metasploit-framework/data/msfweb/app/controllers/console_controller.rb

110 lines
2.1 KiB
Ruby
Raw Normal View History

#
# Author: Metasploit LLC
# Description: The AJAX console controller of msfweb
#
class ConsoleController < ApplicationController
#
# Show the working shell and related facilities.
#
def index
cid = params[:id]
if (not (cid and $msfweb.consoles[cid]))
cid = $msfweb.create_console
if (params[:sid])
$msfweb.consoles[cid].write("sessions -i #{params[:sid]}\n")
$msfweb.consoles[cid].write("\n\n")
end
redirect_to :id => cid
return
end
script = "// Metasploit Web Console Data\n"
out = ""
@cid = params[:id]
@console = $msfweb.consoles[@cid]
if(params[:cmd])
@console.write(params[:cmd] + "\n")
end
if(params[:read])
out = @console.read() || ''
end
if(params[:special])
case params[:special]
when 'kill'
@console.session_kill
when 'detach'
@console.session_detach
end
end
if(params[:tab])
opts = []
cmdl = params[:tab]
out = ""
if (not @console.busy and params[:tab].strip.length > 0)
opts = @console.tab_complete(params[:tab]) || []
end
if (opts.length == 1)
cmdl = opts[0]
else
if (opts.length == 0)
# aint got nothin
else
cmd_top = opts[0]
depth = 0
while (depth < cmd_top.length)
match = true
opts.each do |line|
next if line[depth] == cmd_top[depth]
match = false
break
end
break if not match
depth += 1
end
if (depth > 0)
cmdl = cmd_top[0, depth]
end
out << "\n" + opts.map{ |c| ">> " + c }.join("\n")
end
end
tln = cmdl.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
script += "var con_tabbed = unescape('#{tln}');\n"
end
if(params[:read])
out = out.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
pro = @console.prompt.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
if (@console.busy)
pro = '(running)'.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
end
script += "var con_prompt = unescape('#{pro}');\n"
script += "var con_update = unescape('#{out}');\n"
send_data(script, :type => "text/javascript")
end
end
end