How to use meterpreter.sys.kill() module in python extension??

Question

How to use meterpreter.sys.kill() module in python extension??

simonpunk opened this issue 8 years ago · 4 comments

Sorry, I have just read through the wiki page about python extension, and trying to import the meterpreter module. I don't know if I am doing wrong or not.

I want to invoke the "kill" function from meterpreter, but not like other modules, I need to give a parameter for this. So I try import meterpreter.sys; print meterpreter.sys.kill("5589") .
but it turns out nothing, and the process 5589 still exists, so I think maybe I am doing it wrong.

May I ask what's the right way to call this function???
And How about doing it with the "-s" parameter in meterpreter.sys.kill()??

Thanks.

mubix commented 8 years ago

cc @OJ

Answer 1 · 2016-06-19T01:16:35.000Z

@simonpunk can you provide your workflow? Also, is the space in meterprete r in your code? might be what breaks it

Answer 2 · 2016-06-19T09:49:42.000Z

@mubix
I am so sorry, that's just a typo. I have tried
python_execute "import meterpreter.sys; print meterpreter.sys.kill('5589')" or
python_execute "import meterpreter.sys; print meterpreter.sys.process.kill('5589')"

and the log says:

Traceback (most recent call last):
File "", line 1, in
AttributeError: 'module' object has no attribute 'Process'

or

Traceback (most recent call last):
File "", line 1, in
AttributeError: 'module' object has no attribute 'kill'

So, is it unsupported or I just did it wrong? THanks.

Answer 3 · 2016-06-19T23:01:19.000Z

@simonpunk please refer to the list of available bindings in the python extension, in particular, the sys namespace.

You'll notice that kill is not present. Python has built-in support for killing processes and hence exposing it through the Meterpreter extension wasn't necessary.

import os
import signal

os.kill(pid, signal.SIGTERM) #or signal.SIGKILL

Thanks!