Spencer McIntyre
120dc877ad
* Prevent using post modules with the session It doesn't work reliably because of winpty and how the output is mangled. * Set the limit correctly * Fix Linux PTY downgrade issues * Remove filtering The filtering implementation is incomplete and unnecessary. Filtering is unnecessary because Linux sessions execute a stub on session start up that uses a combiantion of stty and a fifo to emulate a PTY-less session. Windows sessions do not need filtering because they have been explictly marked as being incompatible with the Post API which is confused by the extra characters. The filtering implementation is incomplete because it does not account for echo fragments that are split across lines. It also does not account for all of the ANSI escape codes. * Add module docs for enum_ssm
81 lines
1.9 KiB
Ruby
81 lines
1.9 KiB
Ruby
# -*- coding: binary -*-
|
|
|
|
module Msf::Sessions
|
|
###
|
|
#
|
|
# This class provides basic interaction with an AWS SSM
|
|
# session socket encapsulated by a
|
|
# Rex::Proto::Http::WebSocket::AmazonSsm::Interface::SsmChannel
|
|
#
|
|
# Date: Feb 4, 2023
|
|
# Author: RageLtMan
|
|
#
|
|
###
|
|
class AwsSsmCommandShellBind < Msf::Sessions::CommandShell
|
|
|
|
#
|
|
# This interface supports basic interaction.
|
|
#
|
|
include Msf::Session::Basic
|
|
|
|
#
|
|
# This interface supports interacting with a single command shell.
|
|
#
|
|
include Msf::Session::Provider::SingleCommandShell
|
|
|
|
def abort_foreground_supported
|
|
false
|
|
end
|
|
|
|
def shell_command_token_unix(cmd, timeout=10)
|
|
res = super
|
|
|
|
res.gsub!("\r\n", "\n") if res
|
|
res
|
|
end
|
|
|
|
def initialize(conn, opts=nil)
|
|
super
|
|
|
|
if opts && (ssm_peer_info = opts.fetch(:aws_ssm_host_info))
|
|
case ssm_peer_info['PlatformType']
|
|
when 'Linux'
|
|
@platform = 'linux'
|
|
@session_type = 'shell'
|
|
when 'MacOS'
|
|
@platform = 'osx'
|
|
@session_type = 'shell'
|
|
when 'Windows'
|
|
@platform = 'windows'
|
|
@session_type = 'powershell:winpty'
|
|
extend(Msf::Sessions::PowerShell::Mixin)
|
|
end
|
|
|
|
@info = "AWS SSM #{ssm_peer_info['ResourceType']} (#{ssm_peer_info['InstanceId']})"
|
|
end
|
|
end
|
|
|
|
def type
|
|
@session_type.dup
|
|
end
|
|
|
|
def bootstrap(*args)
|
|
if @platform == 'linux'
|
|
# The session from SSM-SessionManagerRunShell starts with a TTY which breaks the post API so change the settings
|
|
# and make it behave in a way consistent with other shell sessions
|
|
shell_command('stty -echo cbreak;pipe=$(mktemp -u);mkfifo -m 600 $pipe;cat $pipe & sh 1>$pipe 2>$pipe; rm $pipe; exit')
|
|
end
|
|
|
|
super
|
|
end
|
|
|
|
##
|
|
#
|
|
# Returns the session description.
|
|
#
|
|
def desc
|
|
'AWS SSM command shell'
|
|
end
|
|
end
|
|
end
|