metasploit-payloads 2.0.152 → 2.0.154
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.gitignore +1 -0
- data/.rspec +1 -0
- data/Gemfile +4 -0
- data/data/android/meterpreter.dex +0 -0
- data/data/android/meterpreter.jar +0 -0
- data/data/android/metstage.jar +0 -0
- data/data/android/shell.jar +0 -0
- data/data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class +0 -0
- data/data/java/javapayload/stage/Meterpreter.class +0 -0
- data/data/java/metasploit/AESEncryption.class +0 -0
- data/data/java/metasploit/Payload.class +0 -0
- data/data/meterpreter/dump_sam.x64.debug.dll +0 -0
- data/data/meterpreter/dump_sam.x64.dll +0 -0
- data/data/meterpreter/dump_sam.x86.debug.dll +0 -0
- data/data/meterpreter/dump_sam.x86.dll +0 -0
- data/data/meterpreter/elevator.x64.debug.dll +0 -0
- data/data/meterpreter/elevator.x64.dll +0 -0
- data/data/meterpreter/elevator.x86.debug.dll +0 -0
- data/data/meterpreter/elevator.x86.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x64.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x86.dll +0 -0
- data/data/meterpreter/ext_server_espia.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_espia.x64.dll +0 -0
- data/data/meterpreter/ext_server_espia.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_espia.x86.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x64.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x86.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x64.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x86.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x64.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x86.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x64.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x86.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x64.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x86.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x64.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x86.dll +0 -0
- data/data/meterpreter/ext_server_priv.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_priv.x64.dll +0 -0
- data/data/meterpreter/ext_server_priv.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_priv.x86.dll +0 -0
- data/data/meterpreter/ext_server_python.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_python.x64.dll +0 -0
- data/data/meterpreter/ext_server_python.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_python.x86.dll +0 -0
- data/data/meterpreter/ext_server_sniffer.x64.dll +0 -0
- data/data/meterpreter/ext_server_sniffer.x86.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.jar +0 -0
- data/data/meterpreter/ext_server_stdapi.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x64.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x86.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x64.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x86.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x64.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x86.dll +0 -0
- data/data/meterpreter/meterpreter.jar +0 -0
- data/data/meterpreter/metsrv.x64.debug.dll +0 -0
- data/data/meterpreter/metsrv.x64.dll +0 -0
- data/data/meterpreter/metsrv.x86.debug.dll +0 -0
- data/data/meterpreter/metsrv.x86.dll +0 -0
- data/data/meterpreter/screenshot.x64.debug.dll +0 -0
- data/data/meterpreter/screenshot.x64.dll +0 -0
- data/data/meterpreter/screenshot.x86.debug.dll +0 -0
- data/data/meterpreter/screenshot.x86.dll +0 -0
- data/lib/metasploit-payloads/error.rb +36 -0
- data/lib/metasploit-payloads/version.rb +1 -1
- data/lib/metasploit-payloads.rb +93 -4
- data/manifest +97 -0
- data/manifest.uuid +1 -0
- data/metasploit-payloads.gemspec +1 -0
- data/spec/metasploit_payloads/metasploit_payloads_spec.rb +249 -0
- data/spec/spec_helper.rb +103 -0
- data.tar.gz.sig +0 -0
- metadata +8 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8be6e3a79a976f76e3bdcd7131211f87d506e1d7951c8570970a00cca95d0685
|
4
|
+
data.tar.gz: 2aec19188104778d80c4626f306f11d8eb290f2e56b34b2881b59692c4fd5567
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 352963fe40d6ce798c357c117dfaca9bdf99f5a504bc89b56586e5c0f8a852c896605a800db41c525ca4a350a06b1f37258f14da2fc93b43fd5d14719f4cf863
|
7
|
+
data.tar.gz: 261e198987bd0aa0f4e05319fd31145781c83cf456f13148047174489f43be9e7aa4f452a156e9244773fac8599ebfd9ee610adcbeb4ab2f7266ca67757c9180
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data/.gitignore
CHANGED
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--require spec_helper
|
data/Gemfile
CHANGED
Binary file
|
Binary file
|
data/data/android/metstage.jar
CHANGED
Binary file
|
data/data/android/shell.jar
CHANGED
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module MetasploitPayloads
|
4
|
+
class Error < StandardError
|
5
|
+
end
|
6
|
+
|
7
|
+
# Error raised when a Metasploit Payloads file doesn't exist.
|
8
|
+
class NotFoundError < Error
|
9
|
+
attr_reader :path
|
10
|
+
|
11
|
+
def initialize(path = '')
|
12
|
+
@path = path
|
13
|
+
super("Meterpreter path #{@path} not found. Ensure antivirus is not enabled, or reinstall Metasploit.")
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
# Error raised when the user does not have read permissions for a Metasploit Payloads file
|
18
|
+
class NotReadableError < Error
|
19
|
+
attr_reader :path
|
20
|
+
|
21
|
+
def initialize(path = '')
|
22
|
+
@path = path
|
23
|
+
super("Meterpreter path #{@path} is not readable. Check if you have read access and try again.")
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
# Error raised when a Metasploit Payloads file's hash does not match what is defined in the manifest file.
|
28
|
+
class HashMismatchError < Error
|
29
|
+
attr_reader :path
|
30
|
+
|
31
|
+
def initialize(path = '')
|
32
|
+
@path = path
|
33
|
+
super("Meterpreter path #{@path} does not match the hash defined in the Metasploit Payloads manifest file.")
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
data/lib/metasploit-payloads.rb
CHANGED
@@ -1,6 +1,8 @@
|
|
1
1
|
# -*- coding:binary -*-
|
2
2
|
|
3
|
+
require 'openssl' unless defined? OpenSSL::Digest
|
3
4
|
require 'metasploit-payloads/version' unless defined? MetasploitPayloads::VERSION
|
5
|
+
require 'metasploit-payloads/error' unless defined? MetasploitPayloads::Error
|
4
6
|
|
5
7
|
#
|
6
8
|
# This module dispenses Metasploit payload binary files
|
@@ -10,6 +12,56 @@ module MetasploitPayloads
|
|
10
12
|
METERPRETER_SUBFOLDER = 'meterpreter'
|
11
13
|
USER_DATA_SUBFOLDER = 'payloads'
|
12
14
|
|
15
|
+
#
|
16
|
+
# @return [Array<Hash<String, Symbol>>] An array of filenames with warnings. Provides a file name and error.
|
17
|
+
# Empty if all needed Meterpreter files exist and have the correct hash.
|
18
|
+
def self.manifest_errors
|
19
|
+
manifest_errors = []
|
20
|
+
|
21
|
+
begin
|
22
|
+
manifest_contents = ::File.binread(manifest_path)
|
23
|
+
rescue => e
|
24
|
+
return [{ path: manifest_path, error: e }]
|
25
|
+
end
|
26
|
+
|
27
|
+
begin
|
28
|
+
manifest_uuid_contents = ::File.binread(manifest_uuid_path)
|
29
|
+
rescue => e
|
30
|
+
manifest_errors.append({ path: manifest_uuid_path, error: e })
|
31
|
+
end
|
32
|
+
|
33
|
+
# Check if the hash of the manifest file is correct.
|
34
|
+
if manifest_uuid_contents
|
35
|
+
manifest_digest = ::OpenSSL::Digest.new('SHA3-256', manifest_contents)
|
36
|
+
uuid_matches = (manifest_uuid_contents.chomp == manifest_digest.to_s)
|
37
|
+
unless uuid_matches
|
38
|
+
e = ::MetasploitPayloads::HashMismatchError.new(manifest_path)
|
39
|
+
manifest_errors.append({ path: manifest_path, error: e })
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
manifest_contents.each_line do |line|
|
44
|
+
filename, hash_type, hash = line.chomp.split(':')
|
45
|
+
begin
|
46
|
+
# self.path prepends the gem data directory, which is already present in the manifest file.
|
47
|
+
out_path = self.path(filename.sub('./data/', ''))
|
48
|
+
# self.path can return a path to the gem data, or user's local data.
|
49
|
+
bundled_file = out_path.start_with?(data_directory)
|
50
|
+
if bundled_file
|
51
|
+
file_hash_match = (::OpenSSL::Digest.new(hash_type, ::File.binread(out_path)).to_s == hash)
|
52
|
+
unless file_hash_match
|
53
|
+
e = ::MetasploitPayloads::HashMismatchError.new(out_path)
|
54
|
+
manifest_errors.append({ path: e.path, error: e })
|
55
|
+
end
|
56
|
+
end
|
57
|
+
rescue ::MetasploitPayloads::NotFoundError, ::MetasploitPayloads::NotReadableError => e
|
58
|
+
manifest_errors.append({ path: e.path, error: e })
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
manifest_errors
|
63
|
+
end
|
64
|
+
|
13
65
|
#
|
14
66
|
# Get the path to an extension based on its name (no prefix).
|
15
67
|
#
|
@@ -17,6 +69,14 @@ module MetasploitPayloads
|
|
17
69
|
path(METERPRETER_SUBFOLDER, "#{EXTENSION_PREFIX}#{ext_name}.#{binary_suffix}")
|
18
70
|
end
|
19
71
|
|
72
|
+
#
|
73
|
+
# Get the path for the first readable path in the provided arguments.
|
74
|
+
# Start with the provided `extra_paths` then fall back to the `gem_path`.
|
75
|
+
#
|
76
|
+
# @param [String] gem_path a path to the gem
|
77
|
+
# @param [Array<String>] extra_paths a path to any extra paths that should be evaluated for local files before `gem_path`
|
78
|
+
# @raise [NotReadableError] if the user doesn't have read permissions for the currently-evaluated path
|
79
|
+
# @return [String,nil] A readable path or nil
|
20
80
|
def self.readable_path(gem_path, *extra_paths)
|
21
81
|
# Try the MSF path first to see if the file exists, allowing the MSF data
|
22
82
|
# folder to override what is in the gem. This is very helpful for
|
@@ -24,12 +84,18 @@ module MetasploitPayloads
|
|
24
84
|
# each time. We only do this is MSF is installed.
|
25
85
|
extra_paths.each do |extra_path|
|
26
86
|
if ::File.readable? extra_path
|
27
|
-
warn_local_path(extra_path)
|
87
|
+
warn_local_path(extra_path)
|
28
88
|
return extra_path
|
89
|
+
else
|
90
|
+
# Raise rather than falling back;
|
91
|
+
# If there is a local file present, let's assume that the user wants to use it (e.g. local dev. changes)
|
92
|
+
# rather than having MSF Console falling back to the files in the gem
|
93
|
+
raise ::MetasploitPayloads::NotReadableError, extra_path, caller if ::File.exist?(extra_path)
|
29
94
|
end
|
30
95
|
end
|
31
96
|
|
32
97
|
return gem_path if ::File.readable? gem_path
|
98
|
+
raise ::MetasploitPayloads::NotReadableError, gem_path, caller if ::File.exist?(gem_path)
|
33
99
|
|
34
100
|
nil
|
35
101
|
end
|
@@ -37,21 +103,36 @@ module MetasploitPayloads
|
|
37
103
|
#
|
38
104
|
# Get the path to a meterpreter binary by full name.
|
39
105
|
#
|
106
|
+
# @param [String] name The name of the requested binary without any file extensions
|
107
|
+
# @param [String] binary_suffix The binary extension, without the leading '.' char (e.g. `php`, `jar`)
|
108
|
+
# @param [Boolean] debug Request a debug version of the binary. This adds a
|
109
|
+
# leading '.debug' to the extension if looking for a DLL file.
|
40
110
|
def self.meterpreter_path(name, binary_suffix, debug: false)
|
41
111
|
binary_suffix = binary_suffix&.gsub(/dll$/, 'debug.dll') if debug
|
42
112
|
path(METERPRETER_SUBFOLDER, "#{name}.#{binary_suffix}".downcase)
|
43
113
|
end
|
44
114
|
|
45
115
|
#
|
46
|
-
# Get the full path to any file packaged in this gem by local path and name.
|
116
|
+
# Get the full path to any file packaged in this gem or other Metasploit Framework directories by local path and name.
|
47
117
|
#
|
118
|
+
# @param [Array<String>] path_parts requested path parts that will be joined
|
119
|
+
# @raise [NotFoundError] if the requested path/file does not exist
|
120
|
+
# @raise [NotReadableError] if the requested file exists but the user doesn't have read permissions
|
121
|
+
# @return [String,nil] A path or nil
|
48
122
|
def self.path(*path_parts)
|
49
123
|
gem_path = expand(data_directory, ::File.join(path_parts))
|
50
124
|
if metasploit_installed?
|
51
125
|
user_path = expand(Msf::Config.config_directory, ::File.join(USER_DATA_SUBFOLDER, path_parts))
|
52
126
|
msf_path = expand(Msf::Config.data_directory, ::File.join(path_parts))
|
127
|
+
out_path = readable_path(gem_path, user_path, msf_path)
|
128
|
+
else
|
129
|
+
out_path = readable_path(gem_path)
|
53
130
|
end
|
54
|
-
|
131
|
+
|
132
|
+
return out_path unless out_path.nil?
|
133
|
+
raise ::MetasploitPayloads::NotFoundError, ::File.join(gem_path), caller unless ::File.exist?(gem_path)
|
134
|
+
|
135
|
+
nil
|
55
136
|
end
|
56
137
|
|
57
138
|
#
|
@@ -61,7 +142,7 @@ module MetasploitPayloads
|
|
61
142
|
file_path = path(path_parts)
|
62
143
|
if file_path.nil?
|
63
144
|
full_path = ::File.join(path_parts)
|
64
|
-
|
145
|
+
raise ::MetasploitPayloads::NotFoundError, full_path, caller
|
65
146
|
end
|
66
147
|
|
67
148
|
::File.binread(file_path)
|
@@ -203,5 +284,13 @@ module MetasploitPayloads
|
|
203
284
|
|
204
285
|
things
|
205
286
|
end
|
287
|
+
|
288
|
+
def manifest_path
|
289
|
+
::File.realpath(::File.join(::File.dirname(__FILE__), '..', 'manifest'))
|
290
|
+
end
|
291
|
+
|
292
|
+
def manifest_uuid_path
|
293
|
+
::File.realpath(::File.join(::File.dirname(__FILE__), '..', 'manifest.uuid'))
|
294
|
+
end
|
206
295
|
end
|
207
296
|
end
|
data/manifest
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
./data/android/apk/AndroidManifest.xml:SHA3-256:cff0a10406eef30a6e8b558efa6695a2e183f11ada105e2fc2342ab174f1fc95
|
2
|
+
./data/android/apk/classes.dex:SHA3-256:0ca34b9e74428678ca808e3601eb30ec78256d76a38c8eecf26e5f419837b769
|
3
|
+
./data/android/apk/resources.arsc:SHA3-256:9a6f5eb5cb24fb1f83808a67c692e66c1a698d6222db2000b8b07e595689311f
|
4
|
+
./data/android/meterpreter.dex:SHA3-256:6105628e55ccab5412f899bc8bb563796b53f5941d48283ff892abc09fbd1c6a
|
5
|
+
./data/android/meterpreter.jar:SHA3-256:644553f5c9616780c1b8f420a90614b88da5b18ff1a774896d87fa7810798896
|
6
|
+
./data/android/metstage.jar:SHA3-256:9dadc846e9cd52534631574bd1a5665dd0efb81dfdf26e435d4a0036a546ee27
|
7
|
+
./data/android/shell.jar:SHA3-256:db129427fc3d9195f254cf6e9c4bd75eb0c077ab115a76c72aebae1d406ff3d4
|
8
|
+
./data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class:SHA3-256:a5a729165ff85444ee954f19590782def0a66b1941e89f3cb5baed1df72818c8
|
9
|
+
./data/java/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.class:SHA3-256:386dd1d33383a0d1ac221bf4b914d8b648f5f47aefb3cad0e8d16988854e1762
|
10
|
+
./data/java/javapayload/stage/Meterpreter.class:SHA3-256:9124d682defeba42a88c766bee21c4d4a0c7c37f63f1928a2614c4d1bea2fecf
|
11
|
+
./data/java/javapayload/stage/Shell.class:SHA3-256:78aeee685de937bd62a5364ca1a16a798f1c963968b829bcfcb675723d4f8650
|
12
|
+
./data/java/javapayload/stage/Stage.class:SHA3-256:d99ce29ee9dfc87830e114bf872c7f75c40eac6f759a85537a661dfdea62a003
|
13
|
+
./data/java/javapayload/stage/StreamForwarder.class:SHA3-256:d2b38771450580a68f7ff6131798d53ff979f2bcd2e5b0f444f6d90a25274599
|
14
|
+
./data/java/metasploit/AESEncryption.class:SHA3-256:66007714b525a8151208e133755f7e0fe1fbf1bd27fe11618722d428886fbb69
|
15
|
+
./data/java/metasploit/JMXPayload.class:SHA3-256:74a131478fd1afa1c863cc000674cf145182ece98e8f8cfba5e406022d6be0e9
|
16
|
+
./data/java/metasploit/JMXPayloadMBean.class:SHA3-256:58e5dd1100a80110264f249e01eca58a56ed05f255f70fc30b67e1c0859d7873
|
17
|
+
./data/java/metasploit/Payload.class:SHA3-256:c53080cf5ab6ea1d57cd1430419234fc0146e0d5cb970db569e4ddabcf3e0c66
|
18
|
+
./data/java/metasploit/PayloadServlet.class:SHA3-256:56f7c3d907ec4cea0a0685627fe5be2edc021e5fd13a62d26846bfc41373d0bb
|
19
|
+
./data/java/metasploit/PayloadTrustManager.class:SHA3-256:e2d25c8b3e43f584e198e46c2576b367f96275800a96a42fd2dc2c81059a3c41
|
20
|
+
./data/java/metasploit/RMILoader.class:SHA3-256:4add539548d76e0142ff5e6ccdba6ee4b21191354be1a40499cb2a745b480bee
|
21
|
+
./data/java/metasploit/RMIPayload.class:SHA3-256:0d3e96836a8c3591f4bc827b33c4edb0b4f505a9f17cb0bdb27a367fb71d53c3
|
22
|
+
./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:785cee32f256748d7581c2c99b2c7fc785b80cc4b98c04b23663083d9cbb63fe
|
23
|
+
./data/meterpreter/dump_sam.x64.dll:SHA3-256:802b6fd59c81271de108ed34629591a54e595d4674b2994bcf193c3f14541f21
|
24
|
+
./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:6a20175fdbc8c81fa1a8a7acf5b1bcd3a446361bc62df655bea03ee6f020946a
|
25
|
+
./data/meterpreter/dump_sam.x86.dll:SHA3-256:b2586ce65fbc44ca65e3e1bb306e98ddc443731ad68dded7dc421a1a1a7eb044
|
26
|
+
./data/meterpreter/elevator.x64.debug.dll:SHA3-256:8baefe56b2f90fdf0c30242aa64410fcf9388781542c25f1122f2eabc1c4b60d
|
27
|
+
./data/meterpreter/elevator.x64.dll:SHA3-256:3c0aea83b1ff9ed1b5c577a8f5c9a609cc5ed49986fb73aa3a75939cf2ab6f1b
|
28
|
+
./data/meterpreter/elevator.x86.debug.dll:SHA3-256:acbf23f52c53752019f41612ade31cb363ed5bbed93b1bad053120bb90aeb33e
|
29
|
+
./data/meterpreter/elevator.x86.dll:SHA3-256:bac995312f1833e90cc5ab65989baa011c0367630b0fea948b618004435c0d56
|
30
|
+
./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:6ea2c2337477ccd1c5b8d3970638c19dac5fcd87fd344eb44d1e3f5edbf20115
|
31
|
+
./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:20e680450f461dbc94cae49dcee97447ebb0c73c75355445c63a88cc51f0a233
|
32
|
+
./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:3ade3073d62002e9f4b5846d3caf83a01fde51b8c00ad27721bee0688990bb7a
|
33
|
+
./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:73e81d200d754ea9dd6dc1784cac396fad577f3ffd9b912a34211d2b3309cf5f
|
34
|
+
./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:291edf708eea4a682de78fc9e43dc9bf9a45447783b5bb98e13645e868bb589a
|
35
|
+
./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:07841363017e9f77f564a9c67b3b00e2b032b8715fe7fb80540772f404936d7e
|
36
|
+
./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:6429005b28c1d1088d1c7bb043b1abb07b60b1de2832a178c9fb772b99850ad0
|
37
|
+
./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:dc675fd01b4f9bab251877e843e7f7c6117678d7e9d6da2389b5d612aac7198f
|
38
|
+
./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:1235b5aede8db36c99786272f92130d9f8fc3aff4ea4312c54b7ecb5ef9f5f26
|
39
|
+
./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:0622c13932e5b92f6648b03f6b30993f169bf945ee311ebc1b3e7cef74b8b075
|
40
|
+
./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:dd9b373b5cbff2dded38eee4619cb6f2cc64b263157cf94494d15c1e94dc27cf
|
41
|
+
./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:8b5fa9ca4ad31f38bb00609dfcbdaf1db8554847a3bdbf302218cad9555f5e7d
|
42
|
+
./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:e74587432b16a267901ddaca692ec9e7a85fde753796ced495635f101a123127
|
43
|
+
./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:933ea101fdb29646f762d7e0ba2a3147c3579fa857857c39841c28c03328e148
|
44
|
+
./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:79379c113c07b6294d9ef90f59a055a08dc2cbd3817bf592bb32f8c165789a0c
|
45
|
+
./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:daa959d55cee072928715bb814fb93f1b8aac6ba2b6e9d85315a319e1f9f6911
|
46
|
+
./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:71638f41ac701e4f32e888d9060f5bbbc053283399ac6c2229469bbb6b523d15
|
47
|
+
./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:7f0a56cc9e8ee86da54163813c23c4a3bc8070fe498d61ebf19b02dc47f261fe
|
48
|
+
./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:1f714bdd7e29191f40dee22c89696c7eeb6c5932f7aeeee798f3ca75ed52b345
|
49
|
+
./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:ae534cada086f1727716795222b3b89d2a0534da6ca2bd65bc119db156830904
|
50
|
+
./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:55e8fd764ac6d3b6eb9724dcb3c058ff5ab37f7e51fe2f15fe7dda82820bbfd5
|
51
|
+
./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:653baca1f7394ebe3f72b7518dd0267912f4e4f843e5439043f66e9c87794505
|
52
|
+
./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:ac9ae1499d78c6b0814344b97a931b8cd8537e8e01949c7e6aea957d4d0948b8
|
53
|
+
./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:cd2add87348966311b2a8239cad43cfcadb966209b7a40989b25a6d1744f6377
|
54
|
+
./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:559d62001bddb7b3c0fb5388bd01e19d5c3a0139dabb1160dbe1022fc7c006ac
|
55
|
+
./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:e4be6ccbd3c6d8d46401e5da1eeebce71a7a323bbd36763da91196d4d2169231
|
56
|
+
./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:d64c816321063138be26d8025b5bb835d8e4a109edcce9d807a12626d2781f89
|
57
|
+
./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:198aff2d850d53037140bd219d61d67172e736b33299608d01446f2043829f62
|
58
|
+
./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:a1759c33feb673ad69d343c21e81a32174d8382aa8e4780a05a616456e99e5f5
|
59
|
+
./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:927157d6c4c9ed97ac6c44c5eb3d32c4e8af75788e1a4bda9135993d2f9cb179
|
60
|
+
./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:f23072816c21859eba191193959c7ce67f41bc93488643a763a64900ab6d4cd0
|
61
|
+
./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:254b1b3755cf040918896b959d1ff1b25404c11056b2502a2bdde7bd35c031dc
|
62
|
+
./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:f051cacdd39eb770c3be0fa2ccd2a4f64e23e51687d6caa43b3b99313b94ccbd
|
63
|
+
./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:443f7a82d5cb1486c751751b31723be137f5f77867ae69a3a39d22ef244c1502
|
64
|
+
./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:36024f9ee7071ad2700eea3dcd4f6e947d58ebf0d55b3e636a4b8d0a91210f26
|
65
|
+
./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:7b316484d3dc6acead1fceb9b61b676d5ae27291ddc91ca001ae811d12f68635
|
66
|
+
./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:c642d56929929c56d1173df0770fc31070bebd325569795a1d74ac555fda80a1
|
67
|
+
./data/meterpreter/ext_server_python.x64.dll:SHA3-256:86cfa76153a941c73559f878b1e2b1fee3754749205819ed269e5d7f33502f3f
|
68
|
+
./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:a17feaed376a0352888ada4fafda64e08ee18fc03704986def611d0957b35807
|
69
|
+
./data/meterpreter/ext_server_python.x86.dll:SHA3-256:6875f74994f247dc878f9c7449bf92d0b3a201a932c41305b3e29406e7e370de
|
70
|
+
./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:c61f200a5cdeb37ad4e75754b5ca3e039bd646d808e6a52a489a51a3dd53a30d
|
71
|
+
./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:608f90d349bffec26e9d88591b764a71e9a739b7be76acc83a9272d266b4ea2f
|
72
|
+
./data/meterpreter/ext_server_stdapi.jar:SHA3-256:c064899075585b124102f7015ba6d0ab8aa5e773377ebed7e69cd467d3b6aa26
|
73
|
+
./data/meterpreter/ext_server_stdapi.php:SHA3-256:92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5
|
74
|
+
./data/meterpreter/ext_server_stdapi.py:SHA3-256:3ed09316bdc2038873e5a3dc42bd8d725fdb66cf93a0f87300876d1e64ce6b3c
|
75
|
+
./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:154c8ed4e92d92de6f60bd4c26ea7f8fab376bbd2712463313f1c103effaa1d7
|
76
|
+
./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:93326c89324f7b55880afd9c4fa2814547400a4573eb219df19ec5ecc4b4365d
|
77
|
+
./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:4dfce463d19f4a406d82cef018abdb83b3eaac8ce2d2da76fdd2701328369f03
|
78
|
+
./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:8e05104a76b0de05a738c3677a353b8c11e7427ebbc3e8a58bebe75d608de708
|
79
|
+
./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:d62db48cb7436eaddbc555213a8bd1dc859abe6325e10a18787a40a4ee7a14a2
|
80
|
+
./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:ac42b7ed5916ae528237268716dbebca4f192dd44aa110a6a27e736640afed05
|
81
|
+
./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:0ffe18aa87b330a2114fe773eb348357625c4ea79012d7e536954509500e060b
|
82
|
+
./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:449eda2f641c1ac36266304494647b538062123a1b09d80d291bf499e3760617
|
83
|
+
./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:15e1303ee7c80da536ddd8de4ae68f7ac698b170d9df3d8f73ac635550e4704f
|
84
|
+
./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:b676cdc0a285b8bf058c5a4eedfd2e0a9e7319dd03690c6d5848d8b680f22589
|
85
|
+
./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:bc5fe4881328848a7188469f23344db547ac3ba0282683a5dbbc9a9420fb64f3
|
86
|
+
./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:ac760dbc5623c425ecefb8249eaee78d8a94b808f8dbac387292f77d60b26be9
|
87
|
+
./data/meterpreter/meterpreter.jar:SHA3-256:fc4bd122c9df063808270708e91a0da546de2c7a139bbfa000af65f6b0727dff
|
88
|
+
./data/meterpreter/meterpreter.php:SHA3-256:9389b1548410438d93ce12a2e276b7b2e77046845e6fca43b419b516de3871f9
|
89
|
+
./data/meterpreter/meterpreter.py:SHA3-256:a4ed4d3bb4c28c208a3f00453ccd1c50bb958cc8c20905599e7ba40a3259dba5
|
90
|
+
./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:c957f05143173351574d10ee9ee8e7e752a73bbbe46d1566dce89826e26dd19d
|
91
|
+
./data/meterpreter/metsrv.x64.dll:SHA3-256:30cd3b37fe9af1a1882367b94e458f3ceba6792ab3833f15c3b41d895fa20f7d
|
92
|
+
./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:abac7c6fc2deec55731649a38c6f4529dd9c8cd4398a9f9eacdc7696f5e1ea94
|
93
|
+
./data/meterpreter/metsrv.x86.dll:SHA3-256:10266591ea8eaafab8abdbfc9553c4d873aebdebeaf1e9b0ea6ad9d79c458f0b
|
94
|
+
./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:41ab6d6d31c4e7b19061a4b1d56ccf0eb45f16982b35c4e82713681aca4e99b5
|
95
|
+
./data/meterpreter/screenshot.x64.dll:SHA3-256:9f9f2273bde229ba0bfe17b305d842428d465ccf98206c4573222baae1ef1fa2
|
96
|
+
./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:dc30868b1bd6a58115fac0926a107b473de2ad76e31f83719dd025fe2124f248
|
97
|
+
./data/meterpreter/screenshot.x86.dll:SHA3-256:225efea4164a0ce9dabe263da6df8f03bcac21daef7d13a19896690ebb5f78c7
|
data/manifest.uuid
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
db210e75d5f3ab01cbd7d01be778ba52a03fe35438314094c412ff489a878dae
|
data/metasploit-payloads.gemspec
CHANGED
@@ -0,0 +1,249 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'metasploit-payloads'
|
4
|
+
|
5
|
+
RSpec.describe ::MetasploitPayloads do
|
6
|
+
describe '::VERSION' do
|
7
|
+
it 'has a version number' do
|
8
|
+
expect(::MetasploitPayloads::VERSION).not_to be nil
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
describe '::Error' do
|
13
|
+
it 'has an Error class' do
|
14
|
+
expect(::MetasploitPayloads::Error.superclass).to be(::StandardError)
|
15
|
+
end
|
16
|
+
|
17
|
+
it 'has a NotFoundError class' do
|
18
|
+
expect(::MetasploitPayloads::NotFoundError.superclass).to be(::MetasploitPayloads::Error)
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'has a NotReadableError class' do
|
22
|
+
expect(::MetasploitPayloads::NotReadableError.superclass).to be(::MetasploitPayloads::Error)
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'has a HashMismatchError class' do
|
26
|
+
expect(::MetasploitPayloads::HashMismatchError.superclass).to be(::MetasploitPayloads::Error)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
describe '#readable_path' do
|
31
|
+
let(:sample_file) { { name: 'meterpreter/meterpreter.py' } }
|
32
|
+
|
33
|
+
before :each do
|
34
|
+
allow(::File).to receive(:exist?).and_call_original
|
35
|
+
allow(::File).to receive(:readable?).and_call_original
|
36
|
+
end
|
37
|
+
|
38
|
+
context 'when the path is not readable' do
|
39
|
+
it 'raises a ::MetasploitPayloads::NotReadableError' do
|
40
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
41
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(false)
|
42
|
+
|
43
|
+
expect { subject.readable_path(sample_file[:name]) }.to raise_error(::MetasploitPayloads::NotReadableError)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
context 'when the path does not exist' do
|
48
|
+
it 'returns nil' do
|
49
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(false)
|
50
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(false)
|
51
|
+
|
52
|
+
expect(subject.readable_path(sample_file[:name])).to eq(nil)
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
context 'when the path exists and is readable' do
|
57
|
+
it 'returns the correct path' do
|
58
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
59
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(true)
|
60
|
+
|
61
|
+
expect(subject.readable_path(sample_file[:name])).to eq(sample_file[:name])
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
describe '#path' do
|
67
|
+
let(:sample_file) { { name: 'meterpreter/meterpreter.py' } }
|
68
|
+
|
69
|
+
before :each do
|
70
|
+
allow(::File).to receive(:exist?).and_call_original
|
71
|
+
allow(::File).to receive(:readable?).and_call_original
|
72
|
+
allow(::MetasploitPayloads).to receive(:expand).and_call_original
|
73
|
+
|
74
|
+
allow(::MetasploitPayloads).to receive(:expand)
|
75
|
+
.with(::MetasploitPayloads.data_directory, sample_file[:name])
|
76
|
+
.and_return(sample_file[:name])
|
77
|
+
end
|
78
|
+
|
79
|
+
[
|
80
|
+
{ context: 'is not readable', exist: true, readable: false, expected: ::MetasploitPayloads::NotReadableError },
|
81
|
+
{ context: 'does not exist', exist: false, readable: false, expected: ::MetasploitPayloads::NotFoundError }
|
82
|
+
].each do |test|
|
83
|
+
context "when the path #{test[:context]}" do
|
84
|
+
it "raises #{test[:expected]}" do
|
85
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(test[:exist])
|
86
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(test[:readable])
|
87
|
+
|
88
|
+
expect { subject.path(sample_file[:name]) }.to raise_error(test[:expected])
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
context 'when the path exists and is readable' do
|
94
|
+
it 'returns the correct path' do
|
95
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
96
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(true)
|
97
|
+
|
98
|
+
expect(subject.path(sample_file[:name])).to eq(sample_file[:name])
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
describe '#manifest_errors' do
|
104
|
+
let(:hash_type) { 'SHA3-256' }
|
105
|
+
let(:hash) { { type: hash_type, value: '92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5' } }
|
106
|
+
let(:sample_file) { { name: 'meterpreter/ext_server_stdapi.php', contents: 'sample_data', hash: hash } }
|
107
|
+
let(:manifest_values) { ["./data/#{sample_file[:name]}", sample_file[:hash][:type], sample_file[:hash][:value]] }
|
108
|
+
let(:manifest) { manifest_values.join(':') }
|
109
|
+
let(:manifest_uuid) { ::OpenSSL::Digest.new(hash_type, manifest).to_s }
|
110
|
+
let(:manifest_path) { 'manifest' }
|
111
|
+
let(:manifest_uuid_path) { 'manifest.uuid' }
|
112
|
+
|
113
|
+
before :each do
|
114
|
+
allow(::MetasploitPayloads).to receive(:manifest_path).and_call_original
|
115
|
+
allow(::MetasploitPayloads).to receive(:manifest_path).and_return(manifest_path)
|
116
|
+
|
117
|
+
allow(::MetasploitPayloads).to receive(:manifest_uuid_path).and_call_original
|
118
|
+
allow(::MetasploitPayloads).to receive(:manifest_uuid_path).and_return(manifest_uuid_path)
|
119
|
+
|
120
|
+
allow(::File).to receive(:binread).and_call_original
|
121
|
+
allow(::File).to receive(:binread).with(sample_file[:name]).and_return(sample_file[:contents])
|
122
|
+
allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_path)).and_return(manifest)
|
123
|
+
allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_uuid_path)).and_return(manifest_uuid)
|
124
|
+
|
125
|
+
allow(::OpenSSL::Digest).to receive(:new).and_call_original
|
126
|
+
allow(::OpenSSL::Digest).to receive(:new).with(hash_type,
|
127
|
+
sample_file[:contents]).and_return(sample_file[:hash][:value])
|
128
|
+
end
|
129
|
+
|
130
|
+
context 'when manifest hash does not match' do
|
131
|
+
it 'result includes the manifest file' do
|
132
|
+
allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_uuid_path))
|
133
|
+
.and_return('mismatched_manifest_hash')
|
134
|
+
path = ::MetasploitPayloads.send(:manifest_path)
|
135
|
+
e = ::MetasploitPayloads::HashMismatchError.new(path)
|
136
|
+
|
137
|
+
expect(subject.manifest_errors).to include({ path: path, error: e })
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
context 'when manifest hash does match' do
|
142
|
+
it 'result does not include manifest' do
|
143
|
+
path = ::MetasploitPayloads.send(:manifest_uuid_path)
|
144
|
+
e = ::MetasploitPayloads::HashMismatchError.new(path)
|
145
|
+
|
146
|
+
expect(subject.manifest_errors).not_to include({ path: path, error: e })
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
150
|
+
context 'when there are no file warnings' do
|
151
|
+
it 'returns an empty array' do
|
152
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_return(sample_file[:name])
|
153
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
154
|
+
full_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
|
155
|
+
allow(::File).to receive(:readable?).with(full_file_path).and_return(true)
|
156
|
+
allow(::File).to receive(:binread).with(full_file_path).and_return(sample_file[:contents])
|
157
|
+
|
158
|
+
expect(subject.manifest_errors).to eq([])
|
159
|
+
end
|
160
|
+
end
|
161
|
+
|
162
|
+
[
|
163
|
+
{ context: 'does not exist', error_class: ::MetasploitPayloads::NotFoundError },
|
164
|
+
{ context: 'is not readable', error_class: ::MetasploitPayloads::NotReadableError }
|
165
|
+
].each do |test|
|
166
|
+
context "when a file #{test[:context]}" do
|
167
|
+
it 'includes the correct error' do
|
168
|
+
error = test[:error_class].new(sample_file[:name])
|
169
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
|
170
|
+
|
171
|
+
expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
|
172
|
+
end
|
173
|
+
end
|
174
|
+
end
|
175
|
+
|
176
|
+
context 'when a bundled file hash does not match' do
|
177
|
+
it 'includes the correct error' do
|
178
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
179
|
+
full_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
|
180
|
+
allow(::File).to receive(:readable?).with(full_file_path).and_return(true)
|
181
|
+
allow(::File).to receive(:binread).with(full_file_path).and_return('mismatched_file_contents')
|
182
|
+
e = ::MetasploitPayloads::HashMismatchError.new(full_file_path)
|
183
|
+
|
184
|
+
expect(subject.manifest_errors).to include({ path: full_file_path, error: e })
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
context 'when the manifest file' do
|
189
|
+
context 'does not exist' do
|
190
|
+
it 'only includes the manifest error' do
|
191
|
+
# path = ::MetasploitPayloads.send(:manifest_path)
|
192
|
+
e = ::Errno::ENOENT.new(manifest_path)
|
193
|
+
allow(::File).to receive(:binread).with(manifest_path).and_raise(e)
|
194
|
+
|
195
|
+
expect(subject.manifest_errors).to eq([{ path: manifest_path, error: e }])
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
199
|
+
context 'cannot be read' do
|
200
|
+
it 'only includes the manifest error' do
|
201
|
+
e = ::Errno::EACCES.new(manifest_path)
|
202
|
+
allow(::File).to receive(:binread).with(manifest_path).and_raise(e)
|
203
|
+
|
204
|
+
expect(subject.manifest_errors).to eq([{ path: manifest_path, error: e }])
|
205
|
+
end
|
206
|
+
end
|
207
|
+
end
|
208
|
+
|
209
|
+
context 'when the manifest.uuid file' do
|
210
|
+
context 'does not exist' do
|
211
|
+
it 'includes the correct error' do
|
212
|
+
e = ::Errno::ENOENT.new(manifest_uuid_path)
|
213
|
+
allow(::File).to receive(:binread).with(manifest_uuid_path).and_raise(e)
|
214
|
+
|
215
|
+
expect(subject.manifest_errors).to include({ path: manifest_uuid_path, error: e })
|
216
|
+
end
|
217
|
+
end
|
218
|
+
end
|
219
|
+
|
220
|
+
context 'when manifest is readable and manifest.uuid is not readable' do
|
221
|
+
before :each do
|
222
|
+
allow(::File).to receive(:binread).with(manifest_uuid_path).and_raise(::Errno::EACCES.new(manifest_uuid_path))
|
223
|
+
end
|
224
|
+
|
225
|
+
it 'correctly evaluates a file hash mismatch' do
|
226
|
+
bundled_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
|
227
|
+
error = ::MetasploitPayloads::HashMismatchError.new(bundled_file_path)
|
228
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_return(bundled_file_path)
|
229
|
+
allow(::File).to receive(:binread).with(bundled_file_path).and_return('sample_mismatched_contents')
|
230
|
+
|
231
|
+
expect(subject.manifest_errors).to include({ path: bundled_file_path, error: error })
|
232
|
+
end
|
233
|
+
|
234
|
+
it 'correctly evaluates a missing file' do
|
235
|
+
error = ::MetasploitPayloads::NotFoundError.new(sample_file[:name])
|
236
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
|
237
|
+
|
238
|
+
expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
|
239
|
+
end
|
240
|
+
|
241
|
+
it 'correctly evaluates an unreadable file' do
|
242
|
+
error = ::MetasploitPayloads::NotReadableError.new(sample_file[:name])
|
243
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
|
244
|
+
|
245
|
+
expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
|
246
|
+
end
|
247
|
+
end
|
248
|
+
end
|
249
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'metasploit_payloads/metasploit_payloads_spec'
|
4
|
+
|
5
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
6
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
7
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause
|
8
|
+
# this file to always be loaded, without a need to explicitly require it in any
|
9
|
+
# files.
|
10
|
+
#
|
11
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
12
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
13
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
14
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
15
|
+
# a separate helper file that requires the additional dependencies and performs
|
16
|
+
# the additional setup, and require it from the spec files that actually need
|
17
|
+
# it.
|
18
|
+
#
|
19
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
20
|
+
# users commonly want.
|
21
|
+
#
|
22
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
23
|
+
RSpec.configure do |config|
|
24
|
+
# rspec-expectations config goes here. You can use an alternate
|
25
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
26
|
+
# assertions if you prefer.
|
27
|
+
config.expect_with :rspec do |expectations|
|
28
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
29
|
+
# and `failure_message` of custom matchers include text for helper methods
|
30
|
+
# defined using `chain`, e.g.:
|
31
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
32
|
+
# # => "be bigger than 2 and smaller than 4"
|
33
|
+
# ...rather than:
|
34
|
+
# # => "be bigger than 2"
|
35
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
36
|
+
end
|
37
|
+
|
38
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
39
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
40
|
+
config.mock_with :rspec do |mocks|
|
41
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
42
|
+
# a real object. This is generally recommended, and will default to
|
43
|
+
# `true` in RSpec 4.
|
44
|
+
mocks.verify_partial_doubles = true
|
45
|
+
end
|
46
|
+
|
47
|
+
# This option will default to `:apply_to_host_groups` in RSpec 4 (and will
|
48
|
+
# have no way to turn it off -- the option exists only for backwards
|
49
|
+
# compatibility in RSpec 3). It causes shared context metadata to be
|
50
|
+
# inherited by the metadata hash of host groups and examples, rather than
|
51
|
+
# triggering implicit auto-inclusion in groups with matching metadata.
|
52
|
+
config.shared_context_metadata_behavior = :apply_to_host_groups
|
53
|
+
|
54
|
+
# The settings below are suggested to provide a good initial experience
|
55
|
+
# with RSpec, but feel free to customize to your heart's content.
|
56
|
+
# This allows you to limit a spec run to individual examples or groups
|
57
|
+
# you care about by tagging them with `:focus` metadata. When nothing
|
58
|
+
# is tagged with `:focus`, all examples get run. RSpec also provides
|
59
|
+
# aliases for `it`, `describe`, and `context` that include `:focus`
|
60
|
+
# metadata: `fit`, `fdescribe` and `fcontext`, respectively.
|
61
|
+
config.filter_run_when_matching :focus
|
62
|
+
|
63
|
+
# Allows RSpec to persist some state between runs in order to support
|
64
|
+
# the `--only-failures` and `--next-failure` CLI options. We recommend
|
65
|
+
# you configure your source control system to ignore this file.
|
66
|
+
config.example_status_persistence_file_path = 'spec/examples.txt'
|
67
|
+
|
68
|
+
# Limits the available syntax to the non-monkey patched syntax that is
|
69
|
+
# recommended. For more details, see:
|
70
|
+
# https://rspec.info/features/3-12/rspec-core/configuration/zero-monkey-patching-mode/
|
71
|
+
config.disable_monkey_patching!
|
72
|
+
|
73
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
74
|
+
# be too noisy due to issues in dependencies.
|
75
|
+
config.warnings = true
|
76
|
+
|
77
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
78
|
+
# file, and it's useful to allow more verbose output when running an
|
79
|
+
# individual spec file.
|
80
|
+
if config.files_to_run.one?
|
81
|
+
# Use the documentation formatter for detailed output,
|
82
|
+
# unless a formatter has already been configured
|
83
|
+
# (e.g. via a command-line flag).
|
84
|
+
config.default_formatter = 'doc'
|
85
|
+
end
|
86
|
+
|
87
|
+
# Print the 10 slowest examples and example groups at the
|
88
|
+
# end of the spec run, to help surface which specs are running
|
89
|
+
# particularly slow.
|
90
|
+
config.profile_examples = 10
|
91
|
+
|
92
|
+
# Run specs in random order to surface order dependencies. If you find an
|
93
|
+
# order dependency and want to debug it, you can fix the order by providing
|
94
|
+
# the seed, which is printed after each run.
|
95
|
+
# --seed 1234
|
96
|
+
config.order = :random
|
97
|
+
|
98
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
99
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
100
|
+
# test failures related to randomization by passing the same `--seed` value
|
101
|
+
# as the one that triggered the failure.
|
102
|
+
Kernel.srand config.seed
|
103
|
+
end
|
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-payloads
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.154
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OJ Reeves
|
@@ -96,7 +96,7 @@ cert_chain:
|
|
96
96
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
97
97
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
98
98
|
-----END CERTIFICATE-----
|
99
|
-
date: 2023-09-
|
99
|
+
date: 2023-09-29 00:00:00.000000000 Z
|
100
100
|
dependencies:
|
101
101
|
- !ruby/object:Gem::Dependency
|
102
102
|
name: rake
|
@@ -137,6 +137,7 @@ extensions: []
|
|
137
137
|
extra_rdoc_files: []
|
138
138
|
files:
|
139
139
|
- ".gitignore"
|
140
|
+
- ".rspec"
|
140
141
|
- CONTRIBUTING.md
|
141
142
|
- Gemfile
|
142
143
|
- LICENSE
|
@@ -240,8 +241,13 @@ files:
|
|
240
241
|
- data/meterpreter/screenshot.x86.debug.dll
|
241
242
|
- data/meterpreter/screenshot.x86.dll
|
242
243
|
- lib/metasploit-payloads.rb
|
244
|
+
- lib/metasploit-payloads/error.rb
|
243
245
|
- lib/metasploit-payloads/version.rb
|
246
|
+
- manifest
|
247
|
+
- manifest.uuid
|
244
248
|
- metasploit-payloads.gemspec
|
249
|
+
- spec/metasploit_payloads/metasploit_payloads_spec.rb
|
250
|
+
- spec/spec_helper.rb
|
245
251
|
homepage: http://www.metasploit.com
|
246
252
|
licenses:
|
247
253
|
- 3-clause (or "modified") BSD
|
metadata.gz.sig
CHANGED
Binary file
|