Class: Rex::Post::Meterpreter::Extensions::Stdapi::Net::SocketSubsystem::TcpClientChannel

Inherits:
Stream
  • Object
show all
Defined in:
lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb

Overview

This class represents a logical TCP client connection that is established from the remote machine and tunnelled through the established meterpreter connection, similar to an SSH port forward.

Instance Attribute Summary

Attributes inherited from Channel

#cid, #client, #cls, #flags, #params, #type

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Stream

cls

Methods included from SocketAbstraction

#_write, #cleanup, #dio_close_handler, #dio_write_handler

Methods inherited from Channel

_close, #_close, #_read, #_write, #cleanup, #close, #close_read, #closed?, create, #dio_close_handler, #dio_handler, #dio_map, #dio_read_handler, #dio_write_handler, finalize, #flag?, #interactive, #read, request_handler, #synchronous?, #write

Methods included from InboundPacketHandler

#request_handler, #response_handler

Constructor Details

#initialize(client, cid, type, flags, packet, sock_params: nil) ⇒ TcpClientChannel

Passes the channel initialization information up to the base class.



72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb', line 72

def initialize(client, cid, type, flags, packet, sock_params: nil)
  super(client, cid, type, flags, packet)

  lsock.extend(SocketInterface)
  lsock.extend(DirectChannelWrite)
  lsock.channel = self

  rsock.extend(SocketInterface)
  rsock.channel = self

  unless sock_params.nil?
    @params = sock_params.merge(Socket.parameters_from_response(packet))
    lsock.extend(Rex::Socket::SslTcp) if sock_params.ssl
  end

  # synchronize access so the socket isn't closed while initializing, this is particularly important for SSL
  lsock.synchronize_access { lsock.initsock(@params) }
  rsock.synchronize_access { rsock.initsock(@params) }
end

Class Method Details

.open(client, params) ⇒ Object

Opens a TCP client channel using the supplied parameters.



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb', line 35

def TcpClientChannel.open(client, params)
  Channel.create(client, 'stdapi_net_tcp_client', self, CHANNEL_FLAG_SYNCHRONOUS,
    [
      {
        'type'  => TLV_TYPE_PEER_HOST,
        'value' => params.peerhost
      },
      {
        'type'  => TLV_TYPE_PEER_PORT,
        'value' => params.peerport
      },
      {
        'type'  => TLV_TYPE_LOCAL_HOST,
        'value' => params.localhost
      },
      {
        'type'  => TLV_TYPE_LOCAL_PORT,
        'value' => params.localport
      },
      {
        'type'  => TLV_TYPE_CONNECT_RETRIES,
        'value' => params.retries
      }
    ],
    sock_params: params
  )
end

Instance Method Details

#close_writeObject

Closes the write half of the connection.



95
96
97
 
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb', line 95

def close_write
  return shutdown(1)
end

#shutdown(how = 1) ⇒ Object

Shutdown the connection

0 -> future reads 1 -> future sends 2 -> both



106
107
108
109
110
111
112
113
114
115
116
117
 
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb', line 106

def shutdown(how = 1)
  return false if self.cid.nil?

  request = Packet.create_request(COMMAND_ID_STDAPI_NET_SOCKET_TCP_SHUTDOWN)

  request.add_tlv(TLV_TYPE_SHUTDOWN_HOW, how)
  request.add_tlv(TLV_TYPE_CHANNEL_ID, self.cid)

  client.send_request(request)

  return true
end