Fix uuid setting, fix reverse_https x64 payload

The payload changes in this PR will be fixed up/removed in the
update-x64-stagers PR.
unstable
OJ 2015-05-12 10:24:11 +10:00
parent 5f735c917c
commit 836feaa2d8
4 changed files with 17 additions and 4 deletions

View File

@ -307,6 +307,8 @@ class Meterpreter < Rex::Post::Meterpreter::Client
begin
self.machine_id = self.core.machine_id(timeout)
self.payload_uuid ||= self.core.uuid(timeout)
return true
rescue ::Rex::Post::Meterpreter::RequestError
# This meterpreter doesn't support core_machine_id
@ -329,8 +331,6 @@ class Meterpreter < Rex::Post::Meterpreter::Client
username = self.sys.config.getuid
sysinfo = self.sys.config.sysinfo
self.payload_uuid = self.core.uuid unless self.payload_uuid
safe_info = "#{username} @ #{sysinfo['Computer']}"
safe_info.force_encoding("ASCII-8BIT") if safe_info.respond_to?(:force_encoding)
# Should probably be using Rex::Text.ascii_safe_hex but leave

View File

@ -1,6 +1,7 @@
# -*- coding: binary -*-
require 'msf/core'
require 'msf/core/payload/transport_config'
require 'msf/core/payload/windows/reverse_http'
module Msf
@ -15,6 +16,7 @@ module Msf
module Payload::Windows::ReverseHttps
include Msf::Payload::TransportConfig
include Msf::Payload::Windows::ReverseHttp
#

View File

@ -296,10 +296,12 @@ class ClientCore < Extension
return true
end
def uuid
def uuid(timeout=nil)
request = Packet.create_request('core_uuid')
response = client.send_request(request)
args = [ request ]
args << timeout if timeout
response = client.send_request(*args)
id = response.get_tlv_value(TLV_TYPE_UUID)

View File

@ -5,12 +5,14 @@
require 'msf/core'
require 'msf/core/payload/transport_config'
require 'msf/core/handler/reverse_https'
module Metasploit3
CachedSize = 578
include Msf::Payload::TransportConfig
include Msf::Payload::Stager
include Msf::Payload::Windows
@ -91,6 +93,13 @@ module Metasploit3
))
end
#
# Generate the transport-specific configuration
#
def transport_config(opts={})
transport_config_reverse_https(opts)
end
#
# Do not transmit the stage over the connection. We handle this via HTTPS
#