git-svn-id: file:///home/svn/incoming/trunk@2683 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Matt Miller 2005-07-09 19:35:29 +00:00
parent b0d839da1d
commit 21f440028c
8 changed files with 46 additions and 41 deletions

View File

@ -23,3 +23,6 @@ require 'Msf/Base/Session/CommandShell'
require 'Msf/Base/Session/Meterpreter' require 'Msf/Base/Session/Meterpreter'
require 'Msf/Base/Session/DispatchNinja' require 'Msf/Base/Session/DispatchNinja'
require 'Msf/Base/Session/Vnc' require 'Msf/Base/Session/Vnc'
# Serialization
require 'Msf/Base/Serializer/ReadableText'

View File

@ -15,9 +15,6 @@ module Msf
class ModuleSet < Hash class ModuleSet < Hash
def initialize(type = nil) def initialize(type = nil)
self.module_type = type self.module_type = type
self.full_names = {}
self.alias_names = {}
self.ambiguous_names = {}
# Hashes that convey the supported architectures and platforms for a # Hashes that convey the supported architectures and platforms for a
# given module # given module
@ -27,19 +24,8 @@ class ModuleSet < Hash
# Create an instance of the supplied module by its name # Create an instance of the supplied module by its name
def create(name) def create(name)
# If the supplied name is known-ambiguous, prevent its creation klass = self[name]
if (ambiguous_names[name])
raise(NameError.new("The supplied module name is ambiguous with: #{ambiguous_names[name].join}", name),
caller)
end
# If not by short name, then by full name, or so sayeth the spider
if (((klass = self[name]) == nil) and
((klass = alias_names[name]) == nil))
klass = full_names[name]
end
# Otherwise, try to create it
return (klass) ? klass.new : nil return (klass) ? klass.new : nil
end end
@ -72,26 +58,17 @@ class ModuleSet < Hash
def recalculate def recalculate
end end
attr_reader :module_type, :full_names attr_reader :module_type
protected protected
# Adds a module with a supplied short name, full name, and associated # Adds a module with a supplied short name, full name, and associated
# module class # module class
def add_module(short_name, full_name, module_class) def add_module(module_class, alias_name = nil)
if (self[short_name]) self[alias_name || module_class.new.alias] = module_class
ambiguous_names[short_name] = [] if (!ambiguous_names[short_name])
ambiguous_names[short_name] << full_name
else
self[short_name] = module_class
end end
full_names[full_name] = module_class attr_writer :module_type
alias_names[module_class.new.alias] = module_class
end
attr_writer :module_type, :full_names
attr_accessor :ambiguous_names, :alias_names
attr_accessor :mod_arch_hash, :mod_platform_hash attr_accessor :mod_arch_hash, :mod_platform_hash
end end
@ -346,10 +323,10 @@ protected
if (type != MODULE_PAYLOAD) if (type != MODULE_PAYLOAD)
# Add the module class to the list of modules and add it to the # Add the module class to the list of modules and add it to the
# type separated set of module classes # type separated set of module classes
add_module(mod_short_name, mod_full_name, mod) add_module(mod)
end end
module_sets[type].add_module(mod_short_name, mod_full_name, mod) module_sets[type].add_module(mod)
end end
attr_accessor :modules, :module_sets attr_accessor :modules, :module_sets

View File

@ -33,9 +33,9 @@ class PayloadSet < ModuleSet
# of singles, stagers, and stages # of singles, stagers, and stages
def recalculate def recalculate
# Reset the current hash associations # Reset the current hash associations
full_names.clear self.each_key { |key|
alias_names.clear manager.delete(key)
ambiguous_names.clear }
self.clear self.clear
# Recalculate single payloads # Recalculate single payloads
@ -52,6 +52,8 @@ class PayloadSet < ModuleSet
# Associate this class with the single payload's name # Associate this class with the single payload's name
self[name] = p self[name] = p
manager.add_module(p, name)
dlog("Built single payload #{name}.", 'core', LEV_1) dlog("Built single payload #{name}.", 'core', LEV_1)
} }
@ -95,6 +97,8 @@ class PayloadSet < ModuleSet
self[combined] = p self[combined] = p
manager.add_module(p, combined)
dlog("Built staged payload #{combined}.", 'core', LEV_1) dlog("Built staged payload #{combined}.", 'core', LEV_1)
} }
} }
@ -119,7 +123,7 @@ class PayloadSet < ModuleSet
# set we simply create an instance of the class and do some magic to figure # set we simply create an instance of the class and do some magic to figure
# out if it's a single, stager, or stage. Depending on which it is, we # out if it's a single, stager, or stage. Depending on which it is, we
# add it to the appropriate list # add it to the appropriate list
def add_module(short_name, full_name, pmodule) def add_module(pmodule)
# Duplicate the Payload base class and extend it with the module # Duplicate the Payload base class and extend it with the module
# class that is passed in. This allows us to inspect the actual # class that is passed in. This allows us to inspect the actual

View File

@ -16,8 +16,10 @@ class Core
"?" => "Help menu", "?" => "Help menu",
"exit" => "Exit the console", "exit" => "Exit the console",
"help" => "Help menu", "help" => "Help menu",
"info" => "Displays information about one or more module",
"search" => "Adds one or more module search paths", "search" => "Adds one or more module search paths",
"set" => "Sets a variable to a value", "set" => "Sets a variable to a value",
"unset" => "Unsets one or more variables",
"show" => "Displays modules of a given type, or all modules", "show" => "Displays modules of a given type, or all modules",
"use" => "Selects a module by name", "use" => "Selects a module by name",
"quit" => "Exit the console", "quit" => "Exit the console",
@ -26,8 +28,6 @@ class Core
# Instructs the driver to stop executing # Instructs the driver to stop executing
def cmd_exit(args) def cmd_exit(args)
print_line("Exiting...")
driver.stop driver.stop
end end
@ -64,6 +64,26 @@ class Core
print(tbl.to_s) print(tbl.to_s)
end end
# Displays information about one or more module
def cmd_info(args)
if (args.length == 0)
print(
"Usage: info mod1 mod2 mod3 ...\n\n" +
"Queries the supplied module or modules for information.\n")
return false
end
args.each { |name|
mod = framework.modules.create(name)
if (mod == nil)
print_error("Invalid module: #{name}")
else
print(Serializer::ReadableText.dump_module(mod))
end
}
end
alias cmd_? cmd_help alias cmd_? cmd_help
# Adds one or more search paths # Adds one or more search paths

View File

@ -1,4 +1,5 @@
require 'Msf/Core' require 'Msf/Core'
require 'Msf/Base'
require 'Msf/Ui' require 'Msf/Ui'
require 'Msf/Ui/Console/Shell' require 'Msf/Ui/Console/Shell'
require 'Msf/Ui/Console/CommandDispatcher' require 'Msf/Ui/Console/CommandDispatcher'

View File

@ -24,10 +24,10 @@ module ReverseTcp
'StagerPayload' => 'StagerPayload' =>
{ {
'Offsets' => 'Offsets' =>
[ {
'LHOST' => [ 221, 'ADDR' ], 'LHOST' => [ 221, 'ADDR' ],
'LPORT' => [ 228, 'n' ], 'LPORT' => [ 228, 'n' ],
], },
'Payload' => 'Payload' =>
"\xe8\x56\x00\x00\x00\x53\x55\x56\x57\x8b\x6c\x24\x18\x8b\x45\x3c" + "\xe8\x56\x00\x00\x00\x53\x55\x56\x57\x8b\x6c\x24\x18\x8b\x45\x3c" +
"\x8b\x54\x05\x78\x01\xea\x8b\x4a\x18\x8b\x5a\x20\x01\xeb\xe3\x32" + "\x8b\x54\x05\x78\x01\xea\x8b\x4a\x18\x8b\x5a\x20\x01\xeb\xe3\x32" +

View File

@ -22,9 +22,9 @@ module Shell
'StagePayload' => 'StagePayload' =>
{ {
'Offsets' => 'Offsets' =>
[ {
'EXITFUNC' => [ 103 + 28, 'V' ] 'EXITFUNC' => [ 103 + 28, 'V' ]
], },
'Payload' => 'Payload' =>
"\xe8\x09\x00\x00\x00\x41\x44\x56\x41\x50\x49\x33\x32\x00\xff\x55" + "\xe8\x09\x00\x00\x00\x41\x44\x56\x41\x50\x49\x33\x32\x00\xff\x55" +
"\x08\x50\x68\x2a\xc8\xde\x50\xff\x55\x04\xff\xd0" + "\x08\x50\x68\x2a\xc8\xde\x50\xff\x55\x04\xff\xd0" +