Class: Msf::Handler::ReverseTcpDoubleSSL::TcpReverseDoubleSSLSessionChannel

Inherits:
Object
  • Object
show all
Includes:
Rex::IO::StreamAbstraction
Defined in:
lib/msf/core/handler/reverse_tcp_double_ssl.rb

Overview

This class wrappers the communication channel built over the two inbound connections, allowing input and output to be split across both.

Instance Method Summary collapse

Constructor Details

#initialize(framework, inp, out) ⇒ TcpReverseDoubleSSLSessionChannel

Returns a new instance of TcpReverseDoubleSSLSessionChannel.

[View source]

267
268
269
270
271
272
273
274
275
276
277
278
279
# File 'lib/msf/core/handler/reverse_tcp_double_ssl.rb', line 267

def initialize(framework, inp, out)
  @framework = framework
  @sock_inp  = inp
  @sock_out  = out

  initialize_abstraction

  self.lsock.extend(TcpReverseDoubleSSLChannelExt)
  self.lsock.peerinfo  = @sock_inp.getpeername_as_array[1,2].map{|x| x.to_s}.join(":")
  self.lsock.localinfo = @sock_inp.getsockname[1,2].map{|x| x.to_s}.join(":")

  monitor_shell_stdout
end

Instance Method Details

#closeObject

Closes the stream abstraction and kills the monitor thread.

[View source]

325
326
327
328
329
330
# File 'lib/msf/core/handler/reverse_tcp_double_ssl.rb', line 325

def close
  @monitor_thread.kill if (@monitor_thread)
  @monitor_thread = nil

  cleanup_abstraction
end

#monitor_shell_stdoutObject

Funnel data from the shell’s stdout to rsock

StreamAbstraction#monitor_rsock will deal with getting data from the client (user input). From there, it calls our write() below, funneling the data to the shell’s stdin on the other side.

[View source]

288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
# File 'lib/msf/core/handler/reverse_tcp_double_ssl.rb', line 288

def monitor_shell_stdout

  # Start a thread to pipe data between stdin/stdout and the two sockets
  @monitor_thread = @framework.threads.spawn("ReverseTcpDoubleSSLHandlerMonitor", false) {
    begin
      while true
        # Handle data from the server and write to the client
        if (@sock_out.has_read_data?(0.50))
          buf = @sock_out.get_once
          break if buf.nil?
          rsock.put(buf)
        end
      end
    rescue ::Exception => e
      ilog("ReverseTcpDoubleSSL monitor thread raised #{e.class}: #{e}")
    end

    # Clean up the sockets...
    begin
      @sock_inp.close
      @sock_out.close
    rescue ::Exception
    end
  }
end

#read(length = 0, opts = {}) ⇒ Object

[View source]

318
319
320
# File 'lib/msf/core/handler/reverse_tcp_double_ssl.rb', line 318

def read(length=0, opts={})
  @sock_out.read(length, opts)
end

#write(buf, opts = {}) ⇒ Object

[View source]

314
315
316
# File 'lib/msf/core/handler/reverse_tcp_double_ssl.rb', line 314

def write(buf, opts={})
  @sock_inp.write(buf, opts)
end