WIP: Enable HTTPS client.

Removed RemoteServiceEndpoint and using URI instead.

Author: jbarnett-r7

lib/metasploit/framework/data_service/proxy/core.rb

@@ -199,7 +199,7 @@ def run_remote_db_process(opts)
     @pid = wait_t[0].pid
     puts "Started process with pid #{@pid}"
 
-    endpoint = Metasploit::Framework::DataService::RemoteServiceEndpoint.new('localhost', 8080)
+    endpoint = URI.parse('http://localhost:8080')
     remote_host_data_service = Metasploit::Framework::DataService::RemoteHTTPDataService.new(endpoint)
     register_data_service(remote_host_data_service, true)
   end

lib/metasploit/framework/data_service/remote/http/core.rb

@@ -20,11 +20,11 @@ class RemoteHTTPDataService
   POST_REQUEST = 'POST'
 
   #
-  # @param endpoint - A RemoteServiceEndpoint. Cannot be nil
+  # @param [String] endpoint A valid http or https URL. Cannot be nil
   #
   def initialize(endpoint)
     validate_endpoint(endpoint)
-    @endpoint = endpoint
+    @endpoint = URI.parse(endpoint)
     build_client_pool(5)
   end
 
@@ -175,7 +175,6 @@ def initialize(response)
 
   def validate_endpoint(endpoint)
     raise 'Endpoint cannot be nil' if endpoint.nil?
-    raise "Endpoint: #{endpoint.class} not of type RemoteServiceEndpoint" unless endpoint.is_a?(RemoteServiceEndpoint)
   end
 
   def append_workspace(data_hash)
@@ -224,7 +223,10 @@ def build_client_pool(size)
     @client_pool = Queue.new()
     (1..size).each {
       http = Net::HTTP.new(@endpoint.host, @endpoint.port)
-      http.use_ssl = true if @endpoint.use_ssl
+      if @endpoint.is_a?(URI::HTTPS)
+        http.use_ssl = true
+        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
       @client_pool << http
     }
   end

lib/metasploit/framework/data_service/remote/http/remote_service_endpoint.rb

@@ -42,8 +42,8 @@ def load_job_handlers
   end
 
   def inject_data_service
-    remote_service_endpoint = Metasploit::Framework::DataService::RemoteServiceEndpoint.new(CONSOLE_SERVICE_HOST_NAME,  CONSOLE_SERVICE_PORT)
-    remote_data_service = Metasploit::Framework::DataService::RemoteHTTPDataService.new(remote_service_endpoint)
+    endpoint = URI.parse("http://#{CONSOLE_SERVICE_HOST_NAME}:#{CONSOLE_SERVICE_PORT}")
+    remote_data_service = Metasploit::Framework::DataService::RemoteHTTPDataService.new(endpoint)
     remote_data_service.set_header(SESSION_KEY_VALUE, @session_key)
     data_service_manager = Metasploit::Framework::DataService::DataProxy.instance
     data_service_manager.register_data_service(remote_data_service)

lib/metasploit/framework/data_service/remote/msf_red/msf_red_service.rb

@@ -100,17 +100,21 @@ def cmd_list_data_services()
           end
 
           def cmd_add_data_service(*args)
+            protocol = "http"
             while (arg = args.shift)
               case arg
                 when '-h'
                   host = args.shift
                 when '-p'
                   port = args.shift
+                when '-s'
+                  protocol = "https"
+                  args.shift
               end
             end
 
-            remote_service_endpoint = Metasploit::Framework::DataService::RemoteServiceEndpoint.new(host, port)
-            remote_data_service = Metasploit::Framework::DataService::RemoteHTTPDataService.new(remote_service_endpoint)
+            endpoint = "#{protocol}://#{host}:#{port}"
+            remote_data_service = Metasploit::Framework::DataService::RemoteHTTPDataService.new(endpoint)
             data_service_manager = Metasploit::Framework::DataService::DataProxy.instance
             data_service_manager.register_data_service(remote_data_service)
           end