Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logging Is Inaccessible #38

Open
zeroSteiner opened this issue Sep 3, 2021 · 3 comments
Open

Logging Is Inaccessible #38

zeroSteiner opened this issue Sep 3, 2021 · 3 comments
Assignees
@sempervictus

Comments

@zeroSteiner
Copy link
Contributor

The logging methods used by rex-socket are defined globally by the Metasploit Framework. Because the elog function and LEV_3 constant is not defined within rex-socket it will crash when used outside of Metasploit.

There are at least 4 instances:

lib/rex/socket/parameters.rb:140:        elog("Failed to read cert: #{e.class}: #{e}", LogSource)
lib/rex/socket/parameters.rb:148:        elog("Failed to read client cert: #{e.class}: #{e}", LogSource)
lib/rex/socket/parameters.rb:156:        elog("Failed to read client key: #{e.class}: #{e}", LogSource)
lib/rex/socket.rb:750:      elog("#{e.message} (#{e.class})#{e.backtrace * "\n"}\n", LogSource, LEV_3)

The issue can be confirmed by triggering an error log. In the following scenario, the user creates a new Rex::Socket::Parameters instance and specifies an SSLCert file that exists, but can not be read. This assumes you're not running as root of course.

[1] pry(main)> require 'rex/socket'
=> true
[2] pry(main)> Rex::Socket::Parameters.new('SSLCert' => '/etc/shadow')
NameError: uninitialized constant Rex::Socket::Parameters::LogSource
Did you mean?  Rex::Socket::LogSource
from /home/smcintyre/Repositories/rex-socket/lib/rex/socket/parameters.rb:140:in `rescue in initialize'
Caused by Errno::EACCES: Permission denied @ rb_sysopen - /etc/shadow
from /home/smcintyre/Repositories/rex-socket/lib/rex/socket/parameters.rb:138:in `read'
[3] pry(main)>

Fixing the LogSource reference:

diff --git a/lib/rex/socket/parameters.rb b/lib/rex/socket/parameters.rb
index bb78631..e7e5509 100644
--- a/lib/rex/socket/parameters.rb
+++ b/lib/rex/socket/parameters.rb
@@ -137,7 +137,7 @@ class Rex::Socket::Parameters
       begin
         self.ssl_cert = ::File.read(hash['SSLCert'])
       rescue ::Exception => e
-        elog("Failed to read cert: #{e.class}: #{e}", LogSource)
+        elog("Failed to read cert: #{e.class}: #{e}", Rex::Socket::LogSource)
       end
     end

[1] pry(main)> require 'rex/socket'
=> true
[2] pry(main)> Rex::Socket::Parameters.new('SSLCert' => '/etc/shadow')
NoMethodError: undefined method `elog' for #<Rex::Socket::Parameters:0x00000000013d15c0 @ssl_version=nil>
from /home/smcintyre/Repositories/rex-socket/lib/rex/socket/parameters.rb:140:in `rescue in initialize'
Caused by Errno::EACCES: Permission denied @ rb_sysopen - /etc/shadow
from /home/smcintyre/Repositories/rex-socket/lib/rex/socket/parameters.rb:138:in `read'
[3] pry(main)>

Since this gem isn't dependant on Metasploit, the logging should function independently of it.
@sempervictus
Copy link

This is kinda my fault for asking to pull Rex out. Wanna assign me?

@sempervictus
Copy link

took a look over this, and it dawns on me that we have a bit of a logical absurdity here: logging is a core function of Rex, and itself depends on rex-sync but lives inside lib/rex/logging within Msf.
For a more "holistic" approach, i think we should actually move that subtree out of Msf, probably into rex-core, since we already need that and sync to use socket. Thoughts?

Alternatively i can do some "magic" checks for whether logging is defined in the global namespace and if it isn't then create short stubs for API compatibility - AKA, hack it up some. 😄

sempervictus pushed a commit to sempervictus/rex-core that referenced this issue Dec 4, 2022
Migrate rex/logging into Core from Msf namespace
cbd267a 
Using Rex' various gems without Msf will result in errors when the
logging subsystem is undefined (as that remained in Msf during the
great Rex excision). This manifests in rex-socket as noted by
@zeroSteiner in rapid7/rex-socket#38.

Address the dependency problem by moving rex/logging into this gem
which is already required by rex-socket and other descendants.

Testing:
 None - this is a quick-n-dirty subdirectory move. If this works,
someone with real git skill should migrate the relevant history
of the code; as losing that stuff results in people not knowing
whom to ask when the time comes to fix some deeply-bored bug.
@sempervictus sempervictus mentioned this issue Dec 4, 2022
Closed
@sempervictus
Copy link

@zeroSteiner - could you please check to see if the linked PR in Core fixes this? I am not l33t enough to move those files w/ their history though.

sempervictus pushed a commit to sempervictus/metasploit-framework that referenced this issue Jan 18, 2023
Metasploit companion for rex-core #32
1b74065 
Using Rex' various gems without Msf will result in errors when the
logging subsystem is undefined (as that remained in Msf during the
great Rex excision). This manifests in rex-socket as noted by
@zeroSteiner in rapid7/rex-socket#38.

Address the dependency problem by moving rex/logging into rex-core
which is already required by rex-socket and other descendants.

Notes:
  This PR is staged to allow github.com/rapid7/rex-core/pull/32
to be merged without creating a (seemingly harmless) redundancy.
@sempervictus sempervictus mentioned this issue Jan 18, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sempervictus sempervictus

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sempervictus @zeroSteiner