Class: Msf::Sessions::LDAP

Inherits:

Object

• Object
• Msf::Sessions::LDAP

Includes:

Msf::Session::Basic, Scriptable

Defined in:

lib/msf/base/sessions/ldap.rb

Instance Attribute Summary

• #arch ⇒ Object

  Returns the value of attribute arch.

• #client ⇒ Rex::Proto::LDAP::Client

  The LDAP client.

• #console ⇒ Rex::Post::LDAP::Ui::Console

  The interactive console.

• #framework ⇒ Object readonly

  Returns the value of attribute framework.

• #keep_alive_thread ⇒ Object

  Returns the value of attribute keep_alive_thread.

• #keepalive_seconds ⇒ Integer

  Seconds between keepalive requests.

• #platform ⇒ Object

  Returns the value of attribute platform.

Attributes included from Msf::Session::Interactive

#rstream

Attributes included from Rex::Ui::Interactive

#completed, #interacting, #next_session, #on_command_proc, #on_print_proc, #on_run_command_error_proc, #orig_suspend, #orig_usr1, #orig_winch

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Msf::Session

#alive, #db_record, #exploit, #exploit_datastore, #exploit_task, #exploit_uuid, #info, #machine_id, #payload_uuid, #routes, #sid, #sname, #target_host, #target_port, #username, #uuid, #via, #workspace

Class Method Summary

• .can_cleanup_files ⇒ Object
• .type ⇒ Object

  Returns the type of session.

Instance Method Summary

• #_interact ⇒ Object

  :category: Msf::Session::Interactive implementors.

• #_interact_stream ⇒ Object

  :category: Msf::Session::Interactive implementors.

• #address ⇒ Object
• #bootstrap(datastore = {}, handler = nil) ⇒ Object
• #cleanup ⇒ Object
• #desc ⇒ Object

  Returns the session description.

• #execute_file(full_path, args) ⇒ Object
• #exit ⇒ Object
• #init_ui(input, output) ⇒ Object

  :category: Msf::Session::Interactive implementors.

• #initialize(rstream, opts = {}) ⇒ LDAP constructor

  @param rstream.

• #on_registered ⇒ Object
• #port ⇒ Object
• #process_autoruns(datastore) ⇒ Object
• #reset_ui ⇒ Object

  :category: Msf::Session::Interactive implementors.

• #start_keep_alive_loop ⇒ Object

  Start a background thread for regularly sending a no-op command to keep the connection alive.

• #stop_keep_alive_loop ⇒ Object

  Stop the background thread.

• #type ⇒ Object

Methods included from Scriptable

#execute_script, included, #legacy_script_to_post_module

Methods included from Msf::Session::Interactive

#_interact_complete, #_interrupt, #_suspend, #_usr1, #abort_foreground, #abort_foreground_supported, #comm_channel, #interactive?, #kill, #run_cmd, #tunnel_local, #tunnel_peer, #user_want_abort?

Methods included from Rex::Ui::Interactive

#_interact_complete, #_interrupt, #_local_fd, #_remote_fd, #_stream_read_local_write_remote, #_stream_read_remote_write_local, #_suspend, #_winch, #detach, #handle_suspend, #handle_usr1, #handle_winch, #interact, #interact_stream, #prompt, #prompt_yesno, #restore_suspend, #restore_usr1, #restore_winch

Methods included from Rex::Ui::Subscriber

#copy_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Msf::Session

#alive?, #comm_channel, #dead?, #inspect, #interactive?, #kill, #log_file_name, #log_source, #name, #name=, #register?, #session_host, #session_host=, #session_port, #session_port=, #session_type, #set_from_exploit, #set_via, #tunnel_local, #tunnel_peer, #tunnel_to_s, #via_exploit, #via_payload

Constructor Details

#initialize(rstream, opts = {}) ⇒ LDAP

@param rstream

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• :client (Rex::Proto::LDAP::Client)
• :keepalive (Integer)

# File 'lib/msf/base/sessions/ldap.rb', line 29

def initialize(rstream, opts = {})
  @client = opts.fetch(:client)
  @keepalive_seconds = opts.fetch(:keepalive_seconds)
  self.console = Rex::Post::LDAP::Ui::Console.new(self)
  super(rstream, opts)
end

Instance Attribute Details

#arch ⇒ Object

Returns the value of attribute arch.

# File 'lib/msf/base/sessions/ldap.rb', line 22

def arch
  @arch
end

#client ⇒ Rex::Proto::LDAP::Client

Returns The LDAP client.

Returns:

• (Rex::Proto::LDAP::Client) —

  The LDAP client

# File 'lib/msf/base/sessions/ldap.rb', line 15

def client
  @client
end

#console ⇒ Rex::Post::LDAP::Ui::Console

Returns The interactive console.

Returns:

• (Rex::Post::LDAP::Ui::Console) —

  The interactive console

# File 'lib/msf/base/sessions/ldap.rb', line 13

def console
  @console
end

#framework ⇒ Object (readonly)

Returns the value of attribute framework.

# File 'lib/msf/base/sessions/ldap.rb', line 23

def framework
  @framework
end

#keep_alive_thread ⇒ Object

Returns the value of attribute keep_alive_thread.

# File 'lib/msf/base/sessions/ldap.rb', line 17

def keep_alive_thread
  @keep_alive_thread
end

#keepalive_seconds ⇒ Integer

Returns Seconds between keepalive requests.

Returns:

• (Integer) —

  Seconds between keepalive requests

# File 'lib/msf/base/sessions/ldap.rb', line 20

def keepalive_seconds
  @keepalive_seconds
end

#platform ⇒ Object

Returns the value of attribute platform.

# File 'lib/msf/base/sessions/ldap.rb', line 22

def platform
  @platform
end

Class Method Details

.can_cleanup_files ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 76

def self.can_cleanup_files
  false
end

.type ⇒ Object

Returns the type of session.

# File 'lib/msf/base/sessions/ldap.rb', line 72

def self.type
  'ldap'
end

Instance Method Details

#_interact ⇒ Object

:category: Msf::Session::Interactive implementors

Override the basic session interaction to use shell_read and shell_write instead of operating on rstream directly.

# File 'lib/msf/base/sessions/ldap.rb', line 128

def _interact
  framework.events.on_session_interact(self)
  framework.history_manager.with_context(name: type.to_sym) do
    _interact_stream
  end
end

#_interact_stream ⇒ Object

:category: Msf::Session::Interactive implementors

Raises:

• (EOFError)

# File 'lib/msf/base/sessions/ldap.rb', line 138

def _interact_stream
  framework.events.on_session_interact(self)

  console.framework = framework
  # Call the console interaction of the ldap client and
  # pass it a block that returns whether or not we should still be
  # interacting.  This will allow the shell to abort if interaction is
  # canceled.
  console.interact { interacting != true }
  console.framework = nil

  # If the stop flag has been set, then that means the user exited.  Raise
  # the EOFError so we can drop this handle like a bad habit.
  raise EOFError if (console.stopped? == true)
end

#address ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 87

def address
  @address ||= client.peerhost
end

#bootstrap(datastore = {}, handler = nil) ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 41

def bootstrap(datastore = {}, handler = nil)
  session = self
  session.init_ui(user_input, user_output)

  @info = "LDAP #{datastore['USERNAME']} @ #{@peer_info}"
end

#cleanup ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 36

def cleanup
  stop_keep_alive_loop
  super
end

#desc ⇒ Object

Returns the session description.

# File 'lib/msf/base/sessions/ldap.rb', line 83

def desc
  'LDAP'
end

#execute_file(full_path, args) ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 48

def execute_file(full_path, args)
  if File.extname(full_path) == '.rb'
    Rex::Script::Shell.new(self, full_path).run(args)
  else
    console.load_resource(full_path)
  end
end

#exit ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 119

def exit
  console.stop
end

#init_ui(input, output) ⇒ Object

:category: Msf::Session::Interactive implementors

Initializes the console’s I/O handles.

# File 'lib/msf/base/sessions/ldap.rb', line 100

def init_ui(input, output)
  self.user_input = input
  self.user_output = output
  console.init_ui(input, output)
  console.set_log_source(log_source)

  super
end

#on_registered ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 154

def on_registered
  start_keep_alive_loop
end

#port ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 91

def port
  @port ||= client.peerport
end

#process_autoruns(datastore) ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 56

def process_autoruns(datastore)
  ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
    next if datastore[key].nil? || datastore[key].empty?

    args = Shellwords.shellwords(datastore[key])
    print_status("Session ID #{sid} (#{tunnel_to_s}) processing #{key} '#{datastore[key]}'")
    execute_script(args.shift, *args)
  end
end

#reset_ui ⇒ Object

:category: Msf::Session::Interactive implementors

Resets the console’s I/O handles.

# File 'lib/msf/base/sessions/ldap.rb', line 114

def reset_ui
  console.unset_log_source
  console.reset_ui
end

#start_keep_alive_loop ⇒ Object

Start a background thread for regularly sending a no-op command to keep the connection alive

# File 'lib/msf/base/sessions/ldap.rb', line 159

def start_keep_alive_loop
  self.keep_alive_thread = framework.threads.spawn("LDAP-shell-keepalive-#{sid}", false) do
    loop do
      if client.last_interaction.nil?
        remaining_sleep = @keepalive_seconds
      else
        remaining_sleep = @keepalive_seconds - (Process.clock_gettime(Process::CLOCK_MONOTONIC) - client.last_interaction)
      end
      sleep(remaining_sleep)
      if (Process.clock_gettime(Process::CLOCK_MONOTONIC) - client.last_interaction) > @keepalive_seconds
        client.search_root_dse
      end
      # This should have moved last_interaction forwards
      fail if (Process.clock_gettime(Process::CLOCK_MONOTONIC) - client.last_interaction) > @keepalive_seconds
    end
  end
end

#stop_keep_alive_loop ⇒ Object

Stop the background thread

# File 'lib/msf/base/sessions/ldap.rb', line 178

def stop_keep_alive_loop
  keep_alive_thread.kill
end

#type ⇒ Object

# File 'lib/msf/base/sessions/ldap.rb', line 66

def type
  self.class.type
end