CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/post/linux/manage/pseudo_shell.rb
Views: 11704
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
require 'readline'

7


8
class MetasploitModule < Msf::Post

9
  include Msf::Post::File

10
  include Msf::Post::Unix

11
  include Msf::Post::Linux::System

12
  include Msf::Post::Linux::Priv

13


14
  HELP_COMMANDS = [

15
    ['help', 'help', 0, 'Show current help'],

16
    ['?', 'help', 0, 'Show current help'],

17
    ['ls', 'dir', 1, 'List files and folders in a directory'],

18
    ['cat', 'read_file', 1, 'Show file contents'],

19
    ['whoami', 'whoami', 0, 'Show current user'],

20
    ['cd', 'cd', 1, 'Change current directory'],

21
    ['users', 'get_users', 0, 'Show list of users'],

22
    ['groups', 'get_groups', 0, 'Show list of groups'],

23
    ['pwd', 'pwd', 0, 'Show current PATH'],

24
    ['interfaces', 'interfaces', 0, 'Show list of network interfaces'],

25
    ['path', 'get_path', 0, 'Show current directories included in $PATH enviroment variable'],

26
    ['macs', 'macs', 0, 'Show list of MAC addresses'],

27
    ['shell', 'get_shell_name', 0, 'Show current SHELL'],

28
    ['hostname', 'get_hostname', 0, 'Show current Hostname'],

29
    ['ips', 'ips', 0, 'Show list of current IP addresses'],

30
    ['isroot?', 'is_root?', 0, 'Show if current user has root permisions'],

31
    ['exit', '', 0, 'Exit the Pseudo-shell'],

32
    ['tcp_ports', 'listen_tcp_ports', 0, 'Show list of listen TCP ports'],

33
    ['udp_ports', 'listen_udp_ports', 0, 'Show list of listen UDP ports'],

34
    ['clear', 'clear_screen', 0, 'Clear screen']

35
  ].sort

36


37
  LIST = [].sort

38
  HELP_COMMANDS.each do |linea|

39
    LIST.insert(-1, linea[0])

40
  end

41


42
  def initialize

43
    super(

44
      'Name' => 'Pseudo-Shell Post-Exploitation Module',

45
      'Description' => %q{

46
        This module will run a Pseudo-Shell.

47
      },

48
      'Author' => 'Alberto Rafael Rodriguez Iglesias <albertocysec[at]gmail.com>',

49
      'License' => MSF_LICENSE,

50
      'Platform' => ['linux'],

51
      'SessionTypes' => ['shell', 'meterpreter']

52
    )

53
  end

54


55
  def run

56
    @vhostname = get_hostname

57
    @vusername = whoami

58
    @vpromptchar = is_root? ? '#' : '$'

59
    prompt

60
  end

61


62
  def parse_cmd(cmd)

63
    parts = cmd.split(' ')

64
    return '' unless parts.length >= 1

65


66
    cmd = parts[0]

67
    nargs = parts.length - 1

68
    HELP_COMMANDS.each do |linea|

69
      next unless linea[0] == cmd

70


71
      func = linea[1]

72
      if nargs >= 1

73
        if linea[2] == 1

74
          args = parts[1]

75
        else

76
          nargs = 0

77
        end

78
      else

79
        args = ''

80
      end

81


82
      return func, cmd, args, nargs

83
    end

84


85
    error = get_shell_name

86
    message = "#{error}: #{cmd}: Command does not exist\n"

87
    print message

88
    message

89
  end

90


91
  def help

92
    print "\n"

93
    print "Commands Help\n"

94
    print "==============\n"

95
    print "\n"

96
    printf("\t%-20s%-100s\n", 'Command', 'Description')

97
    printf("\t%-20s%-100s\n", '-------', '-----------')

98
    HELP_COMMANDS.each do |linea|

99
      printf("\t%-20s%-100s\n", linea[0], linea[3])

100
    end

101
    print "\n"

102
  end

103


104
  def prompt_show

105
    promptshell = "#{@vusername}@#{@vhostname}:#{pwd.strip}#{@vpromptchar} "

106
    comp = proc { |s| LIST.grep(/^#{Regexp.escape(s)}/) }

107
    Readline.completion_append_character = ' '

108
    Readline.completion_proc = comp

109
    input = Readline.readline(promptshell, true)

110
    return nil if input.nil?

111


112
    input

113
  end

114


115
  def prompt

116
    while (input = prompt_show)

117
      break if input == 'exit'

118
      break if input == 'exit '

119


120
      begin

121
        func, command, args, nargs = parse_cmd(input)

122
        nargs = nargs.to_i

123
        if command == 'ls' && (nargs == 0)

124
          nargs += 1

125
          ruta = pwd

126
          args = ruta

127
        end

128
        if nargs > 0

129
          args = args.strip

130
          resultado = public_send(func.to_s, args.to_s)

131
        elsif input == ''

132
          resultado = []

133
          resultado.insert(-1, '')

134
        else

135
          resultado = public_send(func.to_s)

136
        end

137
        if !resultado.nil? == resultado

138
          if command == 'isroot?'

139
            print resultado ? "true\n" : "false\n"

140
          end

141
        elsif resultado.instance_of?(Array)

142
          print resultado.join("\n")

143
          print "\n"

144
        elsif resultado.strip != ''

145
          print resultado.chomp + "\n"

146
        end

147
      rescue StandardError # begin

148
        next

149
      end

150
    end

151
  end

152
end

153


154