From 7509501b18d3ba4aacb34d168da905c0ad74e6fc Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 08:46:51 -0600 Subject: [PATCH 01/13] Adding a go_pro command --- lib/msf/ui/console/command_dispatcher/core.rb | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index b1deb09058..2a7abf765b 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -68,6 +68,9 @@ class Core @@search_opts = Rex::Parser::Arguments.new( "-h" => [ false, "Help banner." ]) + @@go_pro_opts = Rex::Parser::Arguments.new( + "-h" => [ false, "Help banner." ]) + # The list of data store elements that cannot be set when in defanged # mode. DefangedProhibitedDataStoreElements = [ "MsfModulePaths" ] @@ -82,6 +85,7 @@ class Core "connect" => "Communicate with a host", "color" => "Toggle color", "exit" => "Exit the console", + "go_pro" => "Launch Metasploit web UI", "help" => "Help menu", "info" => "Displays information about one or more module", "irb" => "Drop into irb scripting mode", @@ -2575,6 +2579,17 @@ class Core return res end + def cmd_go_pro_help + print_line "Usage: go_pro" + print_line + print_line "Launch the Metasploit web UI" + print_line + end + + def cmd_go_pro(*args) + print_line "Hey now it's pro time" + end + protected # From 2af930f1ff45e27f6fe1b684ecf8634b5cd7139b Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 09:19:27 -0600 Subject: [PATCH 02/13] Adds msfbase_dir, switches on apt existance --- lib/msf/ui/console/command_dispatcher/core.rb | 34 +++++++++++++++++-- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 2a7abf765b..9390939b03 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -85,7 +85,7 @@ class Core "connect" => "Communicate with a host", "color" => "Toggle color", "exit" => "Exit the console", - "go_pro" => "Launch Metasploit web UI", + "go_pro" => "Launch Metasploit web GUI", "help" => "Help menu", "info" => "Displays information about one or more module", "irb" => "Drop into irb scripting mode", @@ -137,6 +137,17 @@ class Core "Core" end + # Indicates the base dir where Metasploit Framework is installed. + def msfbase_dir + base = __FILE__ + while File.symlink?(base) + base = File.expand_path(File.readlink(base), File.dirname(base)) + end + File.expand_path( + File.join(File.dirname(base), "..","..","..","..","..") + ) + end + def cmd_color_help print_line "Usage: color <'true'|'false'|'auto'>" print_line @@ -2582,12 +2593,29 @@ class Core def cmd_go_pro_help print_line "Usage: go_pro" print_line - print_line "Launch the Metasploit web UI" + print_line "Launch the Metasploit web GUI" print_line end def cmd_go_pro(*args) - print_line "Hey now it's pro time" + unless is_apt + print_line " This command is only available on apt-based installations," + print_line " such as Kali Linux." + return false + end + @@go_pro_opts.parse(args) do |opt, idx, val| + case opt + when "-h" + cmd_go_pro_help + return false + end + end + return true + end + + # Determines if this is an apt-based install + def is_apt + File.exists?(File.expand_path(File.join(msfbase_dir, '.apt'))) end protected From 90a1dcffa3dcb397577d32cb6191eab12f7bb788 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 09:36:06 -0600 Subject: [PATCH 03/13] Adds a random banner offering go_pro --- lib/msf/ui/console/command_dispatcher/core.rb | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 9390939b03..24cfebf867 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -355,6 +355,20 @@ class Core # def cmd_banner(*args) banner = "%cya" + Banner.to_s + "%clr\n\n" + + if is_apt + content = [ + "Large pentest? List, sort, group, tag and search your hosts and services\nin Metasploit Pro -- type ‘go_pro’ to launch it now.", + "Frustrated with proxy pivoting? Upgrade to layer-2 VPN pivoting with\nMetasploit Pro -- type ‘go_pro’ to launch it now.", + "Save your shells from AV! Upgrade to advanced AV evasion using dynamic\nexe templates with Metasploit Pro -- type ‘go_pro’ to launch it now.", + "Easy phishing: Set up email templates, landing pages and listeners\nin Metasploit Pro’s wizard -- type ‘go_pro’ to launch it now.", + "Using notepad to track pentests? Have Metasploit Pro report on hosts,\nservices, sessions and evidence -- type ‘go_pro’ to launch it now.", + "Tired of typing ‘set RHOSTS’? Click & pwn with Metasploit Pro\n-- type ‘go_pro’ to launch it now." + ] + banner << content.sample + banner << "\n\n" + end + banner << " =[ %yelmetasploit v#{Msf::Framework::Version} [core:#{Msf::Framework::VersionCore} api:#{Msf::Framework::VersionAPI}]%clr\n" banner << "+ -- --=[ " banner << "#{framework.stats.num_exploits} exploits - #{framework.stats.num_auxiliary} auxiliary - #{framework.stats.num_post} post\n" @@ -362,6 +376,7 @@ class Core oldwarn = nil avdwarn = nil + banner << "#{framework.stats.num_payloads} payloads - #{framework.stats.num_encoders} encoders - #{framework.stats.num_nops} nops\n" if ( ::Msf::Framework::RepoRevision.to_i > 0 and ::Msf::Framework::RepoUpdatedDate) tstamp = ::Msf::Framework::RepoUpdatedDate.strftime("%Y.%m.%d") From b80343817ce30e9d92f17ec347bb577847720a55 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 09:48:18 -0600 Subject: [PATCH 04/13] Skeleton for acutally go_pro'ing --- lib/msf/ui/console/command_dispatcher/core.rb | 31 +++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 24cfebf867..e80b3ffdd5 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -365,7 +365,7 @@ class Core "Using notepad to track pentests? Have Metasploit Pro report on hosts,\nservices, sessions and evidence -- type ‘go_pro’ to launch it now.", "Tired of typing ‘set RHOSTS’? Click & pwn with Metasploit Pro\n-- type ‘go_pro’ to launch it now." ] - banner << content.sample + banner << content.sample # Ruby 1.9-ism! banner << "\n\n" end @@ -2614,10 +2614,25 @@ class Core def cmd_go_pro(*args) unless is_apt - print_line " This command is only available on apt-based installations," + print_line " This command is only available on deb package installations," print_line " such as Kali Linux." return false end + unless metasploit_debian_package_installed + print_warning " You will want to install the 'metasploit' package first." + print_warning " Type 'apt-get install metasploit' to do this now." + return false + end + # If I've gotten this far, I know that this is apt-installed + # and the packages I need are here. + if metasploit_service_running + print_good " Metasploit services are running, launching a browser..." + launch_metasploit_browser + else + print_warning " Starting the Metasploit services. This will take a few minutes." + start_metasploit_service + launch_metasploit_browser + end @@go_pro_opts.parse(args) do |opt, idx, val| case opt when "-h" @@ -2628,6 +2643,18 @@ class Core return true end + def launch_metasploit_browser + end + + def start_metasploit_service + end + + def metasploit_service_running + end + + def metasploit_debian_package_installed + end + # Determines if this is an apt-based install def is_apt File.exists?(File.expand_path(File.join(msfbase_dir, '.apt'))) From a3886a1a6b54c5d03e540f881e6947b45ea3d01d Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 17:17:18 -0600 Subject: [PATCH 05/13] No smartquotes plz --- lib/msf/ui/console/command_dispatcher/core.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index e80b3ffdd5..c2555cd9c3 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -358,12 +358,12 @@ class Core if is_apt content = [ - "Large pentest? List, sort, group, tag and search your hosts and services\nin Metasploit Pro -- type ‘go_pro’ to launch it now.", - "Frustrated with proxy pivoting? Upgrade to layer-2 VPN pivoting with\nMetasploit Pro -- type ‘go_pro’ to launch it now.", - "Save your shells from AV! Upgrade to advanced AV evasion using dynamic\nexe templates with Metasploit Pro -- type ‘go_pro’ to launch it now.", - "Easy phishing: Set up email templates, landing pages and listeners\nin Metasploit Pro’s wizard -- type ‘go_pro’ to launch it now.", - "Using notepad to track pentests? Have Metasploit Pro report on hosts,\nservices, sessions and evidence -- type ‘go_pro’ to launch it now.", - "Tired of typing ‘set RHOSTS’? Click & pwn with Metasploit Pro\n-- type ‘go_pro’ to launch it now." + "Large pentest? List, sort, group, tag and search your hosts and services\nin Metasploit Pro -- type 'go_pro' to launch it now.", + "Frustrated with proxy pivoting? Upgrade to layer-2 VPN pivoting with\nMetasploit Pro -- type 'go_pro' to launch it now.", + "Save your shells from AV! Upgrade to advanced AV evasion using dynamic\nexe templates with Metasploit Pro -- type 'go_pro' to launch it now.", + "Easy phishing: Set up email templates, landing pages and listeners\nin Metasploit Pro’s wizard -- type 'go_pro' to launch it now.", + "Using notepad to track pentests? Have Metasploit Pro report on hosts,\nservices, sessions and evidence -- type 'go_pro' to launch it now.", + "Tired of typing ‘set RHOSTS’? Click & pwn with Metasploit Pro\n-- type 'go_pro' to launch it now." ] banner << content.sample # Ruby 1.9-ism! banner << "\n\n" From d5a074283a0468907f367033802532c869d35f0f Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 22:38:23 -0600 Subject: [PATCH 06/13] Fill in the details of starting, launching, etc --- lib/msf/ui/console/command_dispatcher/core.rb | 42 +++++++++++++++++-- 1 file changed, 38 insertions(+), 4 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index c2555cd9c3..8883e7f713 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2618,14 +2618,14 @@ class Core print_line " such as Kali Linux." return false end - unless metasploit_debian_package_installed + unless is_metasploit_debian_package_installed print_warning " You will want to install the 'metasploit' package first." print_warning " Type 'apt-get install metasploit' to do this now." return false end # If I've gotten this far, I know that this is apt-installed # and the packages I need are here. - if metasploit_service_running + if is_metasploit_service_running print_good " Metasploit services are running, launching a browser..." launch_metasploit_browser else @@ -2644,15 +2644,49 @@ class Core end def launch_metasploit_browser + cmd = "/usr/bin/xdg-open" + return unless ::File.executable_real? cmd + svc_log = File.join(msf_base, ".." , "engine", "prosvc_stdout.log") + return unless ::File.readable_real? svc_log + really_started = false + # This method is a little lame but it's a short enough file that it + # shouldn't really matter that we reopen it a few times. + until really_started + select(3,nil,nil,nil) + log_data = ::File.open(svc_log, "rb") {|f| f.read f.stat.size} + really_started = log_data =~ /^\[\*\] Ready/ # This is webserver ready, not totally ready. + print_raw "." unless really_started + end + system(cmd, "https://localhost:3790") end def start_metasploit_service + cmd = "/usr/sbin/service" + return unless ::File.executable_real? cmd + %x{#{cmd} metasploit start}.each_line do |line| + print_status line + end end - def metasploit_service_running + def is_metasploit_service_running + cmd = "/usr/sbin/service" + return unless ::File.executable_real? cmd + services = %x{#{cmd} metasploit status} + expected = "Metasploit %s server is running." + %w{web rpc}.each do |svc| + return false unless services.include?(expected % svc) + end end - def metasploit_debian_package_installed + def is_metasploit_debian_package_installed + cmd = "/usr/bin/dpkg" + return unless ::File.executable_real? cmd + installed_packages = %x{#{cmd} -l 'metasploit'} + installed_packages.each_line do |line| + if line =~ /^.i metasploit / # Yes, trailing space + return true + end + end end # Determines if this is an apt-based install From a7c0d621062389edae7dd03a97e127b0b42fab2d Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 23:33:08 -0600 Subject: [PATCH 07/13] Cleanup after some testing --- lib/msf/ui/console/command_dispatcher/core.rb | 34 +++++++++++++------ 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 8883e7f713..c9a0bc012e 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2620,18 +2620,20 @@ class Core end unless is_metasploit_debian_package_installed print_warning " You will want to install the 'metasploit' package first." - print_warning " Type 'apt-get install metasploit' to do this now." + print_warning " Type 'apt-get install metasploit' to do this now, then try 'go_pro' again." return false end # If I've gotten this far, I know that this is apt-installed # and the packages I need are here. if is_metasploit_service_running - print_good " Metasploit services are running, launching a browser..." launch_metasploit_browser else - print_warning " Starting the Metasploit services. This will take a few minutes." + print_status "Starting the Metasploit services. This can take a little time." start_metasploit_service - launch_metasploit_browser + select(nil,nil,nil,3) + if is_metasploit_service_running + launch_metasploit_browser + end end @@go_pro_opts.parse(args) do |opt, idx, val| case opt @@ -2646,25 +2648,33 @@ class Core def launch_metasploit_browser cmd = "/usr/bin/xdg-open" return unless ::File.executable_real? cmd - svc_log = File.join(msf_base, ".." , "engine", "prosvc_stdout.log") + svc_log = File.expand_path(File.join(msfbase_dir, ".." , "engine", "prosvc_stdout.log")) return unless ::File.readable_real? svc_log really_started = false # This method is a little lame but it's a short enough file that it - # shouldn't really matter that we reopen it a few times. + # shouldn't really matter that we open and close it a few times. until really_started - select(3,nil,nil,nil) + select(nil,nil,nil,3) log_data = ::File.open(svc_log, "rb") {|f| f.read f.stat.size} - really_started = log_data =~ /^\[\*\] Ready/ # This is webserver ready, not totally ready. - print_raw "." unless really_started + really_started = log_data =~ /^\[\*\] Ready/ # This is webserver ready + if really_started + print_line + print_good "The web UI is up and running, connecting with your default browser." + print_good "If this is your first time connecting, you will be presented with" + print_good "a self-signed certificate warning. Accept it to create a new user." + select(nil,nil,nil,7) + system(cmd, "https://localhost:3790") + else + print "." + end end - system(cmd, "https://localhost:3790") end def start_metasploit_service cmd = "/usr/sbin/service" return unless ::File.executable_real? cmd %x{#{cmd} metasploit start}.each_line do |line| - print_status line + print_status line.chomp end end @@ -2676,6 +2686,7 @@ class Core %w{web rpc}.each do |svc| return false unless services.include?(expected % svc) end + return true end def is_metasploit_debian_package_installed @@ -2687,6 +2698,7 @@ class Core return true end end + return false end # Determines if this is an apt-based install From 8caedd42903ac9a5d55cb3fffee636d70baa97d9 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sat, 23 Feb 2013 23:41:04 -0600 Subject: [PATCH 08/13] Can't apt-get install inside msfconsole At least, you can't and expect the service to connect correctly. You must exit msfconsole and restart it for the migrations to take place. --- lib/msf/ui/console/command_dispatcher/core.rb | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index c9a0bc012e..801da07009 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2619,8 +2619,9 @@ class Core return false end unless is_metasploit_debian_package_installed - print_warning " You will want to install the 'metasploit' package first." - print_warning " Type 'apt-get install metasploit' to do this now, then try 'go_pro' again." + print_warning "You needs to install the 'metasploit' package first." + print_warning "Type 'apt-get install metasploit' to do this now, then exit" + print_warning "and restart msfconsole to try again." return false end # If I've gotten this far, I know that this is apt-installed @@ -2633,6 +2634,8 @@ class Core select(nil,nil,nil,3) if is_metasploit_service_running launch_metasploit_browser + else + print_error "Metasploit services aren't running. Type 'service start metasploit' and try again." end end @@go_pro_opts.parse(args) do |opt, idx, val| From 8010cdbd8bf32487f4f36f0126128df7b45e2171 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sun, 24 Feb 2013 09:33:15 -0600 Subject: [PATCH 09/13] Shuffled methods around --- lib/msf/ui/console/command_dispatcher/core.rb | 30 +++++++++++-------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 801da07009..16992f3a54 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2613,19 +2613,26 @@ class Core end def cmd_go_pro(*args) + @@go_pro_opts.parse(args) do |opt, idx, val| + case opt + when "-h" + cmd_go_pro_help + return false + end + end unless is_apt print_line " This command is only available on deb package installations," print_line " such as Kali Linux." return false end unless is_metasploit_debian_package_installed - print_warning "You needs to install the 'metasploit' package first." - print_warning "Type 'apt-get install metasploit' to do this now, then exit" + print_warning "You need to install the 'metasploit' package first." + print_warning "Type 'apt-get install -y metasploit' to do this now, then exit" print_warning "and restart msfconsole to try again." return false end - # If I've gotten this far, I know that this is apt-installed - # and the packages I need are here. + # If I've gotten this far, I know that this is apt-installed, the + # metasploit package is here, and I'm ready to rock. if is_metasploit_service_running launch_metasploit_browser else @@ -2638,16 +2645,15 @@ class Core print_error "Metasploit services aren't running. Type 'service start metasploit' and try again." end end - @@go_pro_opts.parse(args) do |opt, idx, val| - case opt - when "-h" - cmd_go_pro_help - return false - end - end return true end + protected + + # + # Go_pro methods -- these are used to start and connect to the + # web UI. + def launch_metasploit_browser cmd = "/usr/bin/xdg-open" return unless ::File.executable_real? cmd @@ -2709,8 +2715,6 @@ class Core File.exists?(File.expand_path(File.join(msfbase_dir, '.apt'))) end -protected - # # Module list enumeration # From 5e1119e2ed04bd0f31bb47cd13d76fac73863260 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sun, 24 Feb 2013 10:23:07 -0600 Subject: [PATCH 10/13] A little more error handling for browser launches Implement a timeout and deal with the case where xdg-open isn't avialable for whatever reason. --- lib/msf/ui/console/command_dispatcher/core.rb | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 16992f3a54..8d0b37c304 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2656,12 +2656,17 @@ class Core def launch_metasploit_browser cmd = "/usr/bin/xdg-open" - return unless ::File.executable_real? cmd + unless ::File.executable_real? cmd + print_warning "Can't figure out your default browser, please visit https://localhost:3790" + print_warning "to start the web UI version of Metasploit." + return false + end svc_log = File.expand_path(File.join(msfbase_dir, ".." , "engine", "prosvc_stdout.log")) return unless ::File.readable_real? svc_log really_started = false # This method is a little lame but it's a short enough file that it # shouldn't really matter that we open and close it a few times. + timeout = 0 until really_started select(nil,nil,nil,3) log_data = ::File.open(svc_log, "rb") {|f| f.read f.stat.size} @@ -2673,8 +2678,15 @@ class Core print_good "a self-signed certificate warning. Accept it to create a new user." select(nil,nil,nil,7) system(cmd, "https://localhost:3790") + elsif timeout >= 200 # 200 * 3 seconds is 10 minutes and that is tons of time. + print_line + print_warning "For some reason, the web UI didn't start in a timely fashion." + print_warning "You might want to restart the Metasploit services by typing" + print_warning "'service metasploit restart' . Sorry it didn't work out." + return false else print "." + timeout += 1 end end end From 214149265439309b1e46dd42a5881e438e779d9c Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Sun, 24 Feb 2013 15:24:10 -0600 Subject: [PATCH 11/13] Per @brandont comment, use exit status instead. --- lib/msf/ui/console/command_dispatcher/core.rb | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 8d0b37c304..3d46d196c4 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2701,13 +2701,7 @@ class Core def is_metasploit_service_running cmd = "/usr/sbin/service" - return unless ::File.executable_real? cmd - services = %x{#{cmd} metasploit status} - expected = "Metasploit %s server is running." - %w{web rpc}.each do |svc| - return false unless services.include?(expected % svc) - end - return true + system(cmd, "metasploit", "status") # Both running returns true, otherwise, false. end def is_metasploit_debian_package_installed From 8cff88efacd9142b5f45dc70f3486caaeff0cb70 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Mon, 25 Feb 2013 15:45:55 -0600 Subject: [PATCH 12/13] Change from web ui to community / pro --- lib/msf/ui/console/command_dispatcher/core.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 3d46d196c4..d180c7521e 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2651,14 +2651,14 @@ class Core protected # - # Go_pro methods -- these are used to start and connect to the - # web UI. + # Go_pro methods -- these are used to start and connect to + # Metasploit Community / Pro. def launch_metasploit_browser cmd = "/usr/bin/xdg-open" unless ::File.executable_real? cmd print_warning "Can't figure out your default browser, please visit https://localhost:3790" - print_warning "to start the web UI version of Metasploit." + print_warning "to start Metasploit Community / Pro." return false end svc_log = File.expand_path(File.join(msfbase_dir, ".." , "engine", "prosvc_stdout.log")) @@ -2673,14 +2673,14 @@ class Core really_started = log_data =~ /^\[\*\] Ready/ # This is webserver ready if really_started print_line - print_good "The web UI is up and running, connecting with your default browser." + print_good "Metasploit Community / Pro is up and running, connecting now." print_good "If this is your first time connecting, you will be presented with" print_good "a self-signed certificate warning. Accept it to create a new user." select(nil,nil,nil,7) system(cmd, "https://localhost:3790") elsif timeout >= 200 # 200 * 3 seconds is 10 minutes and that is tons of time. print_line - print_warning "For some reason, the web UI didn't start in a timely fashion." + print_warning "For some reason, Community / Pro didn't start in a timely fashion." print_warning "You might want to restart the Metasploit services by typing" print_warning "'service metasploit restart' . Sorry it didn't work out." return false From 08275e8d83e7709683f0ab676387713e963d356e Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Mon, 25 Feb 2013 19:48:39 -0600 Subject: [PATCH 13/13] Process.spawn instead of system Per @bturner-r7's comment here: https://github.com/rapid7/metasploit-framework/pull/1514#discussion_r3129535 --- lib/msf/ui/console/command_dispatcher/core.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index d180c7521e..c13fc46f88 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -2653,7 +2653,9 @@ class Core # # Go_pro methods -- these are used to start and connect to # Metasploit Community / Pro. + # + # Note that this presumes a default port. def launch_metasploit_browser cmd = "/usr/bin/xdg-open" unless ::File.executable_real? cmd @@ -2677,7 +2679,8 @@ class Core print_good "If this is your first time connecting, you will be presented with" print_good "a self-signed certificate warning. Accept it to create a new user." select(nil,nil,nil,7) - system(cmd, "https://localhost:3790") + browser_pid = ::Process.spawn(cmd, "https://localhost:3790") + ::Process.detach(browser_pid) elsif timeout >= 200 # 200 * 3 seconds is 10 minutes and that is tons of time. print_line print_warning "For some reason, Community / Pro didn't start in a timely fashion."