stdapi_fs_file_move

2025-04-30 13:07:22 +02:00 · 2016-10-22 15:31:22 +08:00 · 2016-10-22 15:31:22 +08:00 · e2e7aa0c93
commit e2e7aa0c93
parent 865eb56c95
4 changed files with 43 additions and 21 deletions
--- a/java/androidpayload/library/src/com/metasploit/meterpreter/AndroidMeterpreter.java
+++ b/java/androidpayload/library/src/com/metasploit/meterpreter/AndroidMeterpreter.java
@ -33,27 +33,7 @@ import com.metasploit.meterpreter.android.webcam_list_android;
 import com.metasploit.meterpreter.android.webcam_start_android;
 import com.metasploit.meterpreter.android.webcam_stop_android;
 import com.metasploit.meterpreter.android.android_wlan_geolocate;
-import com.metasploit.meterpreter.stdapi.Loader;
-import com.metasploit.meterpreter.stdapi.channel_create_stdapi_fs_file;
-import com.metasploit.meterpreter.stdapi.channel_create_stdapi_net_tcp_client;
-import com.metasploit.meterpreter.stdapi.channel_create_stdapi_net_tcp_server;
-import com.metasploit.meterpreter.stdapi.channel_create_stdapi_net_udp_client;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_chdir;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_delete_dir;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_delete_file;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_getwd;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_ls;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_md5;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_mkdir;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_search;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_separator;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_sha1;
-import com.metasploit.meterpreter.stdapi.stdapi_fs_stat;
-import com.metasploit.meterpreter.stdapi.stdapi_net_config_get_interfaces_V1_4;
-import com.metasploit.meterpreter.stdapi.stdapi_net_config_get_routes_V1_4;
-import com.metasploit.meterpreter.stdapi.stdapi_sys_config_localtime;
-import com.metasploit.meterpreter.stdapi.stdapi_net_socket_tcp_shutdown_V1_3;
-import com.metasploit.meterpreter.stdapi.stdapi_sys_process_execute_V1_3;
+import com.metasploit.meterpreter.stdapi.*;

 import java.io.DataInputStream;
 import java.io.File;
@ -156,6 +136,7 @@ public class AndroidMeterpreter extends Meterpreter {
        mgr.registerCommand("stdapi_fs_delete_dir", stdapi_fs_delete_dir.class);
        mgr.registerCommand("stdapi_fs_delete_file", stdapi_fs_delete_file.class);
        mgr.registerCommand("stdapi_fs_file_expand_path", stdapi_fs_file_expand_path_android.class);
+        mgr.registerCommand("stdapi_fs_file_move", stdapi_fs_file_move.class);
        mgr.registerCommand("stdapi_fs_getwd", stdapi_fs_getwd.class);
        mgr.registerCommand("stdapi_fs_ls", stdapi_fs_ls.class);
        mgr.registerCommand("stdapi_fs_mkdir", stdapi_fs_mkdir.class);
--- a/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/Loader.java
+++ b/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/Loader.java
@ -31,6 +31,7 @@ public class Loader implements ExtensionLoader {
        mgr.registerCommand("stdapi_fs_delete_dir", stdapi_fs_delete_dir.class);
        mgr.registerCommand("stdapi_fs_delete_file", stdapi_fs_delete_file.class);
        mgr.registerCommand("stdapi_fs_file_expand_path", stdapi_fs_file_expand_path.class, V1_2, V1_5); // %COMSPEC% only
+        mgr.registerCommand("stdapi_fs_file_move", stdapi_fs_file_move.class);
        mgr.registerCommand("stdapi_fs_getwd", stdapi_fs_getwd.class);
        mgr.registerCommand("stdapi_fs_ls", stdapi_fs_ls.class);
        mgr.registerCommand("stdapi_fs_mkdir", stdapi_fs_mkdir.class);
--- a/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_fs_file_move.java
+++ b/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_fs_file_move.java
@ -0,0 +1,26 @@
+package com.metasploit.meterpreter.stdapi;
+
+import com.metasploit.meterpreter.Meterpreter;
+import com.metasploit.meterpreter.TLVPacket;
+import com.metasploit.meterpreter.TLVType;
+import com.metasploit.meterpreter.command.Command;
+
+import java.io.File;
+import java.io.IOException;
+
+public class stdapi_fs_file_move implements Command {
+
+    public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception {
+        String oldpath = request.getStringValue(TLVType.TLV_TYPE_FILE_NAME);
+        String path = request.getStringValue(TLVType.TLV_TYPE_FILE_PATH);
+        File file = Loader.expand(oldpath);
+        File dest = Loader.expand(path);
+        if (!file.exists() || !file.isFile()) {
+            throw new IOException("File not found: " + path);
+        }
+        if (!file.renameTo(dest)) {
+            throw new IOException("Cannot move " + file.getCanonicalPath() + " to " + dest.getCanonicalPath());
+        }
+        return ERROR_SUCCESS;
+    }
+}
--- a/php/meterpreter/ext_server_stdapi.php
+++ b/php/meterpreter/ext_server_stdapi.php
@ -373,6 +373,20 @@ function stdapi_fs_delete($req, &$pkt) {
 }
 }

+# works
+if (!function_exists('stdapi_fs_file_move')) {
+register_command('stdapi_fs_file_move');
+function stdapi_fs_file_move($req, &$pkt) {
+    my_print("doing mv");
+    $old_file_tlv = packet_get_tlv($req, TLV_TYPE_FILE_NAME);
+    $new_file_tlv = packet_get_tlv($req, TLV_TYPE_FILE_PATH);
+    $old_file = cononicalize_path($old_file_tlv['value']);
+    $new_file = cononicalize_path($new_file_tlv['value']);
+    $ret = @rename($old_file, $new_file);
+    return $ret ? ERROR_SUCCESS : ERROR_FAILURE;
+}
+}
+
 # works
 if (!function_exists('stdapi_fs_getwd')) {
 register_command('stdapi_fs_getwd');