Class: Rex::Post::Meterpreter::Extensions::Stdapi::Net::Config

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/post/meterpreter/extensions/stdapi/net/config.rb

Overview

This class provides an interface to the network configuration that exists on the remote machine, such as interfaces, and routes.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client) ⇒ Config

Initializes a Config instance that is used to get information about the network configuration of the remote machine.



35
36
37
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 35

def initialize(client)
  self.client = client
end

Instance Attribute Details

#clientObject (protected)

:nodoc:



252
253
254
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 252

def client
  @client
end

Instance Method Details

#add_route(subnet, netmask, gateway) ⇒ Object

Adds a route to the target machine.



205
206
207
208
209
210
211
212
213
214
215
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 205

def add_route(subnet, netmask, gateway)
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_ADD_ROUTE)

  request.add_tlv(TLV_TYPE_SUBNET_STRING, subnet)
  request.add_tlv(TLV_TYPE_NETMASK_STRING, netmask)
  request.add_tlv(TLV_TYPE_GATEWAY_STRING, gateway)

  client.send_request(request)

  return true
end

#each_interface(&block) ⇒ Object

Enumerates each interface.



48
49
50
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 48

def each_interface(&block)
  get_interfaces().each(&block)
end

#each_route(&block) ⇒ Object

Enumerates each route.



173
174
175
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 173

def each_route(&block)
  get_routes().each(&block)
end

#get_arp_tableObject Also known as: arp_table

Returns an array of arp entries with each element being an Arp.



150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 150

def get_arp_table
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_GET_ARP_TABLE)
              arps  = []

  response = client.send_request(request)

  # Build out the array of arp
  response.each(TLV_TYPE_ARP_ENTRY) { |arp|
    arps << Arp.new(
        :ip_addr   => arp.get_tlv_value(TLV_TYPE_IP),
        :mac_addr  => arp.get_tlv_value(TLV_TYPE_MAC_ADDRESS),
        :interface => arp.get_tlv_value(TLV_TYPE_MAC_NAME)
        )
  }

  return arps
end

#get_interfacesArray<Interface> Also known as: interfaces

Returns an array of network interfaces with each element.

Returns:



55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 55

def get_interfaces
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_GET_INTERFACES)
  ifaces  = []

  response = client.send_request(request)

  response.each(TLV_TYPE_NETWORK_INTERFACE) { |iface|
    addrs = []
    netmasks = []
    scopes = []
    while (a = iface.get_tlv_value(TLV_TYPE_IP, addrs.length))
      # Netmasks aren't tightly associated with addresses, they're
      # just thrown all together in the interface TLV ordered to
      # match up. This could be done better by creating another
      # GroupTlv type for addresses containing an address, a netmask,
      # and possibly a scope.
      n = iface.get_tlv_value(TLV_TYPE_NETMASK, addrs.length)
      if (n.nil?)
        # Some systems can't report a netmask, only a network
        # prefix, so figure out the netmask from that.
        n = iface.get_tlv_value(TLV_TYPE_IP_PREFIX, addrs.length)
        if n
          n = Rex::Socket.bit2netmask(n, !!(a.length == 16))
        end
      else
        n = Rex::Socket.addr_ntoa(n)
      end
      s = iface.get_tlv_value(TLV_TYPE_IP6_SCOPE, addrs.length)
      scopes[addrs.length] = s if s
      netmasks[addrs.length] = n if n
      addrs << Rex::Socket.addr_ntoa(a)
    end
    ifaces << Interface.new(
        :index    => iface.get_tlv_value(TLV_TYPE_INTERFACE_INDEX),
        :mac_addr => iface.get_tlv_value(TLV_TYPE_MAC_ADDRESS),
        :mac_name => iface.get_tlv_value(TLV_TYPE_MAC_NAME),
        :mtu      => iface.get_tlv_value(TLV_TYPE_INTERFACE_MTU),
        :flags    => iface.get_tlv_value(TLV_TYPE_INTERFACE_FLAGS),
        :addrs    => addrs,
        :netmasks => netmasks,
        :scopes   => scopes
      )
  }

  return ifaces
end

#get_netstatObject Also known as: netstat

Returns an array of network connection entries with each element being a Netstat.



114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 114

def get_netstat
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_GET_NETSTAT)
              netstat  = []

  response = client.send_request(request)

  # Build out the array of netstat
  response.each(TLV_TYPE_NETSTAT_ENTRY) { |connection|
    netstat << Netstat.new(
                    :local_addr   => connection.get_tlv_value(TLV_TYPE_LOCAL_HOST_RAW),
        :remote_addr  => connection.get_tlv_value(TLV_TYPE_PEER_HOST_RAW),
        :local_port   => connection.get_tlv_value(TLV_TYPE_LOCAL_PORT),
        :remote_port  => connection.get_tlv_value(TLV_TYPE_PEER_PORT),
        :protocol     => connection.get_tlv_value(TLV_TYPE_MAC_NAME), # tcp/tcp6/udp/udp6
        :state        => connection.get_tlv_value(TLV_TYPE_SUBNET_STRING),
        :uid          => connection.get_tlv_value(TLV_TYPE_PID),
        :inode        => connection.get_tlv_value(TLV_TYPE_ROUTE_METRIC),
        :pid_name     => connection.get_tlv_value(TLV_TYPE_PROCESS_NAME)
        )
  }

  return netstat
end

#get_proxy_configObject

Gets the current proxy configuration



235
236
237
238
239
240
241
242
243
244
245
246
247
248
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 235

def get_proxy_config()
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_GET_PROXY)

  response = client.send_request(request)

  proxy_config = {
    :autodetect    => response.get_tlv_value(TLV_TYPE_PROXY_CFG_AUTODETECT),
    :autoconfigurl => response.get_tlv_value(TLV_TYPE_PROXY_CFG_AUTOCONFIGURL),
    :proxy         => response.get_tlv_value(TLV_TYPE_PROXY_CFG_PROXY),
    :proxybypass   => response.get_tlv_value(TLV_TYPE_PROXY_CFG_PROXYBYPASS)
  }

  return proxy_config
end

#get_routesObject Also known as: routes

Returns an array of routes with each element being a Route.



180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 180

def get_routes
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_GET_ROUTES)
  routes  = []

  response = client.send_request(request)

  # Build out the array of routes
  # Note: This will include both IPv4 and IPv6 routes
  response.each(TLV_TYPE_NETWORK_ROUTE) { |route|
    routes << Route.new(
        route.get_tlv_value(TLV_TYPE_SUBNET),
        route.get_tlv_value(TLV_TYPE_NETMASK),
        route.get_tlv_value(TLV_TYPE_GATEWAY),
        route.get_tlv_value(TLV_TYPE_STRING),
        route.get_tlv_value(TLV_TYPE_ROUTE_METRIC))
  }

  return routes
end

#remove_route(subnet, netmask, gateway) ⇒ Object

Removes a route from the target machine.



220
221
222
223
224
225
226
227
228
229
230
# File 'lib/rex/post/meterpreter/extensions/stdapi/net/config.rb', line 220

def remove_route(subnet, netmask, gateway)
  request = Packet.create_request(COMMAND_ID_STDAPI_NET_CONFIG_REMOVE_ROUTE)

  request.add_tlv(TLV_TYPE_SUBNET_STRING, subnet)
  request.add_tlv(TLV_TYPE_NETMASK_STRING, netmask)
  request.add_tlv(TLV_TYPE_GATEWAY_STRING, gateway)

  client.send_request(request)

  return true
end