-
Notifications
You must be signed in to change notification settings - Fork 2.3k
/
interpreter.py
451 lines (367 loc) · 16.3 KB
/
interpreter.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
from __future__ import print_function
import os
import sys
import itertools
import traceback
import atexit
from routersploit.exceptions import RoutersploitException
from routersploit.exploits import GLOBAL_OPTS
from routersploit import utils
if sys.platform == "darwin":
import gnureadline as readline
else:
import readline
class BaseInterpreter(object):
history_file = os.path.expanduser("~/.history")
history_length = 100
global_help = ""
def __init__(self):
self.setup()
self.banner = ""
def setup(self):
""" Initialization of third-party libraries
Setting interpreter history.
Setting appropriate completer function.
:return:
"""
if not os.path.exists(self.history_file):
open(self.history_file, 'a+').close()
readline.read_history_file(self.history_file)
readline.set_history_length(self.history_length)
atexit.register(readline.write_history_file, self.history_file)
readline.parse_and_bind('set enable-keypad on')
readline.set_completer(self.complete)
readline.set_completer_delims(' \t\n;')
readline.parse_and_bind("tab: complete")
def parse_line(self, line):
""" Split line into command and argument.
:param line: line to parse
:return: (command, argument)
"""
command, _, arg = line.strip().partition(" ")
return command, arg.strip()
@property
def prompt(self):
""" Returns prompt string """
return ">>>"
def get_command_handler(self, command):
""" Parsing command and returning appropriate handler.
:param command: command
:return: command_handler
"""
try:
command_handler = getattr(self, "command_{}".format(command))
except AttributeError:
raise RoutersploitException("Unknown command: '{}'".format(command))
return command_handler
def start(self):
""" Routersploit main entry point. Starting interpreter loop. """
print(self.banner)
while True:
try:
command, args = self.parse_line(raw_input(self.prompt))
if not command:
continue
command_handler = self.get_command_handler(command)
command_handler(args)
except RoutersploitException as err:
utils.print_error(err)
except EOFError:
print()
utils.print_status("routersploit stopped")
break
except KeyboardInterrupt:
print()
def complete(self, text, state):
"""Return the next possible completion for 'text'.
If a command has not been entered, then complete against command list.
Otherwise try to call complete_<command> to get list of completions.
"""
if state == 0:
original_line = readline.get_line_buffer()
line = original_line.lstrip()
stripped = len(original_line) - len(line)
start_index = readline.get_begidx() - stripped
end_index = readline.get_endidx() - stripped
if start_index > 0:
cmd, args = self.parse_line(line)
if cmd == '':
complete_function = self.default_completer
else:
try:
complete_function = getattr(self, 'complete_' + cmd)
except AttributeError:
complete_function = self.default_completer
else:
complete_function = self.raw_command_completer
self.completion_matches = complete_function(text, line, start_index, end_index)
try:
return self.completion_matches[state]
except IndexError:
return None
def commands(self, *ignored):
""" Returns full list of interpreter commands.
:param ignored:
:return: full list of interpreter commands
"""
return [command.rsplit("_").pop() for command in dir(self) if command.startswith("command_")]
def raw_command_completer(self, text, line, start_index, end_index):
""" Complete command w/o any argument """
return filter(lambda entry: entry.startswith(text), self.suggested_commands())
def default_completer(self, *ignored):
return []
def suggested_commands(self):
""" Entry point for intelligent tab completion.
Overwrite this method to suggest suitable commands.
:return: list of suitable commands
"""
return self.commands()
class RoutersploitInterpreter(BaseInterpreter):
history_file = os.path.expanduser("~/.rsf_history")
global_help = """Global commands:
help Print this help menu
use <module> Select a module for usage
exec <shell command> <args> Execute a command in a shell
exit Exit RouterSploit"""
module_help = """Module commands:
run Run the selected module with the given options
back De-select the current module
set <option name> <option value> Set an option for the selected module
setg <option name> <option value> Set an option for all of the modules
unsetg <option name> Unset option that was set globally
show [info|options|devices] Print information, options, or target devices for a module
check Check if a given target is vulnerable to a selected module's exploit"""
def __init__(self):
super(RoutersploitInterpreter, self).__init__()
self.current_module = None
self.raw_prompt_template = None
self.module_prompt_template = None
self.prompt_hostname = 'rsf'
self.show_sub_commands = ('info', 'options', 'devices', 'all', 'creds', 'exploits', 'scanners')
self.modules = utils.index_modules()
self.main_modules_dirs = [module for module in os.listdir(utils.MODULES_DIR) if not module.startswith("__")]
self.__parse_prompt()
self.banner = """ ______ _ _____ _ _ _
| ___ \ | | / ___| | | (_) |
| |_/ /___ _ _| |_ ___ _ __\ `--. _ __ | | ___ _| |_
| // _ \| | | | __/ _ \ '__|`--. \ '_ \| |/ _ \| | __|
| |\ \ (_) | |_| | || __/ | /\__/ / |_) | | (_) | | |_
\_| \_\___/ \__,_|\__\___|_| \____/| .__/|_|\___/|_|\__|
| |
Router Exploitation Framework |_|
Dev Team : Marcin Bury (lucyoa) & Mariusz Kupidura (fwkz)
Codename : Bad Blood
Version : 2.2.0
Total module count: {modules_count}
""".format(modules_count=len(self.modules))
def __parse_prompt(self):
raw_prompt_default_template = "\001\033[4m\002{host}\001\033[0m\002 > "
raw_prompt_template = os.getenv("RSF_RAW_PROMPT", raw_prompt_default_template).replace('\\033', '\033')
self.raw_prompt_template = raw_prompt_template if '{host}' in raw_prompt_template else raw_prompt_default_template
module_prompt_default_template = "\001\033[4m\002{host}\001\033[0m\002 (\001\033[91m\002{module}\001\033[0m\002) > "
module_prompt_template = os.getenv("RSF_MODULE_PROMPT", module_prompt_default_template).replace('\\033', '\033')
self.module_prompt_template = module_prompt_template if all(map(lambda x: x in module_prompt_template, ['{host}', "{module}"])) else module_prompt_default_template
@property
def module_metadata(self):
return getattr(self.current_module, "_{}__info__".format(self.current_module.__class__.__name__))
@property
def prompt(self):
""" Returns prompt string based on current_module attribute.
Adding module prefix (module.name) if current_module attribute is set.
:return: prompt string with appropriate module prefix.
"""
if self.current_module:
try:
return self.module_prompt_template.format(host=self.prompt_hostname, module=self.module_metadata['name'])
except (AttributeError, KeyError):
return self.module_prompt_template.format(host=self.prompt_hostname, module="UnnamedModule")
else:
return self.raw_prompt_template.format(host=self.prompt_hostname)
def available_modules_completion(self, text):
""" Looking for tab completion hints using setup.py entry_points.
May need optimization in the future!
:param text: argument of 'use' command
:return: list of tab completion hints
"""
text = utils.pythonize_path(text)
all_possible_matches = filter(lambda x: x.startswith(text), self.modules)
matches = set()
for match in all_possible_matches:
head, sep, tail = match[len(text):].partition('.')
if not tail:
sep = ""
matches.add("".join((text, head, sep)))
return list(map(utils.humanize_path, matches)) # humanize output, replace dots to forward slashes
def suggested_commands(self): # TODO: sorted list, factor out generic commands
""" Entry point for intelligent tab completion.
Based on state of interpreter this method will return intelligent suggestions.
:return: list of most accurate command suggestions
"""
if self.current_module:
module_commands = ['run', 'back', 'set ', 'setg ', 'show ', 'check', 'exec ', 'help', 'exit']
if GLOBAL_OPTS.keys():
return itertools.chain(module_commands, ('unsetg ',))
return module_commands
else:
return ['use ', 'exec', 'help', 'exit', 'show ']
def command_back(self, *args, **kwargs):
self.current_module = None
def command_use(self, module_path, *args, **kwargs):
module_path = utils.pythonize_path(module_path)
module_path = '.'.join(('routersploit', 'modules', module_path))
# module_path, _, exploit_name = module_path.rpartition('.')
try:
self.current_module = utils.import_exploit(module_path)()
except RoutersploitException as err:
utils.print_error(err.message)
@utils.stop_after(2)
def complete_use(self, text, *args, **kwargs):
if text:
return self.available_modules_completion(text)
else:
return self.main_modules_dirs
@utils.module_required
def command_run(self, *args, **kwargs):
utils.print_status("Running module...")
try:
self.current_module.run()
except KeyboardInterrupt:
print()
utils.print_error("Operation cancelled by user")
except:
utils.print_error(traceback.format_exc(sys.exc_info()))
def command_exploit(self, *args, **kwargs):
self.command_run()
@utils.module_required
def command_set(self, *args, **kwargs):
key, _, value = args[0].partition(' ')
if key in self.current_module.options:
setattr(self.current_module, key, value)
if kwargs.get("glob", False):
GLOBAL_OPTS[key] = value
utils.print_success({key: value})
else:
utils.print_error("You can't set option '{}'.\n"
"Available options: {}".format(key, self.current_module.options))
@utils.stop_after(2)
def complete_set(self, text, *args, **kwargs):
if text:
return [' '.join((attr, "")) for attr in self.current_module.options if attr.startswith(text)]
else:
return self.current_module.options
@utils.module_required
def command_setg(self, *args, **kwargs):
kwargs['glob'] = True
self.command_set(*args, **kwargs)
@utils.stop_after(2)
def complete_setg(self, text, *args, **kwargs):
return self.complete_set(text, *args, **kwargs)
@utils.module_required
def command_unsetg(self, *args, **kwargs):
key, _, value = args[0].partition(' ')
try:
del GLOBAL_OPTS[key]
except KeyError:
utils.print_error("You can't unset global option '{}'.\n"
"Available global options: {}".format(key, GLOBAL_OPTS.keys()))
else:
utils.print_success({key: value})
@utils.stop_after(2)
def complete_unsetg(self, text, *args, **kwargs):
if text:
return [' '.join((attr, "")) for attr in GLOBAL_OPTS.keys() if attr.startswith(text)]
else:
return GLOBAL_OPTS.keys()
@utils.module_required
def get_opts(self, *args):
""" Generator returning module's Option attributes (option_name, option_value, option_description)
:param args: Option names
:return:
"""
for opt_key in args:
try:
opt_description = self.current_module.exploit_attributes[opt_key]
opt_value = getattr(self.current_module, opt_key)
except (KeyError, AttributeError):
pass
else:
yield opt_key, opt_value, opt_description
@utils.module_required
def _show_info(self, *args, **kwargs):
utils.pprint_dict_in_order(
self.module_metadata,
("name", "description", "devices", "authors", "references"),
)
utils.print_info()
@utils.module_required
def _show_options(self, *args, **kwargs):
target_opts = {'port', 'target'}
module_opts = set(self.current_module.options) - target_opts
headers = ("Name", "Current settings", "Description")
utils.print_info('\nTarget options:')
utils.print_table(headers, *self.get_opts(*target_opts))
if module_opts:
utils.print_info('\nModule options:')
utils.print_table(headers, *self.get_opts(*module_opts))
utils.print_info()
@utils.module_required
def _show_devices(self, *args, **kwargs): # TODO: cover with tests
try:
devices = self.current_module._Exploit__info__['devices']
print("\nTarget devices:")
i = 0
for device in devices:
if isinstance(device, dict):
print(" {} - {}".format(i, device['name']))
else:
print(" {} - {}".format(i, device))
i += 1
print()
except KeyError:
print("\nTarget devices are not defined")
def __show_modules(self, root=''):
for module in [module for module in self.modules if module.startswith(root)]:
print(module.replace('.', os.sep))
def _show_all(self, *args, **kwargs):
self.__show_modules()
def _show_scanners(self, *args, **kwargs):
self.__show_modules('scanners')
def _show_exploits(self, *args, **kwargs):
self.__show_modules('exploits')
def _show_creds(self, *args, **kwargs):
self.__show_modules('creds')
def command_show(self, *args, **kwargs):
sub_command = args[0]
try:
getattr(self, "_show_{}".format(sub_command))(*args, **kwargs)
except AttributeError:
utils.print_error("Unknown 'show' sub-command '{}'. "
"What do you want to show?\n"
"Possible choices are: {}".format(sub_command, self.show_sub_commands))
@utils.stop_after(2)
def complete_show(self, text, *args, **kwargs):
if text:
return [command for command in self.show_sub_commands if command.startswith(text)]
else:
return self.show_sub_commands
@utils.module_required
def command_check(self, *args, **kwargs):
try:
result = self.current_module.check()
except Exception as error:
utils.print_error(error)
else:
if result is True:
utils.print_success("Target is vulnerable")
elif result is False:
utils.print_error("Target is not vulnerable")
else:
utils.print_status("Target could not be verified")
def command_help(self, *args, **kwargs):
print(self.global_help)
if self.current_module:
print("\n", self.module_help)
def command_exec(self, *args, **kwargs):
os.system(args[0])
def command_exit(self, *args, **kwargs):
raise EOFError