Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
require 'rex/post/smb'
4

5
class Msf::Sessions::SMB
6
  #
7
  # This interface supports basic interaction.
8
  #
9
  include Msf::Session::Basic
10
  include Msf::Sessions::Scriptable
11

12
  # @return [Rex::Post::SMB::Ui::Console] The interactive console
13
  attr_accessor :console
14
  # @return [RubySMB::Client] The SMB client
15
  attr_accessor :client
16
  # @return [Rex::Proto::SMB::SimpleClient]
17
  attr_accessor :simple_client
18
  attr_accessor :platform, :arch
19
  attr_reader :framework
20

21
  # @param[Rex::IO::Stream] rstream
22
  # @param [Hash] opts
23
  # @option opts [RubySMB::Client] :client
24
  def initialize(rstream, opts = {})
25
    @client = opts.fetch(:client)
26
    @simple_client = ::Rex::Proto::SMB::SimpleClient.new(client.dispatcher.tcp_socket, client: client)
27
    self.console = Rex::Post::SMB::Ui::Console.new(self)
28
    super(rstream, opts)
29
  end
30

31
  def bootstrap(datastore = {}, handler = nil)
32
    session = self
33
    session.init_ui(user_input, user_output)
34

35
    @info = "SMB #{datastore['USERNAME']} @ #{@peer_info}"
36
  end
37

38
  def execute_file(full_path, args)
39
    if File.extname(full_path) == '.rb'
40
      Rex::Script::Shell.new(self, full_path).run(args)
41
    else
42
      console.load_resource(full_path)
43
    end
44
  end
45

46
  def process_autoruns(datastore)
47
    ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
48
      next if datastore[key].nil? || datastore[key].empty?
49

50
      args = Shellwords.shellwords(datastore[key])
51
      print_status("Session ID #{sid} (#{tunnel_to_s}) processing #{key} '#{datastore[key]}'")
52
      execute_script(args.shift, *args)
53
    end
54
  end
55

56
  def type
57
    self.class.type
58
  end
59

60
  # Returns the type of session.
61
  #
62
  def self.type
63
    'smb'
64
  end
65

66
  def self.can_cleanup_files
67
    false
68
  end
69

70
  #
71
  # Returns the session description.
72
  #
73
  def desc
74
    'SMB'
75
  end
76

77
  def address
78
    @address ||= simple_client.peerhost
79
  end
80

81
  def port
82
    @port ||= simple_client.peerport
83
  end
84

85
  ##
86
  # :category: Msf::Session::Interactive implementors
87
  #
88
  # Initializes the console's I/O handles.
89
  #
90
  def init_ui(input, output)
91
    self.user_input = input
92
    self.user_output = output
93
    console.init_ui(input, output)
94
    console.set_log_source(log_source)
95

96
    super
97
  end
98

99
  ##
100
  # :category: Msf::Session::Interactive implementors
101
  #
102
  # Resets the console's I/O handles.
103
  #
104
  def reset_ui
105
    console.unset_log_source
106
    console.reset_ui
107
  end
108

109
  def exit
110
    console.stop
111
  end
112

113
  ##
114
  # :category: Msf::Session::Interactive implementors
115
  #
116
  # Override the basic session interaction to use shell_read and
117
  # shell_write instead of operating on rstream directly.
118
  def _interact
119
    framework.events.on_session_interact(self)
120
    framework.history_manager.with_context(name: type.to_sym) do
121
      _interact_stream
122
    end
123
  end
124

125
  ##
126
  # :category: Msf::Session::Interactive implementors
127
  #
128
  def _interact_stream
129
    framework.events.on_session_interact(self)
130

131
    console.framework = framework
132
    # Call the console interaction of the smb client and
133
    # pass it a block that returns whether or not we should still be
134
    # interacting.  This will allow the shell to abort if interaction is
135
    # canceled.
136
    console.interact { interacting != true }
137
    console.framework = nil
138

139
    # If the stop flag has been set, then that means the user exited.  Raise
140
    # the EOFError so we can drop this handle like a bad habit.
141
    raise EOFError if (console.stopped? == true)
142
  end
143

144
end
145

146