From 667cc5bcca94a892b73237771621c881c2b1aa91 Mon Sep 17 00:00:00 2001 From: Sonny Gonzalez Date: Thu, 1 Mar 2018 09:13:41 -0600 Subject: [PATCH] Land #9653, fix Y2k38 issue (until Jan 1, 2038) --- lib/msf/core/payload/android.rb | 13 +++++++++++-- .../exploits/multi/browser/java_signed_applet.rb | 3 ++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/lib/msf/core/payload/android.rb b/lib/msf/core/payload/android.rb index 40f2131c38..5609480f37 100644 --- a/lib/msf/core/payload/android.rb +++ b/lib/msf/core/payload/android.rb @@ -78,7 +78,7 @@ module Msf::Payload::Android cert.public_key = key.public_key # Some time within the last 3 years - cert.not_before = Time.now - rand(3600*24*365*3) + cert.not_before = Time.now - rand(3600 * 24 * 365 * 3) # From http://developer.android.com/tools/publishing/app-signing.html # """ @@ -89,7 +89,16 @@ module Msf::Payload::Android # requirement. You cannot upload an application if it is signed # with a key whose validity expires before that date. # """ - cert.not_after = cert.not_before + 3600*24*365*20 # 20 years + # + # 32-bit Ruby (and 64-bit Ruby on Windows) cannot deal with + # certificate not_after times later than Jan 1st 2038, since long is 32-bit. + # Set not_after to a random time 2~ years before the first bad date. + # + # FIXME: this will break again randomly starting in late 2033, hopefully + # all 32-bit systems will be dead by then... + # + # The timestamp 0x78045d81 equates to 2033-10-22 00:00:01 UTC + cert.not_after = Time.at(0x78045d81 + rand(0x7fffffff - 0x78045d81)) # If this line is left out, signature verification fails on OSX. cert.sign(key, OpenSSL::Digest::SHA1.new) diff --git a/modules/exploits/multi/browser/java_signed_applet.rb b/modules/exploits/multi/browser/java_signed_applet.rb index 1c0e9c06b1..cc2e8263eb 100644 --- a/modules/exploits/multi/browser/java_signed_applet.rb +++ b/modules/exploits/multi/browser/java_signed_applet.rb @@ -216,7 +216,8 @@ class MetasploitModule < Msf::Exploit::Remote @cert.issuer = x509_name @cert.public_key = @key.public_key @cert.not_before = Time.now - @cert.not_after = @cert.not_before + 3600*24*365*3 # 3 years + # FIXME: this will break in the year 2037 on 32-bit systems + @cert.not_after = @cert.not_before + 3600 * 24 * 365 # 1 year end end