Class: Msf::Sessions::AwsSsmCommandShellBind

Inherits:
CommandShell show all
Includes:
Msf::Session::Basic, Msf::Session::Provider::SingleCommandShell
Defined in:
lib/msf/base/sessions/aws_ssm_command_shell_bind.rb

Overview

This class provides basic interaction with an AWS SSM session socket encapsulated by a Rex::Proto::Http::WebSocket::AmazonSsm::Interface::SsmChannel

Date:    Feb 4, 2023
Author:  RageLtMan

Instance Attribute Summary

Attributes included from Msf::Session::Interactive

#rstream

Attributes included from Rex::Ui::Interactive

#completed, #interacting, #next_session, #on_command_proc, #on_print_proc, #on_run_command_error_proc, #orig_suspend, #orig_usr1, #orig_winch

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Msf::Session

#alive, #db_record, #exploit, #exploit_datastore, #exploit_task, #exploit_uuid, #framework, #info, #machine_id, #payload_uuid, #routes, #sid, #sname, #target_host, #target_port, #username, #uuid, #via, #workspace

Attributes included from Framework::Offspring

#framework

Attributes inherited from CommandShell

#arch, #banner, #max_threads, #platform

Instance Method Summary collapse

Methods included from Msf::Session::Provider::SingleCommandShell

#command_termination, #set_is_echo_shell, #shell_close, #shell_command_token, #shell_command_token_base, #shell_command_token_win32, #shell_init, #shell_read, #shell_read_until_token, #shell_write, #to_cmd

Methods included from Msf::Session::Basic

#_interact

Methods included from Msf::Session::Interactive

#_interact, #_interact_complete, #_interrupt, #_suspend, #_usr1, #abort_foreground, #cleanup, #comm_channel, #interactive?, #kill, #run_cmd, #tunnel_local, #tunnel_peer, #user_want_abort?

Methods included from Rex::Ui::Interactive

#_interact, #_interact_complete, #_interrupt, #_local_fd, #_remote_fd, #_stream_read_local_write_remote, #_stream_read_remote_write_local, #_suspend, #_winch, #detach, #handle_suspend, #handle_usr1, #handle_winch, #interact, #interact_stream, #prompt, #prompt_yesno, #restore_suspend, #restore_usr1, #restore_winch

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Msf::Session

#alive?, #cleanup, #comm_channel, #dead?, #inspect, #interactive?, #kill, #log_file_name, #log_source, #name, #name=, #register?, #session_host, #session_host=, #session_port, #session_port=, #session_type, #set_from_exploit, #set_via, #tunnel_local, #tunnel_peer, #tunnel_to_s, type, #via_exploit, #via_payload

Methods inherited from CommandShell

#_file_transfer, #_interact, #_interact_stream, binary_exists, #binary_exists, can_cleanup_files, #cleanup, #cmd_background, #cmd_background_help, #cmd_download, #cmd_download_help, #cmd_help, #cmd_help_help, #cmd_irb, #cmd_irb_help, #cmd_pry, #cmd_pry_help, #cmd_resource, #cmd_resource_help, #cmd_sessions, #cmd_sessions_help, #cmd_shell, #cmd_shell_help, #cmd_source, #cmd_source_help, #cmd_upload, #cmd_upload_help, #commands, #docs_dir, #execute_file, #process_autoruns, #run_builtin_cmd, #run_single, #shell_close, #shell_command, #shell_init, #shell_read, #shell_write, type

Methods included from Rex::Ui::Text::Resource

#load_resource

Methods included from Scriptable

#execute_file, #execute_script, included, #legacy_script_to_post_module

Constructor Details

#initialize(conn, opts = nil) ⇒ AwsSsmCommandShellBind

Returns a new instance of AwsSsmCommandShellBind.



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'lib/msf/base/sessions/aws_ssm_command_shell_bind.rb', line 37

def initialize(conn, opts=nil)
  super

  if opts && (ssm_peer_info = opts.fetch(:aws_ssm_host_info))
    case ssm_peer_info['PlatformType']
    when 'Linux'
      @platform = 'linux'
      @session_type = 'shell'
    when 'MacOS'
      @platform = 'osx'
      @session_type = 'shell'
    when 'Windows'
      @platform = 'windows'
      @session_type = 'powershell:winpty'
      extend(Msf::Sessions::PowerShell::Mixin)
    end

    @info = "AWS SSM #{ssm_peer_info['ResourceType']} (#{ssm_peer_info['InstanceId']})"
  end
end

Instance Method Details

#abort_foreground_supportedObject



26
27
28
# File 'lib/msf/base/sessions/aws_ssm_command_shell_bind.rb', line 26

def abort_foreground_supported
  false
end

#bootstrap(*args) ⇒ Object



62
63
64
65
66
67
68
69
70
# File 'lib/msf/base/sessions/aws_ssm_command_shell_bind.rb', line 62

def bootstrap(*args)
  if @platform == 'linux'
    # The session from SSM-SessionManagerRunShell starts with a TTY which breaks the post API so change the settings
    # and make it behave in a way consistent with other shell sessions
    shell_command('stty -echo cbreak;pipe=$(mktemp -u);mkfifo -m 600 $pipe;cat $pipe & sh 1>$pipe 2>$pipe; rm $pipe; exit')
  end

  super
end

#descObject

Returns the session description.



76
77
78
# File 'lib/msf/base/sessions/aws_ssm_command_shell_bind.rb', line 76

def desc
  'AWS SSM command shell'
end

#shell_command_token_unix(cmd, timeout = 10) ⇒ Object



30
31
32
33
34
35
# File 'lib/msf/base/sessions/aws_ssm_command_shell_bind.rb', line 30

def shell_command_token_unix(cmd, timeout=10)
  res = super

  res.gsub!("\r\n", "\n") if res
  res
end

#typeObject



58
59
60
# File 'lib/msf/base/sessions/aws_ssm_command_shell_bind.rb', line 58

def type
  @session_type.dup
end