Module: Msf::Post::Linux::Compile

Includes:
Common, File, System, Unix
Defined in:
lib/msf/core/post/linux/compile.rb

Instance Method Summary collapse

Methods included from Unix

#enum_user_directories, #get_groups, #get_session_pid, #get_users, #is_root?, #whoami

Methods included from File

#_append_file_powershell, #_append_file_unix_shell, #_can_echo?, #_read_file_meterpreter, #_read_file_powershell, #_read_file_powershell_fragment, #_shell_command_with_success_code, #_shell_process_with_success_code, #_unix_max_line_length, #_win_ansi_append_file, #_win_ansi_write_file, #_win_bin_append_file, #_win_bin_write_file, #_write_file_meterpreter, #_write_file_powershell, #_write_file_powershell_fragment, #_write_file_unix_shell, #append_file, #attributes, #cd, #chmod, #copy_file, #dir, #directory?, #executable?, #exist?, #expand_path, #exploit_data, #exploit_source, #file?, #file_local_write, #file_remote_digestmd5, #file_remote_digestsha1, #file_remote_digestsha2, #immutable?, #mkdir, #pwd, #read_file, #readable?, #rename_file, #rm_f, #rm_rf, #setuid?, #stat, #upload_and_chmodx, #upload_file, #writable?, #write_file

Methods included from Common

#clear_screen, #cmd_exec, #cmd_exec_get_pid, #cmd_exec_with_result, #command_exists?, #create_process, #get_env, #get_envs, #peer, #report_virtualization, #rhost, #rport

Methods included from System

#get_container_type, #get_cpu_info, #get_hostname, #get_mount_path, #get_path, #get_shell_name, #get_shell_pid, #get_suid_files, #get_sysinfo, #glibc_version, #has_clang?, #has_gcc?, #interfaces, #ips, #listen_tcp_ports, #listen_udp_ports, #macs, #noexec?, #nosuid?, #protected_hardlinks?, #protected_symlinks?

Methods included from Auxiliary::Report

#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot

Methods included from Metasploit::Framework::Require

optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines

Instance Method Details

#get_compilerString?

Determines the available compiler on the target system.

Returns:

  • (String, nil)

    The name of the compiler ('gcc' or 'clang') if available, or nil if none are found.



23
24
25
26
27
28
29
30
31
# File 'lib/msf/core/post/linux/compile.rb', line 23

def get_compiler
  if has_gcc?
    return 'gcc'
  elsif has_clang?
    return 'clang'
  else
    return nil
  end
end

#initialize(info = {}) ⇒ Object



12
13
14
15
16
17
18
# File 'lib/msf/core/post/linux/compile.rb', line 12

def initialize(info = {})
  super
  register_options([
    OptEnum.new('COMPILE', [true, 'Compile on target', 'Auto', ['Auto', 'True', 'False']]),
    OptEnum.new('COMPILER', [true, 'Compiler to use on target', 'Auto', ['Auto', 'gcc', 'clang']]),
  ], self.class)
end

#live_compile?Boolean

Checks whether the target supports live compilation based on the module’s configuration and available tools.

Returns:

  • (Boolean)

    True if compilation is supported and a compiler is available; otherwise, False.

Raises:



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/msf/core/post/linux/compile.rb', line 37

def live_compile?
  return false unless %w[Auto True].include?(datastore['COMPILE'])

  if datastore['COMPILER'] == 'gcc' && has_gcc?
    vprint_good 'gcc is installed'
    return true
  elsif datastore['COMPILER'] == 'clang' && has_clang?
    vprint_good 'clang is installed'
    return true
  elsif datastore['COMPILER'] == 'Auto' && get_compiler.present?
    return true
  end

  unless datastore['COMPILE'] == 'Auto'
    fail_with Module::Failure::BadConfig, "#{datastore['COMPILER']} is not installed. Set COMPILE False to upload a pre-compiled executable."
  end

  false
end

#strip_comments(c_code) ⇒ String

Strips comments from C source code.

Parameters:

  • c_code (String)

    The C source code.

Returns:

  • (String)

    The C code with comments removed.



107
108
109
# File 'lib/msf/core/post/linux/compile.rb', line 107

def strip_comments(c_code)
  c_code.gsub(%r{/\*.*?\*/}m, '').gsub(%r{^\s*//.*$}, '')
end

#upload_and_compile(path, data, compiler_args = '') ⇒ Object

Uploads C code to the target, compiles it, and handles verification of the compiled binary.

Parameters:

  • path (String)

    The path where the compiled binary will be created.

  • data (String)

    The C code to compile.

  • compiler_args (String) (defaults to: '')

    Additional arguments for the compiler command.

Raises:



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# File 'lib/msf/core/post/linux/compile.rb', line 65

def upload_and_compile(path, data, compiler_args = '')
  compiler = datastore['COMPILER']
  if datastore['COMPILER'] == 'Auto'
    compiler = get_compiler
    fail_with(Module::Failure::BadConfig, 'Unable to find a compiler on the remote target.') if compiler.nil?
  end

  path = "#{path}.c" unless path.end_with?('.c')

  # only upload the file if a compiler exists
  write_file path.to_s, strip_comments(data)

  compiler_cmd = "#{compiler} -o '#{path.sub(/\.c$/, '')}' '#{path}'"
  if session.type == 'shell'
    compiler_cmd = "PATH=\"$PATH:/usr/bin/\" #{compiler_cmd}"
  end

  unless compiler_args.to_s.blank?
    compiler_cmd << " #{compiler_args}"
  end

  verification_token = Rex::Text.rand_text_alphanumeric(8)
  success = cmd_exec("#{compiler_cmd} && echo #{verification_token}")&.include?(verification_token)

  rm_f path.to_s

  unless success
    message = "#{path} failed to compile."
    # don't mention the COMPILE option if it was deregistered
    message << ' Set COMPILE to False to upload a pre-compiled executable.' if options.include?('COMPILE')
    fail_with Module::Failure::BadConfig, message
  end

  chmod path
end