Skip to content

Commit

Permalink
Fix symlink and junction detection on Python windows
Browse files Browse the repository at this point in the history
  • Loading branch information
smashery committed Oct 11, 2024
1 parent 80f92ed commit 38e11ae
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion python/meterpreter/ext_server_stdapi.py
Original file line number Diff line number Diff line change
Expand Up @@ -1147,6 +1147,12 @@ def enable_privilege(name, enable=True):
tokenPrivileges.get_array()[0].Attributes = SE_PRIVILEGE_ENABLED if enable else 0
return AdjustTokenPrivileges(token, False, tokenPrivileges, 0, None, None)

def islink_windows(dir_path):
if os.path.isdir(dir_path):
FILE_ATTRIBUTE_REPARSE_POINT = 0x0400
attributes = ctypes.windll.kernel32.GetFileAttributesW(unicode(dir_path))
return (attributes & FILE_ATTRIBUTE_REPARSE_POINT) > 0

@register_function
def channel_open_stdapi_fs_file(request, response):
fpath = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
Expand Down Expand Up @@ -1933,7 +1939,9 @@ def stdapi_fs_chdir(request, response):
def stdapi_fs_delete_dir(request, response):
dir_path = packet_get_tlv(request, TLV_TYPE_DIRECTORY_PATH)['value']
dir_path = unicode(dir_path)
if os.path.islink(dir_path):
if has_windll and islink_windows(dir_path):
del_func = os.rmdir
elif not has_windll and os.path.islink(dir_path):
del_func = os.unlink
else:
del_func = shutil.rmtree
Expand Down

0 comments on commit 38e11ae

Please sign in to comment.