-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added Python stager format without a space #13263
Conversation
Severek takip ediyoruz mehmet hocam. |
No spaces would be nice! Unfortunately, this breaks some early 3.x series Pythons, that required a |
@acammack-r7 surely that can be fixed by putting a |
I've tested @timwr solutions and it works as expected. But I'm kind a lost about why we are getting errors from |
@timwr |
Maybe something like this would work
Tested on Python versions:
It uses the |
That's awesome ! @smcintyre-r7 I've tested it locally and it works very well. when I run
|
Ah yes, that's because the cached size of the payload is stored in the module and this Pull Request modifies that. You should be able to fix that using We cache a payload size for things like determining compatibility with exploits that have a limited amount of space. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes look good to me. This looks like it even makes it smaller which is fantastic π. I'll test this a bit more thoroughly and assuming there are no issues, get it landed.
Tested successfully with the extremes of the currently supported meterpreter versions (2.5, 2.7, 3.1, and 3.7). All yielded responsive and functional sessions. Also successfully tested |
Release NotesThe library which generates the Python payload stager to remove whitespace was updated. |
Hi,
TL;DR This PR changes python dropper format and uses
__import__
in order to get rid of space on the import.This PR has an interesting story π Let me share the story with you guys.
I do live streams about security research on Twitch. Metasploit is quite popular among security researches in Turkey like rest of the world. In order to encourage local security community in Turkey to contribute back to the MSF, a week ago, I started doing a live stream about "Metasploit Development Series" on Twitch ! Reaction from the community was quite unexpected. We have done 10 hours of msf development stream so far with a more than total 5,500 viewers !
Having that much of people on your side, you always find an opportunity to learn some new tricks. Yesterday night, I was doing a stream in order to talk about exploitation tricks of #13094 ! I was talking about a white space within the dropper and how it cause a problem for exploitation in our case.
To be honest, this is not the first time that I've faced with this issue. 3 years ago, I had to use same trick -using perl wrapper like generic_sh encoder does- on #8540 !
One of the viewers ( I guess he's @hasantayyar ), who has knowledge with python, told me that it's possible to get rid of the white-space by using
__import__
during stream!After the stream, another viewer, @0xF61, , came up with a very clean version of python dropper by using
__import__
mention by hasantayyar.TEST
I've tested that version of python dropper with both python2 and python3. It works very well.
Both test with py2 and py3.
Classic MSF Handler with python payload.
I wanted to share the story behind of that PR in order to mention original contributors !
All the credits of this PR belong to these two genius guys.
Thanks !