CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/msf/ui/console/command_dispatcher/common.rb
Views: 1904
1
# -*- coding: binary -*-

2


3
require 'rexml/document'

4


5
module Msf

6
module Ui

7
module Console

8
module CommandDispatcher

9


10
  # These are functions that are used in two or more command dispatchers.

11


12
module Common

13


14
  # Parse +arg+ into a {Rex::Socket::RangeWalker} and append the result into +host_ranges+

15
  #

16
  # @note This modifies +host_ranges+ in place

17
  #

18
  # @param arg [String] The thing to turn into a RangeWalker

19
  # @param host_ranges [Array] The array of ranges to append

20
  # @param required [Boolean] Whether an empty +arg+ should be an error

21
  # @return [Boolean] true if parsing was successful or false otherwise

22
  def arg_host_range(arg, host_ranges, required=false)

23
    if (!arg and required)

24
      print_error("Missing required host argument")

25
      return false

26
    end

27
    begin

28
      rw = Rex::Socket::RangeWalker.new(arg)

29
    rescue

30
      print_error("Invalid host parameter, #{arg}.")

31
      return false

32
    end

33


34
    if rw.valid?

35
      host_ranges << rw

36
    else

37
      print_error("Invalid host parameter, #{arg}.")

38
      return false

39
    end

40
    return true

41
  end

42


43
  #

44
  # Parse +arg+ into an array of ports and append the result into +port_ranges+

45
  #

46
  # Returns true if parsing was successful or nil otherwise.

47
  #

48
  # NOTE: This modifies +port_ranges+

49
  #

50
  def arg_port_range(arg, port_ranges, required=false)

51
    if (!arg and required)

52
      print_error("Argument required for -p")

53
      return

54
    end

55
    begin

56
      port_ranges << Rex::Socket.portspec_to_portlist(arg)

57
    rescue

58
      print_error("Invalid port parameter, #{arg}.")

59
      return

60
    end

61
    return true

62
  end

63


64
  #

65
  # Set RHOSTS in the +active_module+'s (or global if none) datastore from an array of addresses

66
  #

67
  # This stores all the addresses to a temporary file and utilizes the

68
  # <pre>file:/tmp/filename</pre> syntax to confer the addrs.  +rhosts+

69
  # should be an Array.  NOTE: the temporary file is *not* deleted

70
  # automatically.

71
  #

72
  def set_rhosts_from_addrs(rhosts)

73
    if rhosts.empty?

74
      print_status("The list is empty, cowardly refusing to set RHOSTS")

75
      return

76
    end

77
    if active_module

78
      mydatastore = active_module.datastore

79
    else

80
      # if there is no module in use set the list to the global variable

81
      mydatastore = self.framework.datastore

82
    end

83


84
    if rhosts.length > 5

85
      # Lots of hosts makes 'show options' wrap which is difficult to

86
      # read, store to a temp file

87
      rhosts_file = Rex::Quickfile.new("msf-db-rhosts-")

88
      mydatastore['RHOSTS'] = 'file:'+rhosts_file.path

89
      # create the output file and assign it to the RHOSTS variable

90
      rhosts_file.write(rhosts.join("\n")+"\n")

91
      rhosts_file.close

92
    else

93
      # For short lists, just set it directly

94
      mydatastore['RHOSTS'] = rhosts.join(" ")

95
    end

96


97
    print_line "RHOSTS => #{mydatastore['RHOSTS']}"

98
    print_line

99
  end

100


101
  def show_options(mod) # :nodoc:

102
    mod_opt = Serializer::ReadableText.dump_options(mod, '   ')

103
    print("\nModule options (#{mod.fullname}):\n\n#{mod_opt}\n") if (mod_opt and mod_opt.length > 0)

104


105
    # If it's an exploit and a payload is defined, create it and

106
    # display the payload's options

107
    if ((mod.exploit? or mod.evasion? ) and mod.datastore['PAYLOAD'])

108
      p = framework.payloads.create(mod.datastore['PAYLOAD'])

109


110
      if (!p)

111
        print_error("Invalid payload defined: #{mod.datastore['PAYLOAD']}\n")

112
        return

113
      end

114


115
      p.share_datastore(mod.datastore)

116


117
      if (p)

118
        p_opt = Serializer::ReadableText.dump_options(p, '   ')

119
        print("\nPayload options (#{mod.datastore['PAYLOAD']}):\n\n#{p_opt}\n") if (p_opt and p_opt.length > 0)

120
        print("   **DisablePayloadHandler: True   (no handler will be created!)**\n\n") if mod.datastore['DisablePayloadHandler'].to_s == 'true'

121
      end

122
    end

123


124
    # Print the selected target

125
    if (mod.exploit? and mod.target)

126
      mod_targ = Serializer::ReadableText.dump_exploit_target(mod, '   ')

127
      print("\nExploit target:\n\n#{mod_targ}\n") if (mod_targ and mod_targ.length > 0)

128
    elsif mod.evasion? and mod.target

129
      mod_targ = Serializer::ReadableText.dump_evasion_target(mod, '   ')

130
      print("\nEvasion target:\n\n#{mod_targ}\n") if (mod_targ and mod_targ.length > 0)

131
    end

132


133
    # Print the selected action

134
    if mod.kind_of?(Msf::Module::HasActions) && mod.action

135
      mod_action = Serializer::ReadableText.dump_module_action(mod, '   ')

136
      print("\n#{mod.type.capitalize} action:\n\n#{mod_action}\n") if (mod_action and mod_action.length > 0)

137
    end

138


139
    print("\nView the full module info with the #{Msf::Ui::Tip.highlight('info')}, or #{Msf::Ui::Tip.highlight('info -d')} command.\n\n")

140


141
    # Uncomment this line if u want target like msf2 format

142
    #print("\nTarget: #{mod.target.name}\n\n")

143
  end

144


145
  # This is for the "use" and "set" commands

146
  def index_from_list(list, index, &block)

147
    return unless list.kind_of?(Array) && index

148


149
    begin

150
      idx = Integer(index)

151
    rescue ArgumentError

152
      return

153
    end

154


155
    # Don't support negative indices

156
    return if idx < 0

157


158
    yield list[idx]

159
  end

160


161
  # Trims starting `.`, `./` `/`, `+path_head+/`, & `/+path_head+/` from +path+. Also trims trailing `.+extension+`

162
  # from +path+, and any possible combination of misspellings of +extension+.

163
  #

164
  # @param path [String] The path to be trimmed

165
  # @param path_head [String] The top-level directory that should be removed from the path

166
  # @param extensions [Array] File extensions to be trimmed from +path+. `.` is automatically included. Defaults to ['rb', 'py', 'go'].

167
  # @return [String] Altered +path+. Will return unaltered +path+ if regex constructed with +path_head+ & +path+ is not detected

168
  def trim_path(path, path_head, extensions: ['rb', 'py', 'go'])

169
    #Builds capture groups for all supported file extensions

170
    regex_extension = ''

171
    extensions.each do |ext|

172
      regex_extension << "([#{ext}])+|"

173
    end

174
    regex_extension.delete_suffix!('|')

175


176
    regexp = %r{

177
        (

178
          ^\.?                      # Dot at beginning of path

179
          /?                        # Slash at beginning of path

180
          (#{path_head}/)?          # top level directory (slash prepending directory name is optional)

181
        )

182


183
        |                           # OR

184


185
        (

186
          \.(#{regex_extension})$   # any possible file extension at end of path

187
        )

188


189
        |                           # OR

190


191
        (

192
          \.$                       # trailing dot

193
        )

194
    }ix

195


196
    path.gsub(regexp, '')

197
  end

198


199
end

200


201
end

202
end

203
end

204
end

205


206