1

I have this .rb file with the command:

cd /users/someusername/documents

The problem is that instead of "someusername", i would like to get the actual username of my target pc(which is my own pc used for penetration testing).

Update: Just to clarify: I am running the resource script using the :resource: command from my meterpreter session. I guess this is different from running meterpreter scripts since the way I am doing it, runs every line in the file as a meterpreter command. Any idea of how I could get the target's username from the file then? I mean the ENV does not seem to work with this approach. I am open for all suggestions!

Thanks! Much appreciated!

  • It's in the `ENV` variable (try `ENV['USER']` or `ENV['USERNAME']`) – khiav reoy Dec 30 '16 at 13:37
  • Thanks man! Could you give me an example of that with my cd command? I do not really know how to set it up. :)) –  Dec 30 '16 at 13:40
  • because this does not seem to work: cd /users/ENV['USER']/documents –  Dec 30 '16 at 13:55
  • I don't know what your code looks like, but you can try this: `"cd /users/#{ENV['USER']}/documents"` – khiav reoy Dec 30 '16 at 13:56
  • Thanks for your time. I have a .rb file and when i run it in metasploit, it simply runs the commands given in the rb file and every command is separated by line. I then tried to write "cd /users/#{ENV['USER']}/documents" in the file but then when i did "resource cdfile.rb" in my meterpreter session, it tried to cd "users/#{ENV['USER']}/documents" instead of the username that should be returned from the ENV? –  Dec 30 '16 at 14:19
  • Here is the output when running it: meterpreter > resource cdme.rc [*] Reading /root/cdme.rc [*] Running cd c:/users/#{ENV['USER']}/documents [-] stdapi_fs_chdir: Operation failed: The system cannot find the path specified. meterpreter > Interrupt: use the 'exit' command to quit –  Dec 30 '16 at 14:24
  • What does `p ENV['USER']` display when you put it at the beginning of your script? – Eric Duminil Dec 30 '16 at 14:27
  • after putting it in my script and after i called the script using the :resource: command in my meterpreter session, it simply tried to run p ENV['USER'] as a command, which of course lead to an error :( and it said "unknown command: p" –  Dec 30 '16 at 14:39

1 Answers1

1

Direct shortcut (if available)

If someusername is the current user name, you could use :

cd ~/documents

Environment variable (if available)

current_user = ENV['USER']
cmd = "cd /users/#{current_user}/documents"

Getting username with id

This command could help you :

current_user = %x(id -un).chomp
cmd = "cd /users/#{current_user}/documents"

Yet another try

According to this post, resource files seem to be ERB files. So you could write :

cd /users/<%= ENV['USER'] %>/documents
# or
cd /users/<%= %x(id -un).chomp %>/documents
Community
  • 1
  • 1
Eric Duminil
  • 52,989
  • 9
  • 71
  • 124
  • Yeah i know that that is the shortcut on a mac but when i try to do it from meterpreter, this happens: that is does not exist? –  Dec 30 '16 at 14:26
  • great thanks! But can these things be used in .rb files called using the :resource: command from meterpreter? Thanks! –  Dec 30 '16 at 14:35
  • Hmm, non of it works for me... Since the rb files are being called from the resource command, it runs every line as a command, which probably also is why your answer is not working for me.. Any suggestions? –  Dec 30 '16 at 14:37
  • Documentation is all over the place on resource files, with no clear indication of what's possible and what the expected Ruby syntax is. I added yet another possibility – Eric Duminil Dec 30 '16 at 14:49
  • Wow I really appreciate your time! But it says: "stdapi_fs_chdir: Operation failed: 1" :( –  Dec 30 '16 at 15:11
  • Yeah, it was possible for me to get the environment for 'user' and then using that in the cd command as the username. I just had to use another way of scripting than what I attempted at first :) So thank you –  Jan 02 '17 at 16:47