2016-02-01 01:01:24 +00:00
|
|
|
##
|
|
|
|
# This module requires Metasploit: http://metasploit.com/download
|
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
|
|
##
|
|
|
|
|
2016-03-08 13:02:44 +00:00
|
|
|
class MetasploitModule < Msf::Post
|
2016-02-01 01:01:24 +00:00
|
|
|
include Msf::Post::File
|
|
|
|
include Msf::Post::Windows::Registry
|
|
|
|
|
2016-02-29 20:06:49 +00:00
|
|
|
def initialize(info = {})
|
|
|
|
super(
|
|
|
|
update_info(
|
|
|
|
info,
|
|
|
|
'Name' => 'Multi Manage Set Wallpaper',
|
|
|
|
'Description' => %q(
|
|
|
|
This module will set the desktop wallpaper background on the specified session.
|
|
|
|
The method of setting the wallpaper depends on the platform type.
|
|
|
|
),
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
'Author' => [ 'timwr'],
|
|
|
|
'Platform' => [ 'win', 'osx', 'linux', 'android' ],
|
|
|
|
'SessionTypes' => [ 'meterpreter' ]
|
|
|
|
)
|
|
|
|
)
|
2016-02-01 01:01:24 +00:00
|
|
|
|
|
|
|
register_options(
|
|
|
|
[
|
2016-02-20 08:35:56 +00:00
|
|
|
OptPath.new('WALLPAPER_FILE', [true, 'The local wallpaper file to set on the remote session'])
|
2017-05-03 20:42:21 +00:00
|
|
|
])
|
2016-02-01 01:01:24 +00:00
|
|
|
end
|
|
|
|
|
2016-02-29 20:06:49 +00:00
|
|
|
def upload_wallpaper(tempdir, file)
|
|
|
|
remote_file = "#{tempdir}#{File.basename(file)}"
|
2016-02-14 09:15:25 +00:00
|
|
|
print_status("#{peer} - Uploading to #{remote_file}")
|
2016-02-29 20:06:49 +00:00
|
|
|
|
|
|
|
write_file(remote_file, File.binread(file))
|
2016-02-14 09:15:25 +00:00
|
|
|
print_status("#{peer} - Uploaded to #{remote_file}")
|
|
|
|
remote_file
|
|
|
|
end
|
2016-02-20 08:35:56 +00:00
|
|
|
|
2016-02-01 01:01:24 +00:00
|
|
|
#
|
2016-02-29 20:06:49 +00:00
|
|
|
# The OS X version uses an AppleScript to do this
|
2016-02-01 01:01:24 +00:00
|
|
|
#
|
2016-02-29 20:06:49 +00:00
|
|
|
def osx_set_wallpaper(file)
|
|
|
|
remote_file = upload_wallpaper("/tmp/", file)
|
|
|
|
script = %(osascript -e 'tell application "Finder" to set desktop picture to POSIX file "#{remote_file}"')
|
2016-02-01 01:01:24 +00:00
|
|
|
begin
|
|
|
|
cmd_exec(script)
|
|
|
|
rescue EOFError
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2016-02-29 20:06:49 +00:00
|
|
|
# The Windows version uses the SystemParametersInfo call
|
2016-02-01 01:01:24 +00:00
|
|
|
#
|
2016-02-29 20:06:49 +00:00
|
|
|
def win_set_wallpaper(file)
|
|
|
|
remote_file = upload_wallpaper("%TEMP%\\", file)
|
|
|
|
client.railgun.user32.SystemParametersInfoA(0x0014, nil, remote_file, 0x2) != 0
|
2016-02-01 01:01:24 +00:00
|
|
|
end
|
|
|
|
|
2016-02-14 09:15:25 +00:00
|
|
|
#
|
|
|
|
# The Android version uses the set_wallpaper command
|
|
|
|
#
|
2016-02-29 20:06:49 +00:00
|
|
|
def android_set_wallpaper(file)
|
|
|
|
client.android.set_wallpaper(File.binread(file))
|
2016-02-01 01:01:24 +00:00
|
|
|
true
|
|
|
|
end
|
|
|
|
|
2016-02-29 20:06:49 +00:00
|
|
|
def os_set_wallpaper(file)
|
2016-03-18 04:26:12 +00:00
|
|
|
case session.platform
|
2016-10-29 04:59:05 +00:00
|
|
|
when 'osx'
|
2016-02-29 20:06:49 +00:00
|
|
|
osx_set_wallpaper(file)
|
2016-10-29 04:59:05 +00:00
|
|
|
when 'windows'
|
2016-02-29 20:06:49 +00:00
|
|
|
win_set_wallpaper(file)
|
2016-10-29 04:59:05 +00:00
|
|
|
when 'android'
|
2016-02-29 20:06:49 +00:00
|
|
|
android_set_wallpaper(file)
|
2016-02-01 01:01:24 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def run
|
|
|
|
file = datastore['WALLPAPER_FILE']
|
2016-02-29 20:06:49 +00:00
|
|
|
if os_set_wallpaper(file)
|
2016-02-10 07:51:13 +00:00
|
|
|
print_good("#{peer} - The wallpaper has been set")
|
2016-02-01 01:01:24 +00:00
|
|
|
else
|
2016-02-10 07:51:13 +00:00
|
|
|
print_error("#{peer} - Unable to set the wallpaper")
|
2016-02-01 01:01:24 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|