fixes rapid7#587; add http xmlrpc support from Ryan Linn, invoke it w…

…ith 'load xmlrpc ServerType=Web' or ./msfrpcd -t Web git-svn-id: file:///home/svn/framework3/trunk@7667 4d416f70-5f16-0410-b530-b9f4589650da
red0xff · Dec 2, 2009 · dfabd1e · dfabd1e
1 parent e427bd5
commit dfabd1e
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 4 deletions.
diff --git a/lib/msf/core/rpc/module.rb b/lib/msf/core/rpc/module.rb
@@ -125,8 +125,8 @@ def options(token, mtype, mname)
 	def execute(token, mtype, mname, opts)
 		authenticate(token)
 
-		begin
 		mod = _find_module(mtype,mname)
+		begin
 		case mtype
 			when 'exploit'
 				_run_exploit(mod, opts)

diff --git a/lib/msf/core/rpc/service.rb b/lib/msf/core/rpc/service.rb
@@ -1,6 +1,8 @@
 require "xmlrpc/server"
+require 'rex/service_manager'
 require "rex"
 
+
 module Msf
 module RPC
 class Service < ::XMLRPC::BasicServer
@@ -71,5 +73,69 @@ def procxml(c)
 	end
 
 end
+
+class WebService < ::XMLRPC::BasicServer
+
+	attr_accessor :service, :state, :srvhost, :srvport, :uri
+
+
+	def initialize(port, host, uri = "/RPC2")
+		self.srvhost = host
+		self.srvport = port
+		self.uri = uri
+                self.service = nil
+		super()
+	end
+
+	def start
+		self.state = {}
+		self.service = Rex::ServiceManager.start(
+                        Rex::Proto::Http::Server,
+                        self.srvport ,
+                        self.srvhost,
+			{
+			}
+		)
+
+		uopts = {
+                        'Proc' => Proc.new { |cli, req|
+                                        on_request_uri(cli, req)
+                                },
+                        'Path' => self.uri
+		}
+
+		self.service.add_resource(self.uri,uopts)
+	end
+
+	def stop
+		self.state = {}
+		self.service.stop
+	end
+
+	def wait
+		self.service.wait
+	end
+
+	def on_client_close(c)
+		self.state.delete(c)
+	end
+
+	def on_client_connect(c)
+		self.state[c] = ""
+	end
+	def on_request_uri(cli, req)
+		begin 
+			res = Rex::Proto::Http::Response.new()
+			res.body = process(req.body) 
+		rescue XMLRPC::FaultException => e
+			res = Rex::Proto::Http::Response.new(e.faultCode,e.faultString)
+		rescue
+			res = Rex::Proto::Http::Response.new(404,"An Error Occured")
+		end
+		cli.send_response(res)
+	end
+
+end
+
 end
 end
diff --git a/msfrpcd b/msfrpcd
@@ -21,6 +21,8 @@ arguments = Rex::Parser::Arguments.new(
 	"-p" => [ true,  "Bind to this port instead of 55553"                   ],
 	"-U" => [ true,  "Specify the username to access msfrpcd"               ],
 	"-P" => [ true,  "Specify the password to access msfrpcd"               ],
+	"-t" => [ true,  "Server type, [Basic|Web]"                             ],
+	"-u" => [ true,  "URI for Web server"                                   ],
 	"-S" => [ false, "Disable SSL on the XMLRPC socket"                     ],
 	"-f" => [ false, "Run the daemon in the foreground"                     ],
 	"-h" => [ false, "Help banner"                                          ])
@@ -29,7 +31,8 @@ opts = {
 	'RunInForeground' => true,
 	'SSL'             => true,
 	'ServerHost'      => '0.0.0.0',
-	'ServerPort'      => 55553
+	'ServerPort'      => 55553,
+	'ServerType'      => 'Basic'
 }
 
 foreground = false
@@ -50,6 +53,10 @@ arguments.parse(ARGV) { |opt, idx, val|
 			opts['Pass'] = val
 		when "-f"
 			foreground = true
+		when "-t"
+			opts['ServerType'] = val 
+		when "-u"
+			opts['URI'] = val  
 		when "-h"
 			print("\nUsage: #{File.basename(__FILE__)} <options>\n" +	arguments.usage)
 			exit
@@ -63,7 +70,9 @@ end
 
 $0 = "msfrpcd"
 
-$stderr.puts "[*] XMLRPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"})..."
+$stderr.puts "[*] XMLRPC starting on #{opts['ServerHost']}:#{opts['ServerPort']} (#{opts['SSL'] ? "SSL" : "NO SSL"}):#{opts['ServerType']}..."
+
+$stderr.puts "[*] URI: #{opts['URI']}" if(opts['URI'])
 
 # Create an instance of the framework
 $framework = Msf::Simple::Framework.create

diff --git a/plugins/xmlrpc.rb b/plugins/xmlrpc.rb
@@ -45,13 +45,23 @@ def initialize(framework, opts)
 
 		user = opts['User'] || "msf"
 		pass = opts['Pass'] || ::Rex::Text.rand_text_alphanumeric(8)
+		type = opts['ServerType'] || "Basic"
+		uri  = opts['URI'] || "/RPC2"
 
 		print_status(" XMLRPC Service: #{host}:#{port} #{ssl ? " (SSL)" : ""}")
 		print_status("XMLRPC Username: #{user}")
 		print_status("XMLRPC Password: #{pass}")
+		print_status("XMLRPC Server Type: #{type}")
 
 		@users = [ [user,pass] ]
-		self.server	= ::Msf::RPC::Service.new(host,port,ssl,cert,ckey)
+		if(type == "Web")
+			print_status("XMLRPC Web URI: #{uri}")
+			self.server	= ::Msf::RPC::WebService.new(port,host,uri)
+		elsif(type == "Basic")
+			self.server	= ::Msf::RPC::Service.new(host,port,ssl,cert,ckey)
+		else
+			print_status("Invalid server type #{self.type}, please choose Web or Basic")
+		end
 
 		# If the run in foreground flag is not specified, then go ahead and fire
 		# it off in a worker thread.