Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
module Msf::Sessions
4
  ###
5
  #
6
  # This class provides basic interaction with a ChannelFD
7
  # abstraction provided by the Rex::Proto::Ssh wrapper
8
  # around HrrRbSsh.
9
  #
10
  #  Date:    June 22, 2019
11
  #  Author:  RageLtMan
12
  #
13
  ###
14
  class SshCommandShellReverse < Msf::Sessions::CommandShell
15

16
    #
17
    # This interface supports basic interaction.
18
    #
19
    include Msf::Session::Basic
20

21
    #
22
    # This interface supports interacting with a single command shell.
23
    #
24
    include Msf::Session::Provider::SingleCommandShell
25

26
    ##
27
    #
28
    # Returns the session description.
29
    #
30
    def desc
31
      'SSH command shell'
32
    end
33

34
    def shell_command(cmd, timeout = 5)
35
      # Send the command to the session's stdin.
36
      shell_write(cmd + "\n")
37

38
      etime = ::Time.now.to_f + timeout
39
      buff = ""
40

41
      # Keep reading data until no more data is available or the timeout is
42
      # reached.
43
      while ::Time.now.to_f < etime && ::IO.select([rstream.fd_rd], nil, nil, timeout)
44
        res = shell_read(-1, 0.01)
45
        buff << res if res
46
        timeout = etime - ::Time.now.to_f
47
      end
48

49
      buff
50
    end
51

52
    protected
53

54
    def _interact_stream
55
      fdr = [rstream.fd_rd, user_input.fd]
56
      fdw = [rstream.fd_wr, user_input.fd]
57
      while interacting
58
        sd = Rex::ThreadSafe.select(fdr, nil, fdw, 0.5)
59
        next unless sd
60

61
        if sd[0].include? rstream.fd_rd
62
          user_output.print(shell_read)
63
        end
64
        if sd[0].include? user_input.fd
65
          run_single((user_input.gets || '').chomp("\n"))
66
        end
67
        Thread.pass
68
      end
69
    end
70

71
  end
72
end
73

74