modules/exploits/multi/handler.rb

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Exploit::Remote
  Rank = ManualRanking

  #
  # This module does basically nothing
  # NOTE: Because of this it's missing a disclosure date that makes msftidy angry.
  #

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name'           => 'Generic Payload Handler',
        'Description'    => %q(
          This module is a stub that provides all of the
          features of the Metasploit payload system to exploits
          that have been launched outside of the framework.
        ),
        'License'        => MSF_LICENSE,
        'Author'         =>  [ 'hdm', 'bcook-r7' ],
        'References'     =>  [ ],
        'Payload'        =>
          {
            'Space'       => 10000000,
            'BadChars'    => '',
            'DisableNops' => true
          },
        'Platform'       => %w[android apple_ios bsd java js linux osx nodejs php python ruby solaris unix win mainframe multi],
        'Arch'           => ARCH_ALL,
        'Targets'        => [ [ 'Wildcard Target', {} ] ],
        'DefaultTarget'  => 0,
        'DefaultOptions' => { 'PAYLOAD' => 'generic/shell_reverse_tcp' }
      )
    )

    register_advanced_options(
      [
        OptBool.new(
          "ExitOnSession",
          [ true, "Return from the exploit after a session has been created", true ]
        ),
        OptInt.new(
          "ListenerTimeout",
          [ false, "The maximum number of seconds to wait for new sessions", 0 ]
        )
      ]
    )
  end

  def exploit
    if datastore['DisablePayloadHandler']
      print_error "DisablePayloadHandler is enabled, so there is nothing to do. Exiting!"
      return
    end

    stime = Time.now.to_f
    timeout = datastore['ListenerTimeout'].to_i
    loop do
      break if session_created? && datastore['ExitOnSession']
      break if timeout > 0 && (stime + timeout < Time.now.to_f)
      Rex::ThreadSafe.sleep(1)
    end
  end
end
Adding an Id tag and a standard header to all modules 2007-02-18 00:10:39 +00:00			`##`
use https for metaploit.com links 2017-07-24 06:26:21 -07:00			`# This module requires Metasploit: https://metasploit.com/download`
Redo the boilerplate / splat 2013-10-15 13:50:46 -05:00			`# Current source: https://github.com/rapid7/metasploit-framework`
Adding an Id tag and a standard header to all modules 2007-02-18 00:10:39 +00:00			`##`

use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00			`class MetasploitModule < Msf::Exploit::Remote`
Retab modules 2013-08-30 16:28:54 -05:00			`Rank = ManualRanking`
A replacement for payload_handler 2006-09-14 06:09:46 +00:00
Retab modules 2013-08-30 16:28:54 -05:00			`#`
			`# This module does basically nothing`
			`# NOTE: Because of this it's missing a disclosure date that makes msftidy angry.`
			`#`
A replacement for payload_handler 2006-09-14 06:09:46 +00:00
Retab modules 2013-08-30 16:28:54 -05:00			`def initialize(info = {})`
make exploit/multi/handler passive 2017-07-24 15:47:06 -07:00			`super(`
			`update_info(`
			`info,`
			`'Name' => 'Generic Payload Handler',`
			`'Description' => %q(`
			`This module is a stub that provides all of the`
			`features of the Metasploit payload system to exploits`
			`that have been launched outside of the framework.`
			`),`
			`'License' => MSF_LICENSE,`
			`'Author' => [ 'hdm', 'bcook-r7' ],`
			`'References' => [ ],`
			`'Payload' =>`
			`{`
			`'Space' => 10000000,`
			`'BadChars' => '',`
			`'DisableNops' => true`
			`},`
iOS meterpreter 2017-12-12 16:05:23 +08:00			`'Platform' => %w[android apple_ios bsd java js linux osx nodejs php python ruby solaris unix win mainframe multi],`
make exploit/multi/handler passive 2017-07-24 15:47:06 -07:00			`'Arch' => ARCH_ALL,`
			`'Targets' => [ [ 'Wildcard Target', {} ] ],`
Revert "Revert passive stance for multi/handler" 2017-08-21 16:14:09 -05:00			`'DefaultTarget' => 0,`
Exclude multi from automatic PAYLOAD selection 2020-06-23 00:03:31 -05:00			`'DefaultOptions' => { 'PAYLOAD' => 'generic/shell_reverse_tcp' }`
make exploit/multi/handler passive 2017-07-24 15:47:06 -07:00			`)`
			`)`
add advanced option to control exiting after a session is created 2007-02-27 18:57:47 +00:00
Retab modules 2013-08-30 16:28:54 -05:00			`register_advanced_options(`
			`[`
make exploit/multi/handler passive 2017-07-24 15:47:06 -07:00			`OptBool.new(`
			`"ExitOnSession",`
revert passive handler stance 2017-11-06 01:19:00 -06:00			`[ true, "Return from the exploit after a session has been created", true ]`
make exploit/multi/handler passive 2017-07-24 15:47:06 -07:00			`),`
			`OptInt.new(`
			`"ListenerTimeout",`
			`[ false, "The maximum number of seconds to wait for new sessions", 0 ]`
			`)`
			`]`
			`)`
Retab modules 2013-08-30 16:28:54 -05:00			`end`
A replacement for payload_handler 2006-09-14 06:09:46 +00:00
Retab modules 2013-08-30 16:28:54 -05:00			`def exploit`
if multi/handler is disabled, exit 2018-02-27 04:30:09 -06:00			`if datastore['DisablePayloadHandler']`
			`print_error "DisablePayloadHandler is enabled, so there is nothing to do. Exiting!"`
			`return`
			`end`

Retab modules 2013-08-30 16:28:54 -05:00			`stime = Time.now.to_f`
make exploit/multi/handler passive 2017-07-24 15:47:06 -07:00			`timeout = datastore['ListenerTimeout'].to_i`
			`loop do`
			`break if session_created? && datastore['ExitOnSession']`
enable Ruby 2.2 compat checks in Rubocop, correct multi/handler compat 2017-08-02 06:18:02 -05:00			`break if timeout > 0 && (stime + timeout < Time.now.to_f)`
prefer threadsafe sleep here 2017-11-06 01:21:06 -06:00			`Rex::ThreadSafe.sleep(1)`
Retab modules 2013-08-30 16:28:54 -05:00			`end`
			`end`
Handle multiple sessions by default 2008-11-03 21:08:46 +00:00			`end`