Class: Msf::Post

Inherits:

Module

• Object
• Module
• Msf::Post

Includes:

PostMixin

Defined in:

lib/msf/core/post.rb,
lib/msf/core/post/osx/priv.rb,
lib/msf/core/post/linux/priv.rb,
lib/msf/core/post/osx/ruby_dl.rb,
lib/msf/core/post/windows/lsa.rb,
lib/msf/core/post/android/priv.rb,
lib/msf/core/post/linux/f5_mcp.rb,
lib/msf/core/post/linux/kernel.rb,
lib/msf/core/post/linux/system.rb,
lib/msf/core/post/solaris/priv.rb,
lib/msf/core/post/windows/kiwi.rb,
lib/msf/core/post/windows/ldap.rb,
lib/msf/core/post/windows/wmic.rb,
lib/msf/core/post/linux/compile.rb,
lib/msf/core/post/linux/process.rb,
lib/msf/core/post/windows/mssql.rb,
lib/msf/core/post/android/system.rb,
lib/msf/core/post/linux/busy_box.rb,
lib/msf/core/post/solaris/kernel.rb,
lib/msf/core/post/solaris/system.rb,
lib/msf/core/post/windows/extapi.rb,
lib/msf/core/post/windows/system.rb,
lib/msf/core/post/vcenter/vcenter.rb,
lib/msf/core/post/windows/net_api.rb,
lib/msf/core/post/windows/packrat.rb,
lib/msf/core/post/windows/process.rb,
lib/msf/core/post/vcenter/database.rb,
lib/msf/core/post/windows/accounts.rb,
lib/msf/core/post/windows/eventlog.rb,
lib/msf/core/post/windows/registry.rb,
lib/msf/core/post/windows/services.rb,
lib/msf/core/post/windows/cli_parse.rb,
lib/msf/core/post/windows/file_info.rb,
lib/msf/core/post/windows/powershell.rb,
lib/msf/core/post/windows/file_system.rb,
lib/msf/core/post/windows/shadow_copy.rb,
lib/msf/core/post/hardware/zigbee/utils.rb,
lib/msf/core/post/windows/user_profiles.rb,
lib/msf/core/post/windows/task_scheduler.rb,
lib/msf/core/post/hardware/automotive/dtc.rb,
lib/msf/core/post/hardware/automotive/uds.rb,
lib/msf/core/post/hardware/rftransceiver/rftransceiver.rb

Overview

A Post-exploitation module

Defined Under Namespace

Modules: Android, Architecture, Azure, Common, File, Hardware, Linux, OSX, Process, Solaris, Unix, Vcenter, WebRTC, Windows Classes: Complete, Failed

Constant Summary

Constants inherited from Module

Module::REPLICANT_EXTENSION_DS_KEY

Constants included from Module::ModuleInfo

Module::ModuleInfo::UpdateableOptions

Instance Attribute Summary

• #needs_cleanup ⇒ Object

  file_dropper sets needs_cleanup to true to track exploits that upload files some post modules also use file_dropper, so let’s define it here.

Attributes included from SessionCompatibility

#passive, #session_types

Attributes included from Module::HasActions

#actions, #default_action, #passive, #passive_actions

Attributes inherited from Module

#error, #job_id, #license, #platform, #privileged, #references, #user_data

Attributes included from Framework::Offspring

#framework

Attributes included from Module::UUID

#uuid

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Module::Privileged

#priveli, #privileged

Attributes included from Module::Options

#options

Attributes included from Module::ModuleStore

#module_store

Attributes included from Module::ModuleInfo

#module_info

Attributes included from Module::FullName

#aliased_as

Attributes included from Module::DataStore

#datastore

Attributes included from Module::Author

#author

Attributes included from Module::Arch

#arch

Attributes included from Module::Alert

#alerts, #you_have_been_warned

Class Method Summary

• .create(session) ⇒ Object

  Create an anonymous module not tied to a file.

• .type ⇒ Object

Instance Method Summary

• #fail_with(reason, msg = nil) ⇒ Object

  Override Msf::Module#fail_with for Msf::Simple::Post::job_run_proc.

• #session_db_id ⇒ NilClass, Integer

  This method returns the ID of the Mdm::Session that the post module is currently running against.

• #setup ⇒ Object
• #type ⇒ Object

Methods included from PostMixin

#initialize

Methods included from SessionCompatibility

#check_for_session_readiness, #cleanup, #command_names_for, #compatible_sessions, #initialize, #meterpreter_session_incompatibility_reasons, #passive?, #post_commands, #session, #session_changed?, #session_compatible?, #session_display_info, #session_incompatibility_reasons, #sysinfo

Methods included from Common

#clear_screen, #cmd_exec, #cmd_exec_get_pid, #cmd_exec_with_result, #command_exists?, #create_process, #get_env, #get_envs, #initialize, #peer, #report_virtualization, #rhost, #rport

Methods included from Module::HasActions

#action, #find_action, #initialize, #passive?, #passive_action?

Methods included from Auxiliary::Report

#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot

Methods included from Metasploit::Framework::Require

optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines

Methods inherited from Module

#adapted_refname, #adapter_refname, #black_listed_auth_filenames, cached?, #debugging?, #default_cred?, #default_options, #file_path, #framework, #has_check?, #initialize, #orig_cls, #owner, #perform_extensions, #platform?, #platform_to_s, #post_auth?, #register_extensions, #register_parent, #replicant, #required_cred_options, #set_defaults, #stage_refname, #stager_refname, #workspace

Methods included from Module::Reliability

#reliability, #reliability_to_s

Methods included from Module::Stability

#stability, #stability_to_s

Methods included from Module::SideEffects

#side_effects, #side_effects_to_s

Methods included from Module::UUID

#generate_uuid

Methods included from Module::UI

#init_ui

Methods included from Module::UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from Module::UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from Module::UI::Line

#print_line, #print_line_prefix

Methods included from Module::UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Module::Type

#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?

Methods included from Module::Ranking

#rank, #rank_to_h, #rank_to_s

Methods included from Module::Privileged

#privileged?

Methods included from Module::Options

#deregister_option_group, #deregister_options, #register_advanced_options, #register_evasion_options, #register_option_group, #register_options, #validate

Methods included from Module::Network

#comm, #support_ipv6?, #target_host, #target_port

Methods included from Module::ModuleStore

#[], #[]=

Methods included from Module::ModuleInfo

#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info

Methods included from Module::FullName

#aliases, #fullname, #promptname, #realname, #refname, #shortname

Methods included from Module::DataStore

#import_defaults, #import_target_defaults, #share_datastore

Methods included from Module::Compatibility

#compat, #compatible?, #init_compat

Methods included from Module::Author

#author_to_s, #each_author

Methods included from Module::Auth

#store_valid_credential

Methods included from Module::Arch

#arch?, #arch_to_s, #each_arch

Methods included from Module::Alert

#add_alert, #add_error, #add_info, #add_warning, #alert_user, #errors, #get_alerts, included, #infos, #is_usable?, #warnings, #without_prompt

Instance Attribute Details

#needs_cleanup ⇒ Object

file_dropper sets needs_cleanup to true to track exploits that upload files some post modules also use file_dropper, so let’s define it here

# File 'lib/msf/core/post.rb', line 18

def needs_cleanup
  @needs_cleanup
end

Class Method Details

.create(session) ⇒ Object

Create an anonymous module not tied to a file. Only useful for IRB.

# File 'lib/msf/core/post.rb', line 42

def self.create(session)
  mod = new
  mod.instance_variable_set(:@session, session)
  # Have to override inspect because for whatever reason, +type+ is coming
  # from the wrong scope and i can't figure out how to fix it.
  mod.instance_eval do
    def inspect
      "#<Msf::Post anonymous>"
    end
  end
  mod.class.refname = "anonymous"

  mod
end

.type ⇒ Object

# File 'lib/msf/core/post.rb', line 35

def self.type
  Msf::MODULE_POST
end

Instance Method Details

#fail_with(reason, msg = nil) ⇒ Object

Override Msf::Module#fail_with for Msf::Simple::Post::job_run_proc

Raises:

• (Msf::Post::Failed)

# File 'lib/msf/core/post.rb', line 71

def fail_with(reason, msg = nil)
  raise Msf::Post::Failed, "#{reason.to_s}: #{msg}"
end

#session_db_id ⇒ NilClass, Integer

This method returns the ID of the Mdm::Session that the post module is currently running against.

Returns:

• (NilClass) —

  if there is no database record for the session

• (Integer) —

  if there is a database record to get the id for

# File 'lib/msf/core/post.rb', line 62

def session_db_id
  if session.db_record
    session.db_record.id
  else
    nil
  end
end

#setup ⇒ Object

# File 'lib/msf/core/post.rb', line 20

def setup
  m = replicant

  if m.actions.length > 0 && !m.action
    raise Msf::MissingActionError, "Please use: #{m.actions.collect {|e| e.name} * ", "}"
  end

  # Msf::Module(Msf::PostMixin)#setup
  super
end

#type ⇒ Object

# File 'lib/msf/core/post.rb', line 31

def type
  Msf::MODULE_POST
end