fixes #587; add http xmlrpc support from Ryan Linn, invoke it with 'load xmlrpc ServerType=Web' or ./msfrpcd -t Web
git-svn-id: file:///home/svn/framework3/trunk@7667 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
e427bd5f81
commit
dfabd1e3fc
|
@ -125,8 +125,8 @@ class Module < Base
|
|||
def execute(token, mtype, mname, opts)
|
||||
authenticate(token)
|
||||
|
||||
begin
|
||||
mod = _find_module(mtype,mname)
|
||||
begin
|
||||
case mtype
|
||||
when 'exploit'
|
||||
_run_exploit(mod, opts)
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
require "xmlrpc/server"
|
||||
require 'rex/service_manager'
|
||||
require "rex"
|
||||
|
||||
|
||||
module Msf
|
||||
module RPC
|
||||
class Service < ::XMLRPC::BasicServer
|
||||
|
@ -71,5 +73,69 @@ class Service < ::XMLRPC::BasicServer
|
|||
end
|
||||
|
||||
end
|
||||
|
||||
class WebService < ::XMLRPC::BasicServer
|
||||
|
||||
attr_accessor :service, :state, :srvhost, :srvport, :uri
|
||||
|
||||
|
||||
def initialize(port, host, uri = "/RPC2")
|
||||
self.srvhost = host
|
||||
self.srvport = port
|
||||
self.uri = uri
|
||||
self.service = nil
|
||||
super()
|
||||
end
|
||||
|
||||
def start
|
||||
self.state = {}
|
||||
self.service = Rex::ServiceManager.start(
|
||||
Rex::Proto::Http::Server,
|
||||
self.srvport ,
|
||||
self.srvhost,
|
||||
{
|
||||
}
|
||||
)
|
||||
|
||||
uopts = {
|
||||
'Proc' => Proc.new { |cli, req|
|
||||
on_request_uri(cli, req)
|
||||
},
|
||||
'Path' => self.uri
|
||||
}
|
||||
|
||||
self.service.add_resource(self.uri,uopts)
|
||||
end
|
||||
|
||||
def stop
|
||||
self.state = {}
|
||||
self.service.stop
|
||||
end
|
||||
|
||||
def wait
|
||||
self.service.wait
|
||||
end
|
||||
|
||||
def on_client_close(c)
|
||||
self.state.delete(c)
|
||||
end
|
||||
|
||||
def on_client_connect(c)
|
||||
self.state[c] = ""
|
||||
end
|
||||
def on_request_uri(cli, req)
|
||||
begin
|
||||
res = Rex::Proto::Http::Response.new()
|
||||
res.body = process(req.body)
|
||||
rescue XMLRPC::FaultException => e
|
||||
res = Rex::Proto::Http::Response.new(e.faultCode,e.faultString)
|
||||
rescue
|
||||
res = Rex::Proto::Http::Response.new(404,"An Error Occured")
|
||||
end
|
||||
cli.send_response(res)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
13
msfrpcd
13
msfrpcd
|
@ -21,6 +21,8 @@ arguments = Rex::Parser::Arguments.new(
|
|||
"-p" => [ true, "Bind to this port instead of 55553" ],
|
||||
"-U" => [ true, "Specify the username to access msfrpcd" ],
|
||||
"-P" => [ true, "Specify the password to access msfrpcd" ],
|
||||
"-t" => [ true, "Server type, [Basic|Web]" ],
|
||||
"-u" => [ true, "URI for Web server" ],
|
||||
"-S" => [ false, "Disable SSL on the XMLRPC socket" ],
|
||||
"-f" => [ false, "Run the daemon in the foreground" ],
|
||||
"-h" => [ false, "Help banner" ])
|
||||
|
@ -29,7 +31,8 @@ opts = {
|
|||
'RunInForeground' => true,
|
||||
'SSL' => true,
|
||||
'ServerHost' => '0.0.0.0',
|
||||
'ServerPort' => 55553
|
||||
'ServerPort' => 55553,
|
||||
'ServerType' => 'Basic'
|
||||
}
|
||||
|
||||
foreground = false
|
||||
|
@ -50,6 +53,10 @@ arguments.parse(ARGV) { |opt, idx, val|
|
|||
opts['Pass'] = val
|
||||
when "-f"
|
||||
foreground = true
|
||||
when "-t"
|
||||
opts['ServerType'] = val
|
||||
when "-u"
|
||||
opts['URI'] = val
|
||||
when "-h"
|
||||
print("\nUsage: #{File.basename(__FILE__)} <options>\n" + arguments.usage)
|
||||
exit
|
||||
|
@ -63,7 +70,9 @@ end
|
|||
|
||||
$0 = "msfrpcd"
|
||||
|
||||
$stderr.puts "[*] XMLRPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"})..."
|
||||
$stderr.puts "[*] XMLRPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"}):#{opts['ServerType']}..."
|
||||
|
||||
$stderr.puts "[*] URI: #{opts['URI']}" if(opts['URI'])
|
||||
|
||||
# Create an instance of the framework
|
||||
$framework = Msf::Simple::Framework.create
|
||||
|
|
|
@ -45,13 +45,23 @@ class Plugin::XMLRPC < Msf::Plugin
|
|||
|
||||
user = opts['User'] || "msf"
|
||||
pass = opts['Pass'] || ::Rex::Text.rand_text_alphanumeric(8)
|
||||
type = opts['ServerType'] || "Basic"
|
||||
uri = opts['URI'] || "/RPC2"
|
||||
|
||||
print_status(" XMLRPC Service: #{host}:#{port} #{ssl ? " (SSL)" : ""}")
|
||||
print_status("XMLRPC Username: #{user}")
|
||||
print_status("XMLRPC Password: #{pass}")
|
||||
print_status("XMLRPC Server Type: #{type}")
|
||||
|
||||
@users = [ [user,pass] ]
|
||||
self.server = ::Msf::RPC::Service.new(host,port,ssl,cert,ckey)
|
||||
if(type == "Web")
|
||||
print_status("XMLRPC Web URI: #{uri}")
|
||||
self.server = ::Msf::RPC::WebService.new(port,host,uri)
|
||||
elsif(type == "Basic")
|
||||
self.server = ::Msf::RPC::Service.new(host,port,ssl,cert,ckey)
|
||||
else
|
||||
print_status("Invalid server type #{self.type}, please choose Web or Basic")
|
||||
end
|
||||
|
||||
# If the run in foreground flag is not specified, then go ahead and fire
|
||||
# it off in a worker thread.
|
||||
|
|
Loading…
Reference in New Issue