我正在开发我在Node.js中的第一个应用程序,我认为我不能正确理解听众是如何工作的,因为我写的例子没有显示我认为它会显示的内容。
我想使用一个模块(msfnode),它是一个metasploit RPC客户端,所以它通过websockets连接。
我创建了一个类,构造函数有这个代码:
this.clientmsf = new MetasploitClient({
login : options.login || 'myLogin',
password : options.password || 'myPassword'
});
this.clientmsf.on('connected',function(err,token) {
if (err) throw err;
});
所以我想我可以在该类的其他函数中使用对象“clientmsf”并显示错误:error_message:'Invalid Authentication Token'。这是代码:
this.clientmsf.exec(['console.create'], function(err,r){
consoleID = r.id;
console.log(r);
});
我想我有这个错误,因为我不知道node.js的所有概念,所以如果有人帮助我,我将非常感激。
非常感谢。
PD。这是msfnode库的一个例子:
var metasploitClient = require('metasploitJSClient');
var onConnect = function(err,token) {
if (err) {
console.log(err.error_message);
process.exit(0);
}
metasploitVersion();
}
var metasploitVersion = function() {
// Do not care about token, it will automaticaly
// be added as the second arguments
// The first value of the array is the function
// you want to call. Full list is available
// in metasploit remote api documentation
var args = ['core.version'];
client.exec(args,function(err,r) {
if (err) return console.log('Error: '+err);
console.log('-> Version: '+r);
});
}
var client = new metasploitClient({
login:'myLogin',
password:'myPassword',
});
client.on('connected',onConnect);
错误:
{ error: true,
error_class: 'Msf::RPC::Exception',
error_string: 'Msf::RPC::Exception',
error_backtrace:
[ 'lib/msf/core/rpc/v10/service.rb:148:in `process\'',
'lib/msf/core/rpc/v10/service.rb:90:in `on_request_uri\'',
'lib/msf/core/rpc/v10/service.rb:72:in `block in start\'',
'lib/rex/proto/http/handler/proc.rb:38:in `call\'',
'lib/rex/proto/http/handler/proc.rb:38:in `on_request\'',
'lib/rex/proto/http/server.rb:363:in `dispatch_request\'',
'lib/rex/proto/http/server.rb:297:in `on_client_data\'',
'lib/rex/proto/http/server.rb:157:in `block in start\'',
'lib/rex/io/stream_server.rb:48:in `call\'',
'lib/rex/io/stream_server.rb:48:in `on_client_data\'',
'lib/rex/io/stream_server.rb:192:in `block in monitor_clients\'',
'lib/rex/io/stream_server.rb:190:in `each\'',
'lib/rex/io/stream_server.rb:190:in `monitor_clients\'',
'lib/rex/io/stream_server.rb:73:in `block in start\'',
'lib/rex/thread_factory.rb:22:in `call\'',
'lib/rex/thread_factory.rb:22:in `block in spawn\'',
'lib/msf/core/thread_manager.rb:100:in `call\'',
'lib/msf/core/thread_manager.rb:100:in `block in spawn\'' ],
error_message: 'Invalid Authentication Token',
error_code: 401 }
编辑2:
这是我检查过的代码:
clientmsf.on('connected',function(err,token) {
if (err) throw err;
var consoleID;
console.log('token:' + token);
// should have connected by now
clientmsf.exec(['console.list'], function(err,r){
consoleID = r;
console.log(r);
});
console.log (consoleID);
});
这就是它所显示的:
token:[object Object]
undefined
{ consoles: [ { id: '0', prompt: 'msf > ', busy: false } ] }
答案 0 :(得分:1)
注意在连接和获取令牌后,他们如何在示例代码中完成工作(metasploitVersion)。
var onConnect = function(err,token) {
if (err) {
console.log(err.error_message);
process.exit(0);
}
// in the connect callback here - you have a token
// only then call to do the work
metasploitVersion();
}
尝试在connect回调函数中移动'this.clientmsf.exec'代码。如果你在回调之外有它,它将在连接完成之前执行。
我还建议您在该回调中注销令牌,以确保您正确连接。
我建议像:
var clientmsf = new MetasploitClient({
login : options.login || 'myLogin',
password : options.password || 'myPassword'
});
clientmsf.on('connected',function(err,token) {
if (err) throw err;
console.log('token:' + token);
// should have connected by now
clientmsf.exec(['console.create'], function(err,r, token){
consoleID = r.id;
console.log(r);
});
});