Land rapid7#3505, a bunch o' Linux post module fixes

wvu · wvu · commit 79603c9a733c · 2014-07-11T12:39:31.000-05:00
diff --git a/lib/msf/core/post/common.rb b/lib/msf/core/post/common.rb
@@ -110,6 +110,7 @@ def cmd_exec(cmd, args=nil, time_out=15)
         break if d == ""
         o << d
       end
+      o.chomp! if o
       process.channel.close
       process.close
     when /shell/
diff --git a/modules/post/linux/gather/enum_configs.rb b/modules/post/linux/gather/enum_configs.rb
@@ -23,8 +23,8 @@ def initialize(info={})
         [
           'ohdae <bindshell[at]live.com>',
         ],
-      'Platform'      => [ 'linux' ],
-      'SessionTypes'  => [ 'shell' ]
+      'Platform'      => ['linux'],
+      'SessionTypes'  => ['shell', 'meterpreter']
     ))
   end
 
@@ -74,7 +74,7 @@ def find_configs
 
     configs.each do |f|
       output = read_file("#{f}")
-      save(f,  output) if output !~ /No such file or directory/
+      save(f,  output) if output && output !~ /No such file or directory/
     end
   end
 end
diff --git a/modules/post/linux/gather/enum_network.rb b/modules/post/linux/gather/enum_network.rb
@@ -26,8 +26,8 @@ def initialize(info={})
             'ohdae <bindshell[at]live.com>', # minor additions, modifications & testing
             'Stephen Haywood <averagesecurityguy[at]gmail.com>', # enum_linux
           ],
-        'Platform'      => [ 'linux' ],
-        'SessionTypes'  => [ 'shell' ]
+        'Platform'      => ['linux'],
+        'SessionTypes'  => ['shell', 'meterpreter']
       ))
   end
 
diff --git a/modules/post/linux/gather/enum_protections.rb b/modules/post/linux/gather/enum_protections.rb
@@ -28,8 +28,8 @@ def initialize(info={})
         [
           'ohdae <bindshell[at]live.com>'
         ],
-      'Platform'      => [ 'linux' ],
-      'SessionTypes'  => [ 'shell' ]
+      'Platform'      => ['linux'],
+      'SessionTypes'  => ['shell', 'meterpreter']
     ))
   end
 
diff --git a/modules/post/linux/gather/enum_system.rb b/modules/post/linux/gather/enum_system.rb
@@ -29,8 +29,8 @@ def initialize(info={})
             'ohdae <bindshell[at]live.com>', # Combined separate mods, modifications and testing
             'Roberto Espreto <robertoespreto[at]gmail.com>', # log files and setuid/setgid
           ],
-        'Platform'      => [ 'linux' ],
-        'SessionTypes'  => [ 'shell' ]
+        'Platform'      => ['linux'],
+        'SessionTypes'  => ['shell', 'meterpreter']
       ))
 
   end
diff --git a/modules/post/linux/gather/enum_users_history.rb b/modules/post/linux/gather/enum_users_history.rb
@@ -26,8 +26,8 @@ def initialize(info={})
             # based largely on get_bash_history function by Stephen Haywood
             'ohdae <bindshell[at]live.com>'
           ],
-        'Platform'      => [ 'linux' ],
-        'SessionTypes'  => [ 'shell' ]
+        'Platform'      => ['linux'],
+        'SessionTypes'  => ['shell', 'meterpreter']
       ))
 
   end
@@ -49,8 +49,8 @@ def run
     last = execute("/usr/bin/last && /usr/bin/lastlog")
     sudoers = cat_file("/etc/sudoers")
 
-    save("Last logs", last)
-    save("Sudoers", sudoers) unless sudoers =~ /Permission denied/
+    save("Last logs", last) unless last.nil?
+    save("Sudoers", sudoers) unless sudoers.nil? || sudoers =~ /Permission denied/
   end
 
   def save(msg, data, ctype="text/plain")
@@ -96,13 +96,13 @@ def get_bash_history(users, user)
           hist = cat_file("/home/#{u}/.bash_history")
         end
 
-        save("History for #{u}", hist) unless hist =~ /No such file or directory/
+        save("History for #{u}", hist) unless hist.nil? || hist =~ /No such file or directory/
       end
     else
       vprint_status("Extracting history for #{user}")
       hist = cat_file("/home/#{user}/.bash_history")
       vprint_status(hist)
-      save("History for #{user}", hist) unless hist =~ /No such file or directory/
+      save("History for #{user}", hist) unless hist.nil? || hist =~ /No such file or directory/
     end
   end
 
@@ -118,19 +118,19 @@ def get_sql_history(users, user)
           sql_hist = cat_file("/home/#{u}/.mysql_history")
         end
 
-        save("History for #{u}", sql_hist) unless sql_hist =~ /No such file or directory/
+        save("History for #{u}", sql_hist) unless sql_hist.nil? || sql_hist =~ /No such file or directory/
       end
     else
       vprint_status("Extracting SQL history for #{user}")
       sql_hist = cat_file("/home/#{user}/.mysql_history")
-      vprint_status(sql_hist)
-      save("SQL History for #{user}", sql_hist) unless sql_hist =~ /No such file or directory/
+      vprint_status(sql_hist) if sql_hist
+      save("SQL History for #{user}", sql_hist) unless sql_hist.nil? || sql_hist =~ /No such file or directory/
     end
   end
 
   def get_vim_history(users, user)
     if user == "root" and users != nil
-      users = users.chomp.split()
+      users = users.chomp.split
       users.each do |u|
         if u == "root"
           vprint_status("Extracting VIM history for #{u}")
@@ -140,13 +140,13 @@ def get_vim_history(users, user)
           vim_hist = cat_file("/home/#{u}/.viminfo")
         end
 
-        save("VIM History for #{u}", vim_hist) unless vim_hist =~ /No such file or directory/
+        save("VIM History for #{u}", vim_hist) unless vim_hist.nil? || vim_hist =~ /No such file or directory/
       end
     else
       vprint_status("Extracting history for #{user}")
       vim_hist = cat_file("/home/#{user}/.viminfo")
       vprint_status(vim_hist)
-      save("VIM History for #{user}", vim_hist) unless vim_hist =~ /No such file or directory/
+      save("VIM History for #{user}", vim_hist) unless vim_hist.nil? || vim_hist =~ /No such file or directory/
     end
   end
 end
diff --git a/modules/post/linux/gather/enum_xchat.rb b/modules/post/linux/gather/enum_xchat.rb
@@ -20,11 +20,11 @@ def initialize(info={})
         .log files.
       },
       'License'       => MSF_LICENSE,
-      'Author'        => [ 'sinn3r'],
-      'Platform'      => [ 'linux' ],
+      'Author'        => ['sinn3r'],
+      'Platform'      => ['linux'],
       # linux meterpreter is too busted to support right now,
       # will come back and add support once it's more usable.
-      'SessionTypes'  => [ 'shell' ],
+      'SessionTypes'  => ['shell', 'meterpreter'],
       'Actions'       =>
         [
           ['CONFIGS', { 'Description' => 'Collect XCHAT\'s config files' } ],
@@ -62,7 +62,7 @@ def get_file(file)
   end
 
   def whoami
-    user = cmd_exec("whoami").chomp
+    user = cmd_exec("/usr/bin/whoami").chomp
     return user
   end
 
@@ -120,7 +120,7 @@ def get_configs(base)
     files.each do |f|
       vprint_status("#{@peer} - Downloading: #{base + f}")
       buf = read_file(base + f)
-      next if buf.empty?
+      next if buf.blank?
       config << {
         :filename => f,
         :data     => buf
@@ -139,7 +139,7 @@ def run
     @peer = "#{session.session_host}:#{session.session_port}"
 
     user = whoami
-    if user.nil?
+    if user.blank?
       print_error("#{@peer} - Unable to get username, abort.")
       return
     end
@@ -149,8 +149,8 @@ def run
     configs  = get_configs(base)  if action.name =~ /ALL|CONFIGS/i
     chatlogs = get_chatlogs(base) if action.name =~ /ALL|CHATS/i
 
-    save(:configs, configs)   if not configs.empty?
-    save(:chatlogs, chatlogs) if not chatlogs.empty?
+    save(:configs, configs)   unless configs.empty?
+    save(:chatlogs, chatlogs) unless chatlogs.empty?
   end
 
 end
diff --git a/modules/post/linux/gather/hashdump.rb b/modules/post/linux/gather/hashdump.rb
@@ -16,11 +16,10 @@ def initialize(info={})
         'Name'          => 'Linux Gather Dump Password Hashes for Linux Systems',
         'Description'   => %q{ Post Module to dump the password hashes for all users on a Linux System},
         'License'       => MSF_LICENSE,
-        'Author'        => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
-        'Platform'      => [ 'linux' ],
-        'SessionTypes'  => [ 'shell' ]
+        'Author'        => ['Carlos Perez <carlos_perez[at]darkoperator.com>'],
+        'Platform'      => ['linux'],
+        'SessionTypes'  => ['shell', 'meterpreter']
       ))
-
   end
 
   # Run Method for when run command is issued
@@ -43,11 +42,9 @@ def run
       # Save pwd file
       upassf = store_loot("linux.hashes", "text/plain", session, john_file, "unshadowed_passwd.pwd", "Linux Unshadowed Password File")
       print_good("Unshadowed Password File: #{upassf}")
-
     else
       print_error("You must run this module as root!")
     end
-
   end
 
   def unshadow(pf,sf)
@@ -63,6 +60,8 @@ def unshadow(pf,sf)
         end
       end
     end
-    return unshadowed
+
+    unshadowed
   end
+
 end
diff --git a/modules/post/linux/gather/mount_cifs_creds.rb b/modules/post/linux/gather/mount_cifs_creds.rb
@@ -11,16 +11,16 @@ class Metasploit3 < Msf::Post
 
   def initialize(info={})
     super( update_info( info,
-        'Name'          => 'Linux Gather Saved mount.cifs/mount.smbfs Credentials',
-        'Description'   => %q{
-          Post Module to obtain credentials saved for mount.cifs/mount.smbfs in
-          /etc/fstab on a Linux system.
-        },
-        'License'       => MSF_LICENSE,
-        'Author'        => [ 'Jon Hart <jhart[at]spoofed.org>'],
-        'Platform'      => [ 'linux' ],
-        'SessionTypes'  => [ 'shell' ]
-      ))
+      'Name'          => 'Linux Gather Saved mount.cifs/mount.smbfs Credentials',
+      'Description'   => %q{
+        Post Module to obtain credentials saved for mount.cifs/mount.smbfs in
+        /etc/fstab on a Linux system.
+      },
+      'License'       => MSF_LICENSE,
+      'Author'        => ['Jon Hart <jhart[at]spoofed.org>'],
+      'Platform'      => ['linux'],
+      'SessionTypes'  => ['shell', 'meterpreter']
+    ))
   end
 
   def run
diff --git a/modules/post/linux/manage/download_exec.rb b/modules/post/linux/manage/download_exec.rb
@@ -15,24 +15,23 @@ def initialize(info={})
     super( update_info( info,
       'Name'          => 'Linux Manage Download and Execute',
       'Description'   => %q{
-          This module downloads and runs a file with bash. It first tries to uses curl as
-        its HTTP client and then wget if it's not found. Bash found in the PATH is used to
-        execute the file.
+        This module downloads and runs a file with bash. It first tries to uses curl as
+        its HTTP client and then wget if it's not found. Bash found in the PATH is used
+        to execute the file.
       },
       'License'       => MSF_LICENSE,
       'Author'        =>
         [
           'Joshua D. Abraham <jabra[at]praetorian.com>',
         ],
-      'Platform'      => [ 'linux' ],
-      'SessionTypes'  => [ 'shell' ]
+      'Platform'      => ['linux'],
+      'SessionTypes'  => ['shell', 'meterpreter']
     ))
 
     register_options(
       [
         OptString.new('URL', [true, 'Full URL of file to download.'])
       ], self.class)
-
   end
 
   def cmd_exec_vprint(cmd)
