CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/rex/post/meterpreter/extensions/lanattacks/dhcp/dhcp.rb
Views: 1904
1
# -*- coding: binary -*-

2


3
require 'rex/post/meterpreter/extensions/lanattacks/tlv'

4


5
module Rex

6
module Post

7
module Meterpreter

8
module Extensions

9
module Lanattacks

10
module Dhcp

11


12
###

13
#

14
# DHCP Server functionality

15
#

16
###

17
class Dhcp

18


19
  def initialize(client)

20
    @client = client

21
  end

22


23
  def start

24
    client.send_request(Packet.create_request(COMMAND_ID_LANATTACKS_START_DHCP))

25
    true

26
  end

27


28
  def reset

29
    client.send_request(Packet.create_request(COMMAND_ID_LANATTACKS_RESET_DHCP))

30
    true

31
  end

32


33
  def set_option(name, value)

34
    request = Packet.create_request(COMMAND_ID_LANATTACKS_SET_DHCP_OPTION)

35
    request.add_tlv(TLV_TYPE_LANATTACKS_OPTION_NAME, name)

36
    request.add_tlv(TLV_TYPE_LANATTACKS_OPTION, value)

37
    client.send_request(request)

38
    true

39
  end

40


41
  def load_options(datastore)

42
    # TODO: change this so that all of the options are set in a single

43
    # payload rather than firing off lots of calls separately

44
    datastore.each do |name, value|

45
      if Regexp.new('DHCPIPSTART|DHCPIPEND|NETMASK|ROUTER|DNSSERVER|BROADCAST|'+

46
          'SERVEONCE|PXE|HOSTNAME|HOSTSTART|FILENAME|PXECONF|SRVHOST') =~ name

47
        set_option(name, value)

48
      end

49
    end

50
  end

51


52
  def stop

53
    client.send_request(Packet.create_request(COMMAND_ID_LANATTACKS_STOP_DHCP))

54
    true

55
  end

56


57
  def log

58
    response = client.send_request(Packet.create_request(COMMAND_ID_LANATTACKS_DHCP_LOG))

59
    entries = []

60
    if( response.result == 0 )

61
      log = response.get_tlv_value( TLV_TYPE_LANATTACKS_RAW )

62
      while log.length > 0

63
        mac = log.slice!(0..5)

64
        ip = log.slice!(0..3)

65
        entries << {

66
         :mac => mac,

67
         :ip  => ip

68
        }

69
      end

70
    end

71
    entries

72
  end

73


74
  attr_accessor :client

75


76
end

77


78
end; end; end; end; end; end

79


80