Land #10171, Implement desktop shell and screensaver post modules

documentation/modules/post/multi/manage/open.md

@@ -0,0 +1,24 @@
+This module allows you to open arbitrary files or URLs on the target system.
+
+## Vulnerable Application
+
+The following platforms are supported:
+
+
+* Windows
+* Linux
+* OS X
+
+## Verification Steps
+
+1. Obtain a session.
+2. In msfconsole do `use post/multi/open`.
+3. Set the `SESSION` option.
+4. Set the `URI` to the URI you want to use (ex: `https://metasploit.com` or `file://mouhaha.txt`).
+5. Do `run`.
+
+## Options
+
+**URI**
+
+The URI that should be passed to the opening command, can be a webiste or a file.

documentation/modules/post/multi/manage/screensaver.md

@@ -0,0 +1,35 @@
+This module allows you to control the screensaver or lock the session.
+
+## Vulnerable Application
+
+The following platforms are supported:
+
+
+* Windows
+* Linux
+* OS X
+
+
+**WARNING**: only Linux supports stopping the screensaver.
+
+## Verification Steps
+
+1. Obtain a session.
+2. In msfconsole do `use post/multi/screensaver`.
+3. Set the `SESSION` option.
+4. Choose the action you want to perform via `set action NAME` (available actions described below).
+5. Do `run`.
+
+## Actions
+
+**LOCK**
+
+If you use `set action LOCK` the `run` command will lock the current session, the user will have to login again.
+
+**START**
+
+If you use `set action START` the `run` command will start the screensaver, depending on its settings the user may have to login again.
+
+**STOP**
+
+If you use `set action STOP` the `run` command will stop the screensaver.

modules/post/multi/manage/open.rb

@@ -0,0 +1,83 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+class MetasploitModule < Msf::Post
+  def initialize(info={})
+    super( update_info( info,
+      'Name'          => 'Open a file or URL on the target computer',
+      'Description'   => %q{
+        This module will open any file or URL specified with the URI format on the
+        target computer via the embedded commands such as 'open' or 'xdg-open'.
+      },
+      'License'       => MSF_LICENSE,
+      'Author'        => [ 'Eliott Teissonniere'],
+      'Platform'      => [ 'osx', 'linux', 'win' ],
+      'SessionTypes'  => [ 'shell', 'meterpreter' ]
+    ))
+
+    register_options(
+      [
+        OptString.new('URI', [true, 'URI path to open'])
+      ])
+  end
+
+  #
+  # The OSX version simply uses 'open'
+  #
+  def osx_open(uri)
+    begin
+      cmd_exec("open #{uri}")
+    rescue EOFError
+      return false
+    end
+
+    true
+  end
+
+  #
+  # The Linux version relies on 'xdg-open'
+  #
+  def linux_open(uri)
+    begin
+      cmd_exec("xdg-open #{uri}")
+    rescue EOFError
+      return false
+    end
+
+    true
+  end
+
+  def win_open(uri)
+    begin
+      cmd_exec("cmd.exe /c start #{uri}")
+    rescue EOFError
+      return false
+    end
+
+    true
+  end
+
+  def open(uri)
+    case session.platform
+    when 'osx'
+      return osx_open(uri)
+    when 'linux'
+      return linux_open(uri)
+    when 'windows'
+      return win_open(uri)
+    end
+  end
+
+  def run
+    uri = datastore['URI']
+
+    print_status("Opening #{uri}")
+    if open(uri)
+      print_good('Success')
+    else
+      print_error('Command failed')
+    end
+  end
+end

modules/post/multi/manage/screensaver.rb

@@ -0,0 +1,98 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+class MetasploitModule < Msf::Post
+  def initialize(info={})
+    super( update_info( info,
+      'Name'          => 'Multi Manage the screensaver of the target computer',
+      'Description'   => %q{
+        This module allows you to turn on or off the screensaver of the target computer and also
+        lock the current session.
+      },
+      'License'       => MSF_LICENSE,
+      'Author'        => [ 'Eliott Teissonniere'],
+      'Platform'      => [ 'linux', 'osx', 'win' ],
+      'SessionTypes'  => [ 'shell', 'meterpreter' ],
+      'Actions'       =>
+        [
+          [ 'LOCK',  { 'Description' => 'Lock the current session' } ],
+          [ 'START', { 'Description' => 'Start the screensaver, may lock the current session' } ],
+          [ 'STOP',  { 'Description' => 'Stop the screensaver, user may be prompted for its password' }]
+        ]
+    ))
+  end
+
+  #
+  # cmd_exec but with some controls and verbosity
+  #
+  def cmd_vexec(cmd)
+    print_status("Executing '#{cmd}'")
+
+    begin
+      cmd_exec(cmd)
+    rescue EOFError
+      print_error('Command failed')
+      return false
+    end
+
+    true
+  end
+
+  def lock_session
+    case session.platform
+    when 'linux'
+      cmd_vexec('xdg-screensaver lock')
+    when 'osx'
+      cmd_vexec('pmset displaysleepnow')
+    when 'windows'
+      cmd_vexec('rundll32 user32.dll,LockWorkStation')
+    end
+
+    true
+  end
+
+  def start_screensaver
+    case session.platform
+    when 'linux'
+      cmd_vexec('xdg-screensaver activate')
+    when 'osx'
+      cmd_vexec('open -a ScreenSaverEngine')
+    when 'windows'
+      cmd_vexec('powershell -w hidden -nop -c "Start-Process C:\\Windows\\System32\\scrnsave.scr"')
+    end
+
+    true
+  end
+
+  def stop_screensaver
+    case session.platform
+    when 'linux'
+      cmd_vexec('xdg-screensaver reset')
+    when 'osx'
+      print_error('Not supported on Mac OSX, you can still lock the screen or start the screensaver')
+      return false
+    when 'windows'
+      print_error('Not supported on Windows, you can still lock the screen or start the screensaver')
+      return false
+    end
+
+    true
+  end
+
+  def run
+    if action.nil?
+      print_error('Please specify an action')
+    end
+
+    case action.name
+     when 'LOCK'
+       return lock_session
+     when 'START'
+       return start_screensaver
+     when 'STOP'
+       return stop_screensaver
+    end
+  end
+end