Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
module Msf
4

5
class EvasionDriver
6

7
  #
8
  # Initializes the evasion driver using the supplied framework instance.
9
  #
10
  def initialize(framework)
11
    self.payload                = nil
12
    self.evasion                = nil
13
    self.use_job                = false
14
    self.job_id                 = nil
15
    self.force_wait_for_session = false
16
    self.semaphore              = Mutex.new
17
  end
18

19
  def target_idx=(target_idx)
20
    if (target_idx)
21
      # Make sure the target index is valid
22
      if (target_idx >= evasion.targets.length)
23
        raise Rex::ArgumentError, "Invalid target index.", caller
24
      end
25
    end
26

27
     # Set the active target
28
    @target_idx = target_idx
29
  end
30

31
  def target_idx
32
    @target_idx
33
  end
34

35

36
  #
37
  # Checks to see if the supplied payload is compatible with the
38
  # current evasion module.  Assumes that target_idx is valid.
39
  #
40
  def compatible_payload?(payload)
41
    !evasion.compatible_payloads.find { |refname, _| refname == payload.refname }.nil?
42
  end
43

44
  def validate
45
    if (payload == nil)
46
      raise MissingPayloadError, "A payload has not been selected.", caller
47
    end
48

49
    # Make sure the payload is compatible after all
50
    unless compatible_payload?(payload)
51
      raise IncompatiblePayloadError.new(payload.refname), "#{payload.refname} is not a compatible payload.", caller
52
    end
53

54
    # Associate the payload instance with the evasion
55
    payload.assoc_exploit = evasion
56

57
    # Finally, validate options on the evasion module to ensure that things
58
    # are ready to operate as they should.
59
    evasion.options.validate(evasion.datastore)
60

61
    # Validate the payload's options.  The payload's datastore is
62
    # most likely shared against the evasion's datastore, but in case it
63
    # isn't.
64
    payload.options.validate(payload.datastore)
65

66
    return true
67
  end
68

69
  def run
70
    # First thing's first -- validate the state.  Make sure all requirement
71
    # parameters are set, including those that are derived from the
72
    # datastore.
73
    validate()
74

75
    # Explicitly clear the module's job_id in case it was set in a previous
76
    # run
77
    evasion.job_id = nil
78

79
    # Generate the encoded version of the supplied payload on the
80
    # evasion module instance
81
    evasion.generate_payload(payload)
82

83
    # No need to copy since we aren't creating a job.  We wait until
84
    # they're finished running to do anything else with them, so
85
    # nothing should be able to modify their datastore or other
86
    # settings until after they're done.
87
    ctx = [ evasion, payload ]
88

89
    job_run_proc(ctx)
90
    job_cleanup_proc(ctx)
91

92
  end
93

94
  attr_accessor :evasion # :nodoc:
95
  attr_accessor :payload # :nodoc:
96
  attr_accessor :use_job # :nodoc:
97
  #
98
  # The identifier of the job this evasion module is launched as, if it's run as a
99
  # job.
100
  #
101
  attr_accessor :job_id
102
  attr_accessor :force_wait_for_session # :nodoc:
103
  attr_accessor :session # :nodoc:
104

105
  # To synchronize threads cleaning up the evasion
106
  attr_accessor :semaphore
107

108
protected
109

110
  #
111
  # Job run proc, sets up the eevasion and kicks it off.
112
  #
113
  def job_run_proc(ctx)
114
    evasion, payload = ctx
115
    evasion.setup
116
    evasion.framework.events.on_module_run(evasion)
117

118
    # Launch the evasion module
119
    evasion.run
120
  end
121

122
  #
123
  # Clean up the evasion after the job completes.
124
  #
125
  def job_cleanup_proc(ctx)
126
    evasion, payload = ctx
127
    evasion.framework.events.on_module_complete(evasion)
128
    semaphore.synchronize { evasion.cleanup }
129
  end
130

131
end
132

133
end
134

135

136