metasploit-payloads 2.0.116 → 2.0.118

Sign up to get free protection for your applications and to get access to all the features.
Files changed (77) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/data/android/meterpreter.jar +0 -0
  4. data/data/android/metstage.jar +0 -0
  5. data/data/android/shell.jar +0 -0
  6. data/data/meterpreter/elevator.x64.debug.dll +0 -0
  7. data/data/meterpreter/elevator.x64.dll +0 -0
  8. data/data/meterpreter/elevator.x86.debug.dll +0 -0
  9. data/data/meterpreter/elevator.x86.dll +0 -0
  10. data/data/meterpreter/ext_server_bofloader.x64.debug.dll +0 -0
  11. data/data/meterpreter/ext_server_bofloader.x64.dll +0 -0
  12. data/data/meterpreter/ext_server_bofloader.x86.debug.dll +0 -0
  13. data/data/meterpreter/ext_server_bofloader.x86.dll +0 -0
  14. data/data/meterpreter/ext_server_espia.x64.debug.dll +0 -0
  15. data/data/meterpreter/ext_server_espia.x64.dll +0 -0
  16. data/data/meterpreter/ext_server_espia.x86.debug.dll +0 -0
  17. data/data/meterpreter/ext_server_espia.x86.dll +0 -0
  18. data/data/meterpreter/ext_server_extapi.x64.debug.dll +0 -0
  19. data/data/meterpreter/ext_server_extapi.x64.dll +0 -0
  20. data/data/meterpreter/ext_server_extapi.x86.debug.dll +0 -0
  21. data/data/meterpreter/ext_server_extapi.x86.dll +0 -0
  22. data/data/meterpreter/ext_server_incognito.x64.debug.dll +0 -0
  23. data/data/meterpreter/ext_server_incognito.x64.dll +0 -0
  24. data/data/meterpreter/ext_server_incognito.x86.debug.dll +0 -0
  25. data/data/meterpreter/ext_server_incognito.x86.dll +0 -0
  26. data/data/meterpreter/ext_server_kiwi.x64.debug.dll +0 -0
  27. data/data/meterpreter/ext_server_kiwi.x64.dll +0 -0
  28. data/data/meterpreter/ext_server_kiwi.x86.debug.dll +0 -0
  29. data/data/meterpreter/ext_server_kiwi.x86.dll +0 -0
  30. data/data/meterpreter/ext_server_lanattacks.x64.debug.dll +0 -0
  31. data/data/meterpreter/ext_server_lanattacks.x64.dll +0 -0
  32. data/data/meterpreter/ext_server_lanattacks.x86.debug.dll +0 -0
  33. data/data/meterpreter/ext_server_lanattacks.x86.dll +0 -0
  34. data/data/meterpreter/ext_server_peinjector.x64.debug.dll +0 -0
  35. data/data/meterpreter/ext_server_peinjector.x64.dll +0 -0
  36. data/data/meterpreter/ext_server_peinjector.x86.debug.dll +0 -0
  37. data/data/meterpreter/ext_server_peinjector.x86.dll +0 -0
  38. data/data/meterpreter/ext_server_powershell.x64.debug.dll +0 -0
  39. data/data/meterpreter/ext_server_powershell.x64.dll +0 -0
  40. data/data/meterpreter/ext_server_powershell.x86.debug.dll +0 -0
  41. data/data/meterpreter/ext_server_powershell.x86.dll +0 -0
  42. data/data/meterpreter/ext_server_priv.x64.debug.dll +0 -0
  43. data/data/meterpreter/ext_server_priv.x64.dll +0 -0
  44. data/data/meterpreter/ext_server_priv.x86.debug.dll +0 -0
  45. data/data/meterpreter/ext_server_priv.x86.dll +0 -0
  46. data/data/meterpreter/ext_server_python.x64.debug.dll +0 -0
  47. data/data/meterpreter/ext_server_python.x64.dll +0 -0
  48. data/data/meterpreter/ext_server_python.x86.debug.dll +0 -0
  49. data/data/meterpreter/ext_server_python.x86.dll +0 -0
  50. data/data/meterpreter/ext_server_sniffer.x64.dll +0 -0
  51. data/data/meterpreter/ext_server_sniffer.x86.dll +0 -0
  52. data/data/meterpreter/ext_server_stdapi.py +22 -0
  53. data/data/meterpreter/ext_server_stdapi.x64.debug.dll +0 -0
  54. data/data/meterpreter/ext_server_stdapi.x64.dll +0 -0
  55. data/data/meterpreter/ext_server_stdapi.x86.debug.dll +0 -0
  56. data/data/meterpreter/ext_server_stdapi.x86.dll +0 -0
  57. data/data/meterpreter/ext_server_unhook.x64.debug.dll +0 -0
  58. data/data/meterpreter/ext_server_unhook.x64.dll +0 -0
  59. data/data/meterpreter/ext_server_unhook.x86.debug.dll +0 -0
  60. data/data/meterpreter/ext_server_unhook.x86.dll +0 -0
  61. data/data/meterpreter/ext_server_winpmem.x64.debug.dll +0 -0
  62. data/data/meterpreter/ext_server_winpmem.x64.dll +0 -0
  63. data/data/meterpreter/ext_server_winpmem.x86.debug.dll +0 -0
  64. data/data/meterpreter/ext_server_winpmem.x86.dll +0 -0
  65. data/data/meterpreter/meterpreter.py +27 -25
  66. data/data/meterpreter/metsrv.x64.debug.dll +0 -0
  67. data/data/meterpreter/metsrv.x64.dll +0 -0
  68. data/data/meterpreter/metsrv.x86.debug.dll +0 -0
  69. data/data/meterpreter/metsrv.x86.dll +0 -0
  70. data/data/meterpreter/screenshot.x64.debug.dll +0 -0
  71. data/data/meterpreter/screenshot.x64.dll +0 -0
  72. data/data/meterpreter/screenshot.x86.debug.dll +0 -0
  73. data/data/meterpreter/screenshot.x86.dll +0 -0
  74. data/lib/metasploit-payloads/version.rb +1 -1
  75. data.tar.gz.sig +1 -1
  76. metadata +2 -2
  77. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e718ae88fe89c419160d89456763e33c1dd95646ae51f85ef05965813149b316
4
- data.tar.gz: 682b5d3c30d2992f8b720a51cc82cbd3eb64084ec10e74957740fa72f1f7b76b
3
+ metadata.gz: 55f62a6ddb8ad54b97366b04f5b95e70859d702e29e461c3cf860c7958b61ec5
4
+ data.tar.gz: e72be5a99ca78cd07501b9d9cc3f61bd285da2f818e2c4bc23d8fc9ba524fb90
5
5
  SHA512:
6
- metadata.gz: 7bfbb62178915ba975c6374d4c51613d207c097de7156e83c4564d8a38676a26ae08096b08c5db652f1197456e775350256605123e0b56588e2a42804c78980a
7
- data.tar.gz: 3871ae598b506783f1d3d72d9c84d24608afcfdeeb322e4de5d23f0fb847647dbff350bd295059a1736834a4824638005f95c546d285094a10d52e1e2ee25e9e
6
+ metadata.gz: c91365effac6f9f697441f8356f273f403eb92973e3dd8ecb187d4419299a377e12353cfd6708799ced35fe1839faec70586a9131c61f0e7dbcb01a6d5bfb94d
7
+ data.tar.gz: 47a8af6283b7dc2e668278548580642b94c8808b5df062c5a7cc51f3663f012fd767a86af8e9bbe7ae23bc9c107ed8cc1799c640593c38e42235dad5ca076eda
checksums.yaml.gz.sig CHANGED
Binary file
Binary file
Binary file
Binary file
Binary file
Binary file
@@ -1336,6 +1336,28 @@ def stdapi_sys_config_sysinfo(request, response):
1336
1336
  response += tlv_pack(TLV_TYPE_ARCHITECTURE, get_system_arch())
1337
1337
  return ERROR_SUCCESS, response
1338
1338
 
1339
+ @register_function_if(has_windll)
1340
+ def stdapi_sys_process_attach(request, response):
1341
+ pid = packet_get_tlv(request, TLV_TYPE_PID)['value']
1342
+ if not pid:
1343
+ GetCurrentProcess = ctypes.windll.kernel32.GetCurrentProcess
1344
+ GetCurrentProcess.restype = ctypes.c_void_p
1345
+ handle = GetCurrentProcess()
1346
+ else:
1347
+ inherit = packet_get_tlv(request, TLV_TYPE_INHERIT)['value']
1348
+ permissions = packet_get_tlv(request, TLV_TYPE_PROCESS_PERMS)['value']
1349
+
1350
+ OpenProcess = ctypes.windll.kernel32.OpenProcess
1351
+ OpenProcess.argtypes = [ctypes.c_uint32, ctypes.c_bool, ctypes.c_uint32]
1352
+ OpenProcess.restype = ctypes.c_void_p
1353
+ handle = OpenProcess(permissions, inherit, pid)
1354
+ if not handle:
1355
+ return error_result_windows(), response
1356
+ meterpreter.processes[handle] = None
1357
+ debug_print('[*] added process id: ' + str(pid) + ', handle: ' + str(handle))
1358
+ response += tlv_pack(TLV_TYPE_HANDLE, handle)
1359
+ return ERROR_SUCCESS, response
1360
+
1339
1361
  @register_function
1340
1362
  def stdapi_sys_process_close(request, response):
1341
1363
  proc_h_id = packet_get_tlv(request, TLV_TYPE_HANDLE)['value']
@@ -1259,6 +1259,21 @@ class PythonMeterpreter(object):
1259
1259
  self.next_channel_id += 1
1260
1260
  return idx
1261
1261
 
1262
+ def close_channel(self, channel_id):
1263
+ if channel_id not in self.channels:
1264
+ return False
1265
+ channel = self.channels[channel_id]
1266
+ try:
1267
+ channel.close()
1268
+ except Exception:
1269
+ debug_traceback('[-] failed to close channel id: ' + str(channel_id))
1270
+ return False
1271
+ del self.channels[channel_id]
1272
+ if channel_id in self.interact_channels:
1273
+ self.interact_channels.remove(channel_id)
1274
+ debug_print('[*] closed and removed channel id: ' + str(channel_id))
1275
+ return True
1276
+
1262
1277
  def add_process(self, process):
1263
1278
  if has_windll:
1264
1279
  PROCESS_ALL_ACCESS = 0x1fffff
@@ -1274,37 +1289,24 @@ class PythonMeterpreter(object):
1274
1289
  return handle
1275
1290
 
1276
1291
  def close_process(self, proc_h_id):
1277
- proc_h = self.processes.pop(proc_h_id, None)
1278
- if not proc_h:
1292
+ if proc_h_id not in self.processes:
1279
1293
  return False
1280
- for channel_id, channel in self.channels.items():
1281
- if not isinstance(channel, MeterpreterProcess):
1282
- continue
1283
- if not channel.proc_h is proc_h:
1284
- continue
1285
- self.close_channel(channel_id)
1286
- break
1294
+ proc_h = self.processes.pop(proc_h_id)
1295
+ if proc_h:
1296
+ # proc_h is only set when we started the process via execute and not when we attached to it
1297
+ for channel_id, channel in self.channels.items():
1298
+ if not isinstance(channel, MeterpreterProcess):
1299
+ continue
1300
+ if not channel.proc_h is proc_h:
1301
+ continue
1302
+ self.close_channel(channel_id)
1303
+ break
1287
1304
  if has_windll:
1288
1305
  CloseHandle = ctypes.windll.kernel32.CloseHandle
1289
1306
  CloseHandle.argtypes = [ctypes.c_void_p]
1290
1307
  CloseHandle.restype = ctypes.c_long
1291
1308
  CloseHandle(proc_h_id)
1292
- debug_print('[*] closed and removed process id: ' + str(proc_h.pid) + ', handle: ' + str(proc_h_id))
1293
- return True
1294
-
1295
- def close_channel(self, channel_id):
1296
- if channel_id not in self.channels:
1297
- return False
1298
- channel = self.channels[channel_id]
1299
- try:
1300
- channel.close()
1301
- except Exception:
1302
- debug_traceback('[-] failed to close channel id: ' + str(channel_id))
1303
- return False
1304
- del self.channels[channel_id]
1305
- if channel_id in self.interact_channels:
1306
- self.interact_channels.remove(channel_id)
1307
- debug_print('[*] closed and removed channel id: ' + str(channel_id))
1309
+ debug_print('[*] closed and removed process handle: ' + str(proc_h_id))
1308
1310
  return True
1309
1311
 
1310
1312
  def get_packet(self):
Binary file
Binary file
Binary file
Binary file
Binary file
Binary file
@@ -1,6 +1,6 @@
1
1
  # -*- coding:binary -*-
2
2
  module MetasploitPayloads
3
- VERSION = '2.0.116'
3
+ VERSION = '2.0.118'
4
4
 
5
5
  def self.version
6
6
  VERSION
data.tar.gz.sig CHANGED
@@ -1 +1 @@
1
- f$ޢ�+f��f�'[֪�����]g� p ��e��Dm5��Iǚ�4l2"n�em&Fȫ� ������W���ߺ�� 3|�>b�� ���'y�����J[�ubR���Gi�>QayyJ�!D7L�$�>2mdbrI���m*qI��ɘl�Ɠ�׿�E抄��Ns��vOk �<#�T�Vܩ���_bF�'�������fG��!���z)͢���b������vl3T0��0!؋�z^J���
1
+ :�:R�S�E"���͕�S�58+����=�"�/ҏI��}f�A�Тa��oF��AP�̂W'ګ�7H�� �{O�Wƶ�ɸT[P��rִ�"Ijw��\���bX5F��H=���8-BcuJOEy-���u��U�ķ܎��peJ9ۢ59�:�$�U֬�]��F�hH�+��@9@�T�Mh<E�������c����07a�zU@)*m�s"���^�q�f8��i��mB��l���F��T�U
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-payloads
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.116
4
+ version: 2.0.118
5
5
  platform: ruby
6
6
  authors:
7
7
  - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
96
96
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
97
97
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
98
98
  -----END CERTIFICATE-----
99
- date: 2023-02-28 00:00:00.000000000 Z
99
+ date: 2023-03-03 00:00:00.000000000 Z
100
100
  dependencies:
101
101
  - !ruby/object:Gem::Dependency
102
102
  name: rake
metadata.gz.sig CHANGED
Binary file