Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Fix process migration on reverse_tcp meterpreter sessions w/ newer Ruby #12502
This fixes #12390, a bug where Meterpreter process migration with reverse_tcp would hang on newer versions of Ruby (since Ruby 2.5.5). This appears to be due to an assumption in the MSF code that killing a thread is a synchronous operation, when it needs a .join to ensure the thread has exited before continuing. Ruby 2.5.5 may have introduced stronger guarantees that the system would continue with the context of the main thread for a bit longer than before after calling '.kill' on a child thread.
Earlier iterations of this patch sprinked ::Thread.pass around for a similar effect, which likely just bought enough time for the child threads to exit on their own. This makes it explicit.
There is opportunity to hunt for more bugs of this class with
List the steps needed to make sure this thing works
Previously, metasploit framework's code made incorrect assumptions on what elements in a thread hand-off were synchronous. When we updated to Ruby updated to 2.5.5, the new version included protections to threads that unmasked these assumptions and caused thread handoffs to fail because they no longer behaved in a synchronous fashion. Specifically, this was seen in the