Class: Msf::Post

Inherits:
Module show all
Includes:
PostMixin
Defined in:
lib/msf/core/post.rb,
lib/msf/core/post/osx/priv.rb,
lib/msf/core/post/linux/priv.rb,
lib/msf/core/post/osx/ruby_dl.rb,
lib/msf/core/post/android/priv.rb,
lib/msf/core/post/linux/kernel.rb,
lib/msf/core/post/linux/system.rb,
lib/msf/core/post/solaris/priv.rb,
lib/msf/core/post/windows/kiwi.rb,
lib/msf/core/post/windows/ldap.rb,
lib/msf/core/post/windows/wmic.rb,
lib/msf/core/post/linux/compile.rb,
lib/msf/core/post/windows/mssql.rb,
lib/msf/core/post/android/system.rb,
lib/msf/core/post/linux/busy_box.rb,
lib/msf/core/post/solaris/kernel.rb,
lib/msf/core/post/solaris/system.rb,
lib/msf/core/post/windows/extapi.rb,
lib/msf/core/post/windows/netapi.rb,
lib/msf/core/post/windows/process.rb,
lib/msf/core/post/windows/railgun.rb,
lib/msf/core/post/windows/accounts.rb,
lib/msf/core/post/windows/eventlog.rb,
lib/msf/core/post/windows/registry.rb,
lib/msf/core/post/windows/services.rb,
lib/msf/core/post/windows/cli_parse.rb,
lib/msf/core/post/windows/file_info.rb,
lib/msf/core/post/windows/filesystem.rb,
lib/msf/core/post/windows/powershell.rb,
lib/msf/core/post/windows/shadowcopy.rb,
lib/msf/core/post/hardware/zigbee/utils.rb,
lib/msf/core/post/windows/user_profiles.rb,
lib/msf/core/post/hardware/automotive/dtc.rb,
lib/msf/core/post/hardware/automotive/uds.rb,
lib/msf/core/post/hardware/rftransceiver/rftransceiver.rb

Overview

A Post-exploitation module

Defined Under Namespace

Modules: Android, Common, File, Hardware, Linux, OSX, Solaris, Unix, WebRTC, Windows Classes: Complete, Failed

Constant Summary

Constants inherited from Module

Module::REPLICANT_EXTENSION_DS_KEY

Constants included from Module::ModuleInfo

Module::ModuleInfo::UpdateableOptions

Instance Attribute Summary collapse

Attributes included from PostMixin

#passive, #session_types

Attributes included from Module::HasActions

#actions, #default_action, #passive, #passive_actions

Attributes inherited from Module

#error, #job_id, #license, #platform, #privileged, #references, #user_data

Attributes included from Framework::Offspring

#framework

Attributes included from Module::UUID

#uuid

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Module::Privileged

#priveli, #privileged

Attributes included from Module::Options

#options

Attributes included from Module::ModuleStore

#module_store

Attributes included from Module::ModuleInfo

#module_info

Attributes included from Module::FullName

#aliased_as

Attributes included from Module::DataStore

#datastore

Attributes included from Module::Author

#author

Attributes included from Module::Arch

#arch

Attributes included from Module::Alert

#alerts, #you_have_been_warned

Class Method Summary collapse

Instance Method Summary collapse

Methods included from PostMixin

#check_for_session_readiness, #cleanup, #compatible_sessions, #initialize, #passive?, #post_commands, #session, #session_changed?, #session_compatible?, #session_display_info, #sysinfo

Methods included from Common

#clear_screen, #cmd_exec, #cmd_exec_get_pid, #command_exists?, #get_env, #get_envs, #has_pid?, #peer, #report_virtualization, #rhost, #rport

Methods included from Module::HasActions

#action, #find_action, #initialize, #passive?, #passive_action?

Methods included from Auxiliary::Report

#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot

Methods included from Metasploit::Framework::Require

optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines

Methods inherited from Module

#black_listed_auth_filenames, cached?, #debugging?, #default_cred?, #file_path, #framework, #has_check?, #initialize, #orig_cls, #owner, #perform_extensions, #platform?, #platform_to_s, #post_auth?, #register_extensions, #register_parent, #replicant, #required_cred_options, #set_defaults, #workspace

Methods included from Module::Reliability

#reliability, #reliability_to_s

Methods included from Module::Stability

#stability, #stability_to_s

Methods included from Module::SideEffects

#side_effects, #side_effects_to_s

Methods included from Module::UUID

#generate_uuid

Methods included from Module::UI

#init_ui

Methods included from Module::UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from Module::UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from Module::UI::Line

#print_line, #print_line_prefix

Methods included from Module::UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Module::Type

#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?

Methods included from Module::Ranking

#rank, #rank_to_h, #rank_to_s

Methods included from Module::Privileged

#privileged?

Methods included from Module::Options

#deregister_options, #register_advanced_options, #register_evasion_options, #register_options, #validate

Methods included from Module::Network

#comm, #support_ipv6?, #target_host, #target_port

Methods included from Module::ModuleStore

#[], #[]=

Methods included from Module::ModuleInfo

#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info

Methods included from Module::FullName

#aliases, #fullname, #promptname, #realname, #refname, #shortname

Methods included from Module::DataStore

#import_defaults, #import_target_defaults, #share_datastore

Methods included from Module::Compatibility

#compat, #compatible?, #init_compat

Methods included from Module::Author

#author_to_s, #each_author

Methods included from Module::Auth

#store_valid_credential

Methods included from Module::Arch

#arch?, #arch_to_s, #each_arch

Methods included from Module::Alert

#add_alert, #add_error, #add_warning, #alert_user, #errors, #get_alerts, included, #is_usable?, #warnings

Instance Attribute Details

#needs_cleanupObject

file_dropper sets needs_cleanup to true to track exploits that upload files some post modules also use file_dropper, so let's define it here


32
33
34
# File 'lib/msf/core/post.rb', line 32

def needs_cleanup
  @needs_cleanup
end

Class Method Details

.create(session) ⇒ Object

Create an anonymous module not tied to a file. Only useful for IRB.


56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/msf/core/post.rb', line 56

def self.create(session)
  mod = new
  mod.instance_variable_set(:@session, session)
  # Have to override inspect because for whatever reason, +type+ is coming
  # from the wrong scope and i can't figure out how to fix it.
  mod.instance_eval do
    def inspect
      "#<Msf::Post anonymous>"
    end
  end
  mod.class.refname = "anonymous"

  mod
end

.typeObject


49
50
51
# File 'lib/msf/core/post.rb', line 49

def self.type
  Msf::MODULE_POST
end

Instance Method Details

#fail_with(reason, msg = nil) ⇒ Object

Override Msf::Module#fail_with for Msf::Simple::Post::job_run_proc

Raises:


85
86
87
# File 'lib/msf/core/post.rb', line 85

def fail_with(reason, msg = nil)
  raise Msf::Post::Failed, "#{reason.to_s}: #{msg}"
end

#session_db_idNilClass, Integer

This method returns the ID of the Mdm::Session that the post module is currently running against.

Returns:

  • (NilClass)

    if there is no database record for the session

  • (Integer)

    if there is a database record to get the id for


76
77
78
79
80
81
82
# File 'lib/msf/core/post.rb', line 76

def session_db_id
  if session.db_record
    session.db_record.id
  else
    nil
  end
end

#setupObject


34
35
36
37
38
39
40
41
42
43
# File 'lib/msf/core/post.rb', line 34

def setup
  m = replicant

  if m.actions.length > 0 && !m.action
    raise Msf::MissingActionError, "Please use: #{m.actions.collect {|e| e.name} * ", "}"
  end

  # Msf::Module(Msf::PostMixin)#setup
  super
end

#typeObject


45
46
47
# File 'lib/msf/core/post.rb', line 45

def type
  Msf::MODULE_POST
end