Merge branch 'master' of https://github.com/rapid7/metasploit-framework

2013-03-26 11:21:16 +01:00 · 2013-03-26 11:21:16 +01:00 · ae56bc0b37
parent 3c12459703 ee199f64cb
commit ae56bc0b37
7 changed files with 38 additions and 7 deletions
--- a/2
+++ b/2
@ -12,6 +12,8 @@ License: BSD-3-clause
 #
 # This license does not apply to third-party components detailed below.
 #
+# Last updated: 2013-Mar-25
+#

 Files: data/john/*
 Copyright: 1996-2011 Solar Designer.
--- a/data/gui/msfgui.jar
+++ b/data/gui/msfgui.jar
--- a/external/source/gui/msfguijava/src/msfgui/DbConnectDialog.java
+++ b/external/source/gui/msfguijava/src/msfgui/DbConnectDialog.java
@ -295,6 +295,9 @@ public class DbConnectDialog extends OptionsDialog {
 	}
 	/** Tries to connect to the database with given credentials */
 	private boolean tryConnect() throws MsfException{
+		Map status = (Map) rpcConn.execute("db.status");
+		if(status.containsKey("db"))
+			return true; // already connected
 		HashMap opts = new HashMap();
 		addNonempty("host", hostField, opts);
 		addNonempty("port", portField, opts);
--- a/external/source/gui/msfguijava/src/msfgui/MainFrame.java
+++ b/external/source/gui/msfguijava/src/msfgui/MainFrame.java
@ -171,7 +171,7 @@ public class MainFrame extends FrameView {
 			MsfguiApp.shuttingDown = true;
 			if(choice == JOptionPane.YES_OPTION)
 				rpcConn.execute("core.stop");
-			else if(choice == JOptionPane.NO_OPTION)
+			else if(choice == JOptionPane.NO_OPTION && rpcConn.username.length() > 0)
 				rpcConn.execute("auth.logout");
 		} catch (Exception ex) {
 		}
--- a/external/source/gui/msfguijava/src/msfgui/OpenConnectionDialog.java
+++ b/external/source/gui/msfguijava/src/msfgui/OpenConnectionDialog.java
@ -3,7 +3,10 @@ import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
 import java.awt.event.FocusEvent;
 import java.awt.event.FocusListener;
+import java.io.BufferedReader;
 import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
 import java.security.NoSuchAlgorithmException;
 import java.util.Map;
 import javax.swing.JFileChooser;
@ -120,6 +123,19 @@ public class OpenConnectionDialog extends javax.swing.JDialog {
 		} catch (NullPointerException nex) {//generated when attributes dont exist.
 		} catch (Exception ex) { //for weird msg exceptions
 		}
+		//Try service token on default 3790
+		BufferedReader fin = null;
+		try{
+			try{
+				fin = new BufferedReader(new FileReader(MsfguiApp.getMsfRoot().getParent()+"/apps/pro/engine/tmp/servicekey.txt"));
+			}catch(Exception iox2){
+				fin = new BufferedReader(new FileReader("/opt/metasploit/apps/pro/engine/tmp/servicekey.txt"));
+			}
+			RpcConnection rpc = RpcConnection.getConn("", fin.readLine().toCharArray(), "localhost", 3790, true);
+			if(javax.swing.JOptionPane.showConfirmDialog(null, "Connect to local rpcd?") == javax.swing.JOptionPane.YES_OPTION)
+				return rpc;
+		}catch(Exception iox){//file not found/unreadable/bad creds/etc. - ignore
+		}
 		//Darn. open the gui anyway
 		OpenConnectionDialog diag = new OpenConnectionDialog(true, mainframe);
 		diag.setVisible(true);
--- a/external/source/gui/msfguijava/src/msfgui/RpcConnection.java
+++ b/external/source/gui/msfguijava/src/msfgui/RpcConnection.java
@ -84,9 +84,15 @@ public abstract class RpcConnection {
 		String message = "";
 		try {
 			connect();
-			Map results = (Map)exec("auth.login",new Object[]{username, this.password});
-			rpcToken=results.get("token").toString();
-			haveRpcd=results.get("result").equals("success");
+			if(username == null || username.equals("")){
+				rpcToken = this.password;
+				execute("core.version"); //throws error if unsuccessful
+				haveRpcd = true;
+			}else{
+				Map results = (Map)exec("auth.login",new Object[]{username, this.password});
+				rpcToken=results.get("token").toString();
+				haveRpcd=results.get("result").equals("success");
+			}
 		} catch (MsfException xre) {
 			message = xre.getLocalizedMessage();
 		} catch (IOException io){
--- a/scripts/meterpreter/keylogrecorder.rb
+++ b/scripts/meterpreter/keylogrecorder.rb
@ -8,7 +8,7 @@ session = client
@@exec_opts = Rex::Parser::Arguments.new(
 	"-h"  => [ false, "Help menu." ],
 	"-t"  => [ true,  "Time interval in seconds between recollection of keystrokes, default 30 seconds." ],
-	"-c"  => [ true,  "Type of key capture. (0) for user key presses or (1) for winlogon credential capture Default is 0." ],
+	"-c"  => [ true,  "Type of key capture. (0) for user key presses, (1) for winlogon credential capture, or (2) for no migration.  Default is 2." ],
 	"-l"  => [ false, "Lock screen when capturing Winlogon credentials."],
 	"-k" => [ false, "Kill old Process"]
 )
@ -40,7 +40,7 @@ logfile = logs + ::File::Separator + host + filenameinfo + ".txt"
 keytime = 30

 #Type of capture
-captype = 0
+captype = 2
 # Function for locking the screen -- Thanks for the idea and API call Mubix
 def lock_screen
 	print_status("Locking Screen...")
@ -191,7 +191,11 @@ kill = false
 	end
 }
 if client.platform =~ /win32|win64/
-	if explrmigrate(session,captype,lock, kill)
+	if (captype.to_i == 2)
+		if startkeylogger(session)
+			keycap(session, keytime, logfile)
+		end
+	elsif explrmigrate(session,captype,lock, kill)
 		if startkeylogger(session)
 			keycap(session, keytime, logfile)
 		end