Merge branch 'feature/automatic-fs-cleanup' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/automatic-fs-cleanup

2012-11-19 15:59:19 -06:00 · 2012-11-19 15:59:19 -06:00 · 527ba0e401
parent d4749ff009 2526dce20a
commit 527ba0e401
1 changed files with 11 additions and 4 deletions
--- a/lib/msf/core/exploit/file_dropper.rb
+++ b/lib/msf/core/exploit/file_dropper.rb
@ -16,8 +16,13 @@ module Exploit::FileDropper
 		end

 		@dropped_files.delete_if do |file|
+			win_file = file.gsub("/", "\\\\")
 			if session.type == "meterpreter"
 				begin
+					# Meterpreter should do this automatically as part of
+					# fs.file.rm().  Until that has been implemented, remove the
+					# read-only flag with a command.
+					session.shell_command_token(%Q|attrib.exe -r "#{win_file}"|)
 					session.fs.file.rm(file)
 					print_good("Deleted #{file}")
 					true
@ -25,9 +30,11 @@ module Exploit::FileDropper
 					false
 				end
 			else
-				win_file = file.gsub("/", "\\\\")
-				win_cmd  = %Q|del.exe /f /q "#{win_file}"|
-				unix_cmd = %Q|rm -f "#{file}" >/dev/null|
+				cmds = [
+						%Q|attrib.exe -r "#{win_file}"|,
+						%Q|del.exe /f /q "#{win_file}"|,
+						%Q|rm -f "#{file}" >/dev/null|,
+					]

 				# We need to be platform-independent here. Since we can't be
 				# certain that {#target} is accurate because exploits with
@ -35,7 +42,7 @@ module Exploit::FileDropper
 				# run both a windows and a unixy command in the same line. One
 				# of them will definitely fail and the other will probably
 				# succeed. Doing it this way saves us an extra round-trip.
-				session.shell_command_token(%Q|#{win_cmd} ; #{unix_cmd}|)
+				session.shell_command_token(cmds.join(" ; "))
 				print_good("Deleted #{file}")
 				true
 			end