Merge branch 'rsmudge-armitage'

Author: sinn3r

data/armitage/armitage.jar

@@ -1,6 +1,29 @@
 Armitage Changelog
 ==================
 
+12 Feb 13 (tested against msf 16438)
+---------
+- Fixed a corner case preventing the display of removed host labels 
+  when connected to a team server.
+- Fixed RPC call cache corruption in team server mode. This bug could 
+  lead to some exploits defaulting to a shell payload when meterpreter 
+  was a possibility.
+- Slight optimization to some DB queries. I no longer pull unused
+  fields making the query marginally faster. Team server is more
+  efficient too as changes to unused fields won't force data (re)sync.
+- Hosts -> Clear Database now clears host labels too.
+- Added the ability to manage multiple team server instances through
+  Armitage. Go to Armitage -> New Connection to connect to another
+  server. A button bar will appear that allows you to switch active
+  Armitage connections.
+	- Credentials available across instances are pooled when using
+ 	  the [host] -> Login menu and the credential helper.
+- Rewrote the event log management code in the team server
+- Added nickname tab completion to event log. I feel like I'm writing
+  an IRC client again.
+- Hosts -> Clear Database now asks you to confirm the action.
+- Hosts -> Import Hosts announces successful import to event log again.
+
 23 Jan 13 (tested against msf 16351)
 ---------
 - Added helpers to set EXE::Custom and EXE::Template options.

data/armitage/cortana.jar

@@ -3,7 +3,7 @@
 		<center><h1>Armitage 1.45</h1></center>
 
 		<p>An attack management tool for Metasploit&reg;
-		<br />Release: 23 Jan 13</p>
+		<br />Release: 12 Feb 13</p>
 		<br />
 		<p>Developed by:</p>
 

data/armitage/whatsnew.txt

@@ -9,6 +9,9 @@ import msf.*;
 
 # setg("varname", "value")
 sub setg {
+	if ($1 eq "LHOST") {
+		call_async("armitage.set_ip", $2);
+	}
 	cmd_safe("setg $1 $2");
 }
 

external/source/armitage/resources/about.html

@@ -15,7 +15,7 @@ import graph.*;
 
 import java.awt.image.*;
 
-global('$frame $tabs $menubar $msfrpc_handle $REMOTE $cortana $MY_ADDRESS');
+global('$frame $tabs $menubar $msfrpc_handle $REMOTE $cortana $MY_ADDRESS $DESCRIBE @CLOSEME');
 
 sub describeHost {
 	local('$desc');
@@ -165,13 +165,19 @@ sub _connectToMetasploit {
 				$aclient = [new RpcAsync: $client];
 				$mclient = $client;
 				initConsolePool();
+				$DESCRIBE = "localhost";
 			}
 			# we have a team server... connect and authenticate to it.
 			else {
 				$client = c_client($1, $2);
 				setField(^msf.MeterpreterSession, DEFAULT_WAIT => 20000L);
 				$mclient = setup_collaboration($3, $4, $1, $2);
 				$aclient = $mclient;
+
+				if ($mclient is $null) {
+					[$progress close];
+					return;
+				}
 			}
 			$flag = $null;
 		}
@@ -319,28 +325,23 @@ sub postSetup {
 }
 
 sub main {
-        local('$console $panel $dir');
+        local('$console $panel $dir $app');
 
-	$frame = [new ArmitageApplication];
+	$frame = [new ArmitageApplication: $__frame__, $DESCRIBE, $mclient];
 	[$frame setTitle: $TITLE];
-        [$frame setSize: 800, 600];
-
+	[$frame setIconImage: [ImageIO read: resource("resources/armitage-icon.gif")]];
 	init_menus($frame);
 	initLogSystem();
 
-	[$frame setIconImage: [ImageIO read: resource("resources/armitage-icon.gif")]];
-        [$frame show];
-	[$frame setExtendedState: [JFrame MAXIMIZED_BOTH]];
-
 	# this window listener is dead-lock waiting to happen. That's why we're adding it in a
 	# separate thread (Sleep threads don't share data/locks).
 	fork({
-		[$frame addWindowListener: {
+		[$__frame__ addWindowListener: {
 			if ($0 eq "windowClosing" && $msfrpc_handle !is $null) {
 				closef($msfrpc_handle);
 			}
 		}];
-	}, \$msfrpc_handle, \$frame);
+	}, \$msfrpc_handle, \$__frame__);
 
 	dispatchEvent({
 		if ($client !is $mclient) {
@@ -371,7 +372,6 @@ sub checkDir {
 	}
 }
 
-setLookAndFeel();
 checkDir();
 
 if ($CLIENT_CONFIG !is $null && -exists $CLIENT_CONFIG) {

external/source/armitage/scripts-cortana/internal.sl

@@ -23,6 +23,7 @@ sub createEventLogTab {
 		$client = [$cortana getEventLog: $console];
 		[$client setEcho: $null];
 		[$console updatePrompt: "> "];
+		[new EventLogTabCompletion: $console, $mclient];
 	}
 	else {
 		[$console updateProperties: $preferences];
@@ -63,6 +64,7 @@ sub c_client {
 	# run this thing in its own thread to avoid really stupid deadlock situations
 	local('$handle');
 	$handle = [[new SecureSocket: $1, int($2), &verify_server] client];
+	push(@CLOSEME, $handle);
 	return wait(fork({
 		local('$client');
 		$client = newInstance(^RpcConnection, lambda({
@@ -91,9 +93,11 @@ sub setup_collaboration {
 	%r = call($mclient, "armitage.validate", $1, $2, $nick, "armitage", 120326);
 	if (%r["error"] eq "1") {
 		showErrorAndQuit(%r["message"]);
+		return $null;
 	}
 
 	%r = call($client, "armitage.validate", $1, $2, $null, "armitage", 120326);
+	$DESCRIBE = "$nick $+ @ $+ $3";
 	return $mclient;
 }
 

external/source/armitage/scripts/armitage.sl

@@ -95,13 +95,13 @@ sub dispatchEvent {
 
 sub showError {
 	dispatchEvent(lambda({
-		[JOptionPane showMessageDialog: $frame, $message];
+		[JOptionPane showMessageDialog: $__frame__, $message];
 	}, $message => $1));
 }
 
 sub showErrorAndQuit {
-	[JOptionPane showMessageDialog: $frame, $1];
-	[System exit: 0];
+	[JOptionPane showMessageDialog: $__frame__, $1];
+	[$__frame__ closeConnect];
 }
 
 sub ask {
@@ -155,7 +155,7 @@ sub chooseFile {
 		[$fc setFileSelectionMode: [JFileChooser DIRECTORIES_ONLY]];
 	}
 
-	[$fc showOpenDialog: $frame];
+	[$fc showOpenDialog: $__frame__];
 
 	if ($multi) {
 		return [$fc getSelectedFiles];
@@ -179,17 +179,18 @@ sub saveFile2 {
 		[$fc setSelectedFile: [new java.io.File: $sel]];
 	}
 
-	[$fc showSaveDialog: $frame];
-	$file = [$fc getSelectedFile];
-	if ($file !is $null) {
-		return $file;
+	if ([$fc showSaveDialog: $__frame__] == 0) {
+		$file = [$fc getSelectedFile];
+		if ($file !is $null) {
+			return $file;
+		}
 	}
 }
 
 sub saveFile {
 	local('$fc $file');
 	$fc = [new JFileChooser];
-	[$fc showSaveDialog: $frame];
+	[$fc showSaveDialog: $__frame__];
 	$file = [$fc getSelectedFile];
 	if ($file !is $null) {
 		local('$ihandle $data $ohandle');
@@ -250,18 +251,26 @@ sub left {
 
 sub dialog {
 	local('$dialog $4');
-        $dialog = [new JDialog: $frame, $1];
+        $dialog = [new JDialog: $__frame__, $1];
         [$dialog setSize: $2, $3];
         [$dialog setLayout: [new BorderLayout]];
-        [$dialog setLocationRelativeTo: $frame];
+        [$dialog setLocationRelativeTo: $__frame__];
 	return $dialog;
 }
 
 sub window {
 	local('$dialog $4');
         $dialog = [new JFrame: $1];
 	[$dialog setIconImage: [ImageIO read: resource("resources/armitage-icon.gif")]];
-	[$dialog setDefaultCloseOperation: [JFrame EXIT_ON_CLOSE]];
+
+	fork({
+		[$dialog addWindowListener: {
+			if ($0 eq "windowClosing") {
+				[$__frame__ closeConnect];
+			}
+		}];
+	}, \$__frame__, \$dialog);
+
         [$dialog setSize: $2, $3];
         [$dialog setLayout: [new BorderLayout]];
 	return $dialog;
@@ -277,12 +286,14 @@ sub overlay_images {
 		return %cache[join(';', $1)];
 	}
 
-	local('$file $image $buffered $graphics');
+	local('$file $image $buffered $graphics $resource');
 
         $buffered = [new BufferedImage: 1000, 776, [BufferedImage TYPE_INT_ARGB]];
 	$graphics = [$buffered createGraphics];
 	foreach $file ($1) {
-		$image = [ImageIO read: resource($file)];
+		$resource = resource($file);
+		$image = [ImageIO read: $resource];
+		closef($resource);
 		[$graphics drawImage: $image, 0, 0, 1000, 776, $null];
 	}
 
@@ -371,15 +382,6 @@ sub wrapComponent {
 	return $panel;
 }
 
-sub setLookAndFeel {
-	local('$laf');
-	foreach $laf ([UIManager getInstalledLookAndFeels]) {
-		if ([$laf getName] eq [$preferences getProperty: "application.skin.skin", "Nimbus"]) {
-			[UIManager setLookAndFeel: [$laf getClassName]];
-		}
-	}
-}
-
 sub thread {
 	local('$thread');
 	$thread = [new ArmitageThread: $1];
@@ -467,6 +469,13 @@ sub quickListDialog {
 	[$dialog setVisible: 1];
 }
 
+sub setTableColumnWidths {
+	local('$col $width $temp');
+	foreach $col => $width ($2) {
+		[[$1 getColumn: $col] setPreferredWidth: $width];
+	}
+}
+
 sub tableRenderer {
 	return [ATable getDefaultTableRenderer: $1, $2];
 }

external/source/armitage/scripts/collaborate.sl

@@ -8,10 +8,10 @@ import java.awt.event.*;
 
 sub addHostDialog {
 	local('$dialog $label $text $finish $button');
-	$dialog = [new JDialog: $frame, "Add Hosts", 0];
+	$dialog = [new JDialog: $__frame__, "Add Hosts", 0];
 	[$dialog setSize: 320, 240];
 	[$dialog setLayout: [new BorderLayout]];
-	[$dialog setLocationRelativeTo: $frame];
+	[$dialog setLocationRelativeTo: $__frame__];
 
 	$label = [new JLabel: "Enter one host/line:"];
 	$text = [new JTextArea];

external/source/armitage/scripts/gui.sl

@@ -15,8 +15,8 @@ sub logNow {
 	if ([$preferences getProperty: "armitage.log_everything.boolean", "true"] eq "true") {
 		local('$today $stream');
 		$today = formatDate("yyMMdd");
-		mkdir(getFileProper(dataDirectory(), $today, $2));
-		$stream = %logs[ getFileProper(dataDirectory(), $today, $2, "$1 $+ .log") ];
+		mkdir(getFileProper(dataDirectory(), $today, $DESCRIBE, $2));
+		$stream = %logs[ getFileProper(dataDirectory(), $today, $DESCRIBE, $2, "$1 $+ .log") ];
 		[$stream println: $3];
 	}
 }
@@ -26,8 +26,8 @@ sub logCheck {
 		local('$today');
 		$today = formatDate("yyMMdd");
 		if ($2 ne "") {
-			mkdir(getFileProper(dataDirectory(), $today, $2));
-			[$1 writeToLog: %logs[ getFileProper(dataDirectory(), $today, $2, "$3 $+ .log") ]];
+			mkdir(getFileProper(dataDirectory(), $today, $DESCRIBE, $2));
+			[$1 writeToLog: %logs[ getFileProper(dataDirectory(), $today, $DESCRIBE, $2, "$3 $+ .log") ]];
 		}
 	}
 }
@@ -38,15 +38,15 @@ sub logFile {
 		local('$today $handle $data $out');
 		$today = formatDate("yyMMdd");
 		if (-exists $1 && -canread $1) {
-			mkdir(getFileProper(dataDirectory(), $today, $2, $3));
+			mkdir(getFileProper(dataDirectory(), $today, $DESCRIBE, $2, $3));
 
 			# read in the file
 			$handle = openf($1);
 			$data = readb($handle, -1);
 			closef($handle);
 
 			# write it out.
-			$out = getFileProper(dataDirectory(), $today, $2, $3, getFileName($1));
+			$out = getFileProper(dataDirectory(), $today, $DESCRIBE, $2, $3, getFileName($1));
 			$handle = openf("> $+ $out");
 			writeb($handle, $data);
 			closef($handle);
@@ -70,7 +70,7 @@ sub initLogSystem {
 			logFile([$file getAbsolutePath], "screenshots", ".");
 			deleteFile([$file getAbsolutePath]);
 
-			showError("Saved " . getFileName($file) . "\nGo to View -> Reporting -> Activity Logs\n\nThe file is in:\n[today's date]/screenshots");
+			showError("Saved " . getFileName($file) . "\nGo to View -> Reporting -> Activity Logs\n\nThe file is in:\n[today's date]/ $+ $DESCRIBE $+ /screenshots");
 		}, \$image, \$title));
 	}];
 }