Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move command_exists? to Msf::Post::Common #11339

Merged
merged 2 commits into from
Feb 1, 2019
Merged

Move command_exists? to Msf::Post::Common #11339

merged 2 commits into from
Feb 1, 2019

Conversation

wvu
Copy link
Contributor

@wvu wvu commented Feb 1, 2019
edited
Loading

And add rudimentary Windows support.

meterpreter > run post/linux/gather/hashdump

[+] vagrant:$6$pjYWAc.5$QYfO.wN80gnGe2kC1jYmSTGmO/qelG1CMl6ubKMbDQt9b1TEKZ648PQGI7VC88XE3ObdPBswUavsC1eDVZunJ.:1000:1000:,,,:/home/vagrant:/bin/bash
[+] Unshadowed Password File: /Users/wvu/.msf4/loot/20190131221240_default_172.28.128.3_linux.hashes_959802.txt
meterpreter >

[1] pry(#<Msf::Modules::Post__Linux__Gather__Hashdump::MetasploitModule>)> command_exists?('calc')
=> true
[2] pry(#<Msf::Modules::Post__Linux__Gather__Hashdump::MetasploitModule>)> command_exists?('nope')
=> false
[3] pry(#<Msf::Modules::Post__Linux__Gather__Hashdump::MetasploitModule>)>

Fixes #11334, hopefully. See #10119 for the regression.

@wvu wvu requested review from bcoles and h00die February 1, 2019 04:09
bcoles
bcoles approved these changes Feb 1, 2019
View reviewed changes
Copy link
Contributor

@bcoles bcoles left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems legit. I, personally, don't care about Windows support.

@wvu
Copy link
Contributor Author

wvu commented Feb 1, 2019

It's in Msf::Post::Common, so I figured I'd give it something extra. If you want to drop Windows support, move it out of Common.

@bcoles
Copy link
Contributor

bcoles commented Feb 1, 2019

It's in Msf::Post::Common, so I figured I'd give it something extra. If you want to drop Windows support, move it out of Common.

Windows support makes sense and is good. I don't care whether the implementation is sane.

@bcoles
Copy link
Contributor

bcoles commented Feb 1, 2019
edited
Loading

This probably won't fix the 3 instances of command_exists? in the File API.

https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/post/file.rb

Fortunately, most modules which make use of Post File also import Post Common.

@wvu
Copy link
Contributor Author

wvu commented Feb 1, 2019
edited
Loading

I read some docs, found some shit, and wrote it up. I'll post the test results in the PR description, but I don't care if the Windows implementation gets tested, and I'm not going to put more effort into it.

Let's fix the outstanding issue.

@wvu
Copy link
Contributor Author

wvu commented Feb 1, 2019

Msf::Post::Common is included in Msf::PostMixin, which is included by all post modules and local exploits.

@bcoles bcoles self-assigned this Feb 1, 2019
@bcoles bcoles merged commit 62560f9 into rapid7:master Feb 1, 2019
bcoles added a commit that referenced this pull request Feb 1, 2019
@bcoles
Land #11339, Move command_exists? method to Msf::Post::Common
d9e3fb7
@bcoles
Copy link
Contributor

bcoles commented Feb 1, 2019
edited by gdavidson-r7
Loading

Release Notes

This fix moves the command_exists? method to Msf::Post::Common.

msjenkins-r7 pushed a commit that referenced this pull request Feb 1, 2019
@bcoles @msjenkins-r7
Land #11339, Move command_exists? method to Msf::Post::Common
5d6fb3e
@wvu
Copy link
Contributor Author

wvu commented Feb 1, 2019

Thanks!

@wvu wvu deleted the bug/post branch February 1, 2019 16:44
@h00die
Copy link
Contributor

h00die commented Feb 1, 2019

Thanks team for handling this!
Should I resubmit my PR, or just put a note to incorporate this first?

@h00die h00die mentioned this pull request Feb 1, 2019
Merged
@wvu
Copy link
Contributor Author

wvu commented Feb 1, 2019

I'm not sure I understand. Base your work against master.

@bcoles
Copy link
Contributor

bcoles commented Feb 1, 2019

@h00die I'd go with option 2: leave a note.

@gdavidson-r7 gdavidson-r7 added the rn-fix release notes fix label Feb 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcoles bcoles bcoles approved these changes

@h00die h00die Awaiting requested review from h00die

Assignees

@bcoles bcoles

Labels
bug library rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@wvu @bcoles @h00die @gdavidson-r7