2008-12-02 22:09:34 +00:00
|
|
|
module Msf
|
|
|
|
module RPC
|
|
|
|
class Module < Base
|
|
|
|
|
|
|
|
def exploits(token)
|
|
|
|
authenticate(token)
|
|
|
|
{ "modules" => @framework.exploits.keys }
|
|
|
|
end
|
|
|
|
|
|
|
|
def auxiliary(token)
|
|
|
|
authenticate(token)
|
|
|
|
{ "modules" => @framework.auxiliary.keys }
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def payloads(token)
|
|
|
|
authenticate(token)
|
|
|
|
{ "modules" => @framework.payloads.keys }
|
|
|
|
end
|
|
|
|
|
|
|
|
def encoders(token)
|
|
|
|
authenticate(token)
|
|
|
|
{ "modules" => @framework.encoders.keys }
|
|
|
|
end
|
|
|
|
|
|
|
|
def nops(token)
|
|
|
|
authenticate(token)
|
|
|
|
{ "modules" => @framework.nops.keys }
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def info(token, mtype, mname)
|
|
|
|
authenticate(token)
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
m = _find_module(mtype,mname)
|
|
|
|
res = {}
|
|
|
|
|
|
|
|
res['name'] = m.name
|
|
|
|
res['description'] = m.description
|
|
|
|
res['license'] = m.license
|
|
|
|
res['filepath'] = m.file_path
|
|
|
|
res['version'] = m.version
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
res['references'] = []
|
|
|
|
m.references.each do |r|
|
|
|
|
res['references'] << [r.ctx_id, r.ctx_val]
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
res['authors'] = []
|
|
|
|
m.each_author do |a|
|
|
|
|
res['authors'] << a.to_s
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
if(m.type == "exploit")
|
|
|
|
res['targets'] = {}
|
|
|
|
m.targets.each_index do |i|
|
|
|
|
res['targets'][i] = m.targets[i].name
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
if (m.default_target)
|
|
|
|
res['default_target'] = m.default_target
|
|
|
|
end
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
if(m.type == "auxiliary")
|
|
|
|
res['actions'] = {}
|
|
|
|
m.actions.each_index do |i|
|
|
|
|
res['actions'][i] = m.actions[i].name
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
if (m.default_action)
|
|
|
|
res['default_action'] = m.default_action
|
|
|
|
end
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
res
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def compatible_payloads(token, mname)
|
|
|
|
authenticate(token)
|
2009-08-17 20:00:05 +00:00
|
|
|
#m = @framework.exploits[mname]
|
|
|
|
m = _find_module('exploit',mname)
|
2008-12-02 22:09:34 +00:00
|
|
|
if(not m)
|
|
|
|
raise ::XMLRPC::FaultException.new(404, "unknown module")
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
res = {}
|
|
|
|
res['payloads'] = []
|
|
|
|
m.compatible_payloads.each do |k|
|
|
|
|
res['payloads'] << k[0]
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
res
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def options(token, mtype, mname)
|
|
|
|
authenticate(token)
|
|
|
|
|
|
|
|
m = _find_module(mtype,mname)
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
res = {}
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
m.options.each_key do |k|
|
|
|
|
o = m.options[k]
|
|
|
|
res[k] = {
|
|
|
|
'type' => o.type,
|
|
|
|
'required' => o.required,
|
|
|
|
'advanced' => o.advanced,
|
|
|
|
'evasion' => o.evasion,
|
|
|
|
'desc' => o.desc
|
|
|
|
}
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
if(not o.default.nil?)
|
|
|
|
res[k]['default'] = o.default
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
if(o.enums.length > 1)
|
|
|
|
res[k]['enums'] = o.enums
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
res
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def execute(token, mtype, mname, opts)
|
|
|
|
authenticate(token)
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
mod = _find_module(mtype,mname)
|
|
|
|
case mtype
|
|
|
|
when 'exploit'
|
|
|
|
_run_exploit(mod, opts)
|
|
|
|
when 'auxiliary'
|
|
|
|
_run_auxiliary(mod, opts)
|
|
|
|
when 'payload'
|
|
|
|
_run_payload(mod, opts)
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
protected
|
|
|
|
|
|
|
|
def _find_module(mtype,mname)
|
|
|
|
mod = @framework.modules.create(mname)
|
|
|
|
|
|
|
|
if(not mod)
|
|
|
|
raise ::XMLRPC::FaultException.new(404, "unknown module")
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
|
|
|
mod
|
2008-12-02 22:09:34 +00:00
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def _run_exploit(mod, opts)
|
|
|
|
s = Msf::Simple::Exploit.exploit_simple(mod, {
|
|
|
|
'Payload' => opts['PAYLOAD'],
|
|
|
|
'Target' => opts['TARGET'],
|
|
|
|
'RunAsJob' => true,
|
|
|
|
'Options' => opts
|
|
|
|
})
|
|
|
|
{"result" => "success"}
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def _run_auxiliary(mod, opts)
|
|
|
|
Msf::Simple::Auxiliary.run_simple(mod, {
|
|
|
|
'Action' => opts['ACTION'],
|
|
|
|
'RunAsJob' => true,
|
|
|
|
'Options' => opts
|
|
|
|
})
|
|
|
|
{"result" => "success"}
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
def _run_payload(mod, opts)
|
|
|
|
badchars = [opts['BadChars'] || ''].pack("H*")
|
2010-07-23 20:22:36 +00:00
|
|
|
fmt = opts['Format'] || 'raw'
|
|
|
|
force = opts['ForceEncode'] || false
|
|
|
|
template = opts['Template'] || nil
|
|
|
|
plat = opts['Platform'] || nil
|
|
|
|
keep = opts['KeepTemplateWorking'] || false
|
|
|
|
force = opts['ForceEncode'] || false
|
|
|
|
sled_size = opts['NopSledSize'].to_i || 0
|
|
|
|
iter = opts['Iterations'].to_i || 0
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
begin
|
|
|
|
res = Msf::Simple::Payload.generate_simple(mod, {
|
|
|
|
'BadChars' => badchars,
|
|
|
|
'Encoder' => opts['Encoder'],
|
2010-07-23 20:22:36 +00:00
|
|
|
'Format' => fmt,
|
2008-12-02 22:09:34 +00:00
|
|
|
'NoComment' => true,
|
2010-07-23 20:22:36 +00:00
|
|
|
'NopSledSize' => sled_size,
|
|
|
|
'Options' => opts,
|
|
|
|
'ForceEncode' => force,
|
|
|
|
'Template' => template,
|
|
|
|
'Platform' => plat,
|
|
|
|
'KeepTemplateWorking' => keep,
|
|
|
|
'Iterations' => iter
|
2008-12-02 22:09:34 +00:00
|
|
|
})
|
|
|
|
|
2010-04-25 23:49:20 +00:00
|
|
|
{"result" => "success", "payload" => res.unpack("H*")[0]}
|
2010-09-09 05:19:04 +00:00
|
|
|
rescue ::Exception => e
|
|
|
|
raise ::XMLRPC::FaultException.new(500, "failed to generate: #{e.message}")
|
2008-12-02 22:09:34 +00:00
|
|
|
end
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|
2008-12-02 22:09:34 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2010-04-25 23:49:20 +00:00
|
|
|
|