Land #6264, meterpreter per-extension init string support, update payloads to 1.0.17
This brings in the following changes: Changes to support maven 3.3+ Don't fall back to 0.0.0.0 Remove all debug builds from the Windows projects Add show_mount, ps_list, and some core tweaks Refactor TLV layout, add more debug output, token stealing Add incognito binding, code tidies Update packaged libs Add transport list binding Add transport add command to python binding Update python core lib archive change source perms back to non-executable First pass of stageless initialisation script Finalise stageless initialisation scripts add BOOT_COMPLETED receiver that starts the Payload Improve the implementation of the getuid command Switch to Utils.runCommand per timwr's suggestion Updated init script method also bumps msgpack 0.7.1, which fixes a failure packing messages > 256kbug/bundler_fix
commit
a7a89adfac
|
@ -13,7 +13,7 @@ PATH
|
|||
metasploit-concern (= 1.0.0)
|
||||
metasploit-credential (= 1.0.1)
|
||||
metasploit-model (= 1.0.0)
|
||||
metasploit-payloads (= 1.0.16)
|
||||
metasploit-payloads (= 1.0.17)
|
||||
metasploit_data_models (= 1.2.9)
|
||||
msgpack
|
||||
network_interface (~> 0.0.1)
|
||||
|
@ -123,7 +123,7 @@ GEM
|
|||
activemodel (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
railties (>= 4.0.9, < 4.1.0)
|
||||
metasploit-payloads (1.0.16)
|
||||
metasploit-payloads (1.0.17)
|
||||
metasploit_data_models (1.2.9)
|
||||
activerecord (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
|
@ -138,7 +138,7 @@ GEM
|
|||
mime-types (2.6.1)
|
||||
mini_portile (0.6.2)
|
||||
minitest (4.7.5)
|
||||
msgpack (0.7.0)
|
||||
msgpack (0.7.1)
|
||||
multi_json (1.11.2)
|
||||
multi_test (0.1.2)
|
||||
network_interface (0.0.1)
|
||||
|
|
|
@ -120,6 +120,20 @@ private
|
|||
extension_data = [ ext.length, ext ].pack('VA*')
|
||||
end
|
||||
|
||||
def extension_init_block(name, value)
|
||||
# for now, we're going to blindly assume that the value is a path to a file
|
||||
# which contains the data that gets passed to the extension
|
||||
content = ::File.read(value)
|
||||
data = [
|
||||
name,
|
||||
"\x00",
|
||||
content.length,
|
||||
content
|
||||
]
|
||||
|
||||
data.pack('A*A*VA*')
|
||||
end
|
||||
|
||||
def config_block
|
||||
# start with the session information
|
||||
config = session_block(@opts)
|
||||
|
@ -142,12 +156,17 @@ private
|
|||
end
|
||||
|
||||
# terminate the extensions with a 0 size
|
||||
if is_x86?
|
||||
config << [0].pack('V')
|
||||
else
|
||||
config << [0].pack('Q<')
|
||||
config << [0].pack('V')
|
||||
|
||||
# wire in the extension init data
|
||||
(@opts[:ext_init] || '').split(':').each do |cfg|
|
||||
name, value = cfg.split(',')
|
||||
config << extension_init_block(name, value)
|
||||
end
|
||||
|
||||
# terminate the ext init config with a final null byte
|
||||
config << "\x00"
|
||||
|
||||
# and we're done
|
||||
config
|
||||
end
|
||||
|
|
|
@ -68,7 +68,7 @@ Gem::Specification.new do |spec|
|
|||
# are needed when there's no database
|
||||
spec.add_runtime_dependency 'metasploit-model', '1.0.0'
|
||||
# Needed for Meterpreter
|
||||
spec.add_runtime_dependency 'metasploit-payloads', '1.0.16'
|
||||
spec.add_runtime_dependency 'metasploit-payloads', '1.0.17'
|
||||
# Needed by msfgui and other rpc components
|
||||
spec.add_runtime_dependency 'msgpack'
|
||||
# get list of network interfaces, like eth* from OS.
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 957486
|
||||
CachedSize = 957487
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -53,7 +54,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_bind_tcp(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 958530
|
||||
CachedSize = 958531
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -54,7 +55,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_http(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 958530
|
||||
CachedSize = 958531
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -54,7 +55,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_https(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 957486
|
||||
CachedSize = 957487
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions']),
|
||||
OptInt.new("SCOPEID", [false, "The IPv6 Scope ID, required for link-layer addresses", 0])
|
||||
], self.class)
|
||||
end
|
||||
|
@ -54,7 +55,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_ipv6_tcp(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit3
|
||||
|
||||
CachedSize = 957486
|
||||
CachedSize = 957487
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit3
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions']),
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -53,7 +54,8 @@ module Metasploit3
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_tcp(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 1187890
|
||||
CachedSize = 1188911
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -53,7 +54,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_bind_tcp(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 1188934
|
||||
CachedSize = 1189955
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -54,7 +55,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_http(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 1188934
|
||||
CachedSize = 1189955
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -54,7 +55,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_https(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 1187890
|
||||
CachedSize = 1188911
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions']),
|
||||
OptInt.new("SCOPEID", [false, "The IPv6 Scope ID, required for link-layer addresses", 0])
|
||||
], self.class)
|
||||
end
|
||||
|
@ -54,7 +55,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_ipv6_tcp(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
|
@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
|
|||
|
||||
module Metasploit4
|
||||
|
||||
CachedSize = 1187890
|
||||
CachedSize = 1188911
|
||||
|
||||
include Msf::Payload::TransportConfig
|
||||
include Msf::Payload::Windows
|
||||
|
@ -35,7 +35,8 @@ module Metasploit4
|
|||
))
|
||||
|
||||
register_options([
|
||||
OptString.new('EXTENSIONS', [false, "Comma-separated list of extensions to load"]),
|
||||
OptString.new('EXTENSIONS', [false, 'Comma-separate list of extensions to load']),
|
||||
OptString.new('EXTINIT', [false, 'Initialization strings for extensions'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -53,7 +54,8 @@ module Metasploit4
|
|||
expiration: datastore['SessionExpirationTimeout'].to_i,
|
||||
uuid: opts[:uuid],
|
||||
transports: [transport_config_reverse_tcp(opts)],
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(',')
|
||||
extensions: (datastore['EXTENSIONS'] || '').split(','),
|
||||
ext_init: (datastore['EXTINIT'] || '')
|
||||
}
|
||||
|
||||
# create the configuration instance based off the parameters
|
||||
|
|
Loading…
Reference in New Issue