CoCalc -- python.rb

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/lib/rex/post/meterpreter/extensions/python/python.rb
Views: ¹⁹⁰⁴

1
# -*- coding: binary -*-
2

3
require 'rex/post/meterpreter/extensions/python/tlv'
4
require 'rex/post/meterpreter/extensions/python/command_ids'
5
require 'set'
6

7
module Rex
8
module Post
9
module Meterpreter
10
module Extensions
11
module Python
12

13
###
14
#
15
# Python extension - gives remote python scripting capabilities on the target.
16
#
17
###
18

19
class Python < Extension
20

21
  PY_CODE_TYPE_STRING = 0
22
  PY_CODE_TYPE_PY     = 1
23
  PY_CODE_TYPE_PYC    = 2
24

25
  PY_CODE_FILE_TYPES = [ '.py', '.pyc' ]
26

27
  PY_CODE_FILE_TYPE_MAP = {
28
    '.py'  => PY_CODE_TYPE_PY,
29
    '.pyc' => PY_CODE_TYPE_PYC
30
  }
31

32
  def self.extension_id
33
    EXTENSION_ID_PYTHON
34
  end
35

36
  #
37
  # Typical extension initialization routine.
38
  #
39
  # @param client (see Extension#initialize)
40
  def initialize(client)
41
    super(client, 'python')
42

43
    client.register_extension_aliases(
44
      [
45
        {
46
          'name' => 'python',
47
          'ext'  => self
48
        }
49
      ])
50
  end
51

52
  def reset
53
    request = Packet.create_request(COMMAND_ID_PYTHON_RESET)
54
    client.send_request(request)
55

56
    return true
57
  end
58

59
  def import(file, mod_name, result_var)
60
    unless ::File.file?(file)
61
      raise ArgumentError, "File not found: #{file}"
62
    end
63

64
    ext = ::File.extname(file).downcase
65
    unless PY_CODE_FILE_TYPES.include?(ext)
66
      raise ArgumentError, "File not a valid type: #{file}"
67
    end
68

69
    code = ::File.read(file)
70

71
    request = Packet.create_request(COMMAND_ID_PYTHON_EXECUTE)
72
    request.add_tlv(TLV_TYPE_PYTHON_CODE, code)
73
    request.add_tlv(TLV_TYPE_PYTHON_CODE_LEN, code.length)
74
    request.add_tlv(TLV_TYPE_PYTHON_CODE_TYPE, PY_CODE_FILE_TYPE_MAP[ext])
75
    request.add_tlv(TLV_TYPE_PYTHON_NAME, mod_name) if mod_name
76
    request.add_tlv(TLV_TYPE_PYTHON_RESULT_VAR, result_var) if result_var
77

78
    run_exec_request(request)
79
  end
80

81
  #
82
  # Dump the LSA secrets from the target machine.
83
  #
84
  # @return [Hash<Symbol,Object>]
85
  def execute_string(code, result_var)
86
    request = Packet.create_request(COMMAND_ID_PYTHON_EXECUTE)
87
    request.add_tlv(TLV_TYPE_PYTHON_CODE, code)
88
    request.add_tlv(TLV_TYPE_PYTHON_CODE_TYPE, PY_CODE_TYPE_STRING)
89
    request.add_tlv(TLV_TYPE_PYTHON_RESULT_VAR, result_var) if result_var
90

91
    run_exec_request(request)
92
  end
93

94
private
95

96
  def run_exec_request(request)
97
    response = client.send_request(request)
98

99
    result = {
100
      result: response.get_tlv_value(TLV_TYPE_PYTHON_RESULT),
101
      stdout: "",
102
      stderr: ""
103
    }
104

105
    response.each(TLV_TYPE_PYTHON_STDOUT) do |o|
106
      result[:stdout] << o.value
107
    end
108

109
    response.each(TLV_TYPE_PYTHON_STDERR) do |e|
110
      result[:stderr] << e.value
111
    end
112

113
    result
114
  end
115

116
end
117

118
end; end; end; end; end
119

120

121

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

Product

Resources

Company