platform'].dump} }]"
|
|
|
|
|
else
|
|
|
|
|
"[#{t['platform'].dump} + ' ' + #{t['arch'].dump}, {'Arch' => ARCH_#{t['arch'].upcase}, 'Platform' => #{t['platform'].dump} }]"
|
|
|
|
|
end
|
|
|
|
|
end.join(",\n ")
|
|
|
|
|
render_template('evasion.erb', meta)
|
|
|
|
|
end
|
|
|
|
|
|
2018-08-27 15:50:56 -05:00
|
|
|
#
|
2018-09-14 16:05:43 -05:00
|
|
|
# In case certain notes are not properly capitalized in the external module definition,
|
2018-08-27 15:50:56 -05:00
|
|
|
# ensure that they are properly capitalized before rendering.
|
|
|
|
|
#
|
|
|
|
|
def self.transform_notes(notes)
|
2018-10-01 12:41:39 -05:00
|
|
|
return {} unless notes
|
|
|
|
|
|
2018-09-06 15:49:23 -05:00
|
|
|
notes.reduce({}) do |acc, (key, val)|
|
2018-09-14 16:05:43 -05:00
|
|
|
acc[key.upcase] = val
|
2018-09-06 15:49:23 -05:00
|
|
|
acc
|
2018-08-27 15:50:56 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-03-31 17:06:28 -05:00
|
|
|
end
|
