Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
One subtle bug was that each time a request was received, a null byte was being appended to the datastore options for PROXY_USERNAME and PROXY_PASSWORD. Eventually this would break new sessions. This change centralizes the proxy configuration and cleans up the logic.
This commit adds plumbing which allows for the creation of stageless
meterpreter payloads that include extensions. The included transprots at
this point are bind_tcp, reverse_tcp and reverse_https, all x86.
More coming for x64. Will also validate http soon.
The issue seems to be at the root of #4669 is that reverse_http
registers an HTTP service but never releases its reference to it. If
we stop it directly, there may be a session already connected to it that
we kill, so we can't do that. Instead, track if we got a connection or
not, and conditionally release our reference based on whether the
connection succeeded.
This should fix#4669
This allows HandlerSSLCert to be used to pass a SSL certificate into the Meterpreter handler. The datastore has to be passed into handle_connection() for this to work, as SSL needs to be initialized on Session.new. This still doesn't pass the datastore into Meterpreter directly, but allows the Session::Meterpreter code to extract and pass down the :ssl_cert option if it was specified. This also fixes SSL certificate caching by expiring the cached cert from the class variables if the configuration has changed. A final change is to create a new SSL SessionID for each connection versus reusing the SSL context, which is incorrect and may lead to problems in the future (if not already).
HD Moore
OJ
Brent Cook
scriptjunkie
Sean Verity
Tod Beardsley
James Lee
Spencer McIntyre