infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

initial LURI commit. windows, python functional

bug/bundler_fix
Rory McNamara 2015-12-14 11:59:06 +00:00 committed by Brent Cook
parent d5085f6f0d
commit b122dffe3d
3 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/msf/core/handler/reverse_http.rb
View File

@ -46,7 +46,8 @@ module ReverseHttp
register_options( register_options(
[ [
OptString.new('LHOST', [true, 'The local listener hostname']), OptString.new('LHOST', [true, 'The local listener hostname']),
OptPort.new('LPORT', [true, 'The local listener port', 8080]) OptPort.new('LPORT', [true, 'The local listener port', 8080]),
OptString.new('LURI', [false, 'The HTTP Path', '/'])
], Msf::Handler::ReverseHttp) ], Msf::Handler::ReverseHttp)
register_advanced_options( register_advanced_options(
@ -76,7 +77,7 @@ module ReverseHttp
# @return [String] A URI of the form +scheme://host:port/+ # @return [String] A URI of the form +scheme://host:port/+
def listener_uri(addr=datastore['LHOST']) def listener_uri(addr=datastore['LHOST'])
uri_host = Rex::Socket.is_ipv6?(addr) ? "[#{addr}]" : addr uri_host = Rex::Socket.is_ipv6?(addr) ? "[#{addr}]" : addr
"#{scheme}://#{uri_host}:#{bind_port}/" "#{scheme}://#{uri_host}:#{bind_port}" + datastore['LURI'] || "/"
end end
# Return a URI suitable for placing in a payload. # Return a URI suitable for placing in a payload.
@ -103,7 +104,7 @@ module ReverseHttp
callback_host = "#{callback_name}:#{callback_port}" callback_host = "#{callback_name}:#{callback_port}"
end end
"#{scheme}://#{callback_host}/" "#{scheme}://#{callback_host}" + datastore['LURI']
end end
# Use the {#refname} to determine whether this handler uses SSL or not # Use the {#refname} to determine whether this handler uses SSL or not
@ -158,7 +159,7 @@ module ReverseHttp
obj = self obj = self
# Add the new resource # Add the new resource
service.add_resource("/", service.add_resource((datastore['LURI'] || "") + "/",
'Proc' => Proc.new { |cli, req| 'Proc' => Proc.new { |cli, req|
on_request(cli, req, obj) on_request(cli, req, obj)
}, },
@ -178,7 +179,7 @@ module ReverseHttp
# #
def stop_handler def stop_handler
if self.service if self.service
self.service.remove_resource('/') self.service.remove_resource((datastore['LURI'] || "") + "/")
if self.service.resources.empty? && self.sessions == 0 if self.service.resources.empty? && self.sessions == 0
Rex::ServiceManager.stop_service(self.service) Rex::ServiceManager.stop_service(self.service)
end end
@ -283,6 +284,7 @@ protected
when :init_python when :init_python
print_status("Staging Python payload ...") print_status("Staging Python payload ...")
url = payload_uri(req) + conn_id + '/' url = payload_uri(req) + conn_id + '/'
conn_id = (datastore['LURI']) + conn_id
blob = "" blob = ""
blob << obj.generate_stage( blob << obj.generate_stage(
@ -337,6 +339,7 @@ protected
print_status("Staging Native payload ...") print_status("Staging Native payload ...")
url = payload_uri(req) + conn_id + "/\x00" url = payload_uri(req) + conn_id + "/\x00"
uri = URI(payload_uri(req) + conn_id) uri = URI(payload_uri(req) + conn_id)
conn_id = (datastore['LURI']) + conn_id
resp['Content-Type'] = 'application/octet-stream' resp['Content-Type'] = 'application/octet-stream'

1
lib/msf/core/payload/python/reverse_http.rb
View File

@ -48,6 +48,7 @@ module Payload::Python::ReverseHttp
target_url << ':' target_url << ':'
target_url << opts[:port].to_s target_url << opts[:port].to_s
target_url << datastore['LURI']
target_url << generate_callback_uri(opts) target_url << generate_callback_uri(opts)
target_url target_url
end end

2
lib/msf/core/payload/windows/reverse_http.rb
View File

@ -51,7 +51,7 @@ module Payload::Windows::ReverseHttp
# Add extra options if we have enough space # Add extra options if we have enough space
unless self.available_space.nil? || required_space > self.available_space unless self.available_space.nil? || required_space > self.available_space
conf[:url] = generate_uri conf[:url] = datastore['LURI'] + generate_uri
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:ua] = datastore['MeterpreterUserAgent'] conf[:ua] = datastore['MeterpreterUserAgent']
conf[:proxy_host] = datastore['PayloadProxyHost'] conf[:proxy_host] = datastore['PayloadProxyHost']