Warn user if a file/permission is being modified during new session

2012-10-24 00:54:17 -05:00 · 2012-10-24 00:54:17 -05:00 · 799c22554e
parent f1423bf0b4
commit 799c22554e
21 changed files with 36 additions and 24 deletions
--- a/modules/exploits/linux/http/symantec_web_gateway_file_upload.rb
+++ b/modules/exploits/linux/http/symantec_web_gateway_file_upload.rb
@ -70,6 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
 	end

 	def on_new_session(client)
+		print_warning("Deleting temp.php")
 		if client.type == "meterpreter"
 			client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
 			client.fs.file.rm("temp.php")
--- a/modules/exploits/linux/http/webid_converter.rb
+++ b/modules/exploits/linux/http/webid_converter.rb
@ -109,7 +109,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		res = client.fs.file.search(nil, "currencies.php", true, -1)
 		res.each do |hit|
 			filename = "#{hit['path']}/#{hit['name']}"
-			print_status("#{peer} - Restoring #{filename}")
+			print_warning("#{peer} - Restoring #{filename}")
 			client.fs.file.rm(filename)
 			fd = client.fs.file.new(filename, "wb")
 			fd.write(currencies_php)
--- a/modules/exploits/multi/http/qdpm_upload_exec.rb
+++ b/modules/exploits/multi/http/qdpm_upload_exec.rb
@ -94,7 +94,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		end

 		@clean_files.each do |f|
-			print_status("#{@peer} - Removing: #{f}")
+			print_warning("#{@peer} - Removing: #{f}")
 			begin
 				if cli.type == 'meterpreter'
 					cli.fs.file.rm(f)
--- a/modules/exploits/multi/http/struts_code_exec.rb
+++ b/modules/exploits/multi/http/struts_code_exec.rb
@ -130,7 +130,7 @@ class Metasploit3 < Msf::Exploit::Remote

 	def on_new_session(client)
 		if target['Platform'] == 'linux'
-			print_status("Deleting #{@payload_exe} payload file")
+			print_warning("Deleting #{@payload_exe} payload file")
 			execute_command("/bin/sh@-c@rm #{@payload_exe}")
 		else
 			print_status("Windows does not allow running executables to be deleted")
--- a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
+++ b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
@ -182,7 +182,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			return
 		end

-		print_status("Deleting the #{@payload_exe} file")
+		print_warning("Deleting the #{@payload_exe} file")
 		client.fs.file.rm(@payload_exe)

 	end
--- a/modules/exploits/multi/http/testlink_upload_exec.rb
+++ b/modules/exploits/multi/http/testlink_upload_exec.rb
@ -140,6 +140,7 @@ class Metasploit3 < Msf::Exploit::Remote
 	end

 	def on_new_session(client)
+		print_warning("Deleting #{@token}.php")
 		if client.type == "meterpreter"
 			client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
 			client.fs.file.rm("#{@token}.php")
--- a/modules/exploits/multi/http/webpagetest_upload_exec.rb
+++ b/modules/exploits/multi/http/webpagetest_upload_exec.rb
@ -80,8 +80,14 @@ class Metasploit3 < Msf::Exploit::Remote
 			return
 		end
 		cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
-		cli.fs.file.rm(@target_path)
-		print_status("#{@target_path} removed")
+
+		begin
+			print_warning("Deleting: #{@target_path}")
+			cli.fs.file.rm(@target_path)
+			print_good("#{@target_path} removed")
+		rescue
+			print_error("Unable to delete: #{@target_path}")
+		end
 	end


--- a/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb
+++ b/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb
@ -65,6 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			f = "pathCache.php"
 			client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
 			begin
+				print_warning("#{@peer} - Deleting #{f}")
 				client.fs.file.rm(f)
 				print_good("#{@peer} - #{f} removed to stay ninja")
 			rescue
--- a/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb
+++ b/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb
@ -69,6 +69,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		if client.type == "meterpreter"
 			client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
 			begin
+				print_warning("#{@peer} - Deleting #{@upload_php}")
 				client.fs.file.rm(@upload_php)
 				print_good("#{@peer} - #{@upload_php} removed to stay ninja")
 			rescue
--- a/modules/exploits/unix/webapp/xoda_file_upload.rb
+++ b/modules/exploits/unix/webapp/xoda_file_upload.rb
@ -74,6 +74,7 @@ class Metasploit3 < Msf::Exploit::Remote
 	end

 	def on_new_session(client)
+		print_warning("Deleting #{@payload_name}")
 		if client.type == "meterpreter"
 			client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
 			client.fs.file.rm(@payload_name)
--- a/modules/exploits/windows/browser/hp_easy_printer_care_xmlcachemgr.rb
+++ b/modules/exploits/windows/browser/hp_easy_printer_care_xmlcachemgr.rb
@ -83,9 +83,9 @@ class Metasploit3 < Msf::Exploit::Remote
 		client.sys.process.execute(cmd, nil, {'Hidden' => true })

 		begin
-			print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
+			print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
 			client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
-			print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
+			print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
 			client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
 		rescue ::Exception => e
 			print_error("Exception: #{e.inspect}")
--- a/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb
+++ b/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb
@ -88,9 +88,9 @@ class Metasploit3 < Msf::Exploit::Remote
 		client.sys.process.execute(cmd, nil, {'Hidden' => true })

 		begin
-			print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
+			print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
 			client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
-			print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
+			print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
 			client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
 		rescue ::Exception => e
 			print_error("Exception: #{e.inspect}")
--- a/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb
+++ b/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb
@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")

 		begin
-			print_status("Deleting the vbs payload \"#{@stager_name}\" ...")
+			print_warning("Deleting the vbs payload \"#{@stager_name}\" ...")
 			client.fs.file.rm("#{@temp_folder}/#{@stager_name}")
 			print_good("The vbs stager has been deleted successfully")
 			print_status("The exe payload #{@temp_folder}/#{@payload_name}.exe must be removed manually")
--- a/modules/exploits/windows/http/avaya_ccr_imageupload_exec.rb
+++ b/modules/exploits/windows/http/avaya_ccr_imageupload_exec.rb
@ -65,6 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")

 		begin
+			print_warning("#{@peer} - Removing #{@payload_path}")
 			cli.fs.file.rm(@payload_path)
 			print_good("#{@peer} - #{@payload_path} deleted")
 		rescue ::Exception => e
--- a/modules/exploits/windows/http/cyclope_ess_sqli.rb
+++ b/modules/exploits/windows/http/cyclope_ess_sqli.rb
@ -96,14 +96,14 @@ class Metasploit3 < Msf::Exploit::Remote
 		cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")

 		begin
-			print_status("Deleting #{@php_fname}")
+			print_warning("Deleting #{@php_fname}")
 			cli.fs.file.rm(@php_fname)
 		rescue ::Exception => e
 			print_error("Please note: #{@php_fname} is stil on disk.")
 		end

 		begin
-			print_status("Deleting #{@exe_fname}")
+			print_warning("Deleting #{@exe_fname}")
 			cli.fs.file.rm(@exe_fname)
 		rescue ::Exception => e
 			print_error("Please note: #{@exe_fname} is still on disk.")
--- a/modules/exploits/windows/http/oracle_btm_writetofile.rb
+++ b/modules/exploits/windows/http/oracle_btm_writetofile.rb
@ -102,9 +102,9 @@ class Metasploit3 < Msf::Exploit::Remote
 		client.sys.process.execute(cmd, nil, {'Hidden' => true })

 		begin
-			print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
+			print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
 			client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
-			print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
+			print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
 			client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
 		rescue ::Exception => e
 			print_error("Exception: #{e.inspect}")
--- a/modules/exploits/windows/http/solarwinds_storage_manager_sql.rb
+++ b/modules/exploits/windows/http/solarwinds_storage_manager_sql.rb
@ -95,9 +95,9 @@ class Metasploit3 < Msf::Exploit::Remote
 		begin
 			jsp = @outpath.gsub(/\//, "\\\\")
 			jsp = jsp.gsub(/"/, "")
-			vprint_status("#{rhost}:#{rport} - Deleting: #{jsp}")
+			print_warning("#{rhost}:#{rport} - Deleting: #{jsp}")
 			cli.fs.file.rm(jsp)
-			print_status("#{rhost}:#{rport} - #{@jsp_name + '.jsp'} deleted")
+			print_good("#{rhost}:#{rport} - #{@jsp_name + '.jsp'} deleted")
 		rescue ::Exception => e
 			print_error("Unable to delete #{@jsp_name + '.jsp'}: #{e.message}")
 		end
--- a/modules/exploits/windows/http/umbraco_upload_aspx.rb
+++ b/modules/exploits/windows/http/umbraco_upload_aspx.rb
@ -79,10 +79,10 @@ class Metasploit3 < Msf::Exploit::Remote
 			end

 			files.each { |f|
-				print_status("#{@peer} - Deleting: #{f['path'] + "\\" + f['name']}")
+				print_warning("#{@peer} - Deleting: #{f['path'] + "\\" + f['name']}")
 				cli.fs.file.rm(f['path'] + "\\" + f['name'])
 			}
-			print_status("#{@peer} - #{aspx} deleted")
+			print_good("#{@peer} - #{aspx} deleted")
 		rescue ::Exception => e
 			print_error("Unable to delete #{aspx}: #{e.message}")
 		end
--- a/modules/exploits/windows/iis/ms01_026_dbldecode.rb
+++ b/modules/exploits/windows/iis/ms01_026_dbldecode.rb
@ -245,7 +245,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		cmd = "C:\\#{@win_dir}\\system32\\attrib.exe -r -h -s " + delete_me_too
 		client.sys.process.execute(cmd, nil, {'Hidden' => true })

-		print_status("Deleting #{delete_me_too} ...")
+		print_warning("Deleting #{delete_me_too} ...")
 		begin
 			client.fs.file.rm(delete_me_too)
 		rescue ::Exception => e
--- a/modules/exploits/windows/iis/msadc.rb
+++ b/modules/exploits/windows/iis/msadc.rb
@ -373,11 +373,11 @@ class Metasploit3 < Msf::Exploit::Remote

 		delete_me_too = "C:\\inetpub\\scripts\\" + @exe_payload # C:\ ?

-		print_status("Changing permissions on #{delete_me_too} ...")
+		print_warning("Changing permissions on #{delete_me_too} ...")
 		cmd = "C:\\#{sysdir[0]}\\system32\\attrib.exe -r -h -s " + delete_me_too # winnt ?
 		client.sys.process.execute(cmd, nil, {'Hidden' => true })

-		print_status("Deleting #{delete_me_too} ...")
+		print_warning("Deleting #{delete_me_too} ...")
 		begin
 			client.fs.file.rm(delete_me_too)
 		rescue ::Exception => e
--- a/modules/exploits/windows/mysql/scrutinizer_upload_exec.rb
+++ b/modules/exploits/windows/mysql/scrutinizer_upload_exec.rb
@ -146,14 +146,14 @@ class Metasploit3 < Msf::Exploit::Remote
 		cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")

 		begin
-			print_status("Deleting #{@php_fname}")
+			print_warning("Deleting #{@php_fname}")
 			cli.fs.file.rm(@php_fname)
 		rescue ::Exception => e
 			print_error("Please note: #{@php_fname} is stil on disk.")
 		end

 		begin
-			print_status("Deleting #{@exe_fname}")
+			print_warning("Deleting #{@exe_fname}")
 			cli.fs.file.rm(@exe_fname)
 		rescue ::Exception => e
 			print_error("Please note: #{@exe_fname} is still on disk.")