infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CMDSTAGER::SSL datastore option 

It has come to my attention that since I added the HTTP(S) command
stagers, no one has used HTTPS. This is probably why.

The CmdStager options hash takes precedence over any datastore options.
GSoC/Meterpreter_Web_Console
William Vu 2018-12-21 14:32:59 -06:00
parent 5cff330a38
commit b4ff3b544f
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/msf/core/exploit/cmdstager.rb
View File

@ -56,7 +56,8 @@ module Exploit::CmdStager
register_advanced_options( register_advanced_options(
[ [
OptEnum.new('CMDSTAGER::FLAVOR', [false, 'The CMD Stager to use.', 'auto', flavors]), OptEnum.new('CMDSTAGER::FLAVOR', [false, 'The CMD Stager to use.', 'auto', flavors]),
OptString.new('CMDSTAGER::DECODER', [false, 'The decoder stub to use.']) OptString.new('CMDSTAGER::DECODER', [false, 'The decoder stub to use.']),
OptBool.new('CMDSTAGER::SSL', [false, 'Use SSL/TLS for supported stagers', false])
], self.class) ], self.class)
end end
@ -129,6 +130,7 @@ module Exploit::CmdStager
self.stager_instance = create_stager self.stager_instance = create_stager
if stager_instance.respond_to?(:http?) && stager_instance.http? if stager_instance.respond_to?(:http?) && stager_instance.http?
opts[:ssl] = datastore['CMDSTAGER::SSL'] unless opts.key?(:ssl)
opts[:payload_uri] = start_service(opts) opts[:payload_uri] = start_service(opts)
end end