Land #6577, add controls for Android ringer

2016-02-26 07:02:49 -06:00 · 2016-02-26 07:02:49 -06:00 · 7acba69e37
parent 89b0c8a27a 1427887efe
commit 7acba69e37
5 changed files with 46 additions and 7 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -13,7 +13,7 @@ PATH
      metasploit-concern (= 1.0.0)
      metasploit-credential (= 1.0.1)
      metasploit-model (= 1.0.0)
-      metasploit-payloads (= 1.1.0)
+      metasploit-payloads (= 1.1.1)
      metasploit_data_models (= 1.2.10)
      msgpack
      network_interface (~> 0.0.1)
@ -124,7 +124,7 @@ GEM
      activemodel (>= 4.0.9, < 4.1.0)
      activesupport (>= 4.0.9, < 4.1.0)
      railties (>= 4.0.9, < 4.1.0)
-    metasploit-payloads (1.1.0)
+    metasploit-payloads (1.1.1)
    metasploit_data_models (1.2.10)
      activerecord (>= 4.0.9, < 4.1.0)
      activesupport (>= 4.0.9, < 4.1.0)
--- a/lib/rex/post/meterpreter/extensions/android/android.rb
+++ b/lib/rex/post/meterpreter/extensions/android/android.rb
@ -71,6 +71,12 @@ class Android < Extension
    response = client.send_request(request)
    response.get_tlv(TLV_TYPE_SHUTDOWN_OK).value
  end
+  
+  def set_audio_mode(n)
+    request = Packet.create_request('set_audio_mode')
+    request.add_tlv(TLV_TYPE_AUDIO_MODE, n)
+    response = client.send_request(request)
+  end

  def interval_collect(opts)
    request = Packet.create_request('interval_collect')
--- a/lib/rex/post/meterpreter/extensions/android/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/android/tlv.rb
@ -75,6 +75,7 @@ TLV_TYPE_CELL_BASE_LAT               = TLV_META_TYPE_UINT      | (TLV_EXTENSIONS
 TLV_TYPE_CELL_BASE_LONG              = TLV_META_TYPE_UINT      | (TLV_EXTENSIONS + 9072)
 TLV_TYPE_CELL_NET_ID                 = TLV_META_TYPE_UINT      | (TLV_EXTENSIONS + 9073)
 TLV_TYPE_CELL_SYSTEM_ID              = TLV_META_TYPE_UINT      | (TLV_EXTENSIONS + 9074)
+TLV_TYPE_AUDIO_MODE                  = TLV_META_TYPE_UINT      | (TLV_EXTENSIONS + 9075)

 TLV_TYPE_URI_STRING                  = TLV_META_TYPE_STRING    | (TLV_EXTENSIONS + 9101)
 TLV_TYPE_ACTIVITY_START_RESULT       = TLV_META_TYPE_BOOL      | (TLV_EXTENSIONS + 9102)
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb
@ -30,7 +30,8 @@ class Console::CommandDispatcher::Android
      'send_sms'          => 'Sends SMS from target session',
      'wlan_geolocate'    => 'Get current lat-long using WLAN information',
      'interval_collect'  => 'Manage interval collection capabilities',
-      'activity_start'    => 'Start an Android activity from a Uri string'
+      'activity_start'    => 'Start an Android activity from a Uri string',
+      'set_audio_mode'    => 'Set Ringer Mode'
    }

    reqs = {
@ -43,7 +44,8 @@ class Console::CommandDispatcher::Android
      'send_sms'         => ['send_sms'],
      'wlan_geolocate'   => ['wlan_geolocate'],
      'interval_collect' => ['interval_collect'],
-      'activity_start'   => ['activity_start']
+      'activity_start'   => ['activity_start'],
+      'set_audio_mode'   => ['set_audio_mode']
    }

    # Ensure any requirements of the command are met
@ -153,6 +155,36 @@ class Console::CommandDispatcher::Android
    end
  end

+  def cmd_set_audio_mode(*args)
+    help = false
+    mode = 1
+    set_audio_mode_opts = Rex::Parser::Arguments.new(
+      '-h' => [ false, "Help Banner" ],
+      '-m' => [ true, "Set Mode - (0 - Off, 1 - Normal, 2 - Max) (Default: '#{mode}')"]
+    )
+
+    set_audio_mode_opts.parse(args) do |opt, _idx, val|
+      case opt
+      when '-h'
+        help = true
+      when '-m'
+        mode = val.to_i
+      else
+        help = true
+      end
+    end
+
+    if help || mode < 0 || mode > 2
+      print_line('Usage: set_audio_mode [options]')
+      print_line('Set Ringer mode.')
+      print_line(set_audio_mode_opts.usage)
+      return
+    end
+
+    client.android.set_audio_mode(mode)
+    print_status("Ringer mode was changed to #{mode}!")
+  end
+
  def cmd_dump_sms(*args)
    path = "sms_dump_#{Time.new.strftime('%Y%m%d%H%M%S')}.txt"
    dump_sms_opts = Rex::Parser::Arguments.new(
@ -536,7 +568,7 @@ class Console::CommandDispatcher::Android
      print_line("Start an Android activity from a uri")
      return
    end
-    
+
    uri = args[0]
    result = client.android.activity_start(uri)
    if result.nil?
@ -545,7 +577,7 @@ class Console::CommandDispatcher::Android
      print_error("Error: #{result}")
    end
  end
- 
+
  #
  # Name for this dispatcher
  #
--- a/metasploit-framework.gemspec
+++ b/metasploit-framework.gemspec
@ -70,7 +70,7 @@ Gem::Specification.new do |spec|
  # are needed when there's no database
  spec.add_runtime_dependency 'metasploit-model', '1.0.0'
  # Needed for Meterpreter
-  spec.add_runtime_dependency 'metasploit-payloads', '1.1.0'
+  spec.add_runtime_dependency 'metasploit-payloads', '1.1.1'
  # Needed by msfgui and other rpc components
  spec.add_runtime_dependency 'msgpack'
  # get list of network interfaces, like eth* from OS.