Warn user if a file/permission is being modified during new session

unstable
sinn3r 2012-10-24 00:54:17 -05:00
parent f1423bf0b4
commit 799c22554e
21 changed files with 36 additions and 24 deletions

View File

@ -70,6 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def on_new_session(client)
print_warning("Deleting temp.php")
if client.type == "meterpreter"
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
client.fs.file.rm("temp.php")

View File

@ -109,7 +109,7 @@ class Metasploit3 < Msf::Exploit::Remote
res = client.fs.file.search(nil, "currencies.php", true, -1)
res.each do |hit|
filename = "#{hit['path']}/#{hit['name']}"
print_status("#{peer} - Restoring #{filename}")
print_warning("#{peer} - Restoring #{filename}")
client.fs.file.rm(filename)
fd = client.fs.file.new(filename, "wb")
fd.write(currencies_php)

View File

@ -94,7 +94,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
@clean_files.each do |f|
print_status("#{@peer} - Removing: #{f}")
print_warning("#{@peer} - Removing: #{f}")
begin
if cli.type == 'meterpreter'
cli.fs.file.rm(f)

View File

@ -130,7 +130,7 @@ class Metasploit3 < Msf::Exploit::Remote
def on_new_session(client)
if target['Platform'] == 'linux'
print_status("Deleting #{@payload_exe} payload file")
print_warning("Deleting #{@payload_exe} payload file")
execute_command("/bin/sh@-c@rm #{@payload_exe}")
else
print_status("Windows does not allow running executables to be deleted")

View File

@ -182,7 +182,7 @@ class Metasploit3 < Msf::Exploit::Remote
return
end
print_status("Deleting the #{@payload_exe} file")
print_warning("Deleting the #{@payload_exe} file")
client.fs.file.rm(@payload_exe)
end

View File

@ -140,6 +140,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def on_new_session(client)
print_warning("Deleting #{@token}.php")
if client.type == "meterpreter"
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
client.fs.file.rm("#{@token}.php")

View File

@ -80,8 +80,14 @@ class Metasploit3 < Msf::Exploit::Remote
return
end
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
begin
print_warning("Deleting: #{@target_path}")
cli.fs.file.rm(@target_path)
print_status("#{@target_path} removed")
print_good("#{@target_path} removed")
rescue
print_error("Unable to delete: #{@target_path}")
end
end

View File

@ -65,6 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
f = "pathCache.php"
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
begin
print_warning("#{@peer} - Deleting #{f}")
client.fs.file.rm(f)
print_good("#{@peer} - #{f} removed to stay ninja")
rescue

View File

@ -69,6 +69,7 @@ class Metasploit3 < Msf::Exploit::Remote
if client.type == "meterpreter"
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
begin
print_warning("#{@peer} - Deleting #{@upload_php}")
client.fs.file.rm(@upload_php)
print_good("#{@peer} - #{@upload_php} removed to stay ninja")
rescue

View File

@ -74,6 +74,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def on_new_session(client)
print_warning("Deleting #{@payload_name}")
if client.type == "meterpreter"
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
client.fs.file.rm(@payload_name)

View File

@ -83,9 +83,9 @@ class Metasploit3 < Msf::Exploit::Remote
client.sys.process.execute(cmd, nil, {'Hidden' => true })
begin
print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
rescue ::Exception => e
print_error("Exception: #{e.inspect}")

View File

@ -88,9 +88,9 @@ class Metasploit3 < Msf::Exploit::Remote
client.sys.process.execute(cmd, nil, {'Hidden' => true })
begin
print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
rescue ::Exception => e
print_error("Exception: #{e.inspect}")

View File

@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
begin
print_status("Deleting the vbs payload \"#{@stager_name}\" ...")
print_warning("Deleting the vbs payload \"#{@stager_name}\" ...")
client.fs.file.rm("#{@temp_folder}/#{@stager_name}")
print_good("The vbs stager has been deleted successfully")
print_status("The exe payload #{@temp_folder}/#{@payload_name}.exe must be removed manually")

View File

@ -65,6 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
begin
print_warning("#{@peer} - Removing #{@payload_path}")
cli.fs.file.rm(@payload_path)
print_good("#{@peer} - #{@payload_path} deleted")
rescue ::Exception => e

View File

@ -96,14 +96,14 @@ class Metasploit3 < Msf::Exploit::Remote
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
begin
print_status("Deleting #{@php_fname}")
print_warning("Deleting #{@php_fname}")
cli.fs.file.rm(@php_fname)
rescue ::Exception => e
print_error("Please note: #{@php_fname} is stil on disk.")
end
begin
print_status("Deleting #{@exe_fname}")
print_warning("Deleting #{@exe_fname}")
cli.fs.file.rm(@exe_fname)
rescue ::Exception => e
print_error("Please note: #{@exe_fname} is still on disk.")

View File

@ -102,9 +102,9 @@ class Metasploit3 < Msf::Exploit::Remote
client.sys.process.execute(cmd, nil, {'Hidden' => true })
begin
print_status("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
print_status("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
rescue ::Exception => e
print_error("Exception: #{e.inspect}")

View File

@ -95,9 +95,9 @@ class Metasploit3 < Msf::Exploit::Remote
begin
jsp = @outpath.gsub(/\//, "\\\\")
jsp = jsp.gsub(/"/, "")
vprint_status("#{rhost}:#{rport} - Deleting: #{jsp}")
print_warning("#{rhost}:#{rport} - Deleting: #{jsp}")
cli.fs.file.rm(jsp)
print_status("#{rhost}:#{rport} - #{@jsp_name + '.jsp'} deleted")
print_good("#{rhost}:#{rport} - #{@jsp_name + '.jsp'} deleted")
rescue ::Exception => e
print_error("Unable to delete #{@jsp_name + '.jsp'}: #{e.message}")
end

View File

@ -79,10 +79,10 @@ class Metasploit3 < Msf::Exploit::Remote
end
files.each { |f|
print_status("#{@peer} - Deleting: #{f['path'] + "\\" + f['name']}")
print_warning("#{@peer} - Deleting: #{f['path'] + "\\" + f['name']}")
cli.fs.file.rm(f['path'] + "\\" + f['name'])
}
print_status("#{@peer} - #{aspx} deleted")
print_good("#{@peer} - #{aspx} deleted")
rescue ::Exception => e
print_error("Unable to delete #{aspx}: #{e.message}")
end

View File

@ -245,7 +245,7 @@ class Metasploit3 < Msf::Exploit::Remote
cmd = "C:\\#{@win_dir}\\system32\\attrib.exe -r -h -s " + delete_me_too
client.sys.process.execute(cmd, nil, {'Hidden' => true })
print_status("Deleting #{delete_me_too} ...")
print_warning("Deleting #{delete_me_too} ...")
begin
client.fs.file.rm(delete_me_too)
rescue ::Exception => e

View File

@ -373,11 +373,11 @@ class Metasploit3 < Msf::Exploit::Remote
delete_me_too = "C:\\inetpub\\scripts\\" + @exe_payload # C:\ ?
print_status("Changing permissions on #{delete_me_too} ...")
print_warning("Changing permissions on #{delete_me_too} ...")
cmd = "C:\\#{sysdir[0]}\\system32\\attrib.exe -r -h -s " + delete_me_too # winnt ?
client.sys.process.execute(cmd, nil, {'Hidden' => true })
print_status("Deleting #{delete_me_too} ...")
print_warning("Deleting #{delete_me_too} ...")
begin
client.fs.file.rm(delete_me_too)
rescue ::Exception => e

View File

@ -146,14 +146,14 @@ class Metasploit3 < Msf::Exploit::Remote
cli.core.use("stdapi") if not cli.ext.aliases.include?("stdapi")
begin
print_status("Deleting #{@php_fname}")
print_warning("Deleting #{@php_fname}")
cli.fs.file.rm(@php_fname)
rescue ::Exception => e
print_error("Please note: #{@php_fname} is stil on disk.")
end
begin
print_status("Deleting #{@exe_fname}")
print_warning("Deleting #{@exe_fname}")
cli.fs.file.rm(@exe_fname)
rescue ::Exception => e
print_error("Please note: #{@exe_fname} is still on disk.")