Path: blob/master/lib/metasploit/framework/ssh/platform.rb
19611 views
module Metasploit1module Framework2module Ssh3module Platform4def self.get_platform(ssh_socket)5info = get_platform_info(ssh_socket, timeout: 10)6get_platform_from_info(info)7end89def self.get_platform_info(ssh_socket, timeout: 10)10info = ''11begin12Timeout.timeout(timeout) do13info = ssh_socket.exec!("id\n").to_s14if (info =~ /id=/)15info << ssh_socket.exec!("uname -a\n").to_s16if (info =~ /JUNOS /)17# We're in the SSH shell for a Juniper JunOS, we can pull the version from the cli18# line 2 is hostname, 3 is model, 4 is the Base OS version19info = ssh_socket.exec!("cli show version\n").split("\n")[2..4].join(', ').to_s20elsif (info =~ /Linux USG /)21# Ubiquiti Unifi USG22info << ssh_socket.exec!("cat /etc/version\n").to_s.rstrip23end24temp_proof = ssh_socket.exec!("grep unifi.version /tmp/system.cfg\n").to_s.rstrip25if (temp_proof =~ /unifi\.version/)26info << temp_proof27# Ubiquiti Unifi device (non-USG), possibly a switch. Tested on US-24, UAP-nanoHD28# The /tmp/*.cfg files don't give us device info, however the info command does29# we dont call it originally since it doesnt say unifi/ubiquiti in it and info30# is a linux command as well31info << ssh_socket.exec!("grep board.name /etc/board.info\n").to_s.rstrip32end33elsif info =~ /Unknown command or computer name/34# Cisco IOS35info = ssh_socket.exec!("ver\n").to_s36# Juniper ScreenOS37elsif info =~ /unknown keyword/38info = ssh_socket.exec!("get chassis\n").to_s39# Juniper JunOS CLI40elsif info =~ /unknown command: id/41info = ssh_socket.exec!("show version\n").split("\n")[2..4].join(', ').to_s42# Brocade CLI43elsif info =~ /Invalid input -> id/ || info =~ /Protocol error, doesn't start with scp!/44info = ssh_socket.exec!("show version\n").to_s45if info =~ /Version:(?<os_version>.+).+HW: (?<hardware>)/mi46info = "Model: #{hardware}, OS: #{os_version}"47end48# Arista49elsif info =~ /% Invalid input at line 1/50info = ssh_socket.exec!("show version\n").split("\n")[0..1]51info = info.map { |item| item.strip }52info = info.join(', ').to_s53# Windows54elsif info =~ /command not found|is not recognized as an internal or external command|is not recognized as the name of a cmdlet, function, script file, or operable/55info = ssh_socket.exec!("systeminfo\n").to_s56/OS Name:\s+(?<os_name>.+)$/ =~ info57/OS Version:\s+(?<os_num>.+)$/ =~ info58if os_num.present? && os_name.present?59info = "#{os_name.strip} #{os_num.strip}"60else61info = ssh_socket.exec!("ver\n").to_s.strip62end63# mikrotik64elsif info =~ /bad command name id \(line 1 column 1\)/65info = ssh_socket.exec!("/ system resource print\n").to_s66/platform:\s+(?<platform>.+)$/ =~ info67/board-name:\s+(?<board>.+)$/ =~ info68/version:\s+(?<version>.+)$/ =~ info69if version && platform && board70info = "#{platform.strip} #{board.strip} #{version.strip}"71end72# esxi 6.773elsif info =~ /sh: id: not found/74info = ssh_socket.exec!("vmware -v\n").to_s75# vcenter 6.7 (photon)76# VMware vCenter Server 8.0.0.1000077# VMware VirtualCenter 6.7.0 build-1929959578elsif info =~ /Unknown command: `id'/79# eventually we'll want to try to shell in via 'shell'. On failure you see: "User 'user_operator' is not authorized to run this command"80# on succeess: "Shell access is granted to <username>"81info = ssh_socket.exec!("api com.vmware.appliance.version1.system.version.get\n\n").to_s82/Product:\s+(?<product>.+)$/ =~ info83/Version:\s+(?<version>[\d\.]+)$/ =~ info84if version && product85info = "#{product.strip} #{version.strip}"86end87else88info << ssh_socket.exec!("help\n?\n\n\n").to_s89end90end91rescue Timeout::Error92end93info94end9596def self.is_posix(platform)97return ['unifi','linux','osx','solaris','bsd','hpux','aix'].include?(platform)98end99100def self.get_platform_from_info(info)101case info102when /unifi\.version|UniFiSecurityGateway/i # Ubiquiti Unifi. uname -a is left in, so we got to pull before Linux103'unifi'104when /Linux/i105'linux'106when /VMware ESXi/i107'linux'108when /Darwin/i109'osx'110when /SunOS/i111'solaris'112when /BSD/i113'bsd'114when /HP-UX/i115'hpux'116when /AIX/i117'aix'118when /MSYS_NT|cygwin|Win32|Windows|Microsoft/i119'windows'120when /Unknown command or computer name|Line has invalid autocommand/i121'cisco-ios'122when /unknown keyword/i # ScreenOS123'juniper'124when /JUNOS Base OS/i # JunOS125'juniper'126when /MikroTik/i127'mikrotik'128when /Arista/i129'arista'130when /VMware vCenter Server/i131'vcenter'132else133'unknown'134end135end136end137end138end139end140141142