prefix MeterpreterUserAgent and PayloadProxy* with Http for consistency,
this also adds aliases where neededMS-2855/keylogger-mettle-extension
Brent Cook
parent
a5af21fa1a
commit
1fd7f7c8bc
|
|
@ -52,16 +52,38 @@ module ReverseHttp
|
|||
|
||||
register_advanced_options(
|
||||
[
|
||||
|
||||
OptString.new('MeterpreterUserAgent', [false, 'The user-agent that the payload should use for communication', Rex::UserAgent.shortest]),
|
||||
OptString.new('MeterpreterServerName', [false, 'The server header that the handler will send in response to requests', 'Apache']),
|
||||
OptAddress.new('ReverseListenerBindAddress', [false, 'The specific IP address to bind to on the local system']),
|
||||
OptBool.new('OverrideRequestHost', [false, 'Forces a specific host and port instead of using what the client requests, defaults to LHOST:LPORT', false]),
|
||||
OptString.new('OverrideLHOST', [false, 'When OverrideRequestHost is set, use this value as the host name for secondary requests']),
|
||||
OptPort.new('OverrideLPORT', [false, 'When OverrideRequestHost is set, use this value as the port number for secondary requests']),
|
||||
OptString.new('OverrideScheme', [false, 'When OverrideRequestHost is set, use this value as the scheme for secondary requests, e.g http or https']),
|
||||
OptString.new('HttpUnknownRequestResponse', [false, 'The returned HTML response body when the handler receives a request that is not from a payload', '<html><body><h1>It works!</h1></body></html>']),
|
||||
OptBool.new('IgnoreUnknownPayloads', [false, 'Whether to drop connections from payloads using unknown UUIDs', false])
|
||||
OptAddress.new('ReverseListenerBindAddress',
|
||||
'The specific IP address to bind to on the local system'
|
||||
),
|
||||
OptBool.new('OverrideRequestHost',
|
||||
'Forces a specific host and port instead of using what the client requests, defaults to LHOST:LPORT',
|
||||
),
|
||||
OptString.new('OverrideLHOST',
|
||||
'When OverrideRequestHost is set, use this value as the host name for secondary requests'
|
||||
),
|
||||
OptPort.new('OverrideLPORT',
|
||||
'When OverrideRequestHost is set, use this value as the port number for secondary requests'
|
||||
),
|
||||
OptString.new('OverrideScheme',
|
||||
'When OverrideRequestHost is set, use this value as the scheme for secondary requests, e.g http or https'
|
||||
),
|
||||
OptString.new('HttpUserAgent',
|
||||
'The user-agent that the payload should use for communication',
|
||||
default: Rex::UserAgent.shortest,
|
||||
aliases: ['MeterpreterUserAgent']
|
||||
),
|
||||
OptString.new('HttpServerName',
|
||||
'The server header that the handler will send in response to requests',
|
||||
default: 'Apache',
|
||||
aliases: ['MeterpreterServerName']
|
||||
),
|
||||
OptString.new('HttpUnknownRequestResponse',
|
||||
'The returned HTML response body when the handler receives a request that is not from a payload',
|
||||
default: '<html><body><h1>It works!</h1></body></html>'
|
||||
),
|
||||
OptBool.new('IgnoreUnknownPayloads',
|
||||
'Whether to drop connections from payloads using unknown UUIDs'
|
||||
)
|
||||
], Msf::Handler::ReverseHttp)
|
||||
end
|
||||
|
||||
|
|
@ -204,7 +226,7 @@ module ReverseHttp
|
|||
|
||||
raise ex if (ex)
|
||||
|
||||
self.service.server_name = datastore['MeterpreterServerName']
|
||||
self.service.server_name = datastore['HttpServerName']
|
||||
|
||||
# Add the new resource
|
||||
service.add_resource((luri + "/").gsub("//", "/"),
|
||||
|
|
@ -245,14 +267,14 @@ protected
|
|||
info = {}
|
||||
return @proxy_settings if @proxy_settings
|
||||
|
||||
if datastore['PayloadProxyHost'].to_s == ''
|
||||
if datastore['HttpProxyHost'].to_s == ''
|
||||
@proxy_settings = info
|
||||
return @proxy_settings
|
||||
end
|
||||
|
||||
info[:host] = datastore['PayloadProxyHost'].to_s
|
||||
info[:port] = (datastore['PayloadProxyPort'] || 8080).to_i
|
||||
info[:type] = datastore['PayloadProxyType'].to_s
|
||||
info[:host] = datastore['HttpProxyHost'].to_s
|
||||
info[:port] = (datastore['HttpProxyPort'] || 8080).to_i
|
||||
info[:type] = datastore['HttpProxyType'].to_s
|
||||
|
||||
uri_host = info[:host]
|
||||
|
||||
|
|
@ -266,11 +288,11 @@ protected
|
|||
info[:info] = "socks=#{info[:info]}"
|
||||
else
|
||||
info[:info] = "http://#{info[:info]}"
|
||||
if datastore['PayloadProxyUser'].to_s != ''
|
||||
info[:username] = datastore['PayloadProxyUser'].to_s
|
||||
if datastore['HttpProxyUser'].to_s != ''
|
||||
info[:username] = datastore['HttpProxyUser'].to_s
|
||||
end
|
||||
if datastore['PayloadProxyPass'].to_s != ''
|
||||
info[:password] = datastore['PayloadProxyPass'].to_s
|
||||
if datastore['HttpProxyPass'].to_s != ''
|
||||
info[:password] = datastore['HttpProxyPass'].to_s
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -38,13 +38,13 @@ module ReverseHttpsProxy
|
|||
|
||||
register_options(
|
||||
[
|
||||
OptAddressLocal.new('LHOST', [ true, "The local listener hostname" ,"127.0.0.1"]),
|
||||
OptPort.new('LPORT', [ true, "The local listener port", 8443 ]),
|
||||
OptString.new('PayloadProxyHost', [true, "The proxy server's IP address", "127.0.0.1"]),
|
||||
OptPort.new('PayloadProxyPort', [true, "The proxy port to connect to", 8080 ]),
|
||||
OptEnum.new('PayloadProxyType', [true, 'The proxy type, HTTP or SOCKS', 'HTTP', ['HTTP', 'SOCKS']]),
|
||||
OptString.new('PayloadProxyUser', [ false, "An optional username for HTTP proxy authentication"]),
|
||||
OptString.new('PayloadProxyPass', [ false, "An optional password for HTTP proxy authentication"])
|
||||
OptAddressLocal.new('LHOST', "The local listener hostname", default: "127.0.0.1"),
|
||||
OptPort.new('LPORT', "The local listener port", default: 8443),
|
||||
OptString.new('HttpProxyHost', "The proxy server's IP address", required: true, default: "127.0.0.1", aliases: ['PayloadProxyHost']),
|
||||
OptPort.new('HttpProxyPort', "The proxy port to connect to", required: true, default: 8080, aliases: ['PayloadProxyPort']),
|
||||
OptEnum.new('HttpProxyType', 'The proxy type, HTTP or SOCKS', enums: ['HTTP', 'SOCKS'], aliases: ['PayloadProxyType']),
|
||||
OptString.new('HttpProxyUser', "An optional username for HTTP proxy authentication", aliases: ['PayloadProxyUser']),
|
||||
OptString.new('HttpProxyPass', "An optional password for HTTP proxy authentication", aliases: ['PayloadProxyPass'])
|
||||
], Msf::Handler::ReverseHttpsProxy)
|
||||
|
||||
register_advanced_options(
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ module Payload::Java::ReverseHttp
|
|||
|
||||
c = ''
|
||||
c << "Spawn=#{ds["Spawn"] || 2}\n"
|
||||
c << "HeaderUser-Agent=#{ds["MeterpreterUserAgent"]}\n" if ds["MeterpreterUserAgent"]
|
||||
c << "HeaderUser-Agent=#{ds["HttpUserAgent"]}\n" if ds["HttpUserAgent"]
|
||||
c << "HeaderHost=#{ds["HttpHeaderHost"]}\n" if ds["HttpHeaderHost"]
|
||||
c << "HeaderReferer=#{ds["HttpHeaderReferer"]}\n" if ds["HttpHeaderReferer"]
|
||||
c << "HeaderCookie=#{ds["HttpHeaderCookie"]}\n" if ds["HttpHeaderCookie"]
|
||||
|
|
|
|||
|
|
@ -23,14 +23,13 @@ module Payload::Multi::ReverseHttp
|
|||
def initialize(*args)
|
||||
super
|
||||
register_advanced_options([
|
||||
OptInt.new('StagerURILength', [false, 'The URI length for the stager (at least 5 bytes)']),
|
||||
OptInt.new('StagerRetryCount', [false, 'The number of times the stager should retry if the first connect fails', 10],
|
||||
aliases: ['ReverseConnectRetries']),
|
||||
OptString.new('PayloadProxyHost', [false, 'An optional proxy server IP address or hostname']),
|
||||
OptPort.new('PayloadProxyPort', [false, 'An optional proxy server port']),
|
||||
OptString.new('PayloadProxyUser', [false, 'An optional proxy server username']),
|
||||
OptString.new('PayloadProxyPass', [false, 'An optional proxy server password']),
|
||||
OptEnum.new('PayloadProxyType', [false, 'The type of HTTP proxy (HTTP or SOCKS)', 'HTTP', ['HTTP', 'SOCKS']])
|
||||
OptInt.new('StagerURILength', 'The URI length for the stager (at least 5 bytes)'),
|
||||
OptInt.new('StagerRetryCount', 'The number of times the stager should retry if the first connect fails', default: 10, aliases: ['ReverseConnectRetries']),
|
||||
OptString.new('HttpProxyHost', 'An optional proxy server IP address or hostname', aliases: ['PayloadProxyHost']),
|
||||
OptPort.new('HttpProxyPort', 'An optional proxy server port', aliases: ['PayloadProxyPort']),
|
||||
OptString.new('HttpProxyUser', 'An optional proxy server username', aliases: ['PayloadProxyUser']),
|
||||
OptString.new('HttpProxyPass', 'An optional proxy server password', aliases: ['PayloadProxyPass']),
|
||||
OptEnum.new('HttpProxyType', 'The type of HTTP proxy (HTTP or SOCKS)', enums: ['HTTP', 'SOCKS'], aliases: ['PayloadProxyType'])
|
||||
])
|
||||
end
|
||||
|
||||
|
|
@ -67,4 +66,3 @@ module Payload::Multi::ReverseHttp
|
|||
end
|
||||
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -88,9 +88,9 @@ module Payload::Python::MeterpreterLoader
|
|||
end
|
||||
met.sub!("SESSION_GUID = \'\'", "SESSION_GUID = \'#{session_guid}\'")
|
||||
|
||||
http_user_agent = opts[:http_user_agent] || ds['MeterpreterUserAgent']
|
||||
http_proxy_host = opts[:http_proxy_host] || ds['PayloadProxyHost'] || ds['PROXYHOST']
|
||||
http_proxy_port = opts[:http_proxy_port] || ds['PayloadProxyPort'] || ds['PROXYPORT']
|
||||
http_user_agent = opts[:http_user_agent] || ds['HttpUserAgent']
|
||||
http_proxy_host = opts[:http_proxy_host] || ds['HttpProxyHost'] || ds['PROXYHOST']
|
||||
http_proxy_port = opts[:http_proxy_port] || ds['HttpProxyPort'] || ds['PROXYPORT']
|
||||
http_header_host = opts[:header_host] || ds['HttpHeaderHost']
|
||||
http_header_cookie = opts[:header_cookie] || ds['HttpHeaderCookie']
|
||||
http_header_referer = opts[:header_referer] || ds['HttpHeaderReferer']
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ module Payload::Python::ReverseHttp
|
|||
super(info)
|
||||
register_options(
|
||||
[
|
||||
OptString.new('PayloadProxyHost', [ false, "The proxy server's IP address" ]),
|
||||
OptPort.new('PayloadProxyPort', [ true, "The proxy port to connect to", 8080 ]),
|
||||
OptString.new('HttpProxyHost', [ false, "The proxy server's IP address" ], aliases: ['PayloadProxyHost']),
|
||||
OptPort.new('HttpProxyPort', [ true, "The proxy port to connect to", 8080 ], aliases: ['PayloadProxyHost']),
|
||||
OptString.new('HttpHeaderHost', [false, 'An optional value to use for the Host HTTP header']),
|
||||
OptString.new('HttpHeaderCookie', [false, 'An optional value to use for the Cookie HTTP header']),
|
||||
OptString.new('HttpHeaderReferer', [false, 'An optional value to use for the Referer HTTP header'])
|
||||
|
|
@ -29,9 +29,9 @@ module Payload::Python::ReverseHttp
|
|||
opts.merge!({
|
||||
host: ds['LHOST'] || '127.127.127.127',
|
||||
port: ds['LPORT'],
|
||||
proxy_host: ds['PayloadProxyHost'],
|
||||
proxy_port: ds['PayloadProxyPort'],
|
||||
user_agent: ds['MeterpreterUserAgent'],
|
||||
proxy_host: ds['HttpProxyHost'],
|
||||
proxy_port: ds['HttpProxyPort'],
|
||||
user_agent: ds['HttpUserAgent'],
|
||||
header_host: ds['HttpHeaderHost'],
|
||||
header_cookie: ds['HttpHeaderCookie'],
|
||||
header_referer: ds['HttpHeaderReferer']
|
||||
|
|
|
|||
|
|
@ -60,12 +60,12 @@ module Msf::Payload::TransportConfig
|
|||
lhost: opts[:lhost] || ds['LHOST'],
|
||||
lport: (opts[:lport] || ds['LPORT']).to_i,
|
||||
uri: uri,
|
||||
ua: ds['MeterpreterUserAgent'],
|
||||
proxy_host: ds['PayloadProxyHost'],
|
||||
proxy_port: ds['PayloadProxyPort'],
|
||||
proxy_type: ds['PayloadProxyType'],
|
||||
proxy_user: ds['PayloadProxyUser'],
|
||||
proxy_pass: ds['PayloadProxyPass'],
|
||||
ua: ds['HttpUserAgent'],
|
||||
proxy_host: ds['HttpProxyHost'],
|
||||
proxy_port: ds['HttpProxyPort'],
|
||||
proxy_type: ds['HttpProxyType'],
|
||||
proxy_user: ds['HttpProxyUser'],
|
||||
proxy_pass: ds['HttpProxyPass'],
|
||||
custom_headers: get_custom_headers(ds)
|
||||
}.merge(timeout_config(opts))
|
||||
end
|
||||
|
|
|
|||
|
|
@ -32,14 +32,14 @@ module Payload::Windows::ReverseHttp
|
|||
OptInt.new('StagerRetryCount', [false, 'The number of times the stager should retry if the first connect fails', 10],
|
||||
aliases: ['ReverseConnectRetries']),
|
||||
OptInt.new('StagerRetryWait', [false, 'Number of seconds to wait for the stager between reconnect attempts', 5]),
|
||||
OptString.new('PayloadProxyHost', [false, 'An optional proxy server IP address or hostname']),
|
||||
OptPort.new('PayloadProxyPort', [false, 'An optional proxy server port']),
|
||||
OptString.new('PayloadProxyUser', [false, 'An optional proxy server username']),
|
||||
OptString.new('PayloadProxyPass', [false, 'An optional proxy server password']),
|
||||
OptEnum.new('PayloadProxyType', [false, 'The type of HTTP proxy (HTTP or SOCKS)', 'HTTP', ['HTTP', 'SOCKS']]),
|
||||
OptString.new('HttpHeaderHost', [false, 'An optional value to use for the Host HTTP header']),
|
||||
OptString.new('HttpHeaderCookie', [false, 'An optional value to use for the Cookie HTTP header']),
|
||||
OptString.new('HttpHeaderReferer', [false, 'An optional value to use for the Referer HTTP header'])
|
||||
OptString.new('HttpProxyHost', 'An optional proxy server IP address or hostname', aliases: ['PayloadProxyHost']),
|
||||
OptPort.new('HttpProxyPort', 'An optional proxy server port', aliases: ['PayloadProxyPort']),
|
||||
OptString.new('HttpProxyUser', 'An optional proxy server username', aliases: ['PayloadProxyUser']),
|
||||
OptString.new('HttpProxyPass', 'An optional proxy server password', aliases: ['PayloadProxyPass']),
|
||||
OptEnum.new('HttpProxyType', 'The type of HTTP proxy (HTTP or SOCKS)', enums: ['HTTP', 'SOCKS'], aliases: ['PayloadProxyType']),
|
||||
OptString.new('HttpHeaderHost', 'An optional value to use for the Host HTTP header'),
|
||||
OptString.new('HttpHeaderCookie', 'An optional value to use for the Cookie HTTP header'),
|
||||
OptString.new('HttpHeaderReferer', 'An optional value to use for the Referer HTTP header')
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
|
@ -60,12 +60,12 @@ module Payload::Windows::ReverseHttp
|
|||
if self.available_space.nil? || required_space <= self.available_space
|
||||
conf[:url] = luri + generate_uri(opts)
|
||||
conf[:exitfunk] = ds['EXITFUNC']
|
||||
conf[:ua] = ds['MeterpreterUserAgent']
|
||||
conf[:proxy_host] = ds['PayloadProxyHost']
|
||||
conf[:proxy_port] = ds['PayloadProxyPort']
|
||||
conf[:proxy_user] = ds['PayloadProxyUser']
|
||||
conf[:proxy_pass] = ds['PayloadProxyPass']
|
||||
conf[:proxy_type] = ds['PayloadProxyType']
|
||||
conf[:ua] = ds['HttpUserAgent']
|
||||
conf[:proxy_host] = ds['HttpProxyHost']
|
||||
conf[:proxy_port] = ds['HttpProxyPort']
|
||||
conf[:proxy_user] = ds['HttpProxyUser']
|
||||
conf[:proxy_pass] = ds['HttpProxyPass']
|
||||
conf[:proxy_type] = ds['HttpProxyType']
|
||||
conf[:custom_headers] = get_custom_headers(ds)
|
||||
else
|
||||
# Otherwise default to small URIs
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ module Payload::Windows::ReverseWinHttp
|
|||
def initialize(*args)
|
||||
super
|
||||
register_advanced_options([
|
||||
OptBool.new('PayloadProxyIE', [false, 'Enable use of IE proxy settings', true])
|
||||
OptBool.new('HttpProxyIE', 'Enable use of IE proxy settings', default: true, aliases: ['PayloadProxyIE'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
|
@ -41,13 +41,13 @@ module Payload::Windows::ReverseWinHttp
|
|||
conf[:uri] = luri + generate_uri
|
||||
conf[:exitfunk] = ds['EXITFUNC']
|
||||
conf[:verify_cert_hash] = opts[:verify_cert_hash]
|
||||
conf[:proxy_host] = ds['PayloadProxyHost']
|
||||
conf[:proxy_port] = ds['PayloadProxyPort']
|
||||
conf[:proxy_user] = ds['PayloadProxyUser']
|
||||
conf[:proxy_pass] = ds['PayloadProxyPass']
|
||||
conf[:proxy_type] = ds['PayloadProxyType']
|
||||
conf[:proxy_host] = ds['HttpProxyHost']
|
||||
conf[:proxy_port] = ds['HttpProxyPort']
|
||||
conf[:proxy_user] = ds['HttpProxyUser']
|
||||
conf[:proxy_pass] = ds['HttpProxyPass']
|
||||
conf[:proxy_type] = ds['HttpProxyType']
|
||||
conf[:retry_count] = ds['StagerRetryCount']
|
||||
conf[:proxy_ie] = ds['PayloadProxyIE']
|
||||
conf[:proxy_ie] = ds['HttpProxyIE']
|
||||
conf[:custom_headers] = get_custom_headers(ds)
|
||||
else
|
||||
# Otherwise default to small URIs
|
||||
|
|
|
|||
|
|
@ -32,14 +32,14 @@ module Payload::Windows::ReverseHttp_x64
|
|||
OptInt.new('StagerRetryCount', [false, 'The number of times the stager should retry if the first connect fails', 10],
|
||||
aliases: ['ReverseConnectRetries']),
|
||||
OptInt.new('StagerRetryWait', [false, 'Number of seconds to wait for the stager between reconnect attempts', 5]),
|
||||
OptString.new('PayloadProxyHost', [false, 'An optional proxy server IP address or hostname']),
|
||||
OptPort.new('PayloadProxyPort', [false, 'An optional proxy server port']),
|
||||
OptString.new('PayloadProxyUser', [false, 'An optional proxy server username']),
|
||||
OptString.new('PayloadProxyPass', [false, 'An optional proxy server password']),
|
||||
OptEnum.new('PayloadProxyType', [false, 'The type of HTTP proxy (HTTP or SOCKS)', 'HTTP', ['HTTP', 'SOCKS']]),
|
||||
OptString.new('HttpHeaderHost', [false, 'An optional value to use for the Host HTTP header']),
|
||||
OptString.new('HttpHeaderCookie', [false, 'An optional value to use for the Cookie HTTP header']),
|
||||
OptString.new('HttpHeaderReferer', [false, 'An optional value to use for the Referer HTTP header'])
|
||||
OptString.new('HttpProxyHost', 'An optional proxy server IP address or hostname', aliases: ['PayloadProxyHost']),
|
||||
OptPort.new('HttpProxyPort', 'An optional proxy server port', aliases: ['PayloadProxyPort']),
|
||||
OptString.new('HttpProxyUser', 'An optional proxy server username', aliases: ['PayloadProxyUser']),
|
||||
OptString.new('HttpProxyPass', 'An optional proxy server password', aliases: ['PayloadProxyPass']),
|
||||
OptEnum.new('HttpProxyType', 'The type of HTTP proxy (HTTP or SOCKS)', enums: ['HTTP', 'SOCKS'], aliases: ['PayloadProxyType']),
|
||||
OptString.new('HttpHeaderHost', 'An optional value to use for the Host HTTP header'),
|
||||
OptString.new('HttpHeaderCookie', 'An optional value to use for the Cookie HTTP header'),
|
||||
OptString.new('HttpHeaderReferer', 'An optional value to use for the Referer HTTP header')
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
|
@ -65,12 +65,12 @@ module Payload::Windows::ReverseHttp_x64
|
|||
if self.available_space.nil? || required_space <= self.available_space
|
||||
conf[:url] = luri + generate_uri(opts)
|
||||
conf[:exitfunk] = ds['EXITFUNC']
|
||||
conf[:ua] = ds['MeterpreterUserAgent']
|
||||
conf[:proxy_host] = ds['PayloadProxyHost']
|
||||
conf[:proxy_port] = ds['PayloadProxyPort']
|
||||
conf[:proxy_user] = ds['PayloadProxyUser']
|
||||
conf[:proxy_pass] = ds['PayloadProxyPass']
|
||||
conf[:proxy_type] = ds['PayloadProxyType']
|
||||
conf[:ua] = ds['HttpUserAgent']
|
||||
conf[:proxy_host] = ds['HttpProxyHost']
|
||||
conf[:proxy_port] = ds['HttpProxyPort']
|
||||
conf[:proxy_user] = ds['HttpProxyUser']
|
||||
conf[:proxy_pass] = ds['HttpProxyPass']
|
||||
conf[:proxy_type] = ds['HttpProxyType']
|
||||
conf[:custom_headers] = get_custom_headers(ds)
|
||||
else
|
||||
# Otherwise default to small URIs
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Payload::Windows::ReverseWinHttp_x64
|
|||
def initialize(*args)
|
||||
super
|
||||
register_advanced_options([
|
||||
OptBool.new('PayloadProxyIE', [false, 'Enable use of IE proxy settings', true])
|
||||
OptBool.new('HttpProxyIE', 'Enable use of IE proxy settings', default: true, aliases: ['PayloadProxyIE'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
|
@ -42,13 +42,13 @@ module Payload::Windows::ReverseWinHttp_x64
|
|||
conf[:uri] = luri + generate_uri
|
||||
conf[:exitfunk] = ds['EXITFUNC']
|
||||
conf[:verify_cert_hash] = opts[:verify_cert_hash]
|
||||
conf[:proxy_host] = ds['PayloadProxyHost']
|
||||
conf[:proxy_port] = ds['PayloadProxyPort']
|
||||
conf[:proxy_user] = ds['PayloadProxyUser']
|
||||
conf[:proxy_pass] = ds['PayloadProxyPass']
|
||||
conf[:proxy_type] = ds['PayloadProxyType']
|
||||
conf[:proxy_host] = ds['HttpProxyHost']
|
||||
conf[:proxy_port] = ds['HttpProxyPort']
|
||||
conf[:proxy_user] = ds['HttpProxyUser']
|
||||
conf[:proxy_pass] = ds['HttpProxyPass']
|
||||
conf[:proxy_type] = ds['HttpProxyType']
|
||||
conf[:retry_count] = ds['StagerRetryCount']
|
||||
conf[:proxy_ie] = ds['PayloadProxyIE']
|
||||
conf[:proxy_ie] = ds['HttpProxyIE']
|
||||
conf[:custom_headers] = get_custom_headers(ds)
|
||||
else
|
||||
# Otherwise default to small URIs
|
||||
|
|
|
|||
|
|
@ -80,8 +80,8 @@ module MetasploitModule
|
|||
p[i, u.length] = u
|
||||
|
||||
# patch proxy info
|
||||
proxyhost = datastore['PayloadProxyHost'].to_s
|
||||
proxyport = datastore['PayloadProxyPort'].to_s || "8080"
|
||||
proxyhost = datastore['HttpProxyHost'].to_s
|
||||
proxyport = datastore['HttpProxyPort'].to_s || "8080"
|
||||
|
||||
if Rex::Socket.is_ipv6?(proxyhost)
|
||||
proxyhost = "[#{proxyhost}]"
|
||||
|
|
@ -91,7 +91,7 @@ module MetasploitModule
|
|||
if proxyport == "80"
|
||||
proxyinfo = proxyhost
|
||||
end
|
||||
if datastore['PayloadProxyType'].to_s == 'HTTP'
|
||||
if datastore['HttpProxyType'].to_s == 'HTTP'
|
||||
proxyinfo = 'http://' + proxyinfo
|
||||
else #socks
|
||||
proxyinfo = 'socks=' + proxyinfo
|
||||
|
|
@ -105,22 +105,22 @@ module MetasploitModule
|
|||
p[proxyloc-4] = [calloffset].pack('V')[0]
|
||||
|
||||
# Authentication credentials have not been specified
|
||||
if datastore['PayloadProxyUser'].to_s == '' or
|
||||
datastore['PayloadProxyPass'].to_s == '' or
|
||||
datastore['PayloadProxyType'].to_s == 'SOCKS'
|
||||
if datastore['HttpProxyUser'].to_s == '' ||
|
||||
datastore['HttpProxyPass'].to_s == '' ||
|
||||
datastore['HttpProxyType'].to_s == 'SOCKS'
|
||||
|
||||
jmp_offset = p.index("PROXY_AUTH_STOP") + 15 - p.index("PROXY_AUTH_START")
|
||||
|
||||
# Remove the authentication code
|
||||
p = p.gsub(/PROXY_AUTH_START(.)*PROXY_AUTH_STOP/i, "")
|
||||
else
|
||||
username_size_diff = 14 - datastore['PayloadProxyUser'].to_s.length
|
||||
password_size_diff = 14 - datastore['PayloadProxyPass'].to_s.length
|
||||
username_size_diff = 14 - datastore['HttpProxyUser'].to_s.length
|
||||
password_size_diff = 14 - datastore['HttpProxyPass'].to_s.length
|
||||
jmp_offset =
|
||||
16 + # PROXY_AUTH_START length
|
||||
15 + # PROXY_AUTH_STOP length
|
||||
username_size_diff + # Difference between datastore PayloadProxyUser length and db "PayloadProxyUser length"
|
||||
password_size_diff # Same with PayloadProxyPass
|
||||
username_size_diff + # Difference between datastore HttpProxyUser length and db "HttpProxyUser length"
|
||||
password_size_diff # Same with HttpProxyPass
|
||||
|
||||
# Patch call offset
|
||||
username_loc = p.index("PROXY_USERNAME")
|
||||
|
|
@ -131,8 +131,8 @@ module MetasploitModule
|
|||
# Remove markers & change login/password
|
||||
p = p.gsub("PROXY_AUTH_START","")
|
||||
p = p.gsub("PROXY_AUTH_STOP","")
|
||||
p = p.gsub("PROXY_USERNAME", datastore['PayloadProxyUser'].to_s)
|
||||
p = p.gsub("PROXY_PASSWORD", datastore['PayloadProxyPass'].to_s)
|
||||
p = p.gsub("PROXY_USERNAME", datastore['HttpProxyUser'].to_s)
|
||||
p = p.gsub("PROXY_PASSWORD", datastore['HttpProxyPass'].to_s)
|
||||
end
|
||||
|
||||
# Patch jmp dbl_get_server_host
|
||||
|
|
|
|||
Loading…
Reference in New Issue