Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to reload all libs when calling run or check on a module #18381

Merged
merged 1 commit into from
Oct 13, 2023
Merged

Add option to reload all libs when calling run or check on a module #18381

merged 1 commit into from
Oct 13, 2023

Conversation

sjanusz-r7
Copy link
Contributor

@sjanusz-r7 sjanusz-r7 commented Sep 18, 2023
edited
Loading

This PR adds in a new -r and --reload-libs flag that allows for reloading all libraries before running check, recheck, to_handler, reload, run and rerun. The libraries are reloaded before other argument parsing takes place.

Example

msf6 exploit(windows/local/cve_2023_28252_clfs_driver) > check -r session=-1
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/developer.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/module_action_commands.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/module_argument_parsing.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/post.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/auxiliary.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/evasion.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/module_command_dispatcher.rb
[*] The target is not exploitable.
msf6 exploit(windows/local/cve_2023_28252_clfs_driver) > recheck -r session=-1
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/developer.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/module_action_commands.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/module_argument_parsing.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/post.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/auxiliary.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher/evasion.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/command_dispatcher.rb
[*] Reloading /Users/sjanusz/Programming/metasploit-framework/lib/msf/ui/console/module_command_dispatcher.rb
[*] Reloading module...
[*] The target is not exploitable.

Verification

  • Start msfconsole
  • use a module such as exploit/windows/local/cve_2023_28252_clfs_driver
  • check if check -r reloads all libraries but not the module
  • check if recheck -r reloads the module and all libraries
  • check if run -r reloads all libraries but not the module
  • check if rerun -r reloads the module and all libraries
  • check if to_handler -r reloads all libraries and correctly starts a payload handler
  • check if reload -r reloads all libraries and the current module
  • check if reload reloads only the current module
  • ensure the -r command works for exploit, post, auxiliary and evasion modules
  • ensure the -r, --reload-libs flag shows up when you call -h for check and run commands
  • ensure the -r, --reload-libs command gets tab-completed

@sjanusz-r7 sjanusz-r7 force-pushed the combine-reload-functionality branch from 1499e4c to 034334f Compare September 18, 2023 16:13
adfoster-r7
adfoster-r7 reviewed Sep 18, 2023
View reviewed changes
lib/msf/ui/console/command_dispatcher/exploit.rb
@@ -74,6 +74,7 @@ def cmd_run_tabs(str, words)
'-n' => [ framework.nops.map { |refname, mod| refname } ],
'-o' => [ true ],
'-p' => [ framework.payloads.map { |refname, mod| refname } ],
'-r' => [ nil ],
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's not action this just yet, but maybe we could bikeshed on whether reload -a makes sense or not versus reload -r - aligning with the existing convention f reload_lib -a in terms of muscle memory

But I guess it's not got the issue with reload -a potentially indicating to the user that it will reload all modules (which we already have reload_all for) 🤔

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cc @smcintyre-r7 Any preferences here? 👀

@sjanusz-r7 sjanusz-r7 force-pushed the combine-reload-functionality branch from 034334f to 126c198 Compare October 4, 2023 14:00
adfoster-r7
adfoster-r7 reviewed Oct 13, 2023
View reviewed changes
lib/msf/ui/console/module_command_dispatcher.rb
@@ -243,6 +247,12 @@ def check_simple(instance=nil)
# Reloads the active module
#
def cmd_reload(*args)
if args.include?('-r') || args.include?('--reload-libs')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's update the help menu

msf6 auxiliary(scanner/postgres/postgres_login) > reload -h
Usage: reload [-k]

Reloads the current module.

OPTIONS:

    -h  Help banner.
    -k  Stop the current job before reloading.

@adfoster-r7
Copy link
Contributor

adfoster-r7 commented Oct 13, 2023
edited
Loading

Run through all the permutations and everything seems to be working as expected 👍

<ruby>

  modules = [
    "auxiliary/scanner/http/title",
    "evasion/windows/syscall_inject",
    "exploit/multi/http/gitlab_exif_rce",
    "payload/windows/meterpreter/reverse_https_proxy",
    "payload/cmd/unix/reverse_php_ssl",
    "post/windows/gather/memory_dump",
  ]

def run_command_with_log(command)
  puts "> #{command}"
  run_single(command)
end

modules.each do |mod|
  puts "Running with mod #{mod}"
  puts '-' * 20
  run_command_with_log "use #{mod}"
  run_command_with_log "reload -r"
  run_command_with_log "reload"
  run_command_with_log "check"
  run_command_with_log "check -r"
  run_command_with_log "recheck"
  run_command_with_log "recheck -r"
  run_command_with_log "run"
  run_command_with_log "run -r"
  run_command_with_log "rerun"
  run_command_with_log "rerun -r"
  puts ""
end
</ruby>

Expected output

msf6 post(windows/gather/memory_dump) > resource tests.rc
[*] Processing /Users/user/Documents/code/metasploit-framework/tests.rc for ERB directives.
[*] resource (/Users/user/Documents/code/metasploit-framework/tests.rc)> Ruby Code (801 bytes)
Running with mod auxiliary/scanner/http/title
--------------------
> use auxiliary/scanner/http/title
> reload -r
[*] Reloading /Users/user/Documents/code/metasploit-framework/lib/msf/ui/console/command_dispatcher/developer.rb
[-] /Users/user/Documents/code/metasploit-framework/tests.rc must exist and be a .rb file
[*] Reloading module...
> reload
msf6 post(windows/gather/memory_dump) > resource tests.rc
[*] Processing /Users/user/Documents/code/metasploit-framework/tests.rc for ERB directives.
[*] resource (/Users/user/Documents/code/metasploit-framework/tests.rc)> Ruby Code (801 bytes)
Running with mod auxiliary/scanner/http/title
--------------------
> use auxiliary/scanner/http/title
> reload -r
[*] Reloading /Users/user/Documents/code/metasploit-framework/lib/msf/ui/console/command_dispatcher/developer.rb
[-] /Users/user/Documents/code/metasploit-framework/tests.rc must exist and be a .rb file
[*] Reloading module...
> reload
...etc...

@adfoster-r7 adfoster-r7 merged commit 5f6b8dc into rapid7:master Oct 13, 2023
32 checks passed
@adfoster-r7 adfoster-r7 added the rn-enhancement release notes enhancement label Oct 13, 2023
@adfoster-r7
Copy link
Contributor

Release Notes

Adds new options -r and --reload-libs to the check, recheck, to_handler, reload, run and rerun commands. This new option will reload all library files before performing the original command.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

Assignees
No one assigned
Labels
rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sjanusz-r7 @adfoster-r7