Module: Msf::Handler::ReverseTcpSsl

Includes:
ReverseTcp
Defined in:
lib/msf/core/handler/reverse_tcp_ssl.rb

Overview

This module implements the reverse TCP handler. This means that it listens on a port waiting for a connection until either one is established or it is told to abort.

This handler depends on having a local host and port to listen on.

Constant Summary

Constants included from Msf::Handler

Claimed, Unused

Instance Attribute Summary

Attributes included from Msf::Handler

#exploit_config, #parent_payload

Class Method Summary collapse

Instance Method Summary collapse

Methods included from ReverseTcp

#cleanup_handler, #start_handler, #stop_handler, #wrap_aes_socket

Methods included from Msf::Handler

#add_handler, #cleanup_handler, #handle_connection, #handler, #handler_name, #start_handler, #stop_handler, #wait_for_session, #wfs_delay

Class Method Details

.general_handler_typeObject

Returns the connection-described general handler type, in this case 'reverse'.


35
36
37
# File 'lib/msf/core/handler/reverse_tcp_ssl.rb', line 35

def self.general_handler_type
  "reverse"
end

.handler_typeObject

Returns the string representation of the handler type, in this case 'reverse_tcp_ssl'.


27
28
29
# File 'lib/msf/core/handler/reverse_tcp_ssl.rb', line 27

def self.handler_type
  return "reverse_tcp_ssl"
end

Instance Method Details

#initialize(info = {}) ⇒ Object

Initializes the reverse TCP SSL handler and adds the certificate option.


42
43
44
45
46
47
48
49
50
51
# File 'lib/msf/core/handler/reverse_tcp_ssl.rb', line 42

def initialize(info = {})
  super
  register_advanced_options(
    [
      OptPath.new('SSLCert',    [ false, 'Path to a custom SSL certificate (default is randomly generated)']),
      OptAddress.new('ReverseListenerBindAddress', [ false, 'The specific IP address to bind to on the local system']),
      OptInt.new('ReverseListenerBindPort', [ false, 'The port to bind to on the local system if different from LPORT' ])
    ], Msf::Handler::ReverseTcpSsl)

end

#setup_handlerObject

Starts the listener but does not actually attempt to accept a connection. Throws socket exceptions if it fails to start the listener.


58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# File 'lib/msf/core/handler/reverse_tcp_ssl.rb', line 58

def setup_handler
  if datastore['Proxies']
    raise RuntimeError, 'TCP connect-back payloads cannot be used with Proxies'
  end

  ex = false

  comm  = datastore['ReverseListenerComm']
  if comm.to_s == "local"
    comm = ::Rex::Socket::Comm::Local
  else
    comm = nil
  end

  local_port = bind_port
  addrs = bind_address

  addrs.each { |ip|
    begin

      comm.extend(Rex::Socket::SslTcp)
      self.listener_sock = Rex::Socket::SslTcpServer.create(
      'LocalHost' => ip,
      'LocalPort' => local_port,
      'Comm'      => comm,
      'SSLCert'	=> datastore['SSLCert'],
      'Context'   =>
        {
          'Msf'        => framework,
          'MsfPayload' => self,
          'MsfExploit' => assoc_exploit
        })

      ex = false

      comm_used = comm || Rex::Socket::SwitchBoard.best_comm( ip )
      comm_used = Rex::Socket::Comm::Local if comm_used == nil

      if( comm_used.respond_to?( :type ) and comm_used.respond_to?( :sid ) )
        via = "via the #{comm_used.type} on session #{comm_used.sid}"
      else
        via = ""
      end

      print_status("Started reverse SSL handler on #{ip}:#{local_port} #{via}")
      break
    rescue
      ex = $!
      print_error("Handler failed to bind to #{ip}:#{local_port}")
    end
  }
  raise ex if (ex)
end