1
# -*- coding: binary -*-
2

3
require 'rex/post/smb'
4

5
class Msf::Sessions::SMB
6
  #
7
  # This interface supports basic interaction.
8
  #
9
  include Msf::Session::Basic
10
  include Msf::Sessions::Scriptable
11

12
  # @return [Rex::Post::SMB::Ui::Console] The interactive console
13
  attr_accessor :console
14
  # @return [RubySMB::Client] The SMB client
15
  attr_accessor :client
16
  # @return [Rex::Proto::SMB::SimpleClient]
17
  attr_accessor :simple_client
18
  attr_accessor :platform, :arch
19
  attr_reader :framework
20

21
  # @param[Rex::IO::Stream] rstream
22
  # @param [Hash] opts
23
  # @option opts [RubySMB::Client] :client
24
  def initialize(rstream, opts = {})
25
    @client = opts.fetch(:client)
26
    @simple_client = ::Rex::Proto::SMB::SimpleClient.new(client.dispatcher.tcp_socket, client: client, msf_session: self)
27
    self.console = Rex::Post::SMB::Ui::Console.new(self)
28
    super(rstream, opts)
29
  end
30

31
  def bootstrap(datastore = {}, handler = nil)
32
    session = self
33
    session.init_ui(user_input, user_output)
34

35
    @info = "SMB #{datastore['USERNAME']} @ #{@peer_info}"
36
  end
37

38
  def execute_file(full_path, args)
39
    if File.extname(full_path) == '.rb'
40
      Rex::Script::Shell.new(self, full_path).run(args)
41
    else
42
      console.load_resource(full_path)
43
    end
44
  end
45

46
  def process_autoruns(datastore)
47
    ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
48
      next if datastore[key].nil? || datastore[key].empty?
49

50
      args = Shellwords.shellwords(datastore[key])
51
      print_status("Session ID #{sid} (#{tunnel_to_s}) processing #{key} '#{datastore[key]}'")
52
      execute_script(args.shift, *args)
53
    end
54
  end
55

56
  def verify_connectivity
57
    @client.dispatcher.tcp_socket.peerinfo
58
  rescue Errno::ENOTCONN
59
    self.kill
60
    raise
61
  end
62

63
  def type
64
    self.class.type
65
  end
66

67
  # Returns the type of session.
68
  #
69
  def self.type
70
    'smb'
71
  end
72

73
  def self.can_cleanup_files
74
    false
75
  end
76

77
  #
78
  # Returns the session description.
79
  #
80
  def desc
81
    'SMB'
82
  end
83

84
  def address
85
    @address ||= simple_client.peerhost
86
  end
87

88
  def port
89
    @port ||= simple_client.peerport
90
  end
91

92
  ##
93
  # :category: Msf::Session::Interactive implementors
94
  #
95
  # Initializes the console's I/O handles.
96
  #
97
  def init_ui(input, output)
98
    self.user_input = input
99
    self.user_output = output
100
    console.init_ui(input, output)
101
    console.set_log_source(log_source)
102

103
    super
104
  end
105

106
  ##
107
  # :category: Msf::Session::Interactive implementors
108
  #
109
  # Resets the console's I/O handles.
110
  #
111
  def reset_ui
112
    console.unset_log_source
113
    console.reset_ui
114
  end
115

116
  def exit
117
    console.stop
118
  end
119

120
  ##
121
  # :category: Msf::Session::Interactive implementors
122
  #
123
  # Override the basic session interaction to use shell_read and
124
  # shell_write instead of operating on rstream directly.
125
  def _interact
126
    framework.events.on_session_interact(self)
127
    framework.history_manager.with_context(name: type.to_sym) do
128
      _interact_stream
129
    end
130
  end
131

132
  ##
133
  # :category: Msf::Session::Interactive implementors
134
  #
135
  def _interact_stream
136
    framework.events.on_session_interact(self)
137

138
    console.framework = framework
139
    # Call the console interaction of the smb client and
140
    # pass it a block that returns whether or not we should still be
141
    # interacting.  This will allow the shell to abort if interaction is
142
    # canceled.
143
    console.interact { interacting != true }
144
    console.framework = nil
145

146
    # If the stop flag has been set, then that means the user exited.  Raise
147
    # the EOFError so we can drop this handle like a bad habit.
148
    raise EOFError if (console.stopped? == true)
149
  end
150
end
151

152