Module: Msf::Post::Linux::Process

Includes:
Process
Defined in:
lib/msf/core/post/linux/process.rb

Instance Method Summary collapse

Methods included from Process

#get_processes, #has_pid?, #kill_process, #meterpreter_get_processes, #pidof, #shell_get_processes

Methods included from File

#_append_file_powershell, #_append_file_unix_shell, #_can_echo?, #_read_file_meterpreter, #_read_file_powershell, #_read_file_powershell_fragment, #_shell_command_with_success_code, #_unix_max_line_length, #_win_ansi_append_file, #_win_ansi_write_file, #_win_bin_append_file, #_win_bin_write_file, #_write_file_meterpreter, #_write_file_powershell, #_write_file_powershell_fragment, #_write_file_unix_shell, #append_file, #attributes, #cd, #chmod, #copy_file, #dir, #directory?, #executable?, #exist?, #expand_path, #exploit_data, #exploit_source, #file?, #file_local_write, #file_remote_digestmd5, #file_remote_digestsha1, #file_remote_digestsha2, #immutable?, #mkdir, #pwd, #read_file, #readable?, #rename_file, #rm_f, #rm_rf, #setuid?, #stat, #upload_and_chmodx, #upload_file, #writable?, #write_file

Methods included from Common

#clear_screen, #cmd_exec, #cmd_exec_get_pid, #cmd_exec_with_result, #command_exists?, #get_env, #get_envs, #peer, #report_virtualization, #rhost, #rport

Instance Method Details

#initialize(info = {}) ⇒ Object



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# File 'lib/msf/core/post/linux/process.rb', line 12

def initialize(info = {})
  super(
    update_info(
      info,
      'Compat' => {
        'Meterpreter' => {
          'Commands' => %w[
            stdapi_sys_process_attach
            stdapi_sys_process_memory_read
            stdapi_sys_process_memory_search
          ]
        }
      }
    )
  )
end

#mem_read(base_address, length, pid: 0) ⇒ Object



34
35
36
37
# File 'lib/msf/core/post/linux/process.rb', line 34

def mem_read(base_address, length, pid: 0)
  proc_id = session.sys.process.open(pid, PROCESS_READ)
  data = proc_id.memory.read(base_address, length)
end

#mem_search_ascii(min_search_len, max_search_len, needles, pid: 0) ⇒ Object



29
30
31
32
# File 'lib/msf/core/post/linux/process.rb', line 29

def mem_search_ascii(min_search_len, max_search_len, needles, pid: 0)
  proc_id = session.sys.process.open(pid, PROCESS_READ)
  matches = proc_id.memory.search(needles, min_search_len, max_search_len)
end