metasploit-framework/plugins/db_tracker.rb

module Msf
  ###
  #
  # This class hooks all socket calls and updates the database with
  # data gathered from the connection parameters
  #
  ###

  class Plugin::DB_Tracer < Msf::Plugin

    ###
    #
    # This class implements a socket communication tracker
    #
    ###
    class DBTracerEventHandler
      include Rex::Socket::Comm::Events

      def on_before_socket_create(comm, param); end

      def on_socket_created(_comm, sock, param)
        # Ignore local listening sockets
        return if !sock.peerhost

        if ((sock.peerhost != '0.0.0.0') && sock.peerport)

          # Ignore sockets that didn't set up their context
          # to hold the framework in 'Msf'
          return if !param.context['Msf']

          host = param.context['Msf'].db.find_or_create_host(host: sock.peerhost, state: Msf::HostState::Alive)
          return if !host

          param.context['Msf'].db.report_service(host: host, proto: param.proto, port: sock.peerport)
        end
      end
    end

    def initialize(framework, opts)
      super

      if !framework.db.active
        raise PluginLoadError, 'The database backend has not been initialized'
      end

      framework.plugins.each do |plugin|
        if plugin.instance_of?(Msf::Plugin::DB_Tracer)
          raise PluginLoadError, 'This plugin should not be loaded more than once'
        end
      end

      @eh = DBTracerEventHandler.new
      Rex::Socket::Comm::Local.register_event_handler(@eh)
    end

    def cleanup
      Rex::Socket::Comm::Local.deregister_event_handler(@eh)
    end

    def name
      'db_tracker'
    end

    def desc
      'Monitors socket calls and updates the database backend'
    end

  end
end
More recon hackery git-svn-id: file:///home/svn/incoming/trunk@3585 4d416f70-5f16-0410-b530-b9f4589650da 2006-04-03 06:33:34 +08:00			`module Msf`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00			`###`
			`#`
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`# This class hooks all socket calls and updates the database with`
			`# data gathered from the connection parameters`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00			`#`
			`###`

plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`class Plugin::DB_Tracer < Msf::Plugin`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`###`
			`#`
			`# This class implements a socket communication tracker`
			`#`
			`###`
			`class DBTracerEventHandler`
			`include Rex::Socket::Comm::Events`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`def on_before_socket_create(comm, param); end`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`def on_socket_created(_comm, sock, param)`
			`# Ignore local listening sockets`
			`return if !sock.peerhost`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -A plugins 2023-01-30 10:05:34 +08:00			`if ((sock.peerhost != '0.0.0.0') && sock.peerport)`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`# Ignore sockets that didn't set up their context`
			`# to hold the framework in 'Msf'`
			`return if !param.context['Msf']`

			`host = param.context['Msf'].db.find_or_create_host(host: sock.peerhost, state: Msf::HostState::Alive)`
			`return if !host`

			`param.context['Msf'].db.report_service(host: host, proto: param.proto, port: sock.peerport)`
			`end`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00			`end`
			`end`

plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`def initialize(framework, opts)`
			`super`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`if !framework.db.active`
			`raise PluginLoadError, 'The database backend has not been initialized'`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00			`end`

plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`framework.plugins.each do \|plugin\|`
			`if plugin.instance_of?(Msf::Plugin::DB_Tracer)`
			`raise PluginLoadError, 'This plugin should not be loaded more than once'`
			`end`
			`end`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`@eh = DBTracerEventHandler.new`
			`Rex::Socket::Comm::Local.register_event_handler(@eh)`
			`end`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`def cleanup`
			`Rex::Socket::Comm::Local.deregister_event_handler(@eh)`
			`end`
Retab all the things (except external/) 2013-10-01 02:47:53 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`def name`
			`'db_tracker'`
			`end`
More recon hackery git-svn-id: file:///home/svn/incoming/trunk@3585 4d416f70-5f16-0410-b530-b9f4589650da 2006-04-03 06:33:34 +08:00
plugins: rubocop -a plugins 2023-01-30 09:25:46 +08:00			`def desc`
			`'Monitors socket calls and updates the database backend'`
			`end`

			`end`
Report hosts as alive through db_tracker and the db Nmap and Nessus commands git-svn-id: file:///home/svn/framework3/trunk@5819 4d416f70-5f16-0410-b530-b9f4589650da 2008-11-01 02:39:53 +08:00			`end`