wpxf 2.0.0a

data/lib/wpxf/cli/banner.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'wpxf/modules'
+
+module Wpxf
+  module Cli
+    # A helper class for printing banners in the terminal.
+    class Banner
+      def initialize
+        file = Wpxf::DataFile.new('banners', 'default.txt')
+        self.raw_content = file.content
+      end
+
+      def format_colour(value)
+        value.gsub('{WB}', "\e[0m\e[97m\e[1m")
+             .gsub('{WN}', "\e[0m\e[97m")
+             .gsub('{GN}', "\e[0m\e[32m")
+             .gsub('{LGN}', "\e[0m\e[37m")
+             .gsub('{YB}', "\e[0m\e[33m\e[1m")
+      end
+
+      def auxiliary_count
+        Wpxf::Models::Module.where(type: 'auxiliary').count
+      end
+
+      def exploit_count
+        Wpxf::Models::Module.where(type: 'exploit').count
+      end
+
+      def format_data(value)
+        value.gsub('{VERSION}', Wpxf.version)
+             .gsub('{AUXILIARY_COUNT}', auxiliary_count.to_s)
+             .gsub('{EXPLOIT_COUNT}', exploit_count.to_s)
+             .gsub('{PAYLOAD_COUNT}', Wpxf::Payloads.payload_count.to_s)
+      end
+
+      def display
+        formatted = format_colour(raw_content)
+        formatted = format_data(formatted)
+        puts formatted
+        puts
+      end
+
+      attr_accessor :raw_content
+    end
+  end
+end

data/lib/wpxf/cli/console.rb

@@ -0,0 +1,146 @@
+# frozen_string_literal: true
+
+require 'readline'
+
+require 'wpxf/modules'
+require 'wpxf/cli/auto_complete'
+require 'wpxf/cli/creds'
+require 'wpxf/cli/context'
+require 'wpxf/cli/loot'
+require 'wpxf/cli/modules'
+require 'wpxf/cli/module_cache'
+require 'wpxf/cli/module_info'
+require 'wpxf/cli/loaded_module'
+require 'wpxf/cli/options'
+require 'wpxf/cli/output'
+require 'wpxf/cli/help'
+require 'wpxf/cli/workspace'
+
+module Wpxf
+  module Cli
+    # Main class for running the WPXF console.
+    class Console
+      include Cli::AutoComplete
+      include Cli::Creds
+      include Cli::Help
+      include Cli::Loot
+      include Cli::Modules
+      include Cli::ModuleCache
+      include Cli::LoadedModule
+      include Cli::Options
+      include Cli::Output
+      include Cli::Workspace
+
+      def initialize
+        super
+        setup_auto_complete
+      end
+
+      def commands_without_output
+        %w[back]
+      end
+
+      def permitted_commands
+        %w[use back set show quit run unset check info gset setg gunset loot
+           unsetg search clear reload help workspace rebuild_cache creds]
+      end
+
+      def clear
+        Gem.win_platform? ? (system 'cls') : (system 'clear')
+      end
+
+      def prompt_for_input
+        prompt = 'wpxf'.underline.light_blue
+
+        # The ANSI characters cause problems with the Readline lib and
+        # Windows, so if it's a Windows platform, use only plain chars.
+        prompt = 'wpxf' if Gem.win_platform?
+        prompt += " [#{context.module_path}]" if module_loaded?
+
+        begin
+          input = Readline.readline("#{prompt} > ", true).to_s
+        rescue SignalException
+          input = ''
+        end
+
+        puts if input.empty?
+        input
+      end
+
+      def can_handle?(command)
+        return true if respond_to?(command) && permitted_commands.include?(command)
+        puts
+        print_bad "\"#{command}\" is not a recognised command."
+        false
+      end
+
+      def correct_number_of_args?(command, args)
+        return true if command.match?(/workspace|loot|creds/)
+
+        # Make an exception for set, unset and search, due to them taking
+        # a variable number of strings that can contain white space.
+        return true if command =~ /^(un)?set|search$/ && args.size > 1
+
+        expected_args = Console.instance_method(command).parameters.size
+        return true if expected_args == args.size
+
+        print_bad "#{args.size} arguments specified for \"#{command}\", expected #{expected_args}."
+        false
+      end
+
+      def on_event_emitted(event)
+        return unless !event[:verbose] || context.verbose?
+
+        if event[:type] == :table
+          indent_cursor(2) { print_table event[:rows], true }
+        else
+          handlers = { error: 'print_bad', success: 'print_good', info: 'print_info', warning: 'print_warning' }
+          send(handlers[event[:type]], event[:msg])
+        end
+      end
+
+      def normalise_alised_commands(command)
+        if command == 'exit'
+          'quit'
+        elsif command == 'setg'
+          'gset'
+        elsif command == 'unsetg'
+          'gunset'
+        else
+          command
+        end
+      end
+
+      def execute_user_command(command, args)
+        command = normalise_alised_commands(command)
+        if can_handle? command
+          puts unless commands_without_output.include? command
+          send(command, *args) if correct_number_of_args?(command, args)
+        end
+        puts unless commands_without_output.include? command
+      end
+
+      def check_cache
+        return if cache_valid?
+        rebuild_cache
+        puts
+      end
+
+      def start
+        loop do
+          begin
+            input = prompt_for_input
+            break if input =~ /exit|quit/
+
+            command, *args = input.split(/\s/)
+            execute_user_command(command, args) if command
+          rescue StandardError => e
+            print_bad "Uncaught error: #{e}"
+            print_bad e.backtrace.join("\n\t")
+            puts
+          end
+        end
+      end
+    end
+  end
+end

data/lib/wpxf/cli/context.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'wpxf/modules'
+
+module Wpxf
+  module Cli
+    # A context which modules will be used in.
+    class Context
+      def verbose?
+        return false if self.module.nil?
+        self.module.normalized_option_value('verbose')
+      end
+
+      def load_module(path)
+        @module = Wpxf.load_module(path)
+        @module_path = path
+        @module
+      end
+
+      def reload
+        load("wpxf/modules/#{@module_path}.rb")
+        load_module(@module_path)
+      end
+
+      def load_payload(name)
+        self.module.payload = Wpxf::Payloads.load_payload(name)
+        self.module.payload.check(self.module)
+        self.module.payload
+      end
+
+      attr_reader :module_path
+      attr_reader :module
+    end
+  end
+end

data/lib/wpxf/cli/creds.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module Wpxf
+  module Cli
+    # A mixin to provide functions to interact with credentials stored in the database.
+    module Creds
+      def delete_credential(id)
+        item = Wpxf::Models::Credential.first(
+          id: id.to_i,
+          workspace: active_workspace
+        )
+
+        unless item.nil?
+          item.destroy
+          return print_good "Deleted credential #{id}"
+        end
+
+        print_bad "Could not find credential #{id} in the current workspace"
+      end
+
+      def list_credentials
+        rows = []
+        rows.push(
+          id: 'ID',
+          host: 'Host',
+          username: 'Username',
+          password: 'Password',
+          type: 'Type'
+        )
+
+        Wpxf::Models::Credential.where(workspace: active_workspace).each do |cred|
+          rows.push(
+            id: cred.id,
+            host: "#{cred.host}:#{cred.port}",
+            username: cred.username,
+            password: cred.password,
+            type: cred.type
+          )
+        end
+
+        print_table rows
+      end
+
+      def creds(*args)
+        return list_credentials if args.length.zero?
+
+        case args[0]
+        when '-d'
+          delete_credential(args[1])
+        else
+          print_warning 'Invalid option for "creds"'
+        end
+      end
+    end
+  end
+end

data/lib/wpxf/cli/help.rb

@@ -0,0 +1,125 @@
+# frozen_string_literal: true
+
+require 'wpxf/models/module'
+
+module Wpxf
+  module Cli
+    # Methods for handling commands that provide the user with help info.
+    module Help
+      def print_options(mod)
+        print_std 'Module options:'
+        puts
+        indent_cursor do
+          print_options_table(mod, module_options(mod, false))
+        end
+      end
+
+      def print_payload_options(payload)
+        print_std 'Payload options:'
+        puts
+        indent_cursor do
+          print_options_table(payload, payload.options)
+        end
+      end
+
+      def show_options
+        return unless module_loaded?(false)
+
+        print_options(context.module)
+        return unless context.module.payload
+
+        puts
+        print_payload_options(context.module.payload)
+      end
+
+      def print_options_table(mod, opts)
+        data = empty_option_table_data
+        opts.each do |opt|
+          data.push(option_table_row(mod, opt))
+        end
+
+        print_table(data)
+      end
+
+      def print_advanced_option(mod, opt)
+        print_std "Name: #{opt.name}"
+        print_std "Current setting: #{mod.normalized_option_value(opt.name)}"
+        print_std "Required: #{opt.required?}"
+        print_std "Description: #{opt.desc}"
+      end
+
+      def show_advanced_options
+        return unless module_loaded?(false)
+
+        module_options(context.module, true).each do |opt|
+          print_advanced_option(context.module, opt)
+          puts
+        end
+      end
+
+      def help
+        commands_file = Wpxf::DataFile.new('json', 'commands.json')
+        data = JSON.parse(commands_file.content)['data']
+        data.unshift('cmd' => 'Command', 'desc' => 'Description')
+        print_table data
+      end
+
+      def show_exploits
+        modules = Wpxf::Models::Module.where(type: 'exploit')
+                                .order(:path)
+                                .map { |m| { path: m.path, title: m.name } }
+
+        print_good "#{modules.length} Exploits"
+        print_module_table modules
+      end
+
+      def show_auxiliary
+        modules = Wpxf::Models::Module.where(type: 'auxiliary')
+                                .order(:path)
+                                .map { |m| { path: m.path, title: m.name } }
+
+        print_good "#{modules.length} Auxiliaries"
+        print_module_table modules
+      end
+
+      def show(target)
+        handlers = {
+          'options' => 'show_options',
+          'advanced' => 'show_advanced_options',
+          'exploits' => 'show_exploits',
+          'auxiliary' => 'show_auxiliary'
+        }
+
+        if handlers[target]
+          send(handlers[target])
+        else
+          print_bad("\"#{target}\" is not a valid argument")
+        end
+      end
+
+      def module_options(mod, advanced)
+        return [] if mod.nil?
+        opts = mod.options.select { |o| o.advanced? == advanced }
+        opts.sort_by(&:name)
+      end
+
+      def empty_option_table_data
+        [{
+          name: 'Name',
+          value: 'Current Setting',
+          req: 'Required',
+          desc: 'Description'
+        }]
+      end
+
+      def option_table_row(mod, opt)
+        {
+          name: opt.name,
+          value: mod.normalized_option_value(opt.name),
+          req: opt.required?,
+          desc: opt.desc
+        }
+      end
+    end
+  end
+end

data/lib/wpxf/cli/loaded_module.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require 'wpxf/cli/module_info'
+
+module Wpxf
+  module Cli
+    # Methods for handling commands that interact with the currently loaded module.
+    module LoadedModule
+      include Cli::ModuleInfo
+
+      def module_loaded?(quiet = true)
+        print_warning 'No module loaded' if context.nil? && !quiet
+        !context.nil?
+      end
+
+      def module_can_execute?
+        can_execute = context.module.can_execute?
+        unless can_execute
+          opts = context.module.missing_options.join(', ')
+          print_bad "One or more required options not set: #{opts}"
+        end
+        can_execute
+      end
+
+      def payload_prepared?
+        failed = context.module.payload && !context.module.payload.prepare(context.module)
+        print_bad 'Failed to prepare the payload' if failed
+        !failed
+      end
+
+      def execute_module
+        mod = context.module
+        mod.run && (!mod.payload || mod.payload.post_exploit(mod))
+      rescue StandardError => e
+        print_bad "Uncaught error: #{e}"
+        print_bad e.backtrace.join("\n\t")
+        false
+      end
+
+      def run
+        return unless module_loaded?(false) && module_can_execute? && payload_prepared?
+
+        if execute_module
+          print_good 'Execution finished successfully'
+        else
+          print_bad 'Execution failed'
+        end
+
+        context.module.cleanup
+        self.indent_level = 1
+      end
+
+      def check
+        return unless module_loaded?(false) && module_can_execute?
+        state = context.module.check
+
+        if state == :vulnerable
+          print_warning 'Target appears to be vulnerable'
+        elsif state == :unknown
+          print_bad 'Could not determine if the target is vulnerable'
+        else
+          print_good 'Target appears to be safe'
+        end
+      end
+    end
+  end
+end