msfrpc-simple 0.0.7 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +1 -0
- data/lib/msfrpc-simple/client.rb +76 -61
- data/lib/msfrpc-simple/features/framework.rb +164 -67
- data/lib/msfrpc-simple/version.rb +1 -1
- metadata +4 -6
- data/lib/.DS_Store +0 -0
- data/lib/msfrpc-simple/.DS_Store +0 -0
- data/lib/msfrpc-simple/features/.DS_Store +0 -0
data/.gitignore
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
.DS_Store
|
data/lib/msfrpc-simple/client.rb
CHANGED
|
@@ -14,8 +14,6 @@ module Msf
|
|
|
14
14
|
include Msf::RPC::Simple::Features::Framework
|
|
15
15
|
include Msf::RPC::Simple::Features::Pro
|
|
16
16
|
|
|
17
|
-
#attr_accessor :options
|
|
18
|
-
|
|
19
17
|
# Public: Create a simple client object.
|
|
20
18
|
#
|
|
21
19
|
# user_options - hash of options to include in our initial connection.
|
|
@@ -26,16 +24,16 @@ module Msf
|
|
|
26
24
|
|
|
27
25
|
# configure default options
|
|
28
26
|
@options = {
|
|
29
|
-
:project => user_options[:project] || "default",
|
|
27
|
+
:project => user_options[:project] || "default",
|
|
30
28
|
:port => user_options[:project] || 55553,
|
|
31
|
-
:user => user_options[:rpc_user],
|
|
32
|
-
:pass => user_options[:rpc_pass],
|
|
29
|
+
:user => user_options[:rpc_user],
|
|
30
|
+
:pass => user_options[:rpc_pass],
|
|
33
31
|
:db_host => user_options[:db_host] || "localhost",
|
|
34
32
|
:db_user => user_options[:db_user],
|
|
35
33
|
:db_pass => user_options[:db_pass],
|
|
36
|
-
:
|
|
34
|
+
:db_name => user_options[:db_name] || "msf"
|
|
37
35
|
}
|
|
38
|
-
|
|
36
|
+
|
|
39
37
|
@options.merge!(user_options)
|
|
40
38
|
|
|
41
39
|
#
|
|
@@ -43,29 +41,46 @@ module Msf
|
|
|
43
41
|
#
|
|
44
42
|
@client = Msf::RPC::Client.new(@options)
|
|
45
43
|
|
|
46
|
-
#
|
|
47
|
-
# Connect to the database based on the included options
|
|
48
|
-
#
|
|
44
|
+
# connect to the database
|
|
49
45
|
_connect_database
|
|
46
|
+
end
|
|
50
47
|
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
48
|
+
# Public: clean up after ourselves
|
|
49
|
+
#
|
|
50
|
+
# Returns nothing
|
|
51
|
+
def cleanup
|
|
52
|
+
_send_command("hosts -d")
|
|
53
|
+
_send_command("services -d")
|
|
54
|
+
_send_command("creds -d")
|
|
55
|
+
end
|
|
56
56
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
57
|
+
# Public: list all running threads
|
|
58
|
+
#
|
|
59
|
+
# Returns a hash of running threads
|
|
60
|
+
def list_threads
|
|
61
|
+
@client.call("core.thread_list")
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
# Public: determine if we're connected to the RPC server
|
|
65
|
+
#
|
|
66
|
+
# returns true/false
|
|
67
|
+
def rpc_connected?
|
|
68
|
+
return false unless @client.call("core.version")
|
|
69
|
+
true
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
# Public: determine if we're connected to the RPC server
|
|
73
|
+
#
|
|
74
|
+
# returns true/false
|
|
75
|
+
def db_connected?
|
|
76
|
+
return false unless _send_command("db_status") =~ /connected/
|
|
77
|
+
true
|
|
61
78
|
end
|
|
62
79
|
|
|
63
80
|
# Public: Creates and retuns an xml report
|
|
64
81
|
#
|
|
65
82
|
# This method is ugly for a number of reasons, but there doesn't
|
|
66
83
|
# appear to be a way to be notified when the command is completed
|
|
67
|
-
# nor when the
|
|
68
|
-
#
|
|
69
84
|
#
|
|
70
85
|
# returns a valid xml string
|
|
71
86
|
def create_report
|
|
@@ -79,73 +94,73 @@ module Msf
|
|
|
79
94
|
begin
|
|
80
95
|
xml_string = ""
|
|
81
96
|
status = Timeout::timeout(240) {
|
|
82
|
-
# We don't know when the file is going to show up, so
|
|
97
|
+
# We don't know when the file is going to show up, so
|
|
83
98
|
# wait for it...
|
|
84
99
|
until File.exists? report_path do
|
|
85
|
-
|
|
100
|
+
sleep 1
|
|
86
101
|
end
|
|
87
102
|
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
103
|
+
# Read and clean up the file when it exists...
|
|
104
|
+
until xml_string.include? "</MetasploitV4>" do
|
|
105
|
+
sleep 5
|
|
106
|
+
xml_string = File.read(report_path)
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
File.delete(report_path)
|
|
95
110
|
}
|
|
96
111
|
rescue Timeout::Error
|
|
97
112
|
xml_string = "<MetasploitV4></MetasploitV4>"
|
|
98
113
|
end
|
|
99
114
|
|
|
100
|
-
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
def cleanup
|
|
104
|
-
#_send_command("workspace -d #{@workspace_name}")
|
|
105
|
-
_send_command("db_disconnect")
|
|
115
|
+
xml_string
|
|
106
116
|
end
|
|
107
117
|
|
|
108
|
-
def connected?
|
|
109
|
-
return true if @client.call("core.version")
|
|
110
|
-
end
|
|
111
118
|
|
|
112
119
|
private
|
|
113
120
|
|
|
121
|
+
# Private: connect to the database given the supplied / default options
|
|
122
|
+
#
|
|
123
|
+
# Returns nothing
|
|
114
124
|
def _connect_database
|
|
115
|
-
_send_command("db_connect #{@options[:db_user]}:#{@options[:db_pass]}@#{@options[:db_host]}/#{@options[:
|
|
116
|
-
end
|
|
117
|
-
|
|
118
|
-
def _create_workspace
|
|
119
|
-
_send_command("workspace -a #{@workspace_name}")
|
|
125
|
+
_send_command("db_connect #{@options[:db_user]}:#{@options[:db_pass]}@#{@options[:db_host]}/#{@options[:db_name]}")
|
|
120
126
|
end
|
|
121
127
|
|
|
128
|
+
# Private: provision a console and send the supplied command, capturing output
|
|
129
|
+
#
|
|
130
|
+
# Returns a valid string
|
|
122
131
|
def _send_command(command)
|
|
123
|
-
|
|
124
|
-
|
|
132
|
+
# Create the console and get its id
|
|
133
|
+
console = @client.call("console.create")
|
|
134
|
+
|
|
135
|
+
# Do an initial read / discard to pull out any info on the console
|
|
136
|
+
# then write the command to the console
|
|
137
|
+
@client.call("console.read", console["id"])
|
|
138
|
+
@client.call("console.write", console["id"], "#{command}\n")
|
|
125
139
|
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
140
|
+
# Initial read
|
|
141
|
+
output_string = ""
|
|
142
|
+
output = @client.call("console.read", console["id"])
|
|
143
|
+
output_string += "#{output['data']}"
|
|
130
144
|
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
145
|
+
# Very very hacky. -- There should be a way to check
|
|
146
|
+
# status of a call to make sure that it isn't in an error
|
|
147
|
+
# state. For now, check the output for known error heuristics
|
|
148
|
+
return output_string if output_string =~ /(\[-\]|Error)/
|
|
134
149
|
|
|
135
150
|
# Read until finished
|
|
136
|
-
while (output
|
|
151
|
+
while (!output.has_key?("result")) do
|
|
152
|
+
return unless output["busy"]
|
|
137
153
|
output_string += "#{output['data']}"
|
|
138
154
|
output = @client.call("console.read", console["id"])
|
|
139
|
-
|
|
155
|
+
return "Error" if output["result"] == "failure"
|
|
140
156
|
end
|
|
141
|
-
|
|
142
|
-
# Clean up console
|
|
143
|
-
#@client.call("console.destroy", console["id"])
|
|
144
157
|
|
|
145
|
-
|
|
146
|
-
|
|
158
|
+
# Clean up console
|
|
159
|
+
@client.call("console.destroy", console["id"])
|
|
147
160
|
|
|
161
|
+
output_string
|
|
162
|
+
end
|
|
148
163
|
end
|
|
149
164
|
end
|
|
150
165
|
end
|
|
151
|
-
end
|
|
166
|
+
end
|
|
@@ -1,114 +1,211 @@
|
|
|
1
1
|
module Msf
|
|
2
2
|
module RPC
|
|
3
3
|
module Simple
|
|
4
|
-
module Features
|
|
4
|
+
module Features
|
|
5
5
|
module Framework
|
|
6
6
|
|
|
7
|
+
# Public: This module runs a db_nmap command
|
|
7
8
|
#
|
|
8
|
-
#
|
|
9
|
+
# range - an ipv4 ip address range in cidr format
|
|
9
10
|
#
|
|
10
|
-
|
|
11
|
+
# This method should only be run after running setup
|
|
12
|
+
#
|
|
13
|
+
# Returns nothing
|
|
14
|
+
def nmap_range(range)
|
|
15
|
+
|
|
16
|
+
unique_string = Time.now.utc.to_s.gsub(" ","_").gsub(":","_")
|
|
17
|
+
nmap_report_path = "/tmp/metasploit_temp_#{unique_string}.xml"
|
|
18
|
+
|
|
19
|
+
# Call out to nmap to scan the given range
|
|
20
|
+
`nmap --top-ports 100 -oX #{nmap_report_path} #{range}`
|
|
21
|
+
|
|
22
|
+
# Import the XML into metasploit
|
|
23
|
+
_send_command("db_import #{nmap_report_path}")
|
|
24
|
+
|
|
25
|
+
# Wait for a few seconds while the xml is imported
|
|
26
|
+
sleep 10
|
|
27
|
+
|
|
28
|
+
# Remove the file
|
|
29
|
+
File.delete(nmap_report_path)
|
|
30
|
+
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
# Public: This module runs a number of discovery modules. This method should only
|
|
34
|
+
# be run after running setup, then the nmap_range method.
|
|
35
|
+
#
|
|
36
|
+
# host - an ipv4 ip address or hostname
|
|
37
|
+
#
|
|
38
|
+
# This method should only be run after running setup, and then the
|
|
39
|
+
# nmap_range method.
|
|
40
|
+
#
|
|
41
|
+
# Returns nothing
|
|
42
|
+
|
|
43
|
+
def discover_range(range, threads=25)
|
|
11
44
|
|
|
12
45
|
# Other Potential options
|
|
13
46
|
# - auxiliary/scanner/smb/pipe_auditor
|
|
14
47
|
# - auxiliary/scanner/smb/pipe_dcerpc_auditor
|
|
15
48
|
# - auxiliary/scanner/smb/smb_enumshares
|
|
16
49
|
# - auxiliary/scanner/smb/smb_enumusers
|
|
17
|
-
modules_and_options = [
|
|
18
|
-
{:module_name => "auxiliary/scanner/http/http_version"},
|
|
19
|
-
|
|
20
|
-
{:module_name => "auxiliary/scanner/ftp/ftp_version"},
|
|
21
|
-
{:module_name => "auxiliary/scanner/h323/h323_version"},
|
|
22
|
-
{:module_name => "auxiliary/scanner/imap/imap_version"},
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
#{:module_name => "auxiliary/scanner/lotus/lotus_domino_version"},
|
|
26
|
-
{:module_name => "auxiliary/scanner/mysql/mysql_version"},
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
#{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_tcp"},
|
|
30
|
-
#{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_udp"},
|
|
31
|
-
{:module_name => "auxiliary/scanner/pop3/pop3_version"},
|
|
32
|
-
{:module_name => "auxiliary/scanner/postgres/postgres_version"},
|
|
33
|
-
{:module_name => "auxiliary/scanner/smb/smb_version"},
|
|
34
|
-
{:module_name => "auxiliary/scanner/snmp/snmp_enum"},
|
|
35
|
-
{:module_name => "auxiliary/scanner/ssh/ssh_version"},
|
|
36
|
-
{:module_name => "auxiliary/scanner/telnet/telnet_version"},
|
|
37
|
-
#{:module_name => "auxiliary/scanner/vmware/vmauthd_version"}
|
|
50
|
+
modules_and_options = [
|
|
51
|
+
{:module_name => "auxiliary/scanner/http/http_version", :module_options => {}},
|
|
52
|
+
{:module_name => "auxiliary/scanner/http/cert", :module_options => {}},
|
|
53
|
+
{:module_name => "auxiliary/scanner/ftp/ftp_version", :module_options => {}},
|
|
54
|
+
{:module_name => "auxiliary/scanner/h323/h323_version", :module_options => {}},
|
|
55
|
+
{:module_name => "auxiliary/scanner/imap/imap_version", :module_options => {}},
|
|
56
|
+
{:module_name => "auxiliary/scanner/portscan/syn", :module_options => {}},
|
|
57
|
+
{:module_name => "auxiliary/scanner/portscan/tcp", :module_options => {}},
|
|
58
|
+
#{:module_name => "auxiliary/scanner/lotus/lotus_domino_version", :module_options => {}},
|
|
59
|
+
{:module_name => "auxiliary/scanner/mysql/mysql_version", :module_options => {}},
|
|
60
|
+
{:module_name => "auxiliary/scanner/netbios/nbname", :module_options => {}},
|
|
61
|
+
{:module_name => "auxiliary/scanner/netbios/nbname_probe"},
|
|
62
|
+
#{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_tcp", :module_options => {}},
|
|
63
|
+
#{:module_name => "auxiliary/scanner/pcanywhere/pcanywhere_udp", :module_options => {}},
|
|
64
|
+
{:module_name => "auxiliary/scanner/pop3/pop3_version", :module_options => {}},
|
|
65
|
+
{:module_name => "auxiliary/scanner/postgres/postgres_version", :module_options => {}},
|
|
66
|
+
{:module_name => "auxiliary/scanner/smb/smb_version", :module_options => {}},
|
|
67
|
+
{:module_name => "auxiliary/scanner/snmp/snmp_enum", :module_options => {}},
|
|
68
|
+
{:module_name => "auxiliary/scanner/ssh/ssh_version", :module_options => {}},
|
|
69
|
+
{:module_name => "auxiliary/scanner/telnet/telnet_version", :module_options => {}},
|
|
70
|
+
#{:module_name => "auxiliary/scanner/vmware/vmauthd_version", :module_options => {}}
|
|
38
71
|
]
|
|
39
72
|
|
|
40
|
-
|
|
41
|
-
module_list.each do |m|
|
|
73
|
+
module_list.each do |mod|
|
|
42
74
|
# Merge in default options
|
|
43
|
-
|
|
75
|
+
mod[:options] = {
|
|
76
|
+
"RHOSTS" => "#{range}",
|
|
77
|
+
"THREADS" => "#{threads}"
|
|
78
|
+
}
|
|
44
79
|
|
|
45
|
-
#
|
|
46
|
-
|
|
47
|
-
output += execute_module_and_return_output(m)
|
|
48
|
-
end
|
|
80
|
+
# Module specific options
|
|
81
|
+
mod[:options].merge!(mod[:module_options])
|
|
49
82
|
|
|
50
|
-
|
|
83
|
+
# execute the module
|
|
84
|
+
execute_module(mod)
|
|
85
|
+
end
|
|
51
86
|
end
|
|
52
87
|
|
|
53
88
|
|
|
89
|
+
# Public: This module runs a number of bruteforce modules. This method should only
|
|
90
|
+
# be run after running setup, then the nmap_range method.
|
|
91
|
+
#
|
|
92
|
+
# host - an ipv4 ip address or hostname
|
|
54
93
|
#
|
|
55
|
-
# This
|
|
94
|
+
# This method should only be run after running setup, and then the
|
|
95
|
+
# nmap_range method.
|
|
56
96
|
#
|
|
57
|
-
|
|
97
|
+
# Returns nothing
|
|
98
|
+
def bruteforce_range(range, user_file, pass_file, threads=25)
|
|
58
99
|
|
|
59
100
|
module_list = [
|
|
60
|
-
{:module_name => "auxiliary/scanner/
|
|
61
|
-
{:module_name => "auxiliary/scanner/
|
|
62
|
-
{:module_name => "auxiliary/scanner/
|
|
63
|
-
{:module_name => "auxiliary/scanner/
|
|
64
|
-
{:module_name => "auxiliary/scanner/mysql/mysql_login"},
|
|
65
|
-
{:module_name => "auxiliary/scanner/pop3/pop3_login"},
|
|
66
|
-
{:module_name => "auxiliary/scanner/smb/smb_login"},
|
|
67
|
-
{:module_name => "auxiliary/scanner/snmp/snmp_login"},
|
|
68
|
-
{:module_name => "auxiliary/scanner/ssh/ssh_login"},
|
|
69
|
-
{:module_name => "auxiliary/scanner/telnet/telnet_login"},
|
|
101
|
+
{:module_name => "auxiliary/scanner/http/http_login", :module_options => {}},
|
|
102
|
+
{:module_name => "auxiliary/scanner/smb/smb_login", :module_options => {}},
|
|
103
|
+
{:module_name => "auxiliary/scanner/snmp/snmp_login", :module_options => {}},
|
|
104
|
+
{:module_name => "auxiliary/scanner/ssh/ssh_login", :module_options => {"SSH_TIMEOUT" => 3}}
|
|
70
105
|
]
|
|
71
106
|
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
107
|
+
# Iterate through modules in the list, adding in generic and module-specific options
|
|
108
|
+
# if they exist
|
|
109
|
+
module_list.each do |mod|
|
|
110
|
+
|
|
111
|
+
# Generic module options
|
|
112
|
+
mod[:options] = {
|
|
113
|
+
"RHOSTS" => "#{range}",
|
|
114
|
+
"USER_FILE" => "#{user_file}",
|
|
115
|
+
"PASS_FILE" => "#{pass_file}",
|
|
116
|
+
"THREADS" => "#{threads}"
|
|
117
|
+
}
|
|
118
|
+
# Module specific options
|
|
119
|
+
mod[:options].merge!(mod[:module_options])
|
|
76
120
|
|
|
77
|
-
|
|
78
|
-
output += "=== #{m[:module_name]} ===\n"
|
|
79
|
-
output += execute_module_and_return_output(m)
|
|
121
|
+
execute_module(mod)
|
|
80
122
|
end
|
|
81
123
|
|
|
82
|
-
output
|
|
83
124
|
end
|
|
84
125
|
|
|
126
|
+
# Public: This module runs a number of exploit modules. This method should only
|
|
127
|
+
# be run after running setup, then the nmap_range method.
|
|
128
|
+
#
|
|
129
|
+
# host - an ipv4 ip address or hostname
|
|
85
130
|
#
|
|
86
|
-
# This
|
|
131
|
+
# This method should only be run after running setup, and then the
|
|
132
|
+
# nmap_range method.
|
|
87
133
|
#
|
|
88
|
-
|
|
89
|
-
|
|
134
|
+
# Returns nothing
|
|
135
|
+
def exploit_single(host)
|
|
136
|
+
|
|
137
|
+
# TODO - will need to set up / manage a handler - should this go
|
|
138
|
+
# back to the console?
|
|
139
|
+
|
|
140
|
+
module_list = [
|
|
141
|
+
{ :module_name => "exploit/windows/smb/ms08_067_netapi", :module_options => {} }
|
|
142
|
+
]
|
|
143
|
+
|
|
144
|
+
module_list.each do |mod|
|
|
145
|
+
mod[:options] = { "RHOST" => "#{host}" }
|
|
146
|
+
mod[:options].merge!(mod[:module_options])
|
|
147
|
+
execute_module(mod)
|
|
148
|
+
end
|
|
90
149
|
end
|
|
91
150
|
|
|
151
|
+
# Public: This method executes a specified metasploit module
|
|
92
152
|
#
|
|
93
|
-
#
|
|
153
|
+
# params - A parameters hash containing:
|
|
154
|
+
# - :module_name - a full metasploit module name
|
|
155
|
+
# - :options - a hash of options to be "set" for the module
|
|
94
156
|
#
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
157
|
+
# Note that typical behavior for metasploit when calling "module.execute" is to
|
|
158
|
+
# background the task. This method waits for the task to complete, thereby
|
|
159
|
+
# allowing you to fire this method, then interact with the database to find
|
|
160
|
+
# the requisite result(s).
|
|
161
|
+
#
|
|
162
|
+
# returns nothing
|
|
163
|
+
def execute_module(params)
|
|
164
|
+
module_name = params[:module_name]
|
|
165
|
+
module_type = params[:module_name].split("/").first
|
|
166
|
+
module_options = params[:options]
|
|
167
|
+
raise "Error, bad module name" unless ["exploit", "auxiliary", "post", "encoder", "nop"].include? module_type
|
|
168
|
+
|
|
169
|
+
# Execute the module and obtain the job details
|
|
170
|
+
job_details = @client.call("module.execute", module_type, module_name, module_options)
|
|
171
|
+
|
|
172
|
+
while @client.call("job.list").has_key?(job_details["job_id"].to_s)
|
|
173
|
+
# Wait while the module is executed in the background
|
|
174
|
+
sleep 1
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
end
|
|
178
|
+
=begin
|
|
179
|
+
# Public: execute_module_and_return_output
|
|
180
|
+
#
|
|
181
|
+
# This method runs a module in a metasploit console and captures the output
|
|
182
|
+
# to a string which is returned at the end of the module. An attempt is made
|
|
183
|
+
# to remove the metasploit banner, which is simply noise
|
|
184
|
+
#
|
|
185
|
+
# Note that this is currently deprecated, but preserved here in case a different
|
|
186
|
+
# approach (text output needed) to running modules is req'd. Please use the
|
|
187
|
+
# execute_module method to run a module going forward. While output is not
|
|
188
|
+
# preserved when running that method, all appropriate results should be captured
|
|
189
|
+
# in the database
|
|
190
|
+
#
|
|
191
|
+
# Returns a string with module output
|
|
192
|
+
def execute_module_and_return_output(params)
|
|
193
|
+
module_name = params[:module_name]
|
|
194
|
+
module_option_string = params[:module_option_string]
|
|
98
195
|
|
|
99
196
|
# split up the module name into type / name
|
|
100
197
|
module_type = module_name.split("/").first
|
|
101
|
-
raise "Error, bad module name" unless ["exploit", "auxiliary", "post", "encoder", "nop"].include? module_type
|
|
102
|
-
|
|
198
|
+
raise "Error, bad module name" unless ["exploit", "auxiliary", "post", "encoder", "nop"].include? module_type
|
|
199
|
+
|
|
103
200
|
# TODO - we may have to deal w/ targets somehow
|
|
104
201
|
|
|
105
202
|
#info = @client.call("module.execute", module_type, module_name, module_options)
|
|
106
203
|
#@client.call("job.info", info["job_id"])
|
|
107
204
|
|
|
108
|
-
# The module output will be not available when run this way; to
|
|
205
|
+
# The module output will be not available when run this way; to
|
|
109
206
|
# capture the result of the print_* commands, you have to set the
|
|
110
207
|
# output driver of the module to something you can read from (Buffer,
|
|
111
|
-
# File, etc). For your use case, the best bet is to run the module
|
|
208
|
+
# File, etc). For your use case, the best bet is to run the module
|
|
112
209
|
# via the Console API instead of module.execute, and use that to read
|
|
113
210
|
# the output from the console itself, which provides buffer output for you.
|
|
114
211
|
output = ""
|
|
@@ -148,7 +245,7 @@ module Msf
|
|
|
148
245
|
# do an initial read of the module's output
|
|
149
246
|
module_output = @client.call("console.read", console_id)
|
|
150
247
|
output += "#{module_output['data']}"
|
|
151
|
-
|
|
248
|
+
|
|
152
249
|
until !module_output["busy"] do
|
|
153
250
|
module_output = @client.call("console.read", console_id)
|
|
154
251
|
output += "#{module_output['data']}"
|
|
@@ -161,14 +258,14 @@ module Msf
|
|
|
161
258
|
output += "#{module_output['data']}"
|
|
162
259
|
end
|
|
163
260
|
|
|
164
|
-
# Clean up
|
|
261
|
+
# Clean up
|
|
165
262
|
@client.call("console.destroy", console_id)
|
|
166
263
|
|
|
167
264
|
output
|
|
168
265
|
end
|
|
169
|
-
|
|
266
|
+
=end
|
|
170
267
|
end
|
|
171
268
|
end
|
|
172
269
|
end
|
|
173
270
|
end
|
|
174
|
-
end
|
|
271
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: msfrpc-simple
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.8
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-
|
|
12
|
+
date: 2013-07-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: msfrpc-client
|
|
@@ -34,6 +34,7 @@ executables: []
|
|
|
34
34
|
extensions: []
|
|
35
35
|
extra_rdoc_files: []
|
|
36
36
|
files:
|
|
37
|
+
- .gitignore
|
|
37
38
|
- Gemfile
|
|
38
39
|
- Gemfile.lock
|
|
39
40
|
- LICENSE
|
|
@@ -41,11 +42,8 @@ files:
|
|
|
41
42
|
- Rakefile
|
|
42
43
|
- build.sh
|
|
43
44
|
- doc/NOTES
|
|
44
|
-
- lib/.DS_Store
|
|
45
45
|
- lib/msfrpc-simple.rb
|
|
46
|
-
- lib/msfrpc-simple/.DS_Store
|
|
47
46
|
- lib/msfrpc-simple/client.rb
|
|
48
|
-
- lib/msfrpc-simple/features/.DS_Store
|
|
49
47
|
- lib/msfrpc-simple/features/framework.rb
|
|
50
48
|
- lib/msfrpc-simple/features/pro.rb
|
|
51
49
|
- lib/msfrpc-simple/logger.rb
|
|
@@ -76,7 +74,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
76
74
|
version: '0'
|
|
77
75
|
requirements: []
|
|
78
76
|
rubyforge_project:
|
|
79
|
-
rubygems_version: 1.8.
|
|
77
|
+
rubygems_version: 1.8.23
|
|
80
78
|
signing_key:
|
|
81
79
|
specification_version: 3
|
|
82
80
|
summary: This library provides a simple-to-use wrapper for the Rapid7 Metasploit RPC
|
data/lib/.DS_Store
DELETED
|
Binary file
|
data/lib/msfrpc-simple/.DS_Store
DELETED
|
Binary file
|
|
Binary file
|