2005-07-09 21:18:49 +00:00
|
|
|
require 'msf/core'
|
2005-05-21 17:57:00 +00:00
|
|
|
|
|
|
|
|
module Msf
|
|
|
|
|
|
2005-05-22 07:14:16 +00:00
|
|
|
###
|
|
|
|
|
#
|
|
|
|
|
# SessionEvents
|
|
|
|
|
# -------------
|
|
|
|
|
#
|
|
|
|
|
# Event notifications that affect sessions.
|
|
|
|
|
#
|
|
|
|
|
###
|
2005-05-21 17:57:00 +00:00
|
|
|
module SessionEvents
|
|
|
|
|
|
2005-05-22 07:14:16 +00:00
|
|
|
# Called when a session is opened
|
2005-05-21 17:57:00 +00:00
|
|
|
def on_session_open(session)
|
|
|
|
|
end
|
|
|
|
|
|
2005-05-22 07:14:16 +00:00
|
|
|
# Called when a session is closed
|
2005-05-21 17:57:00 +00:00
|
|
|
def on_session_close(session)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
###
|
|
|
|
|
#
|
|
|
|
|
# Session
|
|
|
|
|
# -------
|
|
|
|
|
#
|
2005-05-22 07:14:16 +00:00
|
|
|
# The session class represents a post-exploitation, uh, session.
|
2005-07-16 07:32:11 +00:00
|
|
|
# Sessions can be written to, read from, and interacted with. The
|
2005-05-22 07:14:16 +00:00
|
|
|
# underlying medium on which they are backed is arbitrary. For
|
|
|
|
|
# instance, when an exploit is provided with a command shell,
|
|
|
|
|
# either through a network connection or locally, the session's
|
|
|
|
|
# read and write operations end up reading from and writing to
|
|
|
|
|
# the shell that was spawned. The session object can be seen
|
|
|
|
|
# as a general means of interacting with various post-exploitation
|
|
|
|
|
# payloads through a common interface that is not necessarily
|
|
|
|
|
# tied to a network connection.
|
2005-05-21 17:57:00 +00:00
|
|
|
#
|
|
|
|
|
###
|
2005-07-16 07:32:11 +00:00
|
|
|
module Session
|
2005-05-22 07:14:16 +00:00
|
|
|
|
2005-07-16 07:32:11 +00:00
|
|
|
include Framework::Offspring
|
|
|
|
|
|
|
|
|
|
# Direct descendents
|
|
|
|
|
require 'msf/core/session/interactive'
|
|
|
|
|
require 'msf/core/session/basic'
|
2005-09-30 05:59:44 +00:00
|
|
|
require 'msf/core/session/comm'
|
2005-07-16 07:32:11 +00:00
|
|
|
|
|
|
|
|
# Provider interfaces
|
|
|
|
|
require 'msf/core/session/provider/single_command_execution'
|
|
|
|
|
require 'msf/core/session/provider/multi_command_execution'
|
|
|
|
|
require 'msf/core/session/provider/single_command_shell'
|
|
|
|
|
require 'msf/core/session/provider/multi_command_shell'
|
2005-07-19 14:33:25 +00:00
|
|
|
|
|
|
|
|
def self.type
|
|
|
|
|
"unknown"
|
|
|
|
|
end
|
|
|
|
|
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
|
# Returns the session's name if it's been assigned one, otherwise
|
|
|
|
|
# the sid is returned.
|
|
|
|
|
#
|
|
|
|
|
def name
|
|
|
|
|
return sname || sid
|
|
|
|
|
end
|
2005-07-16 07:32:11 +00:00
|
|
|
|
|
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
# Sets the session's name
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
def name=(name)
|
|
|
|
|
self.sname = name
|
2005-05-22 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
|
2005-05-25 05:07:22 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
# Returns the description of the session
|
2005-05-25 05:07:22 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
def desc
|
2005-05-22 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
# Returns the type of session in use
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
def type
|
2005-07-16 07:32:11 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
# Returns the local side of the tunnel
|
|
|
|
|
#
|
|
|
|
|
def tunnel_local
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns the peer side of the tunnel
|
|
|
|
|
#
|
|
|
|
|
def tunnel_peer
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns a pretty representation of the tunnel
|
|
|
|
|
#
|
|
|
|
|
def tunnel_to_s
|
|
|
|
|
"#{(tunnel_local || '??').to_s} -> #{(tunnel_peer || '??').to_s}"
|
|
|
|
|
end
|
|
|
|
|
|
2005-10-02 03:21:26 +00:00
|
|
|
##
|
|
|
|
|
#
|
|
|
|
|
# Logging
|
|
|
|
|
#
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns the suggested name of the log file for this session.
|
|
|
|
|
#
|
|
|
|
|
def log_file_name
|
|
|
|
|
dt = Time.now
|
|
|
|
|
|
|
|
|
|
dstr = sprintf("%.4d%.2d%.2d", dt.year, dt.mon, dt.mday)
|
|
|
|
|
|
|
|
|
|
("#{dstr}_" + tunnel_to_s + "_#{name.to_s}_#{(type || 'unknown').downcase}").gsub(/\s/, '_').gsub(/->/, 'to')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns the log source that should be used for this session.
|
|
|
|
|
#
|
|
|
|
|
def log_source
|
|
|
|
|
"session_#{name.to_s}"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def log_from_remote(buf)
|
|
|
|
|
rlog(buf, log_source)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def log_from_local(buf)
|
|
|
|
|
rlog(buf, log_source)
|
|
|
|
|
end
|
|
|
|
|
|
2005-07-16 08:12:58 +00:00
|
|
|
##
|
|
|
|
|
#
|
|
|
|
|
# Core interface
|
2005-07-16 07:32:11 +00:00
|
|
|
#
|
2005-07-16 08:12:58 +00:00
|
|
|
##
|
|
|
|
|
|
|
|
|
|
#
|
2005-07-17 06:01:11 +00:00
|
|
|
# Sets the vector through which this session was realized
|
|
|
|
|
#
|
|
|
|
|
def set_via(opts)
|
|
|
|
|
self.via = opts || {}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns the exploit module name through which this session was
|
|
|
|
|
# created.
|
|
|
|
|
#
|
|
|
|
|
def via_exploit
|
|
|
|
|
self.via['Exploit'] if (self.via)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns the payload module name through which this session was
|
|
|
|
|
# created.
|
|
|
|
|
#
|
|
|
|
|
def via_payload
|
|
|
|
|
self.via['Payload'] if (self.via)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Perform session-specific cleanup.
|
2005-07-16 08:12:58 +00:00
|
|
|
#
|
|
|
|
|
def cleanup
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# By default, sessions are not interactive.
|
|
|
|
|
#
|
|
|
|
|
def interactive?
|
|
|
|
|
false
|
2005-07-16 07:32:11 +00:00
|
|
|
end
|
|
|
|
|
|
2005-07-16 08:12:58 +00:00
|
|
|
attr_accessor :framework, :sid, :sname
|
2005-05-22 07:14:16 +00:00
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
2005-07-17 06:01:11 +00:00
|
|
|
attr_accessor :via
|
|
|
|
|
|
2005-05-21 17:57:00 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
