msfcli action

git-svn-id: file:///home/svn/incoming/trunk@2944 4d416f70-5f16-0410-b530-b9f4589650da

documentation/plan.txt

@@ -28,8 +28,6 @@ X     - stack requirements
 X   - make payload prepend target specific
 X - sessions
 X   - logging session activity
-  - handler sharing
-    - exploits using the same payload/handler can share (ref count)
 - modules needing ports (above other modules)
   - encoders
     - shikata
@@ -42,10 +40,10 @@ X   - logging session activity
 - user interfaces
   - general
     - add concept of EVASION option (high, normal, low)
-    - logging improvements
+X   - logging improvements
-      - provide log file setting interface
+X     - provide log file setting interface
 X     - log by default in the LogDir
-  - msfcli
+X - msfcli
   - msfweb
 X - msfpayload
 X - msfencode
@@ -100,6 +98,9 @@ Things that would be useful to have completed, but not a requirement:
     - basic range/port scanner
     - basic service identifier
     - basic OS fingerprinting
+- framework-core
+  - handler sharing
+    - exploits using the same payload/handler can share (ref count)
 - framework-base
   - event correlation
     - recon events correlations

lib/msf/base/serializer/readable_text.rb

@@ -35,6 +35,43 @@ class ReadableText
 		end
 	end
 
+	#
+	# Dumps an exploit's targets.
+	#
+	def self.dump_exploit_targets(mod, indent = '', h = nil)
+		tbl = Rex::Ui::Text::Table.new(
+			'Indent'  => indent.length,
+			'Header'  => h,
+			'Columns' =>
+				[
+					'Id', 
+					'Name',
+				])
+
+		mod.targets.each_with_index { |target, idx|
+			tbl << [ idx.to_s, target.name || 'All' ]	
+		}
+
+		tbl.to_s + "\n"
+	end
+
+	def self.dump_compatible_payloads(exploit, indent = '', h = nil)
+		tbl = Rex::Ui::Text::Table.new(
+			'Indent'  => indent.length,
+			'Header'  => h,
+			'Columns' =>
+				[
+					'Name', 
+					'Description',
+				])
+
+		exploit.compatible_payloads.each { |entry|
+			tbl << [ entry[0], entry[1].new.description ]
+		}
+
+		tbl.to_s + "\n"
+	end
+
 	#
 	# Dumps information about an exploit module.
 	#
@@ -54,32 +91,20 @@ class ReadableText
 		output += "\n"
 
 		# Targets
-		tbl = Rex::Ui::Text::Table.new(
-			'Indent'  => indent.length,
-			'Columns' =>
-				[
-					'Id', 
-					'Name',
-				])
-
 		output += "Available targets:\n"
-		mod.targets.each_with_index { |target, idx|
+		output += dump_exploit_targets(mod, indent)
-			tbl << [ idx.to_s, target.name || 'All' ]	
+		
-		}
-		output += tbl.to_s 
-		output += "\n"
-
 		# Options
 		if (mod.options.has_options?)
 			output += "Available options:\n"
-			output += dump_options(mod)
+			output += dump_options(mod, indent)
 			output += "\n"
 		end
 
 		# Advanced options
 		if (mod.options.has_advanced_options?)
 			output += "Advanced options:\n"
-			output += dump_advanced_options(mod)
+			output += dump_advanced_options(mod, indent)
 			output += "\n"
 		end
 
@@ -198,9 +223,9 @@ class ReadableText
 	# Dumps the list of options associated with the
 	# supplied module.
 	#
-	def self.dump_options(mod, indent = DefaultIndent)
+	def self.dump_options(mod, indent = '')
 		tbl = Rex::Ui::Text::Table.new(
-			'Indent'  => indent,
+			'Indent'  => indent.length,
 			'Columns' =>
 				[
 					'Name', 
@@ -222,9 +247,9 @@ class ReadableText
 		return tbl.to_s
 	end
 
-	def self.dump_advanced_options(mod, indent = DefaultIndent)
+	def self.dump_advanced_options(mod, indent = '')
 		output = ''
-		pad    = ' ' * indent
+		pad    = indent
 
 		mod.options.sorted.each { |entry|
 			name, opt = entry
@@ -235,7 +260,7 @@ class ReadableText
 
 			output += pad + "Name   : #{name}\n"
 			output += pad + "Default: #{val}\n\n"
-			output += word_wrap(opt.desc, indent + 3)
+			output += word_wrap(opt.desc, indent.length + 3)
 		}
 
 		return output

lib/msf/base/simple/exploit.rb

@@ -40,6 +40,11 @@ module Exploit
 		driver.target_idx = target_idx
 		driver.payload    = exploit.framework.modules.create(opts['Payload'])
 
+		# Set the force wait for session flag if the caller requested force
+		# blocking.  This is so that passive exploits can be blocked on from
+		# things like the cli.
+		driver.force_wait_for_session = true if (opts['ForceBlocking'] == true)
+
 		# Was the payload valid?
 		if (driver.payload == nil)
 			raise MissingPayloadError,

lib/msf/core/exploit_driver.rb

@@ -16,10 +16,11 @@ module Msf
 class ExploitDriver
 
 	def initialize(framework)
-		self.payload    = nil
+		self.payload                = nil
-		self.exploit    = nil
+		self.exploit                = nil
-		self.target_idx = nil
+		self.target_idx             = nil
-		self.use_job    = false
+		self.use_job                = false
+		self.force_wait_for_session = false
 	end
 
 	#
@@ -144,6 +145,7 @@ class ExploitDriver
 	attr_accessor :exploit
 	attr_accessor :payload
 	attr_accessor :use_job
+	attr_accessor :force_wait_for_session
 
 protected
 
@@ -161,11 +163,12 @@ protected
 	
 			# Launch the exploit
 			exploit.exploit
-	
+
 			# Wait the payload to acquire a session if this isn't a passive-style
-			# exploit
+			# exploit.
-			if (exploit.passive? == false)
+			if (exploit.passive? == false or force_wait_for_session == true)
-				self.session = payload.wait_for_session
+				self.session = payload.wait_for_session(
+					(exploit.passive? == true) ? nil : payload.wfs_delay)
 			end
 		rescue
 			elog("Exploit failed: #{$!}", 'core', LEV_0)