Warn user if a file/permission is being modified during new session
parent
f1423bf0b4
commit
799c22554e
|
@ -70,6 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def on_new_session(client)
|
||||
print_warning("Deleting temp.php")
|
||||
if client.type == "meterpreter"
|
||||
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
|
||||
client.fs.file.rm("temp.php")
|
||||
|
|
|
@ -109,7 +109,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
res = client.fs.file.search(nil, "currencies.php", true, -1)
|
||||
res.each do |hit|
|
||||
filename = "#{hit['path']}/#{hit['name']}"
|
||||
print_status("#{peer} - Restoring #{filename}")
|
||||
print_warning("#{peer} - Restoring #{filename}")
|
||||
client.fs.file.rm(filename)
|
||||
fd = client.fs.file.new(filename, "wb")
|
||||
fd.write(currencies_php)
|
||||
|
|
|
@ -94,7 +94,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
@clean_files.each do |f|
|
||||
print_status("#{@peer} - Removing: #{f}")
|
||||
print_warning("#{@peer} - Removing: #{f}")
|
||||
begin
|
||||
if cli.type == 'meterpreter'
|
||||
cli.fs.file.rm(f)
|
||||
|
|
|
@ -130,7 +130,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
def on_new_session(client)
|
||||
if target['Platform'] == 'linux'
|
||||
print_status("Deleting #{@payload_exe} payload file")
|
||||
print_warning("Deleting #{@payload_exe} payload file")
|
||||
execute_command("/bin/sh@-c@rm #{@payload_exe}")
|
||||
else
|
||||
print_status("Windows does not allow running executables to be deleted")
|
||||
|
|
|
@ -182,7 +182,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
return
|
||||
end
|
||||
|
||||
print_status("Deleting the #{@payload_exe} file")
|
||||
print_warning("Deleting the #{@payload_exe} file")
|
||||
client.fs.file.rm(@payload_exe)
|
||||
|
||||
end
|
||||
|
|
|
@ -140,6 +140,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def on_new_session(client)
|
||||
print_warning("Deleting #{@token}.php")
|
||||
if client.type == "meterpreter"
|
||||
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
|
||||
client.fs.file.rm("#{@token}.php")
|
||||
|
|
|
@ -80,8 +80,14 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
return
|
||||
end
|
||||
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
|
||||
|
||||
begin
|
||||
print_warning("Deleting: #{@target_path}")
|
||||
cli.fs.file.rm(@target_path)
|
||||
print_status("#{@target_path} removed")
|
||||
print_good("#{@target_path} removed")
|
||||
rescue
|
||||
print_error("Unable to delete: #{@target_path}")
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
|
|
|
@ -65,6 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
f = "pathCache.php"
|
||||
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
|
||||
begin
|
||||
print_warning("#{@peer} - Deleting #{f}")
|
||||
client.fs.file.rm(f)
|
||||
print_good("#{@peer} - #{f} removed to stay ninja")
|
||||
rescue
|
||||
|
|
|
@ -69,6 +69,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
if client.type == "meterpreter"
|
||||
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
|
||||
begin
|
||||
print_warning("#{@peer} - Deleting #{@upload_php}")
|
||||
client.fs.file.rm(@upload_php)
|
||||
print_good("#{@peer} - #{@upload_php} removed to stay ninja")
|
||||
rescue
|
||||
|
|
|
@ -74,6 +74,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def on_new_session(client)
|
||||
print_warning("Deleting #{@payload_name}")
|
||||
if client.type == "meterpreter"
|
||||
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
|
||||
client.fs.file.rm(@payload_name)
|
||||
|
|
|
@ -83,9 +83,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
client.sys.process.execute(cmd, nil, {'Hidden' => true })
|
||||
|
||||
begin
|
||||
print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
|
||||
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
|
||||
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
|
||||
print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
|
||||
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
|
||||
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
|
||||
rescue ::Exception => e
|
||||
print_error("Exception: #{e.inspect}")
|
||||
|
|
|
@ -88,9 +88,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
client.sys.process.execute(cmd, nil, {'Hidden' => true })
|
||||
|
||||
begin
|
||||
print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
|
||||
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
|
||||
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
|
||||
print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
|
||||
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
|
||||
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
|
||||
rescue ::Exception => e
|
||||
print_error("Exception: #{e.inspect}")
|
||||
|
|
|
@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
|
||||
|
||||
begin
|
||||
print_status("Deleting the vbs payload \"#{@stager_name}\" ...")
|
||||
print_warning("Deleting the vbs payload \"#{@stager_name}\" ...")
|
||||
client.fs.file.rm("#{@temp_folder}/#{@stager_name}")
|
||||
print_good("The vbs stager has been deleted successfully")
|
||||
print_status("The exe payload #{@temp_folder}/#{@payload_name}.exe must be removed manually")
|
||||
|
|
|
@ -65,6 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
|
||||
|
||||
begin
|
||||
print_warning("#{@peer} - Removing #{@payload_path}")
|
||||
cli.fs.file.rm(@payload_path)
|
||||
print_good("#{@peer} - #{@payload_path} deleted")
|
||||
rescue ::Exception => e
|
||||
|
|
|
@ -96,14 +96,14 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
|
||||
|
||||
begin
|
||||
print_status("Deleting #{@php_fname}")
|
||||
print_warning("Deleting #{@php_fname}")
|
||||
cli.fs.file.rm(@php_fname)
|
||||
rescue ::Exception => e
|
||||
print_error("Please note: #{@php_fname} is stil on disk.")
|
||||
end
|
||||
|
||||
begin
|
||||
print_status("Deleting #{@exe_fname}")
|
||||
print_warning("Deleting #{@exe_fname}")
|
||||
cli.fs.file.rm(@exe_fname)
|
||||
rescue ::Exception => e
|
||||
print_error("Please note: #{@exe_fname} is still on disk.")
|
||||
|
|
|
@ -102,9 +102,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
client.sys.process.execute(cmd, nil, {'Hidden' => true })
|
||||
|
||||
begin
|
||||
print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
|
||||
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
|
||||
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
|
||||
print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
|
||||
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
|
||||
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
|
||||
rescue ::Exception => e
|
||||
print_error("Exception: #{e.inspect}")
|
||||
|
|
|
@ -95,9 +95,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
begin
|
||||
jsp = @outpath.gsub(/\//, "\\\\")
|
||||
jsp = jsp.gsub(/"/, "")
|
||||
vprint_status("#{rhost}:#{rport} - Deleting: #{jsp}")
|
||||
print_warning("#{rhost}:#{rport} - Deleting: #{jsp}")
|
||||
cli.fs.file.rm(jsp)
|
||||
print_status("#{rhost}:#{rport} - #{@jsp_name + '.jsp'} deleted")
|
||||
print_good("#{rhost}:#{rport} - #{@jsp_name + '.jsp'} deleted")
|
||||
rescue ::Exception => e
|
||||
print_error("Unable to delete #{@jsp_name + '.jsp'}: #{e.message}")
|
||||
end
|
||||
|
|
|
@ -79,10 +79,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
files.each { |f|
|
||||
print_status("#{@peer} - Deleting: #{f['path'] + "\\" + f['name']}")
|
||||
print_warning("#{@peer} - Deleting: #{f['path'] + "\\" + f['name']}")
|
||||
cli.fs.file.rm(f['path'] + "\\" + f['name'])
|
||||
}
|
||||
print_status("#{@peer} - #{aspx} deleted")
|
||||
print_good("#{@peer} - #{aspx} deleted")
|
||||
rescue ::Exception => e
|
||||
print_error("Unable to delete #{aspx}: #{e.message}")
|
||||
end
|
||||
|
|
|
@ -245,7 +245,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
cmd = "C:\\#{@win_dir}\\system32\\attrib.exe -r -h -s " + delete_me_too
|
||||
client.sys.process.execute(cmd, nil, {'Hidden' => true })
|
||||
|
||||
print_status("Deleting #{delete_me_too} ...")
|
||||
print_warning("Deleting #{delete_me_too} ...")
|
||||
begin
|
||||
client.fs.file.rm(delete_me_too)
|
||||
rescue ::Exception => e
|
||||
|
|
|
@ -373,11 +373,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
delete_me_too = "C:\\inetpub\\scripts\\" + @exe_payload # C:\ ?
|
||||
|
||||
print_status("Changing permissions on #{delete_me_too} ...")
|
||||
print_warning("Changing permissions on #{delete_me_too} ...")
|
||||
cmd = "C:\\#{sysdir[0]}\\system32\\attrib.exe -r -h -s " + delete_me_too # winnt ?
|
||||
client.sys.process.execute(cmd, nil, {'Hidden' => true })
|
||||
|
||||
print_status("Deleting #{delete_me_too} ...")
|
||||
print_warning("Deleting #{delete_me_too} ...")
|
||||
begin
|
||||
client.fs.file.rm(delete_me_too)
|
||||
rescue ::Exception => e
|
||||
|
|
|
@ -146,14 +146,14 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
|
||||
|
||||
begin
|
||||
print_status("Deleting #{@php_fname}")
|
||||
print_warning("Deleting #{@php_fname}")
|
||||
cli.fs.file.rm(@php_fname)
|
||||
rescue ::Exception => e
|
||||
print_error("Please note: #{@php_fname} is stil on disk.")
|
||||
end
|
||||
|
||||
begin
|
||||
print_status("Deleting #{@exe_fname}")
|
||||
print_warning("Deleting #{@exe_fname}")
|
||||
cli.fs.file.rm(@exe_fname)
|
||||
rescue ::Exception => e
|
||||
print_error("Please note: #{@exe_fname} is still on disk.")
|
||||
|
|
Loading…
Reference in New Issue