Add some more logging

Author: zeroSteiner

lib/msf/core/exploit/remote/smb/relay/ntlm/server.rb

@@ -47,13 +47,13 @@ def run(&block)
           begin
             _port, ip_address = ::Socket::unpack_sockaddr_in(server_client.getpeername)
             logger.print_status("New request from #{ip_address}")
-            logger.info("starting thread for connection")
+            logger.info("Starting thread for connection from #{ip_address}")
             server_client.run
           rescue => e
             logger.print_error "#{e.message}"
             elog(e)
           end
-          logger.info("ending thread for connection")
+          logger.info("Ending thread for connection from #{ip_address}")
         end)
 
         break unless block.nil? || block.call(server_client)

lib/msf/core/exploit/remote/smb/relay/ntlm/server_client.rb

@@ -30,7 +30,7 @@ def do_tree_connect_smb2(request, session)
       end
 
 
-      logger.print_status("Relaying to next target #{display_target(session.metadata[:relay_target])}")
+      logger.print_status("Relaying to next target #{session.metadata[:relay_target]}")
       relayed_connection = create_relay_client(
         session.metadata[:relay_target],
         @relay_timeout
@@ -138,6 +138,7 @@ def relay_ntlmssp(session, incoming_security_buffer = nil)
       # Choose the next machine to relay to, and send the incoming security buffer to the relay target
       if ntlm_message.is_a?(::Net::NTLM::Message::Type1)
         relayed_connection = session.metadata[:relayed_connection]
+        logger.info("Relaying NTLM type 1 message to #{relayed_connection.target.ip}")
         relay_result = relayed_connection.relay_ntlmssp_type1(incoming_security_buffer)
         return nil unless relay_result.nt_status == WindowsError::NTStatus::STATUS_MORE_PROCESSING_REQUIRED
 
@@ -155,14 +156,14 @@ def relay_ntlmssp(session, incoming_security_buffer = nil)
       # NTLM challenge response
       elsif ntlm_message.is_a?(::Net::NTLM::Message::Type3)
         relayed_connection = session.metadata[:relayed_connection]
-
+        logger.info("Relaying #{ntlm_message.ntlm_version == :ntlmv2 ? 'NTLMv2' : 'NTLMv1'} type 3 message to #{relayed_connection.target} as #{session.metadata[:identity]}")
         relay_result = relayed_connection.relay_ntlmssp_type3(incoming_security_buffer)
 
         is_success = relay_result.nt_status == WindowsError::NTStatus::STATUS_SUCCESS
         @relay_targets.on_relay_end(relayed_connection.target, identity: session.metadata[:identity], is_success: is_success)
 
         if is_success
-          logger.print_good("Identity: #{session.metadata[:identity]} - Successfully authenticated against relay target #{display_target(relayed_connection.target)}")
+          logger.print_good("Identity: #{session.metadata[:identity]} - Successfully authenticated against relay target #{relayed_connection.target}")
           session.metadata[:incoming_challenge_response] = ntlm_message
 
           @listener.on_ntlm_type3(
@@ -177,13 +178,13 @@ def relay_ntlmssp(session, incoming_security_buffer = nil)
           relayed_connection.disconnect!
 
           if relay_result.nt_status == WindowsError::NTStatus::STATUS_LOGON_FAILURE
-            logger.print_warning("Identity: #{session.metadata[:identity]} - Relay failed due to client authentication details not matching any account on target server #{display_target(relayed_connection.target)}")
+            logger.print_warning("Identity: #{session.metadata[:identity]} - Relay failed due to client authentication details not matching any account on target server #{relayed_connection.target}")
           else
             error_code = WindowsError::NTStatus.find_by_retval(relay_result.nt_status.value).first
             if error_code.nil?
-              logger.print_warning("Identity: #{session.metadata[:identity]} - Relay against target #{display_target(relayed_connection.target)} failed with unexpected error: #{relay_result.nt_status.value}")
+              logger.print_warning("Identity: #{session.metadata[:identity]} - Relay against target #{relayed_connection.target} failed with unexpected error: #{relay_result.nt_status.value}")
             else
-              logger.print_warning("Identity: #{session.metadata[:identity]} - Relay against target #{display_target(relayed_connection.target)} failed with unexpected error: #{error_code.name}: #{error_code.description}")
+              logger.print_warning("Identity: #{session.metadata[:identity]} - Relay against target #{relayed_connection.target} failed with unexpected error: #{error_code.name}: #{error_code.description}")
             end
           end
 
@@ -211,21 +212,15 @@ def create_relay_client(target, timeout)
 
       client
     rescue ::Rex::ConnectionTimeout => e
-      msg = "Timeout error retrieving server challenge from target #{display_target(target)}. Most likely caused by unresponsive target"
+      msg = "Timeout error retrieving server challenge from target #{target}. Most likely caused by unresponsive target"
       elog(msg, error: e)
       logger.print_error msg
       nil
     rescue ::Exception => e
-      msg = "Unable to create relay to #{display_target(target)}"
+      msg = "Unable to create relay to #{target}"
       elog(msg, error: e)
       logger.print_error msg
       nil
     end
-
-    protected
-
-    def display_target(target)
-      "#{target.protocol}://#{target.ip}:#{target.port}"
-    end
   end
 end

lib/msf/core/exploit/remote/smb/relay/ntlm/target/http/client.rb

@@ -33,6 +33,10 @@ def self.create(provider, target, logger, timeout)
       )
     end
 
+    def disconnect!
+      @client.close
+    end
+
     # @param [String] client_type1_msg
     # @rtype [Msf::Exploit::Remote::SMB::Relay::NTLM::Target::RelayResult, nil]
     def relay_ntlmssp_type1(client_type1_msg)
@@ -76,9 +80,5 @@ def relay_ntlmssp_type3(client_type3_msg)
     protected
 
     attr_reader :logger
-
-    def display_target(target)
-      "#{target.protocol}://#{target.ip}:#{target.port}" + (target.path.blank? ? '/' : target.path)
-    end
   end
 end

lib/msf/core/exploit/remote/smb/relay/ntlm/target/smb/client.rb

@@ -107,7 +107,7 @@ def relay_ntlmssp_type1(client_type1_msg)
         )
       end
     rescue ::Exception => e
-      msg = "Unable to retrieve server challenge at #{display_target(target)}"
+      msg = "Unable to retrieve server challenge from #{target}"
       elog(msg, error: e)
       logger.print_error msg
       nil
@@ -146,7 +146,7 @@ def relay_ntlmssp_type3(client_type3_msg)
         )
       end
     rescue ::Exception => e
-      msg = "Unable to authenticate to target #{display_target(target)} via relay"
+      msg = "Unable to authenticate to target #{target} via relay"
       elog(msg, error: e)
       logger.error msg
       nil
@@ -161,9 +161,5 @@ def normalize_type3_encoding(type3_msg)
     protected
 
     attr_reader :logger
-
-    def display_target(target)
-      "#{target.protocol}://#{target.ip}:#{target.port}"
-    end
   end
 end

lib/msf/core/exploit/remote/smb/relay/target_list.rb

@@ -108,6 +108,12 @@ def to_h
       { ip: ip, port: port, protocol: protocol, path: path, relay_state: @relay_state }
     end
 
+    def to_s
+      s = "#{protocol}://#{}"
+      s << ('/' + path.delete_prefix('/')) unless path.blank?
+      s
+    end
+
     private
 
     def relay_data_for(username)