mirror of
https://github.com/rapid7/metasploit-payloads
synced 2025-01-08 14:36:22 +01:00
stdapi_fs_file_copy
This commit is contained in:
parent
116823c271
commit
db85f099c3
@ -381,7 +381,7 @@ DWORD request_fs_sha1(Remote *remote, Packet *packet)
|
||||
}
|
||||
|
||||
/*
|
||||
* Copies source file path to destination
|
||||
* Moves source file path to destination
|
||||
*
|
||||
* req: TLV_TYPE_FILE_PATH - The file path to expand
|
||||
*/
|
||||
@ -403,3 +403,27 @@ DWORD request_fs_file_move(Remote *remote, Packet *packet)
|
||||
|
||||
return packet_transmit_response(result, remote, response);
|
||||
}
|
||||
|
||||
/*
|
||||
* Copies source file path to destination
|
||||
*
|
||||
* req: TLV_TYPE_FILE_PATH - The file path to expand
|
||||
*/
|
||||
DWORD request_fs_file_copy(Remote *remote, Packet *packet)
|
||||
{
|
||||
Packet *response = packet_create_response(packet);
|
||||
DWORD result = ERROR_SUCCESS;
|
||||
char *oldpath;
|
||||
char *newpath;
|
||||
|
||||
oldpath = packet_get_tlv_value_string(packet, TLV_TYPE_FILE_NAME);
|
||||
newpath = packet_get_tlv_value_string(packet, TLV_TYPE_FILE_PATH);
|
||||
|
||||
if (!oldpath) {
|
||||
result = ERROR_INVALID_PARAMETER;
|
||||
} else {
|
||||
result = fs_copy(oldpath, newpath);
|
||||
}
|
||||
|
||||
return packet_transmit_response(result, remote, response);
|
||||
}
|
||||
|
@ -21,6 +21,7 @@ DWORD request_fs_search( Remote * remote, Packet * packet );
|
||||
DWORD request_fs_md5(Remote *remote, Packet *packet);
|
||||
DWORD request_fs_sha1(Remote *remote, Packet *packet);
|
||||
DWORD request_fs_file_move(Remote *remote, Packet *packet);
|
||||
DWORD request_fs_file_copy(Remote *remote, Packet *packet);
|
||||
DWORD request_fs_mount_show(Remote *remote, Packet *packet);
|
||||
|
||||
/*
|
||||
|
@ -59,6 +59,8 @@ int fs_mkdir(const char *directory);
|
||||
|
||||
int fs_move(const char *oldpath, const char *newpath);
|
||||
|
||||
int fs_copy(const char *oldpath, const char *newpath);
|
||||
|
||||
/*
|
||||
* Fills the platform-independent meterp_stat buf with data from the
|
||||
* platform-dependent stat()
|
||||
|
@ -102,6 +102,35 @@ int fs_move(const char *oldpath, const char *newpath)
|
||||
return ERROR_SUCCESS;
|
||||
}
|
||||
|
||||
int fs_copy(const char *oldpath, const char *newpath)
|
||||
{
|
||||
FILE* f1 = fopen(oldpath, "rb");
|
||||
if (f1 == NULL) {
|
||||
return ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
FILE* f2 = fopen(newpath, "wb");
|
||||
if (f2 == NULL) {
|
||||
fclose(f1);
|
||||
return ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
char buffer[4096];
|
||||
size_t n;
|
||||
while ((n = fread(buffer, sizeof(char), sizeof(buffer), f1)) > 0)
|
||||
{
|
||||
if (fwrite(buffer, sizeof(char), n, f2) != n) {
|
||||
fclose(f1);
|
||||
fclose(f2);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
fclose(f1);
|
||||
fclose(f2);
|
||||
return ERROR_SUCCESS;
|
||||
}
|
||||
|
||||
int fs_stat(char *filename, struct meterp_stat *buf)
|
||||
{
|
||||
struct stat sbuf;
|
||||
|
@ -214,6 +214,27 @@ out:
|
||||
return rc;
|
||||
}
|
||||
|
||||
int fs_copy(const char *oldpath, const char *newpath)
|
||||
{
|
||||
int rc = ERROR_SUCCESS;
|
||||
wchar_t *old_w = utf8_to_wchar(oldpath);
|
||||
wchar_t *new_w = utf8_to_wchar(newpath);
|
||||
|
||||
if ((old_w == NULL) || (new_w == NULL)) {
|
||||
rc = GetLastError();
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (CopyFileW(old_w, new_w, 0) == 0) {
|
||||
rc = GetLastError();
|
||||
}
|
||||
|
||||
out:
|
||||
free(old_w);
|
||||
free(new_w);
|
||||
return rc;
|
||||
}
|
||||
|
||||
int fs_mkdir(const char *directory)
|
||||
{
|
||||
int rc = ERROR_SUCCESS;
|
||||
|
@ -42,6 +42,7 @@ Command customCommands[] =
|
||||
COMMAND_REQ("stdapi_fs_stat", request_fs_stat),
|
||||
COMMAND_REQ("stdapi_fs_file_expand_path", request_fs_file_expand_path),
|
||||
COMMAND_REQ("stdapi_fs_file_move", request_fs_file_move),
|
||||
COMMAND_REQ("stdapi_fs_file_copy", request_fs_file_copy),
|
||||
COMMAND_REQ("stdapi_fs_md5", request_fs_md5),
|
||||
COMMAND_REQ("stdapi_fs_sha1", request_fs_sha1),
|
||||
#ifdef _WIN32
|
||||
|
@ -110,6 +110,7 @@ public class AndroidMeterpreter extends Meterpreter {
|
||||
mgr.registerCommand("stdapi_fs_delete_file", stdapi_fs_delete_file.class);
|
||||
mgr.registerCommand("stdapi_fs_file_expand_path", stdapi_fs_file_expand_path_android.class);
|
||||
mgr.registerCommand("stdapi_fs_file_move", stdapi_fs_file_move.class);
|
||||
mgr.registerCommand("stdapi_fs_file_copy", stdapi_fs_file_copy.class);
|
||||
mgr.registerCommand("stdapi_fs_getwd", stdapi_fs_getwd.class);
|
||||
mgr.registerCommand("stdapi_fs_ls", stdapi_fs_ls.class);
|
||||
mgr.registerCommand("stdapi_fs_mkdir", stdapi_fs_mkdir.class);
|
||||
|
@ -32,6 +32,7 @@ public class Loader implements ExtensionLoader {
|
||||
mgr.registerCommand("stdapi_fs_delete_file", stdapi_fs_delete_file.class);
|
||||
mgr.registerCommand("stdapi_fs_file_expand_path", stdapi_fs_file_expand_path.class, V1_2, V1_5); // %COMSPEC% only
|
||||
mgr.registerCommand("stdapi_fs_file_move", stdapi_fs_file_move.class);
|
||||
mgr.registerCommand("stdapi_fs_file_copy", stdapi_fs_file_copy.class);
|
||||
mgr.registerCommand("stdapi_fs_getwd", stdapi_fs_getwd.class);
|
||||
mgr.registerCommand("stdapi_fs_ls", stdapi_fs_ls.class);
|
||||
mgr.registerCommand("stdapi_fs_mkdir", stdapi_fs_mkdir.class);
|
||||
|
@ -0,0 +1,32 @@
|
||||
package com.metasploit.meterpreter.stdapi;
|
||||
|
||||
import com.metasploit.meterpreter.Meterpreter;
|
||||
import com.metasploit.meterpreter.TLVPacket;
|
||||
import com.metasploit.meterpreter.TLVType;
|
||||
import com.metasploit.meterpreter.command.Command;
|
||||
|
||||
import java.io.*;
|
||||
|
||||
public class stdapi_fs_file_copy implements Command {
|
||||
|
||||
public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception {
|
||||
String oldpath = request.getStringValue(TLVType.TLV_TYPE_FILE_NAME);
|
||||
String path = request.getStringValue(TLVType.TLV_TYPE_FILE_PATH);
|
||||
File file = Loader.expand(oldpath);
|
||||
File dest = Loader.expand(path);
|
||||
if (!file.exists() || !file.isFile()) {
|
||||
throw new IOException("File not found: " + path);
|
||||
}
|
||||
|
||||
InputStream in = new FileInputStream(file);
|
||||
OutputStream out = new FileOutputStream(dest);
|
||||
byte[] buf = new byte[4096];
|
||||
int len;
|
||||
while ((len = in.read(buf)) > 0) {
|
||||
out.write(buf, 0, len);
|
||||
}
|
||||
in.close();
|
||||
out.close();
|
||||
return ERROR_SUCCESS;
|
||||
}
|
||||
}
|
@ -387,6 +387,20 @@ function stdapi_fs_file_move($req, &$pkt) {
|
||||
}
|
||||
}
|
||||
|
||||
# works
|
||||
if (!function_exists('stdapi_fs_file_copy')) {
|
||||
register_command('stdapi_fs_file_copy');
|
||||
function stdapi_fs_file_copy($req, &$pkt) {
|
||||
my_print("doing cp");
|
||||
$old_file_tlv = packet_get_tlv($req, TLV_TYPE_FILE_NAME);
|
||||
$new_file_tlv = packet_get_tlv($req, TLV_TYPE_FILE_PATH);
|
||||
$old_file = cononicalize_path($old_file_tlv['value']);
|
||||
$new_file = cononicalize_path($new_file_tlv['value']);
|
||||
$ret = @copy($old_file, $new_file);
|
||||
return $ret ? ERROR_SUCCESS : ERROR_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
# works
|
||||
if (!function_exists('stdapi_fs_getwd')) {
|
||||
register_command('stdapi_fs_getwd');
|
||||
|
@ -999,6 +999,13 @@ def stdapi_fs_file_move(request, response):
|
||||
os.rename(unicode(oldname), unicode(newname))
|
||||
return ERROR_SUCCESS, response
|
||||
|
||||
@meterpreter.register_function
|
||||
def stdapi_fs_file_copy(request, response):
|
||||
oldname = packet_get_tlv(request, TLV_TYPE_FILE_NAME)['value']
|
||||
newname = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
|
||||
shutil.copy(unicode(oldname), unicode(newname))
|
||||
return ERROR_SUCCESS, response
|
||||
|
||||
@meterpreter.register_function
|
||||
def stdapi_fs_getwd(request, response):
|
||||
if hasattr(os, 'getcwdu'):
|
||||
|
Loading…
Reference in New Issue
Block a user