Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Addition of yum package manager module and documentation #11673

Merged
merged 12 commits into from
Apr 30, 2019
Merged

Addition of yum package manager module and documentation #11673

merged 12 commits into from
Apr 30, 2019

Conversation

aringo
Copy link
Contributor

@aringo aringo commented Apr 1, 2019

This module will run a payload when the Yum package manager is updated. Module allows for easy modification of a plugin. Could redo to automatically pick a plugin, but currently set to most popular default plugin.

Verification

  • Start msfconsole
  • Get a privileged session on a target that uses the Yum package manger
  • use exploit/linux/local/yum_package_manager_persistence
  • Choose a payload and set options
  • exploit
  • Verify Fail if plugins are not enabled
  • Verify Fail if plugin does not exist, is not enabled
  • Verify Wrote plugin , wrote binary
  • Verify fail if no permissions to write plugin or binary
  • use exploit/multi/handler/
  • Choose a payload and set options
  • run
  • On target run sudo yum update
  • Verify Caught a root session
  • Documentation Included

bcoles
bcoles reviewed Apr 19, 2019
View reviewed changes
documentation/modules/exploit/linux/local/yum_package_manager_persistence.md Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
bcoles and others added 7 commits April 20, 2019 17:46
@bcoles @aringo
Update documentation/modules/exploit/linux/local/yum_package_manager_…
68bc5f6 
…persistence.md


PLUGIN

Co-Authored-By: aringo <ringo.aaron@gmail.com>
@bcoles @aringo
Update modules/exploits/linux/local/yum_package_manager_persistence.rb
1c09282 
PLUGIN

Co-Authored-By: aringo <ringo.aaron@gmail.com>
@bcoles @aringo
Update modules/exploits/linux/local/yum_package_manager_persistence.rb
11d174a 
PLUGIN

Co-Authored-By: aringo <ringo.aaron@gmail.com>
@bcoles @aringo
Update modules/exploits/linux/local/yum_package_manager_persistence.rb
0c22da8 
Co-Authored-By: aringo <ringo.aaron@gmail.com>
@bcoles @aringo
Update modules/exploits/linux/local/yum_package_manager_persistence.rb
f715816 
Co-Authored-By: aringo <ringo.aaron@gmail.com>
@aringo
modified plugin_ran and path generated for plugin.conf
335c175
@aringo
Added fail with if plugins were not enabled
5e4af9c
jrobles-r7
jrobles-r7 reviewed Apr 25, 2019
View reviewed changes
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
modules/exploits/linux/local/yum_package_manager_persistence.rb Outdated Show resolved Hide resolved
@aringo
Changed some formatting based on feedback and rubocop, added default…
09022f3 
… payload of python - python exists for yum to work
@aringo
Copy link
Contributor Author

aringo commented Apr 26, 2019

Updated based on formatting/rubocop suggestions.

@jrobles-r7 @aringo
Update modules/exploits/linux/local/yum_package_manager_persistence.rb
652e4b0 
Changed date format

Co-Authored-By: aringo <ringo.aaron@gmail.com>
@jrobles-r7 jrobles-r7 self-assigned this Apr 26, 2019
@jrobles-r7 jrobles-r7 merged commit e5cb003 into rapid7:master Apr 30, 2019
jrobles-r7 added a commit that referenced this pull request Apr 30, 2019
@jrobles-r7
Land #11673, Add yum persistence module
6c29da6
@jrobles-r7
Copy link
Contributor

jrobles-r7 commented Apr 30, 2019
edited by gdavidson-r7
Loading

Release Notes

The linux/local/yum_package_manager_persistence exploit module has been added to the framework.
This module modifies a specified Yum plugin for persistence on the target system.

msjenkins-r7 pushed a commit that referenced this pull request Apr 30, 2019
@jrobles-r7 @msjenkins-r7
Land #11673, Add yum persistence module
c2322a9
@gdavidson-r7 gdavidson-r7 added the rn-modules release notes for new or majorly enhanced modules label May 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcoles bcoles bcoles left review comments

@jrobles-r7 jrobles-r7 jrobles-r7 left review comments

Assignees

@jrobles-r7 jrobles-r7

Labels
docs module rn-modules release notes for new or majorly enhanced modules
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@aringo @jrobles-r7 @bcoles @gdavidson-r7