diff --git a/lib/msf/core/exploit/file_dropper.rb b/lib/msf/core/exploit/file_dropper.rb index 8ddf77498a..5fd702be6f 100644 --- a/lib/msf/core/exploit/file_dropper.rb +++ b/lib/msf/core/exploit/file_dropper.rb @@ -61,13 +61,19 @@ module Exploit::FileDropper @dropped_files.delete_if do |file| exists_before = file_dropper_exist?(session, file) + if file_dropper_delete_file(session, file) file_dropper_deleted?(session, file, exists_before) end end @dropped_dirs.delete_if do |dir| + if file_dropper_check_cwd?(session, dir) + print_warning("Attempting to delete working directory #{dir}") + end + exists_before = file_dropper_exist?(session, dir) + if file_dropper_delete_dir(session, dir) file_dropper_deleted?(session, dir, exists_before) end @@ -110,6 +116,10 @@ module Exploit::FileDropper # Check if dir_rm method is available (local exploit, mixin support, module support) if respond_to?(:dir_rm) @dropped_dirs.delete_if do |dir| + if respond_to?(:pwd) && pwd.include?(dir) + print_warning("Attempting to delete working directory #{dir}") + end + begin dir_rm(dir) rescue ::Exception => e @@ -250,6 +260,28 @@ module Exploit::FileDropper end end + # Check if the path being removed is the same as the working directory + # + # @param [String] path The path to check + # @return [Boolean] true if the path is the same, otherwise false + def file_dropper_check_cwd?(session, path) + if session.type == 'meterpreter' + return true if path == session.fs.dir.pwd + else + pwd = + if session.platform == 'windows' + session.shell_command_token('echo %cd%') + else + session.shell_command_token('pwd') + end + + # Check for subdirectories and relative paths + return true if pwd.include?(path) + end + + false + end + # Converts a path to use the windows separator '\' # # @param [String] path The path to convert