Skip to content

Commit 6b37e1e

Browse files
author
Brent Cook
committed
Land rapid7#8268, Improve metasploit-aggregator UX
2 parents fc3a880 + 32da0ed commit 6b37e1e

File tree

2 files changed

+77
-17
lines changed

2 files changed

+77
-17
lines changed

lib/metasploit/framework/afp/client.rb

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -214,14 +214,14 @@ def parse_info_response(response)
214214
parsed_data[:machine_type] = read_pascal_string(body, machine_type_offset)
215215
parsed_data[:versions] = read_array(body, afp_versions_offset)
216216
parsed_data[:uams] = read_array(body, uam_count_offset)
217-
# skiped icon
217+
# skipped icon
218218
parsed_data[:server_flags] = parse_flags(server_flags)
219219
parsed_data[:signature] = body.unpack("@#{server_signature_offset}H32").first
220220

221221
network_addresses = read_array(body, network_addresses_offset, true)
222222
parsed_data[:network_addresses] = parse_network_addresses(network_addresses)
223-
# skiped directory names
224-
#Error catching for offset issues on this field. Need better error ahndling all through here
223+
# skipped directory names
224+
#Error catching for offset issues on this field. Need better error handling all through here
225225
begin
226226
parsed_data[:utf8_server_name] = read_utf8_pascal_string(body, utf8_servername_offset)
227227
rescue

plugins/aggregator.rb

Lines changed: 74 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,34 @@ def usage_default_forward
8282
usage("aggregator_session_forward")
8383
end
8484

85+
def show_session(details, target, local_id)
86+
status = pad_space(" #{local_id}", 4)
87+
status += " #{details['ID']}" unless local_id.nil?
88+
status = pad_space(status, 15)
89+
status += " meterpreter "
90+
status += "#{guess_target_platform(details['OS'])} "
91+
status = pad_space(status, 43)
92+
status += "#{details['USER']} @ #{details['HOSTNAME']} "
93+
status = pad_space(status, 64)
94+
status += "#{details['LOCAL_SOCKET']} -> #{details['REMOTE_SOCKET']}"
95+
print_status status
96+
end
97+
98+
def show_session_detailed(details, target, local_id)
99+
print_status "\t Remote ID: #{details['ID']}"
100+
print_status "\t Type: meterpreter #{guess_target_platform(details['OS'])}"
101+
print_status "\t Info: #{details['USER']} @ #{details['HOSTNAME']}"
102+
print_status "\t Tunnel: #{details['LOCAL_SOCKET']} -> #{details['REMOTE_SOCKET']}"
103+
print_status "\t Via: exploit/multi/handler"
104+
print_status "\t UUID: #{details['UUID']}"
105+
print_status "\t MachineID: #{details['MachineID']}"
106+
print_status "\t CheckIn: #{details['LAST_SEEN'].to_i}s ago" unless details['LAST_SEEN'].nil?
107+
print_status "\tRegistered: Not Yet Implemented"
108+
print_status "\t Forward: #{target}"
109+
print_status "\tSession ID: #{local_id}" unless local_id.nil?
110+
print_status ""
111+
end
112+
85113
def cmd_aggregator_save(*args)
86114
# if we are logged in, save session details to aggregator.yaml
87115
if args.length == 0 || args[0] == "-h"
@@ -137,14 +165,28 @@ def cmd_aggregator_connect(*args)
137165
aggregator_login
138166
end
139167

140-
def cmd_aggregator_sessions(*_args)
168+
def cmd_aggregator_sessions(*args)
169+
case args.length
170+
when 0
171+
isDetailed = false
172+
when 1
173+
unless args[0] == "-v"
174+
usage_sessions
175+
return
176+
end
177+
isDetailed = true
178+
else
179+
usage_sessions
180+
return
181+
end
141182
return unless aggregator_verify
142183

143184
sessions_list = @aggregator.sessions
144185
return if sessions_list.nil?
145186

187+
session_map = {}
188+
146189
# get details for each session and print in format of sessions -v
147-
print_status("Sessions found:")
148190
sessions_list.each do |session|
149191
session_id, target = session
150192
details = @aggregator.session_details(session_id)
@@ -155,19 +197,27 @@ def cmd_aggregator_sessions(*_args)
155197
end
156198
# filter session that do not have details as forwarding options (this may change later)
157199
next unless details && details['ID']
200+
session_map[details['ID']] = [details, target, local_id]
201+
end
158202

159-
print_status "\t Remote ID: #{details['ID']}"
160-
print_status "\t Type: meterpreter #{guess_target_platform(details['OS'])}"
161-
print_status "\t Info: #{details['USER']} @ #{details['HOSTNAME']}"
162-
print_status "\t Tunnel: #{details['LOCAL_SOCKET']} -> #{details['REMOTE_SOCKET']}"
163-
print_status "\t Via: exploit/multi/handler"
164-
print_status "\t UUID: #{details['UUID']}"
165-
print_status "\t MachineID: #{details['MachineID']}"
166-
print_status "\t CheckIn: #{details['LAST_SEEN'].to_i}s ago" unless details['LAST_SEEN'].nil?
167-
print_status "\tRegistered: Not Yet Implemented"
168-
print_status "\t Forward: #{target}"
169-
print_status "\tSession ID: #{local_id}" unless local_id.nil?
170-
print_status ""
203+
print_status("Remote sessions")
204+
print_status("===============")
205+
print_status("")
206+
if session_map.length == 0
207+
print_status("No remote sessions.")
208+
else
209+
unless isDetailed
210+
print_status(" Id Remote Id Type Information Connection")
211+
print_status(" -- --------- ---- ----------- ----------")
212+
end
213+
session_map.keys.sort.each do |key|
214+
details, target, local_id = session_map[key]
215+
unless isDetailed
216+
show_session(details, target, local_id)
217+
else
218+
show_session_detailed(details, target, local_id)
219+
end
220+
end
171221
end
172222
end
173223

@@ -425,11 +475,21 @@ def guess_target_platform(os)
425475
end
426476
end
427477

478+
def pad_space(status, length)
479+
while status.length < length
480+
status << " "
481+
end
482+
status
483+
end
484+
428485
private :guess_target_platform
429486
private :aggregator_login
430487
private :aggregator_compatibility_check
431488
private :aggregator_verify
432489
private :local_handler
490+
private :pad_space
491+
private :show_session
492+
private :show_session_detailed
433493
end
434494

435495
#

0 commit comments

Comments
 (0)