Skip to content

Commit

Permalink
Adds a test module for host resolution
Browse files Browse the repository at this point in the history
  • Loading branch information
@cgranleese-r7
cgranleese-r7 committed Feb 5, 2025
1 parent 8ee5649 commit dea28d1
Show file tree
Hide file tree
Showing 11 changed files with 321 additions and 28 deletions.
39 changes: 22 additions & 17 deletions lib/msf/core/post/dns/resolve_host.rb
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# -*- coding: binary -*-

require 'rex/post/meterpreter/extensions/stdapi/constants'

module Msf
class Post
module DNS
Expand All @@ -12,7 +14,7 @@ module ResolveHost
# Takes the host name and resolves the IP
#
# @param [String] host
# @param [Integer] family
# @param [Integer] family AF_INET for IPV4 and AF_INET6 for IPV6
# @return [Hash] The resolved IPs
def resolve_host(host, family)
if client.respond_to?(:net) && client.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_NET_RESOLVE_HOST)
Expand All @@ -27,9 +29,9 @@ def resolve_host(host, family)
returned_data = data.split(/Name:/)[1..]
# check each element of the array to see if they are IP
returned_data.each do |entry|
_host, ip = entry.gsub(/\r\n\t |\r\n|Aliases:|Addresses:|Address:/, ' ').split(' ')
filtered_ip = filter_ips(ip, family)
ips << filtered_ip unless filtered_ip.nil?
ip_list = entry.gsub(/\r\n\t |\r\n|Aliases:|Addresses:|Address:/, ' ').split(' ') - [host]
filtered_ips = filter_ips(ip_list, family)
ips = filtered_ips unless filtered_ips.empty?
end
# If nslookup responds with "no answer", fall back to resolving via host command
elsif data =~ /No answer/
Expand All @@ -38,29 +40,32 @@ def resolve_host(host, family)
# Remove unnecessary data and get the section with the addresses
returned_data = data.split("\n")[...-1]
# check each element of the array to see if they are IP
returned_data.each do |entry|
ip = entry.split(' ').last
filtered_ip = filter_ips(ip, family)
ips << filtered_ip unless filtered_ip.nil?
end
ip_list = returned_data.map { |entry| entry.split(' ').last }
filtered_ips = filter_ips(ip_list, family)
ips = filtered_ips unless filtered_ips.empty?
end
end
{:hostname=>host, :ips=>ips}
{ hostname: host, ips: ips }
end
end

# Takes the host and family and returns the IP address if it matches the appropriate family
# Needed to handle request that fallback to nslookup or host, as they return both IPV4 and IPV6.
#
# @param [String] ip
# @param [Array] ips
# @param [Integer] family
# @return [String] ip
def filter_ips(ip, family)
if family == AF_INET
ip if !!(ip =~ Resolv::IPv4::Regex)
elsif family == AF_INET6
ip if !!(ip =~ Resolv::IPv6::Regex)
# @return [Array] ips
def filter_ips(ips, family)
filtered_ips = []
ips.each do |ip|
if family == AF_INET
filtered_ips << ip if !!(ip =~ Resolv::IPv4::Regex)
elsif family == AF_INET6
filtered_ips << ip if !!(ip =~ Resolv::IPv6::Regex)
end
end

filtered_ips
end
end
end
Expand Down
24 changes: 13 additions & 11 deletions modules/post/windows/gather/enum_computers.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'rex/post/meterpreter/extensions/stdapi/constants'

class MetasploitModule < Msf::Post
include Msf::Post::File
include Msf::Post::Windows::Accounts
Expand Down Expand Up @@ -100,20 +102,20 @@ def list_computers(domain, hosts)
]
)
hosts.each do |hostname|
begin
hostipv4 = gethost(hostname, AF_INET)
rescue Rex::Post::Meterpreter::RequestError => e
meterpreter_dns_resolving_errors << "IPV4: #{hostname} could not be resolved - #{e}"
end
hostipv4 = gethost(hostname, AF_INET)
hostipv6 = gethost(hostname, AF_INET6)

begin
hostipv6 = gethost(hostname, AF_INET6)
rescue Rex::Post::Meterpreter::RequestError => e
meterpreter_dns_resolving_errors << "IPV6: #{hostname} could not be resolved - #{e}"
if hostipv4[:ips].empty?
meterpreter_dns_resolving_errors << "IPV4: #{hostname} could not be resolved"
else
tbl << [domain, hostname, hostipv4[:ips].join(',')]
end

hostipv4.each { |ip| tbl << [domain, hostname, ip] } unless hostipv4.nil?
hostipv6.each { |ip| tbl << [domain, hostname, ip] } unless hostipv6.nil?
if hostipv6[:ips].empty?
meterpreter_dns_resolving_errors << "IPV6: #{hostname} could not be resolved" if hostipv6[:ips].empty?
else
tbl << [domain, hostname, hostipv6[:ips].join(',')] unless hostipv6[:ips].nil?
end
end

print_line("\n#{tbl}\n")
Expand Down
32 changes: 32 additions & 0 deletions spec/support/acceptance/command_shell/cmd.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,38 @@ module Acceptance::Session
}
],
module_tests: [
{
name: 'post/test/resolve_host',
platforms: [
[
:linux,
{
skip: true,
reason: 'Payload not compiled for platform'
}
],
[
:osx,
{
skip: true,
reason: 'Payload not compiled for platform'
}
],
:windows
],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: 'post/test/cmd_exec',
platforms: [
Expand Down
26 changes: 26 additions & 0 deletions spec/support/acceptance/command_shell/linux.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,32 @@ module Acceptance::Session
}
}
},
{
name: "post/test/resolve_host",
platforms: [
:linux,
:osx,
[
:windows,
{
skip: true,
reason: "Payload not compiled for platform"
}
]
],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: "post/test/cmd_exec",
platforms: [
Expand Down
32 changes: 32 additions & 0 deletions spec/support/acceptance/command_shell/powershell.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,38 @@ module Acceptance::Session
}
],
module_tests: [
{
name: 'post/test/resolve_host',
platforms: [
[
:linux,
{
skip: true,
reason: 'Payload not compiled for platform'
}
],
[
:osx,
{
skip: true,
reason: 'Payload not compiled for platform'
}
],
:windows
],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: 'post/test/cmd_exec',
platforms: [
Expand Down
16 changes: 16 additions & 0 deletions spec/support/acceptance/session/java.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,22 @@ module Acceptance::Session
}
}
},
{
name: "post/test/resolve_host",
platforms: [:linux, :osx, :windows],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: "post/test/cmd_exec",
platforms: [:linux, :osx, :windows],
Expand Down
26 changes: 26 additions & 0 deletions spec/support/acceptance/session/mettle.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,32 @@ module Acceptance::Session
}
}
},
{
name: "post/test/resolve_host",
platforms: [
:linux,
:osx,
[
:windows,
{
skip: true,
reason: "Payload not compiled for platform"
}
]
],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: "post/test/cmd_exec",
platforms: [
Expand Down
17 changes: 17 additions & 0 deletions spec/support/acceptance/session/php.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,23 @@ module Acceptance::Session
}
}
},
{
name: "post/test/resolve_host",
platforms: [:linux, :osx, :windows],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: [
]
}
}
},
{
name: "post/test/cmd_exec",
platforms: [:linux, :osx, :windows],
Expand Down
16 changes: 16 additions & 0 deletions spec/support/acceptance/session/python.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,22 @@ module Acceptance::Session
}
}
},
{
name: "post/test/resolve_host",
platforms: [:linux, :osx, :windows],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: "post/test/cmd_exec",
platforms: [:linux, :osx, :windows],
Expand Down
32 changes: 32 additions & 0 deletions spec/support/acceptance/session/windows_meterpreter.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,38 @@ module Acceptance::Session
}
}
},
{
name: "post/test/resolve_host",
platforms: [
[
:linux,
{
skip: true,
reason: "Payload not compiled for platform"
}
],
[
:osx,
{
skip: true,
reason: "Payload not compiled for platform"
}
],
:windows
],
skipped: false,
lines: {
linux: {
known_failures: []
},
osx: {
known_failures: []
},
windows: {
known_failures: []
}
}
},
{
name: "post/test/cmd_exec",
platforms: [
Expand Down
Loading

0 comments on commit dea28d1

Please sign in to comment.