Improve screensaver management

jvoisin · jvoisin · commit 862acbdbae86 · 2024-09-16T23:41:37.000+02:00
- Add modern ways to unlock Linux machines remotely
- Use proper `register_options`
- Clarify the actions: lock/unlock, start/stop
- Add more platforms
- Add a couple of checks before running the commands
diff --git a/modules/post/multi/manage/screensaver.rb b/modules/post/multi/manage/screensaver.rb
@@ -4,6 +4,8 @@
 ##
 
 class MetasploitModule < Msf::Post
+  Rank = ExcellentRanking
+
   def initialize(info = {})
     super(
       update_info(
@@ -14,28 +16,39 @@ def initialize(info = {})
           lock the current session.
         },
         'License' => MSF_LICENSE,
-        'Author' => [ 'Eliott Teissonniere'],
-        'Platform' => [ 'linux', 'osx', 'win' ],
+        'Author' => [
+          'Eliott Teissonniere', # Metasploit module
+          'Julien Voisin' # Linux improvements
+        ],
+        'Platform' => [ 'linux', 'osx', 'win', 'unix', 'solaris' ],
         'SessionTypes' => [ 'shell', 'meterpreter' ],
         'Actions' => [
           [ 'LOCK', { 'Description' => 'Lock the current session' } ],
+          [ 'UNLOCK', { 'Description' => 'Unlock the current session' } ],
           [ 'START', { 'Description' => 'Start the screensaver, may lock the current session' } ],
-          [ 'STOP', { 'Description' => 'Stop the screensaver, user may be prompted for its password' }]
-        ]
+          [ 'STOP', { 'Description' => 'Stop the screensaver, user may be prompted for its password' }],
+        ],
+        'References' => [
+          ['URL', 'https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7530']
+        ],
+        'Notes' => {
+          'Reliability' => [ ],
+          'Stability' => [ ],
+          'SideEffects' => [ ]
+        }
       )
     )
   end
 
   #
-  # cmd_exec but with some controls and verbosity
+  # cmd_exec but returning a boolean
   #
   def cmd_vexec(cmd)
-    print_status("Executing '#{cmd}'")
+    vprint_status("Executing '#{cmd}'")
 
     begin
       cmd_exec(cmd)
-    rescue EOFError
-      print_error('Command failed')
+    rescue StandardError
       return false
     end
 
@@ -44,8 +57,27 @@ def cmd_vexec(cmd)
 
   def lock_session
     case session.platform
-    when 'linux'
-      cmd_vexec('xdg-screensaver lock')
+    when 'linux', 'solaris'
+      ret = false
+      if command_exists?('xdg-screensaver-lock')
+        ret |= cmd_vexec('xdg-screensaver lock')
+      end
+      if command_exists?('qdbus')
+        ret |= cmd_vexec('qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock')
+      end
+      if command_exists?('dbus-send')
+        ret |= cmd_exec('dbus-send --type=method_call --print-reply --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.SetActive boolean:true')
+      end
+      if command_exists?('loginctl')
+        self.class.include Msf::Post::Linux::Priv
+        if is_root?
+          ret |= cmd_vexec('loginctl lock-sessions')
+        else
+          ret |= cmd_vexec('loginctl lock-session')
+        end
+      end
+      print_error('Unable to lock session.') unless ret
+      return ret
     when 'osx'
       cmd_vexec('pmset displaysleepnow')
     when 'windows'
@@ -55,9 +87,41 @@ def lock_session
     true
   end
 
+  def unlock_session
+    case session.platform
+    when 'linux', 'solaris'
+      ret = false
+      if command_exists?('xdg-screensaver')
+        ret |= cmd_vexec('xdg-screensaver reset')
+      end
+      if command_exists?('qdbus')
+        ret |= cmd_vexec('qdbus org.freedesktop.ScreenSaver /ScreenSaver Unlock')
+      end
+      if command_exists?('dbus-send')
+        ret |= cmd_exec('dbus-send --type=method_call --print-reply --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.SetActive boolean:false')
+      end
+      if command_exists?('loginctl')
+        self.class.include Msf::Post::Linux::Priv
+        if is_root?
+          ret |= cmd_vexec('loginctl unlock-sessions')
+        else
+          ret |= cmd_vexec('loginctl unlock-session')
+        end
+      end
+      print_error('Unable to unlock session.') unless ret
+      return ret
+    when 'osx'
+      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Mac OSX, you can still lock the screen or start the screensaver')
+    when 'windows'
+      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Windows, you can still lock the screen or start the screensaver')
+    end
+
+    true
+  end
+
   def start_screensaver
     case session.platform
-    when 'linux'
+    when 'linux', 'solaris'
       cmd_vexec('xdg-screensaver activate')
     when 'osx'
       cmd_vexec('open -a ScreenSaverEngine')
@@ -70,27 +134,25 @@ def start_screensaver
 
   def stop_screensaver
     case session.platform
-    when 'linux'
-      cmd_vexec('xdg-screensaver reset')
+    when 'linux', 'solaris'
+      cmd_vexec('xdg-screensaver reset') if command_exists?('xdg-screensaver')
     when 'osx'
-      print_error('Not supported on Mac OSX, you can still lock the screen or start the screensaver')
-      return false
+      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Mac OSX, you can still lock the screen or start the screensaver')
     when 'windows'
-      print_error('Not supported on Windows, you can still lock the screen or start the screensaver')
-      return false
+      fail_with(Msf::Exploit::Failure::NoTarget, 'Not supported on Windows, you can still lock the screen or start the screensaver')
     end
 
     true
   end
 
   def run
-    if action.nil?
-      print_error('Please specify an action')
-    end
+    print_error('Please specify an action') if action.nil?
 
     case action.name
     when 'LOCK'
       return lock_session
+    when 'UNLOCK'
+      return unlock_session
     when 'START'
       return start_screensaver
     when 'STOP'
