Track the target host/workspace through the entire tree, expose to RPC, and use this telnet_login
git-svn-id: file:///home/svn/framework3/trunk@8583 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
1faec528de
commit
479f2939fc
|
@ -11,10 +11,6 @@ module Auxiliary::Report
|
|||
|
||||
def initialize(info = {})
|
||||
super
|
||||
|
||||
register_options([
|
||||
OptString.new('WORKSPACE', [ false, "The name of the workspace to report data into"])
|
||||
], Auxiliary::Report)
|
||||
end
|
||||
|
||||
# Shortcut method for detecting when the DB is active
|
||||
|
@ -24,7 +20,7 @@ module Auxiliary::Report
|
|||
|
||||
def myworkspace
|
||||
return @myworkspace if @myworkspace
|
||||
@myworkspace = Msf::DBManager::Workspace.find_by_name(datastore['WORKSPACE']) || framework.db.workspace
|
||||
@myworkspace = self.workspace
|
||||
end
|
||||
|
||||
#
|
||||
|
|
|
@ -190,11 +190,9 @@ protected
|
|||
# Pass along the framework context
|
||||
s.framework = framework
|
||||
|
||||
# Associate this session with this payload and with the
|
||||
# assoc_exploit, if this payload has one
|
||||
s.set_via(
|
||||
'Exploit' => assoc_exploit ? assoc_exploit.refname : nil,
|
||||
'Payload' => self.refname)
|
||||
# Associate this system with the original exploit
|
||||
# and any relevant information
|
||||
s.set_from_exploit(assoc_exploit)
|
||||
|
||||
# If the session is valid, register it with the framework and
|
||||
# notify any waiters we may have.
|
||||
|
|
|
@ -138,6 +138,12 @@ class Module
|
|||
|
||||
self.privileged = module_info['Privileged'] || false
|
||||
self.license = module_info['License'] || MSF_LICENSE
|
||||
|
||||
# Allow all modules to track their current workspace
|
||||
register_advanced_options(
|
||||
[
|
||||
OptString.new('WORKSPACE', [ false, "Specify the workspace for this module" ])
|
||||
], Msf::Module)
|
||||
end
|
||||
|
||||
#
|
||||
|
@ -145,9 +151,9 @@ class Module
|
|||
#
|
||||
def replicant
|
||||
obj = self.class.new
|
||||
obj.datastore = self.datastore.dup
|
||||
obj.user_input = self.user_input
|
||||
obj.user_output = self.user_output
|
||||
obj.datastore = self.datastore.dup
|
||||
obj.user_input = self.user_input
|
||||
obj.user_output = self.user_output
|
||||
obj.module_store = self.module_store
|
||||
obj
|
||||
end
|
||||
|
@ -279,6 +285,29 @@ class Module
|
|||
module_info['Compat'] || {}
|
||||
end
|
||||
|
||||
#
|
||||
# Returns the address of the last target host (rough estimate)
|
||||
#
|
||||
def target_host
|
||||
if(self.respond_to?('rhost'))
|
||||
return rhost()
|
||||
end
|
||||
|
||||
if(self.datastore['RHOST'])
|
||||
return self.datastore['RHOST']
|
||||
end
|
||||
|
||||
nil
|
||||
end
|
||||
|
||||
#
|
||||
# Returns the current workspace
|
||||
#
|
||||
def workspace
|
||||
self.datastore['WORKSPACE'] ||
|
||||
(framework.db and framework.db.workspace and framework.db.workspace.name)
|
||||
end
|
||||
|
||||
#
|
||||
# Returns whether or not this module is compatible with the supplied
|
||||
# module.
|
||||
|
|
|
@ -13,7 +13,9 @@ class Session < Base
|
|||
'tunnel_peer' => s.tunnel_peer.to_s,
|
||||
'via_exploit' => s.via_exploit.to_s,
|
||||
'via_payload' => s.via_payload.to_s,
|
||||
'desc' => s.desc.to_s
|
||||
'desc' => s.desc.to_s,
|
||||
'workspace' => s.workspace.to_s,
|
||||
'target_host' => s.target_host.to_s
|
||||
}
|
||||
end
|
||||
res
|
||||
|
|
|
@ -39,13 +39,13 @@ end
|
|||
#
|
||||
# The session class represents a post-exploitation, uh, session.
|
||||
# Sessions can be written to, read from, and interacted with. The
|
||||
# underlying medium on which they are backed is arbitrary. For
|
||||
# underlying medium on which they are backed is arbitrary. For
|
||||
# instance, when an exploit is provided with a command shell,
|
||||
# either through a network connection or locally, the session's
|
||||
# read and write operations end up reading from and writing to
|
||||
# the shell that was spawned. The session object can be seen
|
||||
# as a general means of interacting with various post-exploitation
|
||||
# payloads through a common interface that is not necessarily
|
||||
# payloads through a common interface that is not necessarily
|
||||
# tied to a network connection.
|
||||
#
|
||||
###
|
||||
|
@ -172,7 +172,20 @@ module Session
|
|||
# Sets the vector through which this session was realized.
|
||||
#
|
||||
def set_via(opts)
|
||||
self.via = opts || {}
|
||||
self.via = opts || {}
|
||||
end
|
||||
|
||||
#
|
||||
# Configures via_payload, via_payload, workspace, target_host from an
|
||||
# exploit instance.
|
||||
#
|
||||
def set_from_exploit(m)
|
||||
self.via = {
|
||||
'Exploit' => m.refname,
|
||||
'Payload' => m.datastore['PAYLOAD'].to_s
|
||||
}
|
||||
self.target_host = m.target_host
|
||||
self.workspace = m.workspace
|
||||
end
|
||||
|
||||
#
|
||||
|
@ -214,7 +227,7 @@ module Session
|
|||
|
||||
#
|
||||
# The framework instance that created this session.
|
||||
#
|
||||
#
|
||||
attr_accessor :framework
|
||||
#
|
||||
# The session unique identifier.
|
||||
|
@ -224,7 +237,14 @@ module Session
|
|||
# The session name.
|
||||
#
|
||||
attr_accessor :sname
|
||||
|
||||
#
|
||||
# The associated workspace name
|
||||
#
|
||||
attr_accessor :workspace
|
||||
#
|
||||
# The original target host address
|
||||
#
|
||||
attr_accessor :target_host
|
||||
protected
|
||||
|
||||
attr_accessor :via # :nodoc:
|
||||
|
@ -232,3 +252,4 @@ protected
|
|||
end
|
||||
|
||||
end
|
||||
|
||||
|
|
|
@ -173,6 +173,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# seem to affect anything else.
|
||||
sock.extend(CRLFLineEndings)
|
||||
sess = Msf::Sessions::CommandShell.new(sock)
|
||||
sess.set_from_exploit(self)
|
||||
framework.sessions.register(sess)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue