From c4ebf7b4f32bb1cb5688cf32c08af91a8ea84d15 Mon Sep 17 00:00:00 2001 From: Tim W Date: Sat, 1 Sep 2018 23:44:20 +0800 Subject: [PATCH] add meterpreter chmod command --- .../meterpreter/extensions/stdapi/fs/file.rb | 14 ++++++++++++++ .../post/meterpreter/extensions/stdapi/tlv.rb | 2 ++ .../ui/console/command_dispatcher/stdapi/fs.rb | 16 ++++++++++++++++ 3 files changed, 32 insertions(+) diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb index f7a320c232..75cb45d685 100644 --- a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb @@ -247,6 +247,20 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO alias copy cp end + # + # Performs a chmod on the remote file + # + def File.chmod(name, mode) + request = Packet.create_request('stdapi_fs_chmod') + + request.add_tlv(TLV_TYPE_FILE_PATH, client.unicode_filter_decode( name )) + request.add_tlv(TLV_TYPE_FILE_MODE_T, mode) + + response = client.send_request(request) + + return response + end + # # Upload one or more files to the remote remote directory supplied in # +destination+. diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb index d08caa3e90..228016cf3d 100644 --- a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +++ b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb @@ -46,6 +46,8 @@ TLV_TYPE_SEARCH_RECURSE = TLV_META_TYPE_BOOL | 1230 TLV_TYPE_SEARCH_GLOB = TLV_META_TYPE_STRING | 1231 TLV_TYPE_SEARCH_ROOT = TLV_META_TYPE_STRING | 1232 TLV_TYPE_SEARCH_RESULTS = TLV_META_TYPE_GROUP | 1233 + +TLV_TYPE_FILE_MODE_T = TLV_META_TYPE_UINT | 1234 ## # # Net diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb index 8f88e4a482..9ebf1ded1c 100644 --- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb @@ -89,6 +89,7 @@ class Console::CommandDispatcher::Stdapi::Fs 'rm' => 'Delete the specified file', 'mv' => 'Move source to destination', 'cp' => 'Copy source to destination', + 'chmod' => 'Change the permissions of a file', 'rmdir' => 'Remove directory', 'search' => 'Search for files', 'upload' => 'Upload a file or directory', @@ -115,6 +116,7 @@ class Console::CommandDispatcher::Stdapi::Fs 'rm' => ['stdapi_fs_delete_file'], 'mv' => ['stdapi_fs_file_move'], 'cp' => ['stdapi_fs_file_copy'], + 'chmod' => ['stdapi_fs_chmod'], 'search' => ['stdapi_fs_search'], 'upload' => [], 'show_mount' => ['stdapi_fs_mount_show'], @@ -398,6 +400,20 @@ class Console::CommandDispatcher::Stdapi::Fs alias :cmd_copy :cmd_cp alias :cmd_cp_tabs :cmd_cat_tabs + # + # Change the permissions on a remote file + # + def cmd_chmod(*args) + if (args.length != 2) + print_line("Usage: chmod permission file") + return true + end + file_path = args[1] + file_path = client.fs.file.expand_path(file_path) if file_path =~ PATH_EXPAND_REGEX + client.fs.file.chmod(file_path, args[0].to_i(8)) + return true + end + def cmd_download_help print_line("Usage: download [options] src1 src2 src3 ... destination") print_line