Class: Msf::Plugin::Msfd

Inherits:
Msf::Plugin show all
Defined in:
plugins/msfd.rb

Overview

This class implements the msfd plugin interface.

Constant Summary collapse

DefaultHost =

The default local hostname that the server listens on.

"127.0.0.1"
DefaultPort =

The default local port that the server listens on.

55554

Instance Attribute Summary collapse

Attributes inherited from Msf::Plugin

#opts

Attributes included from Framework::Offspring

#framework

Instance Method Summary collapse

Methods inherited from Msf::Plugin

#add_console_dispatcher, create, #flush, #input, #output, #print, #print_error, #print_good, #print_line, #print_status, #print_warning, #remove_console_dispatcher

Constructor Details

#initialize(framework, opts) ⇒ Msfd

Initializes the msfd plugin. The following options are supported in the hash by this plugin:

ServerHost

The local hostname to listen on for connections. The default is 127.0.0.1.

ServerPort

The local port to listen on for connections. The default is 55554.

SSL

Use SSL

RunInForeground

Instructs the plugin to now execute the daemon in a worker thread and to instead allow the caller to manage executing the daemon through the “run'' method.

HostsAllowed

List of hosts (in NBO) allowed to use msfd

HostsDenied

List of hosts (in NBO) not allowed to use msfd


63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# File 'plugins/msfd.rb', line 63

def initialize(framework, opts)
  super

  # Start listening for connections.
  self.server	= Rex::Socket::TcpServer.create(
    'LocalHost' => opts['ServerHost'] || DefaultHost,
    'LocalPort' => opts['ServerPort'] || DefaultPort,
    'SSL'       => opts['SSL'])

  # If the run in foreground flag is not specified, then go ahead and fire
  # it off in a worker thread.
  if (opts['RunInForeground'] != true)
    Thread.new {
      run(opts)
    }
  end
end

Instance Attribute Details

#serverObject (protected)

The listening socket instance.


160
161
162
# File 'plugins/msfd.rb', line 160

def server
  @server
end

Instance Method Details

#cleanupObject

Closes the listener service.


150
151
152
153
# File 'plugins/msfd.rb', line 150

def cleanup
  ilog("Msfd: Shutting down server", 'core')
  self.server.close
end

#descObject

Returns the msfd plugin description.


91
92
93
# File 'plugins/msfd.rb', line 91

def desc
  "Provides a console interface to users over a listening TCP port."
end

#nameObject

Returns 'msfd'


84
85
86
# File 'plugins/msfd.rb', line 84

def name
  "msfd"
end

#run(opts = {}) ⇒ Object

Runs the msfd plugin by blocking on new connections and then spawning threads to handle the console interface for each client.


99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# File 'plugins/msfd.rb', line 99

def run(opts={})
  while true
    client = server.accept

    addr = Rex::Socket.resolv_nbo(client.peerhost)

    if opts['HostsAllowed'] and
      not opts['HostsAllowed'].find { |x| x == addr }
      client.close
      next
    end

    if opts['HostsDenied'] and
      opts['HostsDenied'].find { |x| x == addr }
      client.close
      next
    end
    msg = "Msfd: New connection from #{client.peerhost}"
    ilog(msg, 'core')
    print_status(msg)

    # Spawn a thread for the client connection
    Thread.new(client) { |cli|
      begin
        Msf::Ui::Console::Driver.new(
          Msf::Ui::Console::Driver::DefaultPrompt,
          Msf::Ui::Console::Driver::DefaultPromptChar,
          'Framework'   => framework,
          'LocalInput'  => Rex::Ui::Text::Input::Socket.new(cli),
          'LocalOutput' => Rex::Ui::Text::Output::Socket.new(cli),
          'AllowCommandPassthru' => false,
          'DisableBanner' => opts['DisableBanner'] ? true : false).run
      rescue => e
        elog('Msfd client error', error: e)
      ensure
        msg = "Msfd: Closing client connection with #{cli.peerhost}"
        ilog(msg, 'core')
        print_status(msg)
        begin
          cli.shutdown
          cli.close
        rescue IOError
        end
      end
    }
  end
end