msfrpc-client-1.1.2/0000755000175000017500000000000013616273146014216 5ustar utkarshutkarshmsfrpc-client-1.1.2/.travis.yml0000644000175000017500000000012113616273146016321 0ustar utkarshutkarshsudo: false group: stable cache: bundler language: ruby rvm: - 2.3.3 - 2.4.0 msfrpc-client-1.1.2/Rakefile0000644000175000017500000000016513616273146015665 0ustar utkarshutkarshrequire "bundler/gem_tasks" require "rspec/core/rake_task" RSpec::Core::RakeTask.new(:spec) task :default => :spec msfrpc-client-1.1.2/.gitignore0000644000175000017500000000000413616273146016200 0ustar utkarshutkarshpkg msfrpc-client-1.1.2/Gemfile0000644000175000017500000000013513616273146015510 0ustar utkarshutkarshsource 'https://rubygems.org' # Specify your gem's dependencies in rex-text.gemspec gemspec msfrpc-client-1.1.2/examples/0000755000175000017500000000000013616273146016034 5ustar utkarshutkarshmsfrpc-client-1.1.2/examples/msfrpc_pro_import.rb0000755000175000017500000000345713616273146022141 0ustar utkarshutkarsh#!/usr/bin/env ruby require 'rubygems' require 'optparse' require 'msfrpc-client' require 'rex/ui' def usage(ropts) $stderr.puts ropts if @rpc and @rpc.token wspaces = @rpc.call("pro.workspaces") rescue {} if wspaces.keys.length > 0 $stderr.puts "Active Projects:" wspaces.each_pair do |k,v| $stderr.puts "\t#{k}" end end end exit(1) end opts = {} # Parse script-specific options parser = Msf::RPC::Client.option_parser(opts) parser.separator('Task Options:') parser.on("--path PATH") do |path| opts[:path] = path end parser.on("--project PROJECT") do |project| opts[:project] = project end parser.on("--help") do $stderr.puts parser exit(1) end parser.separator('') parser.parse!(ARGV) @rpc = Msf::RPC::Client.new(opts) if not @rpc.token $stderr.puts "Error: Invalid RPC server options specified" $stderr.puts parser exit(1) end project = opts[:project] || usage(parser) path = opts[:path] || usage(parser) user = @rpc.call("pro.default_admin_user")['username'] task = @rpc.call("pro.start_import", { 'workspace' => project, 'username' => user, 'DS_PATH' => path }) if not task['task_id'] $stderr.puts "[-] Error starting the task: #{task.inspect}" exit(0) end puts "[*] Creating Task ID #{task['task_id']}..." while true select(nil, nil, nil, 0.50) stat = @rpc.call("pro.task_status", task['task_id']) if stat['status'] == 'invalid' $stderr.puts "[-] Error checking task status" exit(0) end info = stat[ task['task_id'] ] if not info $stderr.puts "[-] Error finding the task" exit(0) end if info['status'] == "error" $stderr.puts "[-] Error generating report: #{info['error']}" exit(0) end break if info['progress'] == 100 end $stdout.puts "[+] Task Complete!" msfrpc-client-1.1.2/examples/msfrpc_pro_exploit.rb0000755000175000017500000001337013616273146022306 0ustar utkarshutkarsh#!/usr/bin/env ruby require 'rubygems' require 'optparse' require 'msfrpc-client' require 'rex/ui' def usage(ropts) $stderr.puts ropts if @rpc and @rpc.token wspaces = @rpc.call("pro.workspaces") rescue {} if wspaces.keys.length > 0 $stderr.puts "Active Projects:" wspaces.each_pair do |k,v| $stderr.puts "\t#{k}" end end end $stderr.puts "" exit(1) end opts = {} opts[:blacklist] = '' opts[:whitelist_ports] = '' opts[:blacklist_ports] = '' opts[:exploit_timeout] = 5 opts[:limit_sessions] = true opts[:ignore_fragile_devices] = true opts[:filter_by_os] = true opts[:only_match] = false opts[:match_vulns] = true opts[:match_ports] = true opts[:payload_method] = "auto" opts[:payload_type] = "meterpreter" opts[:payload_ports] = "4000-5000" opts[:evasion_level_tcp] = 0 opts[:evasion_level_app] = 0 opts[:module_filter] = '' # Parse script-specific options parser = Msf::RPC::Client.option_parser(opts) parser.separator('Exploit Specific Options:') parser.on("--project PROJECT") do |x| opts[:project] = x end parser.on("--targets TARGETS") do |x| opts[:targets] = x end parser.on("--speed SPEED") do |x| opts[:speed] = x end parser.on("--minimum-rank RANK") do |x| opts[:rank] = x end parser.on("--blacklist BLACKLIST (optional)") do |x| opts[:blacklist] = x end parser.on("--whitelist-ports PORTS (optional)") do |x| opts[:whitelist_ports] = x end parser.on("--blacklist-ports PORTS (optional)") do |x| opts[:blacklist_ports] = x end parser.on("--exploit-timeout TIMEOUT (optional)") do |x| opts[:exploit_timeout] = x end parser.on("--limit-sessions (optional)") do |x| opts[:limit_sessions] = (x =~ /^(y|t|1)/i ? true : false ) end parser.on("--ignore-fragile-devices (optional)") do |x| opts[:ignore_fragile_devices] = (x =~ /^(y|t|1)/i ? true : false ) end parser.on("--filter-by-os (optional)") do |x| opts[:filter_by_os] = (x =~ /^(y|t|1)/i ? true : false ) end parser.on("--dry-run (optional)") do |x| opts[:only_match] = (x =~ /^(y|t|1)/i ? true : false ) end parser.on("--match-vulns (optional)") do |x| opts[:match_vulns] = (x =~ /^(y|t|1)/i ? true : false ) end parser.on("--match-ports (optional)") do |x| opts[:match_ports] = (x =~ /^(y|t|1)/i ? true : false ) end parser.on("--payload-method AUTO|REVERSE|BIND (optional)") do |x| opts[:payload_method] = x end parser.on("--payload-type METERPRETER|SHELL (optional)") do |x| opts[:payload_type] = x end parser.on("--payload-ports PORTS (optional)") do |x| opts[:payload_ports] = x end parser.on("--evasion-level-tcp LEVEL (optional)") do |x| opts[:evasion_level_tcp] = x end parser.on("--evasion-level-app LEVEL (optional)") do |x| opts[:evasion_level_app] = x end parser.on("--module-filter FILTER (optional)") do |x| opts[:module_filter] = x end parser.on("--help") do $stderr.puts parser exit(1) end parser.separator('') parser.parse!(ARGV) @rpc = Msf::RPC::Client.new(opts) if not @rpc.token $stderr.puts "Error: Invalid RPC server options specified" $stderr.puts parser exit(1) end # Store the user's settings project = opts[:project] || usage(parser) targets = opts[:targets] || usage(parser) rank = opts[:rank] || usage(parser) speed = opts[:speed] || usage(parser) blacklist = opts[:blacklist] whitelist_ports = opts[:whitelist_ports] blacklist_ports = opts[:blacklist_ports] exploit_timeout = opts[:exploit_timeout] limit_sessions = opts[:limit_sessions] ignore_fragile_devices = opts[:ignore_fragile_devices] filter_by_os = opts[:filter_by_os] only_match = opts[:only_match] match_vulns = opts[:match_vulns] match_ports = opts[:match_ports] payload_method = opts[:payload_method] payload_type = opts[:payload_type] payload_ports = opts[:payload_ports] evasion_level_tcp = opts[:evasion_level_tcp] evasion_level_app = opts[:evasion_level_app] module_filter = opts[:module_filter] #=== # Get the default user user = @rpc.call("pro.default_admin_user")['username'] # Create the task object with all options task = @rpc.call("pro.start_exploit", { 'workspace' => project, 'username' => user, 'DS_WHITELIST_HOSTS' => targets, 'DS_BLACKLIST_HOSTS' => blacklist, 'DS_WHITELIST_PORTS' => whitelist_ports, 'DS_BLACKLIST_PORTS' => blacklist_ports, 'DS_MinimumRank' => rank, 'DS_EXPLOIT_SPEED' => speed, 'DS_EXPLOIT_TIMEOUT' => exploit_timeout, 'DS_LimitSessions' => limit_sessions, 'DS_IgnoreFragileDevices' => ignore_fragile_devices, 'DS_FilterByOS' => filter_by_os, 'DS_OnlyMatch' => only_match, 'DS_MATCH_VULNS' => match_vulns, 'DS_MATCH_PORTS' => match_ports, 'DS_PAYLOAD_METHOD' => payload_method, 'DS_PAYLOAD_TYPE' => payload_type, 'DS_PAYLOAD_PORTS' => payload_ports, 'DS_EVASION_LEVEL_TCP' => evasion_level_tcp, 'DS_EVASION_LEVEL_APP' => evasion_level_app, 'DS_ModuleFilter' => module_filter }) puts "DEBUG: Running task with #{task.inspect}" if not task['task_id'] $stderr.puts "[-] Error starting the task: #{task.inspect}" exit(0) end puts "[*] Creating Task ID #{task['task_id']}..." while true select(nil, nil, nil, 0.50) stat = @rpc.call("pro.task_status", task['task_id']) if stat['status'] == 'invalid' $stderr.puts "[-] Error checking task status" exit(0) end info = stat[ task['task_id'] ] if not info $stderr.puts "[-] Error finding the task" exit(0) end if info['status'] == "error" $stderr.puts "[-] Error generating report: #{info['error']}" exit(0) end break if info['progress'] == 100 end $stdout.puts "[+] Task Complete!" msfrpc-client-1.1.2/examples/msfrpc_pro_nexpose.rb0000755000175000017500000000635413616273146022307 0ustar utkarshutkarsh#!/usr/bin/env ruby require 'rubygems' require 'optparse' require 'msfrpc-client' require 'rex/ui' def usage(ropts) $stderr.puts ropts if @rpc and @rpc.token wspaces = @rpc.call("pro.workspaces") rescue {} if wspaces.keys.length > 0 $stderr.puts "Active Projects:" wspaces.each_pair do |k,v| $stderr.puts "\t#{k}" end end end $stderr.puts "" exit(1) end opts = {} # Parse script-specific options parser = Msf::RPC::Client.option_parser(opts) parser.separator('NeXpose Specific Options:') parser.on("--project PROJECT") do |x| opts[:project] = x end parser.on("--targets TARGETS") do |x| opts[:targets] = [x] end parser.on("--nexpose-host HOST") do |x| opts[:nexpose_host] = x end parser.on("--nexpose-user USER") do |x| opts[:nexpose_user] = x end parser.on("--nexpose-pass PASSWORD") do |x| opts[:nexpose_pass] = x end parser.on("--nexpose-pass-file PATH") do |x| opts[:nexpose_pass_file] = x end parser.on("--scan-template TEMPLATE (optional)") do |x| opts[:scan_template] = x end parser.on("--nexpose-port PORT (optional)") do |x| opts[:nexpose_port] = x end parser.on("--blacklist BLACKLIST (optional)") do |x| opts[:blacklist] = x end parser.on("--help") do $stderr.puts parser exit(1) end parser.separator('') parser.parse!(ARGV) @rpc = Msf::RPC::Client.new(opts) if not @rpc.token $stderr.puts "Error: Invalid RPC server options specified" $stderr.puts parser exit(1) end # Get the password from the file if opts[:nexpose_pass_file] nexpose_pass = File.open(opts[:nexpose_pass_file],"r").read.chomp! else nexpose_pass = opts[:nexpose_pass] || usage(parser) end # Store the user's settings project = opts[:project] || usage(parser), targets = opts[:targets] || usage(parser), blacklist = opts[:blacklist], nexpose_host = opts[:nexpose_host] || usage(parser), nexpose_port = opts[:nexpose_port] || "3780", nexpose_user = opts[:nexpose_user] || "nxadmin" scan_template = opts[:scan_template] || "pentest-audit" # Get the default user user = @rpc.call("pro.default_admin_user")['username'] options = { 'workspace' => project, 'username' => user, 'DS_WHITELIST_HOSTS' => targets, 'DS_NEXPOSE_HOST' => nexpose_host, 'DS_NEXPOSE_PORT' => nexpose_port, 'DS_NEXPOSE_USER' => nexpose_user, 'nexpose_pass' => nexpose_pass, 'DS_SCAN_TEMPLATE' => scan_template } puts "DEBUG: Running task with #{options}" # Create the task object with all options task = @rpc.call("pro.start_exploit", options) if not task['task_id'] $stderr.puts "[-] Error starting the task: #{task.inspect}" exit(0) end puts "[*] Creating Task ID #{task['task_id']}..." while true select(nil, nil, nil, 0.50) stat = @rpc.call("pro.task_status", task['task_id']) if stat['status'] == 'invalid' $stderr.puts "[-] Error checking task status" exit(0) end info = stat[ task['task_id'] ] if not info $stderr.puts "[-] Error finding the task" exit(0) end if info['status'] == "error" $stderr.puts "[-] Error generating report: #{info['error']}" exit(0) end break if info['progress'] == 100 end $stdout.puts "[+] Task Complete!" msfrpc-client-1.1.2/examples/msfrpc_pro_discover.rb0000755000175000017500000001217513616273146022442 0ustar utkarshutkarsh#!/usr/bin/env ruby require 'rubygems' require 'optparse' require 'msfrpc-client' require 'rex/ui' def usage(ropts) $stderr.puts ropts if @rpc and @rpc.token wspaces = @rpc.call("pro.workspaces") rescue {} if wspaces.keys.length > 0 $stderr.puts "Active Projects:" wspaces.each_pair do |k,v| $stderr.puts "\t#{k}" end end end $stderr.puts "" exit(1) end opts = {} # Parse script-specific options parser = Msf::RPC::Client.option_parser(opts) parser.separator('Discover Mandatory Options:') parser.on("--project PROJECT") do |x| opts[:project] = x end parser.on("--targets TARGETS") do |x| opts[:targets] = [x] end parser.on("--blacklist BLACKLIST (optional)") do |x| opts[:blacklist] = x end parser.on("--speed SPEED (optional)") do |x| opts[:speed] = x end parser.on("--extra-ports PORTS (optional)") do |x| opts[:extra_ports] = x end parser.on("--blacklist-ports PORTS (optional)") do |x| opts[:blacklist_ports] = x end parser.on("--custom-ports PORTS (optional)") do |x| opts[:custom_ports] = x end parser.on("--portscan-timeout TIMEOUT (optional)") do |x| opts[:portscan_timeout] = x end parser.on("--source-port PORT (optional)") do |x| opts[:source_port] = x end parser.on("--custom-nmap-options OPTIONS (optional)") do |x| opts[:custom_nmap_options] = x end parser.on("--disable-udp-probes (optional)") do opts[:disable_udp_probes] = true end parser.on("--disable-finger-users (optional)") do opts[:disable_finger_users] = true end parser.on("--disable-snmp-scan (optional)") do opts[:disable_snmp_scan] = true end parser.on("--disable-service-identification (optional)") do opts[:disable_service_identification] = true end parser.on("--smb-user USER (optional)") do |x| opts[:smb_user] = x end parser.on("--smb-pass PASS (optional)") do |x| opts[:smb_pass] = x end parser.on("--smb-domain DOMAIN (optional)") do |x| opts[:smb_domain] = x end parser.on("--dry-run (optional)") do opts[:dry_run] = true end parser.on("--single-scan (optional)") do opts[:single_scan] = true end parser.on("--fast-detect (optional)") do opts[:fast_detect] = true end parser.on("--help") do $stderr.puts parser exit(1) end parser.separator('') parser.parse!(ARGV) @rpc = Msf::RPC::Client.new(opts) if not @rpc.token $stderr.puts "Error: Invalid RPC server options specified" $stderr.puts parser exit(1) end # Provide default values for certain options - If there's no alternative set # use the default provided by Pro -- see the documentation. project = opts[:project] || usage(parser) targets = opts[:targets] || usage(parser) blacklist = opts[:blacklist] speed = opts[:speed] || "5" extra_ports = opts[:extra_ports] blacklist_ports = opts[:blacklist_ports] custom_ports = opts[:custom_ports] portscan_timeout = opts[:portscan_timeout] || 300 source_port = opts[:source_port] custom_nmap_options = opts[:custom_nmap_options] || disable_udp_probes = opts[:disable_udp_probes] || false disable_finger_users = opts[:disable_finger_users] || false disable_snmp_scan = opts[:disable_snmp_scan] || false disable_service_identification = opts[:disable_service_identification] || false smb_user = opts[:smb_user] || "" smb_pass = opts[:smb_pass] || "" smb_domain = opts[:smb_domain] || "" single_scan = opts[:single_scan] || false fast_detect = opts[:fast_detect] || false # Get the default user from Pro user = @rpc.call("pro.default_admin_user")['username'] # Create the task object with all options task = @rpc.call("pro.start_discover", { 'workspace' => project, 'username' => user, 'ips' => targets, 'DS_BLACKLIST_HOSTS' => blacklist, 'DS_PORTSCAN_SPEED' => speed, 'DS_PORTS_EXTRA' => extra_ports, 'DS_PORTS_BLACKLIST' => blacklist_ports, 'DS_PORTS_CUSTOM' => custom_ports, 'DS_PORTSCAN_TIMEOUT' => portscan_timeout, 'DS_PORTSCAN_SOURCE_PORT' => source_port, 'DS_CustomNmap' => custom_nmap_options, 'DS_UDP_PROBES' => disable_udp_probes, 'DS_FINGER_USERS' => disable_finger_users, 'DS_SNMP_SCAN' => disable_snmp_scan, 'DS_IDENTIFY_SERVICES' => disable_service_identification, 'DS_SMBUser' => smb_user, 'DS_SMBPass' => smb_pass, 'DS_SMBDomain' => smb_domain, 'DS_SINGLE_SCAN' => single_scan, 'DS_FAST_DETECT' => fast_detect }) puts "DEBUG: Running task with #{task.inspect}" if not task['task_id'] $stderr.puts "[-] Error starting the task: #{task.inspect}" exit(0) end puts "[*] Creating Task ID #{task['task_id']}..." while true select(nil, nil, nil, 0.50) stat = @rpc.call("pro.task_status", task['task_id']) if stat['status'] == 'invalid' $stderr.puts "[-] Error checking task status" exit(0) end info = stat[ task['task_id'] ] if not info $stderr.puts "[-] Error finding the task" exit(0) end if info['status'] == "error" $stderr.puts "[-] Error generating report: #{info['error']}" exit(0) end break if info['progress'] == 100 end $stdout.puts "[+] Task Complete!" msfrpc-client-1.1.2/examples/msfrpc_pro_report.rb0000755000175000017500000000565413616273146022143 0ustar utkarshutkarsh#!/usr/bin/env ruby require 'rubygems' require 'optparse' require 'msfrpc-client' require 'rex/ui' def usage(ropts) $stderr.puts ropts if @rpc and @rpc.token wspaces = @rpc.call("pro.workspaces") rescue {} if wspaces.keys.length > 0 $stderr.puts "Active Projects:" wspaces.each_pair do |k,v| $stderr.puts "\t#{k}" end end end $stderr.puts "" exit(1) end opts = { :format => 'PDF' } parser = Msf::RPC::Client.option_parser(opts) parser.separator('Report Options:') parser.on("--format FORMAT") do |v| opts[:format] = v.upcase end parser.on("--project PROJECT") do |v| opts[:project] = v end parser.on("--output OUTFILE") do |v| opts[:output] = v end parser.on("--help") do $stderr.puts ropts exit(1) end parser.separator('') parser.parse!(ARGV) @rpc = Msf::RPC::Client.new(opts) if not @rpc.token $stderr.puts "Error: Invalid RPC server options specified" $stderr.puts parser exit(1) end wspace = opts[:project] || usage(parser) fname = opts[:output] || usage(parser) rtype = opts[:format] user = @rpc.call("pro.default_admin_user")['username'] task = @rpc.call("pro.start_report", { 'DS_WHITELIST_HOSTS' => "", 'DS_BLACKLIST_HOSTS' => "", 'workspace' => wspace, 'username' => user, 'DS_MaskPasswords' => false, 'DS_IncludeTaskLog' => false, 'DS_JasperDisplaySession' => true, 'DS_JasperDisplayCharts' => true, 'DS_LootExcludeScreenshots' => false, 'DS_LootExcludePasswords' => false, 'DS_JasperTemplate' => "msfxv3.jrxml", 'DS_REPORT_TYPE' => rtype.upcase, 'DS_UseJasper' => true, 'DS_UseCustomReporting' => true, 'DS_JasperProductName' => "Metasploit Pro", 'DS_JasperDbEnv' => "production", 'DS_JasperLogo' => '', 'DS_JasperDisplaySections' => "1,2,3,4,5,6,7,8", 'DS_EnablePCIReport' => true, 'DS_EnableFISMAReport' => true, 'DS_JasperDisplayWeb' => true, }) if not task['task_id'] $stderr.puts "[-] Error generating the report: #{task.inspect}" exit(0) end puts "[*] Report is generating with Task ID #{task['task_id']}..." while true select(nil, nil, nil, 0.50) stat = @rpc.call("pro.task_status", task['task_id']) if stat['status'] == 'invalid' $stderr.puts "[-] Error checking task status" exit(0) end info = stat[ task['task_id'] ] if not info $stderr.puts "[-] Error finding the task" exit(0) end if info['status'] == "error" $stderr.puts "[-] Error generating report: #{info['error']}" exit(0) end break if info['progress'] == 100 end report = @rpc.call('pro.report_download_by_task', task['task_id']) if report and report['data'] ::File.open(fname, "wb") do |fd| fd.write(report['data']) end $stderr.puts "[-] Report saved to #{::File.expand_path(fname)}" else $stderr.puts "[-] Error downloading report: #{report.inspect}" end msfrpc-client-1.1.2/examples/msfrpc_irb.rb0000755000175000017500000000213713616273146020515 0ustar utkarshutkarsh#!/usr/bin/env ruby require 'rubygems' require 'optparse' require 'msfrpc-client' # Use the RPC option parser to handle standard flags opts = {} parser = Msf::RPC::Client.option_parser(opts) parser.parse!(ARGV) # Parse additional options, environment variables, etc opts = Msf::RPC::Client.option_handler(opts) # Create the RPC client with our parsed options rpc = Msf::RPC::Client.new(opts) $stdout.puts "[*] The RPC client is available in variable 'rpc'" if rpc.token $stdout.puts "[*] Sucessfully authenticated to the server" end $stdout.puts "[*] Starting IRB shell..." load('irb.rb') IRB.setup(nil) IRB.conf[:PROMPT_MODE] = :SIMPLE # Create a new IRB instance irb = IRB::Irb.new(IRB::WorkSpace.new(binding)) # Set the primary irb context so that exit and other intrinsic # commands will work. IRB.conf[:MAIN_CONTEXT] = irb.context # Trap interrupt old_sigint = trap("SIGINT") do begin irb.signal_handle rescue RubyLex::TerminateLineInput irb.eval_input end end # Keep processing input until the cows come home... catch(:IRB_EXIT) do irb.eval_input end trap("SIGINT", old_sigint) msfrpc-client-1.1.2/LICENSE0000644000175000017500000000273513616273146015232 0ustar utkarshutkarshCopyright (C) 2012-2016, Rapid7, Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Rapid7 LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. msfrpc-client-1.1.2/.ruby-version0000644000175000017500000000000613616273146016657 0ustar utkarshutkarsh2.5.1 msfrpc-client-1.1.2/README.markdown0000644000175000017500000000043613616273146016722 0ustar utkarshutkarsh# Metasploit Pro RPC Client This is the official Ruby client for the Metasploit Pro RPC service. Metasploit Pro is a commercial penetration testing product provided by Rapid7. For more information on Metasploit Pro, please visit the http://metasploit.com/ site. # Credits Rapid7 LLC msfrpc-client-1.1.2/msfrpc-client.gemspec0000644000175000017500000000212013616273146020324 0ustar utkarshutkarsh# -*- encoding: utf-8 -*- $LOAD_PATH.push File.expand_path('../lib', __FILE__) require 'msfrpc-client/version' Gem::Specification.new do |spec| spec.name = 'msfrpc-client' spec.version = Msf::RPC::VERSION spec.authors = [ 'HD Moore', 'Brent Cook' ] spec.email = [ 'x@hdm.io', 'bcook@rapid7.com' ] spec.homepage = "http://www.metasploit.com/" spec.summary = %q{Ruby API for the Rapid7 Metasploit RPC service} spec.description = %q{ This gem provides a Ruby client API to access the Rapid7 Metasploit RPC service. }.gsub(/\s+/, ' ').strip spec.files = `git ls-files`.split("\n") spec.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") spec.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } spec.require_paths = ['lib'] spec.licenses = ['BSD-2-Clause'] spec.add_runtime_dependency 'msgpack', '~> 1' spec.add_development_dependency "bundler", '~> 1' spec.add_development_dependency "rake", '~> 12' spec.add_development_dependency "rspec", '~> 3' end msfrpc-client-1.1.2/lib/0000755000175000017500000000000013616273146014764 5ustar utkarshutkarshmsfrpc-client-1.1.2/lib/msfrpc-client/0000755000175000017500000000000013616273146017532 5ustar utkarshutkarshmsfrpc-client-1.1.2/lib/msfrpc-client/version.rb0000644000175000017500000000007013616273146021541 0ustar utkarshutkarshmodule Msf module RPC VERSION = "1.1.2" end end msfrpc-client-1.1.2/lib/msfrpc-client/constants.rb0000644000175000017500000000122613616273146022074 0ustar utkarshutkarshmodule Msf module RPC API_VERSION = '1.0' class Exception < RuntimeError attr_accessor :message def initialize(message) self.message = message end def to_s self.message end end class ServerException < RuntimeError attr_accessor :code, :message, :error_class, :error_backtrace def initialize(code, message, error_class, error_backtrace = []) self.code = code self.message = message self.error_class = error_class self.error_backtrace = error_backtrace end def to_s self.message end end end end msfrpc-client-1.1.2/lib/msfrpc-client/client.rb0000644000175000017500000002023213616273146021334 0ustar utkarshutkarsh# -*- coding: binary -*- require 'net/http' require 'openssl' # MessagePack for data encoding (http://www.msgpack.org/) require 'msgpack' # Standardize option parsing require 'optparse' # Parse configuration file require 'yaml' # Constants used by this client require 'msfrpc-client/constants' module Msf module RPC class Client # @!attribute token # @return [String] A login token. attr_accessor :token # @!attribute info # @return [Hash] Login information. attr_accessor :info # Initializes the RPC client to connect to: https://127.0.0.1:3790 (TLS1) # The connection information is overridden through the optional info hash. # # @param [Hash] info Information needed for the initialization. # @option info [String] :token A token used by the client. # @return [void] def initialize(info = {}) @user = nil @pass = nil self.info = { host: '127.0.0.1', port: 3790, uri: '/api/', ssl: true, ssl_version: 'TLS1.2', }.merge(info) self.token = self.info[:token] end # Logs in by calling the 'auth.login' API. The authentication token will # expire after 5 minutes, but will automatically be rewnewed when you # make a new RPC request. # # @param [String] user Username. # @param [String] pass Password. # @raise RuntimeError Indicating a failed authentication. # @return [TrueClass] Indicating a successful login. def login(user, pass) @user = user @pass = pass res = self.call('auth.login', user, pass) unless res && res['result'] == 'success' raise Msf::RPC::Exception.new('Authentication failed') end self.token = res['token'] true end # Attempts to login again with the last known user name and password. # # @return [TrueClass] Indicating a successful login. def re_login login(@user, @pass) end # Calls an API. # # @param [String] meth The RPC API to call. # @param [Array] args The arguments to pass. # @raise [RuntimeError] Something is wrong while calling the remote API, # including: # * A missing token (your client needs to # authenticate). # * A unexpected response from the server, such as # a timeout or unexpected HTTP code. # @raise [Msf::RPC::ServerException] The RPC service returns an error. # @return [Hash] The API response. It contains the following keys: # * 'version' [String] Framework version. # * 'ruby' [String] Ruby version. # * 'api' [String] API version. # @example # # This will return something like this: # # {"version"=>"4.11.0-dev", # # "ruby"=>"2.1.5 x86_64-darwin14.0 2014-11-13", "api"=>"1.0"} # rpc.call('core.version') def call(meth, *args) if meth == 'auth.logout' do_logout_cleanup end unless meth == 'auth.login' unless self.token raise Msf::RPC::Exception.new('Client not authenticated') end args.unshift(self.token) end args.unshift(meth) begin send_rpc_request(args) rescue Msf::RPC::ServerException => e if e.message =~ /Invalid Authentication Token/i && meth != 'auth.login' && @user && @pass re_login args[1] = self.token retry else raise e end end end # Closes the client. # # @return [void] def close @cli = nil end # # Class methods # # # Provides a parser object that understands the # RPC specific options # def self.option_parser(options) parser = OptionParser.new parser.banner = "Usage: #{$PROGRAM_NAME} [options]" parser.separator('') parser.separator('RPC Options:') parser.on('--rpc-host HOST') do |v| options[:host] = v end parser.on('--rpc-port PORT') do |v| options[:port] = v.to_i end parser.on('--rpc-ssl ') do |v| options[:ssl] = v end parser.on('--rpc-uri URI') do |v| options[:uri] = v end parser.on('--rpc-user USERNAME') do |v| options[:user] = v end parser.on('--rpc-pass PASSWORD') do |v| options[:pass] = v end parser.on('--rpc-token TOKEN') do |v| options[:token] = v end parser.on('--rpc-config CONFIG-FILE') do |v| options[:config] = v end parser.on('--rpc-help') do $stderr.puts parser exit(1) end parser.separator('') parser end # # Load options from the command-line, environment. # and any configuration files specified # def self.option_handler(options = {}) options[:host] ||= ENV['MSFRPC_HOST'] options[:port] ||= ENV['MSFRPC_PORT'] options[:uri] ||= ENV['MSFRPC_URI'] options[:user] ||= ENV['MSFRPC_USER'] options[:pass] ||= ENV['MSFRPC_PASS'] options[:ssl] ||= ENV['MSFRPC_SSL'] options[:token] ||= ENV['MSFRPC_TOKEN'] options[:config] ||= ENV['MSFRPC_CONFIG'] empty_keys = options.keys.select { |k| options[k].nil? } empty_keys.each { |k| options.delete(k) } config_file = options.delete(:config) if config_file yaml_data = ::File.read(config_file) rescue nil if yaml_data yaml = ::YAML.load(yaml_data) rescue nil if yaml && yaml.is_a?(::Hash) && yaml['options'] yaml['options'].each_pair do |k, v| case k when 'ssl' options[k.intern] = !!(v.to_s =~ /^(t|y|1)/i) when 'port' options[k.intern] = v.to_i else options[k.intern] = v end end else $stderr.puts "Could not parse configuration file: #{config_file}" exit(1) end else $stderr.puts "Could not read configuration file: #{config_file}" exit(1) end end options[:port] = options[:port].to_i if options[:port] options[:ssl] = !!(options[:ssl].to_s =~ /^(t|y|1)/i) if options[:ssl] options end private def send_rpc_request(args) unless @cli @cli = Net::HTTP.new(info[:host], info[:port]) @cli.use_ssl = info[:ssl] @cli.verify_mode = OpenSSL::SSL::VERIFY_NONE end req = Net::HTTP::Post.new(self.info[:uri], initheader = { 'User-Agent' => "Metasploit RPC Client/#{API_VERSION}", 'Content-Type' => 'binary/message-pack' } ) req.body = args.to_msgpack begin res = @cli.request(req) rescue => e raise Msf::RPC::ServerException.new(000, e.message, e.class) end if res && [200, 401, 403, 500].include?(res.code.to_i) resp = MessagePack.unpack(res.body) # Boolean true versus truthy check required here; # RPC responses such as { "error" => "Here I am" } and # { "error" => # "" } must be accommodated. if resp && resp.is_a?(::Hash) && resp['error'] == true raise Msf::RPC::ServerException.new( resp['error_code'] || res.code, resp['error_message'] || resp['error_string'], resp['error_class'], resp['error_backtrace'] ) end return resp else if res raise Msf::RPC::Exception.new(res.inspect) else raise Msf::RPC::Exception.new('Unknown error parsing or sending response') end end end def do_logout_cleanup @user = nil @pass = nil end end end end msfrpc-client-1.1.2/lib/msfrpc-client.rb0000644000175000017500000000004013616273146020051 0ustar utkarshutkarshrequire 'msfrpc-client/client' msfrpc-client-1.1.2/Gemfile.lock0000644000175000017500000000123613616273146016442 0ustar utkarshutkarshPATH remote: . specs: msfrpc-client (1.1.2) msgpack (~> 1) GEM remote: https://rubygems.org/ specs: diff-lcs (1.3) msgpack (1.2.4) rake (12.3.1) rspec (3.8.0) rspec-core (~> 3.8.0) rspec-expectations (~> 3.8.0) rspec-mocks (~> 3.8.0) rspec-core (3.8.0) rspec-support (~> 3.8.0) rspec-expectations (3.8.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-mocks (3.8.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-support (3.8.0) PLATFORMS ruby DEPENDENCIES bundler (~> 1) msfrpc-client! rake (~> 12) rspec (~> 3) BUNDLED WITH 1.17.1