-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
startup mettle with a sane environment on start #185
Conversation
In staged payloads, mettle on Linux get passed a fake argc/argv/envp. This means that all staged payloads do not have any environment variables out of the box. This inconsistency can lead to post modules working incorrectly. This commit moves the environment fixup code that was already present when spawning child processes into the parent process. That way, the child processes simply inherit, and it's possible to inspect what the environment will be earlier in the boot process.
What OS are you using for testing? It does not appear to work for me on my test VM. I built the mettle binaries and installed the gems, then built the payload in both venom and framework, with the same result for both on a CentOS 7 x64 VM.
|
I'm not sure what procedure you used for installing gems, let's chat about it outside of this ticket. |
Hrm........ you appear to be right about my build ignorance. I rebuilt for all rather than native, and voila:
I'll ping you on the assumptions I had on building mettle and we can see where I erred later. For now, I'm going to land this so we can start automated testing on the framework side. |
\o/ |
Release NotesThis updates the meterpreter session process environment variables to be something normal, preventing some odd errors from post modules. |
In staged payloads, mettle on Linux get passed a fake argc/argv/envp. This means that all staged payloads do not have any environment variables out of the box. This inconsistency can lead to post modules working incorrectly. This commit moves the environment fixup code that was already present when spawning child processes into the parent process. That way, the child processes simply inherit, and it's possible to inspect what the environment will be earlier in the boot process.
Verification Steps
make x86_64-linux-musl.install
./msfvenom -p linux/x64/meterpreter/reverse_tcp -f elf -o test.elf lhost=127.0.0.1