metasploit-payloads 2.0.155 → 2.0.157

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fc721f1a6bf01e7372d36c31cc15e479c7f755ef21400656799a155c601386b6
-  data.tar.gz: 88d9a363d5bca6cb7cc69a593e07b1817a3f35ff57b84b212e7d397258a0c99f
+  metadata.gz: 438bb2951a59864af18156abc58f00221f6e18711d5c5daeded76faa04d5ede6
+  data.tar.gz: 32c3b9800d310087ebbc29660911f68674ac7316a73af2c1176332618343a10f
 SHA512:
-  metadata.gz: 20dabb3d6fc368ab9835f97de9852ea59f43280d4b8b6afc0226362a190bff595aa93da86205d195e14904d0892e08e647ae76344f9a0428d4a0938b2778c756
-  data.tar.gz: 67d57f4e3b5cf6efa8ac35de38e2275f45f5aedd5c848f1c3bf76e9e018585d5d6d8c6483e0a2f396ff83cf05b69bf3b70d85f806d38b9c8ed1758915f5c94ed
+  metadata.gz: 507621be0a3dfce9c65c23ad1f2db04d4d00305c676874c205a9427bff46f5cacacc40eb51f6157c5f54afd608a1acf5fbc3e08f8e5066a56d831b8ecf87b12f
+  data.tar.gz: 3b95b280c79c029e2ee0f8fd3e548b7c575c11be0147e54692aed795bb56b8a1b3876a3a9d8883cf84439cd11288220dc537f4702f1f8271562eb56385ac69f4

checksums.yaml.gz.sig

@@ -1 +1,2 @@
-�-2ã�1�:-J��ֳ�^ЄHQ��Q���96�5��Cz����d�o%��om揹���T=GV���:`ђt#
+��l����m�(7��,�3�4Dn�-J�H :<;4�sd�����7E�f�8+��dy�)t�C&���$>qWRѳ�E��6���C𕩪a�\WS�X���h6'�
+_�+g�]ީǛ}q��� rIF��N?�=P)���R*�}���B�x`}�D��g�

data/Rakefile

@@ -1,5 +1,6 @@
 require "bundler/gem_tasks"
 require 'openssl'
+require 'metasploit-payloads/crypto'
 
 c_source = "../c/meterpreter/"
 java_source = "../java"
@@ -52,7 +53,9 @@ def copy_files(cnf, meterpreter_dest)
       Dir.glob("#{f}/*.#{ext}").each do |bin|
         target = File.join(meterpreter_dest, File.basename(bin))
         print("Copying: #{bin} -> #{target}\n")
-        FileUtils.cp(bin, target)
+        contents = ::File.binread(::File.expand_path(bin))
+        encrypted_contents = ::MetasploitPayloads::Crypto.encrypt(plaintext: contents)
+        ::File.binwrite(::File.expand_path(target), encrypted_contents)
       end
     end
   end

data/lib/metasploit-payloads/crypto.rb

@@ -0,0 +1,66 @@
+require 'openssl'
+
+module MetasploitPayloads
+  module Crypto
+    CIPHERS = {
+      chacha20: {
+        name: 'chacha20'.b,
+        version: 1,
+        iv: {
+          value: "\x52\x25\xd7\xab\x52\x8f\x3f\xf8\x94\x97\x08\x42\x33\xb9\xd3\xb6".b, # 16 bytes
+          version: 1
+        },
+        key: {
+          value: "\x28\x39\x97\x4c\x95\x11\x9d\x42\x6c\x8b\xff\x43\x3e\x5d\x3c\x33\x1b\x95\xd3\xea\xeb\xc9\xae\x71\x0a\x36\xe7\x98\x3d\x9d\x09\x52".b, # 32 bytes
+          version: 1
+        }
+      }
+    }.freeze
+    CURRENT_CIPHER = CIPHERS[:chacha20]
+    CIPHER_VERSION = CURRENT_CIPHER[:version]
+    KEY_VERSION = CURRENT_CIPHER[:key][:version]
+    IV_VERSION = CURRENT_CIPHER[:iv][:version]
+    # Binary String, unsigned char, unsigned char, unsigned char
+    ENCRYPTED_PAYLOAD_HEADER = ['msf', CIPHER_VERSION, IV_VERSION, KEY_VERSION].pack('A*CCC')
+
+    private_constant :CIPHERS
+    private_constant :CURRENT_CIPHER
+    private_constant :CIPHER_VERSION
+    private_constant :KEY_VERSION
+    private_constant :IV_VERSION
+
+    def self.encrypt(plaintext: '')
+      raise ::ArgumentError, 'Unable to encrypt plaintext: ' << plaintext, caller unless plaintext.to_s
+
+      cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])
+
+      cipher.encrypt
+      cipher.iv = CURRENT_CIPHER[:iv][:value]
+      cipher.key = CURRENT_CIPHER[:key][:value]
+
+      output = ENCRYPTED_PAYLOAD_HEADER.dup
+      output << cipher.update(plaintext)
+      output << cipher.final
+
+      output
+    end
+
+    def self.decrypt(ciphertext: '')
+      raise ::ArgumentError, 'Unable to decrypt ciphertext: ' << ciphertext, caller unless ciphertext.to_s
+
+      cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])
+
+      cipher.decrypt
+      cipher.iv = CURRENT_CIPHER[:iv][:value]
+      cipher.key = CURRENT_CIPHER[:key][:value]
+
+      # Remove encrypted header if present
+      ciphertext = ciphertext.sub(ENCRYPTED_PAYLOAD_HEADER, '')
+
+      output = cipher.update(ciphertext)
+      output << cipher.final
+
+      output
+    end
+  end
+end

data/lib/metasploit-payloads/version.rb

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.155'
+  VERSION = '2.0.157'
 
   def self.version
     VERSION

data/lib/metasploit-payloads.rb

@@ -3,6 +3,7 @@
 require 'openssl' unless defined? OpenSSL::Digest
 require 'metasploit-payloads/version' unless defined? MetasploitPayloads::VERSION
 require 'metasploit-payloads/error' unless defined? MetasploitPayloads::Error
+require 'metasploit-payloads/crypto' unless defined? MetasploitPayloads::Crypto
 
 #
 # This module dispenses Metasploit payload binary files
@@ -43,8 +44,9 @@ module MetasploitPayloads
     manifest_contents.each_line do |line|
       filename, hash_type, hash = line.chomp.split(':')
       begin
+        filename = filename.sub('./data/', '')
         # self.path prepends the gem data directory, which is already present in the manifest file.
-        out_path = self.path(filename.sub('./data/', ''))
+        out_path = self.path(filename)
         # self.path can return a path to the gem data, or user's local data.
         bundled_file = out_path.start_with?(data_directory)
         if bundled_file
@@ -137,15 +139,25 @@ module MetasploitPayloads
 
   #
   # Get the contents of any file packaged in this gem by local path and name.
+  # If the file is encrypted using ChaCha20, automatically decrypt it and return the file contents.
   #
   def self.read(*path_parts)
-    file_path = path(path_parts)
-    if file_path.nil?
-      full_path = ::File.join(path_parts)
-      raise ::MetasploitPayloads::NotFoundError, full_path, caller
+    file_path = self.path(path_parts)
+
+    begin
+      file_contents = ::File.binread(file_path)
+    rescue ::Errno::ENOENT => _e
+      raise ::MetasploitPayloads::NotFoundError, file_path, caller
+    rescue ::Errno::EACCES => _e
+      raise ::MetasploitPayloads::NotReadableError, file_path, caller
+    rescue ::StandardError => e
+      raise e
     end
 
-    ::File.binread(file_path)
+    encrypted_file = file_contents.start_with?(Crypto::ENCRYPTED_PAYLOAD_HEADER)
+    return file_contents unless encrypted_file
+
+    Crypto.decrypt(ciphertext: file_contents)
   end
 
   #

data/manifest

@@ -1,13 +1,12 @@
 ./data/android/apk/AndroidManifest.xml:SHA3-256:cff0a10406eef30a6e8b558efa6695a2e183f11ada105e2fc2342ab174f1fc95
 ./data/android/apk/classes.dex:SHA3-256:0ca34b9e74428678ca808e3601eb30ec78256d76a38c8eecf26e5f419837b769
 ./data/android/apk/resources.arsc:SHA3-256:9a6f5eb5cb24fb1f83808a67c692e66c1a698d6222db2000b8b07e595689311f
-./data/android/meterpreter.dex:SHA3-256:6105628e55ccab5412f899bc8bb563796b53f5941d48283ff892abc09fbd1c6a
-./data/android/meterpreter.jar:SHA3-256:829fbc95dbca9de3f2134d78a14c5dd561a6cd36d6a81c7a9a4caf201d4d5d9b
-./data/android/metstage.jar:SHA3-256:7e4e3c2edba760a900493df3aad0b0c9b99d2775e11a8c2a4c61af133b312830
-./data/android/shell.jar:SHA3-256:8ccc1c525695fe523070315fcd4e064456f34e903b1c000f1695d98d006f790d
-./data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class:SHA3-256:a5a729165ff85444ee954f19590782def0a66b1941e89f3cb5baed1df72818c8
-./data/java/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.class:SHA3-256:386dd1d33383a0d1ac221bf4b914d8b648f5f47aefb3cad0e8d16988854e1762
-./data/java/javapayload/stage/Meterpreter.class:SHA3-256:9124d682defeba42a88c766bee21c4d4a0c7c37f63f1928a2614c4d1bea2fecf
+./data/android/meterpreter.dex:SHA3-256:4596cdac6b36141c35d026f6c349416097f6968f8fb95a7a1421e0fbd1da9d65
+./data/android/meterpreter.jar:SHA3-256:48b774ea108004ef83dee3170919f7aa36a66806ed6acaaed46c18c2a25678a8
+./data/android/metstage.jar:SHA3-256:98147a9f04130634d474cd1083b85e7163eb65de2fb0506e53c756302fffef96
+./data/android/shell.jar:SHA3-256:d2470ac08d0d307402cfd6c7b86c7df6123d8ff1742161e96a6c9cd6f9731756
+./data/java/com/metasploit/meterpreter/JarFileClassLoader.class:SHA3-256:70e39898965b1cdcf7efeab2fff76471950fb19d6e0d03589ff3a15705c35f2b
+./data/java/javapayload/stage/Meterpreter.class:SHA3-256:7c2cada964463b28f0d9d900e4979d79a7d8931d00c514f46cf589cf7b77e2e7
 ./data/java/javapayload/stage/Shell.class:SHA3-256:78aeee685de937bd62a5364ca1a16a798f1c963968b829bcfcb675723d4f8650
 ./data/java/javapayload/stage/Stage.class:SHA3-256:d99ce29ee9dfc87830e114bf872c7f75c40eac6f759a85537a661dfdea62a003
 ./data/java/javapayload/stage/StreamForwarder.class:SHA3-256:d2b38771450580a68f7ff6131798d53ff979f2bcd2e5b0f444f6d90a25274599
@@ -19,79 +18,79 @@
 ./data/java/metasploit/PayloadTrustManager.class:SHA3-256:e2d25c8b3e43f584e198e46c2576b367f96275800a96a42fd2dc2c81059a3c41
 ./data/java/metasploit/RMILoader.class:SHA3-256:4add539548d76e0142ff5e6ccdba6ee4b21191354be1a40499cb2a745b480bee
 ./data/java/metasploit/RMIPayload.class:SHA3-256:0d3e96836a8c3591f4bc827b33c4edb0b4f505a9f17cb0bdb27a367fb71d53c3
-./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:aafbaed643ee16c3bc36bbf497a359e10a73557784e2433b15847ca92df2bd16
-./data/meterpreter/dump_sam.x64.dll:SHA3-256:a509a5676ef9163838cb26d0255035a13fdfd1473ac27f333bd0bfa4ecc4490e
-./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:31b15fa8578ba2f255e9292011a13511771c3a0ab5bc531673086410b6fde919
-./data/meterpreter/dump_sam.x86.dll:SHA3-256:b4e194f0f3d9e9c661b57afbb1b9ec402c63b150f3f0942f407e94731f803ad6
-./data/meterpreter/elevator.x64.debug.dll:SHA3-256:2ef6be33eb7b8a0107fda076f537d692b3b89c4017b862359dc4b7932533a195
-./data/meterpreter/elevator.x64.dll:SHA3-256:735e9bd595b2620abb3838b8adeb096fec921b86d69a5b919177f4e69fb050a8
-./data/meterpreter/elevator.x86.debug.dll:SHA3-256:c89fb442a039b5ba89180727f1db2343e1c8340795a2344c6626999218e92c76
-./data/meterpreter/elevator.x86.dll:SHA3-256:42c89e36be1df87483c71fd634a516323db62ecfc4bba82262800138b135e240
-./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:44cde2a2a50267421f6cdc5d5917b138c66e4a94723098a0da764e64fb05287e
-./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:32b1ea0fffe7473f30d3aed1716c781277ce58509301de64e598b231d83f06c1
-./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:56589dcf34424e0e8526d57e6304018015efdf46d0ac4f5ed820ae7545af647a
-./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:2fc0d175724de8fee54ee153fdfc967a0e108bcd664148369f4cc8562977cf36
-./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:2a85879a58d21b2c95dd887997143784217ef7912f0ea9f8e0dc0ba7574bf37b
-./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:557d5489ebfd2252f172bc9b5b770da735381d5bbe767594a88a968ea94084d0
-./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:b957dd509a4dc394536284ec8e26a8f2ea56bd584bbfce4ecff1250a563e7fc0
-./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:3352cbdc2f588e2b62ce2807c959073faacb37503d945e677b538623eb4fe696
-./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:7fd6256db6ac041f1708b8e5dd5062183ea1646e5815459e3aaf74c01791a4e3
-./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:89a0f8f1c4769a777b3ad19f3900100b3a3c551157e4a34391328c98e12fc71f
-./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:6a671c42f1523df37b12d4be9faf707b0274046c6c19f672587d48a5138f0969
-./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:ae81321485ccf8bede8b55000fb5feac148c3742a4cd8b39d90b5bfba8e61740
-./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:9d0f96d606c66e8dcacd1a9ae5a331248988ee32a449b40f201a5dac9524bcaf
-./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:1dc4e15567a30c9fdf8f89aaf50b3d1f6afe3fe0c4a97d1628308beee9a256e4
-./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:66b34e1411178af13bee37cdc9a45fb15650da7b4b8c80afd8be4c148e4a95aa
-./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:aa39689283bebf9148bc0dd0b1ced4cb7794410ef0704b22446160f7dc874243
-./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:78670aa4f3e38379a60e851968df669790f29d9176cf50d5d111b9aad12dea48
-./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:9175dcde6607051a536b284efa2ad6525942c8c2a21eed1e5296d7c005410f30
-./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:2fcfd48cfd97f7aa9cadd1db57d88d24bf067ab14e470d193bc1fe374c12e650
-./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:fca844c1d59d001281707d9b32e35f27a290a209d115e43825d011b72c5a38a8
-./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:578fb575efd6f876a1159aac4b4c61f8bbf689e2edecc8171fbf7780ef81df9c
-./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:e1871de28886a80d6f752b7e09d656f29e7f3d3e170e0427c07b445abec2fe22
-./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:04828ba5afa2ce6b5f960461dfeb399a4387f536f0500fed78869236551e220a
-./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:bf6b24141739ba1be0c7b58ea85677b251c5476421d99d46eb48354b2764eefe
-./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:93a4fdb3f3639114bc24af7ee14db39da378c8a8f533ccb9c201b42788180dea
-./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:a28bb7c0a002664595fe7e41d6a3a3dfa0894f9f3a83bfa1645de09a784304b4
-./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:09a0597c7d97eec1c9c3c7630e1902538c86f26436433b61ec587d05af03086c
-./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:5302629aea4a706ed0e7a3a958af85309a13b5a7df04008900f796ced9c1e3c2
-./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:295a88551e1dcf09c84ddacecb00f25d956b9f2ec0e1cbc6bf176b08cec10ce0
-./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:ceb25f5f646f9bcce741f92995f8531beb2e3b99ddc0d7cb7ba13e6b35920d55
-./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:735581fc120fb50642c38f1bb36e90e22c7960b188470f7932c2712ae0e4d6e8
-./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:77385208516e45c95656aa5471484abd76864f28cb15b59ec44d65b38691c8ba
-./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:2965066edf8966028e46a9dfe37aacda41f2c3ff61bb4d2fad86777bf2fa31cb
-./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:91331ecac08bd1da27b860fe35140354671d648fc7ba154373e4e4094c819c02
-./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:9b9cdbcc68fca1162b7e8626da3483bdc15c5aed327264f76cf927d53251dc68
-./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:f93f7df934050ab344b87bd6068dc2e60b0350d24aa20747cd4df44b1cb91178
-./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:8bd51117004658db498653ae21e203bd0dd0c0e1e425403cfa320d53dbdb2f98
-./data/meterpreter/ext_server_python.x64.dll:SHA3-256:e2cb0ee0d50731a201208ac64d2d7f441e16cbe933d7c47645b3c329afca4f64
-./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:8e630fed6ed557b7df53a0bae2884fc5e5fae0c3d19350a7adae16b4f6fe5803
-./data/meterpreter/ext_server_python.x86.dll:SHA3-256:501f3930926ba27d40cebec46e496cc25506df0dddcda8842c306914da87a929
-./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:f475986dc32a2e3ac5da059c40105044bc932c33647b82e69f10be71f65aa381
-./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:dfe7cbb2616bc0efc8b9875f7df2c8eeced0705f8d4fa0077f25f9332a2078f1
-./data/meterpreter/ext_server_stdapi.jar:SHA3-256:c064899075585b124102f7015ba6d0ab8aa5e773377ebed7e69cd467d3b6aa26
-./data/meterpreter/ext_server_stdapi.php:SHA3-256:92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5
-./data/meterpreter/ext_server_stdapi.py:SHA3-256:3ed09316bdc2038873e5a3dc42bd8d725fdb66cf93a0f87300876d1e64ce6b3c
-./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:e8cda1ec47d893cd0cb9295381c94094183019a8ea7f5e7142c3655b974c04ed
-./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:bc9e8b3ded30b4cafdae71e8ecbb76b8637664eef0e62c31b8f04350f5e52ae9
-./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:3ce4cbf0223e437b4fcf253fc5cac6a2ad3bfcd8839678552eb30cf2b068aede
-./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:0cacccc893c12eeec7918b7dd0d76bd75f6d46cbe4f82dc731629f8d1fce3da3
-./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:aa1eb7a23ada3f05c2331b95e0ee172e1e02af11c4e58428fdb3a0604450ef35
-./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:3d5d5a1b3ade3d0a6c99dd7fbe8824977d1963bdedd3c65a8eabf472ef962cec
-./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:dbdbe13cd6cc128896a53cff9489ca55865a98ca1f71c7aae7241776c4197af5
-./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:976a8370389523bcf46e0b2874a84c9d70a80664dab81ce6b95975142827dff3
-./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:ae14383e0a0f67551a598e4e7922e0630d61ae7e933145373a5c0d73a6851ac6
-./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:78667d8228e7228fb3cb5f76315810c3c080889b8a0601101aa7fd501c150651
-./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:8fb5cad7bc8fb641f73d0e03fde44567e17537ed23d10dbec93d4bd08dc62c68
-./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:43a1a3fac591a3abc385124a55bd08f424f9b7291c95cb038fde8adc7c160894
-./data/meterpreter/meterpreter.jar:SHA3-256:fc4bd122c9df063808270708e91a0da546de2c7a139bbfa000af65f6b0727dff
-./data/meterpreter/meterpreter.php:SHA3-256:9389b1548410438d93ce12a2e276b7b2e77046845e6fca43b419b516de3871f9
-./data/meterpreter/meterpreter.py:SHA3-256:a4ed4d3bb4c28c208a3f00453ccd1c50bb958cc8c20905599e7ba40a3259dba5
-./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:9e9311deb590bafb3068bdd7e37919729f99effbdca7105e1b03a628b8ba598d
-./data/meterpreter/metsrv.x64.dll:SHA3-256:a2c21398ab0cca7f7c72c05ce7d821e676432fc8dd38a4db4348503e1fbf8411
-./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:1db9a6f471f2e6e4e6c0d43890f05bf68f42f233fd6e6e57a4963e28ced851a2
-./data/meterpreter/metsrv.x86.dll:SHA3-256:cc1a35f9edbe069555e6a976953e276164f86cc457821ba73b46dd30bf231479
-./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:0584d852945852efa55174bb394d5ff302fb7137b1143b62f9613cb88a0e959a
-./data/meterpreter/screenshot.x64.dll:SHA3-256:ad695383fdc6dd71a108320d34db8a496779f76b5385bebc8ac19385400a0e37
-./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:8f7b6ae9cbb67e3c3df170661858a947a16693ff7b14230d7fba877602d2e571
-./data/meterpreter/screenshot.x86.dll:SHA3-256:8eef7d4f2d59819c2d6c7f8cf5833b9f3aed2368ff57bbfbdb1674fdc7e0ffcc
+./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:1b50289c287fe2c873351c32c53b51befcdef5d89d2269d5467a4d81bc7b8bf1
+./data/meterpreter/dump_sam.x64.dll:SHA3-256:7673e1fdde2f8e9b6b959f6732910b57a2ef847f66a773ac1c2021192d57b9bd
+./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:e7dc554fa30ab83302b2a874b14dad384ca1c2a90c1b29154f6a2b335933e8e4
+./data/meterpreter/dump_sam.x86.dll:SHA3-256:397d84181bfd1adfe718110694f8c97ad392acf8e105761a48fbb92c7c01c370
+./data/meterpreter/elevator.x64.debug.dll:SHA3-256:f14321c1000e03773c11fb45be0c133a0392b712865ea910710812a0854b2574
+./data/meterpreter/elevator.x64.dll:SHA3-256:f8a0f9778087d351440f02cbed6dd5b1342ed2d5f0a3bb7448f7a28fd694a34b
+./data/meterpreter/elevator.x86.debug.dll:SHA3-256:3f96ad4185694eacaeead1019dcba1f998b11fe63a9a8fcb6a2306b3c14bf1b6
+./data/meterpreter/elevator.x86.dll:SHA3-256:1361a53c8fe294276863f57f9fc35ef5caa5a68b65d6cd5c5bcd4d800fed18a8
+./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:edad1246bb093ff15e648e8a0f34cfa6962366f3ee3518c360c12062a3a3a120
+./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:50cbb8ff069e9472cdd3863be84726aab85993cebe14684d72ddae89dd0de0ea
+./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:4911238652687df38bb9d7656f3c1ee907b033bb45f204f2e0c8945db18e082b
+./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:ab980948f16007c49c28a2d000ce887cc61b6c64b362b4171dcf662112f1f737
+./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:6c316e5b6b7d995c7b352017224ffc98f270d2eb2033f7a2d93900e1d53f4c2a
+./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:de80aa1fa67d231c8a9e8b801f68f6a66c1ae02c3c8c7c0acdd5c9e03f13886a
+./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:40b23ce3514bd1a0962b495d638628b473233ae2021d7cfffd03766939e68991
+./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:6fb00120c3f04fb1dd7b07fa2d92d01736cd1fe6f2d78cb4c3548e239b2135b4
+./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:ba7435a5b127ea5c060ef1ef32669d14b141db68c698dedd15824e46c3e7d6fa
+./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:9796e479bf4391a1061f7f1760a08e6fa06d493590f33590c086d9222a30460c
+./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:3a196fe8b50a02a52f713b18ba748972a8d3fffd006bc8f3e4efb33096b1c450
+./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:c670c0ca0570c1e42c33605ade7c7d25017cff6f86f6acdde3369d1ac64962be
+./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:4904401448a5a48d82f07f81d9518d7757bc1af92df40bbd36c19a4b9adfd540
+./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:7e960f041d57525789c9b5c3703b20afeca9d7ebb7c07b43c89435d756f091f1
+./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:d39d047e5d2014af67440fb76a5592631e04fd67d7c49290f427ea10f11fe8e8
+./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:8140e30a3ca5478956a0a87c99e10910d4ebec64ba5c194ced4ac35aa34d2bd8
+./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:ce993f4cc04334e71ae52124b335e09ab0a6405ce56ef6ac2e259ea3c5b2b7f9
+./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:b1dc0ee9c7d24375d1f851360749b1d71b751e668ea0754242d9d331f50fb11c
+./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:76ac90c1a31116a061e4cfd4e5d181b68f8adf6f02403437a9619f0ff59a0ae4
+./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:923ca0a4b808eedd9140e5d148d82f2e3c340288d7a9d1e204ccf3d8e92865ba
+./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:8a88d7c368e99178dc697cff695103ee01447778f891c142b2cba1b760428be8
+./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:2ef84406c557954049ed2a3c98719ebd5ef1b89a083ebca633723da839310116
+./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:cf84a63a407a4c2e59d34c89d5eb43a5be26315b174264682bcea86c354be67b
+./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:3325eb7bb36541b3d2e81c8831415817f422ed556530561aa9eb80606b6d4014
+./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:7925a9e4a9bbf3d4114896692811f98c110b308b8657cb25cca1e4cebed90761
+./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:9992d49ea92d4884712476eeafdee6015c1f9e72dfbd4bf978e7dc90651227b8
+./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:00b0a34ff67d37a127ec5ec1a730fe7d23491033e1ea80b6bab2e8b6c925ae44
+./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:7d08b920979a446dc2aa342cc81fd4fc3096bebeb146397a1a7e1ddd4d1e0d7f
+./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:0204749de3bcd3bfbfaa3a8581f9554f59c4e11633ed957200ea4bf9cb4f63ec
+./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:97edced1c66c0e05e23d294fdffe988bd90e41af53ad52f12e16b89a831e66e5
+./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:7455d9c25ec3c0f0423e0613ad81a70fcd3e515170bd6dde3f625998d914f0df
+./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:56f5aa376f595c5a2724b19aeb33c7f116dbfaa93f97be71569cf3805f5420c4
+./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:2938399e2b3a439596aa369655c1c763ad71709fa949b811a556c0e064c89472
+./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:d8d085b711238e01b8812e61b796380ce9951aebd60a03995a6d53f241fae939
+./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:e8cbd12640f991a293960e10c2815ae2c3e4e069220d4982ec69c8b522522f98
+./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:fed2a5973b56d37ffbca5c9ed5b39765c5198c27a4ca6b60e40c7ed446a773c0
+./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:d435396016805ad7576247d763da2666b1c8b4cab56c692eb9b08d245067ab7e
+./data/meterpreter/ext_server_python.x64.dll:SHA3-256:ae7f96bc4424546ad33d145d42a211abab0f2703bf5e2130e924511cf2b27683
+./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:9ea21f78bdfd74c4b9c358706aea5f60a27681c87a8f213558d2d629eae45639
+./data/meterpreter/ext_server_python.x86.dll:SHA3-256:1876a7c41d0e6e54890234d94f33ac8b0eec4c6d039a4e180829acef91b0bb24
+./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:d0c2310a1819c758735bb147c172a4d6eef208aecfe7da230d92134a1f6069fe
+./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:e01a547704ee10a864552d786eb9fcb3fa749bcc89a00a28d531c2a4ed4a23a2
+./data/meterpreter/ext_server_stdapi.jar:SHA3-256:1b0f9989d196b5e01c9bdf8bf2b5f7a6905bd454c2d9cb19be16ab1f23690f89
+./data/meterpreter/ext_server_stdapi.php:SHA3-256:405f79d15b270baa012f1d2875b6d26abdb987401ca0321ca027e8ab0d5ef28d
+./data/meterpreter/ext_server_stdapi.py:SHA3-256:752606a378d2da68d1be8e8c01389f04505c1f2bcce38be43e0deab675794592
+./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:522e3c08e047ba338cec960858fbb9f2d870cb340f07169e0a2ac52914f44e1a
+./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:cf4a1021e9a08f1551782e40bdbfe392808e90f5342c91c1351c4c22c6f9e7a6
+./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:b34986f5faafdc1a6a396658b635aa58511bcfd88cfe2737bb827ee26458217b
+./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:44ff32cd9bf1a975e5bdde3f4e50919f0921ef1843bc8a03e97c02b7c86e8271
+./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:5f86d7c1c26f5020b0c28f93a617444b69b4438938e98b8a7f3af5e9db4dadd4
+./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:f6f11b2fa8bab705bcd1dde11fab842cc9764e4033cf907328da7b10d823453c
+./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:de1477c3001b84405e2126e0562c3a6f849916f56e1c57293b1028633857fd66
+./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:9f9461c65692e409c894f683df23881cf768eb03a2f7050334764734d498dbf2
+./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:3550e85b4c360ab8b86f82b8b7ca881ec275604fbec8902d217b73f0f0162c7b
+./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:ba12dd560f52a395b35f1ced2f0c574c511f0594dffe011ff8ae9fc6ea19da96
+./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:62c18cb8b4607dd429579189e28bd536988a0d36670eaa022a05553d3e153f1d
+./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:37dcb722ff83dd7e81a530d904650b09dccfe35bc06d8fc2dc541d4170e187fe
+./data/meterpreter/meterpreter.jar:SHA3-256:f9103d8aaf5053ebe1a52c0fb1e9f3ba5fdcac70bfee1ba95b9681c910e95244
+./data/meterpreter/meterpreter.php:SHA3-256:5de0fa5a38305c9fde9f2617df0a96f669cd7a9bb8b4bba6885a6413eb6779b6
+./data/meterpreter/meterpreter.py:SHA3-256:eb979cb8e4743c33a44731218b9ef9bff02967f0384c828465aa8cfc41f66e15
+./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:3d20b525b167d14795c79b2eea3979ac786e72c082d264f9710e6f3538224bb9
+./data/meterpreter/metsrv.x64.dll:SHA3-256:3077be156a95b6879090be6de3da19799bbe0faf6b677103ecfcaf434fb9ee9d
+./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:b8ba7de8092a878257ba4170c6dea8f6999799188c38ea5336450246e56ce122
+./data/meterpreter/metsrv.x86.dll:SHA3-256:88cb2e4fcd315fd653771a134ab4998182bd6016f55257afe321d7776fb44e35
+./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:484e2e1731fdf3f26ea1549bd3dd67c407a47307126d4536e536f4dd54ac9d67
+./data/meterpreter/screenshot.x64.dll:SHA3-256:8c32d12fc7f29e8dd739cde403a43194c019babe6cd032f2fa2610985d032b04
+./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:7800a03f8fde4f8d9622b9e966f9574a2ef69f95dac5c9695618c387e42b64fa
+./data/meterpreter/screenshot.x86.dll:SHA3-256:f2add9214cfe5900a3143fd01f7e5e91b81e473cdc86cef90411bb9178942a44

data/manifest.uuid

@@ -1 +1 @@
-d1aedac8093abf2e19af09313b1d59299b9cc344474e1c59940def4e4c367764
+c5bde707a441e23e5a09d03d9afcd2af301c243166308be3c93e0511a7d49a66

data/spec/metasploit_payloads/crypto_spec.rb

@@ -0,0 +1,22 @@
+require 'spec_helper'
+require 'metasploit-payloads'
+
+RSpec.describe ::MetasploitPayloads::Crypto do
+  describe '#encrypt' do
+    let(:encrypted_header) { ::MetasploitPayloads::Crypto::ENCRYPTED_PAYLOAD_HEADER }
+    let(:plaintext) { "Hello World!".b }
+    let(:ciphertext) { encrypted_header + "\x89:^r\xC1\xC9\xD9\xA1\xDC\xEB\xBFm".b }
+
+    it 'can encrypt plaintext' do
+      expect(described_class.encrypt(plaintext: plaintext)).to eq ciphertext
+    end
+
+    it 'can decrypt ciphertext' do
+      expect(described_class.decrypt(ciphertext: ciphertext)).to eq plaintext
+    end
+
+    it 'is idempotent' do
+      expect(described_class.decrypt(ciphertext: described_class.encrypt(plaintext: plaintext))).to eq plaintext
+    end
+  end
+end

data/spec/metasploit_payloads/metasploit_payloads_spec.rb

@@ -246,4 +246,34 @@ RSpec.describe ::MetasploitPayloads do
       end
     end
   end
+
+  describe '#read' do
+    let(:encrypted_header) { 'encrypted_payload_chacha20_v1' }
+    let(:raw_file) { { name: 'meterpreter.py', contents: 'sample_file_contents' } }
+    # ChaCha20 encrypted contents
+    let(:encrypted_contents) { "gg\xB7R\x96\xA00\x84\xC4\xBF5\x1D\xDBG6J\n\x86\x06\xF1" }
+    let(:encrypted_file) { { name: raw_file[:name], contents: encrypted_header + encrypted_contents } }
+
+    before :each do
+      allow(::MetasploitPayloads).to receive(:path).and_call_original
+      allow(::MetasploitPayloads).to receive(:path).with([encrypted_file[:name]]).and_return(encrypted_file[:name])
+      allow(::MetasploitPayloads).to receive(:path).with([raw_file[:name]]).and_return(raw_file[:name])
+
+      allow(::File).to receive(:binread).and_call_original
+      allow(::File).to receive(:binread).with(encrypted_file[:name]).and_return(encrypted_file[:contents])
+      allow(::File).to receive(:binread).with(raw_file[:name]).and_return(raw_file[:contents])
+    end
+
+    context 'an encrypted file' do
+      it 'returns plain-text file contents' do
+        expect(subject.read(encrypted_file[:name])).to eq(raw_file[:contents])
+      end
+    end
+
+    context 'a plain-text file' do
+      it 'returns plain-text file contents' do
+        expect(subject.read(raw_file[:name])).to eq(raw_file[:contents])
+      end
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.155
+  version: 2.0.157
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2023-10-04 00:00:00.000000000 Z
+date: 2023-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -150,8 +150,7 @@ files:
 - data/android/meterpreter.jar
 - data/android/metstage.jar
 - data/android/shell.jar
-- data/java/com/metasploit/meterpreter/MemoryBufferURLConnection.class
-- data/java/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.class
+- data/java/com/metasploit/meterpreter/JarFileClassLoader.class
 - data/java/javapayload/stage/Meterpreter.class
 - data/java/javapayload/stage/Shell.class
 - data/java/javapayload/stage/Stage.class
@@ -241,11 +240,13 @@ files:
 - data/meterpreter/screenshot.x86.debug.dll
 - data/meterpreter/screenshot.x86.dll
 - lib/metasploit-payloads.rb
+- lib/metasploit-payloads/crypto.rb
 - lib/metasploit-payloads/error.rb
 - lib/metasploit-payloads/version.rb
 - manifest
 - manifest.uuid
 - metasploit-payloads.gemspec
+- spec/metasploit_payloads/crypto_spec.rb
 - spec/metasploit_payloads/metasploit_payloads_spec.rb
 - spec/spec_helper.rb
 homepage: http://www.metasploit.com