2005-07-09 21:18:49 +00:00
|
|
|
require 'msf/core'
|
2005-05-21 17:57:00 +00:00
|
|
|
|
|
|
|
module Msf
|
|
|
|
|
2005-05-22 07:14:16 +00:00
|
|
|
###
|
|
|
|
#
|
|
|
|
# Event notifications that affect sessions.
|
|
|
|
#
|
|
|
|
###
|
2005-10-30 22:20:29 +00:00
|
|
|
module SessionEvent
|
2005-05-21 17:57:00 +00:00
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Called when a session is opened.
|
|
|
|
#
|
2005-05-21 17:57:00 +00:00
|
|
|
def on_session_open(session)
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# Called when a session is closed.
|
|
|
|
#
|
2005-05-21 17:57:00 +00:00
|
|
|
def on_session_close(session)
|
|
|
|
end
|
2009-12-22 18:52:48 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# Called when the user interacts with a session.
|
|
|
|
#
|
|
|
|
def on_session_interact(session)
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Called when the user writes data to a session.
|
|
|
|
#
|
|
|
|
def on_session_command(session, command)
|
|
|
|
end
|
|
|
|
|
2005-05-21 17:57:00 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
###
|
|
|
|
#
|
2005-05-22 07:14:16 +00:00
|
|
|
# The session class represents a post-exploitation, uh, session.
|
2005-07-16 07:32:11 +00:00
|
|
|
# Sessions can be written to, read from, and interacted with. The
|
2005-05-22 07:14:16 +00:00
|
|
|
# underlying medium on which they are backed is arbitrary. For
|
|
|
|
# instance, when an exploit is provided with a command shell,
|
|
|
|
# either through a network connection or locally, the session's
|
|
|
|
# read and write operations end up reading from and writing to
|
|
|
|
# the shell that was spawned. The session object can be seen
|
|
|
|
# as a general means of interacting with various post-exploitation
|
|
|
|
# payloads through a common interface that is not necessarily
|
|
|
|
# tied to a network connection.
|
2005-05-21 17:57:00 +00:00
|
|
|
#
|
|
|
|
###
|
2005-07-16 07:32:11 +00:00
|
|
|
module Session
|
2005-05-22 07:14:16 +00:00
|
|
|
|
2005-07-16 07:32:11 +00:00
|
|
|
include Framework::Offspring
|
|
|
|
|
|
|
|
# Direct descendents
|
|
|
|
require 'msf/core/session/interactive'
|
|
|
|
require 'msf/core/session/basic'
|
2005-09-30 05:59:44 +00:00
|
|
|
require 'msf/core/session/comm'
|
2005-07-16 07:32:11 +00:00
|
|
|
|
|
|
|
# Provider interfaces
|
|
|
|
require 'msf/core/session/provider/single_command_execution'
|
|
|
|
require 'msf/core/session/provider/multi_command_execution'
|
|
|
|
require 'msf/core/session/provider/single_command_shell'
|
|
|
|
require 'msf/core/session/provider/multi_command_shell'
|
2005-07-19 14:33:25 +00:00
|
|
|
|
|
|
|
def self.type
|
|
|
|
"unknown"
|
|
|
|
end
|
|
|
|
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
# Returns the session's name if it's been assigned one, otherwise
|
|
|
|
# the sid is returned.
|
|
|
|
#
|
|
|
|
def name
|
|
|
|
return sname || sid
|
|
|
|
end
|
2005-07-16 07:32:11 +00:00
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Sets the session's name.
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
def name=(name)
|
|
|
|
self.sname = name
|
2005-05-22 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
2009-12-23 01:03:51 +00:00
|
|
|
#
|
|
|
|
# Brief and to the point
|
|
|
|
#
|
|
|
|
def inspect
|
|
|
|
"#<Session:#{self.type} #{self.tunnel_peer}>"
|
|
|
|
end
|
|
|
|
|
2005-05-25 05:07:22 +00:00
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Returns the description of the session.
|
2005-05-25 05:07:22 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
def desc
|
2005-05-22 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Returns the type of session in use.
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
def type
|
2005-07-16 07:32:11 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Returns the local side of the tunnel.
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
def tunnel_local
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Returns the peer side of the tunnel.
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
def tunnel_peer
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Returns a pretty representation of the tunnel.
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
def tunnel_to_s
|
2008-12-19 07:11:08 +00:00
|
|
|
"#{(tunnel_local || '??')} -> #{(tunnel_peer || '??')}"
|
2005-07-16 08:12:58 +00:00
|
|
|
end
|
|
|
|
|
2005-10-02 03:21:26 +00:00
|
|
|
##
|
|
|
|
#
|
|
|
|
# Logging
|
|
|
|
#
|
|
|
|
##
|
|
|
|
|
|
|
|
#
|
|
|
|
# Returns the suggested name of the log file for this session.
|
|
|
|
#
|
|
|
|
def log_file_name
|
|
|
|
dt = Time.now
|
|
|
|
|
2005-10-02 03:57:46 +00:00
|
|
|
dstr = sprintf("%.4d%.2d%.2d", dt.year, dt.mon, dt.mday)
|
|
|
|
rhost = (tunnel_peer || 'unknown').split(':')[0]
|
2005-10-02 03:21:26 +00:00
|
|
|
|
2005-10-02 04:06:31 +00:00
|
|
|
"#{dstr}_#{rhost}_#{type}"
|
2005-10-02 03:21:26 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Returns the log source that should be used for this session.
|
|
|
|
#
|
|
|
|
def log_source
|
2008-12-19 07:11:08 +00:00
|
|
|
"session_#{name}"
|
2005-10-02 03:21:26 +00:00
|
|
|
end
|
|
|
|
|
2005-11-03 00:18:12 +00:00
|
|
|
#
|
|
|
|
# This method logs the supplied buffer as coming from the remote side of
|
|
|
|
# the session.
|
|
|
|
#
|
2005-10-02 03:21:26 +00:00
|
|
|
def log_from_remote(buf)
|
|
|
|
rlog(buf, log_source)
|
|
|
|
end
|
|
|
|
|
2005-11-03 00:18:12 +00:00
|
|
|
#
|
|
|
|
# This method logs the supplied buffer as coming from the local side of
|
|
|
|
# the session.
|
|
|
|
#
|
2005-10-02 03:21:26 +00:00
|
|
|
def log_from_local(buf)
|
|
|
|
rlog(buf, log_source)
|
|
|
|
end
|
|
|
|
|
2005-07-16 08:12:58 +00:00
|
|
|
##
|
|
|
|
#
|
|
|
|
# Core interface
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
##
|
|
|
|
|
|
|
|
#
|
2005-11-15 15:11:43 +00:00
|
|
|
# Sets the vector through which this session was realized.
|
2005-07-17 06:01:11 +00:00
|
|
|
#
|
|
|
|
def set_via(opts)
|
|
|
|
self.via = opts || {}
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Returns the exploit module name through which this session was
|
|
|
|
# created.
|
|
|
|
#
|
|
|
|
def via_exploit
|
|
|
|
self.via['Exploit'] if (self.via)
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Returns the payload module name through which this session was
|
|
|
|
# created.
|
|
|
|
#
|
|
|
|
def via_payload
|
|
|
|
self.via['Payload'] if (self.via)
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Perform session-specific cleanup.
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
def cleanup
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# By default, sessions are not interactive.
|
|
|
|
#
|
|
|
|
def interactive?
|
|
|
|
false
|
2005-07-16 07:32:11 +00:00
|
|
|
end
|
|
|
|
|
2007-02-11 23:24:25 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# Allow the user to terminate this session
|
|
|
|
#
|
|
|
|
def kill
|
|
|
|
framework.sessions.deregister(self)
|
|
|
|
end
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
#
|
|
|
|
# The framework instance that created this session.
|
|
|
|
#
|
|
|
|
attr_accessor :framework
|
|
|
|
#
|
|
|
|
# The session unique identifier.
|
|
|
|
#
|
|
|
|
attr_accessor :sid
|
|
|
|
#
|
|
|
|
# The session name.
|
|
|
|
#
|
|
|
|
attr_accessor :sname
|
2005-05-22 07:14:16 +00:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
2005-11-15 15:11:43 +00:00
|
|
|
attr_accessor :via # :nodoc:
|
2005-07-17 06:01:11 +00:00
|
|
|
|
2005-05-21 17:57:00 +00:00
|
|
|
end
|
|
|
|
|
2009-12-22 18:52:48 +00:00
|
|
|
end
|