2008-12-02 22:09:34 +00:00
|
|
|
#!/usr/bin/env ruby
|
|
|
|
#
|
2010-05-03 17:13:09 +00:00
|
|
|
# $Id$
|
|
|
|
#
|
2008-12-02 22:09:34 +00:00
|
|
|
# This plugin provides an msf daemon interface that spawns a listener on a
|
2009-01-04 07:25:43 +00:00
|
|
|
# defined port (default 55553) and gives each connecting client its own
|
2008-12-02 22:09:34 +00:00
|
|
|
# console interface. These consoles all share the same framework instance.
|
|
|
|
# Be aware that the console instance that spawns on the port is entirely
|
|
|
|
# unauthenticated, so realize that you have been warned.
|
|
|
|
#
|
2010-05-03 17:13:09 +00:00
|
|
|
# $Revision$
|
|
|
|
#
|
2008-12-02 22:09:34 +00:00
|
|
|
|
|
|
|
require "msf/core/rpc"
|
|
|
|
require "fileutils"
|
|
|
|
|
|
|
|
module Msf
|
|
|
|
|
|
|
|
###
|
|
|
|
#
|
|
|
|
# This class implements the msfd plugin interface.
|
|
|
|
#
|
|
|
|
###
|
|
|
|
class Plugin::XMLRPC < Msf::Plugin
|
|
|
|
|
|
|
|
#
|
|
|
|
# The default local hostname that the server listens on.
|
|
|
|
#
|
|
|
|
DefaultHost = "127.0.0.1"
|
|
|
|
|
|
|
|
#
|
|
|
|
# The default local port that the server listens on.
|
|
|
|
#
|
|
|
|
DefaultPort = 55553
|
|
|
|
|
|
|
|
#
|
|
|
|
# ServerPort
|
|
|
|
#
|
2009-01-04 07:25:43 +00:00
|
|
|
# The local port to listen on for connections. The default is 55553
|
2008-12-02 22:09:34 +00:00
|
|
|
#
|
|
|
|
def initialize(framework, opts)
|
|
|
|
super
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
host = opts['ServerHost'] || DefaultHost
|
|
|
|
port = opts['ServerPort'] || DefaultPort
|
|
|
|
ssl = (opts['SSL'] and opts['SSL'].to_s =~ /^[ty]/i) ? true : false
|
|
|
|
cert = opts['SSLCert']
|
|
|
|
ckey = opts['SSLKey']
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
user = opts['User'] || "msf"
|
|
|
|
pass = opts['Pass'] || ::Rex::Text.rand_text_alphanumeric(8)
|
2009-12-02 00:00:11 +00:00
|
|
|
type = opts['ServerType'] || "Basic"
|
|
|
|
uri = opts['URI'] || "/RPC2"
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
print_status(" XMLRPC Service: #{host}:#{port} #{ssl ? " (SSL)" : ""}")
|
|
|
|
print_status("XMLRPC Username: #{user}")
|
|
|
|
print_status("XMLRPC Password: #{pass}")
|
2009-12-02 00:00:11 +00:00
|
|
|
print_status("XMLRPC Server Type: #{type}")
|
2008-12-02 22:09:34 +00:00
|
|
|
|
|
|
|
@users = [ [user,pass] ]
|
2009-12-02 00:00:11 +00:00
|
|
|
if(type == "Web")
|
|
|
|
print_status("XMLRPC Web URI: #{uri}")
|
|
|
|
self.server = ::Msf::RPC::WebService.new(port,host,uri)
|
|
|
|
elsif(type == "Basic")
|
|
|
|
self.server = ::Msf::RPC::Service.new(host,port,ssl,cert,ckey)
|
|
|
|
else
|
|
|
|
print_status("Invalid server type #{self.type}, please choose Web or Basic")
|
|
|
|
end
|
2008-12-02 22:09:34 +00:00
|
|
|
|
|
|
|
# If the run in foreground flag is not specified, then go ahead and fire
|
|
|
|
# it off in a worker thread.
|
|
|
|
if (opts['RunInForeground'] != true)
|
|
|
|
Thread.new {
|
|
|
|
run
|
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Returns 'xmlrpc'
|
|
|
|
#
|
|
|
|
def name
|
|
|
|
"xmlrpc"
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Returns the plugin description.
|
|
|
|
#
|
|
|
|
def desc
|
|
|
|
"Provides a XMLRPC interface over a listening TCP port."
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# The meat of the plugin, sets up handlers for requests
|
2010-05-03 17:13:09 +00:00
|
|
|
#
|
2008-12-02 22:09:34 +00:00
|
|
|
def run
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
# Initialize the list of authenticated sessions
|
|
|
|
@tokens = {}
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2010-07-20 20:36:09 +00:00
|
|
|
args = [framework,@tokens,@users]
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
# Add handlers for every class
|
2010-05-03 17:13:09 +00:00
|
|
|
self.server.add_handler(::XMLRPC::iPIMethods("auth"),
|
2008-12-02 22:09:34 +00:00
|
|
|
::Msf::RPC::Auth.new(*args)
|
|
|
|
)
|
2010-05-03 17:13:09 +00:00
|
|
|
|
|
|
|
self.server.add_handler(::XMLRPC::iPIMethods("core"),
|
2008-12-02 22:09:34 +00:00
|
|
|
::Msf::RPC::Core.new(*args)
|
|
|
|
)
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
self.server.add_handler(::XMLRPC::iPIMethods("session"),
|
|
|
|
::Msf::RPC::Session.new(*args)
|
|
|
|
)
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
self.server.add_handler(::XMLRPC::iPIMethods("job"),
|
|
|
|
::Msf::RPC::Job.new(*args)
|
|
|
|
)
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
self.server.add_handler(::XMLRPC::iPIMethods("module"),
|
|
|
|
::Msf::RPC::Module.new(*args)
|
|
|
|
)
|
2010-05-03 17:13:09 +00:00
|
|
|
|
|
|
|
# Set the default/catch-all handler
|
2008-12-02 22:09:34 +00:00
|
|
|
self.server.set_default_handler do |name, *args|
|
|
|
|
raise ::XMLRPC::FaultException.new(-99, "Method #{name} missing or wrong number of parameters!")
|
|
|
|
end
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
# Start the actual service
|
|
|
|
self.server.start
|
2010-05-03 17:13:09 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
# Wait for the service to complete
|
|
|
|
self.server.wait
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Closes the listener service.
|
|
|
|
#
|
|
|
|
def cleanup
|
|
|
|
self.server.stop if self.server
|
|
|
|
self.server = nil
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# The XMLRPC instance.
|
|
|
|
#
|
|
|
|
attr_accessor :server
|
|
|
|
|
2010-07-20 19:12:09 +00:00
|
|
|
def stop(token)
|
|
|
|
authenticate(token)
|
|
|
|
@plugin.cleanup
|
|
|
|
end
|
|
|
|
|
2010-07-20 20:36:09 +00:00
|
|
|
def stop(token)
|
|
|
|
authenticate(token)
|
|
|
|
@plugin.cleanup
|
|
|
|
end
|
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|