Add repeat command for repeating other commands

[acammack-r7]

Recently watching an assessment I came across a need to dump lots of memory from a heartbleed-vulnerable host (manually running the module lots of times was technically an option, but there wasn't a lot of time). I hacked something up with irb and driver.run_single, but it didn't feel very satisfying or user-friendly. I imagine there are other classes of auxiliary module that could use this, so instead of adding module specific options for repetition I added a new command that can be used with any module/command.

The repeat command will continue starting commands until a certain amount of time elapses with -t, for a fixed number of iterations with -n, or indefinitely (the default). It supports running a list of commands separated by ;, since the sleep command (and probably others) might come in handy. Any exception running a command will cause the loop to stop.

Verification

• start msfconsole

Happy path

• repeat grep grep grep; sleep 1 should print two lines every second until you CTRL-C
• repeat -n 5 grep grep grep; sleep 1 should print the same 5 times
• repeat -t 6 grep grep grep; sleep 1 should do the same
• repeat -h and help repeat should be identical and informative
• Options to repeat should tab-complete

Sad path

• repeat -t 5 grep -A should print an error and not loop
• repeat -t asdf grep grep grep should print an error and not loop
• repeat -n asdf grep grep grep should print an error and not loop
• repeat (with and without options) should print help when run with no commands

[h00die]

Interesting idea. If you didn't tell me it was heartbleed driven originally, I'd only be able to point to that module as one that would have a strong use case. However who knows what the future may hold!

To me, having a command list, a ;, then sleep, then understanding the sleep runs between each iteration doesn't seem intuitive. What about adding a -p or -s that would do it. repeat -n 5 -p 1 action action action seems more intuitive to me.

[acammack-r7]

; is the standard unconditional pipeline delimiter in most shells and the statement/expression separator in Ruby and other languages, so I borrowed it here. I suppose it could take a list of actions, but any that took arguments would have to be quoted and omitting quotes would likely lead to interesting errors. A pause option does feel more Metasploit-y, but also much more cumbersome, which is why I initially passed on it.

Ideally I would have made this behave more like a bourne-style shell, since there are lots of great one-liners and tutorials available and other reasons for learning, but that's not really feasible in the current code base.

[wvu]

Great use case picking Heartbleed. I think this will be a superior approach for simple cases where writing a resource script is overkill. Thank you!

[wvu]

I believe you mean "propagate."

[wvu]

So, I should have added a dump count to this module years ago. I will probably do this when I update Shellshock. In the absence of a true pipeline, I think we should keep this note regardless.

[acammack-r7]

I was considering an advanced option for all modules for number of times to loop, but this felt more flexible and possibly less obscure. I think the MS15-034 scanner could also benefit.

[wvu]

Yeah, I'm a fan of this command over another top-level option. A pipeline would be a fantastic next evolution.

[wvu]

Additionally, I had found it annoying to use the Heartbleed module because you had to check the loot file(s) manually for anything interesting. I would have liked a way to tee in a sense, but that was well outside design parameters.

[wvu]

I think you mean "convenient" here.

[wvu]

I like the shorter lambda syntax with a block.

[acammack-r7]

It's a block that takes a block in a block for a block!

[acammack-r7]

Typos fixed, @wvu-r7.

Also, it now prints help when run without any commands instead of going into a loop with now output (similar to the grep msf command).

[wvu]

msf5 > repeat --crash-me
[-] repeat: invalid option: --crash-me
Traceback (most recent call last):
	7: from ./msfconsole:49:in `<main>'
	6: from /Users/wvu/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
	5: from /Users/wvu/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
	4: from /Users/wvu/metasploit-framework/lib/rex/ui/text/shell.rb:208:in `run'
	3: from /Users/wvu/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:447:in `run_single'
	2: from /Users/wvu/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:447:in `each'
	1: from /Users/wvu/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:450:in `block in run_single'
/Users/wvu/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:461:in `rescue in block in run_single': undefined local variable or method `propogate_errors' for #<Msf::Ui::Console::Driver:0x00007fced92af468> (NameError)
Did you mean?  propagate_errors
wvu@kharak:~/metasploit-framework:pr/10625$

6f72a05

[wvu]

Release Notes

This adds a repeat command to msfconsole, allowing a user to repeat a ;-separated list of commands for -n number of times and for -t seconds.