Class: Metasploit::Aggregator::SessionDetailService
- Inherits:
-
Object
- Object
- Metasploit::Aggregator::SessionDetailService
- Includes:
- Singleton
- Defined in:
- lib/metasploit/aggregator/session_detail_service.rb
Instance Method Summary collapse
- #add_request(request, payload) ⇒ Object
- #eval_tlv_enc(request) ⇒ Object
-
#initialize ⇒ SessionDetailService
constructor
A new instance of SessionDetailService.
- #process_tlv ⇒ Object
- #session_details(payload) ⇒ Object
Constructor Details
#initialize ⇒ SessionDetailService
Returns a new instance of SessionDetailService.
12 13 14 15 16 17 18 |
# File 'lib/metasploit/aggregator/session_detail_service.rb', line 12 def initialize @mutex = Mutex.new @tlv_queue = Queue.new @thread = create_processor @payloads_count = 0; @detail_cache = {} end |
Instance Method Details
#add_request(request, payload) ⇒ Object
20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/metasploit/aggregator/session_detail_service.rb', line 20 def add_request(request, payload) @mutex.synchronize do @tlv_queue << [ request, payload ] end begin if @detail_cache[payload] && @detail_cache[payload]['REMOTE_SOCKET'].nil? && request.socket @detail_cache[payload]['REMOTE_SOCKET'] = "#{request.socket.peeraddr[3]}:#{request.socket.peeraddr[1]}" @detail_cache[payload]['LOCAL_SOCKET'] = "#{request.socket.addr[3]}:#{request.socket.addr[1]}" end rescue Exception Logger.log "error retrieving socket details" end end |
#eval_tlv_enc(request) ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/metasploit/aggregator/session_detail_service.rb', line 38 def eval_tlv_enc(request) # this is really expensive as we have to process every # piece of information presented from the console to eval for enc requests response = nil begin if request.body && request.body.length > 0 packet = Metasploit::Aggregator::Tlv::Packet.new(0) packet.add_raw(request.body) packet.from_r if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_METHOD) packet_val = packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_METHOD) if packet_val == "core_negotiate_tlv_encryption" response = Metasploit::Aggregator::Tlv::Packet.create_response(packet) response.add_tlv(Metasploit::Aggregator::Tlv::TLV_TYPE_RESULT, 0) response end end end rescue Exception # any exception return nil Logger.log "error evaluating tlv packet" response = nil end response end |
#process_tlv ⇒ Object
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
# File 'lib/metasploit/aggregator/session_detail_service.rb', line 64 def process_tlv while true begin request, payload = @tlv_queue.pop if request.body && request.body.length > 0 packet = Metasploit::Aggregator::Tlv::Packet.new(0) packet.add_raw(request.body) packet.from_r unless @detail_cache[payload] @detail_cache[payload] = { 'ID' => (@payloads_count += 1) } end if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_UUID) args = { :raw => packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_UUID) } @detail_cache[payload]['UUID'] = Metasploit::Aggregator::Tlv::UUID.new(args) end if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_MACHINE_ID) machine_id = packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_MACHINE_ID) @detail_cache[payload]['MachineID'] = Digest::MD5.hexdigest(machine_id.downcase.strip) _user, computer_name = machine_id.split(":") unless computer_name.nil? @detail_cache[payload]['HOSTNAME'] = computer_name end end if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_USER_NAME) @detail_cache[payload]['USER'] = packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_USER_NAME) end if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_COMPUTER_NAME) @detail_cache[payload]['HOSTNAME'] = packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_COMPUTER_NAME) end if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_OS_NAME) @detail_cache[payload]['OS'] = packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_OS_NAME) end # remove sessions that get shutdown if packet.has_tlv?(Metasploit::Aggregator::Tlv::TLV_TYPE_METHOD) packet_val = packet.get_tlv_value(Metasploit::Aggregator::Tlv::TLV_TYPE_METHOD) if packet_val == "core_shutdown" @detail_cache.delete(payload) end end end rescue Exception Logger.log "error processing tlv for session details" end end end |
#session_details(payload) ⇒ Object
34 35 36 |
# File 'lib/metasploit/aggregator/session_detail_service.rb', line 34 def session_details(payload) @detail_cache[payload] end |