Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
module Msf
2
  ###
3
  #
4
  # This class hooks all socket calls and updates the database with
5
  # data gathered from the connection parameters
6
  #
7
  ###
8

9
  class Plugin::DB_Tracer < Msf::Plugin
10

11
    ###
12
    #
13
    # This class implements a socket communication tracker
14
    #
15
    ###
16
    class DBTracerEventHandler
17
      include Rex::Socket::Comm::Events
18

19
      def on_before_socket_create(comm, param); end
20

21
      def on_socket_created(_comm, sock, param)
22
        # Ignore local listening sockets
23
        return if !sock.peerhost
24

25
        if ((sock.peerhost != '0.0.0.0') && sock.peerport)
26

27
          # Ignore sockets that didn't set up their context
28
          # to hold the framework in 'Msf'
29
          return if !param.context['Msf']
30

31
          host = param.context['Msf'].db.find_or_create_host(host: sock.peerhost, state: Msf::HostState::Alive)
32
          return if !host
33

34
          param.context['Msf'].db.report_service(host: host, proto: param.proto, port: sock.peerport)
35
        end
36
      end
37
    end
38

39
    def initialize(framework, opts)
40
      super
41

42
      if !framework.db.active
43
        raise PluginLoadError, 'The database backend has not been initialized'
44
      end
45

46
      framework.plugins.each do |plugin|
47
        if plugin.instance_of?(Msf::Plugin::DB_Tracer)
48
          raise PluginLoadError, 'This plugin should not be loaded more than once'
49
        end
50
      end
51

52
      @eh = DBTracerEventHandler.new
53
      Rex::Socket::Comm::Local.register_event_handler(@eh)
54
    end
55

56
    def cleanup
57
      Rex::Socket::Comm::Local.deregister_event_handler(@eh)
58
    end
59

60
    def name
61
      'db_tracker'
62
    end
63

64
    def desc
65
      'Monitors socket calls and updates the database backend'
66
    end
67

68
  end
69
end
70

71