infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix a bug in the new SSL code that broke large transfers 

git-svn-id: file:///home/svn/framework3/trunk@6720 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2009-06-27 01:52:36 +00:00
parent aaff989294
commit 43372de9f0
6 changed files with 28 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
data/meterpreter/ext_server_incognito.dll
View File

Binary file not shown.

BIN
data/meterpreter/ext_server_priv.dll
View File

Binary file not shown.

BIN
data/meterpreter/ext_server_stdapi.dll
View File

Binary file not shown.

BIN
data/meterpreter/metcli.exe
View File

Binary file not shown.

BIN
data/meterpreter/metsrv.dll
View File

Binary file not shown.

40
external/source/meterpreter/source/common/core.c vendored
View File

@ -649,6 +649,7 @@ DWORD packet_transmit(Remote *remote, Packet *packet,
CryptoContext *crypto; CryptoContext *crypto;
Tlv requestId; Tlv requestId;
DWORD res; DWORD res;
DWORD idx;
// If the packet does not already have a request identifier, create // If the packet does not already have a request identifier, create
// one for it // one for it
@ -704,25 +705,38 @@ DWORD packet_transmit(Remote *remote, Packet *packet,
packet->header.length = htonl(packet->payloadLength + sizeof(TlvHeader)); packet->header.length = htonl(packet->payloadLength + sizeof(TlvHeader));
} }
idx = 0;
while( idx < sizeof(packet->header)) {
// Transmit the packet's header (length, type) // Transmit the packet's header (length, type)
if (ssl_write(&remote->ssl, (LPCSTR)&packet->header, while( (res = ssl_write(
sizeof(packet->header)) == SOCKET_ERROR) &remote->ssl,
break; (LPCSTR)(&packet->header) + idx,
sizeof(packet->header) - idx)) == POLARSSL_ERR_NET_TRY_AGAIN) { }
if(res < 0) break;
idx += res;
}
if(res < 0) break;
// Transmit the packet's payload idx = 0;
if (ssl_write(&remote->ssl, packet->payload, while( idx < packet->payloadLength) {
packet->payloadLength) == SOCKET_ERROR) // Transmit the packet's payload (length, type)
break; while( (res = ssl_write(
&remote->ssl,
// Destroy the packet packet->payload + idx,
packet_destroy(packet); packet->payloadLength - idx)) == POLARSSL_ERR_NET_TRY_AGAIN) { }
if(res < 0) break;
idx += res;
}
if(res < 0) break;
SetLastError(ERROR_SUCCESS); SetLastError(ERROR_SUCCESS);
} while (0); } while (0);
res = GetLastError(); res = GetLastError();
// Destroy the packet
packet_destroy(packet);
return res; return res;
} }
@ -764,7 +778,7 @@ DWORD packet_receive(Remote *remote, Packet **packet)
{ {
if ((bytesRead = ssl_read(&remote->ssl, if ((bytesRead = ssl_read(&remote->ssl,
((PUCHAR)&header + headerBytes), ((PUCHAR)&header + headerBytes),
sizeof(TlvHeader) - headerBytes, 0)) <= 0) sizeof(TlvHeader) - headerBytes)) <= 0)
{ {
if(bytesRead == POLARSSL_ERR_NET_TRY_AGAIN) continue; if(bytesRead == POLARSSL_ERR_NET_TRY_AGAIN) continue;
if (!bytesRead) if (!bytesRead)
@ -802,7 +816,7 @@ DWORD packet_receive(Remote *remote, Packet **packet)
{ {
if ((bytesRead = ssl_read(&remote->ssl, if ((bytesRead = ssl_read(&remote->ssl,
payload + payloadLength - payloadBytesLeft, payload + payloadLength - payloadBytesLeft,
payloadBytesLeft, 0)) <= 0) payloadBytesLeft)) <= 0)
{ {
if(bytesRead == POLARSSL_ERR_NET_TRY_AGAIN) continue; if(bytesRead == POLARSSL_ERR_NET_TRY_AGAIN) continue;