Module: Msf::Exploit::Local::Persistence

Defined in:
lib/msf/core/exploit/local/persistence.rb

Instance Method Summary collapse

Instance Method Details

#cleanupObject 



88
89
 
# File 'lib/msf/core/exploit/local/persistence.rb', line 88

def cleanup
end

#exploitObject 



26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/msf/core/exploit/local/persistence.rb', line 26

def exploit
  run_as_background = !datastore['DisablePayloadHandler']
  print_warning('Payload handler is disabled, the persistence will be installed only.') unless run_as_background

  # Call the install_persistence function
  # must be declared inside the persistence module
  install_persistence

  save_cleanup_rc if datastore['CleanUpRc'] && !@clean_up_rc.empty?

  @persistence_service.wait if run_as_background
end

#initialize(info = {}) ⇒ Object 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/msf/core/exploit/local/persistence.rb', line 5

def initialize(info = {})
  @persistence_service = Rex::Sync::Event.new(auto_reset = false)
  @clean_up_rc = ''
  super(
    update_info(
      info,
      'DefaultOptions' => {},
      # https://github.com/rapid7/metasploit-framework/pull/19676#discussion_r1907594308
      'Stance' => Msf::Exploit::Stance::Passive,
      'Passive' => true
    )
  )

  register_advanced_options(
    [
      OptString.new('WritableDir', [true, 'A directory where we can write files', '']),
      OptBool.new('CleanUpRc', [true, 'Create a cleanup resource file.', true])
    ]
  )
end

#install_persistenceObject 



56
57
58
 
# File 'lib/msf/core/exploit/local/persistence.rb', line 56

def install_persistence
  # to be overloaded by the module
end

#save_cleanup_rcObject 



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/msf/core/exploit/local/persistence.rb', line 60

def save_cleanup_rc
  host = session.sys.config.sysinfo['Computer']
  # Create Filename info to be appended to downloaded files
  filenameinfo = '_' + ::Time.now.strftime('%Y%m%d.%M%S')
  logs = ::File.join(Msf::Config.log_directory, 'persistence', Rex::FileUtils.clean_path(host + filenameinfo))
  # Create the log directory
  ::FileUtils.mkdir_p(logs)

  # logfile name
  clean_rc = logs + ::File::Separator + Rex::FileUtils.clean_path(host + filenameinfo) + '.rc'
  file_local_write(clean_rc, @clean_up_rc)

  print_status("Meterpreter-compatible Cleanup RC file: #{clean_rc}")

  report_note(host: host,
              type: 'host.persistance.cleanup',
              data: {
                local_id: session.sid,
                stype: session.type,
                desc: session.info,
                platform: session.platform,
                via_payload: session.via_payload,
                via_exploit: session.via_exploit,
                created_at: Time.now.utc,
                commands: @clean_up_rc
              })
end

#writable_dirObject 



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/msf/core/exploit/local/persistence.rb', line 39

def writable_dir
  # base the WritableDir default off of the persistence module path to avoid
  # needing to probe the target directly, or deal with one offs like ssh sessions
  return datastore['WritableDir'] unless datastore['WritableDir'].empty?

  mod_path = self.class.file_path.downcase.tr('\\', '/')

  if mod_path.include?('/windows/')
    '%TEMP%'
  elsif mod_path.include?('/multi/')
    print_warning('Please set the WritableDir datastore option or the module is likely to fail')
    ''
  else
    '/tmp/'
  end
end