Land rapid7#9443, Add warning to FileDropper for deleting CWD

Author: busterb

lib/msf/core/exploit/file_dropper.rb

@@ -61,13 +61,19 @@ def on_new_session(session)
 
     @dropped_files.delete_if do |file|
       exists_before = file_dropper_exist?(session, file)
+
       if file_dropper_delete_file(session, file)
         file_dropper_deleted?(session, file, exists_before)
       end
     end
 
     @dropped_dirs.delete_if do |dir|
+      if file_dropper_check_cwd?(session, dir)
+        print_warning("Attempting to delete working directory #{dir}")
+      end
+
       exists_before = file_dropper_exist?(session, dir)
+
       if file_dropper_delete_dir(session, dir)
         file_dropper_deleted?(session, dir, exists_before)
       end
@@ -110,6 +116,10 @@ def cleanup
     # Check if dir_rm method is available (local exploit, mixin support, module support)
     if respond_to?(:dir_rm)
       @dropped_dirs.delete_if do |dir|
+        if respond_to?(:pwd) && pwd.include?(dir)
+          print_warning("Attempting to delete working directory #{dir}")
+        end
+
         begin
           dir_rm(dir)
         rescue ::Exception => e
@@ -250,6 +260,28 @@ def file_dropper_deleted?(session, path, exists_before)
     end
   end
 
+  # Check if the path being removed is the same as the working directory
+  #
+  # @param [String] path The path to check
+  # @return [Boolean] true if the path is the same, otherwise false
+  def file_dropper_check_cwd?(session, path)
+    if session.type == 'meterpreter'
+      return true if path == session.fs.dir.pwd
+    else
+      pwd =
+        if session.platform == 'windows'
+          session.shell_command_token('echo %cd%')
+        else
+          session.shell_command_token('pwd')
+        end
+
+      # Check for subdirectories and relative paths
+      return true if pwd.include?(path)
+    end
+
+    false
+  end
+
   # Converts a path to use the windows separator '\'
   #
   # @param [String] path The path to convert