Skip to content

Commit

Permalink
Adds new search keywords to msfconsole
Browse files Browse the repository at this point in the history
  • Loading branch information
cgranleese-r7 committed Sep 13, 2023
1 parent 6a84cc8 commit 4bff7dd
Show file tree
Hide file tree
Showing 3 changed files with 78 additions and 4 deletions.
44 changes: 40 additions & 4 deletions lib/msf/core/modules/metadata/search.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,39 @@
module Msf::Modules::Metadata::Search

VALID_PARAMS =
%w[aka author authors arch cve bid edb check date disclosure_date description fullname fullname mod_time
name os platform path port rport rank ref ref_name reference references target targets text type]
%w[
adapter
aka
arch
author
authors
bid
check
cve
date
description
disclosure_date
edb
fullname
mod_time
name
os
path
platform
port
rank
ref
ref_name
reference
references
rport
stage
stager
target
targets
text
type
]

#
# Module Type Shorthands
Expand Down Expand Up @@ -43,7 +74,7 @@ def self.parse_search_string(search_string)

terms.each do |term|
# Split it on the `:`, with the part before the first `:` going into keyword, the part after first `:`
# but before any later instances of `:` going into search_term, and the characters after the second
# but before any later instances of `:` going into search_term, and the characters after the second
# `:` or later in the string going into _excess to be ignored.
#
# Example is `use exploit/linux/local/nested_namespace_idmap_limit_priv_esc::a`
Expand Down Expand Up @@ -172,6 +203,12 @@ def is_match(params, module_metadata)
end
when 'path'
match = [keyword, search_term] if module_metadata.fullname =~ regex
when 'stage'
match = [keyword, search_term] if module_metadata.stage_refname =~ regex
when 'stager'
match = [keyword, search_term] if module_metadata.stager_refname =~ regex
when 'adapter'
match = [keyword, search_term] if module_metadata.adapter_refname =~ regex
when 'port', 'rport'
match = [keyword, search_term] if module_metadata.rport.to_s =~ regex
when 'rank'
Expand Down Expand Up @@ -267,4 +304,3 @@ def get_fields(module_metadata, fields)
end

end

3 changes: 3 additions & 0 deletions lib/msf/ui/console/command_dispatcher/modules.rb
Original file line number Diff line number Diff line change
Expand Up @@ -363,6 +363,7 @@ def cmd_search_help
print_line
print_line "Keywords:"
{
'adapter' => 'Modules with a matching adater reference name',
'aka' => 'Modules with a matching AKA (also-known-as) name',
'author' => 'Modules written by this author',
'arch' => 'Modules affecting this architecture',
Expand All @@ -381,6 +382,8 @@ def cmd_search_help
'rank' => 'Modules with a matching rank (Can be descriptive (ex: \'good\') or numeric with comparison operators (ex: \'gte400\'))',
'ref' => 'Modules with a matching ref',
'reference' => 'Modules with a matching reference',
'stage' => 'Modules with a matching stage reference name',
'stager' => 'Modules with a matching stager reference name',
'target' => 'Modules affecting this target',
'type' => 'Modules of a specific type (exploit, payload, auxiliary, encoder, evasion, post, or nop)',
}.each_pair do |keyword, description|
Expand Down
35 changes: 35 additions & 0 deletions spec/lib/msf/core/modules/metadata/search_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,9 @@ def get_metadata
it { expect(described_class.parse_search_string("text:postgres:")).to eq({"text"=>[["postgres"], []]}) }
it { expect(described_class.parse_search_string("postgres::::")).to eq({"text"=>[["postgres"], []]}) }
it { expect(described_class.parse_search_string("turtle:bobcat postgres:")).to eq({"text"=>[["postgres"], []], "turtle"=>[["bobcat"], []]}) }
it { expect(described_class.parse_search_string("stage:linux/x64/meterpreter ")).to eq({"stage"=>[["linux/x64/meterpreter"], []]}) }
it { expect(described_class.parse_search_string("stager:linux/x64/reverse_tcp ")).to eq({"stager"=>[["linux/x64/reverse_tcp"], []]}) }
it { expect(described_class.parse_search_string("adapter:cmd/linux/http/mips64 ")).to eq({"adapter"=>[["cmd/linux/http/mips64"], []]}) }
end

describe '#find' do
Expand Down Expand Up @@ -141,6 +144,38 @@ def inverse_query_terms(search_string)
it_should_behave_like 'search_filter', :accept => accept, :reject => reject
end

context 'on a module with a #stage_refname of "linux/x64/meterpreter"' do
let(:opts) { { 'stage_refname' => 'linux/x64/meterpreter' } }
accept = %w[stage:linux/x64/meterpreter]
reject = %w[stage:unrelated]

it_should_behave_like 'search_filter', accept: accept, reject: reject
end

context 'on a module with a #stager_refname of "linux/x64/reverse_tcp"' do
let(:opts) { { 'stager_refname' => 'linux/x64/reverse_tcp' } }
accept = %w[stager:linux/x64/reverse_tcp]
reject = %w[stager:unrelated]

it_should_behave_like 'search_filter', accept: accept, reject: reject
end

context 'on a module with a #adapter_refname of "cmd/linux/http/mips64"' do
let(:opts) { { 'adapter_refname' => 'cmd/linux/http/mips64' } }
accept = %w[adapter:cmd/linux/http/mips64]
reject = %w[adapter:unrelated]

it_should_behave_like 'search_filter', accept: accept, reject: reject
end

context 'on a module with a #adapter_refname of "linux/x64/meterpreter_reverse_https"' do
let(:opts) { { 'adapter_refname' => 'linux/x64/meterpreter_reverse_https' } }
accept = %w[adapter:linux/x64/meterpreter_reverse_http adapter:linux/x64/meterpreter_reverse_https]
reject = %w[adapter:unrelated]

it_should_behave_like 'search_filter', accept: accept, reject: reject
end

context 'on a module that supports the osx platform' do
let(:opts) { ({ 'platform' => 'osx' }) }
accept = %w(platform:osx os:osx)
Expand Down

0 comments on commit 4bff7dd

Please sign in to comment.