Allows set PAYLOAD parameters to begin with /, payload/, & /payload/

[agalway-r7]

When setting a module PAYLOAD value, you are currently unable to set a payload if it's path begins with /, payload/, & /payload/. This is a pain when copy pasting full paths into set PAYLOAD commands.

This PR adds a regex statement to catch and remove the above three path beginnings to the command_dispatcher/core.rb, allowing the underlying code to retrieve the payload correctly without the user having to change their input.

Verification

List the steps needed to make sure this thing works

• Start msfconsole
• use crosschex
• set PAYLOAD /payload/windows/x64/vncinject/reverse_winhttps
• set PAYLOAD payload/windows/x64/vncinject/reverse_winhttps
• set PAYLOAD /windows/x64/vncinject/reverse_winhttps
• set PAYLOAD windows/x64/vncinject/reverse_winhttps
• Verify all four of the above inputs return PAYLOAD => windows/x64/vncinject/reverse_winhttps

[wvu]

Somewhat related tickets: #7734 and #8882.

metasploit-framework/lib/msf/ui/console/command_dispatcher/modules.rb

Lines 665 to 671 in b76e76b

	# Ensure we have a reference name and not a path
	if mod_name.start_with?('./', 'modules/')
	mod_name.sub!(%r{^(?:\./)?modules/}, '')
	end
	if mod_name.end_with?('.rb')
	mod_name.sub!(/\.rb$/, '')
	end

[wvu]

I don't think rn-no-release-notes is warranted here. This is a significant change to core code.

[wvu]

Perhaps using a single shared code between cmd_set and cmd_use in lib/msf/ui/console/command_dispatcher/common.rb is best.

[wvu]

msf5 exploit(windows/misc/crosschex_device_bof) > set PAYLOAD /payload/windows/x64/vncinject/reverse_winhttps
PAYLOAD => windows/x64/vncinject/reverse_winhttps
msf5 exploit(windows/misc/crosschex_device_bof) > set PAYLOAD payload/windows/x64/vncinject/reverse_winhttps
PAYLOAD => windows/x64/vncinject/reverse_winhttps
msf5 exploit(windows/misc/crosschex_device_bof) > set PAYLOAD /windows/x64/vncinject/reverse_winhttps
PAYLOAD => windows/x64/vncinject/reverse_winhttps
msf5 exploit(windows/misc/crosschex_device_bof) > set PAYLOAD windows/x64/vncinject/reverse_winhttps
PAYLOAD => windows/x64/vncinject/reverse_winhttps
msf5 exploit(windows/misc/crosschex_device_bof) >

Excellent enhancement.

[wvu]

Btw, the verification steps use an x64 payload, which is not supported by the module, but setting it works fine.

[wvu]

msf5 exploit(windows/misc/crosschex_device_bof) > show payloads

Compatible Payloads
===================

   #    Name                                                Disclosure Date  Rank    Check  Description
   -    ----                                                ---------------  ----    -----  -----------
[snip]
   166  windows/vncinject/reverse_winhttp                                    normal  No     VNC Server (Reflective Injection), Windows Reverse HTTP Stager (winhttp)

msf5 exploit(windows/misc/crosschex_device_bof) > set payload 166
payload => windows/vncinject/reverse_winhttp
msf5 exploit(windows/misc/crosschex_device_bof) >

Setting the payload by index still works. 👍

[wvu]

Thanks for this! Quotes cleaned up in c591704.

[wvu]

Release Notes

This enhances the set PAYLOAD command to strip path-like prefixes from its value.