Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/auxiliary/admin/smb/delete_file.rb
28102 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Auxiliary

7


8
  # Exploit mixins should be called first

9
  include Msf::Exploit::Remote::SMB::Client

10
  include Msf::Exploit::Remote::SMB::Client::Authenticated

11
  include Msf::Exploit::Remote::SMB::Client::RemotePaths

12
  include Msf::Auxiliary::Report

13
  include Msf::Auxiliary::Scanner

14
  include Msf::OptionalSession::SMB

15


16
  # Aliases for common classes

17
  SIMPLE = Rex::Proto::SMB::SimpleClient

18
  XCEPT = Rex::Proto::SMB::Exceptions

19
  CONST = Rex::Proto::SMB::Constants

20


21
  def initialize

22
    super(

23
      'Name' => 'SMB File Delete Utility',

24
      'Description' => %(

25
        This module deletes a file from a target share and path. The usual reason

26
      to use this module is to work around limitations in an existing SMB client that may not

27
      be able to take advantage of pass-the-hash style authentication.

28
      ),

29
      'Author' => [

30
        'mubix' # copied from hdm upload_file module

31
      ],

32
      'License' => MSF_LICENSE,

33
      'References' => [

34
        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]

35
      ],

36
      'Notes' => {

37
        'Stability' => [OS_RESOURCE_LOSS],

38
        'SideEffects' => [],

39
        'Reliability' => []

40
      }

41
      )

42


43
    register_options([

44
      OptString.new('SMBSHARE', [true, 'The name of a share on the RHOST', 'C$'])

45
    ])

46
  end

47


48
  def smb_delete_files

49
    if session

50
      print_status("Using existing session #{session.sid}")

51
      self.simple = session.simple_client

52
    else

53
      vprint_status('Connecting to the server...')

54
      connect

55
      smb_login

56
    end

57


58
    vprint_status("Mounting the remote share \\\\#{simple.address}\\#{datastore['SMBSHARE']}'...")

59
    simple.connect("\\\\#{simple.address}\\#{datastore['SMBSHARE']}")

60


61
    remote_paths.each do |remote_path|

62
      simple.delete("\\#{remote_path}")

63


64
      # If there's no exception raised at this point, we assume the file has been removed.

65
      print_good("Deleted: #{remote_path}")

66
    rescue Rex::Proto::SMB::Exceptions::ErrorCode, RubySMB::Error::RubySMBError => e

67
      elog("Cannot delete #{remote_path}:", error: e)

68
      print_error("Cannot delete #{remote_path}: #{e.message}")

69
    end

70
  end

71


72
  def run_host(_ip)

73
    validate_rpaths!

74


75
    begin

76
      smb_delete_files

77
    rescue Rex::Proto::SMB::Exceptions::LoginError => e

78
      elog('Unable to login', error: e)

79
      print_error("Unable to login: #{e.message}")

80
    end

81
  end

82
end

83


84