Land #3481, meterpreter bins
This commit is contained in:
commit
de22aeba41
|
@ -15,8 +15,6 @@ Gemfile.local.lock
|
|||
config/database.yml
|
||||
# simplecov coverage data
|
||||
coverage
|
||||
data/meterpreter/ext_server_pivot.x86.dll
|
||||
data/meterpreter/ext_server_pivot.x64.dll
|
||||
doc/
|
||||
external/source/meterpreter/java/bin
|
||||
external/source/meterpreter/java/build
|
||||
|
@ -53,3 +51,22 @@ tags
|
|||
# ignore release/debug folders for exploits
|
||||
external/source/exploits/**/Debug
|
||||
external/source/exploits/**/Release
|
||||
|
||||
# Avoid checking in Meterpreter binaries. These are supplied upstream by
|
||||
# the meterpreter_bins gem.
|
||||
data/meterpreter/elevator.*.dll
|
||||
data/meterpreter/ext_server_espia.*.dll
|
||||
data/meterpreter/ext_server_extapi.*.dll
|
||||
data/meterpreter/ext_server_incognito.*.dll
|
||||
data/meterpreter/ext_server_kiwi.*.dll
|
||||
data/meterpreter/ext_server_lanattacks.*.dll
|
||||
data/meterpreter/ext_server_mimikatz.*.dll
|
||||
data/meterpreter/ext_server_priv.*.dll
|
||||
data/meterpreter/ext_server_stdapi.*.dll
|
||||
data/meterpreter/metsrv.*.dll
|
||||
data/meterpreter/screenshot.*.dll
|
||||
|
||||
# Avoid checking in Meterpreter libs that are built from
|
||||
# private source. If you're interested in this functionality,
|
||||
# check out Metasploit Pro: http://metasploit.com/download
|
||||
data/meterpreter/ext_server_pivot.*.dll
|
||||
|
|
2
Gemfile
2
Gemfile
|
@ -6,6 +6,8 @@ gem 'activesupport', '>= 3.0.0', '< 4.0.0'
|
|||
gem 'bcrypt'
|
||||
# Needed for some admin modules (scrutinizer_add_user.rb)
|
||||
gem 'json'
|
||||
# Needed for Meterpreter on Windows, soon others.
|
||||
gem 'meterpreter_bins', '0.0.6'
|
||||
# Needed by msfgui and other rpc components
|
||||
gem 'msgpack'
|
||||
# Needed by anemone crawler
|
||||
|
|
|
@ -26,6 +26,7 @@ GEM
|
|||
activerecord (>= 3.2.13)
|
||||
activesupport
|
||||
pg
|
||||
meterpreter_bins (0.0.6)
|
||||
mini_portile (0.5.1)
|
||||
msgpack (0.5.5)
|
||||
multi_json (1.0.4)
|
||||
|
@ -70,6 +71,7 @@ DEPENDENCIES
|
|||
fivemat (= 1.2.1)
|
||||
json
|
||||
metasploit_data_models (= 0.17.0)
|
||||
meterpreter_bins (= 0.0.6)
|
||||
msgpack
|
||||
network_interface (~> 0.0.1)
|
||||
nokogiri
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,4 +1,5 @@
|
|||
# -*- coding: binary -*-
|
||||
|
||||
require 'meterpreter_bins'
|
||||
require 'rex/post/meterpreter/client'
|
||||
require 'rex/post/meterpreter/ui/console'
|
||||
|
|
|
@ -149,7 +149,8 @@ class ClientCore < Extension
|
|||
end
|
||||
# Get us to the installation root and then into data/meterpreter, where
|
||||
# the file is expected to be
|
||||
path = ::File.join(Msf::Config.data_directory, 'meterpreter', 'ext_server_' + mod.downcase + ".#{client.binary_suffix}")
|
||||
modname = "ext_server_#{mod.downcase}"
|
||||
path = MeterpreterBinaries.path(modname, client.binary_suffix)
|
||||
|
||||
if (opts['ExtensionPath'])
|
||||
path = opts['ExtensionPath']
|
||||
|
@ -221,7 +222,7 @@ class ClientCore < Extension
|
|||
|
||||
# Create the migrate stager
|
||||
migrate_stager = c.new()
|
||||
migrate_stager.datastore['DLL'] = ::File.join( Msf::Config.data_directory, "meterpreter", "metsrv.#{binary_suffix}" )
|
||||
migrate_stager.datastore['DLL'] = MeterpreterBinaries.path('metsrv',binary_suffix)
|
||||
|
||||
blob = migrate_stager.stage_payload
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ class Priv < Extension
|
|||
|
||||
elevator_name = Rex::Text.rand_text_alpha_lower( 6 )
|
||||
|
||||
elevator_path = ::File.join( Msf::Config.data_directory, "meterpreter", "elevator.#{client.binary_suffix}" )
|
||||
elevator_path = MeterpreterBinaries.path('elevator', client.binary_suffix)
|
||||
|
||||
elevator_path = ::File.expand_path( elevator_path )
|
||||
|
||||
|
|
|
@ -156,7 +156,7 @@ class UI < Rex::Post::UI
|
|||
request.add_tlv( TLV_TYPE_DESKTOP_SCREENSHOT_QUALITY, quality )
|
||||
# include the x64 screenshot dll if the host OS is x64
|
||||
if( client.sys.config.sysinfo['Architecture'] =~ /^\S*x64\S*/ )
|
||||
screenshot_path = ::File.join( Msf::Config.data_directory, 'meterpreter', 'screenshot.x64.dll' )
|
||||
screenshot_path = MeterpreterBinaries.path('screenshot','x64.dll')
|
||||
screenshot_path = ::File.expand_path( screenshot_path )
|
||||
screenshot_dll = ''
|
||||
::File.open( screenshot_path, 'rb' ) do |f|
|
||||
|
@ -166,7 +166,7 @@ class UI < Rex::Post::UI
|
|||
request.add_tlv( TLV_TYPE_DESKTOP_SCREENSHOT_PE64DLL_LENGTH, screenshot_dll.length )
|
||||
end
|
||||
# but allways include the x86 screenshot dll as we can use it for wow64 processes if we are on x64
|
||||
screenshot_path = ::File.join( Msf::Config.data_directory, 'meterpreter', 'screenshot.x86.dll' )
|
||||
screenshot_path = MeterpreterBinaries.path('screenshot','x86.dll')
|
||||
screenshot_path = ::File.expand_path( screenshot_path )
|
||||
screenshot_dll = ''
|
||||
::File.open( screenshot_path, 'rb' ) do |f|
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
# -*- coding: binary -*-
|
||||
require 'set'
|
||||
require 'rex/post/meterpreter'
|
||||
require 'rex/parser/arguments'
|
||||
|
||||
|
@ -415,20 +416,23 @@ class Console::CommandDispatcher::Core
|
|||
|
||||
@@load_opts.parse(args) { |opt, idx, val|
|
||||
case opt
|
||||
when "-l"
|
||||
exts = []
|
||||
path = ::File.join(Msf::Config.data_directory, 'meterpreter')
|
||||
when "-l"
|
||||
exts = SortedSet.new
|
||||
msf_path = MeterpreterBinaries.metasploit_data_dir
|
||||
gem_path = MeterpreterBinaries.local_dir
|
||||
[msf_path, gem_path].each do |path|
|
||||
::Dir.entries(path).each { |f|
|
||||
if (::File.file?(::File.join(path, f)) && f =~ /ext_server_(.*)\.#{client.binary_suffix}/ )
|
||||
exts.push($1)
|
||||
exts.add($1)
|
||||
end
|
||||
}
|
||||
print(exts.sort.join("\n") + "\n")
|
||||
end
|
||||
print(exts.to_a.join("\n") + "\n")
|
||||
|
||||
return true
|
||||
when "-h"
|
||||
cmd_load_help
|
||||
return true
|
||||
return true
|
||||
when "-h"
|
||||
cmd_load_help
|
||||
return true
|
||||
end
|
||||
}
|
||||
|
||||
|
@ -461,16 +465,19 @@ class Console::CommandDispatcher::Core
|
|||
end
|
||||
|
||||
def cmd_load_tabs(str, words)
|
||||
tabs = []
|
||||
path = ::File.join(Msf::Config.data_directory, 'meterpreter')
|
||||
tabs = SortedSet.new
|
||||
msf_path = MeterpreterBinaries.metasploit_data_dir
|
||||
gem_path = MeterpreterBinaries.local_dir
|
||||
[msf_path, gem_path].each do |path|
|
||||
::Dir.entries(path).each { |f|
|
||||
if (::File.file?(::File.join(path, f)) && f =~ /ext_server_(.*)\.#{client.binary_suffix}/ )
|
||||
if (not extensions.include?($1))
|
||||
tabs.push($1)
|
||||
tabs.add($1)
|
||||
end
|
||||
end
|
||||
}
|
||||
return tabs
|
||||
end
|
||||
return tabs.to_a
|
||||
end
|
||||
|
||||
def cmd_use(*args)
|
||||
|
@ -730,10 +737,10 @@ class Console::CommandDispatcher::Core
|
|||
|
||||
@@write_opts.parse(args) { |opt, idx, val|
|
||||
case opt
|
||||
when "-f"
|
||||
src_file = val
|
||||
else
|
||||
cid = val.to_i
|
||||
when "-f"
|
||||
src_file = val
|
||||
else
|
||||
cid = val.to_i
|
||||
end
|
||||
}
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ module Metasploit3
|
|||
end
|
||||
|
||||
def library_path
|
||||
File.join(Msf::Config.data_directory, "meterpreter", "metsrv.x86.dll")
|
||||
MeterpreterBinaries.path('metsrv','x86.dll')
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -41,7 +41,7 @@ module Metasploit3
|
|||
end
|
||||
|
||||
def library_path
|
||||
File.join(Msf::Config.data_directory, "meterpreter", "metsrv.x86.dll")
|
||||
MeterpreterBinaries.path('metsrv','x86.dll')
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -34,7 +34,7 @@ module Metasploit3
|
|||
end
|
||||
|
||||
def library_path
|
||||
File.join( Msf::Config.data_directory, "meterpreter", "metsrv.x64.dll" )
|
||||
MeterpreterBinaries.path('metsrv','x64.dll')
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
require 'spec_helper'
|
||||
require 'rex/post/meterpreter/client_core'
|
||||
|
||||
describe Rex::Post::Meterpreter::ClientCore do
|
||||
|
||||
it "should be available" do
|
||||
expect(described_class).to eq(Rex::Post::Meterpreter::ClientCore)
|
||||
end
|
||||
|
||||
describe "#use" do
|
||||
|
||||
before(:each) do
|
||||
@response = double("response")
|
||||
allow(@response).to receive(:result) { 0 }
|
||||
allow(@response).to receive(:each) { [:help] }
|
||||
@client = double("client")
|
||||
allow(@client).to receive(:binary_suffix) { "x64.dll" }
|
||||
allow(@client).to receive(:capabilities) { {:ssl => false, :zlib => false } }
|
||||
allow(@client).to receive(:response_timeout) { 1 }
|
||||
allow(@client).to receive(:send_packet_wait_response) { @response }
|
||||
allow(@client).to receive(:add_extension) { true }
|
||||
end
|
||||
|
||||
let(:client_core) {described_class.new(@client)}
|
||||
it 'should respond to #use' do
|
||||
expect(client_core).to respond_to(:use)
|
||||
end
|
||||
|
||||
context 'with a gemified module' do
|
||||
let(:mod) {"kiwi"}
|
||||
it 'should be available' do
|
||||
expect(client_core.use(mod)).to be_true
|
||||
end
|
||||
end
|
||||
|
||||
context 'with a local module' do
|
||||
let(:mod) {"sniffer"}
|
||||
it 'should be available' do
|
||||
expect(client_core.use(mod)).to be_true
|
||||
end
|
||||
end
|
||||
|
||||
context 'with a missing a module' do
|
||||
let(:mod) {"eaten_by_av"}
|
||||
it 'should be available' do
|
||||
expect { client_core.use(mod) }.to raise_error(TypeError)
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,41 @@
|
|||
require 'spec_helper'
|
||||
require 'rex/post/meterpreter/extension'
|
||||
require 'rex/post/meterpreter/extensions/priv/priv'
|
||||
|
||||
describe Rex::Post::Meterpreter::Extensions::Priv::Priv do
|
||||
|
||||
it "should be available" do
|
||||
expect(described_class).to eq(Rex::Post::Meterpreter::Extensions::Priv::Priv)
|
||||
end
|
||||
|
||||
describe "#getsystem" do
|
||||
before(:each) do
|
||||
@client = double("client")
|
||||
allow(@client).to receive(:register_extension_aliases) { [] }
|
||||
end
|
||||
|
||||
let(:priv) {described_class.new(@client)}
|
||||
it 'should respond to #getsystem' do
|
||||
expect(priv).to respond_to(:getsystem)
|
||||
end
|
||||
|
||||
it 'should return itself' do
|
||||
expect(priv).to be_kind_of(described_class)
|
||||
end
|
||||
|
||||
it 'should have some instance variables' do
|
||||
expect(priv.instance_variables).to include(:@client)
|
||||
expect(priv.instance_variables).to include(:@name)
|
||||
expect(priv.instance_variables).to include(:@fs)
|
||||
end
|
||||
|
||||
it 'should respond to fs' do
|
||||
expect(priv).to respond_to(:fs)
|
||||
end
|
||||
|
||||
it 'should have a name of priv' do
|
||||
expect(priv.name).to eq("priv")
|
||||
end
|
||||
|
||||
end
|
||||
end
|
|
@ -0,0 +1,33 @@
|
|||
require 'spec_helper'
|
||||
require 'rex/post/meterpreter'
|
||||
require 'rex/post/meterpreter/extensions/stdapi/ui'
|
||||
|
||||
describe Rex::Post::Meterpreter::Extensions::Stdapi::UI do
|
||||
|
||||
it "should be available" do
|
||||
expect(described_class).to eq(Rex::Post::Meterpreter::Extensions::Stdapi::UI)
|
||||
end
|
||||
|
||||
describe "#screenshot" do
|
||||
|
||||
before(:each) do
|
||||
@client = double("client")
|
||||
end
|
||||
|
||||
let(:ui) { described_class.new(@client) }
|
||||
it 'should respond to #screenshot' do
|
||||
expect(ui).to respond_to(:screenshot)
|
||||
end
|
||||
|
||||
it 'should return itself' do
|
||||
expect(ui).to be_kind_of(described_class)
|
||||
end
|
||||
|
||||
it 'should have an instance variable' do
|
||||
expect(ui.instance_variables).to include(:@client)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
require 'spec_helper'
|
||||
require 'rex/post/meterpreter'
|
||||
|
||||
describe MeterpreterBinaries do
|
||||
it 'is available' do
|
||||
expect(described_class).to eq(MeterpreterBinaries)
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue