Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

choose_payload should be refactored and extricated from CommandDispatcher #12043

Open
1 task
wvu opened this issue Jul 2, 2019 · 1 comment
Open
1 task

choose_payload should be refactored and extricated from CommandDispatcher #12043

wvu opened this issue Jul 2, 2019 · 1 comment
Labels
enhancement library not-stale Label to stop an issue from being auto closed

Comments

@wvu
Copy link
Contributor

wvu commented Jul 2, 2019
edited
Loading

I at least want to make it SESSION-aware for local exploits. This has bitten me in the past when I've been lazy about payload selection during testing/demoing.

  • Make this thing SESSION-aware for local exploits

metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb

Lines 294 to 345 in eeca72d

#
# Picks a reasonable payload and minimally configures it
#
def self.choose_payload(mod, target)
# Choose either the real target or an invalid address
# This is used to determine the LHOST value
rhost = mod.datastore['RHOST'] || '50.50.50.50'
# A list of preferred payloads in the best-first order
pref = [
'windows/meterpreter/reverse_tcp',
'linux/x86/meterpreter/reverse_tcp',
'java/meterpreter/reverse_tcp',
'php/meterpreter/reverse_tcp',
'php/meterpreter_reverse_tcp',
'ruby/shell_reverse_tcp',
'nodejs/shell_reverse_tcp',
#
# The interact payload is a do-nothing stub that hijacks an existing connection
#
'cmd/unix/interact',
'cmd/unix/reverse',
'cmd/unix/reverse_perl',
'cmd/unix/reverse_netcat_gaping',
#
# These stubs are used in exploits which provide their own payloads
#
'cmd/unix/reverse_stub',
'cmd/unix/bind_stub',
'windows/meterpreter/reverse_nonx_tcp',
'windows/meterpreter/reverse_ord_tcp',
'windows/shell/reverse_tcp',
'generic/shell_reverse_tcp'
]
pset = mod.compatible_payloads.map{|x| x[0] }
pref.each do |n|
if(pset.include?(n))
mod.datastore['PAYLOAD'] = n
if n.index('reverse')
mod.datastore['LHOST'] = Rex::Socket.source_address(rhost)
end
return n
end
end
return
end

@github-actions
Copy link

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Oct 19, 2020
@wvu wvu added not-stale Label to stop an issue from being auto closed and removed Stale Marks an issue as stale, to be closed if no action is taken labels Oct 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement library not-stale Label to stop an issue from being auto closed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wvu