Class: Msf::RPC::Service
- Inherits:
-
Object
- Object
- Msf::RPC::Service
- Defined in:
- lib/msf/core/rpc/v10/service.rb
Instance Attribute Summary collapse
-
#debug ⇒ Object
Returns the value of attribute debug.
-
#default_handler ⇒ Object
Returns the value of attribute default_handler.
-
#dispatcher_timeout ⇒ Object
Returns the value of attribute dispatcher_timeout.
-
#framework ⇒ Object
Returns the value of attribute framework.
-
#handlers ⇒ Object
Returns the value of attribute handlers.
-
#options ⇒ Object
Returns the value of attribute options.
-
#service ⇒ Object
Returns the value of attribute service.
-
#srvhost ⇒ Object
Returns the value of attribute srvhost.
-
#srvport ⇒ Object
Returns the value of attribute srvport.
-
#str_encoding ⇒ Object
Returns the value of attribute str_encoding.
-
#token_timeout ⇒ Object
Returns the value of attribute token_timeout.
-
#tokens ⇒ Object
Returns the value of attribute tokens.
-
#uri ⇒ Object
Returns the value of attribute uri.
-
#users ⇒ Object
Returns the value of attribute users.
Instance Method Summary collapse
- #add_handler(group, handler) ⇒ Object
- #add_token(token) ⇒ Object
- #add_user(user, pass) ⇒ Object
- #authenticate(token) ⇒ Object
-
#initialize(framework, options = {}) ⇒ Service
constructor
A new instance of Service.
- #on_request_uri(cli, req) ⇒ Object
- #process(req) ⇒ Object
- #process_exception(e) ⇒ Object
- #remove_token ⇒ Object
- #remove_user(user) ⇒ Object
- #start ⇒ Object
- #stop ⇒ Object
- #wait ⇒ Object
Constructor Details
#initialize(framework, options = {}) ⇒ Service
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/msf/core/rpc/v10/service.rb', line 28 def initialize(framework, ={}) self.framework = framework self.handlers = {} self. = { :ssl => true, :cert => nil, :uri => "/uri", :host => '127.0.0.1', :port => 3790 }.merge() self.str_encoding = ''.encoding.name self.srvhost = self.[:host] self.srvport = self.[:port] self.uri = self.[:uri] self.debug = self.[:debug] self.dispatcher_timeout = self.[:dispatcher_timeout] || 7200 self.token_timeout = self.[:token_timeout] || 300 self.tokens = self.[:tokens] || {} self.users = self.[:users] || [] add_handler("core", Msf::RPC::RPC_Core.new(self)) add_handler("auth", Msf::RPC::RPC_Auth.new(self)) add_handler("console", Msf::RPC::RPC_Console.new(self)) add_handler("module", Msf::RPC::RPC_Module.new(self)) add_handler("session", Msf::RPC::RPC_Session.new(self)) add_handler("plugin", Msf::RPC::RPC_Plugin.new(self)) add_handler("job", Msf::RPC::RPC_Job.new(self)) add_handler("db", Msf::RPC::RPC_Db.new(self)) end |
Instance Attribute Details
#debug ⇒ Object
Returns the value of attribute debug
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def debug @debug end |
#default_handler ⇒ Object
Returns the value of attribute default_handler
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def default_handler @default_handler end |
#dispatcher_timeout ⇒ Object
Returns the value of attribute dispatcher_timeout
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def dispatcher_timeout @dispatcher_timeout end |
#framework ⇒ Object
Returns the value of attribute framework
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def framework @framework end |
#handlers ⇒ Object
Returns the value of attribute handlers
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def handlers @handlers end |
#options ⇒ Object
Returns the value of attribute options
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def @options end |
#service ⇒ Object
Returns the value of attribute service
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def service @service end |
#srvhost ⇒ Object
Returns the value of attribute srvhost
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def srvhost @srvhost end |
#srvport ⇒ Object
Returns the value of attribute srvport
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def srvport @srvport end |
#str_encoding ⇒ Object
Returns the value of attribute str_encoding
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def str_encoding @str_encoding end |
#token_timeout ⇒ Object
Returns the value of attribute token_timeout
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def token_timeout @token_timeout end |
#tokens ⇒ Object
Returns the value of attribute tokens
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def tokens @tokens end |
#uri ⇒ Object
Returns the value of attribute uri
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def uri @uri end |
#users ⇒ Object
Returns the value of attribute users
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def users @users end |
Instance Method Details
#add_handler(group, handler) ⇒ Object
99 100 101 |
# File 'lib/msf/core/rpc/v10/service.rb', line 99 def add_handler(group, handler) self.handlers[group] = handler end |
#add_token(token) ⇒ Object
180 181 182 |
# File 'lib/msf/core/rpc/v10/service.rb', line 180 def add_token(token) self.tokens[token] = [nil, nil, nil, true] end |
#add_user(user, pass) ⇒ Object
188 189 190 191 192 193 194 195 196 |
# File 'lib/msf/core/rpc/v10/service.rb', line 188 def add_user(user, pass) self.users.each do |r| if r[0] == user r[1] = pass return end end self.users << [user, pass] end |
#authenticate(token) ⇒ Object
202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 |
# File 'lib/msf/core/rpc/v10/service.rb', line 202 def authenticate(token) stale = [] if not (token and token.kind_of?(::String)) return false end # Force the encoding to ASCII-8BIT token = token.unpack("C*").pack("C*") self.tokens.each_key do |t| user,ctime,mtime,perm = self.tokens[t] if ! perm and mtime + self.token_timeout < Time.now.to_i stale << t end end stale.each { |t| self.tokens.delete(t) } if not self.tokens[token] begin if framework.db.active and ::Mdm::ApiKey.find_by_token(token) return true end rescue ::Exception => e end return false end self.tokens[token][2] = Time.now.to_i true end |
#on_request_uri(cli, req) ⇒ Object
85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'lib/msf/core/rpc/v10/service.rb', line 85 def on_request_uri(cli, req) res = Rex::Proto::Http::Response.new() res["Content-Type"] = "binary/message-pack" begin res.body = process(req).to_msgpack rescue Msf::RPC::Exception => e elog("RPC Exception: #{e.class} #{e} #{e.backtrace} #{cli.inspect} #{req.inspect}") res.body = process_exception(e).to_msgpack res.code = e.code end cli.send_response(res) end |
#process(req) ⇒ Object
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
# File 'lib/msf/core/rpc/v10/service.rb', line 103 def process(req) msg = nil begin if req.method != "POST" if req && req.method raise ArgumentError, "Invalid Request Verb: '#{req.method.inspect}'" else raise ArgumentError, "Invalid Request: '#{req.inspect}'" end end if not (req.headers["Content-Type"] and req.headers["Content-Type"] == "binary/message-pack") raise ArgumentError, "Invalid Content Type" end msg = MessagePack.unpack(req.body) if not (msg and msg.kind_of?(::Array) and msg.length > 0) raise ArgumentError, "Invalid Message Format" end msg.map { |a| a.respond_to?(:force_encoding) ? a.force_encoding(self.str_encoding) : a } group, funct = msg.shift.split(".", 2) if not self.handlers[group] raise ArgumentError, "Unknown API Group: '#{group.inspect}'" end doauth = true mname = 'rpc_' + funct if self.handlers[group].respond_to?(mname + '_noauth') doauth = false mname << '_noauth' end if not self.handlers[group].respond_to?(mname) raise ArgumentError, "Unknown API Call: '#{mname.inspect}'" end if doauth token = msg.shift if not authenticate(token) raise ::Msf::RPC::Exception.new(401, "Invalid Authentication Token") end end ::Timeout.timeout(self.dispatcher_timeout) { self.handlers[group].send(mname, *msg) } rescue ::Exception => e elog("RPC Exception: #{e.class} #{e.to_s} #{e.backtrace} #{msg.inspect} #{req.inspect}") process_exception(e) end end |
#process_exception(e) ⇒ Object
160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 |
# File 'lib/msf/core/rpc/v10/service.rb', line 160 def process_exception(e) r = { :error => true, :error_class => e.class.to_s, :error_string => e.to_s, :error_backtrace => e.backtrace.map{|x| x.sub(/^.*lib\//, 'lib/') } # Dont expose the install path } if e.respond_to?(:message) r[:error_message] = e. end if e.respond_to?(:code) r[:error_code] = e.code end r end |
#remove_token ⇒ Object
184 185 186 |
# File 'lib/msf/core/rpc/v10/service.rb', line 184 def remove_token self.tokens.delete(token) end |
#remove_user(user) ⇒ Object
198 199 200 |
# File 'lib/msf/core/rpc/v10/service.rb', line 198 def remove_user(user) self.users = self.users.select{|r| r[0] != user } end |
#start ⇒ Object
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/msf/core/rpc/v10/service.rb', line 60 def start self.service = Rex::ServiceManager.start( Rex::Proto::Http::Server, self.srvport, self.srvhost, self.[:ssl], self.[:context], self.[:comm], self.[:cert] ) self.service.add_resource(self.uri, { 'Proc' => Proc.new { |cli, req| on_request_uri(cli, req) }, 'Path' => self.uri }) end |
#stop ⇒ Object
77 78 79 |
# File 'lib/msf/core/rpc/v10/service.rb', line 77 def stop self.service.stop end |
#wait ⇒ Object
81 82 83 |
# File 'lib/msf/core/rpc/v10/service.rb', line 81 def wait self.service.wait end |