metasploit-framework/lib/msf/ui/console/module_command_dispatcher.rb

248 lines
6.3 KiB
Ruby
Raw Normal View History

# -*- coding: binary -*-
require 'msf/ui/console/command_dispatcher'
module Msf
module Ui
module Console
###
#
# Module-specific command dispatcher.
#
###
module ModuleCommandDispatcher
2013-08-30 21:28:33 +00:00
include Msf::Ui::Console::CommandDispatcher
def commands
{
"pry" => "Open a Pry session on the current module",
"reload" => "Reload the current module from disk",
"check" => "Check to see if a target is vulnerable"
}
end
#
# The active driver module, if any.
#
def mod
return driver.active_module
end
#
# Sets the active driver module.
#
def mod=(m)
self.driver.active_module = m
end
2014-01-25 05:32:29 +00:00
def check_progress
return 0 unless @range_done and @range_count
pct = (@range_done / @range_count.to_f) * 100
end
def check_show_progress
pct = check_progress
if(pct >= (@range_percent + @show_percent))
@range_percent = @range_percent + @show_percent
tdlen = @range_count.to_s.length
print_status("Checked #{"%.#{tdlen}d" % @range_done} of #{@range_count} hosts (#{"%.3d" % pct.to_i}% complete)")
end
end
def check_multiple(hosts)
# This part of the code is mostly from scanner.rb
2014-01-25 05:32:29 +00:00
@show_progress = framework.datastore['ShowProgress'] || mod.datastore['ShowProgress'] || false
@show_percent = ( framework.datastore['ShowProgressPercent'] || mod.datastore['ShowProgressPercent'] ).to_i
@range_count = hosts.length || 0
@range_done = 0
@range_percent = 0
# Set the default thread to 1. The same behavior as before.
2014-01-25 07:40:05 +00:00
threads_max = (framework.datastore['THREADS'] || mod.datastore['THREADS'] || 1).to_i
2014-01-25 05:32:29 +00:00
@tl = []
if Rex::Compat.is_windows
2014-01-25 07:40:05 +00:00
if threads_max > 16
2014-01-26 18:08:20 +00:00
print_warning("Thread count has been adjusted to 16")
2014-01-25 05:32:29 +00:00
threads_max = 16
end
end
if Rex::Compat.is_cygwin
2014-01-25 07:40:05 +00:00
if threads_max > 200
2014-01-26 18:08:20 +00:00
print_warning("Thread count has been adjusted to 200")
2014-01-25 05:32:29 +00:00
threads_max = 200
end
end
2014-01-25 07:27:48 +00:00
2014-01-25 05:32:29 +00:00
while (true)
while (@tl.length < threads_max)
ip = hosts.next_ip
break unless ip
2014-01-26 22:33:21 +00:00
@tl << framework.threads.spawn("CheckHost-#{ip}", false, ip.dup) { |tip|
2014-01-25 05:32:29 +00:00
mod.datastore['RHOST'] = tip
check_simple
2014-01-26 22:33:21 +00:00
}
2014-01-25 05:32:29 +00:00
end
break if @tl.length == 0
tla = @tl.length
@tl.first.join
@tl.delete_if { |t| not t.alive? }
tlb = @tl.length
@range_done += (tla - tlb)
check_show_progress if @show_progress
end
end
2013-08-30 21:28:33 +00:00
#
# Checks to see if a target is vulnerable.
#
def cmd_check(*args)
defanged?
2014-01-25 05:32:29 +00:00
ip_range_arg = args.shift || framework.datastore['RHOSTS'] || mod.datastore['RHOSTS'] || ''
hosts = Rex::Socket::RangeWalker.new(ip_range_arg)
2014-01-25 07:27:48 +00:00
begin
2014-01-26 06:57:02 +00:00
if hosts.ranges.blank?
2014-01-25 07:27:48 +00:00
# Check a single rhost
check_simple
else
# Check multiple hosts
2014-01-25 07:27:48 +00:00
last_rhost_opt = mod.rhost
last_rhosts_opt = mod.datastore['RHOSTS']
mod.datastore['RHOSTS'] = ip_range_arg
begin
check_multiple(hosts)
ensure
# Restore the original rhost if set
mod.datastore['RHOST'] = last_rhost_opt
mod.datastore['RHOSTS'] = last_rhosts_opt
mod.cleanup
end
end
2014-01-25 07:27:48 +00:00
rescue ::Interrupt
# When the user sends interrupt trying to quit the task, some threads will still be active.
# This means even though the console tells the user the task has aborted (or at least they
# assume so), the checks are still running. Because of this, as soon as we detect interrupt,
# we force the threads to die.
if @tl
@tl.each { |t| t.kill }
end
2014-01-25 07:27:48 +00:00
print_status("Caught interrupt from the console...")
return
end
end
def check_simple
rhost = mod.rhost
rport = mod.rport
2013-08-30 21:28:33 +00:00
begin
code = mod.check_simple(
'LocalInput' => driver.input,
'LocalOutput' => driver.output)
if (code and code.kind_of?(Array) and code.length > 1)
if (code == Msf::Exploit::CheckCode::Vulnerable)
print_good("#{rhost}:#{rport} - #{code[1]}")
2013-08-30 21:28:33 +00:00
else
print_status("#{rhost}:#{rport} - #{code[1]}")
2013-08-30 21:28:33 +00:00
end
else
print_error("#{rhost}:#{rport} - Check failed: The state could not be determined.")
2013-08-30 21:28:33 +00:00
end
2014-01-25 05:32:29 +00:00
rescue ::Rex::ConnectionError, ::Rex::ConnectionProxyError, ::Errno::ECONNRESET, ::Errno::EINTR, ::Rex::TimeoutError, ::Timeout::Error
# Connection issues while running check should be handled by the module
2014-01-26 02:25:01 +00:00
rescue ::RuntimeError
# Some modules raise RuntimeError but we don't necessarily care about those when we run check()
2014-01-26 06:57:02 +00:00
rescue Msf::OptionValidateError => e
print_error("Check failed: #{e.message}")
2013-08-30 21:28:33 +00:00
rescue ::Exception => e
2014-01-26 06:57:02 +00:00
print_error("#{rhost}:#{rport} - Check failed: #{e.class} #{e}")
2013-08-30 21:28:33 +00:00
end
end
def cmd_pry_help
print_line "Usage: pry"
print_line
print_line "Open a pry session on the current module. Be careful, you"
print_line "can break things."
print_line
end
def cmd_pry(*args)
begin
require 'pry'
rescue LoadError
print_error("Failed to load pry, try 'gem install pry'")
return
end
mod.pry
end
#
# Reloads the active module
#
def cmd_reload(*args)
begin
reload
rescue
log_error("Failed to reload: #{$!}")
end
end
@@reload_opts = Rex::Parser::Arguments.new(
'-k' => [ false, 'Stop the current job before reloading.' ],
'-h' => [ false, 'Help banner.' ])
def cmd_reload_help
print_line "Usage: reload [-k]"
print_line
print_line "Reloads the current module."
print @@reload_opts.usage
end
#
# Reload the current module, optionally stopping existing job
#
def reload(should_stop_job=false)
if should_stop_job and mod.job_id
print_status('Stopping existing job...')
framework.jobs.stop_job(mod.job_id)
mod.job_id = nil
end
print_status('Reloading module...')
original_mod = self.mod
reloaded_mod = framework.modules.reload_module(original_mod)
unless reloaded_mod
error = framework.modules.module_load_error_by_path[original_mod.file_path]
2013-08-30 21:28:33 +00:00
print_error("Failed to reload module: #{error}")
2013-08-30 21:28:33 +00:00
self.mod = original_mod
else
self.mod = reloaded_mod
self.mod.init_ui(driver.input, driver.output)
end
reloaded_mod
2013-08-30 21:28:33 +00:00
end
end
end end end