From c9fac43b2db2850968e370d76d20bd6bebfc33f3 Mon Sep 17 00:00:00 2001
From: Brendan Coles <bcoles@gmail.com>
Date: Thu, 2 Jul 2015 13:07:47 +0000
Subject: [PATCH] Add 'msf.token_generate()' for Metasploit
 'auth.token_generate' MSGRPC call

Augment 'msf.login()' to generate and use a permanent authentication token
with 'msf.token_generate()' to prevent authentication failures caused by
timeout of temporary tokens.

The default value for Msf::RPC::Service#token_timeout is 300 seconds.
All temporary tokens expire after [token_timeout] seconds of inactivity.
---
 extensions/metasploit/rpcclient.rb | 31 ++++++++++++++++++++++--------
 1 file changed, 23 insertions(+), 8 deletions(-)

diff --git a/extensions/metasploit/rpcclient.rb b/extensions/metasploit/rpcclient.rb
index fd896ef64..ab0405808 100644
--- a/extensions/metasploit/rpcclient.rb
+++ b/extensions/metasploit/rpcclient.rb
@@ -21,7 +21,6 @@ module Metasploit
                 BeEF::Core::Configuration.instance.set('beef.extension.metasploit.loaded', false)
                 return nil
             end
-		  
             		@lock = false
 			@lastauth = nil
 			@unit_test = false
@@ -116,25 +115,41 @@ module Metasploit
 	def unit_test_init
 		@unit_test = true
 	end
-        # login into metasploit
+        # login to metasploit
 		def login
             		get_lock()
+
 			res = super(@config['user'] , @config['pass'])
-			
 		 	if not res
                 		release_lock()
-                		print_error 'Could not authenticate to Metasploit xmlrpc.'
+                		print_error 'Could not authenticate to Metasploit MSGRPC.'
 				return false
 			end
-			
-			print_info 'Successful connection with Metasploit.' if (!@lastauth && !@unit_test)
-			
+			if (!@lastauth)
+				print_info 'Successful connection with Metasploit.' if (!@unit_test)
+				print_debug "Metasploit: Received temporary token: #{self.token}"
+				# Generate permanent token
+				new_token = token_generate
+				if new_token.nil?
+					print_warning "Metasploit: Could not retrieve permanent Metasploit token. Connection to Metasploit will time out in 5 minutes."
+				else
+					self.token = new_token
+					print_debug "Metasploit: Received permanent token: #{self.token}"
+				end
+			end
 			@lastauth = Time.now
       
             		release_lock()
 			true
 		end
-    
+
+		# generate a permanent auth token
+		def token_generate
+			res = self.call('auth.token_generate')
+			return if not res or not res['token']
+			res['token']
+		end
+
 		def browser_exploits()
                 
       			get_lock()