Mirror of metasploit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

dhcp.rb 5.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254
  1. # -*- coding: binary -*-
  2. require 'rex/post/meterpreter'
  3. module Rex
  4. module Post
  5. module Meterpreter
  6. module Ui
  7. ###
  8. #
  9. # The DHCP portion of the lanattacks extension.
  10. #
  11. ###
  12. class Console::CommandDispatcher::Lanattacks::Dhcp
  13. Klass = Console::CommandDispatcher::Lanattacks::Dhcp
  14. include Console::CommandDispatcher
  15. #
  16. # List of supported commands.
  17. #
  18. def commands
  19. all = {
  20. "dhcp_start" => "Start the DHCP server",
  21. "dhcp_stop" => "Stop the DHCP server",
  22. "dhcp_reset" => "Reset the DHCP server",
  23. "dhcp_set_option" => "Set a DHCP server option",
  24. "dhcp_load_options" => "Load DHCP optionis from a datastore",
  25. "dhcp_log" => "Log DHCP server activity"
  26. }
  27. reqs = {
  28. "dhcp_start" => [ "lanattacks_start_dhcp" ],
  29. "dhcp_stop" => [ "lanattacks_stop_dhcp" ],
  30. "dhcp_reset" => [ "lanattacks_reset_dhcp" ],
  31. "dhcp_set_option" => [ "lanattacks_set_dhcp_option" ],
  32. "dhcp_load_options" => [ "lanattacks_set_dhcp_option" ],
  33. "dhcp_log" => [ "lanattacks_dhcp_log" ]
  34. }
  35. all.delete_if do |cmd, desc|
  36. del = false
  37. reqs[cmd].each do |req|
  38. next if client.commands.include? req
  39. del = true
  40. break
  41. end
  42. del
  43. end
  44. all
  45. end
  46. #
  47. # Name for this dispatcher.
  48. #
  49. def name
  50. "Lanattacks: DHCP"
  51. end
  52. @@dhcp_start_opts = Rex::Parser::Arguments.new(
  53. "-h" => [ false, "Help banner." ])
  54. def print_dhcp_start_usage
  55. print("dhcp_start [-h]\n\n" +
  56. "Starts a DHCP server in the current Meterpreter session.\n" +
  57. @@dhcp_start_opts.usage + "\n")
  58. end
  59. def cmd_dhcp_start(*args)
  60. @@dhcp_start_opts.parse(args) { |opt, idx, val|
  61. case opt
  62. when '-h'
  63. print_dhcp_start_usage
  64. return true
  65. end
  66. }
  67. print_status( "Starting DHCP server ...")
  68. client.lanattacks.dhcp.start
  69. print_good( "DHCP server startd.")
  70. end
  71. @@dhcp_stop_opts = Rex::Parser::Arguments.new(
  72. "-h" => [ false, "Help banner." ])
  73. def print_dhcp_stop_usage
  74. print("dhcp_stop [-h]\n\n" +
  75. "Stops the currently running DHCP server.\n" +
  76. @@dhcp_stop_opts.usage + "\n")
  77. end
  78. def cmd_dhcp_stop(*args)
  79. @@dhcp_stop_opts.parse(args) { |opt, idx, val|
  80. case opt
  81. when '-h'
  82. print_dhcp_stop_usage
  83. return true
  84. end
  85. }
  86. print_status( "Stopping DHCP server ...")
  87. client.lanattacks.dhcp.stop
  88. print_good( "DHCP server stopped.")
  89. end
  90. @@dhcp_reset_opts = Rex::Parser::Arguments.new(
  91. "-h" => [ false, "Help banner." ])
  92. def print_dhcp_reset_usage
  93. print("dhcp_reset [-h]\n\n" +
  94. "Resets the currently running DHCP server.\n" +
  95. @@dhcp_reset_opts.usage + "\n")
  96. end
  97. def cmd_dhcp_reset(*args)
  98. @@dhcp_reset_opts.parse(args) { |opt, idx, val|
  99. case opt
  100. when '-h'
  101. print_dhcp_reset_usage
  102. return true
  103. end
  104. }
  105. print_status( "Resetting DHCP server ...")
  106. client.lanattacks.dhcp.reset
  107. print_good( "DHCP server reset.")
  108. end
  109. @@dhcp_set_option_opts = Rex::Parser::Arguments.new(
  110. "-h" => [ false, "Help banner." ])
  111. @@dhcp_set_option_valid_options = [
  112. "BROADCAST", "DHCPIPEND", "DHCPIPSTART", "DNSSERVER",
  113. "FILENAME", "HOSTNAME", "HOSTSTART", "NETMASK",
  114. "PXE", "PXECONF", "ROUTER", "SERVEONCE", "SRVHOST"
  115. ]
  116. def print_dhcp_set_option_usage
  117. print("dhcp_set_option <name> <value> [-h]\n\n" +
  118. "Set a DHCP server option.\n\n" +
  119. "Valid names are:\n" +
  120. @@dhcp_set_option_valid_options.map {|o| " - #{o}\n" }.join('') +
  121. @@dhcp_set_option_opts.usage + "\n")
  122. end
  123. def cmd_dhcp_set_option(*args)
  124. @@dhcp_set_option_opts.parse(args) { |opt, idx, val|
  125. case opt
  126. when '-h'
  127. print_dhcp_set_option_usage
  128. return true
  129. end
  130. }
  131. if args.length < 2
  132. print_dhcp_set_option_usage
  133. return true
  134. end
  135. name = args.shift.upcase
  136. value = args.shift
  137. if not @@dhcp_set_option_valid_options.include? name
  138. print_error( "Invalid option name '#{name}'." )
  139. return true
  140. end
  141. client.lanattacks.dhcp.set_option(name, value)
  142. end
  143. @@dhcp_load_options_opts = Rex::Parser::Arguments.new(
  144. "-h" => [ false, "Help banner." ])
  145. def print_dhcp_load_options_usage
  146. print("dhcp_load_options <datastore> [-h]\n\n" +
  147. "Load settings from a datastore to the active DHCP server.\n\n" +
  148. "The datastore must be a hash of name/value pairs.\n" +
  149. "Valid names are:\n" +
  150. @@dhcp_set_option_valid_options.map {|o| " - #{o}\n" }.join('') +
  151. @@dhcp_set_option_opts.usage + "\n")
  152. end
  153. def cmd_dhcp_load_options(*args)
  154. @@dhcp_set_option_opts.parse(args) { |opt, idx, val|
  155. case opt
  156. when '-h'
  157. print_dhcp_set_option_usage
  158. return true
  159. end
  160. }
  161. if args.length < 1
  162. print_dhcp_load_options_usage
  163. return true
  164. end
  165. datastore = args.shift
  166. if not datastore.is_a?(Hash)
  167. print_dhcp_load_options_usage
  168. return true
  169. end
  170. client.lanattacks.dhcp.load_options(datastore)
  171. end
  172. @@dhcp_log_opts = Rex::Parser::Arguments.new(
  173. "-h" => [ false, "Help banner." ])
  174. def print_dhcp_log_usage
  175. print("dhcp_log [-h]\n\n" +
  176. "Logs the DHCP operations captured by the DHCP server.\n" +
  177. @@dhcp_log_opts.usage + "\n")
  178. end
  179. def cmd_dhcp_log(*args)
  180. @@dhcp_log_opts.parse(args) { |opt, idx, val|
  181. case opt
  182. when '-h'
  183. print_dhcp_log_usage
  184. return true
  185. end
  186. }
  187. log = client.lanattacks.dhcp.log
  188. table = Rex::Text::Table.new(
  189. 'Header' => 'DHCP Server Log',
  190. 'Indent' => 0,
  191. 'SortIndex' => 0,
  192. 'Columns' => [ 'MAC Address', 'IP Address' ]
  193. )
  194. log.each { |l|
  195. table << [ l[:mac], l[:ip] ]
  196. }
  197. print_line
  198. print_line( table.to_s )
  199. print_line( "Total log entries: #{log.length}" )
  200. print_line
  201. end
  202. end
  203. end
  204. end
  205. end
  206. end