Class: Msf::Module

Inherits:
Object
  • Object
show all
Extended by:
Framework::Offspring
Includes:
Alert, Arch, Auth, Author, Compatibility, DataStore, FullName, ModuleInfo, ModuleStore, Network, Options, Privileged, Ranking, Reliability, SideEffects, Stability, Type, UI, UUID
Defined in:
lib/msf/core/module.rb

Overview

The module base class is responsible for providing the common interface that is used to interact with modules at the most basic levels, such as by inspecting a given module's attributes (name, description, version, authors, etc) and by managing the module's data store.

Direct Known Subclasses

Auxiliary, Encoder, Evasion, Exploit, Nop, Payload, Post

Defined Under Namespace

Modules: Alert, Arch, Auth, Author, Compatibility, DataStore, Deprecated, External, Failure, FullName, HasActions, ModuleInfo, ModuleStore, Network, Options, Privileged, Ranking, Reliability, SideEffects, Stability, Type, UI, UUID Classes: AuxiliaryAction, Platform, PlatformList, Reference, SiteReference, Target

Constant Summary collapse

REPLICANT_EXTENSION_DS_KEY =

The key where a comma-separated list of Ruby module names will live in the datastore, consumed by #replicant to allow clean override of MSF module methods.

'ReplicantExtensions'

Constants included from ModuleInfo

ModuleInfo::UpdateableOptions

Class Attribute Summary collapse

Instance Attribute Summary collapse

Attributes included from UUID

#uuid

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Privileged

#priveli, #privileged

Attributes included from Options

#options

Attributes included from ModuleStore

#module_store

Attributes included from ModuleInfo

#module_info

Attributes included from FullName

#aliased_as

Attributes included from DataStore

#datastore

Attributes included from Author

#author

Attributes included from Arch

#arch

Attributes included from Alert

#alerts, #you_have_been_warned

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Reliability

#reliability, #reliability_to_s

Methods included from Stability

#stability, #stability_to_s

Methods included from SideEffects

#side_effects, #side_effects_to_s

Methods included from UUID

#generate_uuid

Methods included from UI

#init_ui

Methods included from UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from UI::Line

#print_line, #print_line_prefix

Methods included from UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Type

#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?, #type

Methods included from Ranking

#rank, #rank_to_h, #rank_to_s

Methods included from Privileged

#privileged?

Methods included from Options

#deregister_options, #register_advanced_options, #register_evasion_options, #register_options, #validate

Methods included from Network

#comm, #support_ipv6?, #target_host, #target_port

Methods included from ModuleStore

#[], #[]=

Methods included from ModuleInfo

#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info

Methods included from FullName

#aliases, #fullname, #promptname, #realname, #refname, #shortname

Methods included from DataStore

#import_defaults, #import_target_defaults, #share_datastore

Methods included from Compatibility

#compat, #compatible?, #init_compat

Methods included from Author

#author_to_s, #each_author

Methods included from Auth

#store_valid_credential

Methods included from Arch

#arch?, #arch_to_s, #each_arch

Methods included from Alert

#add_alert, #add_error, #add_warning, #alert_user, #errors, #get_alerts, included, #is_usable?, #warnings

Constructor Details

#initialize(info = {}) ⇒ Module

Creates an instance of an abstract module using the supplied information hash.


99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# File 'lib/msf/core/module.rb', line 99

def initialize(info = {})
  @module_info_copy = info.dup

  self.module_info = info
  generate_uuid

  set_defaults

  # Initialize module compatibility hashes
  init_compat

  # Fixup module fields as needed
  info_fixups

  # Transform some of the fields to arrays as necessary
  self.author = Msf::Author.transform(module_info['Author'])
  self.arch = Rex::Transformer.transform(module_info['Arch'], Array, [ String ], 'Arch')
  self.platform = PlatformList.transform(module_info['Platform'])
  self.references = Rex::Transformer.transform(module_info['References'], Array, [ SiteReference, Reference ], 'Ref')

  # Create and initialize the option container for this module
  self.options = Msf::OptionContainer.new
  self.options.add_options(info['Options'], self.class)
  self.options.add_advanced_options(info['AdvancedOptions'], self.class)
  self.options.add_evasion_options(info['EvasionOptions'], self.class)

  # Create and initialize the data store for this module
  self.datastore = ModuleDataStore.new(self)

  # Import default options into the datastore
  import_defaults

  self.privileged = module_info['Privileged'] || false
  self.license = module_info['License'] || MSF_LICENSE

  # Allow all modules to track their current workspace
  register_advanced_options(
    [
      OptString.new('WORKSPACE', [ false, "Specify the workspace for this module" ]),
      OptBool.new('VERBOSE',     [ false, 'Enable detailed status messages', false ])
    ], Msf::Module)

end

Class Attribute Details

.file_pathObject

The path from which the module was loaded.


85
86
87
# File 'lib/msf/core/module.rb', line 85

def file_path
  @file_path
end

.orig_clsObject

This attribute holds the non-duplicated copy of the module implementation. This attribute is used for reloading purposes so that it can be re-duplicated.


80
81
82
# File 'lib/msf/core/module.rb', line 80

def orig_cls
  @orig_cls
end

Instance Attribute Details

#errorObject

The last exception to occur using this module


384
385
386
# File 'lib/msf/core/module.rb', line 384

def error
  @error
end

#job_idObject

The job identifier that this module is running as, if any.


379
380
381
# File 'lib/msf/core/module.rb', line 379

def job_id
  @job_id
end

#licenseObject

The license under which this module is provided.


374
375
376
# File 'lib/msf/core/module.rb', line 374

def license
  @license
end

#platformObject

The array of zero or more platforms.


364
365
366
# File 'lib/msf/core/module.rb', line 364

def platform
  @platform
end

#privileged=(value) ⇒ Object (writeonly, protected)

:nodoc:


416
417
418
# File 'lib/msf/core/module.rb', line 416

def privileged=(value)
  @privileged = value
end

#referencesObject

The reference count for the module.


369
370
371
# File 'lib/msf/core/module.rb', line 369

def references
  @references
end

#user_dataObject

An opaque bag of data to attach to a module. This is useful for attaching some piece of identifying info on to a module before calling Simple::Exploit#exploit_simple or Simple::Auxiliary#run_simple for correlating where modules came from.


392
393
394
# File 'lib/msf/core/module.rb', line 392

def user_data
  @user_data
end

Class Method Details

.cached?Boolean

Returns false since this is the real module

Returns:

  • (Boolean)

293
294
295
# File 'lib/msf/core/module.rb', line 293

def self.cached?
  false
end

Instance Method Details

#black_listed_auth_filenamesObject


314
315
316
317
318
319
320
321
# File 'lib/msf/core/module.rb', line 314

def black_listed_auth_filenames
  @black_listed_auth_filenames ||= lambda {
    [
      'fileformat',
      'browser'
    ]
  }.call
end

#debugging?Boolean

Returns true if this module is being debugged.

Returns:

  • (Boolean)

261
262
263
# File 'lib/msf/core/module.rb', line 261

def debugging?
  datastore['DEBUG']
end

#default_cred?Boolean

Returns:

  • (Boolean)

343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
# File 'lib/msf/core/module.rb', line 343

def default_cred?
  return false unless post_auth?

  required_cred_options.all? do |name, opt|
    if opt.type == 'string'
      if !opt.default.blank?
        true
      else
        false
      end
    else
      true
    end
  end

  false
end

#fail_with(reason, msg = nil) ⇒ void

Note:

If you are writing an exploit, you don't use this API. Instead, please refer to the API documentation from lib/msf/core/exploit.rb.

This method returns an undefined value.

Raises a RuntimeError failure message. This is meant to be used for all non-exploits, and allows specific classes to override.

Examples:

fail_with('No Access', 'Unable to login')

Parameters:

  • reason (String)

    A reason about the failure.

  • msg (String) (defaults to: nil)

    (Optional) A message about the failure.

Raises:

  • (RuntimeError)

See Also:


279
280
281
# File 'lib/msf/core/module.rb', line 279

def fail_with(reason, msg=nil)
  raise RuntimeError, "#{reason.to_s}: #{msg}"
end

#file_pathObject

The path to the file in which the module can be loaded from.


200
201
202
# File 'lib/msf/core/module.rb', line 200

def file_path
  self.class.file_path
end

#frameworkObject

Returns the class reference to the framework


91
92
93
# File 'lib/msf/core/module.rb', line 91

def framework
  self.class.framework
end

#has_check?Boolean

Returns:

  • (Boolean)

143
144
145
# File 'lib/msf/core/module.rb', line 143

def has_check?
  respond_to?(:check)
end

#orig_clsObject

Returns the unduplicated class associated with this module.


193
194
195
# File 'lib/msf/core/module.rb', line 193

def orig_cls
  self.class.orig_cls
end

#ownerObject

Returns the username that instantiated this module, this tries a handful of methods to determine what actual user ran this module.


216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
# File 'lib/msf/core/module.rb', line 216

def owner
  # Generic method to configure a module owner
  username = self.datastore['MODULE_OWNER'].to_s.strip

  # Specific method used by the commercial products
  if username.empty?
    username = self.datastore['PROUSER'].to_s.strip
  end

  # Fallback when neither prior method is available, common for msfconsole
  if username.empty?
    username = (ENV['LOGNAME'] || ENV['USERNAME'] || ENV['USER'] || "unknown").to_s.strip
  end

  username
end

#perform_extensionsvoid

This method returns an undefined value.

Extends self with the constant list in the datastore


169
170
171
172
173
174
175
176
177
178
179
# File 'lib/msf/core/module.rb', line 169

def perform_extensions
  if datastore[REPLICANT_EXTENSION_DS_KEY].present?
    if datastore[REPLICANT_EXTENSION_DS_KEY].respond_to?(:each)
      datastore[REPLICANT_EXTENSION_DS_KEY].each do |const|
        self.extend(const)
      end
    else
      fail "Invalid settings in datastore at key #{REPLICANT_EXTENSION_DS_KEY}"
    end
  end
end

#platform?(what) ⇒ Boolean

Checks to see if this module is compatible with the supplied platform

Returns:

  • (Boolean)

254
255
256
# File 'lib/msf/core/module.rb', line 254

def platform?(what)
  (platform & what).empty? == false
end

#platform_to_sObject

Return a comma separated list of supported platforms, if any.


247
248
249
# File 'lib/msf/core/module.rb', line 247

def platform_to_s
  platform.all? ? "All" : platform.names.join(", ")
end

#post_auth?Boolean

Returns:

  • (Boolean)

323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
# File 'lib/msf/core/module.rb', line 323

def post_auth?
  if self.kind_of?(Msf::Auxiliary::AuthBrute)
    return true
  else
    # Some modules will never be post auth, so let's not waste our time
    # determining it and create more potential false positives.
    # If these modules happen to be post auth for some reason, then we it
    # should manually override the post_auth? method as true.
    directory_name = self.fullname.split('/')[0..-2]
    black_listed_auth_filenames.each do |black_listed_name|
      return false if directory_name.include?(black_listed_name)
    end

    # Some modules create their own username and password datastore
    # options, not relying on the AuthBrute mixin. In that case we
    # just have to go through the options and try to identify them.
    !required_cred_options.empty?
  end
end

#register_extensions(*rb_modules) ⇒ void

This method returns an undefined value.

@param One or more Ruby constants


183
184
185
186
187
188
# File 'lib/msf/core/module.rb', line 183

def register_extensions(*rb_modules)
  datastore[REPLICANT_EXTENSION_DS_KEY] = [] unless datastore[REPLICANT_EXTENSION_DS_KEY].present?
  rb_modules.each do |rb_mod|
    datastore[REPLICANT_EXTENSION_DS_KEY] << rb_mod unless datastore[REPLICANT_EXTENSION_DS_KEY].include? rb_mod
  end
end

#register_parent(ref) ⇒ Object

Scans the parent module reference to populate additional information. This is used to inherit common settings (owner, workspace, parent uuid, etc).


237
238
239
240
241
242
# File 'lib/msf/core/module.rb', line 237

def register_parent(ref)
  self.datastore['WORKSPACE']    = (ref.datastore['WORKSPACE'] ? ref.datastore['WORKSPACE'].dup : nil)
  self.datastore['PROUSER']      = (ref.datastore['PROUSER']   ? ref.datastore['PROUSER'].dup   : nil)
  self.datastore['MODULE_OWNER'] = ref.owner.dup
  self.datastore['ParentUUID']   = ref.uuid.dup
end

#replicantObject

Creates a fresh copy of an instantiated module


150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
# File 'lib/msf/core/module.rb', line 150

def replicant
  obj = self.clone
  self.instance_variables.each { |k|
    v = instance_variable_get(k)
    v = v.dup rescue v
    obj.instance_variable_set(k, v)
  }

  obj.datastore    = self.datastore.copy
  obj.user_input   = self.user_input
  obj.user_output  = self.user_output
  obj.module_store = self.module_store.clone

  obj.perform_extensions
  obj
end

#required_cred_optionsObject


297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
# File 'lib/msf/core/module.rb', line 297

def required_cred_options
  @required_cred_options ||= lambda {
    self.options.select { |name, opt|
      (
        opt.type?('string') &&
        opt.required &&
        (opt.name.match(/user(name)*$/i) || name.match(/pass(word)*$/i))
      ) ||
      (
        opt.type?('bool') &&
        opt.required &&
        opt.name.match(/^allow_guest$/i)
      )
    }
  }.call
end

#set_defaultsObject (protected)

Sets the modules unsupplied info fields to their default values.


399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
# File 'lib/msf/core/module.rb', line 399

def set_defaults
  self.module_info = {
    'Name'        => 'No module name',
    'Description' => 'No module description',
    'Version'     => '0',
    'Author'      => nil,
    'Arch'        => nil, # No architectures by default.
    'Platform'    => [],  # No platforms by default.
    'Ref'         => nil,
    'Privileged'  => false,
    'License'     => MSF_LICENSE,
    'Notes'       => {}
  }.update(self.module_info)
  self.module_store = {}
end

#workspaceObject

Returns the current workspace


207
208
209
210
# File 'lib/msf/core/module.rb', line 207

def workspace
  self.datastore['WORKSPACE'] ||
    (framework.db and framework.db.active and framework.db.workspace and framework.db.workspace.name)
end