rapid7 · h00die · Jan 17, 2025 · Jan 17, 2025 · Jan 17, 2025 · Jan 19, 2025
diff --git a/.../local/apt_package_manager_persistence.md → .../persistence/linux/apt_package_manager.md b/.../local/apt_package_manager_persistence.md → .../persistence/linux/apt_package_manager.md
diff --git a/...loit/linux/local/autostart_persistence.md → ...loit/linux/persistence/linux/autostart.md b/...loit/linux/local/autostart_persistence.md → ...loit/linux/persistence/linux/autostart.md
diff --git a/...t/linux/local/bash_profile_persistence.md → ...t/linux/persistence/linux/bash_profile.md b/...t/linux/local/bash_profile_persistence.md → ...t/linux/persistence/linux/bash_profile.md
diff --git a/...s/exploit/linux/local/cron_persistence.md → ...s/exploit/linux/persistence/linux/cron.md b/...s/exploit/linux/local/cron_persistence.md → ...s/exploit/linux/persistence/linux/cron.md
diff --git a/...s/exploit/linux/local/motd_persistence.md → ...s/exploit/linux/persistence/linux/motd.md b/...s/exploit/linux/local/motd_persistence.md → ...s/exploit/linux/persistence/linux/motd.md
diff --git a/...ploit/linux/local/rc_local_persistence.md → ...ploit/linux/persistence/linux/rc_local.md b/...ploit/linux/local/rc_local_persistence.md → ...ploit/linux/persistence/linux/rc_local.md
diff --git a/...s/post/linux/manage/sshkey_persistence.md → ...exploit/linux/persistence/linux/sshkey.md b/...s/post/linux/manage/sshkey_persistence.md → ...exploit/linux/persistence/linux/sshkey.md
diff --git a/.../local/yum_package_manager_persistence.md → .../persistence/linux/yum_package_manager.md b/.../local/yum_package_manager_persistence.md → .../persistence/linux/yum_package_manager.md
diff --git a/...ulti/local/obsidian_plugin_persistence.md → ...ulti/persistence/multi/obsidian_plugin.md b/...ulti/local/obsidian_plugin_persistence.md → ...ulti/persistence/multi/obsidian_plugin.md
diff --git a/...ules/exploit/unix/local/at_persistence.md → ...dules/exploit/unix/persistence/unix/at.md b/...ules/exploit/unix/local/at_persistence.md → ...dules/exploit/unix/persistence/unix/at.md
diff --git a/...loit/windows/local/persistence_service.md → ...ersistence/windows/persistence_service.md b/...loit/windows/local/persistence_service.md → ...ersistence/windows/persistence_service.md
diff --git a/...s/local/persistence_image_exec_options.md → ...sistence/windows/process_exit_debugger.md b/...s/local/persistence_image_exec_options.md → ...sistence/windows/process_exit_debugger.md
diff --git a/...dules/exploit/windows/local/ps_persist.md → ...windows/persistence/windows/ps_persist.md b/...dules/exploit/windows/local/ps_persist.md → ...windows/persistence/windows/ps_persist.md
diff --git a/...post/windows/manage/sshkey_persistence.md → ...oit/windows/persistence/windows/sshkey.md b/...post/windows/manage/sshkey_persistence.md → ...oit/windows/persistence/windows/sshkey.md
diff --git a/lib/msf/core/exploit/local/persistence.rb b/lib/msf/core/exploit/local/persistence.rb
@@ -0,0 +1,73 @@
+# -*- coding: binary -*-
+
+module Msf
+  module Exploit::Local::Persistence
+    def initialize(info = {})
+      @persistence_service = Rex::Sync::Event.new(auto_reset=false)
+      @clean_up_rc = ''
+      super(
+        update_info(
+          info,
+          'DefaultOptions' => {},
+          # https://github.com/rapid7/metasploit-framework/pull/19676#discussion_r1907594308
+          'Stance' => Msf::Exploit::Stance::Passive,
+          'Passive' => true
+        )
+      )
+
+      register_advanced_options(
+        [
+          OptString.new('WritableDir', [true, 'A directory where we can write files', '/tmp/']),
+          OptBool.new('CleanUpRc', [true, 'Create a cleanup resource file.', true])
+        ]
+      )
+    end
+
+    def exploit
+      run_as_background = !datastore['DisablePayloadHandler']
+      print_warning('Payload handler is disabled, the persistence will be installed only.') unless run_as_background
+
+      # Call the install_persistence function
+      # must be declared inside the persistence module
+      install_persistence
+
+      save_cleanup_rc if datastore['CleanUpRc'] && !@clean_up_rc.empty?
+
+      @persistence_service.wait if run_as_background
+    end
+
+    def install_persistence
+      # to be overloaded by the module
+    end
+
+    def save_cleanup_rc
+      host = session.sys.config.sysinfo['Computer']
+      # Create Filename info to be appended to downloaded files
+      filenameinfo = '_' + ::Time.now.strftime('%Y%m%d.%M%S')
+      logs = ::File.join(Msf::Config.log_directory, 'persistence', Rex::FileUtils.clean_path(host + filenameinfo))
+      # Create the log directory
+      ::FileUtils.mkdir_p(logs)
+
+      # logfile name
+      clean_rc = logs + ::File::Separator + Rex::FileUtils.clean_path(host + filenameinfo) + '.rc'
+      file_local_write(clean_rc, @clean_up_rc)
+      print_status("Meterpreter-compatible Cleaup RC file: #{clean_rc}")
+
+      report_note(host: host,
+                  type: 'host.persistance.cleanup',
+                  data: {
+                    local_id: session.sid,
+                    stype: session.type,
+                    desc: session.info,
+                    platform: session.platform,
+                    via_payload: session.via_payload,
+                    via_exploit: session.via_exploit,
+                    created_at: Time.now.utc,
+                    commands: @clean_up_rc
+                  })
+    end
+
+    def cleanup
+    end
+  end
+end
diff --git a/modules/exploits/linux/local/apt_package_manager_persistence.rb b/modules/exploits/linux/local/apt_package_manager_persistence.rb
diff --git a/modules/exploits/linux/local/autostart_persistence.rb b/modules/exploits/linux/local/autostart_persistence.rb
diff --git a/modules/exploits/linux/local/bash_profile_persistence.rb b/modules/exploits/linux/local/bash_profile_persistence.rb