Module: Msf::Exploit::CmdStagerTFTP

Includes:
CmdStager, TFTPServer
Defined in:
lib/msf/core/exploit/cmdstager_tftp.rb

Overview

This mixin provides an interface for staging cmd to arbitrary payloads

Instance Attribute Summary

Attributes included from TFTPServer

#tftp

Instance Method Summary collapse

Methods included from TFTPServer

#start_service, #stop_service

Methods included from CmdStager

#generate_cmdstager, #progress

Methods included from EXE

#generate_payload_dll, #generate_payload_exe, #generate_payload_exe_service, #generate_payload_msi, #get_custom_exe, #get_eicar_exe

Instance Method Details

#create_stager(exe) ⇒ Object


29
30
31
# File 'lib/msf/core/exploit/cmdstager_tftp.rb', line 29

def create_stager(exe)
  Rex::Exploitation::CmdStagerTFTP.new(exe)
end

#execute_cmdstager(opts = {}) ⇒ Object


33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/msf/core/exploit/cmdstager_tftp.rb', line 33

def execute_cmdstager(opts = {})
  tftphost = datastore['TFTPHOST']
  tftphost ||= datastore['SRVHOST']
  tftphost ||= datastore['LHOST']

  @exe_tag = datastore['TFTPRSRC']
  @exe_tag ||= Rex::Text.rand_text_alphanumeric(8)

  opts.merge!({ :tftphost => tftphost, :transid => @exe_tag })

  super
end

#execute_cmdstager_begin(opts) ⇒ Object

Start the service and register the file


49
50
51
# File 'lib/msf/core/exploit/cmdstager_tftp.rb', line 49

def execute_cmdstager_begin(opts)
  start_service(@exe_tag, @exe)
end

#execute_cmdstager_end(opts) ⇒ Object

Stop the service


56
57
58
# File 'lib/msf/core/exploit/cmdstager_tftp.rb', line 56

def execute_cmdstager_end(opts)
  stop_service
end

#initialize(info = {}) ⇒ Object


19
20
21
22
23
24
25
26
27
# File 'lib/msf/core/exploit/cmdstager_tftp.rb', line 19

def initialize(info = {})
  super

  register_advanced_options(
    [
      OptString.new( 'TFTPHOST',  [ false, 'The address of the machine hosting the file via TFTP.' ]),
      OptString.new( 'TFTPRSRC',  [ false, 'The filename of the TFTP-hosted resource.' ]),
    ], self.class)
end

#payload_exeObject


60
61
62
63
# File 'lib/msf/core/exploit/cmdstager_tftp.rb', line 60

def payload_exe
  return nil if not @stager_instance
  @stager_instance.payload_exe
end