Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/payloads/singles/cmd/mainframe/generic_jcl.rb
19813 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
##

7
# This is a prototype JCL command payload for z/OS - mainframe.

8
#   It submits the IEFBR14 standard z/OS program, which does nothing

9
#   but complete successfully and return code 0.

10
#

11
#   See http://www.ibm.com/support/knowledgecenter/SSLTBW_2.1.0/com.ibm.zos.v2r1.ieab500/hpropr.htm?lang=en

12
#   for more information on IEFBR14

13
##

14


15
module MetasploitModule

16
  CachedSize = 150

17
  include Msf::Payload::Single

18
  include Msf::Payload::Mainframe

19
  include Msf::Sessions::CommandShellOptions

20


21
  def initialize(info = {})

22
    super(

23
      merge_info(

24
        info,

25
        'Name' => 'Generic JCL Test for Mainframe Exploits',

26
        'Description' => %q{

27
          Provide JCL which can be used to submit

28
          a job to JES2 on z/OS which will exit and return 0.  This

29
          can be used as a template for other JCL based payloads

30
        },

31
        'Author' => 'Bigendian Smalls',

32
        'License' => MSF_LICENSE,

33
        'Platform' => 'mainframe',

34
        'Arch' => ARCH_CMD,

35
        'Handler' => Msf::Handler::None,

36
        'Session' => Msf::Sessions::MainframeShell,

37
        'PayloadType' => 'cmd',

38
        'RequiredCmd' => 'jcl',

39
        'Payload' => {

40
          'Offsets' => {},

41
          'Payload' => ''

42
        }

43
      )

44
    )

45
    register_options(

46
      [

47
        OptString.new('ACTNUM', [true, 'Accounting info for JCL JOB card', 'MSFUSER-ACCTING-INFO']),

48
        OptString.new('PGMNAME', [true, 'Programmer name for JCL JOB card', 'programmer name']),

49
        OptString.new('JCLASS', [true, 'Job Class for JCL JOB card', 'A']),

50
        OptString.new('NOTIFY', [false, 'Notify User for JCL JOB card', '']),

51
        OptString.new('MSGCLASS', [true, 'Message Class for JCL JOB card', 'Z']),

52
        OptString.new('MSGLEVEL', [true, 'Message Level for JCL JOB card', '(0,0)'])

53
      ],

54
      self.class

55
    )

56
    register_advanced_options(

57
      [

58
        OptBool.new('NTFYUSR', [true, 'Include NOTIFY Parm?', false]),

59
        OptString.new('JOBNAME', [true, 'Job name for JCL JOB card', 'DUMMY'])

60
      ],

61
      self.class

62
    )

63
  end

64


65
  ##

66
  # Construct Payload

67
  ##

68
  def generate(_opts = {})

69
    super + command_string

70
  end

71


72
  ##

73
  # Setup replacement vars from options if need be

74
  ##

75
  def command_string

76
    jcl_jobcard +

77
      "//   EXEC PGM=IEFBR14\n"

78
  end

79
end

80


81