/** Creates a new URL to use as the basis of a connection. */
public MsgRpcImpl(
String username, String password, String host, int port, boolean ssl, boolean debugf)
throws MalformedURLException {
if (ssl) { // Install the all-trusting trust manager & HostnameVerifier
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(
null,
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
}
},
new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String string, SSLSession ssls) {
return true;
}
});
} catch (Exception e) {
}
u = new URL("https", host, port, "/api/1.0/");
} else {
u = new URL("http", host, port, "/api/1.0/");
}
/* login to msf server */
Object[] params = new Object[] {username, password};
Map results = exec("auth.login", params);
/* save the temp token (lasts for 5 minutes of inactivity) */
rpcToken = results.get("token").toString();
/* generate a non-expiring token and use that */
params = new Object[] {rpcToken};
results = exec("auth.token_generate", params);
rpcToken = results.get("token").toString();
}
/**
* Decodes a response recursively from MessagePackObject to a normal Java object
*
* @param src MessagePack response
* @return decoded object
*/
private static Object unMsg(Object src) {
Object out = src;
if (src instanceof ArrayType) {
List l = ((ArrayType) src).asList();
List outList = new ArrayList(l.size());
out = outList;
for (Object o : l) outList.add(unMsg(o));
} else if (src instanceof BooleanType) {
out = ((BooleanType) src).asBoolean();
} else if (src instanceof FloatType) {
out = ((FloatType) src).asFloat();
} else if (src instanceof IntegerType) {
try {
out = ((IntegerType) src).asInt();
} catch (Exception ex) {
/* this is a bandaid until I have a chance to further examine what's happening */
out = ((IntegerType) src).asLong();
}
} else if (src instanceof MapType) {
Set ents = ((MapType) src).asMap().entrySet();
out = new HashMap();
for (Object ento : ents) {
Map.Entry ent = (Map.Entry) ento;
Object key = unMsg(ent.getKey());
Object val = ent.getValue();
// Hack - keep bytes of generated or encoded payload
if (ents.size() == 1
&& val instanceof RawType
&& (key.equals("payload") || key.equals("encoded")))
val = ((RawType) val).asByteArray();
else val = unMsg(val);
((Map) out).put(key + "", val);
}
if (((Map) out).containsKey("error") && ((Map) out).containsKey("error_class")) {
armitage.ArmitageMain.print_error(
"Metasploit Framework Exception: "
+ ((Map) out).get("error_message").toString()
+ "\n"
+ ((Map) out).get("error_backtrace"));
throw new RuntimeException(((Map) out).get("error_message").toString());
}
} else if (src instanceof NilType) {
out = null;
} else if (src instanceof RawType) {
out = ((RawType) src).asString();
}
return out;
}