module Metasploit::Exploit

Public Class Methods

start(options) click to toggle source
# File lib/metasploit/exploit.rb, line 7
def Exploit.start(options)

  run_details = ExploitRunDescription.new(options)
  run_details.verify

  rpc_client = get_new_metasploit_rpc_connection(run_details)

  create_workspace(rpc_client, run_details.workspace_name)

  do_nexpose_import(rpc_client, run_details)

  do_metasploit_scan(rpc_client, run_details)

  do_metasploit_audit(rpc_client, run_details)

  do_metasploit_exploit(rpc_client, run_details)

  do_metasploit_report(rpc_client, run_details)
end

Private Class Methods

create_workspace(rpc_client, workspace_name) click to toggle source
# File lib/metasploit/exploit.rb, line 48
def self.create_workspace(rpc_client, workspace_name)
  rpc_client.call('pro.workspace_add', {'name' => workspace_name})
end
do_metasploit_audit(rpc_client, run_details) click to toggle source
# File lib/metasploit/exploit.rb, line 58
def self.do_metasploit_audit(rpc_client, run_details)
  audit = rpc_client.call('pro.start_webaudit', run_details.get_audit_options)

  wait_for_task_to_stop_running(rpc_client, CONSTANTS::AUDIT_MESSAGE, audit['task_id'])
end
do_metasploit_exploit(rpc_client, run_details) click to toggle source
# File lib/metasploit/exploit.rb, line 64
def self.do_metasploit_exploit(rpc_client, run_details)
  if run_details.use_os_filter
    puts CONSTANTS::USING_OS_FILTER_MESSAGE
  else
    puts CONSTANTS::NO_OS_FILTER
  end

  if run_details.module_filter.nil? || run_details.module_filter.empty?
    puts CONSTANTS::NO_MODULE_FILTER
  else
    puts CONSTANTS::USING_MODULE_FILTER
    puts run_details.module_filter
  end

  sploit = rpc_client.call('pro.start_exploit', run_details.get_exploit_options)

  wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
end
do_metasploit_report(rpc_client, run_details) click to toggle source
# File lib/metasploit/exploit.rb, line 83
def self.do_metasploit_report(rpc_client, run_details)
  report_type = run_details.report_type
  if report_type.nil? || report_type.empty?
    puts CONSTANTS::NO_REPORT_TYPE_MESSAGE
  else
    puts "Generating a #{report_type} Report"

    report = rpc_client.call('pro.start_report', run_details.get_report_options)

    self.write_report_after_generation(rpc_client, run_details, report['report_id'])
  end
end
do_metasploit_scan(rpc_client, run_details) click to toggle source
# File lib/metasploit/exploit.rb, line 52
def self.do_metasploit_scan(rpc_client, run_details)
  scan = rpc_client.call('pro.start_webscan', {'workspace' => run_details.workspace_name, 'DS_URLS' => run_details.device_ip_to_scan})

  wait_for_task_to_stop_running(rpc_client, CONSTANTS::SCANNING_MESSAGE, scan['task_id'])
end
do_nexpose_import(rpc_client, run_details) click to toggle source
# File lib/metasploit/exploit.rb, line 35
def self.do_nexpose_import(rpc_client, run_details)

  if run_details.nexpose_console_name.nil? || run_details.nexpose_console_name.empty?
    puts CONSTANTS::SKIPPING_IMPORT_MESSAGE
    discover = rpc_client.call('pro.start_discover', run_details.get_discover_options)

    wait_for_task_to_stop_running(rpc_client, CONSTANTS::DISCOVER_MESSAGE, discover['task_id'])
  else
    import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
    wait_for_task_to_stop_running(rpc_client, CONSTANTS::IMPORTING_DATA_MESSAGE, import['task_id'])
  end
end
get_new_metasploit_rpc_connection(run_details) click to toggle source
# File lib/metasploit/exploit.rb, line 28
def self.get_new_metasploit_rpc_connection(run_details)
  client = Msf::RPC::Client.new(run_details.get_options)
  puts CONSTANTS::SUCCESSFUL_CONNECTION_MESSAGE

  client
end
wait_for_task_to_stop_running(rpc_client, status_message, task_id) click to toggle source
# File lib/metasploit/exploit.rb, line 96
def self.wait_for_task_to_stop_running(rpc_client, status_message, task_id)
  loop do
    sleep(3)
    status = rpc_client.call('pro.task_status', task_id)
    puts status_message
    progress = status.fetch(task_id, {}).fetch('progress', {})
    puts "This task is #{progress} % complete"
    info = status.fetch(task_id, {}).fetch('info', {})
    puts "I am currently executing: #{info}"
    status = status.fetch(task_id, {}).fetch('status', {})

    break if status != CONSTANTS::RUNNING_IMPORT_STATUS
  end
end
write_report_after_generation(rpc_client, run_details, report_id) click to toggle source
# File lib/metasploit/exploit.rb, line 111
def self.write_report_after_generation(rpc_client, run_details, report_id)
  (1..100).each do
    download = rpc_client.call('pro.report_download', report_id)
    if download && download['report_artifacts'] && download['report_artifacts'].length > 0
      download['report_artifacts'].each_with_index do |artifact, index|
        File.open("#{run_details.workspace_name}_#{index}#{File.extname(artifact['file_path'])}", "wb") do |fd|
          fd.write(artifact['data'])
        end
        puts "Report File #{index} Written"
      end
      break
    else
      puts "Waiting for report to generate"
      sleep(3)
    end
  end
end