Module: Msf::Ui::Debug

Defined in:: lib/msf/ui/debug.rb

Overview

Displays Metasploit information useful for Debugging.

Constant Summary collapse

COMMAND_HISTORY_TOTAL =

FRAMEWORK_LOG_LINE_TOTAL =

WEB_SERVICE_LOG_LINE_TOTAL =

FRAMEWORK_ERROR_REGEX = “[mm/dd/yyyy hh:mm:ss] [e()]” Indicates the start of an error message The end of an error message is indicated by the start of the next log message [mm/dd/yyyy hh:mm:ss] [[ANY_LETTER]()] When using the commented regex, the below example framework.log will only return three separate errors, and their accompanying traces: 05/15/2020 14:13:38 e(0) core: [-] Error during IRB: undefined method ‘[]’ for nil:NilClass 06/19/2020 12:05:02 i(0) core: Trying to continue despite failed database creation: could not connect to server: Connection refused Is the server running on host “127.0.0.1” and accepting TCP/IP connections on port 5433? 05/15/2020 14:19:20 e(0) core: [-] Error while running command debug: can’t modify frozen String Call stack: /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/ui/debug.rb:33:in ‘get_all’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/ui/console/command_dispatcher/core.rb:318:in ‘cmd_debug’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:523:in ‘run_command’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:474:in ‘block in run_single’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:468:in ‘each’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:468:in ‘run_single’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/rex/ui/text/shell.rb:158:in ‘run’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in ‘start’ /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in ‘start’ 06/19/2020 11:51:44 d(2) core: Stager osx/armle/reverse_tcp and stage osx/x64/meterpreter have incompatible architectures: armle - x64 05/15/2020 14:23:55 e(0) core: [-] Error during IRB: undefined method ‘[]’ for nil:NilClass

%r|\[\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}\] \[e\(\d+\)\] (?:(?!\[\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}\] \[[A-Za-z]\(\d+\)\]).)+|m

FRAMEWORK_ERROR_TOTAL =

WEB_SERVICE_ERROR_REGEX = “[-]” Indicates the start of an error message The end of an error message is indicated by a n character followed by any non-whitespace character When using the commented regex, the below example msf-ws.log will only return three separate errors, and their accompanying traces: - Error that does not return a stack trace. Writing PID to /Users/agalway/.msf4/msf-ws.pid Thin web server (v1.7.2 codename Bachmanity) Maximum connections set to 1024 Listening on localhost:5443, CTRL+C to stop - Error handling request: wrong number of arguments (given 4, expected 1). Call Stack: /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/db_manager/service.rb:44:in `get_service' /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/db_manager/note.rb:136:in `block in report_note' /Users/agalway/vendor/bundle/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:416:in `with_connection' /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/db_manager/note.rb:81:in `report_note' /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/web_services/servlet/note_servlet.rb:42:in `block (2 levels) in report_note' /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/web_services/servlet_helper.rb:78:in `exec_report_job' /Users/agalway/vendor/bundle/gems/thin-1.7.2/bin/thin:6:in `<top (required)>' /Users/agalway/vendor/bundle/bin/thin:23:in `load' /Users/agalway/vendor/bundle/bin/thin:23:in `<main>' - Error handling request: wrong number of arguments (given 4, expected 1). Call Stack: /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/db_manager/service.rb:44:in `get_service' /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/lib/msf/core/db_manager/note.rb:136:in `block in report_note' /Users/agalway/vendor/bundle/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:416:in `with_connection' /Users/agalway/vendor/bundle/gems/thin-1.7.2/bin/thin:6:in `<top (required)>' /Users/agalway/vendor/bundle/bin/thin:23:in `load' /Users/agalway/vendor/bundle/bin/thin:23:in `<main>'

%r|\[-\].+?\n(?!\s)|m

WEB_SERVICE_ERROR_TOTAL =

ISSUE_LINK =

'https://github.com/rapid7/metasploit-framework/issues/new/choose'

PREAMBLE =

<<~PREMABLE
  Please provide the below information in any Github issues you open. New issues can be opened here #{ISSUE_LINK.dup}
  %red%undENSURE YOU HAVE REMOVED ANY SENSITIVE INFORMATION BEFORE SUBMITTING!%clr

  ===8<=== CUT AND PASTE EVERYTHING BELOW THIS LINE ===8<===


PREMABLE

ERROR_BLURB =

'An error occurred when trying to build this section:'

Class Method Summary collapse

Class Method Details

.all(framework, driver) ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 100

def self.all(framework, driver)
  all_information = preamble
  all_information << datastore(framework, driver)
  all_information << database_configuration(framework)
  all_information << framework_config(framework)
  all_information << history(driver)
  all_information << errors
  all_information << logs
  all_information << versions(framework)

  all_information
end

.database_configuration(framework) ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 159

def self.database_configuration(framework)
  output = "```\nSession Type: #{db_connection_info(framework)}\n```\n\n"

  if framework.db&.active
    current_workspace = framework.db.workspace
    example_workspaces = ::Mdm::Workspace.order(id: :desc).take(10)
    ordered_workspaces = ([current_workspace] + example_workspaces).uniq.sort_by(&:id)
    workspace_rows = ordered_workspaces.map do |workspace|
      id = current_workspace.id == workspace.id ? "#{workspace.id.to_fs(:delimited)} **(Current)**" : workspace.id.to_fs(:delimited)
      [
        id,
        workspace.hosts.count.to_fs(:delimited),
        workspace.vulns.count.to_fs(:delimited),
        workspace.notes.count.to_fs(:delimited),
        workspace.services.count.to_fs(:delimited)
      ]
    end

    totals_row = [
      "**Total (#{::Mdm::Workspace.count.to_fs(:delimited)})**",
      "**#{::Mdm::Host.count.to_fs(:delimited)}**",
      "**#{::Mdm::Vuln.count.to_fs(:delimited)}**",
      "**#{::Mdm::Note.count.to_fs(:delimited)}**",
      "**#{::Mdm::Service.count.to_fs(:delimited)}**"
    ]

    table = "| ID | Hosts | Vulnerabilities | Notes | Services |\n"
    table += "|-:|-:|-:|-:|-:|\n"
    table += (workspace_rows + [totals_row]).map { |x| "| #{x.join(" | ")} |" }.join("\n")
    output += table
  end

  # The markdown table can't be placed in a code block or it will not render as a table.
  build_section_no_block(
    'Database Configuration',
    'The database contains the following information:',
    output
  )
rescue StandardError => e
  build_section(
    'Database Configuration',
    ERROR_BLURB,
    section_build_error('Failed to extract Database configuration', e)
  )
end

.datastore(framework, driver) ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 113

def self.datastore(framework, driver)

  # Generate an ini with the existing config file
  ini = Rex::Parser::Ini.new(Msf::Config.config_file)

  # Delete all groups from the config ini that potentially have more up to date information
  ini.keys.each do |key|
    unless key.start_with?("framework/database") || key.start_with?("framework/features")
      ini.delete(key)
    end
  end

  # Retrieve and add more up to date information
  add_hash_to_ini_group(ini, framework.datastore.to_h, driver.get_config_core)
  add_hash_to_ini_group(ini, driver.get_config, driver.get_config_group)

  if driver.active_module
    add_hash_to_ini_group(ini, driver.active_module.datastore.to_h, driver.active_module.refname)
  end

  # Filter credentials
  ini.each do |key, value|
    if key =~ %r{^framework/database/}
      value.transform_values! { '[Filtered]' }
    end
  end

  if ini.to_s.empty?
    content = 'The local config file is empty, no global variables are set, and there is no active module.'
  else
    content = ini.to_s
  end

  build_section(
    'Module/Datastore',
    'The following global/module datastore, and database setup was configured before the issue occurred:',
    content
  )
rescue StandardError => e
  build_section(
    'Module/Datastore',
    ERROR_BLURB,
    section_build_error('Failed to extract Datastore', e)
  )
end

.errors ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 246

def self.errors
  errors = build_regex_file_section(Pathname.new(Msf::Config.log_directory).join('framework.log'),
                                                      FRAMEWORK_ERROR_TOTAL,
                                                      FRAMEWORK_ERROR_REGEX,
                                                      'Framework Errors',
                                                      'The following framework errors occurred before the issue occurred:')

  errors += build_regex_file_section(Pathname.new(Msf::Config.log_directory).join('msf-ws.log'),
                                                        WEB_SERVICE_ERROR_TOTAL,
                                                        WEB_SERVICE_ERROR_REGEX,
                                                        'Web Service Errors',
                                                        'The following web service errors occurred before the issue occurred:')
  errors
end

.framework_config(framework) ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 205

def self.framework_config(framework)
  required_features = framework.features.all.map { |feature| [feature[:name], feature[:enabled].to_s] }
  markdown_formatted_features = required_features.map { |feature| "| #{feature.join(' | ')} |" }
  required_fields = %w[name enabled]

  table = "| #{required_fields.join(' | ')} |\n"
  table += '|' + '-:|' * required_fields.count + "\n"
  table += markdown_formatted_features.join("\n").to_s

  # The markdown table can't be placed in a code block or it will not render as a table.
  build_section_no_block(
    'Framework Configuration',
    'The features are configured as follows:',
    table
  )
end

.history(driver) ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 222

def self.history(driver)
  end_pos = Readline::HISTORY.length - 1
  start_pos = end_pos - COMMAND_HISTORY_TOTAL > driver.hist_last_saved ? end_pos - (COMMAND_HISTORY_TOTAL - 1) : driver.hist_last_saved

  commands = ''
  while start_pos <= end_pos
    # Formats command position in history to 6 characters in length
    commands += "#{'%-6.6s' % start_pos.to_s} #{Readline::HISTORY[start_pos]}\n"
    start_pos += 1
  end

  build_section(
    'History',
    'The following commands were ran during the session and before this issue occurred:',
    commands
  )
rescue StandardError => e
  build_section(
    'History',
    ERROR_BLURB,
    section_build_error('Failed to extract History', e)
  )
end

.issue_link ⇒ `Object`



92
93
94

# File 'lib/msf/ui/debug.rb', line 92

def self.issue_link
  return ISSUE_LINK.dup
end

.logs ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 261

def self.logs
  logs = build_file_section(Pathname.new(Msf::Config.log_directory).join('framework.log'),
                                             FRAMEWORK_LOG_LINE_TOTAL,
                                            'Framework Logs',
                                            'The following framework logs were recorded before the issue occurred:')

  logs += build_file_section(Pathname.new(Msf::Config.log_directory).join('msf-ws.log'),
                                               WEB_SERVICE_LOG_LINE_TOTAL,
                                              'Web Service Logs',
                                              'The following web service logs were recorded before the issue occurred:')
  logs
end

.preamble ⇒ `Object`



96
97
98

# File 'lib/msf/ui/debug.rb', line 96

def self.preamble
  return PREAMBLE.dup
end

.versions(framework) ⇒ `Object`

# File 'lib/msf/ui/debug.rb', line 274

def self.versions(framework)

  str = <<~VERSIONS
    Framework: #{framework.version}
    Ruby: #{RUBY_DESCRIPTION}
    OpenSSL: #{OpenSSL::OPENSSL_VERSION}
    Install Root: #{Msf::Config.install_root}
    Session Type: #{db_connection_info(framework)}
    Install Method: #{installation_method}
  VERSIONS

  build_section('Version/Install', 'The versions and install method of your Metasploit setup:', str)
rescue StandardError => e
  build_section(
    'Version/Install',
    ERROR_BLURB,
    section_build_error('Failed to extract Versions', e)
  )
end

Module: Msf::Ui::Debug

Overview

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.all(framework, driver) ⇒ Object

.database_configuration(framework) ⇒ Object

.datastore(framework, driver) ⇒ Object

.errors ⇒ Object

.framework_config(framework) ⇒ Object

.history(driver) ⇒ Object

.issue_link ⇒ Object

.logs ⇒ Object

.preamble ⇒ Object

.versions(framework) ⇒ Object