Module: Msf::Exploit::CmdStager

Overview

This mixin provides an interface to generating cmdstagers

Instance Method Summary collapse

Methods included from EXE

#generate_payload_dll, #generate_payload_exe, #generate_payload_exe_service, #generate_payload_msi, #get_custom_exe, #get_eicar_exe

Instance Method Details

#execute_cmdstager(opts = {}) ⇒ Object

Execute the command stager while showing the progress


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# File 'lib/msf/core/exploit/cmdstager.rb', line 30

def execute_cmdstager(opts = {})
  cmd_list = generate_cmdstager(opts)

  execute_cmdstager_begin(opts)

  sent = 0
  total_bytes = 0
  cmd_list.each { |cmd| total_bytes += cmd.length }

  delay = opts[:delay]
  delay ||= 0.25

  cmd_list.each do |cmd|
    execute_command(cmd, opts)
    sent += cmd.length

    # In cases where a server has multiple threads, we want to be sure that
    # commands we execute happen in the correct (serial) order.
    ::IO.select(nil, nil, nil, delay)

    progress(total_bytes, sent)
  end

  execute_cmdstager_end(opts)
end

#execute_cmdstager_begin(opts) ⇒ Object

Methods to override - not used internally


90
91
# File 'lib/msf/core/exploit/cmdstager.rb', line 90

def execute_cmdstager_begin(opts)
end

#execute_cmdstager_end(opts) ⇒ Object


92
93
# File 'lib/msf/core/exploit/cmdstager.rb', line 92

def execute_cmdstager_end(opts)
end

#generate_cmdstager(opts = {}, pl = nil) ⇒ Object

Generates a cmd stub based on the current target's architecture and operating system.


61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# File 'lib/msf/core/exploit/cmdstager.rb', line 61

def generate_cmdstager(opts = {}, pl = nil)
  pl ||= payload.encoded

  @exe = generate_payload_exe

  @stager_instance = create_stager(@exe)
  cmd_list = @stager_instance.generate(opts)

  if (cmd_list.nil? or cmd_list.length < 1)
    print_error("The command stager could not be generated")
    raise ArgumentError
  end

  @cmd_list = cmd_list
end

#initialize(info = {}) ⇒ Object

Creates an instance of an exploit that uses an CmdStager overwrite.


20
21
22
23
24
# File 'lib/msf/core/exploit/cmdstager.rb', line 20

def initialize(info = {})
  super
  @cmd_list = nil
  @stager_instance = nil
end

#progress(total, sent) ⇒ Object

Show the progress of the upload


81
82
83
84
85
# File 'lib/msf/core/exploit/cmdstager.rb', line 81

def progress(total, sent)
  done = (sent.to_f / total.to_f) * 100
  percent = "%3.2f%%" % done.to_f
  print_status("Command Stager progress - %7s done (%d/%d bytes)" % [percent, sent, total])
end