allow the mixin to auto detect an available decoder binary

zeroSteiner · zeroSteiner · commit b178ce1895d3 · 2013-01-12T17:31:11.000-05:00
diff --git a/lib/msf/core/exploit/cmdstager_bourne.rb b/lib/msf/core/exploit/cmdstager_bourne.rb
@@ -21,7 +21,7 @@ def initialize(info = {})
 
 		register_advanced_options(
 			[
-				OptEnum.new( 'DECODER',  [ true, 'The decoding binary to use', 'base64', ['base64', 'openssl', 'python', 'perl']]),
+				OptEnum.new( 'DECODER',  [ false, 'The decoding binary to use', 'auto', ['auto', 'base64', 'openssl', 'python', 'perl']]),
 			], self.class)
 	end
 
@@ -30,8 +30,29 @@ def create_stager(exe)
 	end
 
 	def generate_cmdstager(opts = {}, pl = nil)
-		opts.merge!({ :decoder => datastore['DECODER'] })
 		available_decoders = ['base64', 'openssl', 'python', 'perl']
+		opts.merge!({ :decoder => datastore['DECODER'] })
+
+		if opts[:decoder] == 'auto'
+			if self.respond_to? :execute_command_with_feedback
+				available_decoders.each do |bin|
+					which_result = execute_command_with_feedback("which #{bin}", opts).to_s
+					which_result = which_result.strip
+					if which_result.split.length == 1 and which_result.end_with?(bin)
+						opts[:decoder] = bin
+						break
+					end
+				end
+			end
+
+			if opts[:decoder] == 'auto'
+				print_error("Could not detect an appropriate decoder, try setting the DECODER option")
+				raise ArgumentError
+			else
+				print_status("Command Stager using auto-detected decoder: #{opts[:decoder]}")
+			end
+		end
+
 		if not available_decoders.include?(opts[:decoder])
 			print_error("Decoder must be one of #{available_decoders.join(', ')}")
 			raise ArgumentError
diff --git a/lib/rex/exploitation/cmdstager/bourne.rb b/lib/rex/exploitation/cmdstager/bourne.rb
@@ -65,7 +65,6 @@ def parts_to_commands(parts, opts)
 		cmds
 	end
 
-
 	#
 	# Generate the commands that will decode the file we just created
 	#
diff --git a/modules/exploits/multi/ssh/sshexec.rb b/modules/exploits/multi/ssh/sshexec.rb
@@ -79,10 +79,20 @@ def initialize
 		)
 	end
 
-	def execute_command(cmd, opts)
+	def execute_command(cmd, opts = {})
 		begin
 			Timeout.timeout(3) do
-				self.ssh_socket.exec!(cmd)
+				self.ssh_socket.exec!("#{cmd}\n")
+			end
+		rescue ::Exception
+		end
+	end
+
+	def execute_command_with_feedback(cmd, opts = {})
+		begin
+			Timeout.timeout(3) do
+				feedback = self.ssh_socket.exec!("#{cmd}\n")
+				return feedback
 			end
 		rescue ::Exception
 		end

Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,6 @@ def parts_to_commands(parts, opts)`
`65`	`65`	`cmds`
`66`	`66`	`end`
`67`	`67`
`68`		`-`
`69`	`68`	`#`
`70`	`69`	`# Generate the commands that will decode the file we just created`
`71`	`70`	`#`