at(1) persistence #7310
at(1) persistence #7310
Conversation
Initial inspiration from @h00die's cron module in rapid7#7003
…lays Also, platforms, which I think achieves nothing right now.
|
no markdown docs? :( |
|
@h00die I was not aware those are now a thing, but after reading CONTRIBUTING.md I see the relevant note. I'll add this tomorrow. |
|
That doc is growing like a tumor. |
|
I guess I'll grab this and hopefully land it sooner than I did @h00die's stuff (so sorry, dude). Need to stop obsessing over the little things. This Unix stuff is near and dear to my heart. |
|
@wvu-r7 no hard feelings :) it landed didn't it! |
|
for the markdown scenario, id pretty much copy your "Sample Output" above and place it in there. Its nice to see what a 'good' run looks like in those docs, so when it doesn't work for someone in 2yrs they can at least see what is supposed to happen and start to diagnose. Looks good though! |
|
Whew, now that a bunch of other PRs landed, this one should besoon ;) |
|
@jhart-r7 Please set a executable bit for the payload file. If not, we can't gain a shell session. If it is a executable file, |
| write_file(payload_file, persistent_payload) | ||
| register_files_for_cleanup(payload_file) if datastore['CLEANUP'] | ||
|
|
||
| cmd_exec("at -f #{payload_file} #{datastore['TIME']}") |
There was a problem hiding this comment.
cmd_exec("chmod 700 #{payload_file}")
cmd_exec("at -f #{payload_file} #{datastore['TIME']}")
set payload file executable bit
Release NotesA new persistence module ( |
This was an idea taken from @h00die's #7003 which added
cron"persistence". Maybe somebody will find this useful, someday.Verification
List the steps needed to make sure this thing works
msfconsoleuse exploit/multi/local/at_persistenceset SESSION <session>set PAYLOAD <payload>check, and confirm that the target is suitable for exploitationexploit, and confirm that within ~60s you get a shellCLEANUPandTIMEregular options and/orPATHadvanced optionSample output: