Class: Metasploit::Aggregator::ConnectionManager
- Inherits:
-
Object
- Object
- Metasploit::Aggregator::ConnectionManager
- Includes:
- Singleton
- Defined in:
- lib/metasploit/aggregator/connection_manager.rb
Class Method Summary collapse
Instance Method Summary collapse
- #add_cable_http(host, port) ⇒ Object
- #add_cable_https(host, port, certificate) ⇒ Object
- #cables ⇒ Object
- #connect_cable(server, host, port, forwarder) ⇒ Object
- #connection_details(payload) ⇒ Object
- #connections ⇒ Object
-
#initialize ⇒ ConnectionManager
constructor
A new instance of ConnectionManager.
- #park(payload) ⇒ Object
- #register_forward(uuid, payload_list = nil) ⇒ Object
- #remove_cable(host, port) ⇒ Object
- #stop ⇒ Object
Constructor Details
#initialize ⇒ ConnectionManager
Returns a new instance of ConnectionManager.
16 17 18 19 20 21 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 16 def initialize @cables = [] @manager_mutex = Mutex.new @router = Router.instance @details_cache = SessionDetailService.instance end |
Class Method Details
.ssl_generate_certificate ⇒ Object
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 23 def self.ssl_generate_certificate yr = 24*3600*365 vf = Time.at(Time.now.to_i - rand(yr * 3) - yr) vt = Time.at(vf.to_i + (10 * yr)) cn = 'localhost' key = OpenSSL::PKey::RSA.new(2048){ } cert = OpenSSL::X509::Certificate.new cert.version = 2 cert.serial = (rand(0xFFFFFFFF) << 32) + rand(0xFFFFFFFF) cert.subject = OpenSSL::X509::Name.new([["CN", cn]]) cert.issuer = OpenSSL::X509::Name.new([["CN", cn]]) cert.not_before = vf cert.not_after = vt cert.public_key = key.public_key ef = OpenSSL::X509::ExtensionFactory.new(nil,cert) cert.extensions = [ ef.create_extension("basicConstraints","CA:FALSE") ] ef.issuer_certificate = cert cert.sign(key, OpenSSL::Digest::SHA256.new) [key, cert, nil] end |
Instance Method Details
#add_cable_http(host, port) ⇒ Object
83 84 85 86 87 88 89 90 91 92 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 83 def add_cable_http(host, port) @manager_mutex.synchronize do forwarder = Metasploit::Aggregator::HttpForwarder.new forwarder. = true server = TCPServer.new(host, port) handler = connect_cable(server, host, port, forwarder) @cables << Cable.new(handler, server, forwarder) end end |
#add_cable_https(host, port, certificate) ⇒ Object
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 64 def add_cable_https(host, port, certificate) @manager_mutex.synchronize do forwarder = Metasploit::Aggregator::HttpsForwarder.new forwarder. = true server = TCPServer.new(host, port) ssl_context = OpenSSL::SSL::SSLContext.new unless certificate.nil? ssl_context.key, ssl_context.cert = ssl_parse_certificate(certificate) else ssl_context.key, ssl_context.cert = Metasploit::Aggregator::ConnectionManager.ssl_generate_certificate end ssl_server = OpenSSL::SSL::SSLServer.new(server, ssl_context) handler = connect_cable(ssl_server, host, port, forwarder) @cables << Cable.new(handler, server, forwarder) handler end end |
#cables ⇒ Object
129 130 131 132 133 134 135 136 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 129 def cables local_cables = [] @cables.each do |cable| addr = cable.server.local_address local_cables << addr.ip_address + ':' + addr.ip_port.to_s end local_cables end |
#connect_cable(server, host, port, forwarder) ⇒ Object
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 138 def connect_cable(server, host, port, forwarder) Logger.log "Listening on port #{host}:#{port}" handler = Thread.new do begin loop do Logger.log "waiting for connection on #{host}:#{port}" connection = server.accept Logger.log "got connection on #{host}:#{port}" Thread.new do begin forwarder.forward(connection) rescue Logger.log $! end Logger.log "completed connection on #{host}:#{port}" end end end end handler end |
#connection_details(payload) ⇒ Object
112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 112 def connection_details(payload) detail_map = {} details = @details_cache.session_details(payload) unless details.nil? details.each_pair do |key, value| detail_map[key] = value.to_s end end @cables.each do |cable| next unless cable.forwarder.connections.include?(payload) # TODO: improve how time is exposed for live connections time = cable.forwarder.connection_info(payload)['TIME'] detail_map['LAST_SEEN'] = (Time.now - time).to_s unless time.nil? end detail_map end |
#connections ⇒ Object
104 105 106 107 108 109 110 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 104 def connections connections = {} @cables.each do |cable| connections = connections.merge cable.forwarder.connections end connections end |
#park(payload) ⇒ Object
187 188 189 190 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 187 def park(payload) @router.add_route(nil, payload) Logger.log "parking #{payload}" end |
#register_forward(uuid, payload_list = nil) ⇒ Object
94 95 96 97 98 99 100 101 102 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 94 def register_forward(uuid, payload_list = nil) if payload_list.nil? @router.add_route(uuid, nil) else payload_list.each do |payload| @router.add_route(uuid, payload) end end end |
#remove_cable(host, port) ⇒ Object
161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 161 def remove_cable(host, port) @manager_mutex.synchronize do closed_servers = [] @cables.each do |cable| addr = cable.server.local_address if addr.ip_address == host && addr.ip_port == port.to_i cable.server.close cable.thread.exit closed_servers << cable end end @cables -= closed_servers end return true end |
#stop ⇒ Object
178 179 180 181 182 183 184 185 |
# File 'lib/metasploit/aggregator/connection_manager.rb', line 178 def stop @manager_mutex.synchronize do @cables.each do |listener| listener.server.close listener.thread.exit end end end |