Browse the session filesystem in a Web Browser - Metasploit

This page contains detailed information about how to use the post/multi/manage/fileshare metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.

Module Overview

---

Name: Browse the session filesystem in a Web Browser
Module: post/multi/manage/fileshare
Source code: modules/post/multi/manage/fileshare.rb
Disclosure date: -
Last modification time: 2021-10-25 17:19:45 +0000
Supported architecture(s): -
Supported platform(s): Linux, OSX, Windows
Target service / protocol: -
Target network port(s): -
List of CVEs: -

This module allows you to browse the session filesystem via a local browser window.

Module Ranking and Traits

---

Module Ranking:

• normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.

Stability:

• crash-safe: Module should not crash the service.

Basic Usage

---

msf > use post/multi/manage/fileshare
msf post(fileshare) > exploit

Required Options

---

• SESSION: The session to run this module on

Knowledge Base

---

Go back to menu.

Msfconsole Usage

---

Here is how the multi/manage/fileshare post exploitation module looks in the msfconsole:

msf6 > use post/multi/manage/fileshare

msf6 post(multi/manage/fileshare) > show info

       Name: Browse the session filesystem in a Web Browser
     Module: post/multi/manage/fileshare
   Platform: Linux, Windows, OSX
       Arch: 
       Rank: Normal

Provided by:
  timwr

Module stability:
 crash-safe

Compatible session types:
  Meterpreter
  Powershell
  Shell

Basic options:
  Name     Current Setting  Required  Description
  ----     ---------------  --------  -----------
  SESSION                   yes       The session to run this module on
  SRVHOST  127.0.0.1        yes       The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
  SRVPORT  8080             yes       The local port to listen on.
  SSL      false            no        Negotiate SSL for incoming connections
  SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
  URIPATH                   no        The URI to use for this exploit (default is random)

Description:
  This module allows you to browse the session filesystem via a local 
  browser window.

Module Options

---

This is a complete list of options available in the multi/manage/fileshare post exploitation module:

msf6 post(multi/manage/fileshare) > show options

Module options (post/multi/manage/fileshare):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION                   yes       The session to run this module on
   SRVHOST  127.0.0.1        yes       The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH                   no        The URI to use for this exploit (default is random)

Advanced Options

---

Here is a complete list of advanced options supported by the multi/manage/fileshare post exploitation module:

msf6 post(multi/manage/fileshare) > show advanced

Module advanced options (post/multi/manage/fileshare):

   Name            Current Setting  Required  Description
   ----            ---------------  --------  -----------
   ListenerComm                     no        The specific communication channel to use for this service
   SSLCipher                        no        String for SSL cipher spec - "DHE-RSA-AES256-SHA" or "ADH"
   SSLCompression  false            no        Enable SSL/TLS-level compression
   SSLVersion      Auto             yes       Specify the version of SSL/TLS to be used (Auto, TLS and SSL23 are auto-negotiate) (Accepted: Auto, TLS, SSL23, SSL3, TLS1, TLS1.1, TLS1.2)
   SendRobots      false            no        Return a robots.txt file if asked for one
   URIHOST                          no        Host to use in URI (useful for tunnels)
   URIPORT                          no        Port to use in URI (useful for tunnels)
   VERBOSE         false            no        Enable detailed status messages
   WORKSPACE                        no        Specify the workspace for this module

Post Actions

---

This is a list of all post exploitation actions which the multi/manage/fileshare module can do:

msf6 post(multi/manage/fileshare) > show actions

Post actions:

   Name  Description
   ----  -----------

Evasion Options

---

Here is the full list of possible evasion options supported by the multi/manage/fileshare post exploitation module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):

msf6 post(multi/manage/fileshare) > show evasion

Module evasion options:

   Name                  Current Setting  Required  Description
   ----                  ---------------  --------  -----------
   HTTP::chunked         false            no        Enable chunking of HTTP responses via "Transfer-Encoding: chunked"
   HTTP::compression     none             no        Enable compression of HTTP responses via content encoding (Accepted: none, gzip, deflate)
   HTTP::header_folding  false            no        Enable folding of HTTP headers
   HTTP::junk_headers    false            no        Enable insertion of random junk HTTP headers
   HTTP::no_cache        false            no        Disallow the browser to cache HTTP content
   HTTP::server_name     Apache           yes       Configures the Server header of all outgoing replies
   TCP::max_send_size    0                no        Maximum tcp segment size.  (0 = disable)
   TCP::send_delay       0                no        Delays inserted before every send.  (0 = disable)

Go back to menu.

Error Messages

---

This module may fail with the following error messages:

Check for the possible causes from the code snippets below found in the module source code. This can often times help in identifying the root cause of the problem.

Unknown error

---

Here is a relevant code snippet related to the "Unknown error" error message:

135:	    else
136:	      send_not_found(cli)
137:	    end
138:	  end
139:	
140:	  def on_request_uri(cli, request)
141:	    handle_response(cli, request.uri)
142:	  rescue ::Rex::Post::Meterpreter::RequestError
143:	    cli.send_response(create_response(500, 'Unknown error'))
144:	  end
145:	end

Go back to menu.

Related Pull Requests

---

• #15558 Merged Pull Request: add module to access a sessions filesystem in a browser

Go back to menu.

See Also

---

Check also the following modules related to this module:

• post/multi/manage/autoroute
• post/multi/manage/dbvis_add_db_admin
• post/multi/manage/dbvis_query
• post/multi/manage/hsts_eraser
• post/multi/manage/multi_post
• post/multi/manage/open
• post/multi/manage/play_youtube
• post/multi/manage/record_mic
• post/multi/manage/screensaver
• post/multi/manage/screenshare
• post/multi/manage/set_wallpaper
• post/multi/manage/shell_to_meterpreter
• post/multi/manage/sudo
• post/multi/manage/system_session
• post/multi/manage/upload_exec
• post/multi/manage/zip

Authors

---

• timwr

Version

---

This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.

Go back to menu.