created Job and Session classes and interfaces

Author: tux-mind

msf/src/main/java/org/csploit/msf/Job.java

@@ -0,0 +1,44 @@
+package org.csploit.msf;
+
+import java.util.Date;
+
+/**
+ * This class is the concrete representation of an abstract job.
+ */
+public class Job {
+
+  private JobContainer container;
+  private int id;
+  private String name;
+  protected Exploit exploit;
+  protected Payload payload;
+  private Date startTime;
+
+  public Job(JobContainer container, int id, String name, Exploit exploit, Payload payload) {
+    this.container = container;
+    this.id = id;
+    this.name = name;
+    this.exploit = exploit;
+    this.payload = payload;
+  }
+
+  public void setStartTime(Date startTime) {
+    this.startTime = startTime;
+  }
+
+  public int getId() {
+    return id;
+  }
+
+  public String getName() {
+    return name;
+  }
+
+  public Date getStartTime() {
+    return startTime;
+  }
+
+  public void stop() {
+    container.remove(id);
+  }
+}

msf/src/main/java/org/csploit/msf/JobContainer.java

@@ -0,0 +1,12 @@
+package org.csploit.msf;
+
+import java.util.HashMap;
+
+/**
+ * This class contains zero or more abstract jobs that can be enumerated and
+ * stopped in a generic fashion.  This is used to provide a mechanism for
+ * keeping track of arbitrary contexts that may or may not require a dedicated
+ * thread.
+ */
+public class JobContainer extends HashMap<Integer, Job> {
+}

msf/src/main/java/org/csploit/msf/Session.java

@@ -0,0 +1,155 @@
+package org.csploit.msf;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * The session class represents a post-exploitation, uh, session.
+ * Sessions can be written to, read from, and interacted with.  The
+ * underlying medium on which they are backed is arbitrary.  For
+ * instance, when an exploit is provided with a command shell,
+ * either through a network connection or locally, the session's
+ * read and write operations end up reading from and writing to
+ * the shell that was spawned.  The session object can be seen
+ * as a general means of interacting with various post-exploitation
+ * payloads through a common interface that is not necessarily
+ * tied to a network connection.
+ */
+public abstract class Session implements Offspring {
+  private Framework framework;
+  private int id;
+  private String localTunnel;
+  private String peerTunnel;
+  private Exploit exploit;
+  private Payload payload;
+  private String description;
+  private String info;
+  private String workspace;
+  private String sessionHost;
+  private int sessionPort;
+  private String targetHost;
+  private String username;
+  private String uuid;
+  private List<String> routes = new ArrayList<>();
+
+  public Session(int id) {
+    this.id = id;
+  }
+
+  public int getId() {
+    return id;
+  }
+
+  public String getLocalTunnel() {
+    return localTunnel;
+  }
+
+  public void setLocalTunnel(String localTunnel) {
+    this.localTunnel = localTunnel;
+  }
+
+  public String getPeerTunnel() {
+    return peerTunnel;
+  }
+
+  public void setPeerTunnel(String peerTunnel) {
+    this.peerTunnel = peerTunnel;
+  }
+
+  public Exploit getExploit() {
+    return exploit;
+  }
+
+  public void setExploit(Exploit exploit) {
+    this.exploit = exploit;
+  }
+
+  public Payload getPayload() {
+    return payload;
+  }
+
+  public void setPayload(Payload payload) {
+    this.payload = payload;
+  }
+
+  public String getDescription() {
+    return description;
+  }
+
+  public void setDescription(String description) {
+    this.description = description;
+  }
+
+  public String getInfo() {
+    return info;
+  }
+
+  public void setInfo(String info) {
+    this.info = info;
+  }
+
+  public String getWorkspace() {
+    return workspace;
+  }
+
+  public void setWorkspace(String workspace) {
+    this.workspace = workspace;
+  }
+
+  public String getSessionHost() {
+    return sessionHost;
+  }
+
+  public void setSessionHost(String sessionHost) {
+    this.sessionHost = sessionHost;
+  }
+
+  public int getSessionPort() {
+    return sessionPort;
+  }
+
+  public void setSessionPort(int sessionPort) {
+    this.sessionPort = sessionPort;
+  }
+
+  public String getTargetHost() {
+    return targetHost;
+  }
+
+  public void setTargetHost(String targetHost) {
+    this.targetHost = targetHost;
+  }
+
+  public String getUsername() {
+    return username;
+  }
+
+  public void setUsername(String username) {
+    this.username = username;
+  }
+
+  public String getUuid() {
+    return uuid;
+  }
+
+  public void setUuid(String uuid) {
+    this.uuid = uuid;
+  }
+
+  @Override
+  public boolean haveFramework() {
+    return framework != null;
+  }
+
+  @Override
+  public Framework getFramework() {
+    return framework;
+  }
+
+  @Override
+  public void setFramework(Framework framework) {
+    this.framework = framework;
+  }
+
+  public abstract String getType();
+}

msf/src/main/java/org/csploit/msf/SessionManager.java

@@ -0,0 +1,37 @@
+package org.csploit.msf;
+
+import java.util.HashMap;
+
+/**
+ * The purpose of the session manager is to keep track of sessions that are
+ * created during the course of a framework instance's lifetime.  When
+ * exploits succeed, the payloads they use will create a session object,
+ * where applicable, there will implement zero or more of the core
+ * supplied interfaces for interacting with that session.  For instance,
+ * if the payload supports reading and writing from an executed process,
+ * the session would implement SimpleCommandShell in a method that is
+ * applicable to the way that the command interpreter is communicated
+ * with.
+ */
+public class SessionManager extends HashMap<Integer, Session> implements Offspring {
+  private Framework framework;
+
+  public SessionManager(Framework framework) {
+    this.framework = framework;
+  }
+
+  @Override
+  public Framework getFramework() {
+    return framework;
+  }
+
+  @Override
+  public boolean haveFramework() {
+    return framework != null;
+  }
+
+  @Override
+  public void setFramework(Framework framework) {
+    this.framework = framework;
+  }
+}

msf/src/main/java/org/csploit/msf/session/CommandShell.java

@@ -0,0 +1,19 @@
+package org.csploit.msf.session;
+
+import org.csploit.msf.Session;
+
+/**
+ * This class provides basic interaction with a command shell on the remote
+ * endpoint.  This session is initialized with a stream that will be used
+ * as the pipe for reading and writing the command shell.
+ */
+public abstract class CommandShell extends Session implements SingleCommandShell, Scriptable {
+  public CommandShell(int id) {
+    super(id);
+  }
+
+  @Override
+  public String getType() {
+    return "shell";
+  }
+}

msf/src/main/java/org/csploit/msf/session/Meterpreter.java

@@ -0,0 +1,19 @@
+package org.csploit.msf.session;
+
+import org.csploit.msf.Session;
+
+/**
+ * This class represents a session compatible interface to a meterpreter server
+ * instance running on a remote machine.  It provides the means of interacting
+ * with the server instance both at an API level as well as at a console level.
+ */
+public abstract class Meterpreter extends Session implements SingleCommandShell, Scriptable {
+  public Meterpreter(int id) {
+    super(id);
+  }
+
+  @Override
+  public String getType() {
+    return "meterpreter";
+  }
+}

msf/src/main/java/org/csploit/msf/session/MultiCommandExecution.java

@@ -0,0 +1,12 @@
+package org.csploit.msf.session;
+
+/**
+ * Executes multiple commands and optionally allows for reading/writing I/O
+ * to the new processes.
+ */
+public interface MultiCommandExecution extends SingleCommandExecution {
+  int exec(String cmd, String[] args, boolean hidden);
+  String read(int length, int id);
+  int write(String data, int id);
+  void close(int id);
+}

msf/src/main/java/org/csploit/msf/session/MultiCommandShell.java

@@ -0,0 +1,14 @@
+package org.csploit.msf.session;
+
+/**
+ * This interface is to be implemented by a session that is capable of
+ * providing multiple command shell interfaces simultaneously.  Inherently,
+ * MultiCommandShell classes must also provide a mechanism by which they can
+ * implement the SingleCommandShell interface.
+ */
+public interface MultiCommandShell extends SingleCommandShell {
+  int open();
+  String read(int length, int id);
+  int write(String data, int id);
+  void close(int id);
+}

msf/src/main/java/org/csploit/msf/session/Scriptable.java

@@ -0,0 +1,9 @@
+package org.csploit.msf.session;
+
+/**
+ * Represent a session that can run scripts
+ */
+public interface Scriptable {
+  boolean executeFile(String path, String[] args);
+  int executeScript(String scriptName, String[] args);
+}

msf/src/main/java/org/csploit/msf/session/SingleCommandExecution.java

@@ -0,0 +1,14 @@
+package org.csploit.msf.session;
+
+/**
+ * Executes a single command and optionally allows for reading/writing I/O
+ * to the new process.
+ *
+ * footnote: I didn't found any implementors of this interface in the framework
+ */
+public interface SingleCommandExecution {
+  void init(String cmd, String[] args); // TODO: options ??
+  String read(int length);
+  int write(String data);
+  void close();
+}