Initial code cleanup and multi compatibility work

bug/bundler_fix
Josh Hale 2017-04-16 22:19:26 -05:00 committed by Brent Cook
parent 6a1612d18d
commit f670fcddcb
1 changed files with 97 additions and 61 deletions

View File

@ -8,7 +8,7 @@ class MetasploitModule < Msf::Post
def initialize(info={}) def initialize(info={})
super( update_info( info, super( update_info( info,
'Name' => 'Windows Manage Network Route via Meterpreter Session', 'Name' => 'Multi Manage Network Route via Meterpreter Session',
'Description' => %q{This module manages session routing via an existing 'Description' => %q{This module manages session routing via an existing
Meterpreter session. It enables other modules to 'pivot' through a Meterpreter session. It enables other modules to 'pivot' through a
compromised host when connecting to the named NETWORK and SUBMASK. compromised host when connecting to the named NETWORK and SUBMASK.
@ -21,7 +21,7 @@ class MetasploitModule < Msf::Post
'Author' => 'Author' =>
[ [
'todb', 'todb',
'Josh Hale <jhale85446[at]gmail.com>' 'Josh Hale "sn0wfa11" <jhale85446[at]gmail.com>'
], ],
'SessionTypes' => [ 'meterpreter'] 'SessionTypes' => [ 'meterpreter']
)) ))
@ -60,7 +60,7 @@ class MetasploitModule < Msf::Post
when :add when :add
if validate_cmd(datastore['SUBNET'],netmask) if validate_cmd(datastore['SUBNET'],netmask)
print_status("Adding a route to %s/%s..." % [datastore['SUBNET'],netmask]) print_status("Adding a route to %s/%s..." % [datastore['SUBNET'],netmask])
add_route(:subnet => datastore['SUBNET'], :netmask => netmask) add_route(datastore['SUBNET'], netmask)
end end
when :autoadd when :autoadd
autoadd_routes autoadd_routes
@ -69,21 +69,21 @@ class MetasploitModule < Msf::Post
when :delete when :delete
if datastore['SUBNET'] if datastore['SUBNET']
print_status("Deleting route to %s/%s..." % [datastore['SUBNET'],netmask]) print_status("Deleting route to %s/%s..." % [datastore['SUBNET'],netmask])
delete_route(:subnet => datastore['SUBNET'], :netmask => netmask) delete_route(datastore['SUBNET'], netmask)
else else
delete_all_routes() delete_all_routes()
end end
end end
end end
# Delete all routes from framework routing table.
#
# @return [void] A useful return value is not expected here
def delete_all_routes def delete_all_routes
if Rex::Socket::SwitchBoard.routes.size > 0 if Rex::Socket::SwitchBoard.routes.size > 0
routes = []
Rex::Socket::SwitchBoard.each do |route| Rex::Socket::SwitchBoard.each do |route|
routes << {:subnet => route.subnet, :netmask => route.netmask} delete_route(route.subnet, route.netmask)
end end
routes.each {|route_opts| delete_route(route_opts)}
print_status "Deleted all routes" print_status "Deleted all routes"
else else
print_status "No routes have been added yet" print_status "No routes have been added yet"
@ -152,16 +152,52 @@ class MetasploitModule < Msf::Post
end end
end end
# Adds a route to the framework instance # This function adds a route to the framework routing table
def add_route(opts={}) #
subnet = opts[:subnet] # @subnet [string class] subnet to add
Rex::Socket::SwitchBoard.add_route(subnet, netmask, session) # @netmask [string class] netmask
# @origin [string class] where route is coming from. Nill for none.
#
# @return [true] If added
# @return [false] If not
def add_route(subnet, netmask, origin)
if origin
origin = " from #{origin}"
else
origin = ""
end end
# Removes a route to the framework instance begin
def delete_route(opts={}) if Rex::Socket::SwitchBoard.add_route(subnet, netmask, session)
subnet = opts[:subnet] print_good("Route added to subnet #{subnet}/#{netmask}#{origin}.")
return true
else
print_error("Could not add route to subnet #{subnet}/#{netmask}#{origin}.")
return false
end
rescue ::Rex::Post::Meterpreter::RequestError => re
print_error("Could not add route to subnet #{subnet}/#{netmask}#{origin}.")
print_error("#{re.class} #{re.message}\n#{re.backtrace * "\n"}")
return false
end
end
# This function removes a route to the framework routing table
#
# @subnet [string class] subnet to add
# @netmask [string class] netmask
# @origin [string class] where route is coming from.
#
# @return [true] If removed
# @return [false] If not
def delete_route(subnet, netmask)
begin
Rex::Socket::SwitchBoard.remove_route(subnet, netmask, session) Rex::Socket::SwitchBoard.remove_route(subnet, netmask, session)
rescue ::Rex::Post::Meterpreter::RequestError => re
print_error("Could not remove route to subnet #{subnet}/#{netmask}")
print_error("#{re.class} #{re.message}\n#{re.backtrace * "\n"}")
return false
end
end end
# This function will exclude loopback, multicast, and default routes # This function will exclude loopback, multicast, and default routes
@ -188,26 +224,22 @@ class MetasploitModule < Msf::Post
# #
# @return [void] A useful return value is not expected here # @return [void] A useful return value is not expected here
def autoadd_routes def autoadd_routes
switch_board = Rex::Socket::SwitchBoard.instance return unless route_compatible?
print_status("Searching for subnets to autoroute.") print_status("Searching for subnets to autoroute.")
found = false found = false
begin
session.net.config.each_route do | route | session.net.config.each_route do | route |
next unless is_routable?(route.subnet, route.netmask) next unless is_routable?(route.subnet, route.netmask)
next unless (Rex::Socket.is_ipv4?(route.subnet) && Rex::Socket.is_ipv4?(route.netmask)) # Pick out the IPv4 addresses
if !switch_board.route_exists?(route.subnet, route.netmask) if !Rex::Socket::SwitchBoard.route_exists?(route.subnet, route.netmask)
begin found = true if add_route(route.subnet, route.netmask, "host's routing table")
if Rex::Socket::SwitchBoard.add_route(route.subnet, route.netmask, session)
print_good("Route added to subnet #{route.subnet}/#{route.netmask} from host's routing table.")
found = true
else
print_error("Could not add route to subnet #{route.subnet}/#{route.netmask} from host's routing table.")
end
rescue ::Rex::Post::Meterpreter::RequestError => error
print_error("Could not add route to subnet #{route.subnet}/(#{route.netmask}) from host's routing table.")
print_error(error.to_s)
end end
end end
rescue ::Rex::Post::Meterpreter::RequestError => re
print_status("Unable to get routes from session, trying other methods.")
end end
if !autoadd_interface_routes && !found # Check interface list for more possible routes if !autoadd_interface_routes && !found # Check interface list for more possible routes
@ -221,9 +253,10 @@ class MetasploitModule < Msf::Post
# @return [true] A route from the interface list was added # @return [true] A route from the interface list was added
# @return [false] No additional routes were added # @return [false] No additional routes were added
def autoadd_interface_routes def autoadd_interface_routes
switch_board = Rex::Socket::SwitchBoard.instance return unless interface_compatible?
found = false found = false
begin
session.net.config.each_interface do | interface | # Step through each of the network interfaces session.net.config.each_interface do | interface | # Step through each of the network interfaces
(0..(interface.addrs.size - 1)).each do | index | # Step through the addresses for the interface (0..(interface.addrs.size - 1)).each do | index | # Step through the addresses for the interface
@ -231,27 +264,21 @@ class MetasploitModule < Msf::Post
ip_addr = interface.addrs[index] ip_addr = interface.addrs[index]
netmask = interface.netmasks[index] netmask = interface.netmasks[index]
next unless ip_addr =~ /\./ # Pick out the IPv4 addresses next unless (Rex::Socket.is_ipv4?(ip_addr) && Rex::Socket.is_ipv4?(netmask)) # Pick out the IPv4 addresses
next unless is_routable?(ip_addr, netmask) next unless is_routable?(ip_addr, netmask)
subnet = get_subnet(ip_addr, netmask) subnet = get_subnet(ip_addr, netmask)
if subnet if subnet
if !switch_board.route_exists?(subnet, netmask) if !Rex::Socket::SwitchBoard.route_exists?(subnet, netmask)
begin found = true if add_route(subnet, netmask, interface.mac_name)
if Rex::Socket::SwitchBoard.add_route(subnet, netmask, session) end
print_good("Route added to subnet #{subnet}/#{netmask} from #{interface.mac_name}.") end
found = true
else end
print_error("Could not add route to subnet #{subnet}/#{netmask} from #{interface.mac_name}")
end end
rescue ::Rex::Post::Meterpreter::RequestError => error rescue ::Rex::Post::Meterpreter::RequestError => error
print_error("Could not add route to subnet #{subnet}/(#{netmask}) from #{interface.mac_name}") print_error("Unable to get interface information from session.")
print_error(error.to_s)
end
end
end
end
end end
return found return found
end end
@ -319,17 +346,26 @@ class MetasploitModule < Msf::Post
print_status("Attempting to add a default route.") print_status("Attempting to add a default route.")
if !switch_board.route_exists?(subnet, mask) if !switch_board.route_exists?(subnet, mask)
begin add_route(subnet, mask, nil)
if Rex::Socket::SwitchBoard.add_route(subnet, mask, session)
print_good("Route added to subnet #{subnet}/#{mask}")
else
print_error("Could not add route to subnet #{subnet}/#{mask}")
end
rescue ::Rex::Post::Meterpreter::RequestError => error
print_error("Could not add route to subnet #{subnet}/(#{mask})")
print_error(error.to_s)
end end
end end
# Checks to see if the session has routing capabilities
#
# @return [true class] Session has routing capabilities
# @return [false class] Session does not
def route_compatible?
session.respond_to?(:net) &&
session.net.config.respond_to?(:each_route)
end
# Checks to see if the session has capabilities of accessing network interfaces
#
# @return [true class] Session has ability to access network interfaces
# @return [false class] Session does not
def interface_compatible?
session.respond_to?(:net) &&
session.net.config.respond_to?(:each_interface)
end end
# Validates the command options # Validates the command options
@ -353,6 +389,6 @@ class MetasploitModule < Msf::Post
print_error "Netmask invalid" print_error "Netmask invalid"
return false return false
end end
true return true
end end
end end