CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
# -*- coding: binary -*-
2

3
require 'rex/post/ldap'
4

5
class Msf::Sessions::LDAP
6
  #
7
  # This interface supports basic interaction.
8
  #
9
  include Msf::Session::Basic
10
  include Msf::Sessions::Scriptable
11

12
  # @return [Rex::Post::LDAP::Ui::Console] The interactive console
13
  attr_accessor :console
14
  # @return [Rex::Proto::LDAP::Client] The LDAP client
15
  attr_accessor :client
16

17
  attr_accessor :platform, :arch
18
  attr_reader :framework
19

20
  # @param[Rex::IO::Stream] rstream
21
  # @param [Hash] opts
22
  # @option opts [Rex::Proto::LDAP::Client] :client
23
  def initialize(rstream, opts = {})
24
    @client = opts.fetch(:client)
25
    self.console = Rex::Post::LDAP::Ui::Console.new(self)
26
    super(rstream, opts)
27
  end
28

29
  def bootstrap(datastore = {}, handler = nil)
30
    session = self
31
    session.init_ui(user_input, user_output)
32

33
    @info = "LDAP #{datastore['USERNAME']} @ #{@peer_info}"
34
  end
35

36
  def execute_file(full_path, args)
37
    if File.extname(full_path) == '.rb'
38
      Rex::Script::Shell.new(self, full_path).run(args)
39
    else
40
      console.load_resource(full_path)
41
    end
42
  end
43

44
  def process_autoruns(datastore)
45
    ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
46
      next if datastore[key].nil? || datastore[key].empty?
47

48
      args = Shellwords.shellwords(datastore[key])
49
      print_status("Session ID #{sid} (#{tunnel_to_s}) processing #{key} '#{datastore[key]}'")
50
      execute_script(args.shift, *args)
51
    end
52
  end
53

54
  def type
55
    self.class.type
56
  end
57

58
  # Returns the type of session.
59
  #
60
  def self.type
61
    'ldap'
62
  end
63

64
  def self.can_cleanup_files
65
    false
66
  end
67

68
  #
69
  # Returns the session description.
70
  #
71
  def desc
72
    'LDAP'
73
  end
74

75
  def address
76
    @address ||= client.peerhost
77
  end
78

79
  def port
80
    @port ||= client.peerport
81
  end
82

83
  ##
84
  # :category: Msf::Session::Interactive implementors
85
  #
86
  # Initializes the console's I/O handles.
87
  #
88
  def init_ui(input, output)
89
    self.user_input = input
90
    self.user_output = output
91
    console.init_ui(input, output)
92
    console.set_log_source(log_source)
93

94
    super
95
  end
96

97
  ##
98
  # :category: Msf::Session::Interactive implementors
99
  #
100
  # Resets the console's I/O handles.
101
  #
102
  def reset_ui
103
    console.unset_log_source
104
    console.reset_ui
105
  end
106

107
  def exit
108
    console.stop
109
  end
110

111
  ##
112
  # :category: Msf::Session::Interactive implementors
113
  #
114
  # Override the basic session interaction to use shell_read and
115
  # shell_write instead of operating on rstream directly.
116
  def _interact
117
    framework.events.on_session_interact(self)
118
    framework.history_manager.with_context(name: type.to_sym) do
119
      _interact_stream
120
    end
121
  end
122

123
  ##
124
  # :category: Msf::Session::Interactive implementors
125
  #
126
  def _interact_stream
127
    framework.events.on_session_interact(self)
128

129
    console.framework = framework
130
    # Call the console interaction of the ldap client and
131
    # pass it a block that returns whether or not we should still be
132
    # interacting.  This will allow the shell to abort if interaction is
133
    # canceled.
134
    console.interact { interacting != true }
135
    console.framework = nil
136

137
    # If the stop flag has been set, then that means the user exited.  Raise
138
    # the EOFError so we can drop this handle like a bad habit.
139
    raise EOFError if (console.stopped? == true)
140
  end
141

142
end
143

144