
       Name: TFTP Fetch, Generic x86 Debug Trap
     Module: payload/cmd/linux/tftp/x86/generic/debug_trap
   Platform: Linux, BSD, BSDi, OSX, Solaris, Windows
       Arch: cmd
Needs Admin: No
 Total size: 105
       Rank: Normal

Provided by:
    Brendan Watters
    Spencer McIntyre
    robert <robertmetasploit@gmail.com>

Basic options:
Name            Current Setting  Required  Description
----            ---------------  --------  -----------
FETCH_COMMAND   CURL             yes       Command to fetch payload (Accepted: CURL, FTP, TFTP, TNFTP, WGET)
FETCH_DELETE    false            yes       Attempt to delete the binary after execution
FETCH_FILELESS  none             yes       Attempt to run payload without touching disk by using anonymous handles, requires Linux ≥3.17 (for Python variant also Python ≥3.8 (Accepted: none, bash, python3.8+)
FETCH_SRVHOST                    yes       Local IP to use for serving payload
FETCH_SRVONCE   true             yes       Stop serving the payload after it is retrieved
FETCH_SRVPORT   8080             yes       Local port to use for serving payload
FETCH_URIPATH                    no        Local URI to use for serving payload


When FETCH_COMMAND is one of CURL,WGET:

Name        Current Setting  Required  Description
----        ---------------  --------  -----------
FETCH_PIPE  false            yes       Host both the binary payload and the command so it can be piped directly to the shell.


When FETCH_FILELESS is none:

Name                Current Setting  Required  Description
----                ---------------  --------  -----------
FETCH_FILENAME      akbKBqVoJ        no        Name to use on remote system when storing payload; cannot contain spaces or slashes
FETCH_WRITABLE_DIR  ./               yes       Remote writable dir to store payload; cannot contain spaces

Description:
    Fetch and execute a x86 payload from a TFTP server.
    Generate a debug trap in the target process


    Name                      Current Setting  Required  Description
    ----                      ---------------  --------  -----------
    EXE::Custom                                no        Use custom exe instead of automatically generating a payload exe
    EXE::EICAR                false            no        Generate an EICAR file instead of regular payload exe
    EXE::FallBack             false            no        Use the default template in case the specified one is missing
    EXE::Inject               false            no        Set to preserve the original EXE function
    EXE::OldMethod            false            no        Set to use the substitution EXE generation method.
    EXE::Path                                  no        The directory in which to look for the executable template
    EXE::Template                              no        The executable template file name.
    FetchHandlerDisable       false            yes       Disable fetch handler
    FetchListenerBindAddress                   no        The specific IP address to bind to to serve the payload if different from FETCH_SRVHOST
    FetchListenerBindPort                      no        The port to bind to if different from FETCH_SRVPORT
    MSI::Custom                                no        Use custom msi instead of automatically generating a payload msi
    MSI::EICAR                false            no        Generate an EICAR file instead of regular payload msi
    MSI::Path                                  no        The directory in which to look for the msi template
    MSI::Template                              no        The msi template file name
    MSI::UAC                  false            no        Create an MSI with a UAC prompt (elevation to SYSTEM if accepted)
    VERBOSE                   false            no        Enable detailed status messages
    WORKSPACE                                  no        Specify the workspace for this module

