2011-05-12 20:03:55 +00:00
|
|
|
require 'rex/proto/http'
|
2005-11-22 03:20:09 +00:00
|
|
|
require 'msf/core'
|
|
|
|
require 'msf/base'
|
|
|
|
require 'msf/ui'
|
|
|
|
|
|
|
|
module Msf
|
|
|
|
module Ui
|
|
|
|
module Web
|
|
|
|
|
2011-05-12 20:03:55 +00:00
|
|
|
require 'rex/io/bidirectional_pipe'
|
2007-02-10 18:07:08 +00:00
|
|
|
require 'msf/ui/web/console'
|
2007-01-31 00:08:52 +00:00
|
|
|
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
###
|
|
|
|
#
|
|
|
|
# This class implements a user interface driver on a web interface.
|
|
|
|
#
|
|
|
|
###
|
|
|
|
class Driver < Msf::Ui::Driver
|
2005-11-24 03:31:23 +00:00
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
|
|
|
|
attr_accessor :framework # :nodoc:
|
|
|
|
attr_accessor :consoles # :nodoc:
|
2007-02-10 18:07:08 +00:00
|
|
|
attr_accessor :sessions # :nodoc:
|
2007-02-10 05:01:48 +00:00
|
|
|
attr_accessor :last_console # :nodoc:
|
2007-01-19 08:46:06 +00:00
|
|
|
|
|
|
|
ConfigCore = "framework/core"
|
|
|
|
ConfigGroup = "framework/ui/web"
|
2005-11-22 03:20:09 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# Initializes a web driver instance and prepares it for listening to HTTP
|
|
|
|
# requests. The constructor takes a hash of options that can control how
|
|
|
|
# the web server will operate.
|
|
|
|
#
|
|
|
|
def initialize(opts = {})
|
|
|
|
# Call the parent
|
|
|
|
super()
|
|
|
|
|
|
|
|
# Set the passed options hash for referencing later on.
|
|
|
|
self.opts = opts
|
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
self.consoles = {}
|
2007-02-10 18:07:08 +00:00
|
|
|
self.sessions = {}
|
2007-01-19 08:46:06 +00:00
|
|
|
|
2010-02-25 06:26:53 +00:00
|
|
|
if(opts[:framework])
|
|
|
|
self.framework = opts[:framework]
|
|
|
|
else
|
|
|
|
# Initialize configuration
|
|
|
|
Msf::Config.init
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2010-02-25 06:26:53 +00:00
|
|
|
# Initialize logging
|
|
|
|
initialize_logging
|
|
|
|
|
|
|
|
# Initialize attributes
|
|
|
|
self.framework = Msf::Simple::Framework.create
|
|
|
|
end
|
2005-12-21 02:05:46 +00:00
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
# Initialize the console count
|
|
|
|
self.last_console = 0
|
2005-11-22 03:20:09 +00:00
|
|
|
end
|
|
|
|
|
2011-11-04 20:38:12 +00:00
|
|
|
def create_console(opts={})
|
2007-01-19 08:46:06 +00:00
|
|
|
# Destroy any unused consoles
|
|
|
|
clean_consoles
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2011-11-04 20:38:12 +00:00
|
|
|
console = WebConsole.new(self.framework, self.last_console, opts)
|
2007-01-19 08:46:06 +00:00
|
|
|
self.last_console += 1
|
2007-02-10 05:01:48 +00:00
|
|
|
self.consoles[console.console_id.to_s] = console
|
2007-01-19 08:46:06 +00:00
|
|
|
console.console_id.to_s
|
2005-11-22 03:20:09 +00:00
|
|
|
end
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2007-03-11 19:14:10 +00:00
|
|
|
def destroy_console(cid)
|
|
|
|
con = self.consoles[cid]
|
|
|
|
if(con)
|
|
|
|
con.shutdown
|
|
|
|
self.consoles.delete(cid)
|
|
|
|
end
|
|
|
|
end
|
2010-02-25 06:26:53 +00:00
|
|
|
|
2007-03-11 19:14:10 +00:00
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
def write_console(id, buf)
|
2010-02-25 06:26:53 +00:00
|
|
|
self.consoles[id] ? self.consoles[id].write(buf) : nil
|
2005-11-24 02:02:10 +00:00
|
|
|
end
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
def read_console(id)
|
2010-02-25 06:26:53 +00:00
|
|
|
self.consoles[id] ? self.consoles[id].read() : nil
|
2005-11-24 03:31:23 +00:00
|
|
|
end
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2007-01-19 08:46:06 +00:00
|
|
|
def clean_consoles(timeout=300)
|
|
|
|
self.consoles.each_pair do |id, con|
|
|
|
|
if (con.last_access + timeout < Time.now)
|
|
|
|
con.shutdown
|
|
|
|
self.consoles.delete(id)
|
|
|
|
end
|
|
|
|
end
|
2005-11-24 03:31:23 +00:00
|
|
|
end
|
2007-02-10 05:01:48 +00:00
|
|
|
|
2007-02-10 18:07:08 +00:00
|
|
|
def write_session(id, buf)
|
|
|
|
ses = self.framework.sessions[id]
|
|
|
|
return if not ses
|
2007-02-18 05:07:56 +00:00
|
|
|
return if not ses.user_input
|
2007-02-10 18:07:08 +00:00
|
|
|
ses.user_input.put(buf)
|
|
|
|
end
|
2010-02-25 06:26:53 +00:00
|
|
|
|
2007-02-10 18:07:08 +00:00
|
|
|
def read_session(id)
|
|
|
|
ses = self.framework.sessions[id]
|
2007-02-18 05:07:56 +00:00
|
|
|
return if not ses
|
|
|
|
return if not ses.user_output
|
2007-02-10 18:07:08 +00:00
|
|
|
ses.user_output.read_subscriber('session_reader')
|
|
|
|
end
|
2010-02-25 06:26:53 +00:00
|
|
|
|
2007-02-10 18:07:08 +00:00
|
|
|
# Detach the session from an existing input/output pair
|
|
|
|
def connect_session(id)
|
2010-02-25 06:26:53 +00:00
|
|
|
|
2007-02-10 18:07:08 +00:00
|
|
|
# Ignore invalid sessions
|
|
|
|
ses = self.framework.sessions[id]
|
|
|
|
return if not ses
|
2007-02-18 04:25:46 +00:00
|
|
|
|
2007-02-10 18:07:08 +00:00
|
|
|
# Has this session already been detached?
|
2007-02-18 05:07:56 +00:00
|
|
|
if (ses.user_output)
|
|
|
|
return if ses.user_output.has_subscriber?('session_reader')
|
|
|
|
end
|
2007-02-18 04:25:46 +00:00
|
|
|
|
2007-02-10 18:07:08 +00:00
|
|
|
# Create a new pipe
|
|
|
|
spipe = WebConsole::WebConsolePipe.new
|
|
|
|
spipe.input = spipe.pipe_input
|
|
|
|
|
|
|
|
# Create a read subscriber
|
|
|
|
spipe.create_subscriber('session_reader')
|
|
|
|
|
2010-11-12 06:19:49 +00:00
|
|
|
framework.threads.spawn("ConnectSessionInteraction", false) do
|
2007-02-18 05:07:56 +00:00
|
|
|
ses.interact(spipe.input, spipe)
|
2007-02-10 18:07:08 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def sessions
|
|
|
|
self.framework.sessions
|
|
|
|
end
|
2010-02-25 06:26:53 +00:00
|
|
|
|
2005-11-22 03:20:09 +00:00
|
|
|
#
|
2007-01-19 08:46:06 +00:00
|
|
|
# Stub
|
2005-11-22 03:20:09 +00:00
|
|
|
#
|
2007-01-19 08:46:06 +00:00
|
|
|
def run
|
|
|
|
true
|
|
|
|
end
|
2005-11-22 03:20:09 +00:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
attr_accessor :opts # :nodoc:
|
|
|
|
|
|
|
|
#
|
2007-01-19 08:46:06 +00:00
|
|
|
# Initializes logging for the web interface
|
2005-11-22 03:20:09 +00:00
|
|
|
#
|
|
|
|
def initialize_logging
|
|
|
|
level = (opts['LogLevel'] || 0).to_i
|
|
|
|
|
|
|
|
Msf::Logging.enable_log_source(LogSource, level)
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
end
|
2010-02-25 06:26:53 +00:00
|
|
|
end
|
|
|
|
|