Land #18770, Extract SMB, PostgreSQL, MySQL and MSSQL optional sessio…

…ns into their own mixins
rapid7 · Feb 15, 2024 · e49c6a7 · e49c6a7
2 parents 8e3daa5 + fa5c4c0
commit e49c6a7
Show file tree

Hide file tree

Showing 57 changed files with 213 additions and 148 deletions.
diff --git a/lib/msf/base/sessions/mssql.rb b/lib/msf/base/sessions/mssql.rb
@@ -53,7 +53,7 @@ def type
   # Returns the type of session.
   #
   def self.type
-    'MSSQL'
+    'mssql'
   end
 
   def self.can_cleanup_files

diff --git a/lib/msf/base/sessions/mysql.rb b/lib/msf/base/sessions/mysql.rb
@@ -49,7 +49,7 @@ def type
 
   # @return [String] The type of the session
   def self.type
-    'MySQL'
+    'mysql'
   end
 
   # @return [Boolean] Can the session clean up after itself

diff --git a/lib/msf/base/sessions/postgresql.rb b/lib/msf/base/sessions/postgresql.rb
@@ -57,7 +57,7 @@ def type
   # @return [String] The type of the session
   #
   def self.type
-    'PostgreSQL'
+    'postgresql'
   end
 
   #

diff --git a/lib/msf/base/sessions/smb.rb b/lib/msf/base/sessions/smb.rb
@@ -57,7 +57,7 @@ def type
   # Returns the type of session.
   #
   def self.type
-    'SMB'
+    'smb'
   end
 
   def self.can_cleanup_files

diff --git a/lib/msf/core/optional_session.rb b/lib/msf/core/optional_session.rb
@@ -4,63 +4,8 @@
 
 # A mixin used for providing Modules with post-exploitation options and helper methods
 #
-module Msf::OptionalSession
-  include Msf::SessionCompatibility
-
-  def initialize(info = {})
-    super
-
-    if framework.features.enabled?(Msf::FeatureManager::SMB_SESSION_TYPE)
-      register_options(
-        [
-          Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
-          Msf::Opt::RHOST(nil, false),
-          Msf::Opt::RPORT(nil, false)
-        ]
-      )
-      add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
-    end
-
-    if framework.features.enabled?(Msf::FeatureManager::MYSQL_SESSION_TYPE)
-      register_options(
-        [
-          Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
-          Msf::Opt::RHOST(nil, false),
-          Msf::Opt::RPORT(3306, false)
-        ]
-      )
-      add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
-    end
-
-    if framework.features.enabled?(Msf::FeatureManager::POSTGRESQL_SESSION_TYPE)
-      register_options(
-        [
-          Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
-          Msf::OptString.new('DATABASE', [ false, 'The database to authenticate against', 'postgres']),
-          Msf::OptString.new('USERNAME', [ false, 'The username to authenticate as', 'postgres']),
-          Msf::Opt::RHOST(nil, false),
-          Msf::Opt::RPORT(5432, false)
-        ]
-      )
-      add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
-    end
-
-    if framework.features.enabled?(Msf::FeatureManager::MSSQL_SESSION_TYPE)
-      register_options(
-        [
-          Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
-          Msf::OptString.new('USERNAME', [ false, 'The username to authenticate as', 'MSSQL']),
-          Msf::Opt::RHOST(nil, false),
-          Msf::Opt::RPORT(1433, false)
-        ]
-      )
-      add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
-    end
-  end
-
-  def session
-    return nil unless (framework.features.enabled?(Msf::FeatureManager::SMB_SESSION_TYPE) || framework.features.enabled?(Msf::FeatureManager::POSTGRESQL_SESSION_TYPE) || framework.features.enabled?(Msf::FeatureManager::MYSQL_SESSION_TYPE) || framework.features.enabled?(Msf::FeatureManager::MSSQL_SESSION_TYPE))
-
-    super
+module Msf
+  module OptionalSession
+    include Msf::SessionCompatibility
   end
 end
diff --git a/lib/msf/core/optional_session/mssql.rb b/lib/msf/core/optional_session/mssql.rb
@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Msf
+  module OptionalSession
+    module MSSQL
+      include Msf::OptionalSession
+
+      def initialize(info = {})
+        super(
+          update_info(
+            info,
+            'SessionTypes' => %w[mssql]
+          )
+        )
+
+        if framework.features.enabled?(Msf::FeatureManager::MSSQL_SESSION_TYPE)
+          register_options(
+            [
+              Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
+              Msf::OptString.new('DATABASE', [ false, 'The database to authenticate against', 'MSSQL']),
+              Msf::OptString.new('USERNAME', [ false, 'The username to authenticate as', 'MSSQL']),
+              Msf::Opt::RHOST(nil, false),
+              Msf::Opt::RPORT(1433, false)
+            ]
+          )
+          add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
+        end
+      end
+
+      def session
+        return nil unless framework.features.enabled?(Msf::FeatureManager::MSSQL_SESSION_TYPE)
+
+        super
+      end
+    end
+  end
+end
diff --git a/lib/msf/core/optional_session/mysql.rb b/lib/msf/core/optional_session/mysql.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Msf
+  module OptionalSession
+    module MySQL
+      include Msf::OptionalSession
+
+      def initialize(info = {})
+        super(
+          update_info(
+            info,
+            'SessionTypes' => %w[mysql]
+          )
+        )
+
+        if framework.features.enabled?(Msf::FeatureManager::MYSQL_SESSION_TYPE)
+          register_options(
+            [
+              Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
+              Msf::Opt::RHOST(nil, false),
+              Msf::Opt::RPORT(3306, false)
+            ]
+          )
+          add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
+
+        end
+      end
+
+      def session
+        return nil unless framework.features.enabled?(Msf::FeatureManager::MYSQL_SESSION_TYPE)
+
+        super
+      end
+    end
+  end
+end
diff --git a/lib/msf/core/optional_session/postgresql.rb b/lib/msf/core/optional_session/postgresql.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Msf
+  module OptionalSession
+    module PostgreSQL
+      include Msf::OptionalSession
+
+      def initialize(info = {})
+        super(
+          update_info(
+            info,
+            'SessionTypes' => %w[postgresql]
+          )
+        )
+        if framework.features.enabled?(Msf::FeatureManager::POSTGRESQL_SESSION_TYPE)
+          register_options(
+            [
+              Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
+              Msf::OptString.new('DATABASE', [ false, 'The database to authenticate against', 'postgres']),
+              Msf::OptString.new('USERNAME', [ false, 'The username to authenticate as', 'postgres']),
+              Msf::Opt::RHOST(nil, false),
+              Msf::Opt::RPORT(5432, false)
+            ]
+          )
+          add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
+        end
+      end
+
+      def session
+        return nil unless framework.features.enabled?(Msf::FeatureManager::POSTGRESQL_SESSION_TYPE)
+
+        super
+      end
+    end
+  end
+end
diff --git a/lib/msf/core/optional_session/smb.rb b/lib/msf/core/optional_session/smb.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Msf
+  module OptionalSession
+    module SMB
+      include Msf::OptionalSession
+
+      def initialize(info = {})
+        super(
+          update_info(
+            info,
+            'SessionTypes' => %w[smb]
+          )
+        )
+
+
+        if framework.features.enabled?(Msf::FeatureManager::SMB_SESSION_TYPE)
+          register_options(
+            [
+              Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
+              Msf::Opt::RHOST(nil, false),
+              Msf::Opt::RPORT(443, false)
+            ]
+          )
+          add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
+        end
+      end
+
+      def session
+        return nil unless framework.features.enabled?(Msf::FeatureManager::SMB_SESSION_TYPE)
+
+        super
+      end
+    end
+  end
+end
diff --git a/lib/msf_autoload.rb b/lib/msf_autoload.rb
@@ -35,17 +35,17 @@ def camelize(basename, abspath)
         'PowerShell'
       elsif basename == 'ui' && abspath.end_with?("#{__dir__}/msf/core/module/ui", "#{__dir__}/msf/core/module/ui.rb", "#{__dir__}/rex/post/ui", "#{__dir__}/rex/post/ui.rb", "#{__dir__}/rex/post/meterpreter/extensions/stdapi/ui.rb")
         'UI'
+      elsif basename == 'mysql' && abspath.end_with?("#{__dir__}/msf/core/exploit/remote/mysql.rb")
+        'MYSQL'
       elsif basename == 'ssh' && abspath.end_with?("#{__dir__}/rex/proto/ssh")
         'Ssh'
       elsif basename == 'http' && abspath.end_with?("#{__dir__}/rex/proto/http")
         'Http'
       elsif basename == 'rftransceiver' && abspath.end_with?("#{__dir__}/rex/post/hwbridge/ui/console/command_dispatcher/rftransceiver.rb")
         'RFtransceiver'
-      elsif basename == 'mysql' && abspath.end_with?("#{__dir__}/msf/base/sessions/mysql.rb")
-        'MySQL'
       else
-       super
-    end
+        super
+      end
     end
   end
 
@@ -145,7 +145,7 @@ def custom_inflections
       'dcerpc_lsa' => 'DCERPC_LSA',
       'wdbrpc_client' => 'WDBRPC_Client',
       'sunrpc' => 'SunRPC',
-      'mysql' => 'MYSQL',
+      'mysql' => 'MySQL',
       'ldap' => 'LDAP',
       'sqli' => 'SQLi',
       'dhcp_server' => 'DHCPServer',

diff --git a/modules/auxiliary/admin/mssql/mssql_enum.rb b/modules/auxiliary/admin/mssql/mssql_enum.rb
@@ -6,7 +6,7 @@
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
   include Msf::Auxiliary::Report
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb b/modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb
@@ -5,7 +5,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb b/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb
@@ -6,7 +6,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -18,8 +18,7 @@ def initialize(info = {})
       },
       'Author'      => ['nullbind <scott.sutherland[at]netspi.com>'],
       'License'     => MSF_LICENSE,
-      'References'  => [['URL','http://msdn.microsoft.com/en-us/library/ms178640.aspx']],
-      'SessionTypes' => %w[MSSQL]
+      'References'  => [['URL','http://msdn.microsoft.com/en-us/library/ms178640.aspx']]
     ))
   end
 

diff --git a/modules/auxiliary/admin/mssql/mssql_exec.rb b/modules/auxiliary/admin/mssql/mssql_exec.rb
@@ -5,7 +5,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(
@@ -28,7 +28,6 @@ def initialize(info = {})
             [ 'URL', 'http://msdn.microsoft.com/en-us/library/cc448435(PROT.10).aspx'],
             [ 'URL', 'https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-oacreate-transact-sql'],
           ],
-        'SessionTypes' => %w[MSSQL],
       )
     )
 

diff --git a/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb b/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb
@@ -7,7 +7,7 @@ class MetasploitModule < Msf::Auxiliary
   include Msf::Auxiliary::Scanner
   include Msf::Auxiliary::Report
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mssql/mssql_idf.rb b/modules/auxiliary/admin/mssql/mssql_idf.rb
@@ -14,7 +14,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mssql/mssql_sql.rb b/modules/auxiliary/admin/mssql/mssql_sql.rb
@@ -5,7 +5,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mssql/mssql_sql_file.rb b/modules/auxiliary/admin/mssql/mssql_sql_file.rb
@@ -5,7 +5,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MSSQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mysql/mysql_enum.rb b/modules/auxiliary/admin/mysql/mysql_enum.rb
@@ -6,7 +6,7 @@
 class MetasploitModule < Msf::Auxiliary
   include Msf::Auxiliary::Report
   include Msf::Exploit::Remote::MYSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MySQL
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/modules/auxiliary/admin/mysql/mysql_sql.rb b/modules/auxiliary/admin/mysql/mysql_sql.rb
@@ -5,7 +5,7 @@
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MYSQL
-  include Msf::OptionalSession
+  include Msf::OptionalSession::MySQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -16,7 +16,6 @@ def initialize(info = {})
       },
       'Author'		=> [ 'Bernardo Damele A. G. <bernardo.damele[at]gmail.com>' ],
       'License'		=> MSF_LICENSE,
-      'SessionTypes' => %w[MySQL]
     ))
 
     register_options(
-Original file line number
+Diff line change
@@ Expand Up / @@ -53,7 +53,7 @@ def type @@
       # Returns the type of session.
       #
       def self.type
-        'MSSQL'
+        'mssql'
       end
       def self.can_cleanup_files
@@ Expand Down @@