Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bump mettle and other gems #11710

Merged
merged 1 commit into from Apr 11, 2019

Conversation

Projects
None yet
5 participants
@busterb
Copy link
Contributor

busterb commented Apr 11, 2019

This pulls in support for the following PRs:

rapid7/mettle#176: Avoid a hanging bug with the 'ls' command
rapid7/mettle#174: Added support for the clipboard API on iOS
rapid7/mettle#173: Added more signed dylibs for iOS targets
rapid7/mettle#171: Don't run a shell subshell in a subshell
rapid7/mettle#170: Make the mettle gem a bit smaller, avoid packaging tools
rapid7/mettle#154: Add support for remote reflective loading of executables

Verification

Payloads pass regression tests (within standard variance)

@busterb busterb force-pushed the busterb:update-mettle branch from 7abdfa0 to 66ca38f Apr 11, 2019

@bcook-r7

This comment has been minimized.

Copy link
Contributor

bcook-r7 commented Apr 11, 2019

Looks like there may be a cmd_exec regression in this, poking around now.

@wvu-r7 wvu-r7 referenced this pull request Apr 11, 2019

Merged

Exploit for CVE-2019-1663 on Cisco RV130(W). #11613

8 of 8 tasks complete

@busterb busterb force-pushed the busterb:update-mettle branch from 66ca38f to cfd421a Apr 11, 2019

@busterb busterb force-pushed the busterb:update-mettle branch from cfd421a to e7974e4 Apr 11, 2019

@busterb

This comment has been minimized.

Copy link
Contributor Author

busterb commented Apr 11, 2019

cmd_exec bug fixed

@wvu-r7 wvu-r7 self-assigned this Apr 11, 2019

wvu-r7 added a commit to wvu-r7/metasploit-framework that referenced this pull request Apr 11, 2019

@wvu-r7 wvu-r7 merged commit e7974e4 into rapid7:master Apr 11, 2019

1 of 3 checks passed

Metasploit Automation - Sanity Test Execution Running automation sanity tests. Details available on completion.
Details
continuous-integration/travis-ci/pr The Travis CI build is in progress
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
@busterb

This comment has been minimized.

Copy link
Contributor Author

busterb commented Apr 11, 2019

Release Notes

This provides fixes for a number of bugs and adds improvements in the 'mettle' Posix-native Meterpreter implementation. Namely it:

  • Avoids a bug where the 'ls' command would hang the payload in certain exploitation scenarios and environments.
  • Adds support for the clipboard API on iOS
  • Added more signed dylibs for iOS targets
  • Prevents spawning an extra subshell if the user already requested a subshell, or if there are no variable expansions needed.
  • Add support for remote reflective loading of executables, which allows in-process memory injection and execution of programs without writing to disk.

jmartin-r7 added a commit that referenced this pull request Apr 12, 2019

@timwr

This comment has been minimized.

Copy link
Contributor

timwr commented Apr 14, 2019

What was the fix for cmd_exec? I'm seeing an issue still on OSX locally (no echo output is returned). Potentially caused by rapid7/mettle#171

@timwr

This comment has been minimized.

Copy link
Contributor

timwr commented Apr 14, 2019

Maybe we should add PROCESS_EXECUTE_FLAG_SUBSHELL for cmd_exec?

@tdoan-r7 tdoan-r7 added the rn-modules label Apr 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.