diff --git a/Gemfile.lock b/Gemfile.lock index 61850d58a6..05c7bb2d48 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -20,7 +20,7 @@ PATH metasploit-model metasploit-payloads (= 1.3.47) metasploit_data_models - metasploit_payloads-mettle (= 0.4.1) + metasploit_payloads-mettle (= 0.4.2) mqtt msgpack nessus_rest @@ -175,7 +175,7 @@ GEM postgres_ext railties (~> 4.2.6) recog (~> 2.0) - metasploit_payloads-mettle (0.4.1) + metasploit_payloads-mettle (0.4.2) method_source (0.9.0) mini_portile2 (2.3.0) minitest (5.11.3) diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb index f7a320c232..75cb45d685 100644 --- a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb @@ -247,6 +247,20 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO alias copy cp end + # + # Performs a chmod on the remote file + # + def File.chmod(name, mode) + request = Packet.create_request('stdapi_fs_chmod') + + request.add_tlv(TLV_TYPE_FILE_PATH, client.unicode_filter_decode( name )) + request.add_tlv(TLV_TYPE_FILE_MODE_T, mode) + + response = client.send_request(request) + + return response + end + # # Upload one or more files to the remote remote directory supplied in # +destination+. diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb index d08caa3e90..228016cf3d 100644 --- a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +++ b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb @@ -46,6 +46,8 @@ TLV_TYPE_SEARCH_RECURSE = TLV_META_TYPE_BOOL | 1230 TLV_TYPE_SEARCH_GLOB = TLV_META_TYPE_STRING | 1231 TLV_TYPE_SEARCH_ROOT = TLV_META_TYPE_STRING | 1232 TLV_TYPE_SEARCH_RESULTS = TLV_META_TYPE_GROUP | 1233 + +TLV_TYPE_FILE_MODE_T = TLV_META_TYPE_UINT | 1234 ## # # Net diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb index 8f88e4a482..ab1f1524ff 100644 --- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb @@ -89,6 +89,7 @@ class Console::CommandDispatcher::Stdapi::Fs 'rm' => 'Delete the specified file', 'mv' => 'Move source to destination', 'cp' => 'Copy source to destination', + 'chmod' => 'Change the permissions of a file', 'rmdir' => 'Remove directory', 'search' => 'Search for files', 'upload' => 'Upload a file or directory', @@ -115,6 +116,7 @@ class Console::CommandDispatcher::Stdapi::Fs 'rm' => ['stdapi_fs_delete_file'], 'mv' => ['stdapi_fs_file_move'], 'cp' => ['stdapi_fs_file_copy'], + 'chmod' => ['stdapi_fs_chmod'], 'search' => ['stdapi_fs_search'], 'upload' => [], 'show_mount' => ['stdapi_fs_mount_show'], @@ -397,6 +399,21 @@ class Console::CommandDispatcher::Stdapi::Fs alias :cmd_copy :cmd_cp alias :cmd_cp_tabs :cmd_cat_tabs + alias :cmd_chmod_tabs :cmd_cat_tabs + + # + # Change the permissions on a remote file + # + def cmd_chmod(*args) + if (args.length != 2) + print_line("Usage: chmod permission file") + return true + end + file_path = args[1] + file_path = client.fs.file.expand_path(file_path) if file_path =~ PATH_EXPAND_REGEX + client.fs.file.chmod(file_path, args[0].to_i(8)) + return true + end def cmd_download_help print_line("Usage: download [options] src1 src2 src3 ... destination") diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec index 98e6db155a..f0cc7d106a 100644 --- a/metasploit-framework.gemspec +++ b/metasploit-framework.gemspec @@ -72,7 +72,7 @@ Gem::Specification.new do |spec| # Needed for Meterpreter spec.add_runtime_dependency 'metasploit-payloads', '1.3.47' # Needed for the next-generation POSIX Meterpreter - spec.add_runtime_dependency 'metasploit_payloads-mettle', '0.4.1' + spec.add_runtime_dependency 'metasploit_payloads-mettle', '0.4.2' # Needed by msfgui and other rpc components spec.add_runtime_dependency 'msgpack' # get list of network interfaces, like eth* from OS.