From 89a71c9fdc4edbab29c9839715b9801687010880 Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Sun, 21 Apr 2024 15:37:12 +0300 Subject: [PATCH 1/3] Add support for 'privileged' search --- lib/msf/core/modules/metadata/obj.rb | 7 +++++++ lib/msf/core/modules/metadata/search.rb | 3 +++ lib/msf/ui/console/command_dispatcher/modules.rb | 1 + 3 files changed, 11 insertions(+) diff --git a/lib/msf/core/modules/metadata/obj.rb b/lib/msf/core/modules/metadata/obj.rb index 747b9a60600f..cc09ca97ebbc 100644 --- a/lib/msf/core/modules/metadata/obj.rb +++ b/lib/msf/core/modules/metadata/obj.rb @@ -66,6 +66,8 @@ class Obj attr_reader :adapter_refname # @return [String, nil] Name of the adapted payload if applicable attr_reader :adapted_refname + # @return [Boolean] Whether or not we are privileged + attr_reader :privileged # @return [Boolean] Whether or not the payload is staged attr_reader :staged # @return [String, nil] Name of the stage if applicable @@ -136,6 +138,9 @@ def initialize(module_instance, obj_hash = nil) @session_types = module_instance.respond_to?(:session_types) && module_instance.session_types + if module_instance.respond_to(:privileged) + @privileged = module_instance.privileged + end if module_instance.respond_to?(:payload_type) @payload_type = module_instance.payload_type @staged = module_instance.staged? @@ -183,6 +188,7 @@ def to_json(*args) 'notes' => @notes, 'session_types' => @session_types, 'needs_cleanup' => @needs_cleanup, + 'privileged' => @privileged, } data['actions'] = @actions if @actions @@ -260,6 +266,7 @@ def init_from_hash(obj_hash) @staged = obj_hash['staged'] @stage_refname = obj_hash['stage_refname'] @stager_refname = obj_hash['stager_refname'] + @privileged = obj_hash['privileged'] end def sort_platform_string diff --git a/lib/msf/core/modules/metadata/search.rb b/lib/msf/core/modules/metadata/search.rb index e3bb87f3754a..ae168e9138f6 100644 --- a/lib/msf/core/modules/metadata/search.rb +++ b/lib/msf/core/modules/metadata/search.rb @@ -218,6 +218,9 @@ def is_match(params, module_metadata) match = [keyword, search_term] if module_metadata.session_types && module_metadata.session_types.any? { |session_type| session_type =~ regex } when 'port', 'rport' match = [keyword, search_term] if module_metadata.rport.to_s =~ regex + when 'privileged' + # if it 'nil' it means the module don't have privileged property set + match = [keyword, search_term] if module_metadata.privileged.nil? || module_metadata.privileged == search_term when 'rank' # Determine if param was prepended with gt, lt, gte, lte, or eq # Ex: "lte300" should match all ranks <= 300 diff --git a/lib/msf/ui/console/command_dispatcher/modules.rb b/lib/msf/ui/console/command_dispatcher/modules.rb index 29623abce971..0fecdc13fbe9 100644 --- a/lib/msf/ui/console/command_dispatcher/modules.rb +++ b/lib/msf/ui/console/command_dispatcher/modules.rb @@ -405,6 +405,7 @@ def cmd_search_help 'target' => 'Modules affecting this target', 'type' => 'Modules of a specific type (exploit, payload, auxiliary, encoder, evasion, post, or nop)', 'action' => 'Modules with a matching action name or description', + 'privileged' => 'Modules with a matching "privileged" value set' }.each_pair do |keyword, description| print_line " #{keyword.ljust 17}: #{description}" end From 9bb6a4fbc1d7376710e5f0e52f76aa837eb4eb38 Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Mon, 22 Apr 2024 14:49:12 +0300 Subject: [PATCH 2/3] Update lib/msf/core/modules/metadata/search.rb Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com> --- lib/msf/core/modules/metadata/search.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/core/modules/metadata/search.rb b/lib/msf/core/modules/metadata/search.rb index ae168e9138f6..2b729c7efdca 100644 --- a/lib/msf/core/modules/metadata/search.rb +++ b/lib/msf/core/modules/metadata/search.rb @@ -219,7 +219,7 @@ def is_match(params, module_metadata) when 'port', 'rport' match = [keyword, search_term] if module_metadata.rport.to_s =~ regex when 'privileged' - # if it 'nil' it means the module don't have privileged property set + # If 'nil' is returned the module does not have the privileged property set match = [keyword, search_term] if module_metadata.privileged.nil? || module_metadata.privileged == search_term when 'rank' # Determine if param was prepended with gt, lt, gte, lte, or eq From 644f76ba7300720ad0779496eeb472adb190fbdd Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Mon, 22 Apr 2024 14:49:17 +0300 Subject: [PATCH 3/3] Update lib/msf/core/modules/metadata/obj.rb Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com> --- lib/msf/core/modules/metadata/obj.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/core/modules/metadata/obj.rb b/lib/msf/core/modules/metadata/obj.rb index cc09ca97ebbc..a9e7688d50c8 100644 --- a/lib/msf/core/modules/metadata/obj.rb +++ b/lib/msf/core/modules/metadata/obj.rb @@ -138,7 +138,7 @@ def initialize(module_instance, obj_hash = nil) @session_types = module_instance.respond_to?(:session_types) && module_instance.session_types - if module_instance.respond_to(:privileged) + if module_instance.respond_to?(:privileged) @privileged = module_instance.privileged end if module_instance.respond_to?(:payload_type)