Land rapid7#7350, add 'sess' command for direct session switching support

Author: Brent Cook

features/commands/help.feature

@@ -42,6 +42,7 @@ Feature: Help command
           route         Route traffic through a session
           save          Saves the active datastores
           search        Searches module names and descriptions
+          sess          Interact with a given session
           sessions      Dump session listings and display information about sessions
           set           Sets a context-specific variable to a value
           setg          Sets a global variable to a value

lib/msf/ui/console/command_dispatcher/core.rb

@@ -136,6 +136,7 @@ def commands
       "route"      => "Route traffic through a session",
       "save"       => "Saves the active datastores",
       "search"     => "Searches module names and descriptions",
+      "sess"       => "Interact with a given session",
       "sessions"   => "Dump session listings and display information about sessions",
       "set"        => "Sets a context-specific variable to a value",
       "setg"       => "Sets a global variable to a value",
@@ -1753,6 +1754,25 @@ def cmd_spool(*args)
     return
   end
 
+  def cmd_sess_help
+    print_line('Usage: sess <session id>')
+    print_line
+    print_line('Interact with the given session ID.')
+    print_line('This works the same as: sessions -i <session id>')
+    print_line
+  end
+
+  #
+  # Helper function to quickly select a session
+  #
+  def cmd_sess(*args)
+    if args.length == 0 || args[0].to_i == 0
+      cmd_sess_help
+    else
+      cmd_sessions('-i', args[0])
+    end
+  end
+
   def cmd_sessions_help
     print_line "Usage: sessions [options]"
     print_line
@@ -1954,22 +1974,26 @@ def cmd_sessions(*args)
         end
       end
     when 'interact'
-      session = verify_session(sid)
-      if session
-        if session.respond_to?(:response_timeout)
-          last_known_timeout = session.response_timeout
-          session.response_timeout = response_timeout
-        end
-        print_status("Starting interaction with #{session.name}...\n") unless quiet
-        begin
-          self.active_session = session
-          session.interact(driver.input.dup, driver.output)
-          self.active_session = nil
-          driver.input.reset_tab_completion if driver.input.supports_readline
-        ensure
-          if session.respond_to?(:response_timeout) && last_known_timeout
-            session.response_timeout = last_known_timeout
+      while sid
+        session = verify_session(sid)
+        if session
+          if session.respond_to?(:response_timeout)
+            last_known_timeout = session.response_timeout
+            session.response_timeout = response_timeout
+          end
+          print_status("Starting interaction with #{session.name}...\n") unless quiet
+          begin
+            self.active_session = session
+            sid = session.interact(driver.input.dup, driver.output)
+            self.active_session = nil
+            driver.input.reset_tab_completion if driver.input.supports_readline
+          ensure
+            if session.respond_to?(:response_timeout) && last_known_timeout
+              session.response_timeout = last_known_timeout
+            end
           end
+        else
+          sid = nil
         end
       end
     when 'scriptall'

lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb

@@ -65,6 +65,7 @@ def commands
       "bgkill"     => "Kills a background meterpreter script",
       "get_timeouts" => "Get the current session timeout values",
       "set_timeouts" => "Set the current session timeout values",
+      "sess"       => "Quickly switch to another session",
       "bglist"     => "Lists running background scripts",
       "write"      => "Writes data to a channel",
       "enable_unicode_encoding"  => "Enables encoding of unicode strings",
@@ -111,6 +112,28 @@ def name
     "Core"
   end
 
+  def cmd_sess_help
+    print_line('Usage: sess <session id>')
+    print_line
+    print_line('Interact with a different session Id.')
+    print_line('This works the same as calling this from the MSF shell: sessions -i <session id>')
+    print_line
+  end
+
+  def cmd_sess(*args)
+    if args.length == 0 || args[0].to_i == 0
+      cmd_sess_help
+    elsif args[0].to_s == client.name.to_s
+      print_status("Session #{client.name} is already interactive.")
+    else
+      print_status("Backgrounding session #{client.name}...")
+      # store the next session id so that it can be referenced as soon
+      # as this session is no longer interacting
+      client.next_session = args[0]
+      client.interacting = false
+    end
+  end
+
   def cmd_background_help
     print_line "Usage: background"
     print_line

lib/rex/ui/interactive.rb

@@ -83,8 +83,13 @@ def interact(user_input, user_output)
       self.completed = true
     end
 
-    # Return whether or not EOF was reached
-    return eof
+    # if another session was requested, store it
+    next_session = self.next_session
+    # clear the value from the object
+    self.next_session = nil
+
+    # return this session id
+    return next_session
   end
 
   #
@@ -104,6 +109,11 @@ def detach
   #
   attr_accessor   :interacting
 
+  #
+  # If another session needs interaction, this is where it goes
+  #
+  attr_accessor   :next_session
+
   #
   # Whether or not the session has completed interaction
   #