metasploit-framework/lib/msf/base/sessions/scriptable.rb

130 lines
3.8 KiB
Ruby

# -*- coding: binary -*-
module Msf::Session
module Scriptable
def self.included(base)
base.extend(ClassMethods)
end
module ClassMethods
#
# If the +script+ exists, return its path. Otherwise return nil
#
def find_script_path(script)
# Find the full file path of the specified argument
check_paths =
[
script,
::File.join(script_base, "#{script}"),
::File.join(script_base, "#{script}.rb"),
::File.join(user_script_base, "#{script}"),
::File.join(user_script_base, "#{script}.rb")
]
full_path = nil
# Scan all of the path combinations
check_paths.each { |path|
if ::File.exist?(path)
full_path = path
break
end
}
full_path
end
def script_base
::File.join(Msf::Config.script_directory, self.type)
end
def user_script_base
::File.join(Msf::Config.user_script_directory, self.type)
end
end
#
# Override
#
def execute_file
raise NotImplementedError
end
#
# Executes the supplied script, Post module, or local Exploit module with
# arguments +args+
#
# Will search the script path.
#
def execute_script(script_name, *args)
mod = framework.modules.create(script_name)
if mod
# Don't report module run events here as it will be taken care of
# in +Post.run_simple+
opts = { 'SESSION' => self.sid }
args.each do |arg|
k,v = arg.split("=", 2)
# case doesn't matter in datastore, but it does in hashes, let's normalize
opts[k.downcase] = v
end
if mod.type == "post"
mod.run_simple(
# Run with whatever the default stance is for now. At some
# point in the future, we'll probably want a way to force a
# module to run in the background
#'RunAsJob' => true,
'LocalInput' => self.user_input,
'LocalOutput' => self.user_output,
'Options' => opts
)
elsif mod.type == "exploit"
# well it must be a local, we're not currently supporting anything else
if mod.exploit_type == "local"
# get a copy of the session exploit's datastore if we can
original_exploit_datastore = self.exploit.datastore || {}
copy_of_orig_exploit_datastore = original_exploit_datastore.clone
# convert datastore opts to a hash to normalize casing issues
local_exploit_opts = {}
copy_of_orig_exploit_datastore.each do |k,v|
local_exploit_opts[k.downcase] = v
end
# we don't want to inherit a couple things, like AutoRunScript's
to_neuter = %w{AutoRunScript InitialAutoRunScript LPORT TARGET}
to_neuter.each do |setting|
local_exploit_opts.delete(setting.downcase)
end
# merge in any opts that were passed in, defaulting all other settings
# to the values from the datastore (of the exploit) that spawned the
# session
local_exploit_opts = local_exploit_opts.merge(opts)
new_session = mod.exploit_simple(
'Payload' => local_exploit_opts.delete('payload'),
'Target' => local_exploit_opts.delete('target'),
'LocalInput' => self.user_input,
'LocalOutput' => self.user_output,
'Options' => local_exploit_opts
)
end # end if local
end # end if exploit
else
full_path = self.class.find_script_path(script_name)
# No path found? Weak.
if full_path.nil?
print_error("The specified script could not be found: #{script_name}")
return true
end
framework.events.on_session_script_run(self, full_path)
execute_file(full_path, args)
end
end
end
end