Modules for executing Meterpreter commands and post modules against several sessions.

git-svn-id: file:///home/svn/framework3/trunk@13245 4d416f70-5f16-0410-b530-b9f4589650da

modules/post/multi/manage/multi_meter_command.rb

@@ -0,0 +1,63 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Auxiliary
+	include Msf::Ui::Console
+	def initialize(info={})
+		super( update_info( info,
+				'Name'          => 'Multi Manage Execute Meterpreter Console Command',
+				'Description'   => %q{ Run a given Meterpreter console command against
+									specified sessions.},
+				'License'       => MSF_LICENSE,
+				'Author'        => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
+				'Version'       => '$Revision$'
+			))
+		register_options(
+			[
+				OptString.new('SESSIONS', [true, 'Specify either ALL for all sessions or a comman separated list of sessions.', nil]),
+				OptString.new('COMMAND', [true, 'Meterpreter Console command.', nil])
+			], self.class)
+	end
+
+	# Run Method for when run command is issued
+	def run
+
+		current_sessions = framework.sessions.keys.sort
+
+		if datastore['SESSIONS'] =~/all/i
+			sessions = current_sessions
+		else
+			sessions = datastore['SESSIONS'].split(",")
+		end
+
+		command = datastore['COMMAND']
+
+		sessions.each do |s|
+			# Check if session is in the current session list.
+			next if not current_sessions.include?(s.to_i)
+
+			# Get session object
+			session = framework.sessions.get(s.to_i)
+
+			# Check if session is meterpreter and run command.
+			if (session.type == "meterpreter")
+				print_good("Running command #{command} against sessions #{s}")
+				session.console.run_single(command)
+			else
+				print_error("Sessions #{s} is not a Meterpreter Sessions!")
+			end
+		end
+	end
+
+	
+end

modules/post/multi/manage/multi_meter_resource.rb

@@ -0,0 +1,76 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Auxiliary
+	include Msf::Ui::Console
+	def initialize(info={})
+		super( update_info( info,
+				'Name'          => 'Multi Manage Execute Meterpreter Console Command Resource File',
+				'Description'   => %q{Execute Meterpreter Console Commands in resourcefileagainst
+									specified sessions.},
+				'License'       => MSF_LICENSE,
+				'Author'        => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
+				'Version'       => '$Revision$'
+			))
+		register_options(
+			[
+				OptString.new('RESOURCE', [true, 'Resource file with space separate values <session> <command>, per line.', nil])
+			], self.class)
+	end
+
+	# Run Method for when run command is issued
+	def run
+
+		entries = []
+		script = datastore['RESOURCE']
+		if ::File.exist?(script)
+			::File.open(script, "r").each_line do |line|
+				# Empty line
+				next if line.strip.length < 1
+				# Comment
+				next if line[0,1] == "#"
+				entries << line.chomp
+			end
+		else
+			print_error("Resourse file does not exist.")
+		end
+
+		entries.each do |entrie|
+			session_parm,command = entrie.split(" ", 2)
+			current_sessions = framework.sessions.keys.sort
+			if session_parm =~ /all/i
+				sessions = current_sessions
+			else
+				sessions = session_parm.split(",")
+			end
+			
+			sessions.each do |s|
+				# Check if session is in the current session list.
+				next if not current_sessions.include?(s.to_i)
+
+				# Get session object
+				session = framework.sessions.get(s.to_i)
+
+				# Check if session is meterpreter and run command.
+				if (session.type == "meterpreter")
+					print_good("Running command #{command} against sessions #{s}")
+					session.console.run_single(command)
+				else
+					print_error("Sessions #{s} is not a Meterpreter Sessions!")
+				end
+			end
+		end
+	end
+
+	
+end

modules/post/multi/manage/multi_post.rb

@@ -0,0 +1,78 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Auxiliary
+	include Msf::Ui::Console
+	def initialize(info={})
+		super( update_info( info,
+				'Name'          => 'Multi Manage Post Moudule Execution Automation',
+				'Description'   => %q{ Run specified module against a a given set
+									of sessions or all sessions.},
+				'License'       => MSF_LICENSE,
+				'Author'        => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
+				'Version'       => '$Revision$'
+			))
+		register_options(
+			[
+				OptString.new('SESSIONS', [true, 'Specify either ALL for all sessions or a comman separated list of sessions.', nil]),
+				OptString.new('MODULE', [true, 'Post Module to run', nil]),
+				OptString.new('OPTIONS', [false, 'Commans Separated list of Options for post module', nil]),
+
+			], self.class)
+	end
+
+	# Run Method for when run command is issued
+	def run
+		if datastore['MODULE'] =~ /^post/
+			post_mod = datastore['MODULE'].gsub(/^post\//,"")
+		else
+			post_mod = datastore['MODULE']
+		end
+		sessions = datastore['SESSIONS']
+		mod_opts = datastore['OPTIONS']
+
+		print_status("Loading #{post_mod}")
+		m= framework.post.create(post_mod)
+		if sessions =~ /all/i
+			session_list = m.compatible_sessions
+		else
+			session_list = sessions.split(",")
+		end
+		if session_list
+			session_list.each do |s|
+				if m.session_compatible?(s.to_i)
+					print_status("Running Against #{s}")
+					m.datastore['SESSION'] = s.to_i
+					if mod_opts
+						mod_opts.each do |o|
+							opt_pair = o.split("=",2)
+							print_status("\tSetting Option #{opt_pair[0]} to #{opt_pair[1]}")
+							m.datastore[opt_pair[0]] = opt_pair[1]
+						end
+					end
+					m.options.validate(m.datastore)
+					m.run_simple(
+						'LocalInput'    => self.user_input,
+						'LocalOutput'    => self.user_output
+					)
+				else
+					print_error("Session #{s} is not compatible with #{post_mod}")
+				end
+			end
+		else
+			print_error("No Compatible Sessions where found!")
+		end
+	end
+
+	
+end

modules/post/multi/manage/multi_post_resource.rb

@@ -0,0 +1,99 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Auxiliary
+	include Msf::Ui::Console
+	def initialize(info={})
+		super( update_info( info,
+				'Name'          => 'Multi Manage Post Module Resource file Automation',
+				'Description'   => %q{ Run resource file with post modules and options
+									against specified sessions.},
+				'License'       => MSF_LICENSE,
+				'Author'        => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
+				'Version'       => '$Revision$'
+			))
+		register_options(
+			[
+				OptString.new('RESOURCE', [true, 'Resource file with space separate values <session> <module> <options>, per line.', nil])
+
+			], self.class)
+	end
+
+	# Run Method for when run command is issued
+	def run
+		entries = []
+		current_sessions = framework.sessions.keys.sort
+		script = datastore['RESOURCE']
+		if ::File.exist?(script)
+			::File.open(script, "r").each_line do |line|
+				# Empty line
+				next if line.strip.length < 1
+				# Comment
+				next if line[0,1] == "#"
+				entries << line.chomp
+			end
+		else
+			print_error("Resourse file does not exist.")
+		end
+
+		if entries
+			entries.each do |l|
+				values = l.split(" ")
+				sessions = values[0]
+				if values[1] =~ /^post/
+					post_mod = values[1].gsub(/^post\//,"")
+				else
+					post_mod = values[1]
+				end
+				
+				if values.length == 3
+					mod_opts = values[2].split(",")
+				end
+				print_status("Loading #{post_mod}")
+				m= framework.post.create(post_mod)
+				if sessions =~ /all/i
+					session_list = m.compatible_sessions
+				else
+					session_list = sessions.split(",")
+				end
+				if session_list
+					session_list.each do |s|
+						next if not current_sessions.include?(s.to_i)
+						if m.session_compatible?(s.to_i)
+							print_status("Running Against #{s}")
+							m.datastore['SESSION'] = s.to_i
+							if mod_opts
+								mod_opts.each do |o|
+									opt_pair = o.split("=",2)
+									print_status("\tSetting Option #{opt_pair[0]} to #{opt_pair[1]}")
+									m.datastore[opt_pair[0]] = opt_pair[1]
+								end
+							end
+							m.options.validate(m.datastore)
+							m.run_simple(
+								'LocalInput'    => self.user_input,
+								'LocalOutput'    => self.user_output
+							)
+						else
+							print_error("Session #{s} is not compatible with #{post_mod}")
+						end
+					end
+				else
+					print_error("No Compatible Sessions where found!")
+				end
+			end
+		end
+	end
+
+	
+end