Add support for transport listing

OJ · OJ · commit 451484cb0dcb · 2015-05-04T11:19:53.000+10:00
Includes a verbose flag for the extra HTTP/S properties
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
@@ -100,6 +100,32 @@ def get_loaded_extension_commands(extension_name)
     commands
   end
 
+  def transport_list
+    request = Packet.create_request('core_transport_list')
+    response = client.send_request(request)
+
+    result = {
+      :session_exp => response.get_tlv_value(TLV_TYPE_TRANS_SESSION_EXP),
+      :transports  => []
+    }
+
+    response.each(TLV_TYPE_TRANS_GROUP) { |t|
+      result[:transports] << {
+        :url          => t.get_tlv_value(TLV_TYPE_TRANS_URL),
+        :comm_timeout => t.get_tlv_value(TLV_TYPE_TRANS_COMM_TIMEOUT),
+        :retry_total  => t.get_tlv_value(TLV_TYPE_TRANS_RETRY_TOTAL),
+        :retry_wait   => t.get_tlv_value(TLV_TYPE_TRANS_RETRY_WAIT),
+        :ua           => t.get_tlv_value(TLV_TYPE_TRANS_UA),
+        :proxy_host   => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_HOST),
+        :proxy_user   => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_USER),
+        :proxy_pass   => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_PASS),
+        :cert_hash    => t.get_tlv_value(TLV_TYPE_TRANS_CERT_HASH)
+      }
+    }
+
+    result
+  end
+
   def set_transport_timeouts(opts={})
     request = Packet.create_request('core_transport_set_timeouts')
 
@@ -620,7 +646,7 @@ def transport_prepare_request(method, opts={})
         prefix = 'http://'
         prefix = 'socks=' if opts[:proxy_type] == 'socks'
         proxy = "#{prefix}#{opts[:proxy_host]}:#{opts[:proxy_port]}"
-        request.add_tlv(TLV_TYPE_TRANS_PROXY_INFO, proxy)
+        request.add_tlv(TLV_TYPE_TRANS_PROXY_HOST, proxy)
 
         if opts[:proxy_user]
           request.add_tlv(TLV_TYPE_TRANS_PROXY_USER, opts[:proxy_user])
diff --git a/lib/rex/post/meterpreter/packet.rb b/lib/rex/post/meterpreter/packet.rb
@@ -94,11 +94,12 @@ module Meterpreter
 TLV_TYPE_TRANS_COMM_TIMEOUT  = TLV_META_TYPE_UINT   | 433
 TLV_TYPE_TRANS_SESSION_EXP   = TLV_META_TYPE_UINT   | 434
 TLV_TYPE_TRANS_CERT_HASH     = TLV_META_TYPE_RAW    | 435
-TLV_TYPE_TRANS_PROXY_INFO    = TLV_META_TYPE_STRING | 436
+TLV_TYPE_TRANS_PROXY_HOST    = TLV_META_TYPE_STRING | 436
 TLV_TYPE_TRANS_PROXY_USER    = TLV_META_TYPE_STRING | 437
 TLV_TYPE_TRANS_PROXY_PASS    = TLV_META_TYPE_STRING | 438
 TLV_TYPE_TRANS_RETRY_TOTAL   = TLV_META_TYPE_UINT   | 439
 TLV_TYPE_TRANS_RETRY_WAIT    = TLV_META_TYPE_UINT   | 440
+TLV_TYPE_TRANS_GROUP         = TLV_META_TYPE_GROUP  | 441
 
 TLV_TYPE_MACHINE_ID          = TLV_META_TYPE_STRING | 460
 TLV_TYPE_UUID                = TLV_META_TYPE_STRING | 461
@@ -200,7 +201,7 @@ def inspect
       when TLV_TYPE_TRANS_COMM_TIMEOUT; "TRANS-COMM-TIMEOUT"
       when TLV_TYPE_TRANS_SESSION_EXP; "TRANS-SESSION-EXP"
       when TLV_TYPE_TRANS_CERT_HASH; "TRANS-CERT-HASH"
-      when TLV_TYPE_TRANS_PROXY_INFO; "TRANS-PROXY-INFO"
+      when TLV_TYPE_TRANS_PROXY_HOST; "TRANS-PROXY-HOST"
       when TLV_TYPE_TRANS_PROXY_USER; "TRANS-PROXY-USER"
       when TLV_TYPE_TRANS_PROXY_PASS; "TRANS-PROXY-PASS"
       when TLV_TYPE_TRANS_RETRY_TOTAL; "TRANS-RETRY-TOTAL"
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
@@ -379,10 +379,18 @@ def cmd_get_timeouts(*args)
   end
 
   def print_timeouts(timeouts)
-    print_line("Session Expiry  : @ #{(Time.now + timeouts[:session_exp]).strftime('%Y-%m-%d %H:%M:%S')}")
-    print_line("Comm Timeout    : #{timeouts[:comm_timeout]} seconds")
-    print_line("Retry Total Time: #{timeouts[:retry_total]} seconds")
-    print_line("Retry Wait Time : #{timeouts[:retry_wait]} seconds")
+    if timeouts[:session_exp]
+      print_line("Session Expiry  : @ #{(Time.now + timeouts[:session_exp]).strftime('%Y-%m-%d %H:%M:%S')}")
+    end
+    if timeouts[:comm_timeout]
+      print_line("Comm Timeout    : #{timeouts[:comm_timeout]} seconds")
+    end
+    if timeouts[:retry_total]
+      print_line("Retry Total Time: #{timeouts[:retry_total]} seconds")
+    end
+    if timeouts[:retry_wait]
+      print_line("Retry Wait Time : #{timeouts[:retry_wait]} seconds")
+    end
   end
 
   #
@@ -500,14 +508,16 @@ def cmd_ssl_verify(*args)
     '-ex' => [ true,  'Expiration timout (seconds) (default: same as current session)' ],
     '-rt' => [ true,  'Retry total time (seconds) (default: same as current session)' ],
     '-rw' => [ true,  'Retry wait time (seconds) (default: same as current session)' ],
+    '-v'  => [ false, 'Show the verbose format of the transport list' ],
     '-h'  => [ false, 'Help menu' ])
 
   #
   # Display help for transport management.
   #
   def cmd_transport_help
-    print_line('Usage: transport <change|add|next|prev> [options]')
+    print_line('Usage: transport <list|change|add|next|prev> [options]')
     print_line
+    print_line('   list: list the currently active transports.')
     print_line('    add: add a new transport to the transport list.')
     print_line(' change: same as add, but changes directly to the added entry.')
     print_line('   next: jump to the next transport in the list (no options).')
@@ -525,7 +535,7 @@ def cmd_transport(*args)
     end
 
     command = args.shift
-    unless ['add', 'change', 'prev', 'next'].include?(command)
+    unless ['list', 'add', 'change', 'prev', 'next'].include?(command)
       cmd_transport_help
       return
     end
@@ -544,7 +554,8 @@ def cmd_transport(*args)
       :session_exp   => nil,
       :retry_total   => nil,
       :retry_wait    => nil,
-      :cert          => nil
+      :cert          => nil,
+      :verbose       => false
     }
 
     @@transport_opts.parse(args) do |opt, idx, val|
@@ -575,6 +586,8 @@ def cmd_transport(*args)
         opts[:lport] = val.to_i if val
       when '-l'
         opts[:lhost] = val
+      when '-v'
+        opts[:verbose] = true
       when '-t'
         unless client.core.valid_transport?(val)
           cmd_transport_help
@@ -585,6 +598,51 @@ def cmd_transport(*args)
     end
 
     case command
+    when 'list'
+      result = client.core.transport_list
+      # this will output the session timeout first
+      print_timeouts(result)
+
+      columns =[
+        'Curr',
+        'URL',
+        'Comms T/O',
+        'Retry Total',
+        'Retry Wait'
+      ]
+
+      if opts[:verbose]
+        columns << 'User Agent'
+        columns << 'Proxy Host'
+        columns << 'Proxy User'
+        columns << 'Proxy Pass'
+        columns << 'Cert Hash'
+      end
+
+      # next draw up a table of transport entries
+      tbl = Rex::Ui::Text::Table.new(
+        'Indent'  => 4,
+        'Columns' => columns)
+
+      first = true
+      result[:transports].each do |t|
+        entry = [ first ? '*' : '', t[:url], t[:comm_timeout],
+                  t[:retry_total], t[:retry_wait] ]
+
+        first = false
+
+        if opts[:verbose]
+          entry << t[:ua]
+          entry << t[:proxy_host]
+          entry << t[:proxy_user]
+          entry << t[:proxy_pass]
+          entry << (t[:cert_hash] || '').unpack("H*")[0]
+        end
+
+        tbl << entry
+      end
+
+      print("\n" + tbl.to_s + "\n")
     when 'next'
       print_status("Changing to next transport ...")
       if client.core.transport_next
