From 8d8bc45dfd22357f54552ecb1c0cb3dbdad6e468 Mon Sep 17 00:00:00 2001
From: HD Moore <hd_moore@rapid7.com>
Date: Tue, 27 Oct 2009 00:47:00 +0000
Subject: [PATCH] Adds a shortcut for getting a shell (execute -f cmd -c -i -H)
 is now just "shell"

git-svn-id: file:///home/svn/framework3/trunk@7288 4d416f70-5f16-0410-b530-b9f4589650da
---
 .../ui/console/command_dispatcher/stdapi/sys.rb      | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
index f3adfbd94b..52b73dd306 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
@@ -55,6 +55,7 @@ class Console::CommandDispatcher::Stdapi::Sys
 			"reg"      => "Modify and interact with the remote registry",
 			"rev2self" => "Calls RevertToSelf() on the remote machine",
 			"sysinfo"  => "Gets information about the remote system, such as OS",
+			"shell"    => "Drop into a system command shell",
 			"shutdown" => "Shuts down the remote computer",
 		}
 	end
@@ -132,6 +133,17 @@ class Console::CommandDispatcher::Stdapi::Sys
 		end
 	end
 
+
+	#
+	# Drop into a system shell as specified by %COMSPEC%
+	#
+	def cmd_shell(*args)
+		path = client.fs.file.expand_path("%COMSPEC%")
+		path = (path and not path.empty?) ? path : "cmd.exe"
+		cmd_execute("-f", path, "-c", "-H", "-i")
+	end
+	
+	
 	#
 	# Gets the process identifier that meterpreter is running in on the remote
 	# machine.