Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add configurable logging to the console and support stdout sinks #14431

Merged
merged 1 commit into from
Dec 10, 2020
Merged

Add configurable logging to the console and support stdout sinks #14431

merged 1 commit into from
Dec 10, 2020

Conversation

adfoster-r7
Copy link
Contributor

@adfoster-r7 adfoster-r7 commented Nov 25, 2020
edited
Loading

As an alternative to the rather specific implementation of Add stdout logging functionality to json rpc, this PR adds a configuration option to the console and the rpc service for specifying the required metasploit logsink

Verification

Console verification

Verify that default logging works, and the default Flatfile sink works as expected:

bundle exec ./msfconsole
cat ~/.msf4/logs/framework.log

Ensure that the logger can be configured with arbitrary loggers:

bundle exec ./msfconsole --logger Stdout -x 'exit' -q
bundle exec ./msfconsole --logger StdoutWithoutTimestamps -x 'exit' -q
bundle exec ./msfconsole --logger Stderr -x 'exit' -q
bundle exec ./msfconsole --logger Flatfile -x 'exit' -q
bundle exec ./msfconsole --logger TimestampColorlessFlatfile -x 'exit' -q
bundle exec ./msfconsole --logger LoggerThatDoesntExist -x 'exit' -q

For example, the stdout/stderr loggers should resemble:

$ bundle exec ./msfconsole --logger Stdout -q
[11/25/2020 17:54:12] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[11/25/2020 17:54:12] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[11/25/2020 17:54:12] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[11/25/2020 17:54:12] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[11/25/2020 17:54:13] [e(0)] core: Unable to load module /Users/adfoster/Documents/code/metasploit-framework/modules/auxiliary/gather/office365userenum.py - LoadError  Try running file manually to check for errors or dependency issues.
[*] Using configured payload php/meterpreter/reverse_tcp
[*] Starting persistent handler(s)...
msf6 exploit(multi/http/drupal_drupageddon) >

The Flatfile loggers will go to ~/.msf4/logs/framework.log as normal.

Additionally verifying invalid options work:

$ bundle exec ./msfconsole --logger InvalidLogger -x 'exit' -q
bundler: failed to load command: ./msfconsole (./msfconsole)
Rex::ArgumentError: An invalid argument was specified. Could not find logger InvalidLogger, expected one of StdoutWithoutTimestamps, FlatfileWithoutColors, Stderr, Stdout, Flatfile, Stream
...

JSON RPC support

This functionality is additionally supported by the rpc layer:

MSF_WS_DATA_SERVICE_LOGGER=Stdout bundle exec thin --rackup msf-json-rpc.ru --address localhost --port 8081 --environment production --tag msf-json-rpc start

Curling with an additional request:

curl --request POST --url http://localhost:8081/api/v1/json-rpc --header 'content-type: application/json' --data '{ "jsonrpc": "2.0", "method": "core.version", "id": 1, "params": [] }'

Verifying the server's output:

$ MSF_WS_DATA_SERVICE_LOGGER=Stdout bundle exec thin --rackup msf-json-rpc.ru --address localhost --port 8081 --environment production --tag msf-json-rpc start
[11/25/2020 17:34:53] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[11/25/2020 17:34:53] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[11/25/2020 17:34:53] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[11/25/2020 17:34:53] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[11/25/2020 17:34:54] [e(0)] core: Unable to load module /Users/adfoster/Documents/code/metasploit-framework/modules/auxiliary/gather/office365userenum.py - LoadError  Try running file manually to check for errors or dependency issues.
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:8081, CTRL+C to stop
[11/25/2020 17:35:17] [d(0)] core: Already established connection to postgresql, so reusing active connection.
[11/25/2020 17:35:17] [e(0)] core: DB.connect threw an exception - ActiveRecord::AdapterNotSpecified database configuration does not specify adapter
[11/25/2020 17:35:17] [e(0)] core: Failed to connect to the database: database configuration does not specify adapter

@adfoster-r7 adfoster-r7 force-pushed the add-configurable-logging-to-console-and-support-stdout-sinks branch from caa662e to 04f6828 Compare November 25, 2020 17:58
jmartin-tech
jmartin-tech reviewed Nov 25, 2020
View reviewed changes
Copy link
Contributor

@jmartin-tech jmartin-tech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, some minor thoughts noted.

lib/rex/logging/sinks/flatfile_without_colors.rb Outdated Show resolved Hide resolved
lib/metasploit/framework/parsed_options/console.rb Outdated Show resolved Hide resolved
lib/rex/logging/sinks/stream.rb Show resolved Hide resolved
lib/rex/logging/sinks/flatfile.rb Show resolved Hide resolved
@adfoster-r7 adfoster-r7 force-pushed the add-configurable-logging-to-console-and-support-stdout-sinks branch 3 times, most recently from 4e857c1 to 3654c8b Compare November 27, 2020 15:40
@jmartin-tech
Copy link
Contributor

I think some in progress PR work snuck into this, can you rebase on master and reduces just to your commits please?

@adfoster-r7 adfoster-r7 force-pushed the add-configurable-logging-to-console-and-support-stdout-sinks branch 3 times, most recently from f8e7b7f to 343b3a6 Compare December 3, 2020 00:22
@adfoster-r7 adfoster-r7 force-pushed the add-configurable-logging-to-console-and-support-stdout-sinks branch from 343b3a6 to 9e20bb5 Compare December 8, 2020 16:23
@dwelch-r7 dwelch-r7 merged commit 54b897e into rapid7:master Dec 10, 2020
@dwelch-r7
Copy link
Contributor

dwelch-r7 commented Dec 10, 2020
edited by pbarry-r7
Loading

Release Notes

Added a configuration option to the console and the RPC service for specifying the required metasploit logsink.

@dwelch-r7 dwelch-r7 self-assigned this Dec 10, 2020
@gwillcox-r7 gwillcox-r7 added the rn-enhancement release notes enhancement label Dec 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmartin-tech jmartin-tech jmartin-tech left review comments

Assignees

@dwelch-r7 dwelch-r7

Labels
feature rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@adfoster-r7 @jmartin-tech @dwelch-r7 @gwillcox-r7