-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Railgun datatype updates #14448
Railgun datatype updates #14448
Conversation
Hrm.....
|
Thanks for testing @bwatters-r7 I was able to reproduce this. I must have made some kinda silly mistake. I'll let you know once I've fixed it. |
|
I'll wait for Travis to finish and land this then. |
Release NotesFixed a bug where Railgun datatypes were not entirely accurate. |
I think this is breaking the file_version (https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/post/windows/file_info.rb#L21) function for me on Windows 7 x64. |
This updates a whole bunch of Railgun stuff. The intention is to correct the
PDWORD
data type to always be handled as a pointer to an unsigned 32-bit integer, regardless of the host architecture. This fixes #14400. In doing this, a number of definitions needed to be updated fromPDWORD
toPHANDLE
orPSIZE_T
wherePDWORD
was being used previously. In these cases, the functions were reliant on Railgun's misinformed interpretation of thePDWORD
datatype. Functions which actually needed a legitPDWORD
were broken on 64-bit systems as they'd be treated incorrectly as having a 64-bit width.Now the
PHANDLE
andPSIZE_T
datatypes are new, and they're both1 actuallyPULONG_PTR
(that is to say PHANDLE == PSIZE_T == PULONG_PTR) which is also a new data type. The newPULONG_PTR
data type replaces Railgun's PDWORD and acts as it did when it was broken. You can see in the documentation that it's width is dependant on the host architecture. ThePHANDLE
andPSIZE_T
types use a new type map which allows us to have a closer mapping to the original function definitions/documentation on MSDN. Eventually, I think we should move towards even more explicit definitions such as definingDWORD
asuint32_t
for example. This would help prevent us from having to update the definitions in the future which would ideally only need to be done when they are inconsistent with what Microsoft has published.I also consolidated the Meterpreter packet building code for both the single and multi dispatch routines. This reduces code reuse and will make refactoring easier in the future since there are fewer places that need to be updated to add, remove, and change data types.
Verification
post/test/railgun
should work, all tests should passpost/test/railgun_reverse_lookups
should also work with all tests passingcheck_dir_perms
now functions correctly1 https://docs.microsoft.com/en-us/windows/win32/winprog/windows-data-types#size_t