Module: Msf::Session
- Includes:
- Framework::Offspring
- Defined in:
- lib/msf/core/session.rb,
lib/msf/core/session/comm.rb,
lib/msf/core/session/basic.rb,
lib/msf/base/sessions/scriptable.rb,
lib/msf/core/session/interactive.rb,
lib/msf/core/session/provider/multi_command_shell.rb,
lib/msf/core/session/provider/single_command_shell.rb,
lib/msf/core/session/provider/multi_command_execution.rb,
lib/msf/core/session/provider/single_command_execution.rb
Overview
The session class represents a post-exploitation, uh, session. Sessions can be written to, read from, and interacted with. The underlying medium on which they are backed is arbitrary. For instance, when an exploit is provided with a command shell, either through a network connection or locally, the session's read and write operations end up reading from and writing to the shell that was spawned. The session object can be seen as a general means of interacting with various post-exploitation payloads through a common interface that is not necessarily tied to a network connection.
Defined Under Namespace
Modules: Basic, Comm, Interactive, Provider, Scriptable
Instance Attribute Summary collapse
-
#alive ⇒ Object
Returns the value of attribute alive.
-
#db_record ⇒ Object
This session's associated database record.
-
#exploit ⇒ Object
The actual exploit module instance that created this session.
-
#exploit_datastore ⇒ Object
The datastore of the exploit that created this session.
-
#exploit_task ⇒ Object
The task that ran the exploit that got the session (that swallowed the fly).
-
#exploit_uuid ⇒ Object
The unique identifier of exploit that created this session.
-
#framework ⇒ Object
The framework instance that created this session.
-
#info ⇒ Object
The specific identified session info.
-
#machine_id ⇒ Object
The unique machine identifier for the host that created this session.
-
#payload_uuid ⇒ Object
The unique identifier of the payload that created this session.
-
#routes ⇒ Object
An array of routes associated with this session.
-
#sid ⇒ Object
The session unique identifier.
-
#sname ⇒ Object
The session name.
-
#target_host ⇒ Object
The original target host address.
-
#target_port ⇒ Object
The original target port if applicable.
-
#username ⇒ Object
The associated username.
-
#uuid ⇒ Object
The unique identifier of this session.
-
#via ⇒ Object
protected
:nodoc:.
-
#workspace ⇒ Object
The associated workspace name.
Class Method Summary collapse
Instance Method Summary collapse
- #alive? ⇒ Boolean
-
#cleanup ⇒ Object
Perform session-specific cleanup.
- #dead? ⇒ Boolean
-
#desc ⇒ Object
Returns the description of the session.
- #initialize ⇒ Object
-
#inspect ⇒ Object
Brief and to the point.
-
#interactive? ⇒ Boolean
By default, sessions are not interactive.
-
#kill ⇒ Object
Allow the user to terminate this session.
-
#log_file_name ⇒ Object
Returns the suggested name of the log file for this session.
-
#log_source ⇒ Object
Returns the log source that should be used for this session.
-
#name ⇒ Object
Returns the session's name if it's been assigned one, otherwise the sid is returned.
-
#name=(name) ⇒ Object
Sets the session's name.
-
#register? ⇒ Boolean
Allow the session to skip registration.
-
#session_host ⇒ Object
Returns the host associated with the session.
-
#session_host=(v) ⇒ Object
Override the host associated with this session.
-
#session_port ⇒ Object
Returns the port associated with the session.
-
#session_port=(v) ⇒ Object
Override the host associated with this session.
-
#session_type ⇒ Object
Get an arch/platform combination.
-
#set_from_exploit(m) ⇒ Object
Configures via_payload, via_payload, workspace, target_host from an exploit instance.
-
#set_via(opts) ⇒ Object
Sets the vector through which this session was realized.
-
#tunnel_local ⇒ Object
Returns the local side of the tunnel.
-
#tunnel_peer ⇒ Object
Returns the peer side of the tunnel.
-
#tunnel_to_s ⇒ Object
Returns a pretty representation of the tunnel.
-
#type ⇒ Object
Returns the type of session in use.
-
#via_exploit ⇒ Object
Returns the exploit module name through which this session was created.
-
#via_payload ⇒ Object
Returns the payload module name through which this session was created.
Instance Attribute Details
#alive ⇒ Object
Returns the value of attribute alive
339 340 341 |
# File 'lib/msf/core/session.rb', line 339 def alive @alive end |
#db_record ⇒ Object
This session's associated database record
408 409 410 |
# File 'lib/msf/core/session.rb', line 408 def db_record @db_record end |
#exploit ⇒ Object
The actual exploit module instance that created this session
396 397 398 |
# File 'lib/msf/core/session.rb', line 396 def exploit @exploit end |
#exploit_datastore ⇒ Object
The datastore of the exploit that created this session
368 369 370 |
# File 'lib/msf/core/session.rb', line 368 def exploit_datastore @exploit_datastore end |
#exploit_task ⇒ Object
The task that ran the exploit that got the session (that swallowed the fly)
372 373 374 |
# File 'lib/msf/core/session.rb', line 372 def exploit_task @exploit_task end |
#exploit_uuid ⇒ Object
The unique identifier of exploit that created this session
384 385 386 |
# File 'lib/msf/core/session.rb', line 384 def exploit_uuid @exploit_uuid end |
#framework ⇒ Object
The framework instance that created this session.
344 345 346 |
# File 'lib/msf/core/session.rb', line 344 def framework @framework end |
#info ⇒ Object
The specific identified session info
376 377 378 |
# File 'lib/msf/core/session.rb', line 376 def info @info end |
#machine_id ⇒ Object
The unique machine identifier for the host that created this session
392 393 394 |
# File 'lib/msf/core/session.rb', line 392 def machine_id @machine_id end |
#payload_uuid ⇒ Object
The unique identifier of the payload that created this session
388 389 390 |
# File 'lib/msf/core/session.rb', line 388 def payload_uuid @payload_uuid end |
#routes ⇒ Object
An array of routes associated with this session
404 405 406 |
# File 'lib/msf/core/session.rb', line 404 def routes @routes end |
#sid ⇒ Object
The session unique identifier.
348 349 350 |
# File 'lib/msf/core/session.rb', line 348 def sid @sid end |
#sname ⇒ Object
The session name.
352 353 354 |
# File 'lib/msf/core/session.rb', line 352 def sname @sname end |
#target_host ⇒ Object
The original target host address
360 361 362 |
# File 'lib/msf/core/session.rb', line 360 def target_host @target_host end |
#target_port ⇒ Object
The original target port if applicable
364 365 366 |
# File 'lib/msf/core/session.rb', line 364 def target_port @target_port end |
#username ⇒ Object
The associated username
400 401 402 |
# File 'lib/msf/core/session.rb', line 400 def username @username end |
#uuid ⇒ Object
The unique identifier of this session
380 381 382 |
# File 'lib/msf/core/session.rb', line 380 def uuid @uuid end |
#via ⇒ Object (protected)
:nodoc:
411 412 413 |
# File 'lib/msf/core/session.rb', line 411 def via @via end |
#workspace ⇒ Object
The associated workspace name
356 357 358 |
# File 'lib/msf/core/session.rb', line 356 def workspace @workspace end |
Class Method Details
.type ⇒ Object
98 99 100 |
# File 'lib/msf/core/session.rb', line 98 def self.type "unknown" end |
Instance Method Details
#alive? ⇒ Boolean
320 321 322 |
# File 'lib/msf/core/session.rb', line 320 def alive? (self.alive) end |
#cleanup ⇒ Object
Perform session-specific cleanup.
NOTE: session classes overriding this method must call super! Also must tolerate being called multiple times.
285 286 287 288 289 290 291 292 |
# File 'lib/msf/core/session.rb', line 285 def cleanup if db_record and framework.db.active ::ApplicationRecord.connection_pool.with_connection { framework.db.update_session(id: db_record.id, closed_at: Time.now.utc, close_reason: db_record.close_reason) db_record = nil } end end |
#dead? ⇒ Boolean
316 317 318 |
# File 'lib/msf/core/session.rb', line 316 def dead? (not self.alive) end |
#desc ⇒ Object
Returns the description of the session.
127 128 |
# File 'lib/msf/core/session.rb', line 127 def desc end |
#initialize ⇒ Object
80 81 82 83 84 85 |
# File 'lib/msf/core/session.rb', line 80 def initialize self.alive = true self.uuid = Rex::Text.rand_text_alphanumeric(8).downcase @routes = RouteArray.new(self) #self.routes = [] end |
#inspect ⇒ Object
Brief and to the point
120 121 122 |
# File 'lib/msf/core/session.rb', line 120 def inspect "#<Session:#{self.type} #{self.tunnel_peer} (#{self.session_host}) #{self.info ? "\"#{self.info.to_s}\"" : nil}>" # " Fixes highlighting end |
#interactive? ⇒ Boolean
By default, sessions are not interactive.
297 298 299 |
# File 'lib/msf/core/session.rb', line 297 def interactive? false end |
#kill ⇒ Object
Allow the user to terminate this session
312 313 314 |
# File 'lib/msf/core/session.rb', line 312 def kill framework.sessions.deregister(self) if register? end |
#log_file_name ⇒ Object
Returns the suggested name of the log file for this session.
212 213 214 215 216 217 218 219 220 |
# File 'lib/msf/core/session.rb', line 212 def log_file_name dt = Time.now dstr = sprintf("%.4d%.2d%.2d", dt.year, dt.mon, dt.mday) rhost = session_host.gsub(':', '_') sname = name.to_s.gsub(/\W+/,'_') "#{dstr}_#{sname}_#{rhost}_#{type}" end |
#log_source ⇒ Object
Returns the log source that should be used for this session.
225 226 227 |
# File 'lib/msf/core/session.rb', line 225 def log_source "session_#{name}" end |
#name ⇒ Object
Returns the session's name if it's been assigned one, otherwise the sid is returned.
106 107 108 |
# File 'lib/msf/core/session.rb', line 106 def name return sname || sid end |
#name=(name) ⇒ Object
Sets the session's name.
113 114 115 |
# File 'lib/msf/core/session.rb', line 113 def name=(name) self.sname = name end |
#register? ⇒ Boolean
Allow the session to skip registration
305 306 307 |
# File 'lib/msf/core/session.rb', line 305 def register? true end |
#session_host ⇒ Object
Returns the host associated with the session
151 152 153 154 155 156 157 158 159 160 161 162 163 164 |
# File 'lib/msf/core/session.rb', line 151 def session_host # Prefer the overridden session host or target_host host = @session_host || self.target_host return host if host # Fallback to the tunnel_peer (contains port) peer = self.tunnel_peer return if not peer # Pop off the trailing port number bits = peer.split(':') bits.pop bits.join(':') end |
#session_host=(v) ⇒ Object
Override the host associated with this session
169 170 171 |
# File 'lib/msf/core/session.rb', line 169 def session_host=(v) @session_host = v end |
#session_port ⇒ Object
Returns the port associated with the session
176 177 178 179 180 181 182 183 184 185 186 187 |
# File 'lib/msf/core/session.rb', line 176 def session_port port = @session_port || self.target_port return port if port # Fallback to the tunnel_peer (contains port) peer = self.tunnel_peer return if not peer # Pop off the trailing port number bits = peer.split(':') port = bits.pop port.to_i end |
#session_port=(v) ⇒ Object
Override the host associated with this session
192 193 194 |
# File 'lib/msf/core/session.rb', line 192 def session_port=(v) @session_port = v end |
#session_type ⇒ Object
Get an arch/platform combination
327 328 329 330 331 332 333 334 335 336 |
# File 'lib/msf/core/session.rb', line 327 def session_type # avoid unnecessary slash separator if !self.arch.nil? && !self.arch.empty? && !self.platform.nil? && !self.platform.empty? separator = '/' else separator = '' end "#{self.arch}#{separator}#{self.platform}" end |
#set_from_exploit(m) ⇒ Object
Configures via_payload, via_payload, workspace, target_host from an exploit instance. Store references from and to the exploit module.
246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 |
# File 'lib/msf/core/session.rb', line 246 def set_from_exploit(m) self.via = { 'Exploit' => m.fullname } self.via['Payload'] = ('payload/' + m.datastore['PAYLOAD'].to_s) if m.datastore['PAYLOAD'] self.target_host = Rex::Socket.getaddress(m.target_host) if (m.target_host.to_s.strip.length > 0) self.target_port = m.target_port if (m.target_port.to_i != 0) self.workspace = m.workspace self.username = m.owner self.exploit_datastore = m.datastore self.user_input = m.user_input if m.user_input self.user_output = m.user_output if m.user_output self.exploit_uuid = m.uuid self.exploit = m if m[:task] self.exploit_task = m[:task] end end |
#set_via(opts) ⇒ Object
Sets the vector through which this session was realized.
238 239 240 |
# File 'lib/msf/core/session.rb', line 238 def set_via(opts) self.via = opts || {} end |
#tunnel_local ⇒ Object
Returns the local side of the tunnel.
139 140 |
# File 'lib/msf/core/session.rb', line 139 def tunnel_local end |
#tunnel_peer ⇒ Object
Returns the peer side of the tunnel.
145 146 |
# File 'lib/msf/core/session.rb', line 145 def tunnel_peer end |
#tunnel_to_s ⇒ Object
Returns a pretty representation of the tunnel.
199 200 201 |
# File 'lib/msf/core/session.rb', line 199 def tunnel_to_s "#{(tunnel_local || '??')} -> #{(tunnel_peer || '??')}" end |
#type ⇒ Object
Returns the type of session in use.
133 134 |
# File 'lib/msf/core/session.rb', line 133 def type end |
#via_exploit ⇒ Object
Returns the exploit module name through which this session was created.
267 268 269 |
# File 'lib/msf/core/session.rb', line 267 def via_exploit self.via['Exploit'] if (self.via) end |
#via_payload ⇒ Object
Returns the payload module name through which this session was created.
275 276 277 |
# File 'lib/msf/core/session.rb', line 275 def via_payload self.via['Payload'] if (self.via) end |