Update cleanup method to check CWD

MS-2855/keylogger-mettle-extension
William Vu 2018-01-26 19:05:07 -06:00
parent e60aeca2db
commit da23432745
1 changed files with 12 additions and 6 deletions

View File

@ -61,13 +61,19 @@ module Exploit::FileDropper
@dropped_files.delete_if do |file| @dropped_files.delete_if do |file|
exists_before = file_dropper_exist?(session, file) exists_before = file_dropper_exist?(session, file)
if file_dropper_delete_file(session, file) if file_dropper_delete_file(session, file)
file_dropper_deleted?(session, file, exists_before) file_dropper_deleted?(session, file, exists_before)
end end
end end
@dropped_dirs.delete_if do |dir| @dropped_dirs.delete_if do |dir|
if file_dropper_check_cwd?(session, dir)
print_warning("Attempting to delete working directory #{dir}")
end
exists_before = file_dropper_exist?(session, dir) exists_before = file_dropper_exist?(session, dir)
if file_dropper_delete_dir(session, dir) if file_dropper_delete_dir(session, dir)
file_dropper_deleted?(session, dir, exists_before) file_dropper_deleted?(session, dir, exists_before)
end end
@ -110,6 +116,10 @@ module Exploit::FileDropper
# Check if dir_rm method is available (local exploit, mixin support, module support) # Check if dir_rm method is available (local exploit, mixin support, module support)
if respond_to?(:dir_rm) if respond_to?(:dir_rm)
@dropped_dirs.delete_if do |dir| @dropped_dirs.delete_if do |dir|
if respond_to?(:pwd) && pwd.include?(dir)
print_warning("Attempting to delete working directory #{dir}")
end
begin begin
dir_rm(dir) dir_rm(dir)
rescue ::Exception => e rescue ::Exception => e
@ -201,10 +211,6 @@ module Exploit::FileDropper
# @param [String] dir The directory to delete # @param [String] dir The directory to delete
# @return [Boolean] True if the delete command has been executed in the remote machine, otherwise false. # @return [Boolean] True if the delete command has been executed in the remote machine, otherwise false.
def file_dropper_delete_dir(session, dir) def file_dropper_delete_dir(session, dir)
if file_dropper_check_cwd?(session, dir)
print_warning("Attempting to delete working directory #{dir}")
end
win_dir = file_dropper_win_path(dir) win_dir = file_dropper_win_path(dir)
if session.type == 'meterpreter' if session.type == 'meterpreter'
@ -264,9 +270,9 @@ module Exploit::FileDropper
else else
pwd = pwd =
if session.platform == 'windows' if session.platform == 'windows'
session.shell_command_token('echo %cd%').strip session.shell_command_token('echo %cd%')
else else
session.shell_command_token('pwd').strip session.shell_command_token('pwd')
end end
# Check for subdirectories and relative paths # Check for subdirectories and relative paths