Class: Msf::RPC::Service
- Inherits:
-
Object
- Object
- Msf::RPC::Service
- Defined in:
- lib/msf/core/rpc/v10/service.rb
Instance Attribute Summary collapse
-
#debug ⇒ Object
Returns the value of attribute debug.
-
#default_handler ⇒ Object
Returns the value of attribute default_handler.
-
#dispatcher_timeout ⇒ Object
Returns the value of attribute dispatcher_timeout.
-
#framework ⇒ Object
Returns the value of attribute framework.
-
#handlers ⇒ Object
Returns the value of attribute handlers.
-
#job_status_tracker ⇒ Object
Returns the value of attribute job_status_tracker.
-
#options ⇒ Object
Returns the value of attribute options.
-
#service ⇒ Object
Returns the value of attribute service.
-
#srvhost ⇒ Object
Returns the value of attribute srvhost.
-
#srvport ⇒ Object
Returns the value of attribute srvport.
-
#str_encoding ⇒ Object
Returns the value of attribute str_encoding.
-
#token_timeout ⇒ Object
Returns the value of attribute token_timeout.
-
#tokens ⇒ Object
Returns the value of attribute tokens.
-
#uri ⇒ Object
Returns the value of attribute uri.
-
#users ⇒ Object
Returns the value of attribute users.
Instance Method Summary collapse
- #add_handler(group, handler) ⇒ Object
- #add_token(token) ⇒ Object
- #add_user(user, pass) ⇒ Object
- #authenticate(token) ⇒ Object
-
#initialize(framework, options = {}) ⇒ Service
constructor
A new instance of Service.
- #on_request_uri(cli, req) ⇒ Object
- #process(req) ⇒ Object
- #process_exception(e) ⇒ Object
- #remove_token ⇒ Object
- #remove_user(user) ⇒ Object
- #start ⇒ Object
- #stop ⇒ Object
- #wait ⇒ Object
Constructor Details
#initialize(framework, options = {}) ⇒ Service
Returns a new instance of Service.
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/msf/core/rpc/v10/service.rb', line 29 def initialize(framework, ={}) self.framework = framework self.handlers = {} self. = { :ssl => true, :cert => nil, :uri => "/uri", :host => '127.0.0.1', :port => 3790 }.merge() self.str_encoding = ''.encoding.name self.srvhost = self.[:host] self.srvport = self.[:port] self.uri = self.[:uri] self.debug = self.[:debug] self.dispatcher_timeout = self.[:dispatcher_timeout] || 7200 self.token_timeout = self.[:token_timeout] || 300 self.tokens = self.[:tokens] || {} self.users = self.[:users] || [] self.job_status_tracker = Msf::RPC::RpcJobStatusTracker.new add_handler("core", Msf::RPC::RPC_Core.new(self)) add_handler("auth", Msf::RPC::RPC_Auth.new(self)) add_handler("console", Msf::RPC::RPC_Console.new(self)) add_handler("module", Msf::RPC::RPC_Module.new(self)) add_handler("session", Msf::RPC::RPC_Session.new(self)) add_handler("plugin", Msf::RPC::RPC_Plugin.new(self)) add_handler("job", Msf::RPC::RPC_Job.new(self)) add_handler("db", Msf::RPC::RPC_Db.new(self)) end |
Instance Attribute Details
#debug ⇒ Object
Returns the value of attribute debug
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def debug @debug end |
#default_handler ⇒ Object
Returns the value of attribute default_handler
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def default_handler @default_handler end |
#dispatcher_timeout ⇒ Object
Returns the value of attribute dispatcher_timeout
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def dispatcher_timeout @dispatcher_timeout end |
#framework ⇒ Object
Returns the value of attribute framework
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def framework @framework end |
#handlers ⇒ Object
Returns the value of attribute handlers
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def handlers @handlers end |
#job_status_tracker ⇒ Object
Returns the value of attribute job_status_tracker
27 28 29 |
# File 'lib/msf/core/rpc/v10/service.rb', line 27 def job_status_tracker @job_status_tracker end |
#options ⇒ Object
Returns the value of attribute options
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def @options end |
#service ⇒ Object
Returns the value of attribute service
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def service @service end |
#srvhost ⇒ Object
Returns the value of attribute srvhost
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def srvhost @srvhost end |
#srvport ⇒ Object
Returns the value of attribute srvport
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def srvport @srvport end |
#str_encoding ⇒ Object
Returns the value of attribute str_encoding
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def str_encoding @str_encoding end |
#token_timeout ⇒ Object
Returns the value of attribute token_timeout
26 27 28 |
# File 'lib/msf/core/rpc/v10/service.rb', line 26 def token_timeout @token_timeout end |
#tokens ⇒ Object
Returns the value of attribute tokens
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def tokens @tokens end |
#uri ⇒ Object
Returns the value of attribute uri
24 25 26 |
# File 'lib/msf/core/rpc/v10/service.rb', line 24 def uri @uri end |
#users ⇒ Object
Returns the value of attribute users
25 26 27 |
# File 'lib/msf/core/rpc/v10/service.rb', line 25 def users @users end |
Instance Method Details
#add_handler(group, handler) ⇒ Object
102 103 104 |
# File 'lib/msf/core/rpc/v10/service.rb', line 102 def add_handler(group, handler) self.handlers[group] = handler end |
#add_token(token) ⇒ Object
183 184 185 |
# File 'lib/msf/core/rpc/v10/service.rb', line 183 def add_token(token) self.tokens[token] = [nil, nil, nil, true] end |
#add_user(user, pass) ⇒ Object
191 192 193 194 195 196 197 198 199 |
# File 'lib/msf/core/rpc/v10/service.rb', line 191 def add_user(user, pass) self.users.each do |r| if r[0] == user r[1] = pass return end end self.users << [user, pass] end |
#authenticate(token) ⇒ Object
205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 |
# File 'lib/msf/core/rpc/v10/service.rb', line 205 def authenticate(token) stale = [] unless (token && token.kind_of?(::String)) return false end # Force the encoding to ASCII-8BIT token = token.unpack("C*").pack("C*") self.tokens.each_key do |t| user,ctime,mtime,perm = self.tokens[t] if !perm && mtime + self.token_timeout < Time.now.to_i stale << t end end stale.each { |t| self.tokens.delete(t) } unless self.tokens[token] begin if framework.db.active && ::Mdm::ApiKey.find_by_token(token) return true end rescue ::Exception => e end return false end self.tokens[token][2] = Time.now.to_i true end |
#on_request_uri(cli, req) ⇒ Object
88 89 90 91 92 93 94 95 96 97 98 99 100 |
# File 'lib/msf/core/rpc/v10/service.rb', line 88 def on_request_uri(cli, req) res = Rex::Proto::Http::Response.new() res["Content-Type"] = "binary/message-pack" begin res.body = process(req).to_msgpack rescue Msf::RPC::Exception => e elog('RPC Exception', error: e) res.body = process_exception(e).to_msgpack res.code = e.code end cli.send_response(res) end |
#process(req) ⇒ Object
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 |
# File 'lib/msf/core/rpc/v10/service.rb', line 106 def process(req) msg = nil begin if req.method != "POST" if req && req.method raise ArgumentError, "Invalid Request Verb: '#{req.method.inspect}'" else raise ArgumentError, "Invalid Request: '#{req.inspect}'" end end unless (req.headers["Content-Type"] && req.headers["Content-Type"] == "binary/message-pack") raise ArgumentError, "Invalid Content Type" end msg = MessagePack.unpack(req.body) unless (msg && msg.kind_of?(::Array) && msg.length > 0) raise ArgumentError, "Invalid Message Format" end msg.map { |a| a.respond_to?(:force_encoding) ? a.force_encoding(self.str_encoding) : a } group, funct = msg.shift.split(".", 2) unless self.handlers[group] raise ArgumentError, "Unknown API Group: '#{group.inspect}'" end doauth = true mname = 'rpc_' + funct if self.handlers[group].respond_to?(mname + '_noauth') doauth = false mname << '_noauth' end unless self.handlers[group].respond_to?(mname) raise ArgumentError, "Unknown API Call: '#{mname.inspect}'" end if doauth token = msg.shift unless authenticate(token) raise ::Msf::RPC::Exception.new(401, "Invalid Authentication Token") end end ::Timeout.timeout(self.dispatcher_timeout) { self.handlers[group].send(mname, *msg) } rescue ::Exception => e elog('RPC Exception', error: e) process_exception(e) end end |
#process_exception(e) ⇒ Object
163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 |
# File 'lib/msf/core/rpc/v10/service.rb', line 163 def process_exception(e) r = { :error => true, :error_class => e.class.to_s, :error_string => e.to_s, :error_backtrace => e.backtrace.map{|x| x.sub(/^.*lib\//, 'lib/') } # Dont expose the install path } if e.respond_to?(:message) r[:error_message] = e. end if e.respond_to?(:code) r[:error_code] = e.code end r end |
#remove_token ⇒ Object
187 188 189 |
# File 'lib/msf/core/rpc/v10/service.rb', line 187 def remove_token self.tokens.delete(token) end |
#remove_user(user) ⇒ Object
201 202 203 |
# File 'lib/msf/core/rpc/v10/service.rb', line 201 def remove_user(user) self.users = self.users.select{|r| r[0] != user } end |
#start ⇒ Object
62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/msf/core/rpc/v10/service.rb', line 62 def start self.service = Rex::ServiceManager.start( Rex::Proto::Http::Server, self.srvport, self.srvhost, self.[:ssl], self.[:context], self.[:comm], self.[:cert] ) self.service.add_resource(self.uri, { 'Proc' => Proc.new { |cli, req| on_request_uri(cli, req) }, 'Path' => self.uri }) end |
#stop ⇒ Object
79 80 81 82 |
# File 'lib/msf/core/rpc/v10/service.rb', line 79 def stop self.service.stop self.service.deref end |
#wait ⇒ Object
84 85 86 |
# File 'lib/msf/core/rpc/v10/service.rb', line 84 def wait self.service.wait end |