Fixed active buses not being recorded. The 'connect' command now works for other extensions as well as modules. Added TesterPresent background packet transmissions to hold debugging sessions open.

zombieCraig · zombieCraig · commit 36026ba8b40d · 2017-04-24T20:42:03.000-07:00
Signed-off-by: Craig Smith &lt;agent.craig@gmail.com&gt;
diff --git a/lib/rex/post/hwbridge/extensions/automotive/automotive.rb b/lib/rex/post/hwbridge/extensions/automotive/automotive.rb
@@ -41,7 +41,7 @@ def is_valid_bus?(bus)
     valid = false
     get_supported_buses if buses.nil?
     unless bus.blank?
-      buses.each do |b|
+      self.buses.each do |b|
         valid = true if b["bus_name"] == bus
       end
     end
@@ -86,8 +86,8 @@ def set_active_bus(bus)
   end
 
   def get_supported_buses
-    buses = client.send_request("/automotive/supported_buses")
-    buses
+    self.buses = client.send_request("/automotive/supported_buses")
+    self.buses
   end
 
   def get_bus_config(bus)
diff --git a/lib/rex/post/hwbridge/ui/console/command_dispatcher/automotive.rb b/lib/rex/post/hwbridge/ui/console/command_dispatcher/automotive.rb
@@ -13,6 +13,12 @@ class Console::CommandDispatcher::Automotive
   include Console::CommandDispatcher
   include Msf::Auxiliary::Report
 
+  def initialize(shell)
+    super
+    self.tpjobs     = []
+    self.tpjob_id   = 0
+  end
+
   #
   # List of supported commands.
   #
@@ -21,14 +27,16 @@ def commands
       'supported_buses'   => 'Get supported buses',
       'busconfig'         => 'Get baud configs',
       'connect'           => 'Get HW supported methods for a bus',
-      'cansend'           => 'Send a CAN packet'
+      'cansend'           => 'Send a CAN packet',
+      'testerpresent'     => 'Sends TesterPresent Pulses to the bus'
     }
 
     reqs = {
       'supported_buses'  => ['get_supported_buses'],
       'busconfig'        => ['get_bus_config'],
       'connect'          => ['get_supported_methods'],
-      'cansend'          => ['cansend']
+      'cansend'          => ['cansend'],
+      'testerpresent'    => ['testpresent']
     }
 
     # Ensure any requirements of the command are met
@@ -106,9 +114,10 @@ def cmd_connect(*args)
     end
     unless client.automotive.is_valid_bus? bus
       print_error("You must specify a valid bus via -b")
+      print_line("Current active bus: #{self.active_bus}") if self.active_bus
       return
     end
-    active_bus = bus
+    self.active_bus = bus
     client.automotive.set_active_bus(bus)
     hw_methods = client.automotive.get_supported_methods(bus)
     hw_methods
@@ -141,7 +150,7 @@ def cmd_cansend(*args)
         data = val
       end
     end
-    bus = active_bus if bus.blank? && !active_bus.nil?
+    bus = self.active_bus if bus.blank? && !self.active_bus.nil?
     unless client.automotive.is_valid_bus? bus
       print_error("You must specify a valid bus via -b")
       return
@@ -154,17 +163,97 @@ def cmd_cansend(*args)
     success
   end
 
+  #
+  # Sends TesterPresent packets as a background job
+  #
+  def cmd_testerpresent(*args)
+    bus = ''
+    id = ''
+    stop = false
+    stopid = 0
+    tp_opts = Rex::Parser::Arguments.new(
+      '-h' => [ false, 'Help Banner' ],
+      '-b' => [ true, 'Target bus' ],
+      '-I' => [ true, 'CAN ID' ],
+      '-x' => [ true, 'Stop TesterPresent JobID']
+    )
+    tp_opts.parse(args) do |opt, _idx, val|
+      case opt
+      when '-h'
+        print_line("Usage: testerpresent -I <ID>\n")
+        print_line(tp_opts.usage)
+        return
+      when '-b'
+        bus = val
+      when '-I'
+        id = val
+      when '-x'
+        stop = true
+        stopid = val.to_i
+      end
+    end
+    bus = self.active_bus if bus.blank? && !self.active_bus.nil?
+    unless client.automotive.is_valid_bus? bus
+      print_error("You must specify a valid bus via -b")
+      return
+    end
+    if id.blank? && !stop
+      if self.tpjobs.size > 0
+        print_line("TesterPresent is currently active")
+        self.tpjobs.each_index do |jid|
+          if self.tpjobs[jid]
+            print_status("TesterPresent Job #{jid}: #{self.tpjobs[jid][:args].inspect}")
+          end
+        end
+      else
+        print_line("TesterPreset is not active.  Use -I to start")
+      end
+      return
+    end
+    unless stop
+      jid = self.tpjob_id
+      print_status("Starting TesterPresent sender (#{self.tpjob_id})")
+      self.tpjob_id += 1
+      self.tpjobs[jid] = Rex::ThreadFactory.spawn("TesterPresent(#{id})-#{jid}", false, jid, args) do |myjid,xargs|
+        ::Thread.current[:args] = xargs.dup
+        begin
+          loop do
+            client.automotive.cansend(bus, id, "023E00")
+            sleep(2)
+          end
+        rescue ::Exception
+          print_error("Error in TesterPResent: #{$!.class} #{$!}")
+          elog("Error in TesterPreset: #{$!.class} #{$!}")
+          dlog("Callstack: #{$@.join("\n")}")
+        end
+        self.tpjobs[myjid] = nil
+        print_status("TesterPreset #{myjid} has stopped (#{::Thread.current[:args].inspect})")
+      end
+    else
+      if self.tpjobs[stopid]
+        self.tpjobs[stopid].kill
+        self.tpjobs[stopid] = nil
+        print_status("Stopped TesterPresent #{stopid}")
+      else
+        print_error("TesterPresent #{stopid} was not running")
+      end
+    end
+  end
+
   #
   # Name for this dispatcher
   #
   def name
     'Automotive'
   end
 
-  private
-
   attr_accessor :active_bus
 
+  protected
+
+  attr_accessor :tpjobs, :tpjob_id # :nodoc:
+
+
 end
 
 end
