Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve options display optional session types #18817

Conversation

dwelch-r7
Copy link
Contributor

@dwelch-r7 dwelch-r7 commented Feb 11, 2024

Merge after #18770

This PR splits up the output of the options command for modules that support either an rhost or a session connection to show that only one or the other is required as this was ambiguous before

Before:

msf6 auxiliary(scanner/smb/smb_enumshares) > options

Module options (auxiliary/scanner/smb/smb_enumshares):

   Name                    Current Setting                         Required  Description
   ----                    ---------------                         --------  -----------
   HIGHLIGHT_NAME_PATTERN  username|password|user|pass|Groups.xml  yes       PCRE regex of resource names to highlight
   LogSpider               3                                       no        0 = disabled, 1 = CSV, 2 = table (txt), 3 = one liner (txt) (Accepted: 0, 1, 2, 3)
   MaxDepth                999                                     yes       Max number of subdirectories to spider
   RHOSTS                  172.16.158.159                          no        The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
   SESSION                 1                                       no        The session to run this module on
   SMBDomain               .                                       no        The Windows domain to use for authentication
   SMBPass                 vagrant                                 no        The password for the specified username
   SMBUser                 vagrant                                 no        The username to authenticate as
   Share                                                           no        Show only the specified share
   ShowFiles               false                                   yes       Show detailed information when spidering
   SpiderProfiles          true                                    no        Spider only user profiles when share is a disk share
   SpiderShares            false                                   no        Spider shares recursively
   THREADS                 1                                       yes       The number of concurrent threads (max one per host)

After:

msf6 auxiliary(scanner/smb/smb_enumshares) > options

Module options (auxiliary/scanner/smb/smb_enumshares):

   Name                    Current Setting                         Required  Description
   ----                    ---------------                         --------  -----------
   HIGHLIGHT_NAME_PATTERN  username|password|user|pass|Groups.xml  yes       PCRE regex of resource names to highlight
   LogSpider               3                                       no        0 = disabled, 1 = CSV, 2 = table (txt), 3 = one liner (txt) (Accepted: 0, 1, 2, 3)
   MaxDepth                999                                     yes       Max number of subdirectories to spider
   Share                                                           no        Show only the specified share
   ShowFiles               false                                   yes       Show detailed information when spidering
   SpiderProfiles          true                                    no        Spider only user profiles when share is a disk share
   SpiderShares            false                                   no        Spider shares recursively


   Used when making a new connection via RHOSTS:

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   RHOSTS     172.16.158.159   no        The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
   SMBDomain  .                no        The Windows domain to use for authentication
   SMBPass    vagrant          no        The password for the specified username
   SMBUser    vagrant          no        The username to authenticate as
   THREADS    1                yes       The number of concurrent threads (max one per host)


   Used when connecting via an existing SESSION:

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                no        The session to run this module on

Verification Steps

  • CI passes
  • Check that modules with new session type support have their relevant options grouped in the output of options
  • Check other modules look as they did before

@adfoster-r7
Copy link
Contributor

Could we add tests to spec/lib/msf/base/serializer/readable_text_spec.rb for this? I think that makes sense to me 👀

@dwelch-r7 dwelch-r7 force-pushed the improve-options-display-optional-session-types branch from ea70bdf to 9a4b8b9 Compare February 15, 2024 13:31
lib/msf/core/opt.rb Outdated Show resolved Hide resolved
@dwelch-r7 dwelch-r7 marked this pull request as ready for review February 16, 2024 17:23
@adfoster-r7
Copy link
Contributor

Not a blocker; Looks like we should be updating info -d to support displaying this new functionality - but it looks like we'd need to clean this up as a pre-requisite step so not a blocker

lib/msf/core/optional_session/mssql.rb Outdated Show resolved Hide resolved
lib/msf/base/serializer/readable_text.rb Show resolved Hide resolved
lib/msf/base/serializer/readable_text.rb Outdated Show resolved Hide resolved
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a blocker; This existing class extending Hash is odd. It's probably something we should remove in the future if the API surface area is small :+1;

lib/msf/core/option_container.rb Outdated Show resolved Hide resolved
lib/msf/core/option_group.rb Show resolved Hide resolved
lib/msf/core/option_group.rb Outdated Show resolved Hide resolved
@dwelch-r7 dwelch-r7 mentioned this pull request Feb 20, 2024
3 tasks
@dwelch-r7 dwelch-r7 force-pushed the improve-options-display-optional-session-types branch from 71868bd to 09edb84 Compare February 20, 2024 14:46
@dwelch-r7 dwelch-r7 marked this pull request as draft February 20, 2024 14:47
@dwelch-r7 dwelch-r7 force-pushed the improve-options-display-optional-session-types branch 4 times, most recently from be98b6a to bbcc763 Compare February 20, 2024 19:27
@dwelch-r7 dwelch-r7 marked this pull request as ready for review February 21, 2024 00:46
@adfoster-r7
Copy link
Contributor

@dwelch-r7 Can we squash the commits down here? 🎉

@cgranleese-r7 cgranleese-r7 self-assigned this Feb 21, 2024
@dwelch-r7 dwelch-r7 force-pushed the improve-options-display-optional-session-types branch from 74a9842 to 1bf3df2 Compare February 21, 2024 11:50
@cgranleese-r7 cgranleese-r7 added enhancement rn-enhancement release notes enhancement labels Feb 21, 2024
@cgranleese-r7
Copy link
Contributor

Ran through all the new session types modules and everything is working as expected. I think this is much better now in terms off making it clear what is required in order for a user to know what needs to be set depending on what method they use for modules. Great change 📈

lib/msf/core/module/options.rb Show resolved Hide resolved
lib/msf/core/module/options.rb Show resolved Hide resolved
lib/msf/core/optional_session/smb.rb Outdated Show resolved Hide resolved
@dwelch-r7 dwelch-r7 force-pushed the improve-options-display-optional-session-types branch from 1bf3df2 to bf1608a Compare February 21, 2024 12:51
@cgranleese-r7 cgranleese-r7 merged commit 7b618d4 into rapid7:master Feb 21, 2024
46 checks passed
@cgranleese-r7
Copy link
Contributor

Release Notes

This PR adds support to now bucket module options that are output after running the options command. This will be for modules that support either an RHOST or a SESSION connection to show that only one or the other is required when using the new session type features for SMB/MSSQL/MYSQL/PostgreSQL sessions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement rn-enhancement release notes enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants