Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Post
7
  Rank = ExcellentRanking
8

9
  def initialize(info = {})
10
    super(
11
      update_info(
12
        info,
13
        'Name' => 'Multi Manage the screensaver of the target computer',
14
        'Description' => %q{
15
          This module allows you to turn on or off the screensaver of the target computer and also
16
          lock the current session.
17
        },
18
        'License' => MSF_LICENSE,
19
        'Author' => [
20
          'Eliott Teissonniere', # Metasploit module
21
          'Julien Voisin' # Linux improvements
22
        ],
23
        'Platform' => [ 'linux', 'osx', 'win', 'unix', 'solaris' ],
24
        'SessionTypes' => [ 'shell', 'meterpreter' ],
25
        'Actions' => [
26
          [ 'LOCK', { 'Description' => 'Lock the current session' } ],
27
          [ 'UNLOCK', { 'Description' => 'Unlock the current session' } ],
28
          [ 'START', { 'Description' => 'Start the screensaver, may lock the current session' } ],
29
          [ 'STOP', { 'Description' => 'Stop the screensaver, user may be prompted for its password' }],
30
        ],
31
        'References' => [
32
          ['URL', 'https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7530']
33
        ],
34
        'Notes' => {
35
          'Reliability' => [ ],
36
          'Stability' => [ ],
37
          'SideEffects' => [ ]
38
        }
39
      )
40
    )
41
  end
42

43
  #
44
  # cmd_exec but returning a boolean
45
  #
46
  def cmd_vexec(cmd)
47
    vprint_status("Executing '#{cmd}'")
48

49
    begin
50
      cmd_exec(cmd)
51
    rescue StandardError
52
      return false
53
    end
54

55
    true
56
  end
57

58
  def lock_session
59
    case session.platform
60
    when 'linux', 'solaris'
61
      ret = false
62
      if command_exists?('xdg-screensaver-lock')
63
        ret |= cmd_vexec('xdg-screensaver lock')
64
      end
65
      if command_exists?('qdbus')
66
        ret |= cmd_vexec('qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock')
67
      end
68
      if command_exists?('dbus-send')
69
        ret |= cmd_exec('dbus-send --type=method_call --print-reply --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.SetActive boolean:true')
70
      end
71
      if command_exists?('loginctl')
72
        self.class.include Msf::Post::Linux::Priv
73
        if is_root?
74
          ret |= cmd_vexec('loginctl lock-sessions')
75
        else
76
          ret |= cmd_vexec('loginctl lock-session')
77
        end
78
      end
79
      print_error('Unable to lock session.') unless ret
80
      return ret
81
    when 'osx'
82
      cmd_vexec('pmset displaysleepnow')
83
    when 'windows'
84
      cmd_vexec('rundll32 user32.dll,LockWorkStation')
85
    end
86

87
    true
88
  end
89

90
  def unlock_session
91
    case session.platform
92
    when 'linux', 'solaris'
93
      ret = false
94
      if command_exists?('xdg-screensaver')
95
        ret |= cmd_vexec('xdg-screensaver reset')
96
      end
97
      if command_exists?('qdbus')
98
        ret |= cmd_vexec('qdbus org.freedesktop.ScreenSaver /ScreenSaver Unlock')
99
      end
100
      if command_exists?('dbus-send')
101
        ret |= cmd_exec('dbus-send --type=method_call --print-reply --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.SetActive boolean:false')
102
      end
103
      if command_exists?('loginctl')
104
        self.class.include Msf::Post::Linux::Priv
105
        if is_root?
106
          ret |= cmd_vexec('loginctl unlock-sessions')
107
        else
108
          ret |= cmd_vexec('loginctl unlock-session')
109
        end
110
      end
111
      print_error('Unable to unlock session.') unless ret
112
      return ret
113
    when 'osx'
114
      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Mac OSX, you can still lock the screen or start the screensaver')
115
    when 'windows'
116
      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Windows, you can still lock the screen or start the screensaver')
117
    end
118

119
    true
120
  end
121

122
  def start_screensaver
123
    case session.platform
124
    when 'linux', 'solaris'
125
      cmd_vexec('xdg-screensaver activate')
126
    when 'osx'
127
      cmd_vexec('open -a ScreenSaverEngine')
128
    when 'windows'
129
      cmd_vexec('powershell -w hidden -nop -c "Start-Process C:\\Windows\\System32\\scrnsave.scr"')
130
    end
131

132
    true
133
  end
134

135
  def stop_screensaver
136
    case session.platform
137
    when 'linux', 'solaris'
138
      cmd_vexec('xdg-screensaver reset') if command_exists?('xdg-screensaver')
139
    when 'osx'
140
      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Mac OSX, you can still lock the screen or start the screensaver')
141
    when 'windows'
142
      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Windows, you can still lock the screen or start the screensaver')
143
    end
144

145
    true
146
  end
147

148
  def run
149
    print_error('Please specify an action') if action.nil?
150

151
    case action.name
152
    when 'LOCK'
153
      return lock_session
154
    when 'UNLOCK'
155
      return unlock_session
156
    when 'START'
157
      return start_screensaver
158
    when 'STOP'
159
      return stop_screensaver
160
    end
161
  end
162
end
163

164