metasploit-framework/lib/msf/core/session.rb

235 lines
3.8 KiB
Ruby
Raw Normal View History

require 'msf/core'
module Msf
###
#
# Event notifications that affect sessions.
#
###
module SessionEvent
#
# Called when a session is opened.
#
def on_session_open(session)
end
#
# Called when a session is closed.
#
def on_session_close(session)
end
#
# Called when the user interacts with a session.
#
def on_session_interact(session)
end
#
# Called when the user writes data to a session.
#
def on_session_command(session, command)
end
end
###
#
# The session class represents a post-exploitation, uh, session.
# Sessions can be written to, read from, and interacted with. The
# underlying medium on which they are backed is arbitrary. For
# instance, when an exploit is provided with a command shell,
# either through a network connection or locally, the session's
# read and write operations end up reading from and writing to
# the shell that was spawned. The session object can be seen
# as a general means of interacting with various post-exploitation
# payloads through a common interface that is not necessarily
# tied to a network connection.
#
###
module Session
include Framework::Offspring
# Direct descendents
require 'msf/core/session/interactive'
require 'msf/core/session/basic'
require 'msf/core/session/comm'
# Provider interfaces
require 'msf/core/session/provider/single_command_execution'
require 'msf/core/session/provider/multi_command_execution'
require 'msf/core/session/provider/single_command_shell'
require 'msf/core/session/provider/multi_command_shell'
def self.type
"unknown"
end
#
# Returns the session's name if it's been assigned one, otherwise
# the sid is returned.
#
def name
return sname || sid
end
#
# Sets the session's name.
#
def name=(name)
self.sname = name
end
#
# Brief and to the point
#
def inspect
"#<Session:#{self.type} #{self.tunnel_peer}>"
end
#
# Returns the description of the session.
#
def desc
end
#
# Returns the type of session in use.
#
def type
end
#
# Returns the local side of the tunnel.
#
def tunnel_local
end
#
# Returns the peer side of the tunnel.
#
def tunnel_peer
end
#
# Returns a pretty representation of the tunnel.
#
def tunnel_to_s
"#{(tunnel_local || '??')} -> #{(tunnel_peer || '??')}"
end
##
#
# Logging
#
##
#
# Returns the suggested name of the log file for this session.
#
def log_file_name
dt = Time.now
dstr = sprintf("%.4d%.2d%.2d", dt.year, dt.mon, dt.mday)
rhost = (tunnel_peer || 'unknown').split(':')[0]
"#{dstr}_#{rhost}_#{type}"
end
#
# Returns the log source that should be used for this session.
#
def log_source
"session_#{name}"
end
#
# This method logs the supplied buffer as coming from the remote side of
# the session.
#
def log_from_remote(buf)
rlog(buf, log_source)
end
#
# This method logs the supplied buffer as coming from the local side of
# the session.
#
def log_from_local(buf)
rlog(buf, log_source)
end
##
#
# Core interface
#
##
#
# Sets the vector through which this session was realized.
#
def set_via(opts)
self.via = opts || {}
end
#
# Returns the exploit module name through which this session was
# created.
#
def via_exploit
self.via['Exploit'] if (self.via)
end
#
# Returns the payload module name through which this session was
# created.
#
def via_payload
self.via['Payload'] if (self.via)
end
#
# Perform session-specific cleanup.
#
def cleanup
end
#
# By default, sessions are not interactive.
#
def interactive?
false
end
#
# Allow the user to terminate this session
#
def kill
framework.sessions.deregister(self)
end
#
# The framework instance that created this session.
#
attr_accessor :framework
#
# The session unique identifier.
#
attr_accessor :sid
#
# The session name.
#
attr_accessor :sname
protected
attr_accessor :via # :nodoc:
end
end