Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support enumerating binary suffixs for an extension #485

Merged
merged 4 commits into from
Jun 9, 2021
Merged

Support enumerating binary suffixs for an extension #485

merged 4 commits into from
Jun 9, 2021

Conversation

zeroSteiner
Copy link
Contributor

@zeroSteiner zeroSteiner commented Apr 27, 2021
edited by gwillcox-r7
Loading

Support enumerating the extension suffixes for which a particular extension is available. This is foundational work that will allow Metasploit to suggest a Meterpreter that provides a particular extension.

Testing Steps

  • Install the gem locally.
  • Start msfconsole and then load IRB.
  • Run `MetasploitPayloads.list_meterpreter_extension_suffixes('stdapi')
  • See a list of Meterpreter extensions for Python, PHP, Java and 2 for Windows

Example

msf6 payload(python/meterpreter/reverse_tcp) > irb
[*] Starting IRB shell...
[*] You are in payload/python/meterpreter/reverse_tcp

>> MetasploitPayloads.list_meterpreter_extension_suffixes('stdapi')
=> ["php", "jar", "x64.dll", "py", "x86.dll"]

@zeroSteiner zeroSteiner mentioned this pull request Apr 28, 2021
Merged
9 tasks
@gwillcox-r7 gwillcox-r7 self-assigned this Jun 8, 2021
gwillcox-r7
gwillcox-r7 suggested changes Jun 8, 2021
View reviewed changes
Copy link
Contributor

@gwillcox-r7 gwillcox-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall this looks very good but I did have some concerns r.e regex used here, a potential nil case that could be avoided, and some function naming concerns. Should all be pretty easy fixes though :)

gem/lib/metasploit-payloads.rb Outdated Show resolved Hide resolved
gem/lib/metasploit-payloads.rb
::Dir.entries(root_dir).each do |f|
if ::File.readable?(::File.join(root_dir, f)) && \
f =~ /#{EXTENSION_PREFIX}(.*)\.#{binary_suffix}/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct me if I am wrong here but what happens if we push a nil entry into exts? Shouldn't this situation be avoided?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The conditional line is split across two lines, L133 won't be executed unless the conditions on L131 (::File.readable?(::File.join(root_dir, f))) and L132 (f =~ /#{EXTENSION_PREFIX}(\w+)\.#{binary_suffix}/) both evaluate to true at which point the group from the regex will be defined.

gem/lib/metasploit-payloads.rb Outdated Show resolved Hide resolved
@gwillcox-r7
Copy link
Contributor

Tests work as expected:

msf6 > irb
[*] Starting IRB shell...
[*] You are in the "framework" object

irb: warn: can't alias jobs from irb_jobs.
>> MetasploitPayloads.list_meterpreter_extension_suffixes('stdapi')
=> ["py", "x64.dll", "jar", "x86.dll", "php"]
>>

@gwillcox-r7 gwillcox-r7 merged commit da5dd9e into rapid7:master Jun 9, 2021
@gwillcox-r7 gwillcox-r7 mentioned this pull request Jun 10, 2021
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gwillcox-r7 gwillcox-r7 gwillcox-r7 approved these changes

Assignees

@gwillcox-r7 gwillcox-r7

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@zeroSteiner @gwillcox-r7