bcook-r7 commented 9 years ago

I don't know how I missed it, but the path builder arguments are backward and use the wrong string type when we stat files. This fixes that, and adds a new TLV type so we can send down the short filenames when listing directories as well.

Verification steps

Verification, similar to #137, but wait, it gets better! rapid7/metasploit-framework#4950 adds support for displaying the short filenames, so you can verify that they come through on Windows, and don't explode on Linux.

[x] Passes post/test/meterpreter and post/test/file post modules on Windows 32-bit
[x] Passes post/test/meterpreter and post/test/file post modules on Windows 64-bit
[x] Passes post/test/meterpreter and post/test/file post modules on Linux
[x] ls shows valid file sizes and types
[x] Short pathnames show up with the 'ls -x' option

meterpreter > cd c:
meterpreter > ls -x

Listing: C:\
============

Mode              Size      Type  Last modified              Short Name  Name
----              ----      ----  -------------              ----------  ----
40777/rwxrwxrwx   0         dir   2015-02-19 10:46:41 -0600              $Recycle.Bin
40777/rwxrwxrwx   0         dir   2015-02-19 09:31:32 -0600  $SYSRE~1    $SysReset
100666/rw-rw-rw-  1         fil   2013-06-18 07:18:29 -0500              BOOTNXT
40777/rwxrwxrwx   0         dir   2015-03-18 14:17:10 -0500              Config.Msi
40777/rwxrwxrwx   0         dir   2013-08-22 09:45:52 -0500  DOCUME~1    Documents and Settings
40777/rwxrwxrwx   0         dir   2013-08-22 10:22:35 -0500              PerfLogs
40555/r-xr-xr-x   0         dir   2015-03-17 10:29:10 -0500  PROGRA~1    Program Files
40555/r-xr-xr-x   0         dir   2015-03-18 14:05:34 -0500  PROGRA~2    Program Files (x86)
40777/rwxrwxrwx   0         dir   2015-03-18 14:21:01 -0500  PROGRA~3    ProgramData
40777/rwxrwxrwx   0         dir   2015-01-27 15:34:37 -0600              Python34
100666/rw-rw-rw-  0         fil   2015-02-19 09:56:39 -0600              Recovery.txt
40777/rwxrwxrwx   0         dir   2015-03-18 15:01:37 -0500  SYSTEM~1    System Volume Information
40555/r-xr-xr-x   0         dir   2015-02-19 10:00:34 -0600              Users
40777/rwxrwxrwx   0         dir   2015-03-18 14:31:01 -0500              Windows
40777/rwxrwxrwx   0         dir   2015-02-19 09:40:34 -0600              Windows.old
100444/r--r--r--  398356    fil   2014-03-18 05:14:54 -0500              bootmgr
40777/rwxrwxrwx   0         dir   2015-02-24 13:24:39 -0600              cygwin64
40777/rwxrwxrwx   0         dir   2015-02-18 23:18:39 -0600              found.000
40777/rwxrwxrwx   0         dir   2015-03-17 10:33:11 -0500  METASP~1    metasploit
0000/---------    0         fif   1969-12-31 18:00:00 -0600              pagefile.sys
100666/rw-rw-rw-  16777216  fil   2015-03-18 14:31:03 -0500              swapfile.sys

metasploit-public-bot commented 9 years ago

Test PASSED. Refer to this link for build results (access rights to CI server needed): https://ci.metasploit.com//job/GPR-MeterpreterWin/158/ Test PASSED.

OJ commented 9 years ago

Sessions:

msf exploit(handler) > sessions

Active sessions
===============

  Id  Type                   Information                                                                Connection
  --  ----                   -----------                                                                ----------
  1   meterpreter x86/win32  WIN-S45GUQ5KGVK\OJ @ WIN-S45GUQ5KGVK                                       10.1.10.40:8000 -> 10.1.10.35:51240 (10.1.10.35)
  2   meterpreter x64/win64  WIN-S45GUQ5KGVK\OJ @ WIN-S45GUQ5KGVK                                       10.1.10.40:8000 -> 10.1.10.35:51241 (10.1.10.35)
  3   meterpreter x86/linux  uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ ropchain  10.1.10.40:8000 -> 10.1.10.40:40154 (10.1.10.40)

Test modules:

msf exploit(handler) > loadpath test/modules
Loaded 33 modules:
    8 posts
    13 exploits
    12 auxiliarys
msf exploit(handler) > use post/test/file
msf post(file) > set session 1
session => 1
msf post(file) > run

[*] Running against session 1
[*] Session type is meterpreter and platform is x86/win32
[+] should test for file existence
[+] should test for directory existence
[+] should create text files
[+] should read the text we just wrote
[+] should append text files
[+] should delete text files
[+] should move files
[+] should write binary data
[+] should read the binary data we just wrote
[+] should delete binary files
[+] should append binary data
[*] Passed: 11; Failed: 0
[*] Post module execution completed
msf post(file) > set session 2
session => 2
msf post(file) > run

[*] Running against session 2
[*] Session type is meterpreter and platform is x64/win64
[+] should test for file existence
[+] should test for directory existence
[+] should create text files
[+] should read the text we just wrote
[+] should append text files
[+] should delete text files
[+] should move files
[+] should write binary data
[+] should read the binary data we just wrote
[+] should delete binary files
[+] should append binary data
[*] Passed: 11; Failed: 0
[*] Post module execution completed
msf post(file) > set session 3
session => 3
msf post(file) > run

[*] Running against session 3
[*] Session type is meterpreter and platform is x86/linux
[+] should test for file existence
[+] should test for directory existence
[+] should create text files
[+] should read the text we just wrote
[+] should append text files
[+] should delete text files
[+] should move files
[+] should write binary data
[+] should read the binary data we just wrote
[+] should delete binary files
[+] should append binary data
[*] Passed: 11; Failed: 0
[*] Post module execution completed
msf post(file) > use post/test/meterpreter
msf post(meterpreter) > set session 1
session => 1
msf post(meterpreter) > run

[*] Running against session 1
[*] Session type is meterpreter and platform is x86/win32
[+] should return its own process id
[+] should return a list of processes
[+] should return a user id
[+] should return a sysinfo Hash
[+] should return network interfaces
[+] should have an interface that matches session_host
[+] should return network routes
[+] should return the proper directory separator
[+] should return the current working directory
[+] should list files in the current directory
[+] should stat a directory
[+] should create and remove a dir
[+] should change directories
[+] should create and remove files
[+] should upload a file
[+] should move files
[+] should do md5 and sha1 of files
[*] Passed: 17; Failed: 0
[*] Post module execution completed
msf post(meterpreter) > set session 2
session => 2
msf post(meterpreter) > run

[*] Running against session 2
[*] Session type is meterpreter and platform is x64/win64
[+] should return its own process id
[+] should return a list of processes
[+] should return a user id
[+] should return a sysinfo Hash
[+] should return network interfaces
[+] should have an interface that matches session_host
[+] should return network routes
[+] should return the proper directory separator
[+] should return the current working directory
[+] should list files in the current directory
[+] should stat a directory
[+] should create and remove a dir
[+] should change directories
[+] should create and remove files
[+] should upload a file
[+] should move files
[+] should do md5 and sha1 of files
[*] Passed: 17; Failed: 0
[*] Post module execution completed
msf post(meterpreter) > set session 3
session => 3
msf post(meterpreter) > run

[*] Running against session 3
[*] Session type is meterpreter and platform is x86/linux
[+] should return its own process id
[+] should return a list of processes
[+] should return a user id
[+] should return a sysinfo Hash
[+] should return network interfaces
[+] should have an interface that matches session_host
[+] should return network routes
[+] should return the proper directory separator
[+] should return the current working directory
[+] should list files in the current directory
[+] should stat a directory
[+] should create and remove a dir
[+] should change directories
[+] should create and remove files
[+] should upload a file
[+] should move files
[+] should do md5 and sha1 of files
[*] Passed: 17; Failed: 0
[*] Post module execution completed

Interactivity and new ls features

msf post(meterpreter) > sessions -i 1
[*] Starting interaction with 1...

meterpreter > ls -h
Usage: ls [dir] [-x] [-S] [-t] [-r]
   -x Show short file names
   -S Sort by size
   -t Sort by time modified
   -r Reverse sort order
meterpreter > cd C:\\temp
meterpreter > ls

Listing: C:\temp
================

Mode             Size  Type  Last modified              Name
----             ----  ----  -------------              ----
40777/rwxrwxrwx  0     dir   2015-03-18 17:53:30 +1000  .
40777/rwxrwxrwx  0     dir   1980-01-01 00:00:00 +1000  ..
40777/rwxrwxrwx  0     dir   2015-03-18 14:52:41 +1000  这是一个测试

meterpreter > ls -x

Listing: C:\temp
================

Mode             Size  Type  Last modified              Short Name  Name
----             ----  ----  -------------              ----------  ----
40777/rwxrwxrwx  0     dir   2015-03-18 17:53:30 +1000              .
40777/rwxrwxrwx  0     dir   1980-01-01 00:00:00 +1000              ..
40777/rwxrwxrwx  0     dir   2015-03-18 14:52:41 +1000  A9BE~1      这是一个测试

meterpreter > ls "C:\\program files\\"
[-] stdapi_fs_stat: Operation failed: The system cannot find the file specified.
meterpreter > ls 'C:\\program files'

Listing: C:\\program files
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
40555/r-xr-xr-x   0     dir   2015-02-27 12:58:44 +1000  .
40777/rwxrwxrwx   0     dir   1980-01-01 00:00:00 +1000  ..
40777/rwxrwxrwx   0     dir   2013-11-11 19:30:46 +1000  7-Zip
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:08 +1000  Application Verifier
40777/rwxrwxrwx   0     dir   2013-12-24 11:20:49 +1000  BreakPoint Software
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  Common Files
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:16 +1000  DVD Maker
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:09 +1000  IIS
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:15 +1000  IIS Express
40777/rwxrwxrwx   0     dir   2013-11-11 18:57:49 +1000  Internet Explorer
40777/rwxrwxrwx   0     dir   2014-06-24 15:44:54 +1000  MSBuild
40777/rwxrwxrwx   0     dir   2014-06-24 15:26:45 +1000  Microsoft
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:14 +1000  Microsoft Games
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:57 +1000  Microsoft Identity Extensions
40777/rwxrwxrwx   0     dir   2014-06-24 15:27:42 +1000  Microsoft SDKs
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:36 +1000  Microsoft SQL Server
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:29 +1000  Microsoft SQL Server Compact Edition
40777/rwxrwxrwx   0     dir   2014-03-23 10:30:24 +1000  Microsoft Silverlight
40777/rwxrwxrwx   0     dir   2013-11-11 19:03:07 +1000  Microsoft Visual Studio 12.0
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Reference Assemblies
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:59 +1000  SharePoint Client Components
40777/rwxrwxrwx   0     dir   2009-07-14 15:09:26 +1000  Uninstall Information
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  VMware
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2010Schemas
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2012Schemas
40777/rwxrwxrwx   0     dir   2014-02-02 22:41:05 +1000  WinRAR
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Defender
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:46 +1000  Windows Identity Foundation
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:15 +1000  Windows Journal
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Mail
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Media Player
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Windows NT
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Photo Viewer
40777/rwxrwxrwx   0     dir   2010-11-21 13:31:34 +1000  Windows Portable Devices
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Sidebar
100666/rw-rw-rw-  174   fil   2009-07-14 14:54:24 +1000  desktop.ini

meterpreter > ls -t 'C:\\program files'

Listing: C:\\program files
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
40777/rwxrwxrwx   0     dir   1980-01-01 00:00:00 +1000  ..
100666/rw-rw-rw-  174   fil   2009-07-14 14:54:24 +1000  desktop.ini
40777/rwxrwxrwx   0     dir   2009-07-14 15:09:26 +1000  Uninstall Information
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Reference Assemblies
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Windows NT
40777/rwxrwxrwx   0     dir   2010-11-21 13:31:34 +1000  Windows Portable Devices
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Sidebar
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Mail
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Defender
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Photo Viewer
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Media Player
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:14 +1000  Microsoft Games
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:15 +1000  Windows Journal
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:16 +1000  DVD Maker
40777/rwxrwxrwx   0     dir   2013-11-11 18:57:49 +1000  Internet Explorer
40777/rwxrwxrwx   0     dir   2013-11-11 19:03:07 +1000  Microsoft Visual Studio 12.0
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:08 +1000  Application Verifier
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:29 +1000  Microsoft SQL Server Compact Edition
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:36 +1000  Microsoft SQL Server
40777/rwxrwxrwx   0     dir   2013-11-11 19:30:46 +1000  7-Zip
40777/rwxrwxrwx   0     dir   2013-12-24 11:20:49 +1000  BreakPoint Software
40777/rwxrwxrwx   0     dir   2014-02-02 22:41:05 +1000  WinRAR
40777/rwxrwxrwx   0     dir   2014-03-23 10:30:24 +1000  Microsoft Silverlight
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:09 +1000  IIS
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:15 +1000  IIS Express
40777/rwxrwxrwx   0     dir   2014-06-24 15:26:45 +1000  Microsoft
40777/rwxrwxrwx   0     dir   2014-06-24 15:27:42 +1000  Microsoft SDKs
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2010Schemas
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2012Schemas
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:46 +1000  Windows Identity Foundation
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:57 +1000  Microsoft Identity Extensions
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:59 +1000  SharePoint Client Components
40777/rwxrwxrwx   0     dir   2014-06-24 15:44:54 +1000  MSBuild
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  Common Files
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  VMware
40555/r-xr-xr-x   0     dir   2015-02-27 12:58:44 +1000  .

meterpreter > exit
[*] Shutting down Meterpreter...

[*] 10.1.10.35 - Meterpreter session 1 closed.  Reason: User exit
msf post(meterpreter) > sessions -i 2
[*] Starting interaction with 2...

meterpreter > cd C:\\temp
meterpreter > ls

Listing: C:\temp
================

Mode             Size  Type  Last modified              Name
----             ----  ----  -------------              ----
40777/rwxrwxrwx  0     dir   2015-03-18 17:53:30 +1000  .
40777/rwxrwxrwx  0     dir   1980-01-01 00:00:00 +1000  ..
40777/rwxrwxrwx  0     dir   2015-03-18 14:52:41 +1000  这是一个测试

meterpreter > ls -t 'C:\\program files'

Listing: C:\\program files
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
40777/rwxrwxrwx   0     dir   1980-01-01 00:00:00 +1000  ..
100666/rw-rw-rw-  174   fil   2009-07-14 14:54:24 +1000  desktop.ini
40777/rwxrwxrwx   0     dir   2009-07-14 15:09:26 +1000  Uninstall Information
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Reference Assemblies
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Windows NT
40777/rwxrwxrwx   0     dir   2010-11-21 13:31:34 +1000  Windows Portable Devices
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Sidebar
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Mail
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Defender
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Photo Viewer
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Media Player
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:14 +1000  Microsoft Games
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:15 +1000  Windows Journal
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:16 +1000  DVD Maker
40777/rwxrwxrwx   0     dir   2013-11-11 18:57:49 +1000  Internet Explorer
40777/rwxrwxrwx   0     dir   2013-11-11 19:03:07 +1000  Microsoft Visual Studio 12.0
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:08 +1000  Application Verifier
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:29 +1000  Microsoft SQL Server Compact Edition
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:36 +1000  Microsoft SQL Server
40777/rwxrwxrwx   0     dir   2013-11-11 19:30:46 +1000  7-Zip
40777/rwxrwxrwx   0     dir   2013-12-24 11:20:49 +1000  BreakPoint Software
40777/rwxrwxrwx   0     dir   2014-02-02 22:41:05 +1000  WinRAR
40777/rwxrwxrwx   0     dir   2014-03-23 10:30:24 +1000  Microsoft Silverlight
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:09 +1000  IIS
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:15 +1000  IIS Express
40777/rwxrwxrwx   0     dir   2014-06-24 15:26:45 +1000  Microsoft
40777/rwxrwxrwx   0     dir   2014-06-24 15:27:42 +1000  Microsoft SDKs
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2010Schemas
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2012Schemas
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:46 +1000  Windows Identity Foundation
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:57 +1000  Microsoft Identity Extensions
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:59 +1000  SharePoint Client Components
40777/rwxrwxrwx   0     dir   2014-06-24 15:44:54 +1000  MSBuild
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  Common Files
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  VMware
40555/r-xr-xr-x   0     dir   2015-02-27 12:58:44 +1000  .

meterpreter > ls 'C:\\program files'

Listing: C:\\program files
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
40555/r-xr-xr-x   0     dir   2015-02-27 12:58:44 +1000  .
40777/rwxrwxrwx   0     dir   1980-01-01 00:00:00 +1000  ..
40777/rwxrwxrwx   0     dir   2013-11-11 19:30:46 +1000  7-Zip
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:08 +1000  Application Verifier
40777/rwxrwxrwx   0     dir   2013-12-24 11:20:49 +1000  BreakPoint Software
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  Common Files
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:16 +1000  DVD Maker
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:09 +1000  IIS
40777/rwxrwxrwx   0     dir   2014-03-24 06:41:15 +1000  IIS Express
40777/rwxrwxrwx   0     dir   2013-11-11 18:57:49 +1000  Internet Explorer
40777/rwxrwxrwx   0     dir   2014-06-24 15:44:54 +1000  MSBuild
40777/rwxrwxrwx   0     dir   2014-06-24 15:26:45 +1000  Microsoft
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:14 +1000  Microsoft Games
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:57 +1000  Microsoft Identity Extensions
40777/rwxrwxrwx   0     dir   2014-06-24 15:27:42 +1000  Microsoft SDKs
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:36 +1000  Microsoft SQL Server
40777/rwxrwxrwx   0     dir   2013-11-11 19:06:29 +1000  Microsoft SQL Server Compact Edition
40777/rwxrwxrwx   0     dir   2014-03-23 10:30:24 +1000  Microsoft Silverlight
40777/rwxrwxrwx   0     dir   2013-11-11 19:03:07 +1000  Microsoft Visual Studio 12.0
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Reference Assemblies
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:59 +1000  SharePoint Client Components
40777/rwxrwxrwx   0     dir   2009-07-14 15:09:26 +1000  Uninstall Information
40777/rwxrwxrwx   0     dir   2015-02-27 12:58:44 +1000  VMware
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2010Schemas
40777/rwxrwxrwx   0     dir   2014-06-24 15:28:39 +1000  VS2012Schemas
40777/rwxrwxrwx   0     dir   2014-02-02 22:41:05 +1000  WinRAR
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Defender
40777/rwxrwxrwx   0     dir   2014-06-24 15:41:46 +1000  Windows Identity Foundation
40777/rwxrwxrwx   0     dir   2011-04-12 18:28:15 +1000  Windows Journal
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Mail
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Media Player
40777/rwxrwxrwx   0     dir   2009-07-14 15:32:38 +1000  Windows NT
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Photo Viewer
40777/rwxrwxrwx   0     dir   2010-11-21 13:31:34 +1000  Windows Portable Devices
40777/rwxrwxrwx   0     dir   2011-04-12 18:17:53 +1000  Windows Sidebar
100666/rw-rw-rw-  174   fil   2009-07-14 14:54:24 +1000  desktop.ini

meterpreter > exit
[*] Shutting down Meterpreter...

[*] 10.1.10.35 - Meterpreter session 2 closed.  Reason: User exit
msf post(meterpreter) > sessions -i 3
[*] Starting interaction with 3...

meterpreter > cd /home/oj/code/tmp
meterpreter > ls

Listing: /home/oj/code/tmp
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
40775/rwxrwxr-x   4096  dir   2015-03-07 14:11:37 +1000  .
40775/rwxrwxr-x   4096  dir   2015-03-09 07:48:12 +1000  ..
100664/rw-rw-r--  81    fil   2015-03-07 14:12:17 +1000  beef.html
100664/rw-rw-r--  101   fil   2015-02-10 10:02:32 +1000  crossdomain.xml
100664/rw-rw-r--  2315  fil   2015-02-10 10:03:08 +1000  foo.xml
100664/rw-rw-r--  0     fil   2015-02-10 09:50:48 +1000  index.html
100664/rw-rw-r--  195   fil   2014-11-19 19:33:07 +1000  main.go
100664/rw-rw-r--  616   fil   2014-11-19 16:34:35 +1000  models.go
100664/rw-rw-r--  393   fil   2014-11-19 19:16:59 +1000  pgsql.go
100664/rw-rw-r--  611   fil   2014-11-19 19:38:25 +1000  route_auth.go
100664/rw-rw-r--  239   fil   2014-11-19 19:32:14 +1000  route_setup.go
100664/rw-rw-r--  250   fil   2014-11-19 19:30:17 +1000  route_site.go
100664/rw-rw-r--  256   fil   2014-11-19 18:00:17 +1000  templates.go
100664/rw-rw-r--  13    fil   2014-11-19 15:12:35 +1000  user.go

meterpreter > ls -S

Listing: /home/oj/code/tmp
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
100664/rw-rw-r--  0     fil   2015-02-10 09:50:48 +1000  index.html
100664/rw-rw-r--  13    fil   2014-11-19 15:12:35 +1000  user.go
100664/rw-rw-r--  81    fil   2015-03-07 14:12:17 +1000  beef.html
100664/rw-rw-r--  101   fil   2015-02-10 10:02:32 +1000  crossdomain.xml
100664/rw-rw-r--  195   fil   2014-11-19 19:33:07 +1000  main.go
100664/rw-rw-r--  239   fil   2014-11-19 19:32:14 +1000  route_setup.go
100664/rw-rw-r--  250   fil   2014-11-19 19:30:17 +1000  route_site.go
100664/rw-rw-r--  256   fil   2014-11-19 18:00:17 +1000  templates.go
100664/rw-rw-r--  393   fil   2014-11-19 19:16:59 +1000  pgsql.go
100664/rw-rw-r--  611   fil   2014-11-19 19:38:25 +1000  route_auth.go
100664/rw-rw-r--  616   fil   2014-11-19 16:34:35 +1000  models.go
100664/rw-rw-r--  2315  fil   2015-02-10 10:03:08 +1000  foo.xml
40775/rwxrwxr-x   4096  dir   2015-03-09 07:48:12 +1000  ..
40775/rwxrwxr-x   4096  dir   2015-03-07 14:11:37 +1000  .

meterpreter > ls -t

Listing: /home/oj/code/tmp
==========================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
100664/rw-rw-r--  13    fil   2014-11-19 15:12:35 +1000  user.go
100664/rw-rw-r--  616   fil   2014-11-19 16:34:35 +1000  models.go
100664/rw-rw-r--  256   fil   2014-11-19 18:00:17 +1000  templates.go
100664/rw-rw-r--  393   fil   2014-11-19 19:16:59 +1000  pgsql.go
100664/rw-rw-r--  250   fil   2014-11-19 19:30:17 +1000  route_site.go
100664/rw-rw-r--  239   fil   2014-11-19 19:32:14 +1000  route_setup.go
100664/rw-rw-r--  195   fil   2014-11-19 19:33:07 +1000  main.go
100664/rw-rw-r--  611   fil   2014-11-19 19:38:25 +1000  route_auth.go
100664/rw-rw-r--  0     fil   2015-02-10 09:50:48 +1000  index.html
100664/rw-rw-r--  101   fil   2015-02-10 10:02:32 +1000  crossdomain.xml
100664/rw-rw-r--  2315  fil   2015-02-10 10:03:08 +1000  foo.xml
40775/rwxrwxr-x   4096  dir   2015-03-07 14:11:37 +1000  .
100664/rw-rw-r--  81    fil   2015-03-07 14:12:17 +1000  beef.html
40775/rwxrwxr-x   4096  dir   2015-03-09 07:48:12 +1000  ..

meterpreter > exit
[*] Shutting down Meterpreter...

[*] 10.1.10.40 - Meterpreter session 3 closed.  Reason: User exit
msf post(meterpreter) >

OJ commented 9 years ago

Top hole! Yippedee-dap and zing-zang spillip!

Landing.

bcook-r7 commented 9 years ago

do do do - thanks

rapid7 / meterpreter

support emitting short filenames when listing files, fix windows stat path builder #138

Verification steps