Land #9653, fix Y2k38 issue (until Jan 1, 2038)

4.x 4.16.42
Sonny Gonzalez 2018-03-01 09:13:41 -06:00
parent 789034a06c
commit 667cc5bcca
No known key found for this signature in database
GPG Key ID: CB9B0D55493F72DA
2 changed files with 13 additions and 3 deletions

View File

@ -78,7 +78,7 @@ module Msf::Payload::Android
cert.public_key = key.public_key
# Some time within the last 3 years
cert.not_before = Time.now - rand(3600*24*365*3)
cert.not_before = Time.now - rand(3600 * 24 * 365 * 3)
# From http://developer.android.com/tools/publishing/app-signing.html
# """
@ -89,7 +89,16 @@ module Msf::Payload::Android
# requirement. You cannot upload an application if it is signed
# with a key whose validity expires before that date.
# """
cert.not_after = cert.not_before + 3600*24*365*20 # 20 years
#
# 32-bit Ruby (and 64-bit Ruby on Windows) cannot deal with
# certificate not_after times later than Jan 1st 2038, since long is 32-bit.
# Set not_after to a random time 2~ years before the first bad date.
#
# FIXME: this will break again randomly starting in late 2033, hopefully
# all 32-bit systems will be dead by then...
#
# The timestamp 0x78045d81 equates to 2033-10-22 00:00:01 UTC
cert.not_after = Time.at(0x78045d81 + rand(0x7fffffff - 0x78045d81))
# If this line is left out, signature verification fails on OSX.
cert.sign(key, OpenSSL::Digest::SHA1.new)

View File

@ -216,7 +216,8 @@ class MetasploitModule < Msf::Exploit::Remote
@cert.issuer = x509_name
@cert.public_key = @key.public_key
@cert.not_before = Time.now
@cert.not_after = @cert.not_before + 3600*24*365*3 # 3 years
# FIXME: this will break in the year 2037 on 32-bit systems
@cert.not_after = @cert.not_before + 3600 * 24 * 365 # 1 year
end
end