Class: Msf::FrameworkEventSubscriber
- Inherits:
-
Object
- Object
- Msf::FrameworkEventSubscriber
- Defined in:
- lib/msf/core/framework.rb
Instance Attribute Summary
Attributes included from Msf::Framework::Offspring
Instance Method Summary collapse
-
#initialize(framework) ⇒ FrameworkEventSubscriber
constructor
A new instance of FrameworkEventSubscriber.
-
#module_event(name, instance, opts = {}) ⇒ Object
Generic handler for module events.
-
#on_module_complete(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors.
-
#on_module_error(instance, exception = nil) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors.
-
#on_module_run(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors.
-
#on_session_close(session, reason = '') ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_command(session, command) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_download(session, rpath, lpath) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_module_run(session, mod) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_open(session) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_output(session, output) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_route(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_route_remove(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_script_run(session, script) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_upload(session, lpath, rpath) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_ui_command(command) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors.
-
#on_ui_start(rev) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors.
-
#on_ui_stop ⇒ Object
:category: ::Msf::UiEventSubscriber implementors.
- #report_event(data) ⇒ Object
-
#session_event(name, session, opts = {}) ⇒ Object
Generic handler for session events.
Methods included from SessionEvent
#on_session_filedelete, #on_session_interact
Methods included from GeneralEventSubscriber
#on_module_created, #on_module_load
Constructor Details
#initialize(framework) ⇒ FrameworkEventSubscriber
Returns a new instance of FrameworkEventSubscriber.
296 297 298 |
# File 'lib/msf/core/framework.rb', line 296 def initialize(framework) self.framework = framework end |
Instance Method Details
#module_event(name, instance, opts = {}) ⇒ Object
Generic handler for module events
311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 |
# File 'lib/msf/core/framework.rb', line 311 def module_event(name, instance, opts={}) if framework.db.active event = { :workspace => framework.db.find_workspace(instance.workspace), :name => name, :username => instance.owner, :info => { :module_name => instance.fullname, :module_uuid => instance.uuid }.merge(opts) } report_event(event) end end |
#on_module_complete(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors
336 337 338 |
# File 'lib/msf/core/framework.rb', line 336 def on_module_complete(instance) module_event('module_complete', instance) end |
#on_module_error(instance, exception = nil) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors
342 343 344 |
# File 'lib/msf/core/framework.rb', line 342 def on_module_error(instance, exception=nil) module_event('module_error', instance, :exception => exception.to_s) end |
#on_module_run(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors
329 330 331 332 |
# File 'lib/msf/core/framework.rb', line 329 def on_module_run(instance) opts = { :datastore => instance.datastore.to_h } module_event('module_run', instance, opts) end |
#on_session_close(session, reason = '') ⇒ Object
:category: ::Msf::SessionEvent implementors
451 452 453 454 455 456 457 458 459 |
# File 'lib/msf/core/framework.rb', line 451 def on_session_close(session, reason='') session_event('session_close', session) if session.db_record # Don't bother saving here, the session's cleanup method will take # care of that later. session.db_record.close_reason = reason session.db_record.closed_at = Time.now.utc end end |
#on_session_command(session, command) ⇒ Object
:category: ::Msf::SessionEvent implementors
467 468 469 470 471 472 473 474 |
# File 'lib/msf/core/framework.rb', line 467 def on_session_command(session, command) session_event('session_command', session, :command => command) framework.db.report_session_event({ :etype => 'command', :session => session, :command => command }) end |
#on_session_download(session, rpath, lpath) ⇒ Object
:category: ::Msf::SessionEvent implementors
439 440 441 442 443 444 445 446 447 |
# File 'lib/msf/core/framework.rb', line 439 def on_session_download(session, rpath, lpath) session_event('session_download', session, :local_path => lpath, :remote_path => rpath) framework.db.report_session_event({ :etype => 'download', :session => session, :local_path => lpath, :remote_path => rpath }) end |
#on_session_module_run(session, mod) ⇒ Object
:category: ::Msf::SessionEvent implementors
523 524 525 526 527 528 529 |
# File 'lib/msf/core/framework.rb', line 523 def on_session_module_run(session, mod) framework.db.report_session_event({ :etype => 'module_run', :session => session, :local_path => mod.fullname }) end |
#on_session_open(session) ⇒ Object
:category: ::Msf::SessionEvent implementors
420 421 422 423 424 |
# File 'lib/msf/core/framework.rb', line 420 def on_session_open(session) opts = { :datastore => session.exploit_datastore.to_h, :critical => true } session_event('session_open', session, opts) framework.db.report_session(:session => session) end |
#on_session_output(session, output) ⇒ Object
:category: ::Msf::SessionEvent implementors
478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 |
# File 'lib/msf/core/framework.rb', line 478 def on_session_output(session, output) # Break up the output into chunks that will fit into the database. buff = output.dup chunks = [] if buff.length > 1024 while buff.length > 0 chunks << buff.slice!(0,1024) end else chunks << buff end chunks.each { |chunk| session_event('session_output', session, :output => chunk) framework.db.report_session_event({ :etype => 'output', :session => session, :output => chunk }) } end |
#on_session_route(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors
501 502 503 |
# File 'lib/msf/core/framework.rb', line 501 def on_session_route(session, route) framework.db.report_session_route({session: session, route: route}) end |
#on_session_route_remove(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors
507 508 509 |
# File 'lib/msf/core/framework.rb', line 507 def on_session_route_remove(session, route) framework.db.report_session_route_remove({session: session, route: route}) end |
#on_session_script_run(session, script) ⇒ Object
:category: ::Msf::SessionEvent implementors
513 514 515 516 517 518 519 |
# File 'lib/msf/core/framework.rb', line 513 def on_session_script_run(session, script) framework.db.report_session_event({ :etype => 'script_run', :session => session, :local_path => script }) end |
#on_session_upload(session, lpath, rpath) ⇒ Object
:category: ::Msf::SessionEvent implementors
428 429 430 431 432 433 434 435 436 |
# File 'lib/msf/core/framework.rb', line 428 def on_session_upload(session, lpath, rpath) session_event('session_upload', session, :local_path => lpath, :remote_path => rpath) framework.db.report_session_event({ :etype => 'upload', :session => session, :local_path => lpath, :remote_path => rpath }) end |
#on_ui_command(command) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors
349 350 351 352 353 |
# File 'lib/msf/core/framework.rb', line 349 def on_ui_command(command) if (framework.db and framework.db.active) report_event(:name => "ui_command", :info => {:command => command}) end end |
#on_ui_start(rev) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors
365 366 367 368 369 370 371 372 373 |
# File 'lib/msf/core/framework.rb', line 365 def on_ui_start(rev) # # The database is not active at startup time unless msfconsole was # started with a database.yml, so this event won't always be saved to # the db. Not great, but best we can do. # info = { :revision => rev } report_event(:name => "ui_start", :info => info) end |
#on_ui_stop ⇒ Object
:category: ::Msf::UiEventSubscriber implementors
357 358 359 360 361 |
# File 'lib/msf/core/framework.rb', line 357 def on_ui_stop() if (framework.db and framework.db.active) report_event(:name => "ui_stop") end end |
#report_event(data) ⇒ Object
300 301 302 303 304 |
# File 'lib/msf/core/framework.rb', line 300 def report_event(data) if framework.db.active framework.db.report_event(data) end end |
#session_event(name, session, opts = {}) ⇒ Object
Generic handler for session events
381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 |
# File 'lib/msf/core/framework.rb', line 381 def session_event(name, session, opts={}) address = session.session_host if not (address and address.length > 0) elog("Session with no session_host/target_host/tunnel_peer. Session Info: #{session.inspect}") return end if framework.db.active ws = framework.db.find_workspace(session.workspace) opts.each_key do |attr| opts[attr].force_encoding('UTF-8') if opts[attr].is_a?(String) end event = { :workspace => ws, :username => session.username, :name => name, :host => address, :info => { :session_id => session.sid, :session_info => session.info, :session_uuid => session.uuid, :session_type => session.type, :username => session.username, :target_host => address, :via_exploit => session.via_exploit, :via_payload => session.via_payload, :tunnel_peer => session.tunnel_peer, :exploit_uuid => session.exploit_uuid }.merge(opts) } report_event(event) end end |