Module: Msf::Ui::Console::ModuleArgumentParsing

Included in:: CommandDispatcher::Exploit, CommandDispatcher::Post, ModuleActionCommands, ModuleCommandDispatcher

Defined in:: lib/msf/ui/console/module_argument_parsing.rb

Overview

A centralized mixin to ensure that options are consistently parsed across all module types when running a module’s cmd_run/cmd_check/cmd_exploit arguments

Constant Summary collapse

@@module_opts = Options which are standard and predictable across all modules

Rex::Parser::Arguments.new(
  ['-h', '--help']        => [ false, 'Help banner.'                                                       ],
  ['-j', '--job']         => [ false, 'Run in the context of a job.'                                       ],
  ['-J', '--foreground']  => [ false, 'Force running in the foreground, even if passive.'                  ],
  ['-o', '--options']     => [ true,  'A comma separated list of options in VAR=VAL format.', '<options>'  ],
  ['-q', '--quiet']       => [ false, 'Run the module in quiet mode with no output'                        ],
  ['-r', '--reload-libs'] => [ false, 'Reload all libraries before running.'                               ]
)

@@module_opts_with_action_support =

@@module_opts.merge(
  ['-a', '--action'] => [ true, 'The action to use. If none is specified, ACTION is used.', '<action>']
)

@@exploit_opts =

@@module_opts.merge(
  ['-e', '--encoder']       => [ true,  'The payload encoder to use.  If none is specified, ENCODER is used.', '<encoder>'   ],
  ['-f', '--force-run']     => [ false, 'Force the exploit to run regardless of the value of MinimumRank.'                   ],
  ['-n', '--nop-generator'] => [ true,  'The NOP generator to use.  If none is specified, NOP is used.', '<generator>'       ],
  ['-p', '--payload']       => [ true,  'The payload to use.  If none is specified, PAYLOAD is used.', '<payload>'           ],
  ['-t', '--target']        => [ true,  'The target index to use.  If none is specified, TARGET is used.', '<target>'        ],
  ['-z', '--no-interact']   => [ false, 'Do not interact with the session after successful exploitation.'                    ]
)

Instance Method Summary collapse

#append_datastore_option(datastore_options, name, value) ⇒ Object protected
#parse_check_opts(args) ⇒ Object
#parse_exploit_opts(args) ⇒ Object
#parse_opts(opts, args, help_cmd:, action: nil) ⇒ Object protected
#parse_run_opts(args, action: nil) ⇒ Object
#print_module_run_or_check_usage(command:, description: nil, options: @@module_opts) ⇒ Object
#quote_whitespaced_value(val) ⇒ Object protected

Wraps values which contain spaces in quotes to ensure it’s handled correctly later.
#resembles_datastore_assignment?(val) ⇒ Boolean protected
#resembles_rhost_value?(val) ⇒ Boolean protected

Instance Method Details

#append_datastore_option(datastore_options, name, value) ⇒ `Object` (protected)

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 186

def append_datastore_option(datastore_options, name, value)
  if name.casecmp?('RHOST') || name.casecmp?('RHOSTS')
    new_value = quote_whitespaced_value(value)
    if !datastore_options['RHOSTS']
      datastore_options['RHOSTS'] = new_value
    else
      datastore_options['RHOSTS'] = "#{datastore_options['RHOSTS']} #{new_value}"
    end
  else
    datastore_options[name.upcase] = value
  end
  datastore_options
end

#parse_check_opts(args) ⇒ `Object`

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 41

def parse_check_opts(args)
  help_cmd = proc do |_result|
    cmd_check_help
  end
  parse_opts(@@module_opts_with_action_support, args, help_cmd: help_cmd)&.slice(:datastore_options, :reload_libs)
end

#parse_exploit_opts(args) ⇒ `Object`

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 60

def parse_exploit_opts(args)
  help_cmd = proc do |_result|
    cmd_exploit_help
  end
  parse_opts(@@exploit_opts, args, help_cmd: help_cmd)
end

#parse_opts(opts, args, help_cmd:, action: nil) ⇒ `Object` (protected)

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 98

def parse_opts(opts, args, help_cmd:, action: nil)
  result = {
    jobify: false,
    quiet: false,
    datastore_options: {},
    action: action || mod.datastore['ACTION']
  }
  datastore_options = result[:datastore_options]
  opts.parse(args) do |opt, _idx, val|
    case opt
    when '-e'
      result[:encoder] = val
    when '-f'
      result[:force] = true
    when '-j'
      result[:jobify] = true
    when '-J'
      result[:jobify] = false
    when '-n'
      result[:nop] = val
    when '-o'
      if val.nil?
        print_error('Missing OptionStr value')
        help_cmd.call result
        return
      end
      val << '=' unless val.include?('=')
      val.split(',').each do |opt|
        name, value = opt.split('=', 2)
        append_datastore_option(datastore_options, name, value)
      end
    when '-p'
      result[:payload] = val
    when '-r'
      result[:reload_libs] = true
    when '-t'
      result[:target] = val.to_i
    when '-z'
      result[:background] = true
    when '-a'
      result[:action] = val
    when '-q'
      result[:quiet] = true
    when '-h'
      help_cmd.call result
      return
    else
      if val && val[0] == '-'
        help_cmd.call result
        return
      end

      if resembles_datastore_assignment?(val)
        name, val = val.split('=', 2)
        if name.upcase == 'ACTION'
          result[:action] = val
        else
          append_datastore_option(datastore_options, name, val)
        end
      elsif resembles_rhost_value?(val)
        append_datastore_option(datastore_options, 'RHOSTS', val)
      else
        print_error("Invalid argument #{val}")
        help_cmd.call result
        return
      end
    end
  end

  result
end

#parse_run_opts(args, action: nil) ⇒ `Object`

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 48

def parse_run_opts(args, action: nil)
  help_cmd = proc do |result|
    if result[:action].nil?
      cmd_run_help
    else
      cmd_action_help(action)
    end
  end

  parse_opts(@@module_opts_with_action_support, args, help_cmd: help_cmd, action: action)
end

#print_module_run_or_check_usage(command:, description: nil, options: @@module_opts) ⇒ `Object`

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 67

def print_module_run_or_check_usage(command:, description: nil, options: @@module_opts)
  description ||= command == :check ? 'Check if the target is vulnerable' : "Run the current #{name.downcase} module"

  is_http_mod = mod.is_a?(Msf::Exploit::Remote::HttpClient)
  is_smb_mod = mod.is_a?(Msf::Exploit::Remote::SMB::Client) || mod.options.include?('SMBUser')
  is_mysql_mod = mod.is_a?(Msf::Exploit::Remote::MYSQL)

  print_line("Usage: #{command} [options] [RHOSTS]")
  print_line('')
  print_line(description)
  print_line(options.usage)
  print_line('Examples:')
  print_line('')
  print_line("    #{command} 192.168.1.123")
  print_line("    #{command} 192.168.1.1-192.168.1.254")
  print_line("    #{command} file:///tmp/rhost_list.txt")
  print_line("    #{command} http://192.168.1.123/foo") if is_http_mod
  print_line("    #{command} http://user:pass@192.168.1.123/foo") if is_http_mod
  print_line("    #{command} HttpTrace=true http://192.168.1.123/foo") if is_http_mod
  print_line("    #{command} mysql://user:pass@192.168.1.123") if is_mysql_mod
  print_line("    #{command} SQL='select version()' mysql://user:pass@192.168.1.123") if is_mysql_mod && mod.options.include?('SQL')
  print_line("    #{command} smb://192.168.1.123") if is_smb_mod
  print_line("    #{command} smb://user:pass@192.168.1.123") if is_smb_mod
  print_line("    #{command} LPATH=/tmp/foo.txt smb://user:pass@192.168.1.123/share_name/foo.txt") if is_smb_mod && mod.options.include?('RPATH')
  print_line('')
  print_line('Learn more at https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html')
  print_line('')
end

#quote_whitespaced_value(val) ⇒ `Object` (protected)

Wraps values which contain spaces in quotes to ensure it’s handled correctly later



201
202
203

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 201

def quote_whitespaced_value(val)
  val.include?(' ') ? "\"#{val}\"" : val
end

#resembles_datastore_assignment?(val) ⇒ `Boolean` (protected)

Returns:

(Boolean)

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 170

def resembles_datastore_assignment?(val)
  return false unless val

  valid_option_regex = /^(\w|::)+=.*/
  valid_option_regex.match?(val)
end

#resembles_rhost_value?(val) ⇒ `Boolean` (protected)

Returns:

(Boolean)

# File 'lib/msf/ui/console/module_argument_parsing.rb', line 177

def resembles_rhost_value?(val)
  return false unless val

  ::Addressable::URI.parse(val)
  true
rescue ::Addressable::URI::InvalidURIError => _e
  false
end

Module: Msf::Ui::Console::ModuleArgumentParsing

Overview

Constant Summary collapse

Instance Method Summary collapse

Instance Method Details

#append_datastore_option(datastore_options, name, value) ⇒ Object (protected)

#parse_check_opts(args) ⇒ Object

#parse_exploit_opts(args) ⇒ Object

#parse_opts(opts, args, help_cmd:, action: nil) ⇒ Object (protected)

#parse_run_opts(args, action: nil) ⇒ Object

#print_module_run_or_check_usage(command:, description: nil, options: @@module_opts) ⇒ Object

#quote_whitespaced_value(val) ⇒ Object (protected)

#resembles_datastore_assignment?(val) ⇒ Boolean (protected)

#resembles_rhost_value?(val) ⇒ Boolean (protected)