RubyGems - metasploit-payloads - Versions diffs - 2.0.112 → 2.0.114 - Mend

metasploit-payloads 2.0.112 → 2.0.114

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dff880efffb98315c75fd5b99d9b8d18d38b00b89b895402efec6d3a75391a34
-  data.tar.gz: 7c46f591405adf2dc595752bfcfeb43883eecdf371ffaf33a27b2e1ef3765b02
+  metadata.gz: d456431a9a0a90f715b26555be5229cadc713769d07679c8da9f5370b6b78d6e
+  data.tar.gz: e91f7f5e8d2bf763dd7f04eee2933a2b2484376c131110adee2bf3a0a90f35cc
 SHA512:
-  metadata.gz: 827953f6a7fd7aa3013d1aab5b44731ed50ea31b68821744cd48889344055c79ca9ab837a26e161acc4e63b5b78422b549933b1a8990083b860dcc8e2825e6dc
-  data.tar.gz: 8db85ed51660aace2c95c2083ec9d62c827e1505dc900e97eae93e2f6fbbf1bf1a27271b7ce768d06151a96870153fd35bc2b1db1e3edd9a99dd3f6153994dc9
+  metadata.gz: 04b6290da6753e8e1b84b4c5dbfb2182e62d4cb7067952e862c64118cc83b73134555f8d5b068106e348aec1931d244d4c3b640c82ada75e749a90cdfd3fbbb1
+  data.tar.gz: 9879bc24adddc5a902ad5dc27be22fb392f76414becaf8e99b526151c02bc0881d72486a0f0045baebb3f86f63d27ced8391c26d9d4d7e5144ffca7573f38d6d

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/data/android/meterpreter.jar CHANGED Viewed

Binary file

data/data/android/metstage.jar CHANGED Viewed

Binary file

data/data/android/shell.jar CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.py CHANGED Viewed

@@ -12,6 +12,7 @@ import struct
 import subprocess
 import sys
 import time
+import binascii
 try:
     import ctypes
@@ -743,6 +744,7 @@ PROCESS_TERMINATE                 = 0x0001
 PROCESS_VM_READ                   = 0x0010
 PROCESS_QUERY_INFORMATION         = 0x0400
 PROCESS_QUERY_LIMITED_INFORMATION = 0x1000
+PROCESS_ALL_ACCESS                = 0x1fffff
 VER_NT_WORKSTATION                = 0x0001
 VER_NT_DOMAIN_CONTROLLER          = 0x0002
 VER_NT_SERVER                     = 0x0003
@@ -1334,13 +1336,10 @@ def stdapi_sys_config_sysinfo(request, response):
 @register_function
 def stdapi_sys_process_close(request, response):
-    proc_h_id = packet_get_tlv(request, TLV_TYPE_HANDLE)
+    proc_h_id = packet_get_tlv(request, TLV_TYPE_HANDLE)['value']
     if not proc_h_id:
         return ERROR_SUCCESS, response
-    proc_h_id = proc_h_id['value']
-    if proc_h_id in meterpreter.processes:
-        del meterpreter.processes[proc_h_id]
-    if not meterpreter.close_channel(proc_h_id):
+    if not meterpreter.close_process(proc_h_id):
         return ERROR_FAILURE, response
     return ERROR_SUCCESS, response
@@ -1383,6 +1382,7 @@ def stdapi_sys_process_execute(request, response):
         proc_h.start()
     else:
         proc_h = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
     proc_h_id = meterpreter.add_process(proc_h)
     response += tlv_pack(TLV_TYPE_PID, proc_h.pid)
     response += tlv_pack(TLV_TYPE_PROCESS_HANDLE, proc_h_id)
@@ -1851,47 +1851,67 @@ def stdapi_fs_mount_show(request, response):
         response += tlv_pack(TLV_TYPE_MOUNT_GROUP, mount)
     return ERROR_SUCCESS, response
-@register_function_if(has_windll)
+@register_function_if(sys.platform.startswith('linux') or has_windll)
 def stdapi_net_config_get_arp_table(request, response):
-    MIB_IPNET_TYPE_DYNAMIC = 3
-    MIB_IPNET_TYPE_STATIC  = 4
+    if has_windll:
+        MIB_IPNET_TYPE_DYNAMIC = 3
+        MIB_IPNET_TYPE_STATIC  = 4
-    GetIpNetTable = ctypes.windll.iphlpapi.GetIpNetTable
-    GetIpNetTable.argtypes = [ctypes.c_void_p, ctypes.POINTER(ctypes.c_ulong), ctypes.c_long]
-    GetIpNetTable.restype = ctypes.c_ulong
+        GetIpNetTable = ctypes.windll.iphlpapi.GetIpNetTable
+        GetIpNetTable.argtypes = [ctypes.c_void_p, ctypes.POINTER(ctypes.c_ulong), ctypes.c_long]
+        GetIpNetTable.restype = ctypes.c_ulong
-    ipnet_table = None
-    size = ctypes.c_ulong(0)
-    result = GetIpNetTable(ipnet_table, size, False)
+        ipnet_table = None
+        size = ctypes.c_ulong(0)
+        result = GetIpNetTable(ipnet_table, size, False)
-    if result == ERROR_INSUFFICIENT_BUFFER:
-        ipnet_table = ctypes.cast(ctypes.create_string_buffer(bytes(), size.value), ctypes.c_void_p)
+        if result == ERROR_INSUFFICIENT_BUFFER:
+            ipnet_table = ctypes.cast(ctypes.create_string_buffer(bytes(), size.value), ctypes.c_void_p)
-    elif result != ERROR_SUCCESS and result != ERROR_NO_DATA:
-        return error_result_windows(result), response
+        elif result != ERROR_SUCCESS and result != ERROR_NO_DATA:
+            return error_result_windows(result), response
-    if not ipnet_table:
-        return error_result_windows(), response
+        if not ipnet_table:
+            return error_result_windows(), response
-    result = GetIpNetTable(ipnet_table, size, False)
-    if result != ERROR_SUCCESS:
-        return error_result_windows(result), response
+        result = GetIpNetTable(ipnet_table, size, False)
+        if result != ERROR_SUCCESS:
+            return error_result_windows(result), response
-    class MIB_IPNETTABLE(ctypes.Structure):
-        _fields_ = [
-            ('dwNumEntries', ctypes.c_uint32),
-            ('table', MIB_IPNETROW * ctypes.cast(ipnet_table.value, ctypes.POINTER(ctypes.c_ulong)).contents.value)
-        ]
-    ipnet_table = ctypes.cast(ipnet_table, ctypes.POINTER(MIB_IPNETTABLE))
-    for ipnet_row in ipnet_table.contents.table:
-        if (ipnet_row.dwType != MIB_IPNET_TYPE_DYNAMIC and ipnet_row.dwType != MIB_IPNET_TYPE_STATIC):
-            continue
-        arp_tlv  = bytes()
-        arp_tlv += tlv_pack(TLV_TYPE_IP, struct.pack('<L', ipnet_row.dwAddr))
-        arp_tlv += tlv_pack(TLV_TYPE_MAC_ADDRESS, bytes(ipnet_row.bPhysAddr)[:ipnet_row.dwPhysAddrLen])
-        arp_tlv += tlv_pack(TLV_TYPE_MAC_NAME, str(ipnet_row.dwIndex))
-        response += tlv_pack(TLV_TYPE_ARP_ENTRY, arp_tlv)
+        class MIB_IPNETTABLE(ctypes.Structure):
+            _fields_ = [
+                ('dwNumEntries', ctypes.c_uint32),
+                ('table', MIB_IPNETROW * ctypes.cast(ipnet_table.value, ctypes.POINTER(ctypes.c_ulong)).contents.value)
+            ]
+        ipnet_table = ctypes.cast(ipnet_table, ctypes.POINTER(MIB_IPNETTABLE))
+        for ipnet_row in ipnet_table.contents.table:
+            if (ipnet_row.dwType != MIB_IPNET_TYPE_DYNAMIC and ipnet_row.dwType != MIB_IPNET_TYPE_STATIC):
+                continue
+            arp_tlv  = bytes()
+            arp_tlv += tlv_pack(TLV_TYPE_IP, struct.pack('<L', ipnet_row.dwAddr))
+            arp_tlv += tlv_pack(TLV_TYPE_MAC_ADDRESS, bytes(ipnet_row.bPhysAddr)[:ipnet_row.dwPhysAddrLen])
+            arp_tlv += tlv_pack(TLV_TYPE_MAC_NAME, str(ipnet_row.dwIndex))
+            response += tlv_pack(TLV_TYPE_ARP_ENTRY, arp_tlv)
+    elif sys.platform.startswith('linux'):
+        arp_cache_file = '/proc/net/arp'
+        if not os.path.exists(arp_cache_file):
+            return ERROR_NOT_SUPPORTED, response
+        with open(arp_cache_file, 'r') as arp_cache:
+            lines = arp_cache.readlines()
+            for line in lines[1:]:
+                fields = line.split()
+                ip_address = fields[0]
+                mac_address = fields[3]
+                mac_address = binascii.unhexlify(mac_address.replace(':', ''))
+                interface_name = fields[5]
+                arp_tlv  = bytes()
+                arp_tlv += tlv_pack(TLV_TYPE_IP, socket.inet_aton(ip_address))
+                arp_tlv += tlv_pack(TLV_TYPE_MAC_ADDRESS, mac_address)
+                arp_tlv += tlv_pack(TLV_TYPE_MAC_NAME, interface_name)
+                response += tlv_pack(TLV_TYPE_ARP_ENTRY, arp_tlv)
     return ERROR_SUCCESS, response
 @register_function

data/data/meterpreter/ext_server_stdapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/meterpreter.py CHANGED Viewed

@@ -1260,11 +1260,37 @@ class PythonMeterpreter(object):
         return idx
     def add_process(self, process):
-        idx = self.next_process_id
-        self.processes[idx] = process
-        debug_print('[*] added process id: ' + str(idx))
-        self.next_process_id += 1
-        return idx
+        if has_windll:
+            PROCESS_ALL_ACCESS = 0x1fffff
+            OpenProcess = ctypes.windll.kernel32.OpenProcess
+            OpenProcess.argtypes = [ctypes.c_ulong, ctypes.c_long, ctypes.c_ulong]
+            OpenProcess.restype = ctypes.c_void_p
+            handle = OpenProcess(PROCESS_ALL_ACCESS, False, process.pid)
+        else:
+            handle = self.next_process_id
+            self.next_process_id += 1
+        self.processes[handle] = process
+        debug_print('[*] added process id: ' + str(process.pid) + ', handle: ' + str(handle))
+        return handle
+    def close_process(self, proc_h_id):
+        proc_h = self.processes.pop(proc_h_id, None)
+        if not proc_h:
+            return False
+        for channel_id, channel in self.channels.items():
+            if not isinstance(channel, MeterpreterProcess):
+                continue
+            if not channel.proc_h is proc_h:
+                continue
+            self.close_channel(channel_id)
+            break
+        if has_windll:
+            CloseHandle = ctypes.windll.kernel32.CloseHandle
+            CloseHandle.argtypes = [ctypes.c_void_p]
+            CloseHandle.restype = ctypes.c_long
+            CloseHandle(proc_h_id)
+        debug_print('[*] closed and removed process id: ' + str(proc_h.pid) + ', handle: ' + str(proc_h_id))
+        return True
     def close_channel(self, channel_id):
         if channel_id not in self.channels:

data/data/meterpreter/metsrv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.dll CHANGED Viewed

Binary file

data/lib/metasploit-payloads/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.112'
+  VERSION = '2.0.114'
   def self.version
     VERSION

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.112
+  version: 2.0.114
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2023-02-17 00:00:00.000000000 Z
+date: 2023-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake

metadata.gz.sig CHANGED Viewed

Binary file