Add alert to show user the new session options available in Metasploit 6.4

dwelch-r7 · dwelch-r7 · commit 9a2ec90c1679 · 2024-01-29T17:06:21.000Z
diff --git a/lib/msf/core/module.rb b/lib/msf/core/module.rb
@@ -397,6 +397,7 @@ def default_cred?
       false
     end
 
+    def activate; end
     #
     # The array of zero or more platforms.
     #
diff --git a/lib/msf/core/module/alert.rb b/lib/msf/core/module/alert.rb
@@ -40,6 +40,21 @@ def add_error(msg = nil, &block)
       add_alert(:error, msg, &block)
     end
 
+    # Add an info message that will be provided to the user as early possible when using
+    # this instance of a module, either when they select it with the `use`
+    # command, when the module is about to start running, or when the module
+    # generates its output.
+    #
+    # @param msg [String] an optional info message
+    # @param block [Proc] an optional block that will be executed in the
+    #   context of the module instance at alert time to generate the
+    #   message. If provided the msg parameter is ignored.
+    # @return [true, nil] whether or not the message was added to the list of
+    #   info messages
+    def add_info(msg = nil, &block)
+      add_alert(:info, msg, &block)
+    end
+
     # @return [Array<String, Proc>] a list of warning message strings, or
     #   blocks (see #get_alerts)
     def warnings
@@ -52,6 +67,12 @@ def errors
       get_alerts(:error)
     end
 
+    # @return [Array<String, Proc>] a list of info message strings, or
+    #   blocks (see #get_alerts)
+    def infos
+      get_alerts(:info)
+    end
+
     # @param level [Symbol] The alert level to return
     # @return [Array<String, Proc>] A list of `level` alerts, either in string
     #   or block form. Blocks expect to be executed in the context of a fully
@@ -135,6 +156,21 @@ def add_error(msg = nil, &block)
     add_alert(:error, msg, &block)
   end
 
+  # Add an info message that will be provided to the user as early possible when using
+  # this instance of a module, either when they select it with the `use`
+  # command, when the module is about to start running, or when the module
+  # generates its output.
+  #
+  # @param msg [String] an optional info message
+  # @param block [Proc] an optional block that will be executed in the
+  #   context of the module instance at alert time to generate the
+  #   message. If provided the msg parameter is ignored.
+  # @return [true, nil] whether or not the message was added to the list of
+  #   info messages
+  def add_info(msg = nil, &block)
+    add_alert(:info, msg, &block)
+  end
+
   # This method allows modules to tell the framework if they are usable
   # on the system that they are being loaded on in a generic fashion.
   # By default, all modules are indicated as being usable.  An example of
@@ -160,6 +196,11 @@ def errors
     get_alerts(:error)
   end
 
+  # @return [Array<String>] a list of info strings to show the user
+  def infos
+    get_alerts(:info)
+  end
+
   # Similar to {ClassMethods#get_alerts}, but executes each registered block in
   # the context of this module instance and returns a flattened list of strings.
   # (see {ClassMethods#get_alerts})
@@ -215,5 +256,12 @@ def alert_user
         self.you_have_been_warned[msg.hash] = true
       end
     end
+
+    infos.each do |msg|
+      if msg && !self.you_have_been_warned[msg.hash]
+        print_line(msg)
+        self.you_have_been_warned[msg.hash] = true
+      end
+    end
   end
 end
diff --git a/lib/msf/core/optional_session.rb b/lib/msf/core/optional_session.rb
@@ -37,4 +37,9 @@ def session
 
     super
   end
+
+  def activate
+    super
+    add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
+  end
 end
diff --git a/lib/msf/ui/console/command_dispatcher.rb b/lib/msf/ui/console/command_dispatcher.rb
@@ -45,6 +45,7 @@ def active_module
   #
   def active_module=(mod)
     driver.active_module = mod
+    mod.activate unless mod.nil?
   end
 
   #
diff --git a/lib/msf/ui/console/command_dispatcher/modules.rb b/lib/msf/ui/console/command_dispatcher/modules.rb
@@ -596,10 +596,6 @@ def cmd_search(*args)
                   end
                 end
               end
-              if @module_search_results.length == 1 && use
-                used_module = @module_search_results_with_usage_metadata.first[:mod].fullname
-                cmd_use(used_module, true)
-              end
             rescue ArgumentError
               print_error("Invalid argument(s)\n")
               cmd_search_help
@@ -611,13 +607,18 @@ def cmd_search(*args)
               ::File.open(output_file, "wb") { |ofd|
                 ofd.write(tbl.to_csv)
               }
-            else
-              print_line(tbl.to_s)
-              print_module_search_results_usage
+              return true
+            end
+
+            print_line(tbl.to_s)
+            print_module_search_results_usage
 
-              print_status("Using #{used_module}") if used_module
+            if @module_search_results.length == 1 && use
+              used_module = @module_search_results_with_usage_metadata.first[:mod].fullname
+              cmd_use(used_module, true)
             end
 
+            print_status("Using #{used_module}") if used_module
             true
           end
 
diff --git a/modules/auxiliary/scanner/postgres/postgres_login.rb b/modules/auxiliary/scanner/postgres/postgres_login.rb
@@ -61,6 +61,12 @@ def create_session?
     end
   end
 
+  # Called when the module is set as the currently active module
+  def activate
+    super
+    add_info('New in Metasploit 6.4 - The %grnCreateSession%clr option within this module can open an interactive session')
+  end
+
   # Loops through each host in turn. Note the current IP address is both
   # ip and datastore['RHOST']
   def run_host(ip)
diff --git a/modules/auxiliary/scanner/smb/smb_login.rb b/modules/auxiliary/scanner/smb/smb_login.rb
@@ -84,6 +84,12 @@ def create_session?
     end
   end
 
+  # Called when the module is set as the currently active module
+  def activate
+    super
+    add_info('New in Metasploit 6.4 - The %grnCreateSession%clr option within this module can open an interactive session')
+  end
+
   def run_host(ip)
     print_brute(level: :vstatus, ip: ip, msg: 'Starting SMB login bruteforce')
 
diff --git a/modules/exploits/windows/smb/smb_relay.rb b/modules/exploits/windows/smb/smb_relay.rb
@@ -155,6 +155,12 @@ def available_actions
     actions
   end
 
+  # Called when the module is set as the currently active module
+  def activate
+    super
+    add_info('New in Metasploit 6.4 - The %SMB_SESSION%clr action within this module can open an interactive session')
+  end
+
   def smb_logger
     log_device = datastore['VERBOSE'] ? Msf::Exploit::Remote::SMB::LogAdapter::LogDevice::Module.new(self) : Msf::Exploit::Remote::SMB::LogAdapter::LogDevice::Framework.new(framework)
     Msf::Exploit::Remote::SMB::LogAdapter::Logger.new(self, log_device)

Original file line number	Diff line number	Diff line change
`@@ -397,6 +397,7 @@ def default_cred?`
`397`	`397`	`false`
`398`	`398`	`end`
`399`	`399`
	`400`	`+ def activate; end`
`400`	`401`	`#`
`401`	`402`	`# The array of zero or more platforms.`
`402`	`403`	`#`
Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ def active_module`
`45`	`45`	`#`
`46`	`46`	`def active_module=(mod)`
`47`	`47`	`driver.active_module = mod`
	`48`	`+ mod.activate unless mod.nil?`
`48`	`49`	`end`
`49`	`50`
`50`	`51`	`#`