Instantiate payload modules so parameter validation occurs #5838
Conversation
| @@ -9,7 +9,7 @@ | |||
|
|
|||
| module Metasploit3 | |||
|
|
|||
| CachedSize = 108 | |||
| CachedSize = :dynamic | |||
There was a problem hiding this comment.
Determining if a payload is :dynamic is a little precarious. It currently just generates the payload a few times and sees if the size changes, but this is not always reliable. We probably need a way to force a manual override. I probably got unlucky with the random seed.
There was a problem hiding this comment.
oook, expected so :) just curious, thanks!
|
Looks like travis ask for ./spec/support/shared/examples/payload_cached_size_is_consistent update :) |
|
Ah, you're right - I need to move the default datastore options into the library code for this instead of coding it into the tool directly. Thanks. |
|
With the latest changes, some payloads marked as 'dynamic' go back to being statically sized. There were a few payloads that did something like |
Calling .new on payload modules does not perform parameter validation, leading to a number cached sizes based on invalid parameters. Most notably, normalization does not occur either, which makes all OptBool params default to true.
bcook-r7
force-pushed
the
fix-cached-payloads
branch
from
7e84eec
to
6b1e911
Compare
|
It is an awesome work :) thanks @bcook-r7, handling it in a while! |
travis is green and also pass locally. |
| @@ -14,6 +14,27 @@ module Util | |||
|
|
|||
| class PayloadCachedSize | |||
|
|
|||
| @opts = { | |||
There was a problem hiding this comment.
I don't think it has sense as instance variable. Indeed, I don't think we can't create PayloadCachedSize even :). I'm going to switch to a constant before landing if you don't mind. Looks definitely like a constant. Feel free to fix me if I'm wrong, just reviewing changes :)
|
Muchas gracias @jvazquez-r7 |
Calling .new on payload modules does not perform parameter validation, leading to a number cached sizes based on invalid parameters. Most notably, normalization does not occur either, which makes all OptBool params default to true. This caused the windows/adduser to be larger with its cached size parameter than it would be if you generate it with msfvenom or from framework directly.
Validation steps
./msfconsole -qx 'use exploit/windows/smb/ms08_067_netapi; set payload windows/adduser'set payloadusing ms08_67_netapi should show 141 entries, not 119.