Merge branch 'feature/rm7581-sudo-improved-with-PASSWORD-option' of https://github.com/lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7581-sudo-improved-with-PASSWORD-option

2013-01-24 21:36:40 +01:00 · 2013-01-24 21:36:40 +01:00 · 2419e55603
parent af3a1db4c1 3b65f31d95
commit 2419e55603
1 changed files with 14 additions and 2 deletions
--- a/modules/post/multi/manage/sudo.rb
+++ b/modules/post/multi/manage/sudo.rb
@ -30,7 +30,9 @@ class Metasploit3 < Msf::Post
 					versions from 2008 and later which support -A.
 				},
 				'License'       => MSF_LICENSE,
-				'Author'        => [ 'todb <todb[at]metasploit.com>'],
+				'Author'        => [ 'todb <todb[at]metasploit.com>',
+						     'Ryan Baxendale <rbaxendale[at]gmail.com>' #added password option
+						   ],
 				'Platform'      => [ 'linux','unix','osx','solaris','aix' ],
 				'References'    =>
 					[
@ -39,6 +41,11 @@ class Metasploit3 < Msf::Post
 					],
 				'SessionTypes'  => [ 'shell' ] # Need to test 'meterpreter'
 			))
+
+			register_options(
+				[
+					OptString.new('PASSWORD', [false, 'The password to use when running sudo.'])
+				], self.class)
 	end

 	# Run Method for when run command is issued
@ -57,7 +64,12 @@ class Metasploit3 < Msf::Post
 	end

 	def get_root
-		password = session.exploit_datastore['PASSWORD']
+		if datastore['PASSWORD']
+			password = datastore['PASSWORD']
+		else	
+			password = session.exploit_datastore['PASSWORD']
+		end
+
 		if password.to_s.empty?
 			print_status "No password available, trying a passwordless sudo."
 		else