CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/msf/core/auxiliary/prometheus.rb
Views: 1904
1
# -*- coding: binary -*-

2


3
module Msf

4
  ###

5
  #

6
  # This module provides methods for working with Prometheus node exporter

7
  #

8
  ###

9
  module Auxiliary::Prometheus

10
    include Msf::Auxiliary::Report

11


12
    # returns username, password

13
    def process_authorization(auth)

14
      if auth['credentials']

15
        # credential foobar

16
        return '', auth['credentials']

17
      elsif auth['credentials_file']

18
        # type: Bearer

19
        # credentials_file: /var/run/secrets/kubernetes.io/serviceaccount/token

20
        return auth['type'], auth['credentials_file']

21
      end

22
    end

23


24
    # processes a generic URI for creds

25
    def process_embedded_uri(uri, job_name, config_name)

26
      uri = URI(uri)

27
      cred = credential_data

28
      cred[:port] = uri.port

29
      cred[:address] = uri.host

30
      cred[:username] = uri.user

31
      cred[:private_data] = uri.password

32
      cred[:service_name] = uri.scheme

33
      create_credential_and_login(cred)

34
      @table_creds << [

35
        job_name,

36
        config_name,

37
        uri.host,

38
        uri.port,

39
        uri.user,

40
        uri.password,

41
        ''

42
      ]

43
    end

44


45
    def credential_data

46
      {

47
        # these 4 need to be changed every time

48
        # address: thost,

49
        # port: tport,

50
        # username: username

51
        # private_data: hash

52
        protocol: 'tcp',

53
        workspace_id: myworkspace_id,

54
        origin_type: :service,

55
        private_type: :password,

56
        service_name: '',

57
        module_fullname: fullname,

58
        status: Metasploit::Model::Login::Status::UNTRIED

59
      }

60
    end

61


62
    def process_dns_sd_configs(job_name, dns_sd_configs)

63
      dns_sd_configs['names']&.each do |name|

64
        username = dns_sd_configs.dig('basic_auth', 'username')

65
        password = dns_sd_configs.dig('basic_auth', 'password')

66
        password = dns_sd_configs.dig('basic_auth', 'password_file') if dns_sd_configs.dig('basic_auth', 'password_file')

67
        uri = URI("#{dns_sd_configs['scheme']}://#{name}")

68
        cred = credential_data

69
        cred[:port] = uri.port

70
        cred[:address] = uri.host

71
        cred[:username] = dns_sd_configs.dig('basic_auth', 'username')

72
        cred[:private_data] = password

73
        cred[:service_name] = dns_sd_configs['scheme']

74
        create_credential_and_login(cred)

75
        @table_creds << [

76
          job_name,

77
          'dns_sd_configs',

78
          uri.host,

79
          uri.port,

80
          username,

81
          password,

82
          ''

83
        ]

84
      end

85
    end

86


87
    def process_consul_sd_configs(job_name, consul_sd_configs)

88
      uri = URI("#{consul_sd_configs['scheme']}://#{consul_sd_configs['server']}")

89
      cred = credential_data

90
      cred[:port] = uri.port

91
      cred[:address] = uri.host

92
      cred[:username] = ''

93
      cred[:private_data] = consul_sd_configs['token']

94
      cred[:service_name] = consul_sd_configs['scheme']

95
      create_credential_and_login(cred)

96
      @table_creds << [

97
        job_name,

98
        'consul_sd_configs',

99
        uri.host,

100
        uri.port,

101
        '',

102
        consul_sd_configs['token'],

103
        "Path Prefix: #{consul_sd_configs['path_prefix']}"

104
      ]

105
    end

106


107
    def process_kubernetes_sd_configs(job_name, kubernetes_sd_configs)

108
      username = kubernetes_sd_configs.dig('basic_auth', 'username')

109
      password = kubernetes_sd_configs.dig('basic_auth', 'password')

110
      password = kubernetes_sd_configs.dig('basic_auth', 'password_file') if kubernetes_sd_configs.dig('basic_auth', 'password_file')

111


112
      uri = URI(kubernetes_sd_configs['api_server'])

113
      cred = credential_data

114
      cred[:port] = uri.port

115
      cred[:address] = uri.host

116
      cred[:username] = username

117
      cred[:private_data] = password

118
      cred[:service_name] = uri.scheme

119
      create_credential_and_login(cred)

120
      @table_creds << [

121
        job_name,

122
        'kubernetes_sd_configs',

123
        uri.host,

124
        uri.port,

125
        username,

126
        password,

127
        "Role: #{kubernetes_sd_configs['role']}"

128
      ]

129
    end

130


131
    def process_kuma_sd_configs(job_name, targets)

132
      return if targets['server'].nil?

133
      return unless targets['server'].include? '@'

134


135
      process_embedded_uri(targets['server'], job_name, 'kuma_sd_configs')

136
    end

137


138
    def process_marathon_sd_configs(job_name, marathon_sd_configs)

139
      marathon_sd_configs['servers']&.each do |servers|

140
        uri = URI(servers)

141
        cred = credential_data

142
        cred[:port] = uri.port

143
        cred[:address] = uri.host

144
        cred[:username] = ''

145
        cred[:private_data] = marathon_sd_configs['auth_token']

146
        cred[:service_name] = uri.scheme

147
        create_credential_and_login(cred)

148
        @table_creds << [

149
          job_name,

150
          'marathon_sd_configs',

151
          uri.host,

152
          uri.port,

153
          '',

154
          marathon_sd_configs['auth_token'],

155
          ''

156
        ]

157
      end

158
    end

159


160
    def process_nomad_sd_configs(job_name, targets)

161
      return if targets['server'].nil?

162
      return unless targets['server'].include? '@'

163


164
      process_embedded_uri(targets['server'], job_name, 'nomad_sd_configs')

165
    end

166


167
    def process_ec2_sd_configs(job_name, ec2_sd_configs)

168
      cred = credential_data

169
      cred[:port] = ''

170
      cred[:address] = ''

171
      cred[:username] = ec2_sd_configs['access_key']

172
      cred[:private_data] = ec2_sd_configs['secret_key']

173
      cred[:service_name] = ''

174
      create_credential_and_login(cred)

175
      @table_creds << [

176
        job_name,

177
        'ec2_sd_configs',

178
        '',

179
        '',

180
        ec2_sd_configs['access_key'],

181
        ec2_sd_configs['secret_key'],

182
        "Region: #{ec2_sd_configs['region']}, Profile: #{ec2_sd_configs['profile']}"

183
      ]

184
    end

185


186
    def process_lightsail_sd_configs(job_name, lightsail_sd_configs)

187
      cred = credential_data

188
      cred[:port] = ''

189
      cred[:address] = ''

190
      cred[:username] = lightsail_sd_configs['access_key']

191
      cred[:private_data] = lightsail_sd_configs['secret_key']

192
      cred[:service_name] = ''

193
      create_credential_and_login(cred)

194
      @table_creds << [

195
        job_name,

196
        'lightsail_sd_configs',

197
        '',

198
        '',

199
        lightsail_sd_configs['access_key'],

200
        lightsail_sd_configs['secret_key'],

201
        "Region: #{lightsail_sd_configs['region']}, Profile: #{lightsail_sd_configs['profile']}"

202
      ]

203
    end

204


205
    def process_azure_sd_configs(job_name, azure_sd_configs)

206
      cred = credential_data

207
      cred[:port] = azure_sd_configs['port']

208
      cred[:address] = ''

209
      cred[:username] = azure_sd_configs['client_id']

210
      cred[:private_data] = azure_sd_configs['client_secret']

211
      cred[:service_name] = azure_sd_configs['authentication_method']

212
      create_credential_and_login(cred)

213
      @table_creds << [

214
        job_name,

215
        'azure_sd_configs',

216
        '',

217
        azure_sd_configs['port'],

218
        azure_sd_configs['client_id'],

219
        azure_sd_configs['client_secret'],

220
        "Environment: #{azure_sd_configs['environment']}, Subscription ID: #{azure_sd_configs['subscription_id']}, Resource Group: #{azure_sd_configs['resource_group']}, Tenant ID: #{azure_sd_configs['tenant_id']}"

221
      ]

222
    end

223


224
    def process_http_sd_configs(job_name, http_sd_configs)

225
      return if http_sd_configs['url'].nil?

226
      return unless http_sd_configs['url'].include? '@'

227


228
      process_embedded_uri(http_sd_configs['url'], job_name, 'http_sd_configs')

229
    end

230


231
    def process_digitalocean_sd_configs(job_name, digitalocean_sd_configs)

232
      username, password = process_authorization(digitalocean_sd_configs['authorization'])

233
      cred = credential_data

234
      cred[:port] = ''

235
      cred[:address] = ''

236
      cred[:username] = username

237
      cred[:private_data] = password

238
      create_credential_and_login(cred)

239
      @table_creds << [

240
        job_name,

241
        'digitalocean_sd_configs',

242
        '',

243
        '',

244
        username,

245
        password,

246
        ''

247
      ]

248
    end

249


250
    def process_hetzner_sd_configs(job_name, hetzner_sd_configs)

251
      username = hetzner_sd_configs.dig('basic_auth', 'username')

252
      password = hetzner_sd_configs.dig('basic_auth', 'password')

253


254
      username, password = process_authorization(hetzner_sd_configs['authorization']) if hetzner_sd_configs.dig('authorization', 'credentials')

255


256
      cred = credential_data

257
      cred[:port] = ''

258
      cred[:address] = ''

259
      cred[:username] = username

260
      cred[:private_data] = password

261
      create_credential_and_login(cred)

262
      @table_creds << [

263
        job_name,

264
        'hetzner_sd_configs',

265
        '',

266
        '',

267
        username,

268
        password,

269
        hetzner_sd_configs['role']

270
      ]

271
    end

272


273
    def process_eureka_sd_configs(job_name, eureka_sd_configs)

274
      return if eureka_sd_configs['server'].nil?

275
      return unless eureka_sd_configs['server'].include? '@'

276


277
      process_embedded_uri(eureka_sd_configs['server'], job_name, 'eureka_sd_configs')

278
    end

279


280
    def process_ovhcloud_sd_configs(job_name, ovhcloud_sd_configs)

281
      cred = credential_data

282
      cred[:port] = ''

283
      cred[:address] = ovhcloud_sd_configs['endpoint']

284
      cred[:username] = ovhcloud_sd_configs['application_key']

285
      cred[:private_data] = ovhcloud_sd_configs['application_secret']

286
      cred[:service_name] = ovhcloud_sd_configs['service']

287
      create_credential_and_login(cred)

288
      @table_creds << [

289
        job_name,

290
        'ovhcloud_sd_configs',

291
        ovhcloud_sd_configs['endpoint'],

292
        '',

293
        ovhcloud_sd_configs['application_key'],

294
        ovhcloud_sd_configs['application_secret'],

295
        "Consumer Key: #{ovhcloud_sd_configs['consumer_key']}, Service: #{ovhcloud_sd_configs['service']}"

296
      ]

297
    end

298


299
    def process_scaleway_sd_configs(job_name, scaleway_sd_configs)

300
      cred = credential_data

301
      cred[:port] = ''

302
      cred[:address] = ''

303
      cred[:username] = scaleway_sd_configs['access_key']

304
      cred[:private_data] = scaleway_sd_configs['secret_key']

305
      cred[:service_name] = scaleway_sd_configs['role']

306
      create_credential_and_login(cred)

307
      @table_creds << [

308
        job_name,

309
        'scaleway_sd_configs',

310
        '',

311
        '',

312
        scaleway_sd_configs['access_key'],

313
        scaleway_sd_configs['secret_key'],

314
        "Project ID: #{scaleway_sd_configs['project_id']}, Role: #{scaleway_sd_configs['role']}"

315
      ]

316
    end

317


318
    def process_linode_sd_configs(job_name, linode_sd_configs)

319
      username, password = process_authorization(linode_sd_configs['authorization'])

320
      cred = credential_data

321
      cred[:port] = ''

322
      cred[:address] = ''

323
      cred[:username] = username

324
      cred[:private_data] = password

325
      create_credential_and_login(cred)

326
      @table_creds << [

327
        job_name,

328
        'linode_sd_configs',

329
        '',

330
        '',

331
        username,

332
        password,

333
        ''

334
      ]

335
    end

336


337
    def process_uyuni_sd_configs(job_name, uyuni_sd_configs)

338
      uri = URI(uyuni_sd_configs['server'])

339
      cred = credential_data

340
      cred[:port] = uri.port

341
      cred[:address] = uri.host

342
      cred[:username] = uyuni_sd_configs['username']

343
      cred[:private_data] = uyuni_sd_configs['password']

344
      cred[:service_name] = uri.scheme

345
      create_credential_and_login(cred)

346
      @table_creds << [

347
        job_name,

348
        'uyuni_sd_configs',

349
        uri.host,

350
        uri.port,

351
        uyuni_sd_configs['username'],

352
        uyuni_sd_configs['password'],

353
        ''

354
      ]

355
    end

356


357
    def process_ionos_sd_configs(job_name, ionos_sd_configs)

358
      _username, password = process_authorization(ionos_sd_configs['authorization'])

359
      # we may hit an issue here where we have a type stored in username, but use datacenter_id

360
      # as the username

361
      cred = credential_data

362
      cred[:port] = ''

363
      cred[:address] = ''

364
      cred[:username] = ionos_sd_configs['datacenter_id']

365
      cred[:private_data] = password

366
      create_credential_and_login(cred)

367
      @table_creds << [

368
        job_name,

369
        'ionos_sd_configs',

370
        '',

371
        '',

372
        ionos_sd_configs['datacenter_id'],

373
        password,

374
        ''

375
      ]

376
    end

377


378
    def process_vultr_sd_configs(job_name, vultr_sd_configs)

379
      username, password = process_authorization(vultr_sd_configs['authorization'])

380
      cred = credential_data

381
      cred[:port] = ''

382
      cred[:address] = ''

383
      cred[:username] = username

384
      cred[:private_data] = password

385
      create_credential_and_login(cred)

386
      @table_creds << [

387
        job_name,

388
        'vultr_sd_configs',

389
        '',

390
        '',

391
        username,

392
        password,

393
        ''

394
      ]

395
    end

396


397
    def prometheus_config_eater(yamlconf)

398
      @table_creds = Rex::Text::Table.new(

399
        'Header' => 'Credentials',

400
        'Indent' => 2,

401
        'Columns' =>

402
        [

403
          'Name',

404
          'Config',

405
          'Host',

406
          'Port',

407
          'Public/Username',

408
          'Private/Password/Token',

409
          'Notes'

410
        ]

411
      )

412


413
      yamlconf['scrape_configs']&.each do |scrape|

414
        # check for targets which have creds built in to the URL

415
        if scrape['static_configs']

416
          scrape['static_configs']&.each do |static|

417
            static['targets']&.each do |target|

418
              if target.include? '@'

419
                uri = URI(target)

420
                cred = credential_data

421
                cred[:port] = uri.port

422
                cred[:address] = uri.host

423
                cred[:username] = uri.user

424
                cred[:private_data] = uri.password

425
                cred[:service_name] = uri.scheme

426
                create_credential_and_login(cred)

427
                @table_creds << [

428
                  scrape['job_name'],

429
                  'static_configs Target',

430
                  uri.host,

431
                  uri.port,

432
                  uri.user,

433
                  uri.password,

434
                  ''

435
                ]

436
              end

437
            end

438
          end

439
        elsif scrape['dns_sd_configs']

440
          scrape['dns_sd_configs']&.each do |dns_sd_configs|

441
            # pass in basic_auth from the level above

442
            if dns_sd_configs['basic_auth'].nil? && scrape['basic_auth']

443
              dns_sd_configs['basic_auth'] = {}

444
              dns_sd_configs['basic_auth']['username'] = scrape.dig('basic_auth', 'username') if scrape.dig('basic_auth', 'username')

445
              dns_sd_configs['basic_auth']['password'] = scrape.dig('basic_auth', 'password') if scrape.dig('basic_auth', 'password')

446
              dns_sd_configs['basic_auth']['password_file'] = scrape.dig('basic_auth', 'password_file') if scrape.dig('basic_auth', 'password_file')

447
            end

448


449
            # pass in the 'scheme' from a level above to properly build the URI

450
            if dns_sd_configs['scheme'].nil? && scrape['scheme']

451
              dns_sd_configs['scheme'] = scrape['scheme']

452
            end

453


454
            process_dns_sd_configs(scrape['job_name'], dns_sd_configs)

455
          end

456
        elsif scrape['consul_sd_configs']

457
          scrape['consul_sd_configs']&.each do |consul_sd_configs|

458
            process_consul_sd_configs(scrape['job_name'], consul_sd_configs)

459
          end

460
        elsif scrape['authorization']

461
          username, password = process_authorization(scrape['authorization'])

462
          cred = credential_data

463
          cred[:port] = ''

464
          cred[:address] = ''

465
          cred[:username] = username

466
          cred[:private_data] = password

467
          create_credential_and_login(cred)

468
          @table_creds << [

469
            scrape['job_name'],

470
            'authorization',

471
            '',

472
            '',

473
            username,

474
            password,

475
            ''

476
          ]

477
        elsif scrape['kubernetes_sd_configs']

478
          scrape['kubernetes_sd_configs']&.each do |kubernetes_sd_configs|

479
            next unless kubernetes_sd_configs['api_server']

480


481
            # if scrape has basic auth, but the individual config doesn't

482
            # add it to the individual config

483
            if kubernetes_sd_configs['basic_auth'].nil? && scrape['basic_auth']

484
              kubernetes_sd_configs['basic_auth'] = {}

485
              kubernetes_sd_configs['basic_auth']['username'] = scrape.dig('basic_auth', 'username') if scrape.dig('basic_auth', 'username')

486
              kubernetes_sd_configs['basic_auth']['password'] = scrape.dig('basic_auth', 'password') if scrape.dig('basic_auth', 'password')

487
              kubernetes_sd_configs['basic_auth']['password'] = scrape.dig('basic_auth', 'password_file') if scrape.dig('basic_auth', 'password_file')

488
            end

489


490
            process_kubernetes_sd_configs(scrape['job_name'], kubernetes_sd_configs)

491
          end

492
        elsif scrape['kuma_sd_configs']

493
          scrape['kuma_sd_configs']&.each do |targets|

494
            process_kuma_sd_configs(scrape['job_name'], targets)

495
          end

496
        elsif scrape['marathon_sd_configs']

497
          scrape['marathon_sd_configs']&.each do |marathon_sd_configs|

498
            process_marathon_sd_configs(scrape['job_name'], marathon_sd_configs)

499
          end

500
        elsif scrape['nomad_sd_configs']

501
          scrape['nomad_sd_configs']&.each do |targets|

502
            process_nomad_sd_configs(scrape['job_name'], targets)

503
          end

504
        elsif scrape['ec2_sd_configs']

505
          scrape['ec2_sd_configs']&.each do |ec2_sd_configs|

506
            process_ec2_sd_configs(scrape['job_name'], ec2_sd_configs)

507
          end

508
        elsif scrape['lightsail_sd_configs']

509
          scrape['lightsail_sd_configs']&.each do |lightsail_sd_configs|

510
            process_lightsail_sd_configs(scrape['job_name'], lightsail_sd_configs)

511
          end

512
        elsif scrape['azure_sd_configs']

513
          scrape['azure_sd_configs']&.each do |azure_sd_configs|

514
            process_azure_sd_configs(scrape['job_name'], azure_sd_configs)

515
          end

516
        elsif scrape['http_sd_configs']

517
          scrape['http_sd_configs']&.each do |http_sd_configs|

518
            process_http_sd_configs(scrape['job_name'], http_sd_configs)

519
          end

520
        elsif scrape['digitalocean_sd_configs']

521
          scrape['digitalocean_sd_configs']&.each do |digitalocean_sd_configs|

522
            process_digitalocean_sd_configs(scrape['job_name'], digitalocean_sd_configs)

523
          end

524
        elsif scrape['hetzner_sd_configs']

525
          scrape['hetzner_sd_configs']&.each do |hetzner_sd_configs|

526
            process_hetzner_sd_configs(scrape['job_name'], hetzner_sd_configs)

527
          end

528
        elsif scrape['eureka_sd_configs']

529
          scrape['eureka_sd_configs']&.each do |eureka_sd_configs|

530
            process_eureka_sd_configs(scrape['job_name'], eureka_sd_configs)

531
          end

532
        elsif scrape['ovhcloud_sd_configs']

533
          scrape['ovhcloud_sd_configs']&.each do |ovhcloud_sd_configs|

534
            process_ovhcloud_sd_configs(scrape['job_name'], ovhcloud_sd_configs)

535
          end

536
        elsif scrape['scaleway_sd_configs']

537
          scrape['scaleway_sd_configs']&.each do |scaleway_sd_configs|

538
            process_scaleway_sd_configs(scrape['job_name'], scaleway_sd_configs)

539
          end

540
        elsif scrape['linode_sd_configs']

541
          scrape['linode_sd_configs']&.each do |linode_sd_configs|

542
            process_linode_sd_configs(scrape['job_name'], linode_sd_configs)

543
          end

544
        elsif scrape['uyuni_sd_configs']

545
          scrape['uyuni_sd_configs']&.each do |uyuni_sd_configs|

546
            process_uyuni_sd_configs(scrape['job_name'], uyuni_sd_configs)

547
          end

548
        elsif scrape['ionos_sd_configs']

549
          scrape['ionos_sd_configs']&.each do |ionos_sd_configs|

550
            process_ionos_sd_configs(scrape['job_name'], ionos_sd_configs)

551
          end

552
        elsif scrape['vultr_sd_configs']

553
          scrape['vultr_sd_configs']&.each do |vultr_sd_configs|

554
            process_vultr_sd_configs(scrape['job_name'], vultr_sd_configs)

555
          end

556
        end

557
      end

558
      print_good(@table_creds.to_s) if !@table_creds.rows.empty?

559
    end

560


561
    def process_results_page(page)

562
      # data is in a strange 'label{optional_kv_hash-ish} value' format.

563
      return nil if page.nil?

564


565
      results = []

566
      page.scan(/^(?<name>\w+)(?:{(?<labels>[^}]+)})? (?<value>[\w.+-]+)/).each do |hit|

567
        result = {}

568
        value = { 'value' => hit[2], 'labels' => {} }

569
        if hit[1]

570
          hit[1].scan(/(?<key>[^=]+?)="(?<value>[^"]*)",?/).each do |label|

571
            value['labels'][label[0]] = label[1]

572
          end

573
        end

574
        result[hit[0]] = value

575
        results.append(result)

576
      end

577
      return results

578
    end

579
  end

580
end

581


582