Land rapid7#18830, SQL sessions consolidation

Author: adfoster-r7

lib/msf/base/sessions/mssql.rb

@@ -2,21 +2,17 @@
 
 require 'rex/post/mssql'
 
-class Msf::Sessions::MSSQL
+class Msf::Sessions::MSSQL < Msf::Sessions::Sql
 
-  include Msf::Session::Basic
-  include Msf::Sessions::Scriptable
-
-  # @return [Rex::Post::MSSQL::Ui::Console] The interactive console
-  attr_accessor :console
-  # @return [MSSQL::Client] The MSSQL client
-  attr_accessor :client
-  attr_accessor :platform, :arch
+  # @return [String] The address MSSQL is running on
+  attr_accessor :address
+  # @return [Integer] The port MSSQL is running on
+  attr_accessor :port
   attr_reader :framework
 
   def initialize(rstream, opts = {})
     @client = opts.fetch(:client)
-    self.console = Rex::Post::MSSQL::Ui::Console.new(self, opts)
+    self.console = ::Rex::Post::MSSQL::Ui::Console.new(self, opts)
 
     super(rstream, opts)
   end
@@ -28,28 +24,6 @@ def bootstrap(datastore = {}, handler = nil)
     @info = "MSSQL #{datastore['USERNAME']} @ #{@peer_info}"
   end
 
-  def execute_file(full_path, args)
-    if File.extname(full_path) == '.rb'
-      Rex::Script::Shell.new(self, full_path).run(args)
-    else
-      console.load_resource(full_path)
-    end
-  end
-
-  def process_autoruns(datastore)
-    ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
-      next if datastore[key].nil? || datastore[key].empty?
-
-      args = Shellwords.shellwords(datastore[key])
-      print_status("Session ID #{self.sid} (#{self.tunnel_to_s}) processing #{key} '#{datastore[key]}'")
-      self.execute_script(args.shift, *args)
-    end
-  end
-
-  def type
-    self.class.type
-  end
-
   # Returns the type of session.
   #
   def self.type
@@ -80,64 +54,4 @@ def port
     @address, @port = client.sock.peerinfo.split(':')
     @port
   end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  # Initializes the console's I/O handles.
-  #
-  def init_ui(input, output)
-    self.user_input = input
-    self.user_output = output
-    console.init_ui(input, output)
-    console.set_log_source(log_source)
-
-    super
-  end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  # Resets the console's I/O handles.
-  #
-  def reset_ui
-    console.unset_log_source
-    console.reset_ui
-  end
-
-  def exit
-    console.stop
-  end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  # Override the basic session interaction to use shell_read and
-  # shell_write instead of operating on rstream directly.
-  def _interact
-    framework.events.on_session_interact(self)
-    framework.history_manager.with_context(name: type.to_sym) do
-      _interact_stream
-    end
-  end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  def _interact_stream
-    framework.events.on_session_interact(self)
-
-    console.framework = framework
-    # Call the console interaction of the MSSQL client and
-    # pass it a block that returns whether or not we should still be
-    # interacting.  This will allow the shell to abort if interaction is
-    # canceled.
-    console.interact { interacting != true }
-    console.framework = nil
-
-    # If the stop flag has been set, then that means the user exited.  Raise
-    # the EOFError so we can drop this handle like a bad habit.
-    raise EOFError if (console.stopped? == true)
-  end
-
 end

lib/msf/base/sessions/mysql.rb

@@ -2,17 +2,7 @@
 
 require 'rex/post/mysql'
 
-class Msf::Sessions::MySQL
-
-  # This interface supports basic interaction.
-  include Msf::Session::Basic
-  include Msf::Sessions::Scriptable
-
-  # @return [Rex::Post::MySQL::Ui::Console] The interactive console
-  attr_accessor :console
-  # @return [MySQL::Client]
-  attr_accessor :client
-  attr_accessor :platform, :arch
+class Msf::Sessions::MySQL < Msf::Sessions::Sql
 
   # @param[Rex::IO::Stream] rstream
   # @param [Hash] opts
@@ -32,21 +22,6 @@ def bootstrap(datastore = {}, handler = nil)
     @info = "MySQL #{datastore['USERNAME']} @ #{client.socket.peerinfo}"
   end
 
-  def process_autoruns(datastore)
-    ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
-      next if datastore[key].nil? || datastore[key].empty?
-
-      args = Shellwords.shellwords(datastore[key])
-      print_status("Session ID #{session.sid} (#{session.tunnel_to_s}) processing #{key} '#{datastore[key]}'")
-      execute_script(args.shift, *args)
-    end
-  end
-
-  # @return [String]
-  def type
-    self.class.type
-  end
-
   # @return [String] The type of the session
   def self.type
     'mysql'
@@ -77,60 +52,4 @@ def port
     @address, @port = @client.socket.peerinfo.split(':')
     @port
   end
-
-  # Initializes the console's I/O handles.
-  #
-  # @param [Object] input
-  # @param [Object] output
-  # @return [String]
-  def init_ui(input, output)
-    super(input, output)
-
-    console.init_ui(input, output)
-    console.set_log_source(log_source)
-  end
-
-  # Resets the console's I/O handles.
-  #
-  # @return [Object]
-  def reset_ui
-    console.unset_log_source
-    console.reset_ui
-  end
-
-
-  # Exit the console
-  #
-  # @return [TrueClass]
-  def exit
-    console.stop
-  end
-
-  protected
-
-  # Override the basic session interaction to use shell_read and
-  # shell_write instead of operating on rstream directly.
-  #
-  # @return [Object]
-  def _interact
-    framework.events.on_session_interact(self)
-    framework.history_manager.with_context(name: type.to_sym) { _interact_stream }
-  end
-
-  # @return [Object]
-  def _interact_stream
-    framework.events.on_session_interact(self)
-
-    console.framework = framework
-    # Call the console interaction of the mysql client and
-    # pass it a block that returns whether or not we should still be
-    # interacting.  This will allow the shell to abort if interaction is
-    # canceled.
-    console.interact { interacting != true }
-    console.framework = nil
-
-    # If the stop flag has been set, then that means the user exited.  Raise
-    # the EOFError so we can drop this handle like a bad habit.
-    raise ::EOFError if (console.stopped? == true)
-  end
 end

lib/msf/base/sessions/postgresql.rb

@@ -2,18 +2,7 @@
 
 require 'rex/post/postgresql'
 
-class Msf::Sessions::PostgreSQL
-  #
-  # This interface supports basic interaction.
-  #
-  include Msf::Session::Basic
-  include Msf::Sessions::Scriptable
-
-  # @return [Rex::Post::PostgreSQL::Ui::Console] The interactive console
-  attr_accessor :console
-  # @return [PostgreSQL::Client]
-  attr_accessor :client
-  attr_accessor :platform, :arch
+class Msf::Sessions::PostgreSQL < Msf::Sessions::Sql
 
   # @param[Rex::IO::Stream] rstream
   # @param [Hash] opts
@@ -31,28 +20,6 @@ def bootstrap(datastore = {}, handler = nil)
     @info = "PostgreSQL #{datastore['USERNAME']} @ #{@peer_info}"
   end
 
-  def execute_file(full_path, args)
-    if File.extname(full_path) == '.rb'
-      Rex::Script::Shell.new(self, full_path).run(args)
-    else
-      console.load_resource(full_path)
-    end
-  end
-
-  def process_autoruns(datastore)
-    ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
-      next if datastore[key].nil? || datastore[key].empty?
-
-      args = Shellwords.shellwords(datastore[key])
-      print_status("Session ID #{self.sid} (#{self.tunnel_to_s}) processing #{key} '#{datastore[key]}'")
-      self.execute_script(args.shift, *args)
-    end
-  end
-
-  def type
-    self.class.type
-  end
-
   #
   # @return [String] The type of the session
   #
@@ -86,62 +53,4 @@ def port
     @address, @port = @client.conn.peerinfo.split(':')
     @port
   end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  # Initializes the console's I/O handles.
-  #
-  def init_ui(input, output)
-    super(input, output)
-
-    console.init_ui(input, output)
-    console.set_log_source(self.log_source)
-  end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  # Resets the console's I/O handles.
-  #
-  def reset_ui
-    console.unset_log_source
-    console.reset_ui
-  end
-
-  def exit
-    console.stop
-  end
-
-  protected
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  # Override the basic session interaction to use shell_read and
-  # shell_write instead of operating on rstream directly.
-  def _interact
-    framework.events.on_session_interact(self)
-    framework.history_manager.with_context(name: type.to_sym) { _interact_stream }
-  end
-
-  ##
-  # :category: Msf::Session::Interactive implementors
-  #
-  def _interact_stream
-    framework.events.on_session_interact(self)
-
-    console.framework = framework
-
-    # Call the console interaction of the PostgreSQL client and
-    # pass it a block that returns whether or not we should still be
-    # interacting.  This will allow the shell to abort if interaction is
-    # canceled.
-    console.interact { interacting != true }
-    console.framework = nil
-
-    # If the stop flag has been set, then that means the user exited.  Raise
-    # the EOFError so we can drop this handle like a bad habit.
-    raise ::EOFError if (console.stopped? == true)
-  end
 end