diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index b8b85f9b7a..e918d25150 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -480,7 +480,7 @@ class DBManager }) if wait return nil if task.wait() != :done - return ret[:service] + return ret[:note] end return task end @@ -714,6 +714,84 @@ class DBManager }) end + # + # Loot collection + # + # + # This method iterates the loot table calling the supplied block with the + # instance of each entry. + # + def each_loot(wspace=workspace, &block) + wspace.loots.each do |note| + block.call(note) + end + end + + # + # Find or create a loot matching this type/data + # + def find_or_create_loot(opts) + report_loot(opts.merge({:wait => true})) + end + + def report_loot(opts) + return if not active + wait = opts.delete(:wait) + wspace = opts.delete(:workspace) || workspace + path = opts.delete(:loot) + host = nil + addr = nil + + # Report the host so it's there for the Proc to use below + if opts[:host] + if opts[:host].kind_of? Host + host = opts[:host] + else + report_host({:workspace => wspace, :host => opts[:host]}) + addr = opts[:host] + end + end + + ret = {} + task = queue(Proc.new { + if addr and not host + host = get_host(:workspace => wspace, :host => addr) + end + + ltype = opts.delete(:type) || opts.delete(:ltype) || return + data = opts[:data] + loot = wspace.loots.new + + if host + loot.host_id = host[:id] + end + if opts[:service] and opts[:service].kind_of? Service + loot.service_id = opts[:service][:id] + end + + loot.path = path + loot.ltype = ltype + loot.data = data + loot.save! + + ret[:loot] = loot + }) + + if wait + return nil if task.wait() != :done + return ret[:loot] + end + return task + end + + # + # This methods returns a list of all notes in the database + # + def loots(wspace=workspace) + wspace.loots + end + + # # WMAP # Support methods diff --git a/lib/msf/core/exploit/telnet.rb b/lib/msf/core/exploit/telnet.rb index 480063f5d8..37be66808e 100644 --- a/lib/msf/core/exploit/telnet.rb +++ b/lib/msf/core/exploit/telnet.rb @@ -191,6 +191,9 @@ module Exploit::Remote::Telnet # def recv_telnet(fd=self.sock, timeout=datastore['TelnetTimeout']) + data = '' + + begin data = fd.get_once(-1, timeout.to_i) return nil if not data or data.length == 0 @@ -245,6 +248,10 @@ module Exploit::Remote::Telnet @trace << data @recvd << data fd.flush + + rescue ::EOFError, ::Errno::EPIPE + end + data end diff --git a/lib/msf/core/model.rb b/lib/msf/core/model.rb index 060e1f017e..39e3f8be9f 100644 --- a/lib/msf/core/model.rb +++ b/lib/msf/core/model.rb @@ -1,3 +1,5 @@ +require 'msf/core/model/user' +require 'msf/core/model/loot' require 'msf/core/model/client' require 'msf/core/model/event' require 'msf/core/model/host' @@ -9,3 +11,4 @@ require 'msf/core/model/vuln' require 'msf/core/model/wmap_target' require 'msf/core/model/wmap_request' + diff --git a/lib/msf/core/model/loot.rb b/lib/msf/core/model/loot.rb new file mode 100644 index 0000000000..ff54912832 --- /dev/null +++ b/lib/msf/core/model/loot.rb @@ -0,0 +1,16 @@ +module Msf +class DBManager + +class Loot < ActiveRecord::Base + include DBSave + + belongs_to :workspace + belongs_to :host + belongs_to :service + + serialize :data +end + +end +end + diff --git a/lib/msf/core/model/user.rb b/lib/msf/core/model/user.rb new file mode 100644 index 0000000000..ca4378d588 --- /dev/null +++ b/lib/msf/core/model/user.rb @@ -0,0 +1,10 @@ +module Msf +class DBManager + +class User < ActiveRecord::Base + include DBSave +end + +end +end + diff --git a/modules/auxiliary/scanner/telnet/telnet_login.rb b/modules/auxiliary/scanner/telnet/telnet_login.rb index e660abbcc1..7ef2505ea7 100644 --- a/modules/auxiliary/scanner/telnet/telnet_login.rb +++ b/modules/auxiliary/scanner/telnet/telnet_login.rb @@ -94,6 +94,8 @@ class Metasploit3 < Msf::Auxiliary connect + begin + print_status("#{rhost}:#{rport} Banner: #{@recvd.gsub(/[\r\n\e\b\a]/, ' ')}") if datastore['VERBOSE'] if login_succeeded? @@ -151,6 +153,12 @@ class Metasploit3 < Msf::Auxiliary end end + rescue ::Interrupt + raise $! + rescue ::Exception => e + print_error("#{rhost}:#{rport} Error: #{e.class} #{e} #{e.backtrace}") + end + end def report_telnet(user,pass,proof)