Add file_stat to linux shell sessions #15251
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
smcintyre-r7
requested changes
May 26, 2021
pingport80
force-pushed
the
add_stat_operation
branch
from
baaf984
to
7a5ee66
Compare
smcintyre-r7
approved these changes
May 28, 2021
There was a problem hiding this comment.
Changes look good to me! I tested a Windows Meterpreter, Windows shell, Python Meterpreter on Linux and a Linux shell session.
Each one behaved as I would expect. The exception in the output is due to Windows shell sessions not being supported yet which is fine since it raises a NotImplementedError.
Testing Output
msf6 post(windows/gather/credentials/gpp) > irb
[*] You are in post/windows/gather/credentials/gpp
irb: warn: can't alias ls from irb_ls.
>> stat('C:\\Users')
=> #<#<Class:0x00007f07a47ee0c0>:0x00000000087d4cd8 @stathash={"st_dev"=>0, "st_mode"=>16749, "st_nlink"=>0, "st_uid"=>0, "st_gid"=>0, "st_rdev"=>0, "st_ino"=>0, "st_size"=>4096, "st_atime"=>1622225745, "st_mtime"=>1585758963, "st_ctime"=>1536991766}>
>> exit
msf6 post(windows/gather/credentials/gpp) > set SESSION 2
SESSION => 2
[*] Starting IRB shell...
[*] You are in post/windows/gather/credentials/gpp
>> stat('C:\\Users')
Traceback (most recent call last):
25: from ./msfconsole:23:in `<main>'
24: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/metasploit/framework/command/base.rb:82:in `start'
23: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/metasploit/framework/command/console.rb:48:in `start'
22: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/shell.rb:157:in `run'
21: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/dispatcher_shell.rb:475:in `run_single'
20: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/dispatcher_shell.rb:475:in `each'
19: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/dispatcher_shell.rb:481:in `block in run_single'
18: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/dispatcher_shell.rb:532:in `run_command'
17: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/msf/ui/console/command_dispatcher/developer.rb:116:in `cmd_irb'
16: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/irb_shell.rb:52:in `run'
15: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/irb_shell.rb:52:in `catch'
14: from /home/smcintyre/Repositories/metasploit-framework.pr/lib/rex/ui/text/irb_shell.rb:53:in `block in run'
1: from (irb):1:in `<main>'
/home/smcintyre/Repositories/metasploit-framework.pr/lib/msf/core/post/file.rb:691:in `stat': NotImplementedError (NotImplementedError)
>> exit
msf6 post(windows/gather/credentials/gpp) > set SESSION 3
SESSION => 3
msf6 post(windows/gather/credentials/gpp) > irb
[*] Starting IRB shell...
[*] You are in post/windows/gather/credentials/gpp
>> stat('/etc')
=> #<#<Class:0x0000000009044558>:0x0000000005916ab8 @stathash={"st_dev"=>64768, "st_mode"=>16877, "st_nlink"=>190, "st_uid"=>0, "st_gid"=>0, "st_rdev"=>0, "st_ino"=>1441793, "st_size"=>12288, "st_atime"=>1622205354, "st_mtime"=>1622205328, "st_ctime"=>1622205328}>
>> exit
msf6 post(windows/gather/credentials/gpp) > set SESSION 4
SESSION => 4
msf6 post(windows/gather/credentials/gpp) > irb
[*] Starting IRB shell...
[*] You are in post/windows/gather/credentials/gpp
>> stat('/etc/')
=> #<Msf::Post::File::FileStat:0x00007f07a5380960 @stathash={"st_dev"=>64768, "st_ino"=>1441793, "st_nlink"=>190, "st_uid"=>0, "st_gid"=>0, "st_rdev"=>0, "st_size"=>12288, "st_blksize"=>512, "st_blocks"=>4096, "st_atime"=>1622205354, "st_mtime"=>1622205328, "st_ctime"=>1622205328, "st_mode"=>16877}>
>>
update file.rb and file_stat.rb update file_stat.rb fix Zeitwerk:NameError upadte `setuid?` to use stat Update lib/msf/core/post/file_stat.rb Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com> add inheritance and change time conversions to integers Update lib/msf/core/post/file.rb Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com> add some checks fix one error in `Rex::Post::FileStat` add NotImplemented raise
smcintyre-r7
force-pushed
the
add_stat_operation
branch
from
7a5ee66
to
d998990
Compare
Release NotesAdded support for obtaining a stat object from the Post API via shell sessions when the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds
FileStatclass for linux systems which can be used to create a stat object containing information about a specific file similar to stat in meterpreter file system API.Verification Steps