remove various session manipulation hacks since session.platform should always contain an os identifier

bug/bundler_fix
Brent Cook 2016-03-17 23:26:12 -05:00
parent f466464e80
commit 57a3a2871b
8 changed files with 27 additions and 121 deletions

View File

@ -32,23 +32,11 @@ class MetasploitModule < Msf::Post
# Run Method for when run command is issued # Run Method for when run command is issued
def run def run
domain = datastore['DOMAIN'] domain = datastore['DOMAIN']
hostlst = datastore['NAMELIST'] hostlst = datastore['NAMELIST']
a = [] a = []
print_status("Performing DNS Forward Lookup Bruteforce for Domain #{domain}") print_status("Performing DNS Forward Lookup Bruteforce for Domain #{domain}")
if session.type =~ /shell/
# Only one thread possible when shell
thread_num = 1
# Use the shell platform for selecting the command
platform = session.platform
else
# When in Meterpreter the safest thread number is 10
thread_num = 10
# For Meterpreter use the sysinfo OS since java Meterpreter returns java as platform
platform = session.sys.config.sysinfo['OS']
end
name_list = [] name_list = []
if ::File.exist?(hostlst) if ::File.exist?(hostlst)
@ -57,9 +45,7 @@ class MetasploitModule < Msf::Post
end end
end end
platform = session.platform case session.platform
case platform
when /win/i when /win/i
cmd = "nslookup" cmd = "nslookup"
when /solaris/i when /solaris/i
@ -67,8 +53,9 @@ class MetasploitModule < Msf::Post
else else
cmd = "/usr/bin/host " cmd = "/usr/bin/host "
end end
while(not name_list.nil? and not name_list.empty?)
1.upto(thread_num) do while !name_list.nil? && !name_list.empty?
1.upto session.max_threads do
a << framework.threads.spawn("Module(#{self.refname})", false, name_list.shift) do |n| a << framework.threads.spawn("Module(#{self.refname})", false, name_list.shift) do |n|
next if n.nil? next if n.nil?
vprint_status("Trying #{n.strip}.#{domain}") vprint_status("Trying #{n.strip}.#{domain}")

View File

@ -44,21 +44,7 @@ class MetasploitModule < Msf::Post
iplst << ipa iplst << ipa
end end
if session.type =~ /shell/ case session.platform
# Only one thread possible when shell
thread_num = 1
# Use the shell platform for selecting the command
platform = session.platform
else
# When in Meterpreter the safest thread number is 10
thread_num = 10
# For Meterpreter use the sysinfo OS since java Meterpreter returns java as platform
platform = session.sys.config.sysinfo['OS']
end
platform = session.platform
case platform
when /win/i when /win/i
cmd = "nslookup" cmd = "nslookup"
when /solaris/i when /solaris/i
@ -66,12 +52,13 @@ class MetasploitModule < Msf::Post
else else
cmd = "/usr/bin/host" cmd = "/usr/bin/host"
end end
while(not iplst.nil? and not iplst.empty?)
1.upto(thread_num) do while !iplst.nil? && !iplst.empty?
1.upto session.max_threads do
a << framework.threads.spawn("Module(#{self.refname})", false, iplst.shift) do |ip_add| a << framework.threads.spawn("Module(#{self.refname})", false, iplst.shift) do |ip_add|
next if ip_add.nil? next if ip_add.nil?
r = cmd_exec(cmd, " #{ip_add}") r = cmd_exec(cmd, " #{ip_add}")
case platform case session.platform
when /win/ when /win/
if r =~ /(Name)/ if r =~ /(Name)/
r.scan(/Name:\s*\S*\s/) do |n| r.scan(/Name:\s*\S*\s/) do |n|

View File

@ -55,22 +55,7 @@ class MetasploitModule < Msf::Post
a = [] a = []
case session.platform
if session.type =~ /shell/
# Only one thread possible when shell
thread_num = 1
# Use the shell platform for selecting the command
platform = session.platform
else
# When in Meterpreter the safest thread number is 10
thread_num = 10
# For Meterpreter use the sysinfo OS since java Meterpreter returns java as platform
platform = session.sys.config.sysinfo['OS']
end
platform = session.platform
case platform
when /win/i when /win/i
ns_opt = " -query=srv " ns_opt = " -query=srv "
cmd = "nslookup" cmd = "nslookup"
@ -82,13 +67,13 @@ class MetasploitModule < Msf::Post
cmd = "/usr/bin/host" cmd = "/usr/bin/host"
end end
while(not srvrcd.nil? and not srvrcd.empty?) while !srvrcd.nil? && !srvrcd.empty?
1.upto(thread_num) do 1.upto session.max_threads do
a << framework.threads.spawn("Module(#{self.refname})", false, srvrcd.shift) do |srv| a << framework.threads.spawn("Module(#{self.refname})", false, srvrcd.shift) do |srv|
next if srv.nil? next if srv.nil?
r = cmd_exec(cmd, ns_opt + "#{srv}#{domain}") r = cmd_exec(cmd, ns_opt + "#{srv}#{domain}")
case platform case session.platform
when /win/ when /win/
if r =~ /\s*internet\saddress\s\=\s/ if r =~ /\s*internet\saddress\s\=\s/
nslookup_srv_consume("#{srv}#{domain}", r).each do |f| nslookup_srv_consume("#{srv}#{domain}", r).each do |f|

View File

@ -40,21 +40,8 @@ class MetasploitModule < Msf::Post
end end
iplst << ipa iplst << ipa
end end
if session.type =~ /shell/
# Only one thread possible when shell
thread_num = 1
# Use the shell platform for selecting the command
platform = session.platform
else
# When in Meterpreter the safest thread number is 10
thread_num = 10
# For Meterpreter use the sysinfo OS since java Meterpreter returns java as platform
platform = session.sys.config.sysinfo['OS']
end
platform = session.platform case session.platform
case platform
when /win/i when /win/i
count = " -n 1 " count = " -n 1 "
cmd = "ping" cmd = "ping"
@ -69,10 +56,10 @@ class MetasploitModule < Msf::Post
while(not iplst.nil? and not iplst.empty?) while(not iplst.nil? and not iplst.empty?)
a = [] a = []
1.upto(thread_num) do 1.upto session.max_threads do
a << framework.threads.spawn("Module(#{self.refname})", false, iplst.shift) do |ip_add| a << framework.threads.spawn("Module(#{self.refname})", false, iplst.shift) do |ip_add|
next if ip_add.nil? next if ip_add.nil?
if platform =~ /solaris/i if session.platform =~ /solaris/i
r = cmd_exec(cmd, "-n #{ip_add} 1") r = cmd_exec(cmd, "-n #{ip_add} 1")
else else
r = cmd_exec(cmd, count + ip_add) r = cmd_exec(cmd, count + ip_add)

View File

@ -7,19 +7,12 @@ require 'msf/core'
require 'rex' require 'rex'
require 'csv' require 'csv'
class MetasploitModule < Msf::Post class MetasploitModule < Msf::Post
include Msf::Post::File include Msf::Post::File
include Msf::Post::Windows::UserProfiles include Msf::Post::Windows::UserProfiles
include Msf::Post::OSX::System include Msf::Post::OSX::System
def initialize(info={}) def initialize(info={})
super( update_info( info, super( update_info( info,
'Name' => 'Multi Gather Skype User Data Enumeration', 'Name' => 'Multi Gather Skype User Data Enumeration',
@ -52,9 +45,9 @@ class MetasploitModule < Msf::Post
return return
end end
if (session.platform =~ /java/) || (session.platform =~ /osx/) if session.platform =~ /java/
# Make sure a Java Meterpreter on anything but OSX will exit # Make sure that Java Meterpreter on anything but OSX will exit
if session.platform =~ /java/ and sysinfo['OS'] !~ /Mac OS X/ if session.platform !~ /osx/
print_error("This session type and platform are not supported.") print_error("This session type and platform are not supported.")
return return
end end
@ -105,7 +98,7 @@ class MetasploitModule < Msf::Post
# Download file using Meterpreter functionality and returns path in loot for the file # Download file using Meterpreter functionality and returns path in loot for the file
def download_db(profile) def download_db(profile)
if session.type =~ /meterpreter/ if session.type =~ /meterpreter/
if sysinfo['OS'] =~ /Mac OS X/ if session.platform =~ /osx/
file = session.fs.file.search("#{profile['dir']}/Library/Application Support/Skype/","main.db",true) file = session.fs.file.search("#{profile['dir']}/Library/Application Support/Skype/","main.db",true)
else else
file = session.fs.file.search("#{profile['AppData']}\\Skype","main.db",true) file = session.fs.file.search("#{profile['AppData']}\\Skype","main.db",true)

View File

@ -108,18 +108,8 @@ class MetasploitModule < Msf::Post
# Run Method for when run command is issued # Run Method for when run command is issued
def run def run
if session.type =~ /shell/ case session.platform
# Use the shell platform for selecting the command
platform = session.platform
else
# For Meterpreter use the sysinfo OS since java Meterpreter returns java as platform
platform = session.sys.config.sysinfo['OS']
platform = 'osx' if platform =~ /darwin/i
end
case platform
when /win/i when /win/i
listing = cmd_exec('netsh wlan show networks mode=bssid') listing = cmd_exec('netsh wlan show networks mode=bssid')
if listing.nil? if listing.nil?
print_error("Unable to generate wireless listing.") print_error("Unable to generate wireless listing.")
@ -136,7 +126,6 @@ class MetasploitModule < Msf::Post
end end
when /osx/i when /osx/i
listing = cmd_exec('/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s') listing = cmd_exec('/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s')
if listing.nil? if listing.nil?
print_error("Unable to generate wireless listing.") print_error("Unable to generate wireless listing.")
@ -152,7 +141,6 @@ class MetasploitModule < Msf::Post
end end
when /linux/i when /linux/i
listing = cmd_exec('iwlist scanning') listing = cmd_exec('iwlist scanning')
if listing.nil? if listing.nil?
print_error("Unable to generate wireless listing.") print_error("Unable to generate wireless listing.")
@ -169,7 +157,6 @@ class MetasploitModule < Msf::Post
end end
when /solaris/i when /solaris/i
listing = cmd_exec('dladm scan-wifi') listing = cmd_exec('dladm scan-wifi')
if listing.blank? if listing.blank?
print_error("Unable to generate wireless listing.") print_error("Unable to generate wireless listing.")
@ -182,7 +169,6 @@ class MetasploitModule < Msf::Post
end end
when /bsd/i when /bsd/i
interface = cmd_exec("dmesg | grep -i wlan | cut -d ':' -f1 | uniq") interface = cmd_exec("dmesg | grep -i wlan | cut -d ':' -f1 | uniq")
# Printing interface as this platform requires the interface to be specified # Printing interface as this platform requires the interface to be specified
# it might not be detected correctly. # it might not be detected correctly.

View File

@ -71,12 +71,7 @@ class MetasploitModule < Msf::Post
end end
def os_set_wallpaper(file) def os_set_wallpaper(file)
if session.type =~ /meterpreter/ && session.sys.config.sysinfo['OS'] =~ /darwin/i case session.platform
platform = 'osx'
else
platform = session.platform
end
case platform
when /osx/ when /osx/
osx_set_wallpaper(file) osx_set_wallpaper(file)
when /win/ when /win/

View File

@ -53,7 +53,6 @@ class MetasploitModule < Msf::Post
#parse the dslocal plist in lion #parse the dslocal plist in lion
def read_ds_xml_plist(plist_content) def read_ds_xml_plist(plist_content)
require "rexml/document" require "rexml/document"
doc = REXML::Document.new(plist_content) doc = REXML::Document.new(plist_content)
@ -132,11 +131,7 @@ class MetasploitModule < Msf::Post
when /shell/ when /shell/
osx_ver = cmd_exec("/usr/bin/sw_vers -productName").chomp osx_ver = cmd_exec("/usr/bin/sw_vers -productName").chomp
end end
if osx_ver =~/Server/ return osx_ver =~/Server/
return true
else
return false
end
end end
# Enumerate the OS Version # Enumerate the OS Version
@ -148,13 +143,10 @@ class MetasploitModule < Msf::Post
when /shell/ when /shell/
osx_ver_num = cmd_exec('/usr/bin/sw_vers -productVersion').chomp osx_ver_num = cmd_exec('/usr/bin/sw_vers -productVersion').chomp
end end
return osx_ver_num return osx_ver_num
end end
def enum_conf(log_folder) def enum_conf(log_folder)
session_type = session.type
profile_datatypes = { profile_datatypes = {
'OS' => 'SPSoftwareDataType', 'OS' => 'SPSoftwareDataType',
'Network' => 'SPNetworkDataType', 'Network' => 'SPNetworkDataType',
@ -188,11 +180,11 @@ class MetasploitModule < Msf::Post
profile_datatypes.each do |name, profile_datatypes| profile_datatypes.each do |name, profile_datatypes|
print_status("\tEnumerating #{name}") print_status("\tEnumerating #{name}")
# Run commands according to the session type # Run commands according to the session type
if session_type =~ /meterpreter/ if session.type =~ /meterpreter/
returned_data = cmd_exec('system_profiler', profile_datatypes) returned_data = cmd_exec('system_profiler', profile_datatypes)
# Save data lo log folder # Save data lo log folder
file_local_write(log_folder+"//#{name}.txt",returned_data) file_local_write(log_folder+"//#{name}.txt",returned_data)
elsif session_type =~ /shell/ elsif session.type =~ /shell/
begin begin
returned_data = cmd_exec("/usr/sbin/system_profiler #{profile_datatypes}", 15) returned_data = cmd_exec("/usr/sbin/system_profiler #{profile_datatypes}", 15)
# Save data lo log folder # Save data lo log folder
@ -207,11 +199,11 @@ class MetasploitModule < Msf::Post
print_status("\tEnumerating #{name}") print_status("\tEnumerating #{name}")
# Run commands according to the session type # Run commands according to the session type
begin begin
if session_type =~ /meterpreter/ if session.type =~ /meterpreter/
command_output = cmd_exec(command[0],command[1]) command_output = cmd_exec(command[0],command[1])
# Save data lo log folder # Save data lo log folder
file_local_write(log_folder+"//#{name}.txt",command_output) file_local_write(log_folder+"//#{name}.txt",command_output)
elsif session_type =~ /shell/ elsif session.type =~ /shell/
command_output = cmd_exec(command[0], command[1]) command_output = cmd_exec(command[0], command[1])
# Save data lo log folder # Save data lo log folder
file_local_write(log_folder+"//#{name}.txt",command_output) file_local_write(log_folder+"//#{name}.txt",command_output)
@ -222,9 +214,7 @@ class MetasploitModule < Msf::Post
end end
end end
def enum_accounts(log_folder,ver_num) def enum_accounts(log_folder,ver_num)
# Specific commands for Leopard and Snow Leopard # Specific commands for Leopard and Snow Leopard
leopard_commands = { leopard_commands = {
'Users' => ['/usr/bin/dscacheutil', '-q user'], 'Users' => ['/usr/bin/dscacheutil', '-q user'],
@ -261,13 +251,11 @@ class MetasploitModule < Msf::Post
file_local_write(log_folder + "//#{name}.txt", command_output) file_local_write(log_folder + "//#{name}.txt", command_output)
end end
end end
end end
# Method for getting SSH and GPG Keys # Method for getting SSH and GPG Keys
def get_crypto_keys(log_folder) def get_crypto_keys(log_folder)
# Run commands according to the session type # Run commands according to the session type
if session.type =~ /shell/ if session.type =~ /shell/
@ -349,7 +337,6 @@ class MetasploitModule < Msf::Post
end end
end end
end end
end end
end end
end end
@ -381,7 +368,6 @@ class MetasploitModule < Msf::Post
end end
end end
print_status("Screenshot Captured") print_status("Screenshot Captured")
end end
end end