github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-03-24 18:16:24 +01:00
Code Releases Activity

made ls prettier/faster

Browse Source 
git-svn-id: file:///home/svn/incoming/trunk@2821 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
Matt Miller 2005-07-23 17:52:29 +00:00
parent f4407c8918
commit c6e5dbfb43
1 changed files with 70 additions and 2 deletions

72
c/meterpreter/source/extensions/stdapi/server/fs/dir.c

@ -1,4 +1,5 @@
#include "precomp.h" #include "precomp.h"
#include <sys/stat.h>
/* /*
* Gets the contents of a given directory path and returns the list of file * Gets the contents of a given directory path and returns the list of file
@ -13,7 +14,10 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
Packet *response = packet_create_response(packet); Packet *response = packet_create_response(packet);
LPCSTR directory; LPCSTR directory;
DWORD result = ERROR_SUCCESS; DWORD result = ERROR_SUCCESS;
LPSTR expanded = NULL; LPSTR expanded = NULL, tempFile = NULL;
DWORD tempFileSize = 0;
LPSTR baseDirectory = NULL;
struct stat buf;
directory = packet_get_tlv_value_string(packet, TLV_TYPE_DIRECTORY_PATH); directory = packet_get_tlv_value_string(packet, TLV_TYPE_DIRECTORY_PATH);
@ -36,9 +40,35 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
result = ERROR_NOT_ENOUGH_MEMORY; result = ERROR_NOT_ENOUGH_MEMORY;
goto out; goto out;
} }
sprintf(tempDirectory, "%s\\*", directory); sprintf(tempDirectory, "%s\\*", directory);
// Dupe!
if (!(baseDirectory = strdup(directory)))
{
result = ERROR_NOT_ENOUGH_MEMORY;
goto out;
}
}
// Otherwise, if it does have an asterisk, we need to scan back and find
// the base directory. If there is no slash, it means we're listing the
// cwd.
else
{
PCHAR slash = strrchr(directory, '\\');
if (slash)
{
*slash = 0;
if (!(baseDirectory = strdup(directory)))
{
result = ERROR_NOT_ENOUGH_MEMORY;
goto out;
}
*slash = '\\';
}
} }
// Expand the path // Expand the path
@ -53,6 +83,8 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
do do
{ {
DWORD fullSize = (baseDirectory ? strlen(baseDirectory) : 0) + strlen(data.cFileName) + 2;
// No context? Sucktastic // No context? Sucktastic
if (ctx == INVALID_HANDLE_VALUE) if (ctx == INVALID_HANDLE_VALUE)
{ {
@ -60,9 +92,42 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
break; break;
} }
// Allocate temporary storage to stat the file
if ((!tempFile) ||
(tempFileSize < fullSize))
{
if (tempFile)
free(tempFile);
// No memory means we suck a lot like spoon's mom
if (!(tempFile = (LPSTR)malloc(fullSize)))
{
result = ERROR_NOT_ENOUGH_MEMORY;
break;
}
// Update the tempFileSize so that we don't allocate if we don't
// need to like a true efficient ninja
tempFileSize = fullSize;
}
// Build the full path
if (baseDirectory)
sprintf(tempFile, "%s\\%s", baseDirectory, data.cFileName);
else
sprintf(tempFile, "%s", data.cFileName);
// Add the file name to the response // Add the file name to the response
packet_add_tlv_string(response, TLV_TYPE_FILE_NAME, packet_add_tlv_string(response, TLV_TYPE_FILE_NAME,
data.cFileName); data.cFileName);
// Add the full path
packet_add_tlv_string(response, TLV_TYPE_FILE_PATH,
tempFile);
// Stat the file to get more information about it.
if (stat(tempFile, &buf) >= 0)
packet_add_tlv_raw(response, TLV_TYPE_STAT_BUF, &buf,
sizeof(buf));
} while (FindNextFile(ctx, &data)); } while (FindNextFile(ctx, &data));
@ -77,6 +142,9 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
free(expanded); free(expanded);
out: out:
if (baseDirectory)
free(baseDirectory);
// Set the result and transmit the response // Set the result and transmit the response
packet_add_tlv_uint(response, TLV_TYPE_RESULT, result); packet_add_tlv_uint(response, TLV_TYPE_RESULT, result);