Module: Msf::Auxiliary::ReportSummary

Defined in:
lib/msf/core/auxiliary/report_summary.rb

Overview

This module provides a means to report module summaries

Instance Method Summary collapse

Instance Method Details

#create_credential_and_login(credential_data) ⇒ Metasploit::Credential::Login

Creates a credential and adds to to the DB if one is present, then calls create_credential_login to attempt a login

This is needed when create_credential_and_login in lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb is called, which doesn’t call of to create_credential_login at any point to initialize @report

This allow modules that make use of create_credential_and_login to make use of the report summary mixin

Parameters:

  • credential_data (Hash)

Returns:

  • (Metasploit::Credential::Login) 


69
70
71
72
73
74
75
76
77
78
79
 
# File 'lib/msf/core/auxiliary/report_summary.rb', line 69

def (credential_data)
  return super unless framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS) && datastore['ShowSuccessfulLogins'] && @report

  credential = {
    public: credential_data[:username],
    private_data: credential_data[:private_data]
  }
  @report[rhost] = { successful_logins: [] }
  @report[rhost][:successful_logins] << credential
  super
end

#create_credential_login(credential_data) ⇒ Metasploit::Credential::Login

Creates a credential and adds to to the DB if one is present

Parameters:

  • credential_data (Hash)

Returns:

  • (Metasploit::Credential::Login) 


46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/msf/core/auxiliary/report_summary.rb', line 46

def (credential_data)
  return super unless framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS) && datastore['ShowSuccessfulLogins'] && @report

  credential = {
    public: credential_data[:username],
    private_data: credential_data[:private_data]
  }
  @report[rhost] = { successful_logins: [] }
  @report[rhost][:successful_logins] << credential
  super
end

#initialize(info = {}) ⇒ Object 



18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/msf/core/auxiliary/report_summary.rb', line 18

def initialize(info = {})
  super(info)

  if framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS)
    register_options(
      [
        OptBool.new('ShowSuccessfulLogins', [false, 'Outputs a table of successful logins', true]),
      ]
    )
  end
end

#runObject 



30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/msf/core/auxiliary/report_summary.rb', line 30

def run
  return super unless framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS) && datastore['ShowSuccessfulLogins']

  @report = {}
  @report.extend(::Rex::Ref)
  rhost_walker = Msf::RhostsWalker.new(datastore['RHOSTS'], datastore).to_enum
  conditional_verbose_output(rhost_walker.count)
  result = super
  print_report_summary
  result
end

#start_session(obj, info, ds_merge, crlf = false, sock = nil, sess = nil) ⇒ Msf::Sessions::<SESSION_CLASS>

Framework is notified that we have a new session opened

Parameters:

  • obj (MetasploitModule)
  • info (Object)
  • ds_merge (Hash)
  • crlf (FalseClass) (defaults to: false)
  • sock (Socket) (defaults to: nil)
  • sess (Msf::Sessions::<SESSION_CLASS>) (defaults to: nil)

Returns:



90
91
92
93
94
95
96
97
98
99
100
101
102
103
 
# File 'lib/msf/core/auxiliary/report_summary.rb', line 90

def start_session(obj, info, ds_merge, crlf = false, sock = nil, sess = nil)
  return super unless framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS) && datastore['ShowSuccessfulLogins']

  unless @report && @report[rhost]
    elog("No RHOST found in report, skipping reporting for #{rhost}")
    print_brute level: :error, ip: rhost, msg: "No RHOST found in report, skipping reporting for #{rhost}"
    return super
  end

  result = super
  @report[rhost].merge!({ successful_sessions: [] })
  @report[rhost][:successful_sessions] << result
  result
end