add support for running post modules from the meterpreter prompt. options are set in the same way as the -o arg to run, e.g. run post/escalate/bypassuac LHOST=192.168.0.1
git-svn-id: file:///home/svn/framework3/trunk@11496 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
aafb30ba8c
commit
dbeae8df24
|
@ -21,6 +21,10 @@ class Post < Msf::Module
|
||||||
] , Msf::Post)
|
] , Msf::Post)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Grabs a session object from the framework or raises OptionValidateError
|
||||||
|
# if one doesn't exist.
|
||||||
|
#
|
||||||
def setup
|
def setup
|
||||||
@sysinfo = nil
|
@sysinfo = nil
|
||||||
@session = framework.sessions[datastore["SESSION"].to_i]
|
@session = framework.sessions[datastore["SESSION"].to_i]
|
||||||
|
|
|
@ -344,8 +344,23 @@ class Console::CommandDispatcher::Core
|
||||||
|
|
||||||
# Get the script name
|
# Get the script name
|
||||||
begin
|
begin
|
||||||
# the rest of the arguments get passed in through the binding
|
script_name = args.shift
|
||||||
client.execute_script(args.shift, args)
|
# First try it as a Post module if we have access to the Metasploit
|
||||||
|
# Framework instance. If we don't, or if no such module exists,
|
||||||
|
# fall back to using the scripting interface.
|
||||||
|
if (client.framework and mod = client.framework.modules.create(script_name))
|
||||||
|
opts = (args + [ "SESSION=#{client.sid}" ]).join(',')
|
||||||
|
print_status opts.inspect
|
||||||
|
mod.run_simple(
|
||||||
|
#'RunAsJob' => true,
|
||||||
|
'LocalInput' => shell.input,
|
||||||
|
'LocalOutput' => shell.output,
|
||||||
|
'OptionStr' => opts
|
||||||
|
)
|
||||||
|
else
|
||||||
|
# the rest of the arguments get passed in through the binding
|
||||||
|
client.execute_script(script_name, args)
|
||||||
|
end
|
||||||
rescue
|
rescue
|
||||||
print_error("Error in script: #{$!.class} #{$!}")
|
print_error("Error in script: #{$!.class} #{$!}")
|
||||||
elog("Error in script: #{$!.class} #{$!}")
|
elog("Error in script: #{$!.class} #{$!}")
|
||||||
|
|
|
@ -14,6 +14,8 @@ require 'rex'
|
||||||
|
|
||||||
class Metasploit3 < Msf::Post
|
class Metasploit3 < Msf::Post
|
||||||
|
|
||||||
|
include Post::Registry
|
||||||
|
|
||||||
def initialize(info={})
|
def initialize(info={})
|
||||||
super( update_info( info,
|
super( update_info( info,
|
||||||
'Name' => 'Get environment',
|
'Name' => 'Get environment',
|
||||||
|
@ -61,25 +63,12 @@ class Metasploit3 < Msf::Post
|
||||||
print_line "#{v}=#{session.fs.file.expand_path("\%#{v}\%")}"
|
print_line "#{v}=#{session.fs.file.expand_path("\%#{v}\%")}"
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
|
# Don't know what it is, hope it's unix
|
||||||
print_status sysinfo["OS"]
|
print_status sysinfo["OS"]
|
||||||
chan = session.sys.process.execute("/bin/sh -c env", nil, {"Channelized" => true})
|
chan = session.sys.process.execute("/bin/sh", "-c env", {"Channelized" => true})
|
||||||
print_line chan.read
|
print_line chan.read
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def registry_enumvals(key)
|
|
||||||
values = []
|
|
||||||
begin
|
|
||||||
vals = {}
|
|
||||||
root_key, base_key = session.sys.registry.splitkey(key)
|
|
||||||
open_key = session.sys.registry.open_key(root_key, base_key, KEY_READ)
|
|
||||||
vals = open_key.enum_value
|
|
||||||
vals.each { |val|
|
|
||||||
values << val.name
|
|
||||||
}
|
|
||||||
open_key.close
|
|
||||||
end
|
|
||||||
return values
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue