RubyGems - metasploit-payloads - Versions diffs - 2.0.103 → 2.0.105 - Mend

metasploit-payloads 2.0.103 → 2.0.105

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3c7659f2d67a241a2d8d09514dd3cc83c3b56533ac253ac7d684a4e4e94ba372
-  data.tar.gz: 32a81d6aaafec190d18ba6ba0c0378125ae6ded19a03481648a23d0bc67039bf
+  metadata.gz: 492cb2174246773050bdb8303448ea5f024ccaec9eb89ec14c4670019045a0a5
+  data.tar.gz: 82b26b9fa4527322c301bf6a69b894f726ff6ca2e91b2cb019a63444a3ebbf5c
 SHA512:
-  metadata.gz: 40174d7eea8fa7e6c3de611fe2366752405731c457ddf29aa7fffe44956082e221a35a99959c2186dbdd29dd69b0bad72df81a75e2f2fb154bc266881a01080e
-  data.tar.gz: 39ce6cd747bd24d6276837b19f40645245ba9d3b8ab7737435b7aa2886c014e73a293a6038d6010edfd966a2b534dbc1753b3f61f8a45be8cb57060627129ec0
+  metadata.gz: 273f6a11ae840e161193c80c9e3048bad2cb2fdd4c264da34213fde52051fadfc59227f04cbe5ffd027b2c8e0bdf23ce5d75ddc2032814f9df859e63294addce
+  data.tar.gz: 6c44af6c8672acbbf5b9d32a66c81365e9ea8f60bd49e1099475f31fc50e3d5fd68be0241e8ca41a9526896c445cdb3ae6fe1633fb4a32a8f38acf4a5f9715a2

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/data/android/meterpreter.jar CHANGED Viewed

Binary file

data/data/android/metstage.jar CHANGED Viewed

Binary file

data/data/android/shell.jar CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.py CHANGED Viewed

@@ -1440,7 +1440,10 @@ def stdapi_sys_power_exitwindows(request, response):
 @register_function_if(has_windll)
 def stdapi_sys_eventlog_open(request, response):
     source_name = packet_get_tlv(request, TLV_TYPE_EVENT_SOURCENAME)['value']
-    handle = ctypes.windll.advapi32.OpenEventLogW(None, source_name)
+    OpenEventLogA = ctypes.windll.advapi32.OpenEventLogA
+    OpenEventLogA.argtypes = [ctypes.c_char_p, ctypes.c_char_p]
+    OpenEventLogA.restype = ctypes.c_void_p
+    handle = OpenEventLogA(None, bytes(source_name, 'UTF-8'))
     if not handle:
         return error_result_windows(), response
     response += tlv_pack(TLV_TYPE_EVENT_HANDLE, handle)
@@ -1451,13 +1454,15 @@ def stdapi_sys_eventlog_read(request, response):
     handle = packet_get_tlv(request, TLV_TYPE_EVENT_HANDLE)['value']
     flags = packet_get_tlv(request, TLV_TYPE_EVENT_READFLAGS)['value']
     offset = packet_get_tlv(request, TLV_TYPE_EVENT_RECORDOFFSET)['value']
-    adv32 = ctypes.windll.advapi32
-    bytes_read = ctypes.c_ulong(0)
-    bytes_needed = ctypes.c_ulong(0)
-    if adv32.ReadEventLogW(handle, flags, offset, ctypes.byref(bytes_read), 0, ctypes.byref(bytes_read), ctypes.byref(bytes_needed)):
+    bytes_read = ctypes.c_uint32(0)
+    bytes_needed = ctypes.c_uint32(0)
+    ReadEventLogA = ctypes.windll.advapi32.ReadEventLogA
+    ReadEventLogA.argtypes = [ctypes.c_void_p, ctypes.c_uint32, ctypes.c_uint32, ctypes.c_void_p, ctypes.c_uint32, ctypes.POINTER(ctypes.c_uint32), ctypes.POINTER(ctypes.c_uint32)]
+    ReadEventLogA.restype = ctypes.c_bool
+    if ReadEventLogA(handle, flags, offset, ctypes.byref(bytes_read), 0, ctypes.byref(bytes_read), ctypes.byref(bytes_needed)):
         return error_result_windows(), response
-    buf = ctypes.create_unicode_buffer(bytes_needed.value)
-    if not adv32.ReadEventLogW(handle, flags, offset, buf, bytes_needed, ctypes.byref(bytes_read), ctypes.byref(bytes_needed)):
+    buf = (ctypes.c_uint8 * bytes_needed.value)()
+    if not ReadEventLogA(handle, flags, offset, buf, bytes_needed, ctypes.byref(bytes_read), ctypes.byref(bytes_needed)):
         return error_result_windows(), response
     record = ctstruct_unpack(EVENTLOGRECORD, buf)
     response += tlv_pack(TLV_TYPE_EVENT_RECORDNUMBER, record.RecordNumber)
@@ -1466,8 +1471,9 @@ def stdapi_sys_eventlog_read(request, response):
     response += tlv_pack(TLV_TYPE_EVENT_ID, record.EventID)
     response += tlv_pack(TLV_TYPE_EVENT_TYPE, record.EventType)
     response += tlv_pack(TLV_TYPE_EVENT_CATEGORY, record.EventCategory)
-    response += tlv_pack(TLV_TYPE_EVENT_DATA, buf.raw[record.DataOffset:record.DataOffset + record.DataLength])
-    event_strings = buf.raw[record.StringOffset:].split('\x00', record.NumStrings)
+    response += tlv_pack(TLV_TYPE_EVENT_DATA, ctarray_to_bytes(buf[record.DataOffset:record.DataOffset + record.DataLength]))
+    event_string_buf = (ctypes.c_uint8 * len(buf[record.StringOffset:]))(*buf[record.StringOffset:])
+    event_strings = ctarray_to_bytes(event_string_buf).split(NULL_BYTE, record.NumStrings)[:record.NumStrings]
     for event_string in event_strings:
         response += tlv_pack(TLV_TYPE_EVENT_STRING, event_string)
     return ERROR_SUCCESS, response
@@ -1475,14 +1481,20 @@ def stdapi_sys_eventlog_read(request, response):
 @register_function_if(has_windll)
 def stdapi_sys_eventlog_clear(request, response):
     handle = packet_get_tlv(request, TLV_TYPE_EVENT_HANDLE)['value']
-    if not ctypes.windll.advapi32.ClearEventLogW(handle, None):
+    ClearEventLogA = ctypes.windll.advapi32.ClearEventLogA
+    ClearEventLogA.argtypes = [ctypes.c_void_p, ctypes.c_char_p]
+    ClearEventLogA.restype = ctypes.c_bool
+    if not ClearEventLogA(handle, None):
         return error_result_windows(), response
     return ERROR_SUCCESS, response
 @register_function_if(has_windll)
 def stdapi_sys_eventlog_numrecords(request, response):
     handle = packet_get_tlv(request, TLV_TYPE_EVENT_HANDLE)['value']
-    total = ctypes.c_ulong(0)
+    total = ctypes.c_uint32(0)
+    GetNumberOfEventLogRecords = ctypes.windll.advapi32.GetNumberOfEventLogRecords
+    GetNumberOfEventLogRecords.argtypes = [ctypes.c_void_p, ctypes.POINTER(ctypes.c_uint32)]
+    GetNumberOfEventLogRecords.restype = ctypes.c_bool
     if not ctypes.windll.advapi32.GetNumberOfEventLogRecords(handle, ctypes.byref(total)):
         return error_result_windows(), response
     response += tlv_pack(TLV_TYPE_EVENT_NUMRECORDS, total.value)
@@ -1491,16 +1503,22 @@ def stdapi_sys_eventlog_numrecords(request, response):
 @register_function_if(has_windll)
 def stdapi_sys_eventlog_oldest(request, response):
     handle = packet_get_tlv(request, TLV_TYPE_EVENT_HANDLE)['value']
-    oldest = ctypes.c_ulong(0)
-    if not ctypes.windll.advapi32.GetOldestEventLogRecordW(handle, ctypes.byref(oldest)):
+    GetOldestEventLogRecord = ctypes.windll.advapi32.GetOldestEventLogRecord
+    GetOldestEventLogRecord.argtypes = [ctypes.c_void_p, ctypes.POINTER(ctypes.c_uint32)]
+    GetOldestEventLogRecord.restype = ctypes.c_bool
+    oldest = ctypes.c_uint32(0)
+    if not GetOldestEventLogRecord(handle, ctypes.byref(oldest)):
         return error_result_windows(), response
-    response += tlv_pack(TLV_TYPE_EVENT_RECORDNUMBER, oldest)
+    response += tlv_pack(TLV_TYPE_EVENT_RECORDNUMBER, oldest.value)
     return ERROR_SUCCESS, response
 @register_function_if(has_windll)
 def stdapi_sys_eventlog_close(request, response):
     handle = packet_get_tlv(request, TLV_TYPE_EVENT_HANDLE)['value']
-    if not ctypes.windll.advapi32.CloseEventLogW(handle):
+    CloseEventLog = ctypes.windll.advapi32.CloseEventLog
+    CloseEventLog.argtypes = [ctypes.c_void_p]
+    CloseEventLog.restype = ctypes.c_bool
+    if not CloseEventLog(handle):
         return error_result_windows(), response
     return ERROR_SUCCESS, response

data/data/meterpreter/ext_server_stdapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.dll CHANGED Viewed

Binary file

data/lib/metasploit-payloads/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.103'
+  VERSION = '2.0.105'
   def self.version
     VERSION

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.103
+  version: 2.0.105
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2022-12-12 00:00:00.000000000 Z
+date: 2022-12-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake

metadata.gz.sig CHANGED Viewed

Binary file