Adds support for searching by session types

rapid7 · Feb 29, 2024 · da17cf1 · da17cf1
1 parent 1731565
commit da17cf1
Show file tree

Hide file tree

Showing 6 changed files with 99 additions and 0 deletions.
diff --git a/lib/msf/core/modules/metadata/search.rb b/lib/msf/core/modules/metadata/search.rb
@@ -34,6 +34,7 @@ module Msf::Modules::Metadata::Search
       reference
       references
       rport
+      session_type
       stage
       stager
       target
@@ -213,6 +214,8 @@ def is_match(params, module_metadata)
               match = [keyword, search_term] if module_metadata.stager_refname =~ regex
             when 'adapter'
               match = [keyword, search_term] if module_metadata.adapter_refname =~ regex
+            when 'session_type'
+              match = [keyword, search_term] if module_metadata.session_types != false && module_metadata.session_types.any? { |session_type| session_type =~ regex }
             when 'port', 'rport'
               match = [keyword, search_term] if module_metadata.rport.to_s =~ regex
             when 'rank'

diff --git a/lib/msf/ui/console/command_dispatcher/modules.rb b/lib/msf/ui/console/command_dispatcher/modules.rb
@@ -399,6 +399,7 @@ def cmd_search_help
               'rank'        => 'Modules with a matching rank (Can be descriptive (ex: \'good\') or numeric with comparison operators (ex: \'gte400\'))',
               'ref'         => 'Modules with a matching ref',
               'reference'   => 'Modules with a matching reference',
+              'session_type' => 'Modules with a matching session type (SMB, MySQL, Meterpreter, etc)',
               'stage'       => 'Modules with a matching stage reference name',
               'stager'      => 'Modules with a matching stager reference name',
               'target'      => 'Modules affecting this target',

diff --git a/lib/rex/post/session_compatible_modules.rb b/lib/rex/post/session_compatible_modules.rb
@@ -0,0 +1,30 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Post
+    ###
+    #
+    # This module provides a list of modules that are compatible with the current session
+    #
+    ###
+    module SessionCompatibleModules
+
+      # @return [Array<String>]
+      def session_compatible_modules
+        # Use the built in search command functionality to get a list of search results
+        search_params = { 'session_type' => [[self.session.type], []] }
+        Msf::Modules::Metadata::Cache.instance.find(search_params)
+      end
+
+      # @return [String]
+      def format_session_compatible_modules
+        <<~EOF
+          This session also works with the following modules:
+
+            #{session_compatible_modules.flat_map(&:fullname).join("\n  ")}
+
+        EOF
+      end
+    end
+  end
+end
diff --git a/lib/rex/post/smb/ui/console.rb b/lib/rex/post/smb/ui/console.rb
@@ -1,6 +1,8 @@
 # -*- coding: binary -*-
 
 require 'English'
+require 'rex/post/session_compatible_modules'
+
 module Rex
   module Post
     module SMB
@@ -13,6 +15,7 @@ module Ui
         class Console
 
           include Rex::Ui::Text::DispatcherShell
+          include Rex::Post::SessionCompatibleModules
 
           # Dispatchers
           require 'rex/post/smb/ui/console/command_dispatcher'
@@ -98,6 +101,12 @@ def run_command(dispatcher, method, arguments)
             elog(e)
           end
 
+          # @param [Hash] opts
+          # @return [String]
+          def help_to_s(opts = {})
+            super + format_session_compatible_modules
+          end
+
           #
           # Logs that an error occurred and persists the callstack.
           #

diff --git a/lib/rex/post/sql/ui/console.rb b/lib/rex/post/sql/ui/console.rb
@@ -1,5 +1,6 @@
 require 'rex/post/sql/ui/console/command_dispatcher'
 require 'rex/post/sql/ui/console/interactive_sql_client'
+require 'rex/post/session_compatible_modules'
 
 module Rex
   module Post
@@ -12,6 +13,7 @@ module Ui
         module Console
 
           include Rex::Ui::Text::DispatcherShell
+          include Rex::Post::SessionCompatibleModules
 
           # Called when someone wants to interact with an SQL client.  It's
           # assumed that init_ui has been called prior.
@@ -69,6 +71,12 @@ def run_command(dispatcher, method, arguments)
             end
           end
 
+          # @param [Hash] opts
+          # @return [String]
+          def help_to_s(opts = {})
+            super + format_session_compatible_modules
+          end
+
           #
           # Interacts with the supplied client.
           #

diff --git a/spec/lib/msf/core/modules/metadata/search_spec.rb b/spec/lib/msf/core/modules/metadata/search_spec.rb
@@ -50,6 +50,12 @@ def get_metadata
     it { expect(described_class.parse_search_string("stage:linux/x64/meterpreter ")).to eq({"stage"=>[["linux/x64/meterpreter"], []]}) }
     it { expect(described_class.parse_search_string("stager:linux/x64/reverse_tcp ")).to eq({"stager"=>[["linux/x64/reverse_tcp"], []]}) }
     it { expect(described_class.parse_search_string("adapter:cmd/linux/http/mips64 ")).to eq({"adapter"=>[["cmd/linux/http/mips64"], []]}) }
+    it { expect(described_class.parse_search_string("session_type:PostgreSQL ")).to eq({"session_type"=>[["postgresql"], []]}) }
+    it { expect(described_class.parse_search_string("session_type:MSSQL ")).to eq({"session_type"=>[["mssql"], []]}) }
+    it { expect(described_class.parse_search_string("session_type:MySQL ")).to eq({"session_type"=>[["mysql"], []]}) }
+    it { expect(described_class.parse_search_string("session_type:SMB ")).to eq({"session_type"=>[["smb"], []]}) }
+    it { expect(described_class.parse_search_string("session_type:Meterpreter ")).to eq({"session_type"=>[["meterpreter"], []]}) }
+    it { expect(described_class.parse_search_string("session_type:shell ")).to eq({"session_type"=>[["shell"], []]}) }
     it { expect(described_class.parse_search_string("action:forge_golden ")).to eq({"action"=>[["forge_golden"], []]}) }
   end
 
@@ -185,6 +191,48 @@ def inverse_query_terms(search_string)
       it_should_behave_like 'search_filter', accept: accept, reject: reject
     end
 
+    context 'on a module with a #session_type of ["postgresql"]' do
+      let(:opts) { { 'session_types' => ['postgresql'] } }
+      accept = %w[session_type:postgresql]
+      accept_mis_spelt = %w[session_type:postgre]
+      reject = %w[session_type:unrelated]
+
+      it_should_behave_like 'search_filter', accept: accept, reject: reject
+      it_should_behave_like 'search_filter', accept: accept_mis_spelt, reject: reject
+    end
+
+    context 'on a module with a #session_types of ["postgresql"]' do
+      let(:opts) { { 'session_types' => ['postgresql'] } }
+      accept = %w[session_type:postgre]
+      reject = %w[session_type:unrelated]
+
+      it_should_behave_like 'search_filter', accept: accept, reject: reject
+    end
+
+    context 'on a module with a #session_type of ["mysql"]' do
+      let(:opts) { { 'session_types' => ['mysql'] } }
+      accept = %w[session_type:mysql]
+      reject = %w[session_type:unrelated]
+
+      it_should_behave_like 'search_filter', accept: accept, reject: reject
+    end
+
+    context 'on a module with a #session_type of ["smb"]' do
+      let(:opts) { { 'session_types' => ['smb'] } }
+      accept = %w[session_type:SMB]
+      reject = %w[session_type:unrelated]
+
+      it_should_behave_like 'search_filter', accept: accept, reject: reject
+    end
+
+    context 'on a module with a #session_type of ["mssql"]' do
+      let(:opts) { { 'session_types' => ['mssql'] } }
+      accept = %w[session_type:mssql]
+      reject = %w[session_type:unrelated]
+
+      it_should_behave_like 'search_filter', accept: accept, reject: reject
+    end
+
     context 'on a module that supports the osx platform' do
       let(:opts) { ({ 'platform' => 'osx' }) }
       accept = %w(platform:osx os:osx)