mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-11-05 14:57:30 +01:00
Fix up SSL behavior (correctly, this time). Update the msfrpc tools to support the new MessagePack code, fix various defaults in the plugin. Fixes #5116
git-svn-id: file:///home/svn/framework3/trunk@13416 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
fae9f52090
commit
7f758e42e8
@ -60,7 +60,10 @@ class Service
|
||||
Rex::Proto::Http::Server,
|
||||
self.srvport,
|
||||
self.srvhost,
|
||||
{}
|
||||
self.options[:ssl],
|
||||
self.options[:context],
|
||||
self.options[:comm],
|
||||
self.options[:cert]
|
||||
)
|
||||
|
||||
self.service.add_resource(self.uri, {
|
||||
|
@ -58,8 +58,7 @@ module Rex::Socket::SslTcpServer
|
||||
begin
|
||||
ssl = OpenSSL::SSL::SSLSocket.new(sock, self.sslctx)
|
||||
|
||||
|
||||
if not allow_nonblock?
|
||||
if not allow_nonblock?(ssl)
|
||||
ssl.accept
|
||||
else
|
||||
begin
|
||||
@ -160,8 +159,8 @@ module Rex::Socket::SslTcpServer
|
||||
# API calls when they are available. This is still buggy on
|
||||
# Linux/Mac OS X, but is required on Windows
|
||||
#
|
||||
def allow_nonblock?
|
||||
avail = self.sock.respond_to?(:accept_nonblock)
|
||||
def allow_nonblock?(sock=self.sock)
|
||||
avail = sock.respond_to?(:accept_nonblock)
|
||||
if avail and Rex::Compat.is_windows
|
||||
return true
|
||||
end
|
||||
|
16
msfrpc
16
msfrpc
@ -24,14 +24,16 @@ arguments = Rex::Parser::Arguments.new(
|
||||
"-p" => [ true, "Connect to the specified port instead of 55553" ],
|
||||
"-U" => [ true, "Specify the username to access msfrpcd" ],
|
||||
"-P" => [ true, "Specify the password to access msfrpcd" ],
|
||||
"-S" => [ false, "Disable SSL on the XMLRPC socket" ],
|
||||
"-t" => [ true, "Type of RPC daemon, [XML|Msg]" ],
|
||||
"-S" => [ false, "Disable SSL on the RPC socket" ],
|
||||
"-h" => [ false, "Help banner" ]
|
||||
)
|
||||
|
||||
opts = {
|
||||
'User' => 'msf',
|
||||
'SSL' => true,
|
||||
'ServerPort' => 55553
|
||||
'ServerPort' => 55553,
|
||||
'Type' => 'Xml'
|
||||
}
|
||||
|
||||
# Parse command line arguments.
|
||||
@ -47,6 +49,8 @@ arguments.parse(ARGV) { |opt, idx, val|
|
||||
opts['User'] = val
|
||||
when '-P'
|
||||
opts['Pass'] = val
|
||||
when '-t'
|
||||
opts['Type'] = (val =~ /xml/i) ? 'XML' : 'Msg'
|
||||
when "-h"
|
||||
print("\nUsage: #{File.basename(__FILE__)} <options>\n" + arguments.usage)
|
||||
exit
|
||||
@ -68,8 +72,11 @@ end
|
||||
|
||||
$0 = "msfrpc"
|
||||
|
||||
|
||||
require 'msf/core/rpc'
|
||||
if opts['Type'] == 'Msg'
|
||||
require 'msf/core/rpc/v10/client'
|
||||
else
|
||||
require 'msf/core/rpc/client'
|
||||
end
|
||||
require 'rex/ui'
|
||||
|
||||
rpc = Msf::RPC::Client.new(
|
||||
@ -87,3 +94,4 @@ while(ARGV.shift)
|
||||
end
|
||||
|
||||
Rex::Ui::Text::IrbShell.new(binding).run
|
||||
|
||||
|
17
msfrpcd
17
msfrpcd
@ -3,7 +3,7 @@
|
||||
# $Id$
|
||||
#
|
||||
# This user interface listens on a port and provides clients that connect to
|
||||
# it with an XMLRPC interface to the Metasploit Framework.
|
||||
# it with an RPC interface to the Metasploit Framework.
|
||||
#
|
||||
# $Revision$
|
||||
#
|
||||
@ -24,9 +24,9 @@ arguments = Rex::Parser::Arguments.new(
|
||||
"-p" => [ true, "Bind to this port instead of 55553" ],
|
||||
"-U" => [ true, "Specify the username to access msfrpcd" ],
|
||||
"-P" => [ true, "Specify the password to access msfrpcd" ],
|
||||
"-t" => [ true, "Server type, [Basic|Web]" ],
|
||||
"-t" => [ true, "Server type, [Basic|Web|Msg]" ],
|
||||
"-u" => [ true, "URI for Web server" ],
|
||||
"-S" => [ false, "Disable SSL on the XMLRPC socket" ],
|
||||
"-S" => [ false, "Disable SSL on the RPC socket" ],
|
||||
"-f" => [ false, "Run the daemon in the foreground" ],
|
||||
"-n" => [ false, "Disable database" ],
|
||||
"-h" => [ false, "Help banner" ])
|
||||
@ -77,7 +77,10 @@ end
|
||||
|
||||
$0 = "msfrpcd"
|
||||
|
||||
$stderr.puts "[*] XMLRPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"}):#{opts['ServerType']}..."
|
||||
rpctype = 'XML'
|
||||
rpctype = 'MSG' if opts['ServerType'].downcase == 'msg'
|
||||
|
||||
$stderr.puts "[*] #{rpctype}RPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"}):#{opts['ServerType']}..."
|
||||
|
||||
$stderr.puts "[*] URI: #{opts['URI']}" if(opts['URI'])
|
||||
|
||||
@ -88,9 +91,9 @@ require 'msf/ui'
|
||||
# Fork into the background if requested
|
||||
begin
|
||||
if foreground
|
||||
$stdout.puts "[*] XMLRPC ready at #{Time.now}."
|
||||
$stdout.puts "[*] #{rpctype}RPC ready at #{Time.now}."
|
||||
else
|
||||
$stderr.puts "[*] XMLRPC backgrounding at #{Time.now}..."
|
||||
$stderr.puts "[*] #{rpctype}RPC backgrounding at #{Time.now}..."
|
||||
exit(0) if Process.fork()
|
||||
end
|
||||
rescue ::NotImplementedError
|
||||
@ -104,7 +107,7 @@ $framework.db.sink.restart if RUBY_PLATFORM !~ /cygwin/ and not frameworkOpts['D
|
||||
|
||||
# Run the plugin instance in the foreground.
|
||||
begin
|
||||
$framework.plugins.load('xmlrpc', opts).run
|
||||
$framework.plugins.load("#{rpctype.downcase}rpc", opts).run
|
||||
rescue ::Interrupt
|
||||
$stderr.puts "[*] Shutting down"
|
||||
end
|
||||
|
@ -45,11 +45,9 @@ class Plugin::MSGRPC < Msf::Plugin
|
||||
port = opts['ServerPort'] || DefaultPort
|
||||
ssl = (opts['SSL'] and opts['SSL'].to_s =~ /^[ty]/i) ? true : false
|
||||
cert = opts['SSLCert']
|
||||
ckey = opts['SSLKey']
|
||||
|
||||
user = opts['User'] || "msf"
|
||||
pass = opts['Pass'] || ::Rex::Text.rand_text_alphanumeric(8)
|
||||
type = opts['ServerType'] || "Basic"
|
||||
uri = opts['URI'] || "/api"
|
||||
|
||||
print_status("MSGRPC Service: #{host}:#{port} #{ssl ? " (SSL)" : ""}")
|
||||
@ -57,13 +55,14 @@ class Plugin::MSGRPC < Msf::Plugin
|
||||
print_status("MSGRPC Password: #{pass}")
|
||||
|
||||
self.server = ::Msf::RPC::Service.new(framework, {
|
||||
:host => opts['ServerHost'],
|
||||
:port => opts['ServerPort'],
|
||||
:ssl => opts['SSL'],
|
||||
:cert => opts['SSLCert'],
|
||||
:uri => opts['URI']
|
||||
:host => host,
|
||||
:port => port,
|
||||
:ssl => ssl,
|
||||
:cert => cert,
|
||||
:uri => uri,
|
||||
:tokens => { }
|
||||
})
|
||||
|
||||
|
||||
self.server.add_user(user, pass)
|
||||
|
||||
# If the run in foreground flag is not specified, then go ahead and fire
|
||||
@ -72,6 +71,7 @@ class Plugin::MSGRPC < Msf::Plugin
|
||||
# Store a handle to the thread so we can kill it during
|
||||
# cleanup when we get unloaded.
|
||||
self.thread = Thread.new { run }
|
||||
framework.threads.register(self.thread, "MetasploitRPCServer", true)
|
||||
end
|
||||
end
|
||||
|
||||
@ -95,7 +95,10 @@ class Plugin::MSGRPC < Msf::Plugin
|
||||
def run
|
||||
# Start the actual service
|
||||
self.server.start
|
||||
|
||||
|
||||
# Register
|
||||
framework.threads.register(Thread.current, "MetasploitRPCServer", true)
|
||||
|
||||
# Wait for the service to complete
|
||||
self.server.wait
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user