metasploit-payloads 2.0.153 → 2.0.155
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.gitignore +1 -0
- data/.rspec +1 -0
- data/Gemfile +4 -0
- data/data/android/meterpreter.jar +0 -0
- data/data/android/metstage.jar +0 -0
- data/data/android/shell.jar +0 -0
- data/data/meterpreter/dump_sam.x64.debug.dll +0 -0
- data/data/meterpreter/dump_sam.x64.dll +0 -0
- data/data/meterpreter/dump_sam.x86.debug.dll +0 -0
- data/data/meterpreter/dump_sam.x86.dll +0 -0
- data/data/meterpreter/elevator.x64.debug.dll +0 -0
- data/data/meterpreter/elevator.x64.dll +0 -0
- data/data/meterpreter/elevator.x86.debug.dll +0 -0
- data/data/meterpreter/elevator.x86.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x64.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_bofloader.x86.dll +0 -0
- data/data/meterpreter/ext_server_espia.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_espia.x64.dll +0 -0
- data/data/meterpreter/ext_server_espia.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_espia.x86.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x64.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x86.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x64.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x86.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x64.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x86.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x64.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x86.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x64.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x86.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x64.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x86.dll +0 -0
- data/data/meterpreter/ext_server_priv.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_priv.x64.dll +0 -0
- data/data/meterpreter/ext_server_priv.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_priv.x86.dll +0 -0
- data/data/meterpreter/ext_server_python.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_python.x64.dll +0 -0
- data/data/meterpreter/ext_server_python.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_python.x86.dll +0 -0
- data/data/meterpreter/ext_server_sniffer.x64.dll +0 -0
- data/data/meterpreter/ext_server_sniffer.x86.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x64.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x86.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x64.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x86.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x64.debug.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x64.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x86.debug.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x86.dll +0 -0
- data/data/meterpreter/metsrv.x64.debug.dll +0 -0
- data/data/meterpreter/metsrv.x64.dll +0 -0
- data/data/meterpreter/metsrv.x86.debug.dll +0 -0
- data/data/meterpreter/metsrv.x86.dll +0 -0
- data/data/meterpreter/screenshot.x64.debug.dll +0 -0
- data/data/meterpreter/screenshot.x64.dll +0 -0
- data/data/meterpreter/screenshot.x86.debug.dll +0 -0
- data/data/meterpreter/screenshot.x86.dll +0 -0
- data/lib/metasploit-payloads/error.rb +36 -0
- data/lib/metasploit-payloads/version.rb +1 -1
- data/lib/metasploit-payloads.rb +93 -4
- data/manifest +73 -73
- data/manifest.uuid +1 -1
- data/spec/metasploit_payloads/metasploit_payloads_spec.rb +249 -0
- data/spec/spec_helper.rb +103 -0
- data.tar.gz.sig +0 -0
- metadata +6 -2
- metadata.gz.sig +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fc721f1a6bf01e7372d36c31cc15e479c7f755ef21400656799a155c601386b6
|
4
|
+
data.tar.gz: 88d9a363d5bca6cb7cc69a593e07b1817a3f35ff57b84b212e7d397258a0c99f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 20dabb3d6fc368ab9835f97de9852ea59f43280d4b8b6afc0226362a190bff595aa93da86205d195e14904d0892e08e647ae76344f9a0428d4a0938b2778c756
|
7
|
+
data.tar.gz: 67d57f4e3b5cf6efa8ac35de38e2275f45f5aedd5c848f1c3bf76e9e018585d5d6d8c6483e0a2f396ff83cf05b69bf3b70d85f806d38b9c8ed1758915f5c94ed
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data/.gitignore
CHANGED
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--require spec_helper
|
data/Gemfile
CHANGED
Binary file
|
data/data/android/metstage.jar
CHANGED
Binary file
|
data/data/android/shell.jar
CHANGED
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module MetasploitPayloads
|
4
|
+
class Error < StandardError
|
5
|
+
end
|
6
|
+
|
7
|
+
# Error raised when a Metasploit Payloads file doesn't exist.
|
8
|
+
class NotFoundError < Error
|
9
|
+
attr_reader :path
|
10
|
+
|
11
|
+
def initialize(path = '')
|
12
|
+
@path = path
|
13
|
+
super("Meterpreter path #{@path} not found. Ensure antivirus is not enabled, or reinstall Metasploit.")
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
# Error raised when the user does not have read permissions for a Metasploit Payloads file
|
18
|
+
class NotReadableError < Error
|
19
|
+
attr_reader :path
|
20
|
+
|
21
|
+
def initialize(path = '')
|
22
|
+
@path = path
|
23
|
+
super("Meterpreter path #{@path} is not readable. Check if you have read access and try again.")
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
# Error raised when a Metasploit Payloads file's hash does not match what is defined in the manifest file.
|
28
|
+
class HashMismatchError < Error
|
29
|
+
attr_reader :path
|
30
|
+
|
31
|
+
def initialize(path = '')
|
32
|
+
@path = path
|
33
|
+
super("Meterpreter path #{@path} does not match the hash defined in the Metasploit Payloads manifest file.")
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
data/lib/metasploit-payloads.rb
CHANGED
@@ -1,6 +1,8 @@
|
|
1
1
|
# -*- coding:binary -*-
|
2
2
|
|
3
|
+
require 'openssl' unless defined? OpenSSL::Digest
|
3
4
|
require 'metasploit-payloads/version' unless defined? MetasploitPayloads::VERSION
|
5
|
+
require 'metasploit-payloads/error' unless defined? MetasploitPayloads::Error
|
4
6
|
|
5
7
|
#
|
6
8
|
# This module dispenses Metasploit payload binary files
|
@@ -10,6 +12,56 @@ module MetasploitPayloads
|
|
10
12
|
METERPRETER_SUBFOLDER = 'meterpreter'
|
11
13
|
USER_DATA_SUBFOLDER = 'payloads'
|
12
14
|
|
15
|
+
#
|
16
|
+
# @return [Array<Hash<String, Symbol>>] An array of filenames with warnings. Provides a file name and error.
|
17
|
+
# Empty if all needed Meterpreter files exist and have the correct hash.
|
18
|
+
def self.manifest_errors
|
19
|
+
manifest_errors = []
|
20
|
+
|
21
|
+
begin
|
22
|
+
manifest_contents = ::File.binread(manifest_path)
|
23
|
+
rescue => e
|
24
|
+
return [{ path: manifest_path, error: e }]
|
25
|
+
end
|
26
|
+
|
27
|
+
begin
|
28
|
+
manifest_uuid_contents = ::File.binread(manifest_uuid_path)
|
29
|
+
rescue => e
|
30
|
+
manifest_errors.append({ path: manifest_uuid_path, error: e })
|
31
|
+
end
|
32
|
+
|
33
|
+
# Check if the hash of the manifest file is correct.
|
34
|
+
if manifest_uuid_contents
|
35
|
+
manifest_digest = ::OpenSSL::Digest.new('SHA3-256', manifest_contents)
|
36
|
+
uuid_matches = (manifest_uuid_contents.chomp == manifest_digest.to_s)
|
37
|
+
unless uuid_matches
|
38
|
+
e = ::MetasploitPayloads::HashMismatchError.new(manifest_path)
|
39
|
+
manifest_errors.append({ path: manifest_path, error: e })
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
manifest_contents.each_line do |line|
|
44
|
+
filename, hash_type, hash = line.chomp.split(':')
|
45
|
+
begin
|
46
|
+
# self.path prepends the gem data directory, which is already present in the manifest file.
|
47
|
+
out_path = self.path(filename.sub('./data/', ''))
|
48
|
+
# self.path can return a path to the gem data, or user's local data.
|
49
|
+
bundled_file = out_path.start_with?(data_directory)
|
50
|
+
if bundled_file
|
51
|
+
file_hash_match = (::OpenSSL::Digest.new(hash_type, ::File.binread(out_path)).to_s == hash)
|
52
|
+
unless file_hash_match
|
53
|
+
e = ::MetasploitPayloads::HashMismatchError.new(out_path)
|
54
|
+
manifest_errors.append({ path: e.path, error: e })
|
55
|
+
end
|
56
|
+
end
|
57
|
+
rescue ::MetasploitPayloads::NotFoundError, ::MetasploitPayloads::NotReadableError => e
|
58
|
+
manifest_errors.append({ path: e.path, error: e })
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
manifest_errors
|
63
|
+
end
|
64
|
+
|
13
65
|
#
|
14
66
|
# Get the path to an extension based on its name (no prefix).
|
15
67
|
#
|
@@ -17,6 +69,14 @@ module MetasploitPayloads
|
|
17
69
|
path(METERPRETER_SUBFOLDER, "#{EXTENSION_PREFIX}#{ext_name}.#{binary_suffix}")
|
18
70
|
end
|
19
71
|
|
72
|
+
#
|
73
|
+
# Get the path for the first readable path in the provided arguments.
|
74
|
+
# Start with the provided `extra_paths` then fall back to the `gem_path`.
|
75
|
+
#
|
76
|
+
# @param [String] gem_path a path to the gem
|
77
|
+
# @param [Array<String>] extra_paths a path to any extra paths that should be evaluated for local files before `gem_path`
|
78
|
+
# @raise [NotReadableError] if the user doesn't have read permissions for the currently-evaluated path
|
79
|
+
# @return [String,nil] A readable path or nil
|
20
80
|
def self.readable_path(gem_path, *extra_paths)
|
21
81
|
# Try the MSF path first to see if the file exists, allowing the MSF data
|
22
82
|
# folder to override what is in the gem. This is very helpful for
|
@@ -24,12 +84,18 @@ module MetasploitPayloads
|
|
24
84
|
# each time. We only do this is MSF is installed.
|
25
85
|
extra_paths.each do |extra_path|
|
26
86
|
if ::File.readable? extra_path
|
27
|
-
warn_local_path(extra_path)
|
87
|
+
warn_local_path(extra_path)
|
28
88
|
return extra_path
|
89
|
+
else
|
90
|
+
# Raise rather than falling back;
|
91
|
+
# If there is a local file present, let's assume that the user wants to use it (e.g. local dev. changes)
|
92
|
+
# rather than having MSF Console falling back to the files in the gem
|
93
|
+
raise ::MetasploitPayloads::NotReadableError, extra_path, caller if ::File.exist?(extra_path)
|
29
94
|
end
|
30
95
|
end
|
31
96
|
|
32
97
|
return gem_path if ::File.readable? gem_path
|
98
|
+
raise ::MetasploitPayloads::NotReadableError, gem_path, caller if ::File.exist?(gem_path)
|
33
99
|
|
34
100
|
nil
|
35
101
|
end
|
@@ -37,21 +103,36 @@ module MetasploitPayloads
|
|
37
103
|
#
|
38
104
|
# Get the path to a meterpreter binary by full name.
|
39
105
|
#
|
106
|
+
# @param [String] name The name of the requested binary without any file extensions
|
107
|
+
# @param [String] binary_suffix The binary extension, without the leading '.' char (e.g. `php`, `jar`)
|
108
|
+
# @param [Boolean] debug Request a debug version of the binary. This adds a
|
109
|
+
# leading '.debug' to the extension if looking for a DLL file.
|
40
110
|
def self.meterpreter_path(name, binary_suffix, debug: false)
|
41
111
|
binary_suffix = binary_suffix&.gsub(/dll$/, 'debug.dll') if debug
|
42
112
|
path(METERPRETER_SUBFOLDER, "#{name}.#{binary_suffix}".downcase)
|
43
113
|
end
|
44
114
|
|
45
115
|
#
|
46
|
-
# Get the full path to any file packaged in this gem by local path and name.
|
116
|
+
# Get the full path to any file packaged in this gem or other Metasploit Framework directories by local path and name.
|
47
117
|
#
|
118
|
+
# @param [Array<String>] path_parts requested path parts that will be joined
|
119
|
+
# @raise [NotFoundError] if the requested path/file does not exist
|
120
|
+
# @raise [NotReadableError] if the requested file exists but the user doesn't have read permissions
|
121
|
+
# @return [String,nil] A path or nil
|
48
122
|
def self.path(*path_parts)
|
49
123
|
gem_path = expand(data_directory, ::File.join(path_parts))
|
50
124
|
if metasploit_installed?
|
51
125
|
user_path = expand(Msf::Config.config_directory, ::File.join(USER_DATA_SUBFOLDER, path_parts))
|
52
126
|
msf_path = expand(Msf::Config.data_directory, ::File.join(path_parts))
|
127
|
+
out_path = readable_path(gem_path, user_path, msf_path)
|
128
|
+
else
|
129
|
+
out_path = readable_path(gem_path)
|
53
130
|
end
|
54
|
-
|
131
|
+
|
132
|
+
return out_path unless out_path.nil?
|
133
|
+
raise ::MetasploitPayloads::NotFoundError, ::File.join(gem_path), caller unless ::File.exist?(gem_path)
|
134
|
+
|
135
|
+
nil
|
55
136
|
end
|
56
137
|
|
57
138
|
#
|
@@ -61,7 +142,7 @@ module MetasploitPayloads
|
|
61
142
|
file_path = path(path_parts)
|
62
143
|
if file_path.nil?
|
63
144
|
full_path = ::File.join(path_parts)
|
64
|
-
|
145
|
+
raise ::MetasploitPayloads::NotFoundError, full_path, caller
|
65
146
|
end
|
66
147
|
|
67
148
|
::File.binread(file_path)
|
@@ -203,5 +284,13 @@ module MetasploitPayloads
|
|
203
284
|
|
204
285
|
things
|
205
286
|
end
|
287
|
+
|
288
|
+
def manifest_path
|
289
|
+
::File.realpath(::File.join(::File.dirname(__FILE__), '..', 'manifest'))
|
290
|
+
end
|
291
|
+
|
292
|
+
def manifest_uuid_path
|
293
|
+
::File.realpath(::File.join(::File.dirname(__FILE__), '..', 'manifest.uuid'))
|
294
|
+
end
|
206
295
|
end
|
207
296
|
end
|
data/manifest
CHANGED
@@ -2,9 +2,9 @@
|
|
2
2
|
./data/android/apk/classes.dex:SHA3-256:0ca34b9e74428678ca808e3601eb30ec78256d76a38c8eecf26e5f419837b769
|
3
3
|
./data/android/apk/resources.arsc:SHA3-256:9a6f5eb5cb24fb1f83808a67c692e66c1a698d6222db2000b8b07e595689311f
|
4
4
|
./data/android/meterpreter.dex:SHA3-256:6105628e55ccab5412f899bc8bb563796b53f5941d48283ff892abc09fbd1c6a
|
5
|
-
./data/android/meterpreter.jar:SHA3-256:
|
6
|
-
./data/android/metstage.jar:SHA3-256:
|
7
|
-
./data/android/shell.jar:SHA3-256:
|
5
|
+
./data/android/meterpreter.jar:SHA3-256:829fbc95dbca9de3f2134d78a14c5dd561a6cd36d6a81c7a9a4caf201d4d5d9b
|
6
|
+
./data/android/metstage.jar:SHA3-256:7e4e3c2edba760a900493df3aad0b0c9b99d2775e11a8c2a4c61af133b312830
|
7
|
+
./data/android/shell.jar:SHA3-256:8ccc1c525695fe523070315fcd4e064456f34e903b1c000f1695d98d006f790d
|
8
8
|
./data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class:SHA3-256:a5a729165ff85444ee954f19590782def0a66b1941e89f3cb5baed1df72818c8
|
9
9
|
./data/java/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.class:SHA3-256:386dd1d33383a0d1ac221bf4b914d8b648f5f47aefb3cad0e8d16988854e1762
|
10
10
|
./data/java/javapayload/stage/Meterpreter.class:SHA3-256:9124d682defeba42a88c766bee21c4d4a0c7c37f63f1928a2614c4d1bea2fecf
|
@@ -19,79 +19,79 @@
|
|
19
19
|
./data/java/metasploit/PayloadTrustManager.class:SHA3-256:e2d25c8b3e43f584e198e46c2576b367f96275800a96a42fd2dc2c81059a3c41
|
20
20
|
./data/java/metasploit/RMILoader.class:SHA3-256:4add539548d76e0142ff5e6ccdba6ee4b21191354be1a40499cb2a745b480bee
|
21
21
|
./data/java/metasploit/RMIPayload.class:SHA3-256:0d3e96836a8c3591f4bc827b33c4edb0b4f505a9f17cb0bdb27a367fb71d53c3
|
22
|
-
./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:
|
23
|
-
./data/meterpreter/dump_sam.x64.dll:SHA3-256:
|
24
|
-
./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:
|
25
|
-
./data/meterpreter/dump_sam.x86.dll:SHA3-256:
|
26
|
-
./data/meterpreter/elevator.x64.debug.dll:SHA3-256:
|
27
|
-
./data/meterpreter/elevator.x64.dll:SHA3-256:
|
28
|
-
./data/meterpreter/elevator.x86.debug.dll:SHA3-256:
|
29
|
-
./data/meterpreter/elevator.x86.dll:SHA3-256:
|
30
|
-
./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:
|
31
|
-
./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:
|
32
|
-
./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:
|
33
|
-
./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:
|
34
|
-
./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:
|
35
|
-
./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:
|
36
|
-
./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:
|
37
|
-
./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:
|
38
|
-
./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:
|
39
|
-
./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:
|
40
|
-
./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:
|
41
|
-
./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:
|
42
|
-
./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:
|
43
|
-
./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:
|
44
|
-
./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:
|
45
|
-
./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:
|
46
|
-
./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:
|
47
|
-
./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:
|
48
|
-
./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:
|
49
|
-
./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:
|
50
|
-
./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:
|
51
|
-
./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:
|
52
|
-
./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:
|
53
|
-
./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:
|
54
|
-
./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:
|
55
|
-
./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:
|
56
|
-
./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:
|
57
|
-
./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:
|
58
|
-
./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:
|
59
|
-
./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:
|
60
|
-
./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:
|
61
|
-
./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:
|
62
|
-
./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:
|
63
|
-
./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:
|
64
|
-
./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:
|
65
|
-
./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:
|
66
|
-
./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:
|
67
|
-
./data/meterpreter/ext_server_python.x64.dll:SHA3-256:
|
68
|
-
./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:
|
69
|
-
./data/meterpreter/ext_server_python.x86.dll:SHA3-256:
|
70
|
-
./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:
|
71
|
-
./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:
|
22
|
+
./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:aafbaed643ee16c3bc36bbf497a359e10a73557784e2433b15847ca92df2bd16
|
23
|
+
./data/meterpreter/dump_sam.x64.dll:SHA3-256:a509a5676ef9163838cb26d0255035a13fdfd1473ac27f333bd0bfa4ecc4490e
|
24
|
+
./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:31b15fa8578ba2f255e9292011a13511771c3a0ab5bc531673086410b6fde919
|
25
|
+
./data/meterpreter/dump_sam.x86.dll:SHA3-256:b4e194f0f3d9e9c661b57afbb1b9ec402c63b150f3f0942f407e94731f803ad6
|
26
|
+
./data/meterpreter/elevator.x64.debug.dll:SHA3-256:2ef6be33eb7b8a0107fda076f537d692b3b89c4017b862359dc4b7932533a195
|
27
|
+
./data/meterpreter/elevator.x64.dll:SHA3-256:735e9bd595b2620abb3838b8adeb096fec921b86d69a5b919177f4e69fb050a8
|
28
|
+
./data/meterpreter/elevator.x86.debug.dll:SHA3-256:c89fb442a039b5ba89180727f1db2343e1c8340795a2344c6626999218e92c76
|
29
|
+
./data/meterpreter/elevator.x86.dll:SHA3-256:42c89e36be1df87483c71fd634a516323db62ecfc4bba82262800138b135e240
|
30
|
+
./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:44cde2a2a50267421f6cdc5d5917b138c66e4a94723098a0da764e64fb05287e
|
31
|
+
./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:32b1ea0fffe7473f30d3aed1716c781277ce58509301de64e598b231d83f06c1
|
32
|
+
./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:56589dcf34424e0e8526d57e6304018015efdf46d0ac4f5ed820ae7545af647a
|
33
|
+
./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:2fc0d175724de8fee54ee153fdfc967a0e108bcd664148369f4cc8562977cf36
|
34
|
+
./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:2a85879a58d21b2c95dd887997143784217ef7912f0ea9f8e0dc0ba7574bf37b
|
35
|
+
./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:557d5489ebfd2252f172bc9b5b770da735381d5bbe767594a88a968ea94084d0
|
36
|
+
./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:b957dd509a4dc394536284ec8e26a8f2ea56bd584bbfce4ecff1250a563e7fc0
|
37
|
+
./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:3352cbdc2f588e2b62ce2807c959073faacb37503d945e677b538623eb4fe696
|
38
|
+
./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:7fd6256db6ac041f1708b8e5dd5062183ea1646e5815459e3aaf74c01791a4e3
|
39
|
+
./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:89a0f8f1c4769a777b3ad19f3900100b3a3c551157e4a34391328c98e12fc71f
|
40
|
+
./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:6a671c42f1523df37b12d4be9faf707b0274046c6c19f672587d48a5138f0969
|
41
|
+
./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:ae81321485ccf8bede8b55000fb5feac148c3742a4cd8b39d90b5bfba8e61740
|
42
|
+
./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:9d0f96d606c66e8dcacd1a9ae5a331248988ee32a449b40f201a5dac9524bcaf
|
43
|
+
./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:1dc4e15567a30c9fdf8f89aaf50b3d1f6afe3fe0c4a97d1628308beee9a256e4
|
44
|
+
./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:66b34e1411178af13bee37cdc9a45fb15650da7b4b8c80afd8be4c148e4a95aa
|
45
|
+
./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:aa39689283bebf9148bc0dd0b1ced4cb7794410ef0704b22446160f7dc874243
|
46
|
+
./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:78670aa4f3e38379a60e851968df669790f29d9176cf50d5d111b9aad12dea48
|
47
|
+
./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:9175dcde6607051a536b284efa2ad6525942c8c2a21eed1e5296d7c005410f30
|
48
|
+
./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:2fcfd48cfd97f7aa9cadd1db57d88d24bf067ab14e470d193bc1fe374c12e650
|
49
|
+
./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:fca844c1d59d001281707d9b32e35f27a290a209d115e43825d011b72c5a38a8
|
50
|
+
./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:578fb575efd6f876a1159aac4b4c61f8bbf689e2edecc8171fbf7780ef81df9c
|
51
|
+
./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:e1871de28886a80d6f752b7e09d656f29e7f3d3e170e0427c07b445abec2fe22
|
52
|
+
./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:04828ba5afa2ce6b5f960461dfeb399a4387f536f0500fed78869236551e220a
|
53
|
+
./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:bf6b24141739ba1be0c7b58ea85677b251c5476421d99d46eb48354b2764eefe
|
54
|
+
./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:93a4fdb3f3639114bc24af7ee14db39da378c8a8f533ccb9c201b42788180dea
|
55
|
+
./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:a28bb7c0a002664595fe7e41d6a3a3dfa0894f9f3a83bfa1645de09a784304b4
|
56
|
+
./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:09a0597c7d97eec1c9c3c7630e1902538c86f26436433b61ec587d05af03086c
|
57
|
+
./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:5302629aea4a706ed0e7a3a958af85309a13b5a7df04008900f796ced9c1e3c2
|
58
|
+
./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:295a88551e1dcf09c84ddacecb00f25d956b9f2ec0e1cbc6bf176b08cec10ce0
|
59
|
+
./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:ceb25f5f646f9bcce741f92995f8531beb2e3b99ddc0d7cb7ba13e6b35920d55
|
60
|
+
./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:735581fc120fb50642c38f1bb36e90e22c7960b188470f7932c2712ae0e4d6e8
|
61
|
+
./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:77385208516e45c95656aa5471484abd76864f28cb15b59ec44d65b38691c8ba
|
62
|
+
./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:2965066edf8966028e46a9dfe37aacda41f2c3ff61bb4d2fad86777bf2fa31cb
|
63
|
+
./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:91331ecac08bd1da27b860fe35140354671d648fc7ba154373e4e4094c819c02
|
64
|
+
./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:9b9cdbcc68fca1162b7e8626da3483bdc15c5aed327264f76cf927d53251dc68
|
65
|
+
./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:f93f7df934050ab344b87bd6068dc2e60b0350d24aa20747cd4df44b1cb91178
|
66
|
+
./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:8bd51117004658db498653ae21e203bd0dd0c0e1e425403cfa320d53dbdb2f98
|
67
|
+
./data/meterpreter/ext_server_python.x64.dll:SHA3-256:e2cb0ee0d50731a201208ac64d2d7f441e16cbe933d7c47645b3c329afca4f64
|
68
|
+
./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:8e630fed6ed557b7df53a0bae2884fc5e5fae0c3d19350a7adae16b4f6fe5803
|
69
|
+
./data/meterpreter/ext_server_python.x86.dll:SHA3-256:501f3930926ba27d40cebec46e496cc25506df0dddcda8842c306914da87a929
|
70
|
+
./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:f475986dc32a2e3ac5da059c40105044bc932c33647b82e69f10be71f65aa381
|
71
|
+
./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:dfe7cbb2616bc0efc8b9875f7df2c8eeced0705f8d4fa0077f25f9332a2078f1
|
72
72
|
./data/meterpreter/ext_server_stdapi.jar:SHA3-256:c064899075585b124102f7015ba6d0ab8aa5e773377ebed7e69cd467d3b6aa26
|
73
73
|
./data/meterpreter/ext_server_stdapi.php:SHA3-256:92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5
|
74
74
|
./data/meterpreter/ext_server_stdapi.py:SHA3-256:3ed09316bdc2038873e5a3dc42bd8d725fdb66cf93a0f87300876d1e64ce6b3c
|
75
|
-
./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:
|
76
|
-
./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:
|
77
|
-
./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:
|
78
|
-
./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:
|
79
|
-
./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:
|
80
|
-
./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:
|
81
|
-
./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:
|
82
|
-
./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:
|
83
|
-
./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:
|
84
|
-
./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:
|
85
|
-
./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:
|
86
|
-
./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:
|
75
|
+
./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:e8cda1ec47d893cd0cb9295381c94094183019a8ea7f5e7142c3655b974c04ed
|
76
|
+
./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:bc9e8b3ded30b4cafdae71e8ecbb76b8637664eef0e62c31b8f04350f5e52ae9
|
77
|
+
./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:3ce4cbf0223e437b4fcf253fc5cac6a2ad3bfcd8839678552eb30cf2b068aede
|
78
|
+
./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:0cacccc893c12eeec7918b7dd0d76bd75f6d46cbe4f82dc731629f8d1fce3da3
|
79
|
+
./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:aa1eb7a23ada3f05c2331b95e0ee172e1e02af11c4e58428fdb3a0604450ef35
|
80
|
+
./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:3d5d5a1b3ade3d0a6c99dd7fbe8824977d1963bdedd3c65a8eabf472ef962cec
|
81
|
+
./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:dbdbe13cd6cc128896a53cff9489ca55865a98ca1f71c7aae7241776c4197af5
|
82
|
+
./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:976a8370389523bcf46e0b2874a84c9d70a80664dab81ce6b95975142827dff3
|
83
|
+
./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:ae14383e0a0f67551a598e4e7922e0630d61ae7e933145373a5c0d73a6851ac6
|
84
|
+
./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:78667d8228e7228fb3cb5f76315810c3c080889b8a0601101aa7fd501c150651
|
85
|
+
./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:8fb5cad7bc8fb641f73d0e03fde44567e17537ed23d10dbec93d4bd08dc62c68
|
86
|
+
./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:43a1a3fac591a3abc385124a55bd08f424f9b7291c95cb038fde8adc7c160894
|
87
87
|
./data/meterpreter/meterpreter.jar:SHA3-256:fc4bd122c9df063808270708e91a0da546de2c7a139bbfa000af65f6b0727dff
|
88
88
|
./data/meterpreter/meterpreter.php:SHA3-256:9389b1548410438d93ce12a2e276b7b2e77046845e6fca43b419b516de3871f9
|
89
89
|
./data/meterpreter/meterpreter.py:SHA3-256:a4ed4d3bb4c28c208a3f00453ccd1c50bb958cc8c20905599e7ba40a3259dba5
|
90
|
-
./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:
|
91
|
-
./data/meterpreter/metsrv.x64.dll:SHA3-256:
|
92
|
-
./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:
|
93
|
-
./data/meterpreter/metsrv.x86.dll:SHA3-256:
|
94
|
-
./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:
|
95
|
-
./data/meterpreter/screenshot.x64.dll:SHA3-256:
|
96
|
-
./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:
|
97
|
-
./data/meterpreter/screenshot.x86.dll:SHA3-256:
|
90
|
+
./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:9e9311deb590bafb3068bdd7e37919729f99effbdca7105e1b03a628b8ba598d
|
91
|
+
./data/meterpreter/metsrv.x64.dll:SHA3-256:a2c21398ab0cca7f7c72c05ce7d821e676432fc8dd38a4db4348503e1fbf8411
|
92
|
+
./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:1db9a6f471f2e6e4e6c0d43890f05bf68f42f233fd6e6e57a4963e28ced851a2
|
93
|
+
./data/meterpreter/metsrv.x86.dll:SHA3-256:cc1a35f9edbe069555e6a976953e276164f86cc457821ba73b46dd30bf231479
|
94
|
+
./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:0584d852945852efa55174bb394d5ff302fb7137b1143b62f9613cb88a0e959a
|
95
|
+
./data/meterpreter/screenshot.x64.dll:SHA3-256:ad695383fdc6dd71a108320d34db8a496779f76b5385bebc8ac19385400a0e37
|
96
|
+
./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:8f7b6ae9cbb67e3c3df170661858a947a16693ff7b14230d7fba877602d2e571
|
97
|
+
./data/meterpreter/screenshot.x86.dll:SHA3-256:8eef7d4f2d59819c2d6c7f8cf5833b9f3aed2368ff57bbfbdb1674fdc7e0ffcc
|
data/manifest.uuid
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
d1aedac8093abf2e19af09313b1d59299b9cc344474e1c59940def4e4c367764
|
@@ -0,0 +1,249 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'metasploit-payloads'
|
4
|
+
|
5
|
+
RSpec.describe ::MetasploitPayloads do
|
6
|
+
describe '::VERSION' do
|
7
|
+
it 'has a version number' do
|
8
|
+
expect(::MetasploitPayloads::VERSION).not_to be nil
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
describe '::Error' do
|
13
|
+
it 'has an Error class' do
|
14
|
+
expect(::MetasploitPayloads::Error.superclass).to be(::StandardError)
|
15
|
+
end
|
16
|
+
|
17
|
+
it 'has a NotFoundError class' do
|
18
|
+
expect(::MetasploitPayloads::NotFoundError.superclass).to be(::MetasploitPayloads::Error)
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'has a NotReadableError class' do
|
22
|
+
expect(::MetasploitPayloads::NotReadableError.superclass).to be(::MetasploitPayloads::Error)
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'has a HashMismatchError class' do
|
26
|
+
expect(::MetasploitPayloads::HashMismatchError.superclass).to be(::MetasploitPayloads::Error)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
describe '#readable_path' do
|
31
|
+
let(:sample_file) { { name: 'meterpreter/meterpreter.py' } }
|
32
|
+
|
33
|
+
before :each do
|
34
|
+
allow(::File).to receive(:exist?).and_call_original
|
35
|
+
allow(::File).to receive(:readable?).and_call_original
|
36
|
+
end
|
37
|
+
|
38
|
+
context 'when the path is not readable' do
|
39
|
+
it 'raises a ::MetasploitPayloads::NotReadableError' do
|
40
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
41
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(false)
|
42
|
+
|
43
|
+
expect { subject.readable_path(sample_file[:name]) }.to raise_error(::MetasploitPayloads::NotReadableError)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
context 'when the path does not exist' do
|
48
|
+
it 'returns nil' do
|
49
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(false)
|
50
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(false)
|
51
|
+
|
52
|
+
expect(subject.readable_path(sample_file[:name])).to eq(nil)
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
context 'when the path exists and is readable' do
|
57
|
+
it 'returns the correct path' do
|
58
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
59
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(true)
|
60
|
+
|
61
|
+
expect(subject.readable_path(sample_file[:name])).to eq(sample_file[:name])
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
describe '#path' do
|
67
|
+
let(:sample_file) { { name: 'meterpreter/meterpreter.py' } }
|
68
|
+
|
69
|
+
before :each do
|
70
|
+
allow(::File).to receive(:exist?).and_call_original
|
71
|
+
allow(::File).to receive(:readable?).and_call_original
|
72
|
+
allow(::MetasploitPayloads).to receive(:expand).and_call_original
|
73
|
+
|
74
|
+
allow(::MetasploitPayloads).to receive(:expand)
|
75
|
+
.with(::MetasploitPayloads.data_directory, sample_file[:name])
|
76
|
+
.and_return(sample_file[:name])
|
77
|
+
end
|
78
|
+
|
79
|
+
[
|
80
|
+
{ context: 'is not readable', exist: true, readable: false, expected: ::MetasploitPayloads::NotReadableError },
|
81
|
+
{ context: 'does not exist', exist: false, readable: false, expected: ::MetasploitPayloads::NotFoundError }
|
82
|
+
].each do |test|
|
83
|
+
context "when the path #{test[:context]}" do
|
84
|
+
it "raises #{test[:expected]}" do
|
85
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(test[:exist])
|
86
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(test[:readable])
|
87
|
+
|
88
|
+
expect { subject.path(sample_file[:name]) }.to raise_error(test[:expected])
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
context 'when the path exists and is readable' do
|
94
|
+
it 'returns the correct path' do
|
95
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
96
|
+
allow(::File).to receive(:readable?).with(sample_file[:name]).and_return(true)
|
97
|
+
|
98
|
+
expect(subject.path(sample_file[:name])).to eq(sample_file[:name])
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
describe '#manifest_errors' do
|
104
|
+
let(:hash_type) { 'SHA3-256' }
|
105
|
+
let(:hash) { { type: hash_type, value: '92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5' } }
|
106
|
+
let(:sample_file) { { name: 'meterpreter/ext_server_stdapi.php', contents: 'sample_data', hash: hash } }
|
107
|
+
let(:manifest_values) { ["./data/#{sample_file[:name]}", sample_file[:hash][:type], sample_file[:hash][:value]] }
|
108
|
+
let(:manifest) { manifest_values.join(':') }
|
109
|
+
let(:manifest_uuid) { ::OpenSSL::Digest.new(hash_type, manifest).to_s }
|
110
|
+
let(:manifest_path) { 'manifest' }
|
111
|
+
let(:manifest_uuid_path) { 'manifest.uuid' }
|
112
|
+
|
113
|
+
before :each do
|
114
|
+
allow(::MetasploitPayloads).to receive(:manifest_path).and_call_original
|
115
|
+
allow(::MetasploitPayloads).to receive(:manifest_path).and_return(manifest_path)
|
116
|
+
|
117
|
+
allow(::MetasploitPayloads).to receive(:manifest_uuid_path).and_call_original
|
118
|
+
allow(::MetasploitPayloads).to receive(:manifest_uuid_path).and_return(manifest_uuid_path)
|
119
|
+
|
120
|
+
allow(::File).to receive(:binread).and_call_original
|
121
|
+
allow(::File).to receive(:binread).with(sample_file[:name]).and_return(sample_file[:contents])
|
122
|
+
allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_path)).and_return(manifest)
|
123
|
+
allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_uuid_path)).and_return(manifest_uuid)
|
124
|
+
|
125
|
+
allow(::OpenSSL::Digest).to receive(:new).and_call_original
|
126
|
+
allow(::OpenSSL::Digest).to receive(:new).with(hash_type,
|
127
|
+
sample_file[:contents]).and_return(sample_file[:hash][:value])
|
128
|
+
end
|
129
|
+
|
130
|
+
context 'when manifest hash does not match' do
|
131
|
+
it 'result includes the manifest file' do
|
132
|
+
allow(::File).to receive(:binread).with(::MetasploitPayloads.send(:manifest_uuid_path))
|
133
|
+
.and_return('mismatched_manifest_hash')
|
134
|
+
path = ::MetasploitPayloads.send(:manifest_path)
|
135
|
+
e = ::MetasploitPayloads::HashMismatchError.new(path)
|
136
|
+
|
137
|
+
expect(subject.manifest_errors).to include({ path: path, error: e })
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
context 'when manifest hash does match' do
|
142
|
+
it 'result does not include manifest' do
|
143
|
+
path = ::MetasploitPayloads.send(:manifest_uuid_path)
|
144
|
+
e = ::MetasploitPayloads::HashMismatchError.new(path)
|
145
|
+
|
146
|
+
expect(subject.manifest_errors).not_to include({ path: path, error: e })
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
150
|
+
context 'when there are no file warnings' do
|
151
|
+
it 'returns an empty array' do
|
152
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_return(sample_file[:name])
|
153
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
154
|
+
full_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
|
155
|
+
allow(::File).to receive(:readable?).with(full_file_path).and_return(true)
|
156
|
+
allow(::File).to receive(:binread).with(full_file_path).and_return(sample_file[:contents])
|
157
|
+
|
158
|
+
expect(subject.manifest_errors).to eq([])
|
159
|
+
end
|
160
|
+
end
|
161
|
+
|
162
|
+
[
|
163
|
+
{ context: 'does not exist', error_class: ::MetasploitPayloads::NotFoundError },
|
164
|
+
{ context: 'is not readable', error_class: ::MetasploitPayloads::NotReadableError }
|
165
|
+
].each do |test|
|
166
|
+
context "when a file #{test[:context]}" do
|
167
|
+
it 'includes the correct error' do
|
168
|
+
error = test[:error_class].new(sample_file[:name])
|
169
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
|
170
|
+
|
171
|
+
expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
|
172
|
+
end
|
173
|
+
end
|
174
|
+
end
|
175
|
+
|
176
|
+
context 'when a bundled file hash does not match' do
|
177
|
+
it 'includes the correct error' do
|
178
|
+
allow(::File).to receive(:exist?).with(sample_file[:name]).and_return(true)
|
179
|
+
full_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
|
180
|
+
allow(::File).to receive(:readable?).with(full_file_path).and_return(true)
|
181
|
+
allow(::File).to receive(:binread).with(full_file_path).and_return('mismatched_file_contents')
|
182
|
+
e = ::MetasploitPayloads::HashMismatchError.new(full_file_path)
|
183
|
+
|
184
|
+
expect(subject.manifest_errors).to include({ path: full_file_path, error: e })
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
context 'when the manifest file' do
|
189
|
+
context 'does not exist' do
|
190
|
+
it 'only includes the manifest error' do
|
191
|
+
# path = ::MetasploitPayloads.send(:manifest_path)
|
192
|
+
e = ::Errno::ENOENT.new(manifest_path)
|
193
|
+
allow(::File).to receive(:binread).with(manifest_path).and_raise(e)
|
194
|
+
|
195
|
+
expect(subject.manifest_errors).to eq([{ path: manifest_path, error: e }])
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
199
|
+
context 'cannot be read' do
|
200
|
+
it 'only includes the manifest error' do
|
201
|
+
e = ::Errno::EACCES.new(manifest_path)
|
202
|
+
allow(::File).to receive(:binread).with(manifest_path).and_raise(e)
|
203
|
+
|
204
|
+
expect(subject.manifest_errors).to eq([{ path: manifest_path, error: e }])
|
205
|
+
end
|
206
|
+
end
|
207
|
+
end
|
208
|
+
|
209
|
+
context 'when the manifest.uuid file' do
|
210
|
+
context 'does not exist' do
|
211
|
+
it 'includes the correct error' do
|
212
|
+
e = ::Errno::ENOENT.new(manifest_uuid_path)
|
213
|
+
allow(::File).to receive(:binread).with(manifest_uuid_path).and_raise(e)
|
214
|
+
|
215
|
+
expect(subject.manifest_errors).to include({ path: manifest_uuid_path, error: e })
|
216
|
+
end
|
217
|
+
end
|
218
|
+
end
|
219
|
+
|
220
|
+
context 'when manifest is readable and manifest.uuid is not readable' do
|
221
|
+
before :each do
|
222
|
+
allow(::File).to receive(:binread).with(manifest_uuid_path).and_raise(::Errno::EACCES.new(manifest_uuid_path))
|
223
|
+
end
|
224
|
+
|
225
|
+
it 'correctly evaluates a file hash mismatch' do
|
226
|
+
bundled_file_path = ::MetasploitPayloads.expand(::MetasploitPayloads.data_directory, sample_file[:name])
|
227
|
+
error = ::MetasploitPayloads::HashMismatchError.new(bundled_file_path)
|
228
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_return(bundled_file_path)
|
229
|
+
allow(::File).to receive(:binread).with(bundled_file_path).and_return('sample_mismatched_contents')
|
230
|
+
|
231
|
+
expect(subject.manifest_errors).to include({ path: bundled_file_path, error: error })
|
232
|
+
end
|
233
|
+
|
234
|
+
it 'correctly evaluates a missing file' do
|
235
|
+
error = ::MetasploitPayloads::NotFoundError.new(sample_file[:name])
|
236
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
|
237
|
+
|
238
|
+
expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
|
239
|
+
end
|
240
|
+
|
241
|
+
it 'correctly evaluates an unreadable file' do
|
242
|
+
error = ::MetasploitPayloads::NotReadableError.new(sample_file[:name])
|
243
|
+
allow(::MetasploitPayloads).to receive(:path).with(sample_file[:name]).and_raise(error)
|
244
|
+
|
245
|
+
expect(subject.manifest_errors).to include({ path: sample_file[:name], error: error })
|
246
|
+
end
|
247
|
+
end
|
248
|
+
end
|
249
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'metasploit_payloads/metasploit_payloads_spec'
|
4
|
+
|
5
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
6
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
7
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause
|
8
|
+
# this file to always be loaded, without a need to explicitly require it in any
|
9
|
+
# files.
|
10
|
+
#
|
11
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
12
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
13
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
14
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
15
|
+
# a separate helper file that requires the additional dependencies and performs
|
16
|
+
# the additional setup, and require it from the spec files that actually need
|
17
|
+
# it.
|
18
|
+
#
|
19
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
20
|
+
# users commonly want.
|
21
|
+
#
|
22
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
23
|
+
RSpec.configure do |config|
|
24
|
+
# rspec-expectations config goes here. You can use an alternate
|
25
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
26
|
+
# assertions if you prefer.
|
27
|
+
config.expect_with :rspec do |expectations|
|
28
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
29
|
+
# and `failure_message` of custom matchers include text for helper methods
|
30
|
+
# defined using `chain`, e.g.:
|
31
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
32
|
+
# # => "be bigger than 2 and smaller than 4"
|
33
|
+
# ...rather than:
|
34
|
+
# # => "be bigger than 2"
|
35
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
36
|
+
end
|
37
|
+
|
38
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
39
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
40
|
+
config.mock_with :rspec do |mocks|
|
41
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
42
|
+
# a real object. This is generally recommended, and will default to
|
43
|
+
# `true` in RSpec 4.
|
44
|
+
mocks.verify_partial_doubles = true
|
45
|
+
end
|
46
|
+
|
47
|
+
# This option will default to `:apply_to_host_groups` in RSpec 4 (and will
|
48
|
+
# have no way to turn it off -- the option exists only for backwards
|
49
|
+
# compatibility in RSpec 3). It causes shared context metadata to be
|
50
|
+
# inherited by the metadata hash of host groups and examples, rather than
|
51
|
+
# triggering implicit auto-inclusion in groups with matching metadata.
|
52
|
+
config.shared_context_metadata_behavior = :apply_to_host_groups
|
53
|
+
|
54
|
+
# The settings below are suggested to provide a good initial experience
|
55
|
+
# with RSpec, but feel free to customize to your heart's content.
|
56
|
+
# This allows you to limit a spec run to individual examples or groups
|
57
|
+
# you care about by tagging them with `:focus` metadata. When nothing
|
58
|
+
# is tagged with `:focus`, all examples get run. RSpec also provides
|
59
|
+
# aliases for `it`, `describe`, and `context` that include `:focus`
|
60
|
+
# metadata: `fit`, `fdescribe` and `fcontext`, respectively.
|
61
|
+
config.filter_run_when_matching :focus
|
62
|
+
|
63
|
+
# Allows RSpec to persist some state between runs in order to support
|
64
|
+
# the `--only-failures` and `--next-failure` CLI options. We recommend
|
65
|
+
# you configure your source control system to ignore this file.
|
66
|
+
config.example_status_persistence_file_path = 'spec/examples.txt'
|
67
|
+
|
68
|
+
# Limits the available syntax to the non-monkey patched syntax that is
|
69
|
+
# recommended. For more details, see:
|
70
|
+
# https://rspec.info/features/3-12/rspec-core/configuration/zero-monkey-patching-mode/
|
71
|
+
config.disable_monkey_patching!
|
72
|
+
|
73
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
74
|
+
# be too noisy due to issues in dependencies.
|
75
|
+
config.warnings = true
|
76
|
+
|
77
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
78
|
+
# file, and it's useful to allow more verbose output when running an
|
79
|
+
# individual spec file.
|
80
|
+
if config.files_to_run.one?
|
81
|
+
# Use the documentation formatter for detailed output,
|
82
|
+
# unless a formatter has already been configured
|
83
|
+
# (e.g. via a command-line flag).
|
84
|
+
config.default_formatter = 'doc'
|
85
|
+
end
|
86
|
+
|
87
|
+
# Print the 10 slowest examples and example groups at the
|
88
|
+
# end of the spec run, to help surface which specs are running
|
89
|
+
# particularly slow.
|
90
|
+
config.profile_examples = 10
|
91
|
+
|
92
|
+
# Run specs in random order to surface order dependencies. If you find an
|
93
|
+
# order dependency and want to debug it, you can fix the order by providing
|
94
|
+
# the seed, which is printed after each run.
|
95
|
+
# --seed 1234
|
96
|
+
config.order = :random
|
97
|
+
|
98
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
99
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
100
|
+
# test failures related to randomization by passing the same `--seed` value
|
101
|
+
# as the one that triggered the failure.
|
102
|
+
Kernel.srand config.seed
|
103
|
+
end
|
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-payloads
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.155
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OJ Reeves
|
@@ -96,7 +96,7 @@ cert_chain:
|
|
96
96
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
97
97
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
98
98
|
-----END CERTIFICATE-----
|
99
|
-
date: 2023-
|
99
|
+
date: 2023-10-04 00:00:00.000000000 Z
|
100
100
|
dependencies:
|
101
101
|
- !ruby/object:Gem::Dependency
|
102
102
|
name: rake
|
@@ -137,6 +137,7 @@ extensions: []
|
|
137
137
|
extra_rdoc_files: []
|
138
138
|
files:
|
139
139
|
- ".gitignore"
|
140
|
+
- ".rspec"
|
140
141
|
- CONTRIBUTING.md
|
141
142
|
- Gemfile
|
142
143
|
- LICENSE
|
@@ -240,10 +241,13 @@ files:
|
|
240
241
|
- data/meterpreter/screenshot.x86.debug.dll
|
241
242
|
- data/meterpreter/screenshot.x86.dll
|
242
243
|
- lib/metasploit-payloads.rb
|
244
|
+
- lib/metasploit-payloads/error.rb
|
243
245
|
- lib/metasploit-payloads/version.rb
|
244
246
|
- manifest
|
245
247
|
- manifest.uuid
|
246
248
|
- metasploit-payloads.gemspec
|
249
|
+
- spec/metasploit_payloads/metasploit_payloads_spec.rb
|
250
|
+
- spec/spec_helper.rb
|
247
251
|
homepage: http://www.metasploit.com
|
248
252
|
licenses:
|
249
253
|
- 3-clause (or "modified") BSD
|
metadata.gz.sig
CHANGED
@@ -1,2 +1,3 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
C�Ia�V?\(Z����/R'L4�^��C��
|
2
|
+
3f�H<���hI����}b5�,(KÖ?����<����t�S_���fR���q��9����"� E�yTPsyע
|
3
|
+
�Q����7�;H����r��U�R�w��5#�L�/:�=K gL�������N�4�n|���s�&�./>%�`�.O,��*�xi�A"��ІZ�@��������a���+�N��t���v�Q���\��XW��0�[�#���GC�g���{��
|