interface/route enumeration
git-svn-id: file:///home/svn/incoming/trunk@2396 4d416f70-5f16-0410-b530-b9f4589650daunstable
Matt Miller
parent
7fc78bdb34
commit
c33f10d611
|
|
@ -0,0 +1,109 @@
|
|||
#!/usr/bin/ruby
|
||||
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Tlv'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Net/Route'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Net/Interface'
|
||||
|
||||
module Rex
|
||||
module Post
|
||||
module Meterpreter
|
||||
module Extensions
|
||||
module Stdapi
|
||||
module Net
|
||||
|
||||
###
|
||||
#
|
||||
# Config
|
||||
# ------
|
||||
#
|
||||
# This class provides an interface to the network configuration
|
||||
# that exists on the remote machine, such as interfaces, and
|
||||
# routes.
|
||||
#
|
||||
###
|
||||
class Config
|
||||
|
||||
##
|
||||
#
|
||||
# Constructor
|
||||
#
|
||||
##
|
||||
|
||||
def initialize(client)
|
||||
self.client = client
|
||||
end
|
||||
|
||||
##
|
||||
#
|
||||
# Interfaces
|
||||
#
|
||||
##
|
||||
|
||||
# Enumerates each interface
|
||||
def each_interface(&block)
|
||||
get_interfaces().each(&block)
|
||||
end
|
||||
|
||||
# Returns an array of network interfaces with each element
|
||||
# being an Interface
|
||||
def get_interfaces
|
||||
request = Packet.create_request('stdapi_net_config_get_interfaces')
|
||||
ifaces = []
|
||||
|
||||
response = client.send_request(request)
|
||||
|
||||
response.each(TLV_TYPE_NETWORK_INTERFACE) { |iface|
|
||||
ifaces << Interface.new(
|
||||
iface.get_tlv_value(TLV_TYPE_IP),
|
||||
iface.get_tlv_value(TLV_TYPE_NETMASK),
|
||||
iface.get_tlv_value(TLV_TYPE_MAC_ADDRESS),
|
||||
iface.get_tlv_value(TLV_TYPE_MAC_NAME))
|
||||
}
|
||||
|
||||
return ifaces
|
||||
end
|
||||
|
||||
##
|
||||
#
|
||||
# Routing
|
||||
#
|
||||
##
|
||||
|
||||
# Enumerates each route
|
||||
def each_route(&block)
|
||||
get_routes().each(&block)
|
||||
end
|
||||
|
||||
# Returns an array of routes with each element being a Route
|
||||
def get_routes
|
||||
request = Packet.create_request('stdapi_net_config_get_routes')
|
||||
routes = []
|
||||
|
||||
response = client.send_request(request)
|
||||
|
||||
# Build out the array of routes
|
||||
response.each(TLV_TYPE_NETWORK_ROUTE) { |route|
|
||||
routes << Route.new(
|
||||
route.get_tlv_value(TLV_TYPE_SUBNET),
|
||||
route.get_tlv_value(TLV_TYPE_NETMASK),
|
||||
route.get_tlv_value(TLV_TYPE_GATEWAY))
|
||||
}
|
||||
|
||||
return routes
|
||||
end
|
||||
|
||||
# Adds a route to the target machine
|
||||
def add_route(subnet, netmask, gateway)
|
||||
end
|
||||
|
||||
# Removes a route from the target machine
|
||||
def remove_route(subnet, netmask, gateway)
|
||||
end
|
||||
|
||||
protected
|
||||
|
||||
attr_accessor :client
|
||||
|
||||
end
|
||||
|
||||
end; end; end; end; end; end
|
||||
|
|
@ -0,0 +1,56 @@
|
|||
#!/usr/bin/ruby
|
||||
|
||||
module Rex
|
||||
module Post
|
||||
module Meterpreter
|
||||
module Extensions
|
||||
module Stdapi
|
||||
module Net
|
||||
|
||||
###
|
||||
#
|
||||
# Interface
|
||||
# ---------
|
||||
#
|
||||
# This class represents a logical physical interface
|
||||
# on the remote machine.
|
||||
#
|
||||
###
|
||||
class Interface
|
||||
|
||||
##
|
||||
#
|
||||
# Constructor
|
||||
#
|
||||
##
|
||||
|
||||
def initialize(ip, netmask, mac_addr, mac_name)
|
||||
self.ip = convert_to_string(ip)
|
||||
self.netmask = convert_to_string(netmask)
|
||||
self.mac_addr = mac_addr
|
||||
self.mac_name = mac_name
|
||||
end
|
||||
|
||||
def pretty
|
||||
return sprintf(
|
||||
"#{mac_name}\n" +
|
||||
"Hardware MAC: %02x:%02x:%02x:%02x:%02x:%02x\n" +
|
||||
"IP Address : %s\n" +
|
||||
"Netmask : %s\n" +
|
||||
"\n",
|
||||
mac_addr[0], mac_addr[1], mac_addr[2], mac_addr[3],
|
||||
mac_addr[4], mac_addr[5], ip, netmask)
|
||||
end
|
||||
|
||||
attr_accessor :ip, :netmask, :mac_addr, :mac_name
|
||||
|
||||
protected
|
||||
|
||||
# Converts the raw network-byte order IP address into a string
|
||||
def convert_to_string(raw)
|
||||
return sprintf("%d.%d.%d.%d", raw[0], raw[1], raw[2], raw[3])
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
end; end; end; end; end; end
|
||||
|
|
@ -0,0 +1,48 @@
|
|||
#!/usr/bin/ruby
|
||||
|
||||
module Rex
|
||||
module Post
|
||||
module Meterpreter
|
||||
module Extensions
|
||||
module Stdapi
|
||||
module Net
|
||||
|
||||
###
|
||||
#
|
||||
# Route
|
||||
# -----
|
||||
#
|
||||
# Represents a logical network route.
|
||||
#
|
||||
###
|
||||
class Route
|
||||
|
||||
##
|
||||
#
|
||||
# Constructor
|
||||
#
|
||||
##
|
||||
|
||||
def initialize(subnet, netmask, gateway)
|
||||
self.subnet = convert_to_string(subnet)
|
||||
self.netmask = convert_to_string(netmask)
|
||||
self.gateway = convert_to_string(gateway)
|
||||
end
|
||||
|
||||
# Provides a pretty version of the route
|
||||
def pretty
|
||||
return sprintf("%16s %16s %16s", subnet, netmask, gateway)
|
||||
end
|
||||
|
||||
attr_accessor :subnet, :netmask, :gateway
|
||||
|
||||
protected
|
||||
|
||||
# Converts the raw network-byte order IP address into a string
|
||||
def convert_to_string(raw)
|
||||
return sprintf("%d.%d.%d.%d", raw[0], raw[1], raw[2], raw[3])
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
end; end; end; end; end; end
|
||||
|
|
@ -7,9 +7,10 @@ require 'Rex/Post/Meterpreter/Extensions/Stdapi/Tlv'
|
|||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Fs/Dir'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Fs/File'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Fs/FileStat'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/UI'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Net/Config'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Sys/Process'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Sys/Registry'
|
||||
require 'Rex/Post/Meterpreter/Extensions/Stdapi/UI'
|
||||
|
||||
module Rex
|
||||
module Post
|
||||
|
|
@ -50,6 +51,13 @@ class Stdapi < Extension
|
|||
'registry' => self.registry
|
||||
})
|
||||
},
|
||||
{
|
||||
'name' => 'net',
|
||||
'ext' => ObjectAliases.new(
|
||||
{
|
||||
'config' => Rex::Post::Meterpreter::Extensions::Stdapi::Net::Config.new(client)
|
||||
})
|
||||
},
|
||||
{
|
||||
'name' => 'ui',
|
||||
'ext' => UI.new(client)
|
||||
|
|
|
|||
|
|
@ -29,11 +29,23 @@ TLV_TYPE_FILE_PATH = TLV_META_TYPE_STRING | 1202
|
|||
TLV_TYPE_FILE_MODE = TLV_META_TYPE_STRING | 1203
|
||||
TLV_TYPE_STAT_BUF = TLV_META_TYPE_COMPLEX | 1220
|
||||
|
||||
##
|
||||
#
|
||||
# Net
|
||||
#
|
||||
##
|
||||
TLV_TYPE_HOST_NAME = TLV_META_TYPE_STRING | 1400
|
||||
TLV_TYPE_PORT = TLV_META_TYPE_UINT | 1401
|
||||
|
||||
DELETE_KEY_FLAG_RECURSIVE = (1 << 0)
|
||||
TLV_TYPE_SUBNET = TLV_META_TYPE_RAW | 1420
|
||||
TLV_TYPE_NETMASK = TLV_META_TYPE_RAW | 1421
|
||||
TLV_TYPE_GATEWAY = TLV_META_TYPE_RAW | 1422
|
||||
TLV_TYPE_NETWORK_ROUTE = TLV_META_TYPE_GROUP | 1423
|
||||
|
||||
TLV_TYPE_IP = TLV_META_TYPE_RAW | 1430
|
||||
TLV_TYPE_MAC_ADDRESS = TLV_META_TYPE_RAW | 1431
|
||||
TLV_TYPE_MAC_NAME = TLV_META_TYPE_STRING | 1432
|
||||
TLV_TYPE_NETWORK_INTERFACE = TLV_META_TYPE_GROUP | 1433
|
||||
|
||||
##
|
||||
#
|
||||
|
|
@ -55,6 +67,8 @@ TLV_TYPE_VALUE_NAME = TLV_META_TYPE_STRING | 1010
|
|||
TLV_TYPE_VALUE_TYPE = TLV_META_TYPE_UINT | 1011
|
||||
TLV_TYPE_VALUE_DATA = TLV_META_TYPE_RAW | 1012
|
||||
|
||||
DELETE_KEY_FLAG_RECURSIVE = (1 << 0)
|
||||
|
||||
# Process
|
||||
TLV_TYPE_BASE_ADDRESS = TLV_META_TYPE_UINT | 2000
|
||||
TLV_TYPE_ALLOCATION_TYPE = TLV_META_TYPE_UINT | 2001
|
||||
|
|
|
|||
Loading…
Reference in New Issue