metasploit-payloads 2.0.156 → 2.0.157

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c6cbabcdd26a813470c5b122520a700c3da82d8eb029bae6b82fc3fefed970db
-  data.tar.gz: 03bc7c08180258b0b2a71fba8896cc28e86e6ff569ce5411448eb992359fede2
+  metadata.gz: 438bb2951a59864af18156abc58f00221f6e18711d5c5daeded76faa04d5ede6
+  data.tar.gz: 32c3b9800d310087ebbc29660911f68674ac7316a73af2c1176332618343a10f
 SHA512:
-  metadata.gz: 7e1ddeb4d9cf667736924aa448485ba1d0efb3a60f5e8715f36ac56d77da2b89b4b02f3e0ea4e32fd9f1283cddb8962ee054688e49097c2b2d5950f6fa71b3d5
-  data.tar.gz: dc6b055f7a8db8dbed810e600f5fa486a889184f2390fbb295f0819bca93e9018b3af227c3c9bc84a2a5f0fbf727fe4359699b2ecb72a1285f77a385e8da4f26
+  metadata.gz: 507621be0a3dfce9c65c23ad1f2db04d4d00305c676874c205a9427bff46f5cacacc40eb51f6157c5f54afd608a1acf5fbc3e08f8e5066a56d831b8ecf87b12f
+  data.tar.gz: 3b95b280c79c029e2ee0f8fd3e548b7c575c11be0147e54692aed795bb56b8a1b3876a3a9d8883cf84439cd11288220dc537f4702f1f8271562eb56385ac69f4

data/Rakefile

@@ -1,5 +1,6 @@
 require "bundler/gem_tasks"
 require 'openssl'
+require 'metasploit-payloads/crypto'
 
 c_source = "../c/meterpreter/"
 java_source = "../java"
@@ -52,7 +53,9 @@ def copy_files(cnf, meterpreter_dest)
       Dir.glob("#{f}/*.#{ext}").each do |bin|
         target = File.join(meterpreter_dest, File.basename(bin))
         print("Copying: #{bin} -> #{target}\n")
-        FileUtils.cp(bin, target)
+        contents = ::File.binread(::File.expand_path(bin))
+        encrypted_contents = ::MetasploitPayloads::Crypto.encrypt(plaintext: contents)
+        ::File.binwrite(::File.expand_path(target), encrypted_contents)
       end
     end
   end

data/lib/metasploit-payloads/crypto.rb

@@ -0,0 +1,66 @@
+require 'openssl'
+
+module MetasploitPayloads
+  module Crypto
+    CIPHERS = {
+      chacha20: {
+        name: 'chacha20'.b,
+        version: 1,
+        iv: {
+          value: "\x52\x25\xd7\xab\x52\x8f\x3f\xf8\x94\x97\x08\x42\x33\xb9\xd3\xb6".b, # 16 bytes
+          version: 1
+        },
+        key: {
+          value: "\x28\x39\x97\x4c\x95\x11\x9d\x42\x6c\x8b\xff\x43\x3e\x5d\x3c\x33\x1b\x95\xd3\xea\xeb\xc9\xae\x71\x0a\x36\xe7\x98\x3d\x9d\x09\x52".b, # 32 bytes
+          version: 1
+        }
+      }
+    }.freeze
+    CURRENT_CIPHER = CIPHERS[:chacha20]
+    CIPHER_VERSION = CURRENT_CIPHER[:version]
+    KEY_VERSION = CURRENT_CIPHER[:key][:version]
+    IV_VERSION = CURRENT_CIPHER[:iv][:version]
+    # Binary String, unsigned char, unsigned char, unsigned char
+    ENCRYPTED_PAYLOAD_HEADER = ['msf', CIPHER_VERSION, IV_VERSION, KEY_VERSION].pack('A*CCC')
+
+    private_constant :CIPHERS
+    private_constant :CURRENT_CIPHER
+    private_constant :CIPHER_VERSION
+    private_constant :KEY_VERSION
+    private_constant :IV_VERSION
+
+    def self.encrypt(plaintext: '')
+      raise ::ArgumentError, 'Unable to encrypt plaintext: ' << plaintext, caller unless plaintext.to_s
+
+      cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])
+
+      cipher.encrypt
+      cipher.iv = CURRENT_CIPHER[:iv][:value]
+      cipher.key = CURRENT_CIPHER[:key][:value]
+
+      output = ENCRYPTED_PAYLOAD_HEADER.dup
+      output << cipher.update(plaintext)
+      output << cipher.final
+
+      output
+    end
+
+    def self.decrypt(ciphertext: '')
+      raise ::ArgumentError, 'Unable to decrypt ciphertext: ' << ciphertext, caller unless ciphertext.to_s
+
+      cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])
+
+      cipher.decrypt
+      cipher.iv = CURRENT_CIPHER[:iv][:value]
+      cipher.key = CURRENT_CIPHER[:key][:value]
+
+      # Remove encrypted header if present
+      ciphertext = ciphertext.sub(ENCRYPTED_PAYLOAD_HEADER, '')
+
+      output = cipher.update(ciphertext)
+      output << cipher.final
+
+      output
+    end
+  end
+end

data/lib/metasploit-payloads/version.rb

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.156'
+  VERSION = '2.0.157'
 
   def self.version
     VERSION

data/lib/metasploit-payloads.rb

@@ -3,6 +3,7 @@
 require 'openssl' unless defined? OpenSSL::Digest
 require 'metasploit-payloads/version' unless defined? MetasploitPayloads::VERSION
 require 'metasploit-payloads/error' unless defined? MetasploitPayloads::Error
+require 'metasploit-payloads/crypto' unless defined? MetasploitPayloads::Crypto
 
 #
 # This module dispenses Metasploit payload binary files
@@ -43,8 +44,9 @@ module MetasploitPayloads
     manifest_contents.each_line do |line|
       filename, hash_type, hash = line.chomp.split(':')
       begin
+        filename = filename.sub('./data/', '')
         # self.path prepends the gem data directory, which is already present in the manifest file.
-        out_path = self.path(filename.sub('./data/', ''))
+        out_path = self.path(filename)
         # self.path can return a path to the gem data, or user's local data.
         bundled_file = out_path.start_with?(data_directory)
         if bundled_file
@@ -137,15 +139,25 @@ module MetasploitPayloads
 
   #
   # Get the contents of any file packaged in this gem by local path and name.
+  # If the file is encrypted using ChaCha20, automatically decrypt it and return the file contents.
   #
   def self.read(*path_parts)
-    file_path = path(path_parts)
-    if file_path.nil?
-      full_path = ::File.join(path_parts)
-      raise ::MetasploitPayloads::NotFoundError, full_path, caller
+    file_path = self.path(path_parts)
+
+    begin
+      file_contents = ::File.binread(file_path)
+    rescue ::Errno::ENOENT => _e
+      raise ::MetasploitPayloads::NotFoundError, file_path, caller
+    rescue ::Errno::EACCES => _e
+      raise ::MetasploitPayloads::NotReadableError, file_path, caller
+    rescue ::StandardError => e
+      raise e
     end
 
-    ::File.binread(file_path)
+    encrypted_file = file_contents.start_with?(Crypto::ENCRYPTED_PAYLOAD_HEADER)
+    return file_contents unless encrypted_file
+
+    Crypto.decrypt(ciphertext: file_contents)
   end
 
   #

data/manifest

@@ -2,9 +2,9 @@
 ./data/android/apk/classes.dex:SHA3-256:0ca34b9e74428678ca808e3601eb30ec78256d76a38c8eecf26e5f419837b769
 ./data/android/apk/resources.arsc:SHA3-256:9a6f5eb5cb24fb1f83808a67c692e66c1a698d6222db2000b8b07e595689311f
 ./data/android/meterpreter.dex:SHA3-256:4596cdac6b36141c35d026f6c349416097f6968f8fb95a7a1421e0fbd1da9d65
-./data/android/meterpreter.jar:SHA3-256:9074f6c3d94225e8c7e35efd0ae9f16da760137fb355637e670d83d40e7b6c15
-./data/android/metstage.jar:SHA3-256:0de4dddf289ebe0d03bfe8b13161a3ddb284c5d658634c9988b73fd5f21db064
-./data/android/shell.jar:SHA3-256:f3a4554d8eeee773247f50e8bf951ced61cf521f0ab867329f7a23d8e21c90c4
+./data/android/meterpreter.jar:SHA3-256:48b774ea108004ef83dee3170919f7aa36a66806ed6acaaed46c18c2a25678a8
+./data/android/metstage.jar:SHA3-256:98147a9f04130634d474cd1083b85e7163eb65de2fb0506e53c756302fffef96
+./data/android/shell.jar:SHA3-256:d2470ac08d0d307402cfd6c7b86c7df6123d8ff1742161e96a6c9cd6f9731756
 ./data/java/com/metasploit/meterpreter/JarFileClassLoader.class:SHA3-256:70e39898965b1cdcf7efeab2fff76471950fb19d6e0d03589ff3a15705c35f2b
 ./data/java/javapayload/stage/Meterpreter.class:SHA3-256:7c2cada964463b28f0d9d900e4979d79a7d8931d00c514f46cf589cf7b77e2e7
 ./data/java/javapayload/stage/Shell.class:SHA3-256:78aeee685de937bd62a5364ca1a16a798f1c963968b829bcfcb675723d4f8650
@@ -18,79 +18,79 @@
 ./data/java/metasploit/PayloadTrustManager.class:SHA3-256:e2d25c8b3e43f584e198e46c2576b367f96275800a96a42fd2dc2c81059a3c41
 ./data/java/metasploit/RMILoader.class:SHA3-256:4add539548d76e0142ff5e6ccdba6ee4b21191354be1a40499cb2a745b480bee
 ./data/java/metasploit/RMIPayload.class:SHA3-256:0d3e96836a8c3591f4bc827b33c4edb0b4f505a9f17cb0bdb27a367fb71d53c3
-./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:210ad070a13d5cd32ec2dfe95fc9910df0fa23470a21fcc6d93e93ea100fc6e5
-./data/meterpreter/dump_sam.x64.dll:SHA3-256:1a0df7078309c0965bec5abfaa64983307f0b7d7576e5240b245d7752f6ece30
-./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:2926f9244f12450c35c21f69c8a9773643bc225dcf62a811e107b9763ffc5cef
-./data/meterpreter/dump_sam.x86.dll:SHA3-256:316fbf8def866355610c638d9b98a04df8e1e391a8703142530ff537658a082a
-./data/meterpreter/elevator.x64.debug.dll:SHA3-256:c726c77c374d91cbe159b675ae0d93e831a9fcc23b5136e75ae0a3d8b2e71159
-./data/meterpreter/elevator.x64.dll:SHA3-256:107ec906e21ed775c43808b2fa88cbfae05f1d9c9f6731f7182ce43856aba927
-./data/meterpreter/elevator.x86.debug.dll:SHA3-256:e03a77137fad589549e6d7acc845eb31f7077eeb65a387921b3b50a61dba988f
-./data/meterpreter/elevator.x86.dll:SHA3-256:db4d7b24eb3b8c75754f6df3820c2b0e5a9f433303d735ea5718ce461d5daee7
-./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:86cd4aae0e0820172ea8143a75f2007f35bd5b07a1c6370661730703543a7267
-./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:b32856c79b57d3ad29349c660d530adfa4c4af117ca63621575761009eac5536
-./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:9e8a105a7dd51696d67447487e10e07f7b468c556cee033babbd2e4e783d6b0a
-./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:afd4ec3557826f65c57d7ecdc781120328b7dbabcabccbe414b357aed590072c
-./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:c307139cc083a5eae712064aca67a873165c8f943b6af0f23dee09e3929ffaad
-./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:4f92b773010179756a924c42b38c2f9a160a9699e9d41853813ee3997c525ba7
-./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:a7e999d3e858251dc82f33a6466d0852fd81326b411dcd06297a8dabfa45bd4f
-./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:2b2683578077600cd4b0bf25912560a411437a10859e2e747e78129202affb7a
-./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:e432dc133cae38ee435ff5f389ddebd9ef3cd8d6c8ce5da0e38e0ef437aaa73a
-./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:b09236045935ce0da6b94aaf73e3e5c51b3692f11a267708184f70489ac8e562
-./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:b4e7bdb466e151605b4e5d0012a284cbc231704800ca45a29b9ea06d592c3f3d
-./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:a0356d0a6cb3dda0d6bb3c1245bf2ac7166a40e4567e21305b95672a214c694c
-./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:78ef2be792033d026d37d7af9b952d97a09c17128f95dab31155cc6c864633ed
-./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:b3195b67d68df83512eb36c9c3c95f7a335edb839cbd03ba0354359438523ed0
-./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:877181c0e6ab162080331383930b539c36aecd70526d939625b0a9d4b90618f5
-./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:de7bfafb59c4e6f23902471abaf74d77b09f26967df42ac9c78bee75bb4f8496
-./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:a49803f0217c57d4a3a92a3905b250d301c7d379d9560fd24dfce377fc7f423f
-./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:1b1d42b6bb01d6794afae78dea6b2d867d760d040e488167de2b7142dce928ee
-./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:408925fd63c768d36102ef857c57ace393fa41e1783bb2017b5f6278afefa18e
-./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:89af43428e57a31bd3e5f84044769318309cd5d8f005689e2ff4608cb6b628c6
-./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:9484e761b31a76a5fc288b1933822152ca08d71cf6a64445fb230089c8e728c8
-./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:4234237328b5f0f540bb93aa6ce7c6682e71ed40a944e12c9d4e01084dee5c68
-./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:ab113fba6dde79a67cc010f2633dfedb345de1a0b89fe614a2cd5e7d626ffafa
-./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:e3ffe31dc855c30b0ff5f72e240c2c08277c6d36c74a854ca9029cdb36bb282d
-./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:d2c6731da0d83fedd735d8436cb8237eb09a3f59cad41e1dfb65a6c8953dca0b
-./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:cc1388554865d38ce867685a3a803b98ad080be530ef1f6947de652fba60f273
-./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:d95569a0bafb1c66984bc79130be1a33fec9821dd131218281be0b462b118946
-./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:77a657310da3c849ae0de7c769836bdf4f332c163d346ed08162b2ac038af495
-./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:18a2e248f611d1aa544728c79bdaf4d7152261aeacf582245dfb5f8a170c76a6
-./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:3890dcf225589e36d07cc3822b63c4536618c60e1febcc8b9c5c4d3eab2515c9
-./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:bae3a83a1d568c9f14c152a3c1f9e1988437ece468b3dc20d723552178e9fda7
-./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:2dc642fa5928fd5df8074d71417bba6e650d3c8905c26134931a15a0368cb007
-./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:3224d1f57a53b1a0667c0c16959a204c31e6c525a515b9de2123163917366397
-./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:9af57b094b96f2b7c5a14fd537569c2087a2e3cf3a730df9ecd37a90dcddc811
-./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:996b53e9cf462e5389f478de5ae0315cec338f5e03e9c0ec5759095bdc074b96
-./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:2717144646b5e1e95fbc041242799c6cc3b9a9e2efca8e6b6048b4804c0d7844
-./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:7a45d68793a4c2bda635ed8bdfdf2369713aaa3a58877707c1a7dea8bb93211b
-./data/meterpreter/ext_server_python.x64.dll:SHA3-256:fc6e14e715d66e4308190a11ba623efd5346d8e52254ee527e49ab32f0373aeb
-./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:eb03bea52ab72e16d42188ca57efad2cd27a1da72a76d4986d040222ea49459f
-./data/meterpreter/ext_server_python.x86.dll:SHA3-256:41a2e5169c9e207aa561135394e0ee370868ab87213db249fa0d2bb502c22ec0
-./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:0aaa1cb3ef5b808ae490eee28e11104567710b2525ae85aa8deeb1de29610568
-./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:a7274d7490e62c3f32cdf3305fc6b269d7c010ad48b488a9b45196f3165bf9ff
-./data/meterpreter/ext_server_stdapi.jar:SHA3-256:c064899075585b124102f7015ba6d0ab8aa5e773377ebed7e69cd467d3b6aa26
-./data/meterpreter/ext_server_stdapi.php:SHA3-256:92e931e6b47caad6df4249cc263fdbe5d2975c4163f5b06963208163b7af97b5
-./data/meterpreter/ext_server_stdapi.py:SHA3-256:3ed09316bdc2038873e5a3dc42bd8d725fdb66cf93a0f87300876d1e64ce6b3c
-./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:b0f652fba54a7ce8a5cc187af7bb1248f47d2b09195dd0457413c2806531a4fc
-./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:575b89ff2ed5e5266b4fd0618e98c0fc84d5f4db9dc0717068c996447ee1bb61
-./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:c53766248a9e84f12b1b4ff2549be12516d4ae3c1a51d81b419cf94ee0f2df26
-./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:79d42a3398819bbcb0cf184f836cbec311d58080c5a32a6a0bd2dde3cafbda29
-./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:f231419e2df81147b09982c94fb1f14a81673e686aa2782b021e661bcc6439d6
-./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:cbab50027a607db6ffb67c140638ca4725c581fe8ae01da28ada826476d5c93d
-./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:8a2d4617284696696caeb9ebca41d4543126a410b9bc04f2ed05cfc009875e9a
-./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:c8fdedf8cc8e85a86acfe19d0be82bb579c02db8ace4ff3c3206e8bfc056721e
-./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:4d32b56104c7bc6197b32f9136a55def6b960c289f2899c56340630990fd2d04
-./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:5cb718650c24d821aececbbe117dc314ce9bc91aa00c5eaaead4fb36a47b3e67
-./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:f846b25220c77c22691f77c04f66f603a5117c4931224feeb7bf90029d520692
-./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:1d79d29eb081b219cdbe7d2a66b05c67049a4ea396ff49d1992ae8d390f33456
-./data/meterpreter/meterpreter.jar:SHA3-256:79b0877c2683e2760ab8dfdf723b281100f721f76cd8f0a72ff590e504a3570d
-./data/meterpreter/meterpreter.php:SHA3-256:9389b1548410438d93ce12a2e276b7b2e77046845e6fca43b419b516de3871f9
-./data/meterpreter/meterpreter.py:SHA3-256:a4ed4d3bb4c28c208a3f00453ccd1c50bb958cc8c20905599e7ba40a3259dba5
-./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:f81fa482712bf8255ea3bef05b4882689f7a3c3d6b14acfd0f1c9a4b4e26cd2f
-./data/meterpreter/metsrv.x64.dll:SHA3-256:9e1ecec54a771d25398d73f2d5dfa431d5dfb660c0ebef7add1064435b0a26bc
-./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:106c7fcdb081c7a974efd027a407ebd5e3d9cc2daa1e6d66bab8827ed43197ee
-./data/meterpreter/metsrv.x86.dll:SHA3-256:850a4f9ebaaf93009c5a1be03d0820f61614eb773779ca62a0acb90af0c196d3
-./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:5cf51eb791a3989b384ae9588fea28ae48065217a7b668076c8a1bb4d724bf9e
-./data/meterpreter/screenshot.x64.dll:SHA3-256:b00baa223f43463d7f1c75aa511fd685e643b72a1ba1e03c08eaf973bfcd76ee
-./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:31410b67a47714fc52abab54b168cba2ef8753d6c6de9985c67a9e116c60d36a
-./data/meterpreter/screenshot.x86.dll:SHA3-256:b74544725f34d13b065c2364d4d75e07292c848b006e05a0122c4d1ac1ca8555
+./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:1b50289c287fe2c873351c32c53b51befcdef5d89d2269d5467a4d81bc7b8bf1
+./data/meterpreter/dump_sam.x64.dll:SHA3-256:7673e1fdde2f8e9b6b959f6732910b57a2ef847f66a773ac1c2021192d57b9bd
+./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:e7dc554fa30ab83302b2a874b14dad384ca1c2a90c1b29154f6a2b335933e8e4
+./data/meterpreter/dump_sam.x86.dll:SHA3-256:397d84181bfd1adfe718110694f8c97ad392acf8e105761a48fbb92c7c01c370
+./data/meterpreter/elevator.x64.debug.dll:SHA3-256:f14321c1000e03773c11fb45be0c133a0392b712865ea910710812a0854b2574
+./data/meterpreter/elevator.x64.dll:SHA3-256:f8a0f9778087d351440f02cbed6dd5b1342ed2d5f0a3bb7448f7a28fd694a34b
+./data/meterpreter/elevator.x86.debug.dll:SHA3-256:3f96ad4185694eacaeead1019dcba1f998b11fe63a9a8fcb6a2306b3c14bf1b6
+./data/meterpreter/elevator.x86.dll:SHA3-256:1361a53c8fe294276863f57f9fc35ef5caa5a68b65d6cd5c5bcd4d800fed18a8
+./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:edad1246bb093ff15e648e8a0f34cfa6962366f3ee3518c360c12062a3a3a120
+./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:50cbb8ff069e9472cdd3863be84726aab85993cebe14684d72ddae89dd0de0ea
+./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:4911238652687df38bb9d7656f3c1ee907b033bb45f204f2e0c8945db18e082b
+./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:ab980948f16007c49c28a2d000ce887cc61b6c64b362b4171dcf662112f1f737
+./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:6c316e5b6b7d995c7b352017224ffc98f270d2eb2033f7a2d93900e1d53f4c2a
+./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:de80aa1fa67d231c8a9e8b801f68f6a66c1ae02c3c8c7c0acdd5c9e03f13886a
+./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:40b23ce3514bd1a0962b495d638628b473233ae2021d7cfffd03766939e68991
+./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:6fb00120c3f04fb1dd7b07fa2d92d01736cd1fe6f2d78cb4c3548e239b2135b4
+./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:ba7435a5b127ea5c060ef1ef32669d14b141db68c698dedd15824e46c3e7d6fa
+./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:9796e479bf4391a1061f7f1760a08e6fa06d493590f33590c086d9222a30460c
+./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:3a196fe8b50a02a52f713b18ba748972a8d3fffd006bc8f3e4efb33096b1c450
+./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:c670c0ca0570c1e42c33605ade7c7d25017cff6f86f6acdde3369d1ac64962be
+./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:4904401448a5a48d82f07f81d9518d7757bc1af92df40bbd36c19a4b9adfd540
+./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:7e960f041d57525789c9b5c3703b20afeca9d7ebb7c07b43c89435d756f091f1
+./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:d39d047e5d2014af67440fb76a5592631e04fd67d7c49290f427ea10f11fe8e8
+./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:8140e30a3ca5478956a0a87c99e10910d4ebec64ba5c194ced4ac35aa34d2bd8
+./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:ce993f4cc04334e71ae52124b335e09ab0a6405ce56ef6ac2e259ea3c5b2b7f9
+./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:b1dc0ee9c7d24375d1f851360749b1d71b751e668ea0754242d9d331f50fb11c
+./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:76ac90c1a31116a061e4cfd4e5d181b68f8adf6f02403437a9619f0ff59a0ae4
+./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:923ca0a4b808eedd9140e5d148d82f2e3c340288d7a9d1e204ccf3d8e92865ba
+./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:8a88d7c368e99178dc697cff695103ee01447778f891c142b2cba1b760428be8
+./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:2ef84406c557954049ed2a3c98719ebd5ef1b89a083ebca633723da839310116
+./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:cf84a63a407a4c2e59d34c89d5eb43a5be26315b174264682bcea86c354be67b
+./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:3325eb7bb36541b3d2e81c8831415817f422ed556530561aa9eb80606b6d4014
+./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:7925a9e4a9bbf3d4114896692811f98c110b308b8657cb25cca1e4cebed90761
+./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:9992d49ea92d4884712476eeafdee6015c1f9e72dfbd4bf978e7dc90651227b8
+./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:00b0a34ff67d37a127ec5ec1a730fe7d23491033e1ea80b6bab2e8b6c925ae44
+./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:7d08b920979a446dc2aa342cc81fd4fc3096bebeb146397a1a7e1ddd4d1e0d7f
+./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:0204749de3bcd3bfbfaa3a8581f9554f59c4e11633ed957200ea4bf9cb4f63ec
+./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:97edced1c66c0e05e23d294fdffe988bd90e41af53ad52f12e16b89a831e66e5
+./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:7455d9c25ec3c0f0423e0613ad81a70fcd3e515170bd6dde3f625998d914f0df
+./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:56f5aa376f595c5a2724b19aeb33c7f116dbfaa93f97be71569cf3805f5420c4
+./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:2938399e2b3a439596aa369655c1c763ad71709fa949b811a556c0e064c89472
+./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:d8d085b711238e01b8812e61b796380ce9951aebd60a03995a6d53f241fae939
+./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:e8cbd12640f991a293960e10c2815ae2c3e4e069220d4982ec69c8b522522f98
+./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:fed2a5973b56d37ffbca5c9ed5b39765c5198c27a4ca6b60e40c7ed446a773c0
+./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:d435396016805ad7576247d763da2666b1c8b4cab56c692eb9b08d245067ab7e
+./data/meterpreter/ext_server_python.x64.dll:SHA3-256:ae7f96bc4424546ad33d145d42a211abab0f2703bf5e2130e924511cf2b27683
+./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:9ea21f78bdfd74c4b9c358706aea5f60a27681c87a8f213558d2d629eae45639
+./data/meterpreter/ext_server_python.x86.dll:SHA3-256:1876a7c41d0e6e54890234d94f33ac8b0eec4c6d039a4e180829acef91b0bb24
+./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:d0c2310a1819c758735bb147c172a4d6eef208aecfe7da230d92134a1f6069fe
+./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:e01a547704ee10a864552d786eb9fcb3fa749bcc89a00a28d531c2a4ed4a23a2
+./data/meterpreter/ext_server_stdapi.jar:SHA3-256:1b0f9989d196b5e01c9bdf8bf2b5f7a6905bd454c2d9cb19be16ab1f23690f89
+./data/meterpreter/ext_server_stdapi.php:SHA3-256:405f79d15b270baa012f1d2875b6d26abdb987401ca0321ca027e8ab0d5ef28d
+./data/meterpreter/ext_server_stdapi.py:SHA3-256:752606a378d2da68d1be8e8c01389f04505c1f2bcce38be43e0deab675794592
+./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:522e3c08e047ba338cec960858fbb9f2d870cb340f07169e0a2ac52914f44e1a
+./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:cf4a1021e9a08f1551782e40bdbfe392808e90f5342c91c1351c4c22c6f9e7a6
+./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:b34986f5faafdc1a6a396658b635aa58511bcfd88cfe2737bb827ee26458217b
+./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:44ff32cd9bf1a975e5bdde3f4e50919f0921ef1843bc8a03e97c02b7c86e8271
+./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:5f86d7c1c26f5020b0c28f93a617444b69b4438938e98b8a7f3af5e9db4dadd4
+./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:f6f11b2fa8bab705bcd1dde11fab842cc9764e4033cf907328da7b10d823453c
+./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:de1477c3001b84405e2126e0562c3a6f849916f56e1c57293b1028633857fd66
+./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:9f9461c65692e409c894f683df23881cf768eb03a2f7050334764734d498dbf2
+./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:3550e85b4c360ab8b86f82b8b7ca881ec275604fbec8902d217b73f0f0162c7b
+./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:ba12dd560f52a395b35f1ced2f0c574c511f0594dffe011ff8ae9fc6ea19da96
+./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:62c18cb8b4607dd429579189e28bd536988a0d36670eaa022a05553d3e153f1d
+./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:37dcb722ff83dd7e81a530d904650b09dccfe35bc06d8fc2dc541d4170e187fe
+./data/meterpreter/meterpreter.jar:SHA3-256:f9103d8aaf5053ebe1a52c0fb1e9f3ba5fdcac70bfee1ba95b9681c910e95244
+./data/meterpreter/meterpreter.php:SHA3-256:5de0fa5a38305c9fde9f2617df0a96f669cd7a9bb8b4bba6885a6413eb6779b6
+./data/meterpreter/meterpreter.py:SHA3-256:eb979cb8e4743c33a44731218b9ef9bff02967f0384c828465aa8cfc41f66e15
+./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:3d20b525b167d14795c79b2eea3979ac786e72c082d264f9710e6f3538224bb9
+./data/meterpreter/metsrv.x64.dll:SHA3-256:3077be156a95b6879090be6de3da19799bbe0faf6b677103ecfcaf434fb9ee9d
+./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:b8ba7de8092a878257ba4170c6dea8f6999799188c38ea5336450246e56ce122
+./data/meterpreter/metsrv.x86.dll:SHA3-256:88cb2e4fcd315fd653771a134ab4998182bd6016f55257afe321d7776fb44e35
+./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:484e2e1731fdf3f26ea1549bd3dd67c407a47307126d4536e536f4dd54ac9d67
+./data/meterpreter/screenshot.x64.dll:SHA3-256:8c32d12fc7f29e8dd739cde403a43194c019babe6cd032f2fa2610985d032b04
+./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:7800a03f8fde4f8d9622b9e966f9574a2ef69f95dac5c9695618c387e42b64fa
+./data/meterpreter/screenshot.x86.dll:SHA3-256:f2add9214cfe5900a3143fd01f7e5e91b81e473cdc86cef90411bb9178942a44

data/manifest.uuid

@@ -1 +1 @@
-70cc90c25d23f0b4c91f1377e4f12535cff1a2d7e70768f79c547ee0ef5c70d9
+c5bde707a441e23e5a09d03d9afcd2af301c243166308be3c93e0511a7d49a66

data/spec/metasploit_payloads/crypto_spec.rb

@@ -0,0 +1,22 @@
+require 'spec_helper'
+require 'metasploit-payloads'
+
+RSpec.describe ::MetasploitPayloads::Crypto do
+  describe '#encrypt' do
+    let(:encrypted_header) { ::MetasploitPayloads::Crypto::ENCRYPTED_PAYLOAD_HEADER }
+    let(:plaintext) { "Hello World!".b }
+    let(:ciphertext) { encrypted_header + "\x89:^r\xC1\xC9\xD9\xA1\xDC\xEB\xBFm".b }
+
+    it 'can encrypt plaintext' do
+      expect(described_class.encrypt(plaintext: plaintext)).to eq ciphertext
+    end
+
+    it 'can decrypt ciphertext' do
+      expect(described_class.decrypt(ciphertext: ciphertext)).to eq plaintext
+    end
+
+    it 'is idempotent' do
+      expect(described_class.decrypt(ciphertext: described_class.encrypt(plaintext: plaintext))).to eq plaintext
+    end
+  end
+end

data/spec/metasploit_payloads/metasploit_payloads_spec.rb

@@ -246,4 +246,34 @@ RSpec.describe ::MetasploitPayloads do
       end
     end
   end
+
+  describe '#read' do
+    let(:encrypted_header) { 'encrypted_payload_chacha20_v1' }
+    let(:raw_file) { { name: 'meterpreter.py', contents: 'sample_file_contents' } }
+    # ChaCha20 encrypted contents
+    let(:encrypted_contents) { "gg\xB7R\x96\xA00\x84\xC4\xBF5\x1D\xDBG6J\n\x86\x06\xF1" }
+    let(:encrypted_file) { { name: raw_file[:name], contents: encrypted_header + encrypted_contents } }
+
+    before :each do
+      allow(::MetasploitPayloads).to receive(:path).and_call_original
+      allow(::MetasploitPayloads).to receive(:path).with([encrypted_file[:name]]).and_return(encrypted_file[:name])
+      allow(::MetasploitPayloads).to receive(:path).with([raw_file[:name]]).and_return(raw_file[:name])
+
+      allow(::File).to receive(:binread).and_call_original
+      allow(::File).to receive(:binread).with(encrypted_file[:name]).and_return(encrypted_file[:contents])
+      allow(::File).to receive(:binread).with(raw_file[:name]).and_return(raw_file[:contents])
+    end
+
+    context 'an encrypted file' do
+      it 'returns plain-text file contents' do
+        expect(subject.read(encrypted_file[:name])).to eq(raw_file[:contents])
+      end
+    end
+
+    context 'a plain-text file' do
+      it 'returns plain-text file contents' do
+        expect(subject.read(raw_file[:name])).to eq(raw_file[:contents])
+      end
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.156
+  version: 2.0.157
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2023-10-11 00:00:00.000000000 Z
+date: 2023-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -240,11 +240,13 @@ files:
 - data/meterpreter/screenshot.x86.debug.dll
 - data/meterpreter/screenshot.x86.dll
 - lib/metasploit-payloads.rb
+- lib/metasploit-payloads/crypto.rb
 - lib/metasploit-payloads/error.rb
 - lib/metasploit-payloads/version.rb
 - manifest
 - manifest.uuid
 - metasploit-payloads.gemspec
+- spec/metasploit_payloads/crypto_spec.rb
 - spec/metasploit_payloads/metasploit_payloads_spec.rb
 - spec/spec_helper.rb
 homepage: http://www.metasploit.com