Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100755 200 lines (155 sloc) 4.396 kB
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
1 #!/usr/bin/env ruby
0e72894 @jduck more cleanups
jduck authored
2 #
3 # $Id$
4 # $Revision$
5 #
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
6
beb0cc7 @hmoore-r7 Patch from Jonathan Steel to fix double-symlinks
hmoore-r7 authored
7 msfbase = __FILE__
8 while File.symlink?(msfbase)
9 msfbase = File.expand_path(File.readlink(msfbase), File.dirname(msfbase))
10 end
11
bdf8d06 @hmoore-r7 Load from the absolute, not relative path
hmoore-r7 authored
12 $:.unshift(File.expand_path(File.join(File.dirname(msfbase), 'lib')))
bfc32f4 Adds fastlib and lib/metasploit.fastlib to the include path
HD Moore authored
13 require 'fastlib'
4bcbdc5 @todb Cutting over rails3 to master.
todb authored
14 require 'msfenv'
bfc32f4 Adds fastlib and lib/metasploit.fastlib to the include path
HD Moore authored
15
7d2b2b1 @hmoore-r7 Fix up bad line removals
hmoore-r7 authored
16
bfc32f4 Adds fastlib and lib/metasploit.fastlib to the include path
HD Moore authored
17
271822d @hmoore-r7 Merged revisions 5386-5391 via svnmerge from
hmoore-r7 authored
18 $:.unshift(ENV['MSF_LOCAL_LIB']) if ENV['MSF_LOCAL_LIB']
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
19
20 require 'rex/peparsey'
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
21 require 'rex/pescan'
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
22 require 'rex/arch/x86'
23 require 'optparse'
24
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
25 def opt2i(o)
26 o.index("0x")==0 ? o.hex : o.to_i
27 end
28
0691601 @hmoore-r7 This is another test commit - removed the ezmlm subject prefix...
hmoore-r7 authored
29
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
30 #
31 # Right now this program is a bit shakey...
32 #
33 # - It tries to error on the side of caution, so it will try for a
34 # false negative vs a false positive.
35 # - It doesn't account for the entire PE image neccesairly
36 # - It wouldn't find hits that overlap sections
37 # - etc etc
38 #
39
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
40 opt = OptionParser.new
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
41
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
42 opt.banner = "Usage: #{$PROGRAM_NAME} [mode] <options> [targets]"
43 opt.separator('')
44 opt.separator('Modes:')
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
45
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
46 worker = nil
47 param = {}
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
48
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
49 pe_klass = Rex::PeParsey::Pe
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
50
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
51 opt.on('-j', '--jump [regA,regB,regC]', 'Search for jump equivalent instructions') do |t|
52 # take csv of register names (like eax,ebx) and convert
53 # them to an array of register numbers
5372f4b @jduck fix error message on bad register specification
jduck authored
54 regnums = t.split(',').collect { |o|
55 begin
56 Rex::Arch::X86.reg_number(o)
57 rescue
58 puts "Invalid register \"#{o}\""
59 exit(1)
60 end
61 }
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
62 worker = Rex::PeScan::Scanner::JmpRegScanner
63 param['args'] = regnums
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
64 end
65
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
66 opt.on('-p', '--poppopret', 'Search for pop+pop+ret combinations') do |t|
67 worker = Rex::PeScan::Scanner::PopPopRetScanner
68 param['args'] = t
69 end
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
70
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
71 opt.on('-r', '--regex [regex]', 'Search for regex match') do |t|
72 worker = Rex::PeScan::Scanner::RegexScanner
73 param['args'] = t
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
74 end
75
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
76 opt.on('-a', '--analyze-address [address]', 'Display the code at the specified address') do |t|
77 worker = Rex::PeScan::Search::DumpRVA
78 param['args'] = opt2i(t)
79 end
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
80
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
81 opt.on('-b', '--analyze-offset [offset]', 'Display the code at the specified offset') do |t|
82 worker = Rex::PeScan::Search::DumpOffset
83 param['args'] = opt2i(t)
84 end
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
85
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
86 opt.on('-f', '--fingerprint', 'Attempt to identify the packer/compiler') do |t|
87 worker = Rex::PeScan::Analyze::Fingerprint
aa8de29 @hmoore-r7 Apply patch for symlink support
hmoore-r7 authored
88 param['database'] = File.join(File.dirname(msfbase), 'data', 'msfpescan', 'identify.txt')
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
89 end
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
90
1f0cd48 @hmoore-r7 This commit adds --info support to msfpescan
hmoore-r7 authored
91 opt.on('-i', '--info', 'Display detailed information about the image') do |t|
92 worker = Rex::PeScan::Analyze::Information
240ad73 @hmoore-r7 Added --rip mode to msfpescan :)
hmoore-r7 authored
93 end
94
f7847e1 @hmoore-r7 Fix a bug in regex mode (--ripper is now -R)
hmoore-r7 authored
95 opt.on('-R', '--ripper [directory]', 'Rip all module resources to disk ') do |t|
240ad73 @hmoore-r7 Added --rip mode to msfpescan :)
hmoore-r7 authored
96 worker = Rex::PeScan::Analyze::Ripper
97 param['dir'] = t
1f0cd48 @hmoore-r7 This commit adds --info support to msfpescan
hmoore-r7 authored
98 end
99
ec94968 @hmoore-r7 Add support for context-map files to msfpescan (http://sourceforge.ne…
hmoore-r7 authored
100 opt.on('--context-map [directory]', 'Generate context-map files') do |t|
101 worker = Rex::PeScan::Analyze::ContextMapDumper
102 param['dir'] = t
103 end
1f0cd48 @hmoore-r7 This commit adds --info support to msfpescan
hmoore-r7 authored
104
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
105 opt.separator('')
106 opt.separator('Options:')
107
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
108 opt.on('-M', '--memdump', 'The targets are memdump.exe directories') do |t|
109 pe_klass = Rex::PeParsey::PeMemDump
110 end
111
112
113 opt.on('-A', '--after [bytes]', 'Number of bytes to show after match (-a/-b)') do |t|
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
114 param['after'] = opt2i(t)
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
115 end
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
116
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
117 opt.on('-B', '--before [bytes]', 'Number of bytes to show before match (-a/-b)') do |t|
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
118 param['before'] = opt2i(t)
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
119 end
120
a87cbe1 @hmoore-r7 Add disassembly mode to msfpescan for -a
hmoore-r7 authored
121 opt.on('-D', '--disasm', 'Disassemble the bytes at this address') do |t|
122 param['disasm'] = true
123 end
124
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
125 opt.on('-I', '--image-base [address]', 'Specify an alternate ImageBase') do |t|
126 param['imagebase'] = opt2i(t)
127 end
128
c1cc193 @hmoore-r7 Quick update to allow address filtering (find unicode addresses,etc) …
hmoore-r7 authored
129 opt.on('-F', '--filter-addresses [regex]', 'Filter addresses based on a regular expression') do |t|
130 param['filteraddr'] = t
131 end
132
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
133 opt.on_tail("-h", "--help", "Show this message") do
134 puts opt
5372f4b @jduck fix error message on bad register specification
jduck authored
135 exit(1)
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
136 end
137
d769b45 @jlee-r7 handle invalid options, fixes 542
jlee-r7 authored
138 begin
139 opt.parse!
140 rescue OptionParser::InvalidOption
141 puts "Invalid option, try -h for usage"
5372f4b @jduck fix error message on bad register specification
jduck authored
142 exit(1)
d769b45 @jlee-r7 handle invalid options, fixes 542
jlee-r7 authored
143 end
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
144
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
145 if (! worker)
146 puts opt
5372f4b @jduck fix error message on bad register specification
jduck authored
147 exit(1)
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
148 end
149
e2a70dd @hmoore-r7 Fixes #111. Merge in patch to fix memdump support, still not perfect,…
hmoore-r7 authored
150
151 files = []
152
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
153 ARGV.each do |file|
5372f4b @jduck fix error message on bad register specification
jduck authored
154
e2a70dd @hmoore-r7 Fixes #111. Merge in patch to fix memdump support, still not perfect,…
hmoore-r7 authored
155 if(File.directory?(file))
156 dir = Dir.open(file)
157 dir.entries.each do |ent|
158 path = File.join(file, ent)
159 next if not File.file?(path)
160 files << File.join(path)
161 end
162 else
163 files << file
164 end
165 end
166
167 files.each do |file|
168 $stdout.puts ""
169
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
170 param['file'] = file
5372f4b @jduck fix error message on bad register specification
jduck authored
171
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
172 begin
173 pe = pe_klass.new_from_file(file, true)
e2a70dd @hmoore-r7 Fixes #111. Merge in patch to fix memdump support, still not perfect,…
hmoore-r7 authored
174 rescue ::Interrupt
175 raise $!
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
176 rescue Rex::PeParsey::FileHeaderError
177 next if $!.message == "Couldn't find the PE magic!"
178 raise $!
4d2e6eb @hmoore-r7 Nicer error message when passing a non-existent file to msfpescan
hmoore-r7 authored
179 rescue Errno::ENOENT
e2a70dd @hmoore-r7 Fixes #111. Merge in patch to fix memdump support, still not perfect,…
hmoore-r7 authored
180 $stdout.puts("File does not exist: #{file}")
181 next
182 rescue ::Rex::PeParsey::SkipError
183 next
184 rescue ::Exception => e
185 $stdout.puts "[#{file}] #{e.class}: #{e}"
4d2e6eb @hmoore-r7 Nicer error message when passing a non-existent file to msfpescan
hmoore-r7 authored
186 next
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
187 end
5372f4b @jduck fix error message on bad register specification
jduck authored
188
589205e @hmoore-r7 Nearly 100% functional
hmoore-r7 authored
189 if (param['imagebase'])
190 pe.image_base = param['imagebase'];
191 end
ec94968 @hmoore-r7 Add support for context-map files to msfpescan (http://sourceforge.ne…
hmoore-r7 authored
192
17d2ba7 @hmoore-r7 More work on the msfpescan port
hmoore-r7 authored
193 o = worker.new(pe)
194 o.scan(param)
5372f4b @jduck fix error message on bad register specification
jduck authored
195
da41886 @hmoore-r7 lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
hmoore-r7 authored
196 pe.close
5372f4b @jduck fix error message on bad register specification
jduck authored
197
e2a70dd @hmoore-r7 Fixes #111. Merge in patch to fix memdump support, still not perfect,…
hmoore-r7 authored
198 end
199 $stdout.puts ""
Something went wrong with that request. Please try again.