1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-05 14:57:30 +01:00

Fix up SSL behavior (correctly, this time). Update the msfrpc tools to support the new MessagePack code, fix various defaults in the plugin. Fixes #5116

git-svn-id: file:///home/svn/framework3/trunk@13416 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
HD Moore 2011-07-29 23:58:05 +00:00
parent fae9f52090
commit 7f758e42e8
5 changed files with 41 additions and 25 deletions

View File

@ -60,7 +60,10 @@ class Service
Rex::Proto::Http::Server,
self.srvport,
self.srvhost,
{}
self.options[:ssl],
self.options[:context],
self.options[:comm],
self.options[:cert]
)
self.service.add_resource(self.uri, {

View File

@ -58,8 +58,7 @@ module Rex::Socket::SslTcpServer
begin
ssl = OpenSSL::SSL::SSLSocket.new(sock, self.sslctx)
if not allow_nonblock?
if not allow_nonblock?(ssl)
ssl.accept
else
begin
@ -160,8 +159,8 @@ module Rex::Socket::SslTcpServer
# API calls when they are available. This is still buggy on
# Linux/Mac OS X, but is required on Windows
#
def allow_nonblock?
avail = self.sock.respond_to?(:accept_nonblock)
def allow_nonblock?(sock=self.sock)
avail = sock.respond_to?(:accept_nonblock)
if avail and Rex::Compat.is_windows
return true
end

16
msfrpc
View File

@ -24,14 +24,16 @@ arguments = Rex::Parser::Arguments.new(
"-p" => [ true, "Connect to the specified port instead of 55553" ],
"-U" => [ true, "Specify the username to access msfrpcd" ],
"-P" => [ true, "Specify the password to access msfrpcd" ],
"-S" => [ false, "Disable SSL on the XMLRPC socket" ],
"-t" => [ true, "Type of RPC daemon, [XML|Msg]" ],
"-S" => [ false, "Disable SSL on the RPC socket" ],
"-h" => [ false, "Help banner" ]
)
opts = {
'User' => 'msf',
'SSL' => true,
'ServerPort' => 55553
'ServerPort' => 55553,
'Type' => 'Xml'
}
# Parse command line arguments.
@ -47,6 +49,8 @@ arguments.parse(ARGV) { |opt, idx, val|
opts['User'] = val
when '-P'
opts['Pass'] = val
when '-t'
opts['Type'] = (val =~ /xml/i) ? 'XML' : 'Msg'
when "-h"
print("\nUsage: #{File.basename(__FILE__)} <options>\n" + arguments.usage)
exit
@ -68,8 +72,11 @@ end
$0 = "msfrpc"
require 'msf/core/rpc'
if opts['Type'] == 'Msg'
require 'msf/core/rpc/v10/client'
else
require 'msf/core/rpc/client'
end
require 'rex/ui'
rpc = Msf::RPC::Client.new(
@ -87,3 +94,4 @@ while(ARGV.shift)
end
Rex::Ui::Text::IrbShell.new(binding).run

17
msfrpcd
View File

@ -3,7 +3,7 @@
# $Id$
#
# This user interface listens on a port and provides clients that connect to
# it with an XMLRPC interface to the Metasploit Framework.
# it with an RPC interface to the Metasploit Framework.
#
# $Revision$
#
@ -24,9 +24,9 @@ arguments = Rex::Parser::Arguments.new(
"-p" => [ true, "Bind to this port instead of 55553" ],
"-U" => [ true, "Specify the username to access msfrpcd" ],
"-P" => [ true, "Specify the password to access msfrpcd" ],
"-t" => [ true, "Server type, [Basic|Web]" ],
"-t" => [ true, "Server type, [Basic|Web|Msg]" ],
"-u" => [ true, "URI for Web server" ],
"-S" => [ false, "Disable SSL on the XMLRPC socket" ],
"-S" => [ false, "Disable SSL on the RPC socket" ],
"-f" => [ false, "Run the daemon in the foreground" ],
"-n" => [ false, "Disable database" ],
"-h" => [ false, "Help banner" ])
@ -77,7 +77,10 @@ end
$0 = "msfrpcd"
$stderr.puts "[*] XMLRPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"}):#{opts['ServerType']}..."
rpctype = 'XML'
rpctype = 'MSG' if opts['ServerType'].downcase == 'msg'
$stderr.puts "[*] #{rpctype}RPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"}):#{opts['ServerType']}..."
$stderr.puts "[*] URI: #{opts['URI']}" if(opts['URI'])
@ -88,9 +91,9 @@ require 'msf/ui'
# Fork into the background if requested
begin
if foreground
$stdout.puts "[*] XMLRPC ready at #{Time.now}."
$stdout.puts "[*] #{rpctype}RPC ready at #{Time.now}."
else
$stderr.puts "[*] XMLRPC backgrounding at #{Time.now}..."
$stderr.puts "[*] #{rpctype}RPC backgrounding at #{Time.now}..."
exit(0) if Process.fork()
end
rescue ::NotImplementedError
@ -104,7 +107,7 @@ $framework.db.sink.restart if RUBY_PLATFORM !~ /cygwin/ and not frameworkOpts['D
# Run the plugin instance in the foreground.
begin
$framework.plugins.load('xmlrpc', opts).run
$framework.plugins.load("#{rpctype.downcase}rpc", opts).run
rescue ::Interrupt
$stderr.puts "[*] Shutting down"
end

View File

@ -45,11 +45,9 @@ class Plugin::MSGRPC < Msf::Plugin
port = opts['ServerPort'] || DefaultPort
ssl = (opts['SSL'] and opts['SSL'].to_s =~ /^[ty]/i) ? true : false
cert = opts['SSLCert']
ckey = opts['SSLKey']
user = opts['User'] || "msf"
pass = opts['Pass'] || ::Rex::Text.rand_text_alphanumeric(8)
type = opts['ServerType'] || "Basic"
uri = opts['URI'] || "/api"
print_status("MSGRPC Service: #{host}:#{port} #{ssl ? " (SSL)" : ""}")
@ -57,13 +55,14 @@ class Plugin::MSGRPC < Msf::Plugin
print_status("MSGRPC Password: #{pass}")
self.server = ::Msf::RPC::Service.new(framework, {
:host => opts['ServerHost'],
:port => opts['ServerPort'],
:ssl => opts['SSL'],
:cert => opts['SSLCert'],
:uri => opts['URI']
:host => host,
:port => port,
:ssl => ssl,
:cert => cert,
:uri => uri,
:tokens => { }
})
self.server.add_user(user, pass)
# If the run in foreground flag is not specified, then go ahead and fire
@ -72,6 +71,7 @@ class Plugin::MSGRPC < Msf::Plugin
# Store a handle to the thread so we can kill it during
# cleanup when we get unloaded.
self.thread = Thread.new { run }
framework.threads.register(self.thread, "MetasploitRPCServer", true)
end
end
@ -95,7 +95,10 @@ class Plugin::MSGRPC < Msf::Plugin
def run
# Start the actual service
self.server.start
# Register
framework.threads.register(Thread.current, "MetasploitRPCServer", true)
# Wait for the service to complete
self.server.wait
end