msfrpc-simple 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. data/lib/msfrpc-simple/features/framework.rb +60 -96
  2. data/lib/msfrpc-simple/version.rb +1 -1
  3. metadata +1 -1
data/lib/msfrpc-simple/features/framework.rb CHANGED
@@ -15,63 +15,39 @@ module Msf
15
15
  # - auxiliary/scanner/smb/smb_enumshares
16
16
  # - auxiliary/scanner/smb/smb_enumusers
17
17
  modules_and_options = [
18
- {:module_name => "auxiliary/scanner/http/http_version",
19
- :module_option_string => "RHOSTS #{range}" },
20
- #{:module_name => "auxiliary/scanner/http/cert",
21
- # :module_option_string => "RHOSTS #{range}" },
22
- {:module_name => "auxiliary/scanner/ftp/ftp_version",
23
- :module_option_string => "RHOSTS #{range}" },
24
- {:module_name => "auxiliary/scanner/h323/h323_version",
25
- :module_option_string => "RHOSTS #{range}" },
26
- {:module_name => "auxiliary/scanner/imap/imap_version",
27
- :module_option_string => "RHOSTS #{range}" },
28
- #{:module_name => "auxiliary/scanner/portscan/syn",
29
- #:module_option_string => "RHOSTS #{range}" },
30
- #{:module_name => "auxiliary/scanner/portscan/tcp",
31
- #:module_option_string => "RHOSTS #{range}" },
32
- #{:module_name => "auxiliary/scanner/lotus/lotus_domino_version",
33
- #:module_option_string => "RHOSTS #{range}" },
34
- {:module_name => "auxiliary/scanner/mysql/mysql_version",
35
- :module_option_string => "RHOSTS #{range}" },
36
- #{:module_name => "auxiliary/scanner/netbios/nbname",
37
- #:module_option_string => "RHOSTS #{range}" },
38
- #{:module_name => "auxiliary/scanner/netbios/nbname_probe",
39
- #:module_option_string => "RHOSTS #{range}" },
40
- #{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_tcp",
41
- #:module_option_string => "RHOSTS #{range}" },
42
- #{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_udp",
43
- #:module_option_string => "RHOSTS #{range}" },
44
- {:module_name => "auxiliary/scanner/pop3/pop3_version",
45
- :module_option_string => "RHOSTS #{range}" },
46
- {:module_name => "auxiliary/scanner/postgres/postgres_version",
47
- :module_option_string => "RHOSTS #{range}" },
48
- {:module_name => "auxiliary/scanner/smb/smb_version",
49
- :module_option_string => "RHOSTS #{range}" },
50
- {:module_name => "auxiliary/scanner/snmp/snmp_enum",
51
- :module_option_string => "RHOSTS #{range}" },
52
- {:module_name => "auxiliary/scanner/ssh/ssh_version",
53
- :module_option_string => "RHOSTS #{range}" },
54
- {:module_name => "auxiliary/scanner/telnet/telnet_version",
55
- :module_option_string => "RHOSTS #{range}" },
56
- #{:module_name => "auxiliary/scanner/vmware/vmauthd_version",
57
- #:module_option_string => "RHOSTS #{range}" },
18
+ {:module_name => "auxiliary/scanner/http/http_version"},
19
+ #{:module_name => "auxiliary/scanner/http/cert"},
20
+ {:module_name => "auxiliary/scanner/ftp/ftp_version"},
21
+ {:module_name => "auxiliary/scanner/h323/h323_version"},
22
+ {:module_name => "auxiliary/scanner/imap/imap_version"},
23
+ #{:module_name => "auxiliary/scanner/portscan/syn"},
24
+ #{:module_name => "auxiliary/scanner/portscan/tcp"},
25
+ #{:module_name => "auxiliary/scanner/lotus/lotus_domino_version"},
26
+ {:module_name => "auxiliary/scanner/mysql/mysql_version"},
27
+ #{:module_name => "auxiliary/scanner/netbios/nbname"},
28
+ #{:module_name => "auxiliary/scanner/netbios/nbname_probe"},
29
+ #{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_tcp"},
30
+ #{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_udp"},
31
+ {:module_name => "auxiliary/scanner/pop3/pop3_version"},
32
+ {:module_name => "auxiliary/scanner/postgres/postgres_version"},
33
+ {:module_name => "auxiliary/scanner/smb/smb_version"},
34
+ {:module_name => "auxiliary/scanner/snmp/snmp_enum"},
35
+ {:module_name => "auxiliary/scanner/ssh/ssh_version"},
36
+ {:module_name => "auxiliary/scanner/telnet/telnet_version"},
37
+ #{:module_name => "auxiliary/scanner/vmware/vmauthd_version"},
58
38
  ]
59
39
 
60
- # This is a naive and horrible way of doing it, but let's just knock
61
- # out the basic thing first. For each module in our list...
62
- module_output_data_string = ""
63
- modules_and_options.each do |module_and_options|
64
-
65
- module_name = module_and_options[:module_name]
66
- module_option_string = module_and_options[:module_option_string]
40
+ output = ""
41
+ module_list.each do |m|
42
+ # Merge in default options
43
+ m[:module_option_string] = "RHOSTS #{range}"
67
44
 
68
45
  # store this module's name in the output
69
- module_output_data_string += "=== #{module_name} #{module_option_string} ===\n"
70
-
71
- module_output_data_string += execute_module_and_return_output(module_and_options)
46
+ output += "=== #{m[:module_name]} ===\n"
47
+ output += execute_module_and_return_output(m)
72
48
  end
73
49
 
74
- module_output_data_string
50
+ output
75
51
  end
76
52
 
77
53
 
@@ -80,45 +56,30 @@ module Msf
80
56
  #
81
57
  def bruteforce_range(range)
82
58
 
83
- modules_and_options = [
84
- {:module_name => "auxiliary/scanner/ftp/ftp_login",
85
- :module_option_string => "RHOSTS #{range}" },
86
- {:module_name => "auxiliary/scanner/http/http_login",
87
- :module_option_string => "RHOSTS #{range}" },
88
- {:module_name => "auxiliary/scanner/smb/smb_login",
89
- :module_option_string => "RHOSTS #{range}" },
90
- {:module_name => "auxiliary/scanner/mssql/mssql_login",
91
- :module_option_string => "RHOSTS #{range}" },
92
- {:module_name => "auxiliary/scanner/mysql/mysql_login",
93
- :module_option_string => "RHOSTS #{range}" },
94
- {:module_name => "auxiliary/scanner/pop3/pop3_login",
95
- :module_option_string => "RHOSTS #{range}" },
96
- {:module_name => "auxiliary/scanner/smb/smb_login",
97
- :module_option_string => "RHOSTS #{range}" },
98
- {:module_name => "auxiliary/scanner/snmp/snmp_login",
99
- :module_option_string => "RHOSTS #{range}" },
100
- {:module_name => "auxiliary/scanner/ssh/ssh_login",
101
- :module_option_string => "RHOSTS #{range}" },
102
- {:module_name => "auxiliary/scanner/telnet/telnet_login",
103
- :module_option_string => "RHOSTS #{range}" },
59
+ module_list = [
60
+ #{:module_name => "auxiliary/scanner/ftp/ftp_login"},
61
+ #{:module_name => "auxiliary/scanner/http/http_login"},
62
+ #{:module_name => "auxiliary/scanner/smb/smb_login"},
63
+ #{:module_name => "auxiliary/scanner/mssql/mssql_login"},
64
+ #{:module_name => "auxiliary/scanner/mysql/mysql_login"},
65
+ #{:module_name => "auxiliary/scanner/pop3/pop3_login"},
66
+ #{:module_name => "auxiliary/scanner/smb/smb_login"},
67
+ #{:module_name => "auxiliary/scanner/snmp/snmp_login"},
68
+ {:module_name => "auxiliary/scanner/ssh/ssh_login"},
69
+ #{:module_name => "auxiliary/scanner/telnet/telnet_login"},
104
70
  ]
105
71
 
106
- # This is a naive and horrible way of doing it, but let's just knock
107
- # out the basic thing first. For each module in our list...
108
- module_output_data_string = ""
109
- modules_and_options.each do |module_and_options|
110
-
111
- module_name = module_and_options[:module_name]
112
- module_option_string = module_and_options[:module_option_string]
72
+ output = ""
73
+ module_list.each do |m|
74
+ #m[:module_option_string] = "RHOSTS #{range}, USER_FILE /opt/metasploit/msf3/data/wordlists/unix_users.txt, PASS_FILE /opt/metasploit/msf3/data/wordlists/unix_passwords.txt"
75
+ m[:module_option_string] = "RHOSTS #{range}, USERNAME root, PASSWORD root"
113
76
 
114
77
  # store this module's name in the output
115
- module_output_data_string += "=== #{module_name} #{module_option_string} ===\n"
116
-
117
- module_output_data_string += execute_module_and_return_output(module_and_options)
78
+ output += "=== #{m[:module_name]} ===\n"
79
+ output += execute_module_and_return_output(m)
118
80
  end
119
81
 
120
- module_output_data_string
121
-
82
+ output
122
83
  end
123
84
 
124
85
  #
@@ -133,14 +94,16 @@ module Msf
133
94
  #
134
95
  def execute_module_and_return_output(options)
135
96
  module_name = options[:module_name]
136
- #module_options = options[:module_options]
137
97
  module_option_string = options[:module_option_string]
138
98
 
99
+ puts "module: #{module_name}"
100
+ puts "options: #{module_option_string}"
101
+
139
102
  # split up the module name into type / name
140
103
  module_type = module_name.split("/").first
141
104
  raise "Error, bad module name" unless ["exploit", "auxiliary", "post", "encoder", "nop"].include? module_type
142
105
 
143
- #module_options["TARGET"] = 0 unless module_options["TARGET"]
106
+ # TODO - we may have to deal w/ targets somehow
144
107
 
145
108
  #info = @client.call("module.execute", module_type, module_name, module_options)
146
109
  #@client.call("job.info", info["job_id"])
@@ -151,6 +114,7 @@ module Msf
151
114
  # File, etc). For your use case, the best bet is to run the module
152
115
  # via the Console API instead of module.execute, and use that to read
153
116
  # the output from the console itself, which provides buffer output for you.
117
+ output = ""
154
118
 
155
119
  # Create the console and get its id
156
120
  console = @client.call("console.create")
@@ -165,12 +129,14 @@ module Msf
165
129
  # Set up the module's datastore
166
130
  module_option_string.split(",").each do |module_option|
167
131
  @client.call "console.write", console_id, "set #{module_option}\n"
168
- @client.call("console.read", console_id)
132
+ module_output = @client.call("console.read", console_id)
133
+ output += "#{module_output['data']}"
169
134
  end
170
135
 
171
136
  # Ugh, this is horrible, but the read call is currently racey
172
- 5.times do
173
- @client.call("console.read", console_id)
137
+ 5.times do
138
+ module_output = @client.call("console.read", console_id)
139
+ output += "#{module_output['data']}"
174
140
  end
175
141
 
176
142
  # Depending on the module_type, kick off the module
@@ -184,26 +150,24 @@ module Msf
184
150
 
185
151
  # do an initial read of the module's output
186
152
  module_output = @client.call("console.read", console_id)
187
- module_output_data_string = "#{module_output['data']}"
153
+ output += "#{module_output['data']}"
188
154
 
189
- return "Module Error" if module_output["result"] == "failure"
190
-
191
- while module_output["busy"] do
155
+ until !module_output["busy"] do
192
156
  module_output = @client.call("console.read", console_id)
193
- module_output_data_string += "#{module_output['data']}"
157
+ output += "#{module_output['data']}"
194
158
  return "Module Error" if module_output["result"] == "failure"
195
159
  end
196
160
 
197
161
  # Ugh, this is horrible, but the read call is currently racey
198
162
  5.times do
199
163
  module_output = @client.call("console.read", console_id)
200
- module_output_data_string += "#{module_output['data']}"
164
+ output += "#{module_output['data']}"
201
165
  end
202
166
 
203
167
  # Clean up
204
168
  @client.call("console.destroy", console_id)
205
169
 
206
- module_output_data_string
170
+ output
207
171
  end
208
172
 
209
173
  end
data/lib/msfrpc-simple/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module Msf
2
2
  module RPC
3
3
  module Simple
4
- VERSION = "0.0.5"
4
+ VERSION = "0.0.6"
5
5
  end
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: msfrpc-simple
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.6
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors: