adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

plugins: Resolve rubocop violations

Browse Source
This commit is contained in:
bcoles
2023-01-30 13:07:16 +11:00
parent 7cf37f5fb7
commit 4ff475f180
25 changed files with 160 additions and 287 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/aggregator.rb
+5 -12
View File
@@ -1,14 +1,7 @@
#
# $Id$
#
# This plugin provides management and interaction with an external session aggregator.
#
# $Revision$
#
module Msf module Msf
Aggregator_yaml = "#{Msf::Config.config_directory}/aggregator.yaml".freeze # location of the aggregator.yml containing saved aggregator creds Aggregator_yaml = "#{Msf::Config.config_directory}/aggregator.yaml".freeze # location of the aggregator.yml containing saved aggregator creds
# This plugin provides management and interaction with an external session aggregator.
class Plugin::Aggregator < Msf::Plugin class Plugin::Aggregator < Msf::Plugin
class AggregatorCommandDispatcher class AggregatorCommandDispatcher
include Msf::Ui::Console::CommandDispatcher include Msf::Ui::Console::CommandDispatcher
@@ -165,13 +158,13 @@ module Msf
def cmd_aggregator_sessions(*args) def cmd_aggregator_sessions(*args)
case args.length case args.length
when 0 when 0
isDetailed = false is_detailed = false
when 1 when 1
unless args[0] == '-v' unless args[0] == '-v'
usage_sessions usage_sessions
return return
end end
isDetailed = true is_detailed = true
else else
usage_sessions usage_sessions
return return
@@ -205,13 +198,13 @@ module Msf
if session_map.empty? if session_map.empty?
print_status('No remote sessions.') print_status('No remote sessions.')
else else
unless isDetailed unless is_detailed
print_status(' Id Remote Id Type Information Connection') print_status(' Id Remote Id Type Information Connection')
print_status(' -- --------- ---- ----------- ----------') print_status(' -- --------- ---- ----------- ----------')
end end
session_map.keys.sort.each do |key| session_map.keys.sort.each do |key|
details, target, local_id = session_map[key] details, target, local_id = session_map[key]
if isDetailed if is_detailed
show_session_detailed(details, target, local_id) show_session_detailed(details, target, local_id)
else else
show_session(details, target, local_id) show_session(details, target, local_id)
plugins/alias.rb
+9 -15
View File
@@ -118,8 +118,8 @@ module Msf
end end
end end
is_valid_alias = is_valid_alias?(name, value) is_valid_alias = valid_alias?(name, value)
# print_good "Alias validity = #{is_valid_alias.to_s}" # print_good "Alias validity = #{is_valid_alias}"
is_sys_cmd = Rex::FileUtils.find_full_path(name) is_sys_cmd = Rex::FileUtils.find_full_path(name)
is_already_alias = @aliases.keys.include?(name) is_already_alias = @aliases.keys.include?(name)
if is_valid_alias && !is_sys_cmd && !is_already_alias if is_valid_alias && !is_sys_cmd && !is_already_alias
@@ -135,7 +135,7 @@ module Msf
print_error("#{name} already exists as a system command, use -f to force override") if is_sys_cmd print_error("#{name} already exists as a system command, use -f to force override") if is_sys_cmd
print_error("#{name} is already an alias, use -f to force override") if is_already_alias print_error("#{name} is already an alias, use -f to force override") if is_already_alias
if !is_valid_alias && !force if !is_valid_alias && !force
print_error("\'#{name}\' is not a permitted name or \'#{value}\' is not valid/permitted") print_error("'#{name}' is not a permitted name or '#{value}' is not valid/permitted")
print_error("It's possible the responding dispatcher isn't loaded yet, try changing to the proper context or using -f to force") print_error("It's possible the responding dispatcher isn't loaded yet, try changing to the proper context or using -f to force")
end end
end end
@@ -218,7 +218,7 @@ module Msf
# #
# Validate a proposed alias with the +name+ and having the value +value+ # Validate a proposed alias with the +name+ and having the value +value+
# #
def is_valid_alias?(name, value) def valid_alias?(name, value)
# print_good "Assessing validay for #{name} and #{value}" # print_good "Assessing validay for #{name} and #{value}"
# we validate two things, the name and the value # we validate two things, the name and the value
@@ -246,14 +246,10 @@ module Msf
# we're only gonna validate the first part of the cmd, e.g. just ls from "ls -lh" # we're only gonna validate the first part of the cmd, e.g. just ls from "ls -lh"
value = value.split(' ').first value = value.split(' ').first
if @aliases.keys.include?(value) return true if @aliases.keys.include?(value)
return true
else [value, value + '.exe'].each do |cmd|
[value, value + '.exe'].each do |cmd| return true if Rex::FileUtils.find_full_path(cmd)
if Rex::FileUtils.find_full_path(cmd)
return true
end
end
end end
# gather all the current commands the driver's dispatcher's have & check 'em # gather all the current commands the driver's dispatcher's have & check 'em
@@ -265,12 +261,10 @@ module Msf
if dispatcher.respond_to?("cmd_#{value.split(' ').first}") if dispatcher.respond_to?("cmd_#{value.split(' ').first}")
# print_status "Dispatcher (#{dispatcher.name}) responds to cmd_#{value.split(" ").first}" # print_status "Dispatcher (#{dispatcher.name}) responds to cmd_#{value.split(" ").first}"
return true return true
else
# print_status "Dispatcher (#{dispatcher.name}) does not respond to cmd_#{value.split(" ").first}"
end end
end end
return false false
end end
# #
plugins/auto_add_route.rb
-5
View File
@@ -1,8 +1,3 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
class Plugin::AutoAddRoute < Msf::Plugin class Plugin::AutoAddRoute < Msf::Plugin
include Msf::SessionEvent include Msf::SessionEvent
plugins/besecure.rb
+6 -6
View File
@@ -119,7 +119,7 @@ module Msf
end end
def cmd_besecure_version def cmd_besecure_version
req = Net::HTTP::Post.new('/json.cgi', initheader = { 'Host' => @hostname }) req = Net::HTTP::Post.new('/json.cgi', initheader: { 'Host' => @hostname })
req.set_form_data({ 'apikey' => @apikey, 'primary' => 'interface' }) req.set_form_data({ 'apikey' => @apikey, 'primary' => 'interface' })
if @debug if @debug
@@ -136,7 +136,7 @@ module Msf
http.verify_mode = OpenSSL::SSL::VERIFY_NONE http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end end
res = http.start { |http| http.request(req) } res = http.start { |h| h.request(req) }
unless res unless res
print_error("#{@hostname} - Connection timed out") print_error("#{@hostname} - Connection timed out")
@@ -174,7 +174,7 @@ module Msf
return '' return ''
end end
req = Net::HTTP::Post.new('/json.cgi', initheader = { 'Host' => @hostname }) req = Net::HTTP::Post.new('/json.cgi', initheader: { 'Host' => @hostname })
req.set_form_data({ 'apikey' => @apikey, 'primary' => 'admin', 'secondary' => 'networks', 'action' => 'returnnetworks', 'search_limit' => 10000 }) req.set_form_data({ 'apikey' => @apikey, 'primary' => 'admin', 'secondary' => 'networks', 'action' => 'returnnetworks', 'search_limit' => 10000 })
if @debug if @debug
@@ -191,7 +191,7 @@ module Msf
http.verify_mode = OpenSSL::SSL::VERIFY_NONE http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end end
res = http.start { |http| http.request(req) } res = http.start { |h| h.request(req) }
unless res unless res
print_error("#{@hostname} - Connection timed out") print_error("#{@hostname} - Connection timed out")
@@ -227,7 +227,7 @@ module Msf
def cmd_besecure_report_download(*args) def cmd_besecure_report_download(*args)
if args?(args, 4) if args?(args, 4)
req = Net::HTTP::Post.new('/json.cgi', initheader = { 'Host' => @hostname }) req = Net::HTTP::Post.new('/json.cgi', initheader: { 'Host' => @hostname })
format_file = args[1] format_file = args[1]
req.set_form_data({ 'apikey' => @apikey, 'primary' => 'vulnerabilities', 'secondary' => 'report', 'action' => 'getreport', 'network' => args[0], 'format' => format_file }) req.set_form_data({ 'apikey' => @apikey, 'primary' => 'vulnerabilities', 'secondary' => 'report', 'action' => 'getreport', 'network' => args[0], 'format' => format_file })
@@ -241,7 +241,7 @@ module Msf
http.verify_mode = OpenSSL::SSL::VERIFY_NONE http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end end
res = http.start { |http| http.request(req) } res = http.start { |h| h.request(req) }
unless res unless res
print_error("#{@hostname} - Connection timed out") print_error("#{@hostname} - Connection timed out")
plugins/db_credcollect.rb
-6
View File
@@ -1,10 +1,4 @@
#
# $Id$
#
# credcollect - tebo[at]attackresearch.com # credcollect - tebo[at]attackresearch.com
#
# $Revision$
#
module Msf module Msf
class Plugin::CredCollect < Msf::Plugin class Plugin::CredCollect < Msf::Plugin
plugins/db_tracker.rb
-5
View File
@@ -1,8 +1,3 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
### ###
# #
plugins/event_tester.rb
-5
View File
@@ -1,8 +1,3 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
class Plugin::EventTester < Msf::Plugin class Plugin::EventTester < Msf::Plugin
class Subscriber class Subscriber
plugins/ffautoregen.rb
-8
View File
@@ -1,8 +1,3 @@
#
# $Id: $
# $Revision: $
#
module Msf module Msf
### ###
# #
@@ -54,15 +49,12 @@ module Msf
last = mt last = mt
omod = active_module
nmod = framework.modules.reload_module(active_module) nmod = framework.modules.reload_module(active_module)
if !nmod if !nmod
print_line('Error: Failed to reload module, trying again on next change...') print_line('Error: Failed to reload module, trying again on next change...')
next next
end end
active_module = nmod
jobify = false jobify = false
payload = nmod.datastore['PAYLOAD'] payload = nmod.datastore['PAYLOAD']
encoder = nmod.datastore['ENCODER'] encoder = nmod.datastore['ENCODER']
plugins/ips_filter.rb
+3 -8
View File
@@ -1,8 +1,3 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
### ###
# #
@@ -78,8 +73,8 @@ module IPSFilter
end end
def ips_match(data) def ips_match(data)
lp = localport # lp = localport
rp = peerport # rp = peerport
SIGS.each do |s| SIGS.each do |s|
r = Regexp.new(s[1]) r = Regexp.new(s[1])
@@ -87,7 +82,7 @@ module IPSFilter
print_error "Matched IPS signature #{s[0]}" print_error "Matched IPS signature #{s[0]}"
return true return true
end end
rescue ::Exception => e rescue ::Exception
print_error "Compiled error: #{s[1]}" print_error "Compiled error: #{s[1]}"
end end
plugins/lab.rb
+1 -17
View File
@@ -172,22 +172,6 @@ module Msf
end end
end end
def cmd_lab_load_dir(*args)
return lab_usage unless args.count == 2
@controller.build_from_dir(args[0], args[1], true)
end
def cmd_lab_clear(*_args)
@controller.clear!
end
def cmd_lab_save(*args)
return lab_usage if args.empty?
@controller.to_file(args[0])
end
## ##
## Commands for dealing with a currently-loaded lab ## Commands for dealing with a currently-loaded lab
## ##
@@ -460,7 +444,7 @@ module Msf
# Map for usages # Map for usages
def lab_usage def lab_usage
caller[0][/`cmd_(.*)'/] caller[0][/`cmd_(.*)'/]
cmd = ::Regexp.last_match(1) cmd = Regexp.last_match(1)
if extended_help[cmd] || commands[cmd] if extended_help[cmd] || commands[cmd]
cmd_lab_help cmd cmd_lab_help cmd
else # Should never really get here... else # Should never really get here...
plugins/msfd.rb
-4
View File
@@ -1,14 +1,10 @@
# #
# $Id$
#
# This plugin provides an msf daemon interface that spawns a listener on a # This plugin provides an msf daemon interface that spawns a listener on a
# defined port (default 55554) and gives each connecting client its own # defined port (default 55554) and gives each connecting client its own
# console interface. These consoles all share the same framework instance. # console interface. These consoles all share the same framework instance.
# Be aware that the console instance that spawns on the port is entirely # Be aware that the console instance that spawns on the port is entirely
# unauthenticated, so realize that you have been warned. # unauthenticated, so realize that you have been warned.
# #
# $Revision$
#
module Msf module Msf
### ###
plugins/nessus.rb
-1
View File
@@ -100,7 +100,6 @@ module Msf
def create_xindex def create_xindex
start = Time.now start = Time.now
print_status("Creating Exploit Search Index - (#{xindex}) - this won't take long.") print_status("Creating Exploit Search Index - (#{xindex}) - this won't take long.")
count = 0
# Use Msf::Config.config_directory as the location. # Use Msf::Config.config_directory as the location.
File.open(xindex.to_s, 'w+') do |f| File.open(xindex.to_s, 'w+') do |f|
# need to add version line. # need to add version line.
plugins/nexpose.rb
+8 -15
View File
@@ -1,16 +1,10 @@
#
# $Id$
#
# This plugin provides integration with Rapid7 Nexpose
#
# $Revision$
#
require 'English' require 'English'
require 'nexpose' require 'nexpose'
module Msf module Msf
Nexpose_yaml = "#{Msf::Config.config_directory}/nexpose.yaml".freeze # location of the nexpose.yml containing saved nexpose creds Nexpose_yaml = "#{Msf::Config.config_directory}/nexpose.yaml".freeze # location of the nexpose.yml containing saved nexpose creds
# This plugin provides integration with Rapid7 Nexpose
class Plugin::Nexpose < Msf::Plugin class Plugin::Nexpose < Msf::Plugin
class NexposeCommandDispatcher class NexposeCommandDispatcher
include Msf::Ui::Console::CommandDispatcher include Msf::Ui::Console::CommandDispatcher
@@ -39,7 +33,7 @@ module Msf
'nexpose_command' => 'Execute a console command on the Nexpose instance', 'nexpose_command' => 'Execute a console command on the Nexpose instance',
'nexpose_sysinfo' => 'Display detailed system information about the Nexpose instance' 'nexpose_sysinfo' => 'Display detailed system information about the Nexpose instance'
# TODO: # @TODO:
# nexpose_stop_scan # nexpose_stop_scan
} }
end end
@@ -368,7 +362,6 @@ module Msf
opt_template = 'pentest-audit' opt_template = 'pentest-audit'
opt_maxaddrs = 32 opt_maxaddrs = 32
opt_monitor = false
opt_verbose = false opt_verbose = false
opt_savexml = nil opt_savexml = nil
opt_preserve = false opt_preserve = false
@@ -394,9 +387,9 @@ module Msf
opt_savexml = val opt_savexml = val
when '-c' when '-c'
if (val =~ /^([^:]+):([^:]+):(.+)/) if (val =~ /^([^:]+):([^:]+):(.+)/)
type = ::Regexp.last_match(1) type = Regexp.last_match(1)
user = ::Regexp.last_match(2) user = Regexp.last_match(2)
pass = ::Regexp.last_match(3) pass = Regexp.last_match(3)
msfid = Time.now.to_i msfid = Time.now.to_i
newcreds = Nexpose::SiteCredentials.for_service("Metasploit Site Credential #{msfid}", nil, nil, nil, nil, type) newcreds = Nexpose::SiteCredentials.for_service("Metasploit Site Credential #{msfid}", nil, nil, nil, nil, type)
newcreds.user_name = user newcreds.user_name = user
@@ -622,9 +615,9 @@ module Msf
def nexpose_vuln_lookup(doc, vid, refs, host, serv = nil) def nexpose_vuln_lookup(doc, vid, refs, host, serv = nil)
doc.elements.each("/NexposeReport/VulnerabilityDefinitions/vulnerability[@id = '#{vid}']]") do |vulndef| doc.elements.each("/NexposeReport/VulnerabilityDefinitions/vulnerability[@id = '#{vid}']]") do |vulndef|
title = vulndef.attributes['title'] title = vulndef.attributes['title']
pciSeverity = vulndef.attributes['pciSeverity'] # pci_severity = vulndef.attributes['pciSeverity']
cvss_score = vulndef.attributes['cvssScore'] # cvss_score = vulndef.attributes['cvssScore']
cvss_vector = vulndef.attributes['cvssVector'] # cvss_vector = vulndef.attributes['cvssVector']
vulndef.elements['references'].elements.each('reference') do |ref| vulndef.elements['references'].elements.each('reference') do |ref|
if ref.attributes['source'] == 'BID' if ref.attributes['source'] == 'BID'
plugins/openvas.rb
+2 -7
View File
@@ -1,13 +1,8 @@
# # This plugin provides integration with OpenVAS.
# This plugin provides integration with OpenVAS. Written by kost and # Written by kost and averagesecurityguy.
# averagesecurityguy.
#
# $Id$
# $Revision$
# #
# Distributed under MIT license: # Distributed under MIT license:
# http://www.opensource.org/licenses/mit-license.php # http://www.opensource.org/licenses/mit-license.php
#
require 'openvas-omp' require 'openvas-omp'
plugins/pcap_log.rb
-7
View File
@@ -1,7 +1,3 @@
##
# $Id$
##
## ##
# This file is part of the Metasploit Framework and may be subject to # This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit # redistribution and commercial restrictions. Please see the Metasploit
@@ -9,8 +5,6 @@
# https://metasploit.com/framework/ # https://metasploit.com/framework/
## ##
# $Revision$
module Msf module Msf
class Plugin::PcapLog < Msf::Plugin class Plugin::PcapLog < Msf::Plugin
@@ -36,7 +30,6 @@ module Msf
'pcap_iface' => 'Set/Get an interface to capture from', 'pcap_iface' => 'Set/Get an interface to capture from',
'pcap_start' => 'Start a capture', 'pcap_start' => 'Start a capture',
'pcap_stop' => 'Stop a running capture', 'pcap_stop' => 'Stop a running capture',
'pcap_show_config' => 'Show the current PcapLog configuration' 'pcap_show_config' => 'Show the current PcapLog configuration'
} }
end end
plugins/request.rb
+1 -1
View File
@@ -287,7 +287,7 @@ module Msf
response = http_client.send_recv(req) response = http_client.send_recv(req)
rescue ::OpenSSL::SSL::SSLError rescue ::OpenSSL::SSL::SSLError
print_error('Encountered an SSL error') print_error('Encountered an SSL error')
rescue ::Errno::ECONNRESET => e rescue ::Errno::ECONNRESET
print_error('The connection was reset by the peer') print_error('The connection was reset by the peer')
rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error
print_error('Encountered an error') print_error('Encountered an error')
plugins/rssfeed.rb
+2 -2
View File
@@ -74,8 +74,8 @@ module Msf
end end
select(nil, nil, nil, 0.25) select(nil, nil, nil, 0.25)
end end
rescue ::Exception => e rescue ::Exception => e
print_status("RSS plugin: fatal error #{e} #{e.backtrace}") print_status("RSS plugin: fatal error #{e} #{e.backtrace}")
end end
end end
plugins/sample.rb
-5
View File
@@ -1,7 +1,3 @@
#
# $Id$
#
module Msf module Msf
### ###
# #
@@ -10,7 +6,6 @@ module Msf
# through any other arbitrary means. They are designed to have a very loose # through any other arbitrary means. They are designed to have a very loose
# definition in order to make them as useful as possible. # definition in order to make them as useful as possible.
# #
# $Revision$
### ###
class Plugin::Sample < Msf::Plugin class Plugin::Sample < Msf::Plugin
plugins/socket_logger.rb
-5
View File
@@ -1,8 +1,3 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
### ###
# #
plugins/sounds.rb
+2 -7
View File
@@ -1,8 +1,3 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
### ###
# #
@@ -56,8 +51,8 @@ module Msf
end end
select(nil, nil, nil, 0.25) select(nil, nil, nil, 0.25)
end end
rescue ::Exception => e rescue ::Exception => e
print_status("Sound plugin: fatal error #{e} #{e.backtrace}") print_status("Sound plugin: fatal error #{e} #{e.backtrace}")
end end
end end
plugins/thread.rb
-25
View File
@@ -1,37 +1,12 @@
#
# $Id$
# $Revision$
#
module Msf module Msf
###
#
# This class illustrates a sample plugin. Plugins can change the behavior of
# the framework by adding new features, new user interface commands, or
# through any other arbitrary means. They are designed to have a very loose
# definition in order to make them as useful as possible.
#
###
class Plugin::ThreadTest < Msf::Plugin class Plugin::ThreadTest < Msf::Plugin
###
#
# This class implements a sample console command dispatcher.
#
###
class ConsoleCommandDispatcher class ConsoleCommandDispatcher
include Msf::Ui::Console::CommandDispatcher include Msf::Ui::Console::CommandDispatcher
#
# The dispatcher's name.
#
def name def name
'ThreadTest' 'ThreadTest'
end end
#
# Returns the hash of commands supported by this dispatcher.
#
def commands def commands
{ {
'start_thread' => 'Start a background thread that writes to the console', 'start_thread' => 'Start a background thread that writes to the console',
plugins/token_adduser.rb
-3
View File
@@ -59,9 +59,6 @@ module Msf
username = opt_user_pass[0] username = opt_user_pass[0]
password = opt_user_pass[1] password = opt_user_pass[1]
tokens_del = {}
tokens_imp = {}
framework.sessions.each_key do |sid| framework.sessions.each_key do |sid|
session = framework.sessions[sid] session = framework.sessions[sid]
next unless session.type == 'meterpreter' next unless session.type == 'meterpreter'
plugins/token_hunter.rb
+2 -2
View File
@@ -89,7 +89,7 @@ module Msf
next next
end end
fdom, fusr = user.split('\\') _fdom, fusr = user.split('\\')
if (!fusr.nil? && !ndom && (fusr.strip.downcase == nusr.strip.downcase)) if (!fusr.nil? && !ndom && (fusr.strip.downcase == nusr.strip.downcase))
print_status("FOUND: #{session.sid} - #{session.session_host} - #{user} (delegation)") print_status("FOUND: #{session.sid} - #{session.session_host} - #{user} (delegation)")
@@ -113,7 +113,7 @@ module Msf
next next
end end
fdom, fusr = user.split('\\') _fdom, fusr = user.split('\\')
if (!fusr.nil? && !ndom && (fusr.strip.downcase == nusr.strip.downcase)) if (!fusr.nil? && !ndom && (fusr.strip.downcase == nusr.strip.downcase))
print_status(">> Found #{session.sid} - #{session.session_host} - #{user} (impersonation)") print_status(">> Found #{session.sid} - #{session.session_host} - #{user} (impersonation)")
end end
plugins/wiki.rb
-3
View File
@@ -135,9 +135,6 @@ module Msf
end end
end end
# Create an Array to hold a list of tables that we want to show
outputs = []
# Output the table # Output the table
if respond_to? "#{command}_to_table", true if respond_to? "#{command}_to_table", true
table = send "#{command}_to_table", tbl_opts table = send "#{command}_to_table", tbl_opts
plugins/wmap.rb
+119 -113
View File
@@ -10,7 +10,25 @@ module Msf
class Plugin::Wmap < Msf::Plugin class Plugin::Wmap < Msf::Plugin
class WmapCommandDispatcher class WmapCommandDispatcher
attr_accessor :wmapmodules, :targets, :lastsites, :rpcarr, :njobs, :nmaxdisplay, :runlocal, :masstop, :killwhenstop # Enabled Wmap modules # Targets # Temp location of previously obtained sites # Array or rpc connections # Max number of jobs # Flag to stop displaying the same mesg # Flag to run local modules only # Flag to stop everything # Kill process when exiting # @!attribute wmapmodules
# @return [Array] Enabled WMAP modules
# @!attribute targets
# @return [Hash] WMAP targets
# @!attribute lastsites
# @return [Array] Temp location of previously obtained sites
# @!attribute rpcarr
# @return [Array] Array or rpc connections
# @!attribute njobs
# @return [Integer] Max number of jobs
# @!attribute nmaxdisplay
# @return [Boolean] Flag to stop displaying the same message
# @!attribute runlocal
# @return [Boolean] Flag to run local modules only
# @!attribute masstop
# @return [Boolean] Flag to stop everything
# @!attribute killwhenstop
# @return [Boolean] Kill process when exiting
attr_accessor :wmapmodules, :targets, :lastsites, :rpcarr, :njobs, :nmaxdisplay, :runlocal, :masstop, :killwhenstop
include Msf::Ui::Console::CommandDispatcher include Msf::Ui::Console::CommandDispatcher
@@ -487,7 +505,6 @@ module Msf
matches10 = Hash.new matches10 = Hash.new
# OPTIONS # OPTIONS
opt_str = nil
jobify = false jobify = false
# This will be clean later # This will be clean later
@@ -589,7 +606,7 @@ module Msf
begin begin
if execmod if execmod
rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) rpc_round_exec(xref[0], xref[1], modopts, njobs)
end end
rescue ::Exception rescue ::Exception
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
@@ -653,7 +670,7 @@ module Msf
begin begin
if execmod if execmod
rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) rpc_round_exec(xref[0], xref[1], modopts, njobs)
end end
rescue ::Exception rescue ::Exception
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
@@ -774,7 +791,7 @@ module Msf
begin begin
if execmod if execmod
rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) rpc_round_exec(xref[0], xref[1], modopts, njobs)
end end
rescue ::Exception rescue ::Exception
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
@@ -885,7 +902,7 @@ module Msf
# print_status "+++++++++" # print_status "+++++++++"
form.params.each do |p| form.params.each do |p|
pn, pv, pt = p pn, pv, _pt = p
if pn if pn
if !pn.empty? if !pn.empty?
if !pv || pv.empty? if !pv || pv.empty?
@@ -921,8 +938,8 @@ module Msf
# TODO: Add headers, etc. # TODO: Add headers, etc.
# #
if !usinginipath || (usinginipath && form.path.match(inipathname)) if !usinginipath || (usinginipath && form.path.match(inipathname))
print_status "Path #{form.path}" print_status "Path #{form.path}"
# print_status("Unique PATH #{modopts['PATH']}") # print_status("Unique PATH #{modopts['PATH']}")
# print_status("Unique GET #{modopts['QUERY']}") # print_status("Unique GET #{modopts['QUERY']}")
# print_status("Unique POST #{modopts['DATA']}") # print_status("Unique POST #{modopts['DATA']}")
@@ -937,8 +954,6 @@ module Msf
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
end end
end end
else
# print_status("Already tested")
end end
end end
end end
@@ -1022,7 +1037,7 @@ module Msf
temparr = [] temparr = []
req.params.each do |p| req.params.each do |p|
pn, pv, pt = p pn, pv, _pt = p
if pn if pn
if !pn.empty? if !pn.empty?
if !pv || pv.empty? if !pv || pv.empty?
@@ -1051,20 +1066,21 @@ module Msf
# #
# TODO: Add method, headers, etc. # TODO: Add method, headers, etc.
# #
next unless !usinginipath || (usinginipath && req.path.match(inipathname)) if !usinginipath || (usinginipath && req.path.match(inipathname))
print_status "Path #{req.path}"
print_status "Path #{req.path}" # print_status("Query PATH #{modopts['PATH']}")
# print_status("Query PATH #{modopts['PATH']}") # print_status("Query GET #{modopts['QUERY']}")
# print_status("Query GET #{modopts['QUERY']}") # print_status("Query POST #{modopts['DATA']}")
# print_status("Query POST #{modopts['DATA']}") # print_status("Query TYPES #{typestr}")
# print_status("Query TYPES #{typestr}")
begin begin
if execmod if execmod
rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) rpc_round_exec(xref[0], xref[1], modopts, njobs)
end
rescue ::Exception
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
end end
rescue ::Exception
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
end end
end end
end end
@@ -1134,7 +1150,7 @@ module Msf
begin begin
if execmod if execmod
rpcnode = rpc_round_exec(xref[0], xref[1], modopts, njobs) rpc_round_exec(xref[0], xref[1], modopts, njobs)
end end
rescue ::Exception rescue ::Exception
print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}") print_status(" >> Exception during launch from #{xref[0]}: #{$ERROR_INFO}")
@@ -1627,16 +1643,12 @@ module Msf
end end
end end
#
# Signature of the form ',p1,p2,pn' then to be appended to path: path,p1,p2,pn
#
def signature(fpath, fquery) def signature(fpath, fquery)
hsig = Hash.new
hsig = queryparse(fquery) hsig = queryparse(fquery)
fpath + ',' + hsig.map { |p| p[0].to_s }.join(',')
#
# Signature of the form ',p1,p2,pn' then to be appended to path: path,p1,p2,pn
#
sigstr = fpath + ',' + hsig.map { |p| p[0].to_s }.join(',')
end end
def queryparse(query) def queryparse(query)
@@ -1658,38 +1670,37 @@ module Msf
self.rpcarr = Hash.new self.rpcarr = Hash.new
end end
begin istr = "#{host}|#{port}|#{ssl}|#{user}|#{pass}"
istr = "#{host}|#{port}|#{ssl}|#{user}|#{pass}"
if rpcarr.key?(istr) && !bypass_exist && !rpcarr[istr].nil?
print_error("Connection already exists #{istr}")
else
begin
temprpc = ::Msf::RPC::Client.new(
host: host,
port: port,
ssl: ssl
)
rescue StandardError
print_error 'Unable to connect'
# raise ConnectionError
return
end
res = temprpc.login(user, pass) if rpcarr.key?(istr) && !bypass_exist && !rpcarr[istr].nil?
print_error("Connection already exists #{istr}")
if !res return
print_error("Unable to authenticate to #{host}:#{port}.")
return
else
res = temprpc.call('core.version')
end
print_status("Connected to #{host}:#{port} [#{res['version']}].")
rpcarr[istr] = temprpc
end
rescue StandardError
print_error('Unable to connect')
end end
begin
temprpc = ::Msf::RPC::Client.new(
host: host,
port: port,
ssl: ssl
)
rescue StandardError
print_error 'Unable to connect'
# raise ConnectionError
return
end
res = temprpc.login(user, pass)
if !res
print_error("Unable to authenticate to #{host}:#{port}.")
return
end
res = temprpc.call('core.version')
print_status("Connected to #{host}:#{port} [#{res['version']}].")
rpcarr[istr] = temprpc
rescue StandardError
print_error('Unable to connect')
end end
def local_module_exec(mod, mtype, opts, _nmaxjobs) def local_module_exec(mod, mtype, opts, _nmaxjobs)
@@ -1769,34 +1780,36 @@ module Msf
rpcarr.each do |k, rpccon| rpcarr.each do |k, rpccon|
if !rpccon if !rpccon
print_error("Skipping inactive node #{nid} #{k}") print_error("Skipping inactive node #{nid} #{k}")
else nid += 1
begin end
currentjobs = rpccon.call('job.list').length
if currentjobs < minjobs begin
minconn = rpccon currentjobs = rpccon.call('job.list').length
minjobs = currentjobs
end
if currentjobs == nmaxjobs && (nmaxdisplay == false) if currentjobs < minjobs
print_error("Node #{nid} reached max number of jobs #{nmaxjobs}") minconn = rpccon
print_error('Waiting for available node/slot...') minjobs = currentjobs
self.nmaxdisplay = true end
end
# print_status("Node #{nid} #currentjobs #{currentjobs} #min #{minjobs}")
rescue StandardError
print_error("Unable to connect. Node #{tarr[0]}:#{tarr[1]}")
rpcarr[k] = nil
if active_rpc_nodes == 0 if currentjobs == nmaxjobs && (nmaxdisplay == false)
print_error('All active nodes ,not working or removed') print_error("Node #{nid} reached max number of jobs #{nmaxjobs}")
return print_error('Waiting for available node/slot...')
else self.nmaxdisplay = true
print_error('Sending job to next node') end
next # print_status("Node #{nid} #currentjobs #{currentjobs} #min #{minjobs}")
end rescue StandardError
print_error("Unable to connect. Node #{tarr[0]}:#{tarr[1]}")
rpcarr[k] = nil
if active_rpc_nodes == 0
print_error('All active nodes, not working or removed')
return
else
print_error('Sending job to next node')
next
end end
end end
nid += 1 nid += 1
end end
@@ -1812,10 +1825,10 @@ module Msf
print_error("Unable to execute module in node #{k} #{res}") print_error("Unable to execute module in node #{k} #{res}")
end end
end end
else
# print_status("Max number of jobs #{nmaxjobs} reached in node #{k}")
end end
# print_status("Max number of jobs #{nmaxjobs} reached in node #{k}") if minjobs >= nmaxjobs
idx += 1 idx += 1
end end
@@ -1834,8 +1847,9 @@ module Msf
rpcarr.each do |k, v| rpcarr.each do |k, v|
if v if v
res = v.call('db.driver', { driver: 'postgresql' }) v.call('db.driver', { driver: 'postgresql' })
res = v.call('db.connect', { database: name, host: host, port: port, username: user, password: pass }) v.call('db.connect', { database: name, host: host, port: port, username: user, password: pass })
res = v.call('db.status') res = v.call('db.status')
if res['db'] == name if res['db'] == name
@@ -1858,20 +1872,16 @@ module Msf
idx = k idx = k
begin begin
currentjobs = rpccon.call('job.list').length rpccon.call('job.list').length
rescue StandardError rescue StandardError
tarr = k.split('|') tarr = k.split('|')
rflag = false
res = rpccon.login(tarr[3], tarr[4]) res = rpccon.login(tarr[3], tarr[4])
if res raise ConnectionError unless res
rflag = true
print_error("Reauth to node #{tarr[0]}:#{tarr[1]}") print_error("Reauth to node #{tarr[0]}:#{tarr[1]}")
break break
else
raise ConnectionError
end
end end
end end
rescue StandardError rescue StandardError
@@ -1880,8 +1890,6 @@ module Msf
if active_rpc_nodes == 0 if active_rpc_nodes == 0
print_error('No active nodes') print_error('No active nodes')
self.masstop = true self.masstop = true
else
# blah
end end
end end
@@ -2011,9 +2019,7 @@ module Msf
rpc_reconnect_nodes rpc_reconnect_nodes
idx = 0 idx = 0
rpcarr.each do |k, rpccon| rpcarr.each do |_k, rpccon|
arrk = k.split('|')
v = 'NOCONN' v = 'NOCONN'
n = 1 n = 1
c = '%red' c = '%red'
@@ -2117,17 +2123,16 @@ module Msf
end end
def active_rpc_nodes def active_rpc_nodes
if rpcarr.empty? return 0 if rpcarr.empty?
return 0
else idx = 0
idx = 0 rpcarr.each do |_k, conn|
rpcarr.each do |_k, conn| if conn
if conn idx += 1
idx += 1
end
end end
return idx
end end
idx
end end
def view_modules def view_modules
@@ -2175,19 +2180,20 @@ module Msf
end end
end end
# Sort hash by orderid
# Yes sorting hashes dont make sense but actually it does when you are enumerating one. And # Yes sorting hashes dont make sense but actually it does when you are enumerating one. And
# sort_by of a hash returns an array so this is the reason for this ugly piece of code # sort_by of a hash returns an array so this is the reason for this ugly piece of code
def sort_by_orderid(m) def sort_by_orderid(matches)
temphash = Hash.new temphash = Hash.new
temparr = []
temparr = m.sort_by do |xref, _v| temparr = matches.sort_by do |xref, _v|
xref[3] xref[3]
end end
temparr.each do |b| temparr.each do |b|
temphash[b[0]] = b[1] temphash[b[0]] = b[1]
end end
temphash temphash
end end