Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

msfconsole should be pleasant at 80 characters #4776

Open
todb-r7 opened this Issue Feb 17, 2015 · 24 comments

Comments

Projects
None yet
@todb-r7
Copy link
Contributor

todb-r7 commented Feb 17, 2015

Option descriptions often look all ragged and horrible at a column width of 80. For example:

Actual screenshot:

image

Desired screenshot (approximated):

msf > info post/windows/gather/phish_windows_credentials

       Name: Windows Gather User Credentials (phishing)
     Module: post/windows/gather/phish_windows_credentials
   Platform: Windows
       Arch: x86, x64
       Rank: Normal

Provided by:
  Wesley Neelen <security@forsec.nl/@wez3forsec>
  Matt Nelson ( <Matt Nelson (@enigma0x3)>

Basic options:
  Name         Current Setting                Required  Description
  ----         ---------------                --------  -----------
  DESCRIPTION  {PROCESS_NAME} needs your      yes       Message shown in the
               permissions to start.                    loginprompt
               Please enter user credentials            Message shown in the
                                                        loginprompt
  PROCESS                                     no        Prompt if a specific
                                                        process is started by
                                                        the target. (e.g.
                                                        calc.exe or specify *
                                                        for all processes)
  SESSION                                     yes       The session to run this
                                                        module on.

Description:
  This module is able to perform a phishing attack on the target by 
  popping up a loginprompt. When the user fills credentials in the 
  loginprompt, the credentials will be sent to the attacker. The 
  module is able to monitor for new processes and popup a loginprompt 
  when a specific process is starting. Tested on Windows 7.

This example is a little silly because of the very long default OptString value, but you get the idea.

At any rate, the actual is okay for grepping (if you're into that sort of thing) and copy-pasting the text, but terrible for screencasting or actually using msfconsole and trying to read it sanely.

I could have sworn there was a prettifier for this sort of thing already, but now I don't see it. @kernelsmith? Pre-emptively assigning to you b/c I could have sworn you had something for this.

Such a setting would need to be optional, or else it ruins greppability. Or, remove the table view entirely? That'd be radical.

@todb-r7

This comment has been minimized.

Copy link
Contributor Author

todb-r7 commented Feb 17, 2015

Fixing this will make it much more likely that Metasploit modules will be screenshotted in upcoming episodes of CSI: Cyber and other mass media outlets, btw. :)

@wchen-r7

This comment has been minimized.

Copy link
Contributor

wchen-r7 commented Feb 17, 2015

Can the length be user-configurable? 80 isn't a lot. I don't know if that's the default, probably is, but I feel 80 isn't enough even for some system commands. Mine is at 100, it's still not enough.

@todb-r7

This comment has been minimized.

Copy link
Contributor Author

todb-r7 commented Feb 17, 2015

Yep should be user-config. People are often in 120-ish.

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Feb 17, 2015

The VT100 also supported 132 columns.

@Meatballs1

This comment has been minimized.

Copy link
Contributor

Meatballs1 commented Feb 17, 2015

Take a look at lib/rex/ui/text/table perhaps? This has a default:

self.width = opts['Width'] || 80

but this doesn't appear to be used?

@bcook-r7

This comment has been minimized.

Copy link
Contributor

bcook-r7 commented Feb 17, 2015

it should really use the $COLUMNS environment variable - then it would just fit

@jlee-r7

This comment has been minimized.

Copy link
Contributor

jlee-r7 commented Feb 17, 2015

I don't know how Windows behaves, but in Linux at least, ENV['COLUMNS'] appears to update appropriately when the window size changes.

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Feb 17, 2015

$COLUMNS isn't an environment variable, though. It's a shell variable, and it's specific to bash and some of its friends. You won't find it in sh, for instance.

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Feb 17, 2015

ENV['COLUMNS'] in Ruby works, though. Through some magic.

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Feb 17, 2015

Hmm, only in irb. Unless I'm crazy.

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Feb 17, 2015

As @jlee-r7 and I discussed, irb is probably setting it on its own. BLACK MAGIC.

@todb-r7

This comment has been minimized.

Copy link
Contributor Author

todb-r7 commented Feb 17, 2015

fyi just to be clear this COLUMNS business isn't implemented right now. Not sure if you were claiming that.

$ COLUMNS=80 ./msfconsole -L -x "info auxiliary/scanner/http/http_login" doesn't do anything exciting.

@kernelsmith

This comment has been minimized.

Copy link
Contributor

kernelsmith commented Feb 17, 2015

IIRC, @sempervictus and I were working on a generic table prettifier. I have no idea what happened to that tho, I'll dig around

@kernelsmith

This comment has been minimized.

Copy link
Contributor

kernelsmith commented Feb 22, 2015

@todb-r7 this is where the original discussion occurred #2093. I'll have to look harder for the code as I didn't see any feature branches I had on the matter. I may have abandoned it after juan landed that PR

@kernelsmith

This comment has been minimized.

Copy link
Contributor

kernelsmith commented Feb 22, 2015

in case the email notification doesn't have the link, #2093, cuz I forgot it, but added it in after initial submission of the comment

@hdm

This comment has been minimized.

Copy link
Contributor

hdm commented Feb 22, 2015

FYI - The trick for to responding to windows size changes is to handle SIGWINCH and then query the tty.

@todb-r7 todb-r7 added feature and removed bug labels Apr 13, 2015

@todb-r7

This comment has been minimized.

Copy link
Contributor Author

todb-r7 commented Apr 13, 2015

Moving this to a feature request, since I have a workaround of resizing my window and trying again. :/

Also I don't want to track resizing at all. Unless it lands in my lap.

@busterb

This comment has been minimized.

Copy link
Contributor

busterb commented Mar 30, 2017

I think people had more fun fantasizing about how to implement it and nobody did. I'm marking this newbie friendly because I don't think it's really that complex.

@sempervictus

This comment has been minimized.

Copy link
Contributor

sempervictus commented Mar 30, 2017

@PSNAppz

This comment has been minimized.

Copy link

PSNAppz commented Jan 13, 2019

Anyone working on this?

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Jan 14, 2019

Not at the moment.

@PSNAppz

This comment has been minimized.

Copy link

PSNAppz commented Jan 14, 2019

@wvu-r7 Can I start working on it?

@wvu-r7

This comment has been minimized.

Copy link
Contributor

wvu-r7 commented Jan 14, 2019

@PSNAppz: You sure can! Make sure you reference this ticket (#4776) when you put up a PR. Thanks!

@PSNAppz

This comment has been minimized.

Copy link

PSNAppz commented Jan 14, 2019

@wvu-r7 Thank you. Can you tell me which file prints this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.