metasploit-payloads 2.0.158 → 2.0.159

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1fa9221a85e2591eab9dab6309317996ccd631d0f2c576f5cdf62e2869e01517
-  data.tar.gz: cb87dba217909cedccf0c296c9e9e05a71dc8b09b67843b00075ead98f17e6b2
+  metadata.gz: 261c1e7f88ff13796e06b445efe261dd46d7e1259eeabb9227d3d6dff5dab03a
+  data.tar.gz: 66b1a298e8e8e9f2829d19634dd5ecb63a66d730975ac633c3ffdfd3668c927e
 SHA512:
-  metadata.gz: c15c7decd13d472b4953e53772876aa378e66317e7d4994b1aaa224de45186987067da73e81aaa6a138607dc342643fae3a826605a2c1eb3458b3b8de37de47d
-  data.tar.gz: e6a66ad7b89298fbd2e405b4bde4dd352fc03ad7e87ff6773e326bf0b9fbfa3a57d532238f3673c9bd9ca5fe451c61f045cb4f383115ff32b945fa9edbbd4d1d
+  metadata.gz: a04ef0b9d19ad46176abf850a006aee42be33fdbe358560a986df6e0607810692be8f635ea221d0f13c8963a7953876baeaa265d83e016ea018d4cb0dac87462
+  data.tar.gz: 787ad858e2bb6ba5bebe8cd234e2ea5b159fa1997ed57305ed09cf0e58734008e6d1289797a3a9b94ca010cd9673b496275c7ba497dec5d1f70c59035f2eda8c

data/data/java/metasploit/JMXPayloadMBean.class

@@ -1,2 +1,2 @@
-msf


���������L��F�hw��yf�����V�7�@Y�����92Fu��멲%*��#H�A��37��A ��q�������J��P�O_�~^
-x[�
+msf

��C�!x_����GL���1`S���x�E����
+g����qu�@�m������6�;@�g}��a#8n�p�Ѧ �촅��Ѐ55��i��P�L@� u�
,O|���o����sJի|��y5Z<$?���O�W+�j�CY��ad8[k�
��m���4ǒ�Y`g���O4

data/lib/metasploit-payloads/crypto.rb

@@ -3,25 +3,42 @@ require 'openssl'
 module MetasploitPayloads
   module Crypto
     CIPHERS = {
-      chacha20: {
+      1 => {
         name: 'chacha20'.b,
-        version: 1,
-        iv: {
-          value: "\x52\x25\xd7\xab\x52\x8f\x3f\xf8\x94\x97\x08\x42\x33\xb9\xd3\xb6".b, # 16 bytes
-          version: 1
+        version: { iv: 1, key: 1 },
+        ivs: {
+          1 => {
+            value: "\x52\x25\xd7\xab\x52\x8f\x3f\xf8\x94\x97\x08\x42\x33\xb9\xd3\xb6".b # 16 bytes
+          }
         },
-        key: {
-          value: "\x28\x39\x97\x4c\x95\x11\x9d\x42\x6c\x8b\xff\x43\x3e\x5d\x3c\x33\x1b\x95\xd3\xea\xeb\xc9\xae\x71\x0a\x36\xe7\x98\x3d\x9d\x09\x52".b, # 32 bytes
-          version: 1
+        keys: {
+          1 => {
+            value: "\x28\x39\x97\x4c\x95\x11\x9d\x42\x6c\x8b\xff\x43\x3e\x5d\x3c\x33\x1b\x95\xd3\xea\xeb\xc9\xae\x71\x0a\x36\xe7\x98\x3d\x9d\x09\x52".b, # 32 bytes
+          }
+        }
+      },
+      2 => {
+        name: 'aes-256-cbc'.b,
+        version: { iv: 1, key: 1 },
+        ivs: {
+          1 => {
+            value: "\x3c\x09\x85\x95\x19\x09\x10\xff\x76\xf0\x48\xf7\x21\x1a\x5c\x59".b, # 16 bytes
+          }
+        },
+        keys: {
+          1 => {
+            value: "\x01\x93\x90\xfb\x84\xcd\x70\x16\x90\x1d\xc6\xf4\xf2\xfd\xcf\x59\xc4\x9c\x26\x35\x29\x67\x8c\x2d\x17\xb9\x35\xcb\x7d\xb0\x88\x7a".b, # 32 bytes
+          }
         }
       }
     }.freeze
-    CURRENT_CIPHER = CIPHERS[:chacha20]
-    CIPHER_VERSION = CURRENT_CIPHER[:version]
-    KEY_VERSION = CURRENT_CIPHER[:key][:version]
-    IV_VERSION = CURRENT_CIPHER[:iv][:version]
+    CIPHER_VERSION = 2
+    CURRENT_CIPHER = CIPHERS[CIPHER_VERSION]
+    KEY_VERSION = CURRENT_CIPHER[:version][:key]
+    IV_VERSION = CURRENT_CIPHER[:version][:iv]
+
     # Binary String, unsigned char, unsigned char, unsigned char
-    ENCRYPTED_PAYLOAD_HEADER = ['msf', CIPHER_VERSION, IV_VERSION, KEY_VERSION].pack('A*CCC')
+    ENCRYPTED_PAYLOAD_HEADER = ['msf', CIPHER_VERSION, IV_VERSION, KEY_VERSION].pack('A*CCC').freeze
 
     private_constant :CIPHERS
     private_constant :CURRENT_CIPHER
@@ -35,8 +52,8 @@ module MetasploitPayloads
       cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])
 
       cipher.encrypt
-      cipher.iv = CURRENT_CIPHER[:iv][:value]
-      cipher.key = CURRENT_CIPHER[:key][:value]
+      cipher.iv = CURRENT_CIPHER[:ivs][IV_VERSION][:value]
+      cipher.key = CURRENT_CIPHER[:keys][KEY_VERSION][:value]
 
       output = ENCRYPTED_PAYLOAD_HEADER.dup
       output << cipher.update(plaintext)
@@ -48,14 +65,23 @@ module MetasploitPayloads
     def self.decrypt(ciphertext: '')
       raise ::ArgumentError, 'Unable to decrypt ciphertext: ' << ciphertext, caller unless ciphertext.to_s
 
-      cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])
+      return ciphertext unless ciphertext.start_with?('msf'.b)
+
+      # Use the correct algorithm based on the version in the header
+      msf_header, cipher_version, iv_version, key_version = ciphertext.unpack('A3CCC')
+
+      current_cipher = CIPHERS[cipher_version]
+      cipher = ::OpenSSL::Cipher.new(current_cipher[:name])
+      iv = current_cipher[:ivs][iv_version][:value]
+      key = current_cipher[:keys][key_version][:value]
 
       cipher.decrypt
-      cipher.iv = CURRENT_CIPHER[:iv][:value]
-      cipher.key = CURRENT_CIPHER[:key][:value]
+      cipher.iv = iv
+      cipher.key = key
 
-      # Remove encrypted header if present
-      ciphertext = ciphertext.sub(ENCRYPTED_PAYLOAD_HEADER, '')
+      header = [msf_header, cipher_version, iv_version, key_version].pack('A*CCC').b
+      # Remove encrypted header
+      ciphertext = ciphertext.sub(header, '')
 
       output = cipher.update(ciphertext)
       output << cipher.final

data/lib/metasploit-payloads/version.rb

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.158'
+  VERSION = '2.0.159'
 
   def self.version
     VERSION

data/lib/metasploit-payloads.rb

@@ -154,9 +154,6 @@ module MetasploitPayloads
       raise e
     end
 
-    encrypted_file = file_contents.start_with?(Crypto::ENCRYPTED_PAYLOAD_HEADER)
-    return file_contents unless encrypted_file
-
     Crypto.decrypt(ciphertext: file_contents)
   end
 

data/manifest

@@ -1,97 +1,97 @@
-./data/android/apk/AndroidManifest.xml:SHA3-256:7840cf2362a585c08443473d1088c173153440dcc34c3f33a7b26b4c7f63993d
-./data/android/apk/classes.dex:SHA3-256:79ea58d8048f53964fda2e6b074e4d7cd91895d5372e608bba8efa7bb8f4f927
-./data/android/apk/resources.arsc:SHA3-256:33b8f83a96ea99006deabf174315933770223dc9f3aa0fee11d2713a82cef9c2
-./data/android/meterpreter.dex:SHA3-256:b905c212e2aae1291cae39fff63e8108936e0b4ebd12de419df7b0cd96c7bbe2
-./data/android/meterpreter.jar:SHA3-256:d355fd28b29545a9eaed5be86b17b31f4dd2d081263cb0341da6556c513f1974
-./data/android/metstage.jar:SHA3-256:b87fe4caf3494e15b6bbd954772e8963a5caf16ccda56fe827cffcc21cffac4b
-./data/android/shell.jar:SHA3-256:535a06f8e1f320ed8677e1d97b86a90157e28821631c2c0b0706e17608bf7ec7
-./data/java/com/metasploit/meterpreter/JarFileClassLoader.class:SHA3-256:c0565db516427155e818c93338a48c5e9b2863d1c78f67e7aed910f530fb3cd5
-./data/java/javapayload/stage/Meterpreter.class:SHA3-256:cb82de46d567072f15768ef33b78dc69e8dfe841100d2828138aa090eddbf957
-./data/java/javapayload/stage/Shell.class:SHA3-256:1f6fe1a4a8b43432635e9b88174b493b0d99ee30207f1b5a1f2cac941286cdac
-./data/java/javapayload/stage/Stage.class:SHA3-256:523e88dbd0ec8eb3fb643a7645634eda25ab868498d6f4df344c5d1c7a7f088e
-./data/java/javapayload/stage/StreamForwarder.class:SHA3-256:52e4340d05e222172c691ccf4a5254a924351b3c9c2a23300734304bc09d4a4e
-./data/java/metasploit/AESEncryption.class:SHA3-256:79e8b020c485365820f88cc6b56b72856470a7e87791e34fed4e89fc50087b09
-./data/java/metasploit/JMXPayload.class:SHA3-256:fc5ebb5232145099180c968111eeb7dc87720ecdf7d7537510e5c7cf2cfb24ee
-./data/java/metasploit/JMXPayloadMBean.class:SHA3-256:5c5a727171d4f01d81f3577e0a1e8a09acfe40e3cbf5b6154ee1ec453f429161
-./data/java/metasploit/Payload.class:SHA3-256:eaad07fd25db8e1befd644f50b542f19c4f26615b4e65149105070695d82157a
-./data/java/metasploit/PayloadServlet.class:SHA3-256:e3ae5fa9f9335f0acf53f6767fb7a9e5623300d3717a47604feef67e8493e530
-./data/java/metasploit/PayloadTrustManager.class:SHA3-256:ca554af859554552a58e30c26fd91423e0a8e4a28d798c57607dd33896eb6623
-./data/java/metasploit/RMILoader.class:SHA3-256:dafa8e46003791bef91734eec2693cb19d5ed86688af9127e1698d526a0da9a9
-./data/java/metasploit/RMIPayload.class:SHA3-256:ff5dbf1ab4ac01408db958b7dd802be2f08d23c14552a7f51401ff62f366422b
-./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:6754c7febcb0d03b0ef15dc99815df0fa542b60c0d78bd86e2ec0375404c46f5
-./data/meterpreter/dump_sam.x64.dll:SHA3-256:325bb11a670424a0a2f738fd65e320f029792b22f03430a0d7c383de7e082539
-./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:b85081c3332be5be84cd74f7cd22d0e81951198563d408559ca6f4e3ffb345ca
-./data/meterpreter/dump_sam.x86.dll:SHA3-256:8ca4e23a18c1b827290bb6bc03c64c28f4df7167f04135923345bf8f07035b03
-./data/meterpreter/elevator.x64.debug.dll:SHA3-256:a4ff3c6e4bb276009c2d391166e8843d58221bd61c3ab967264ef8d4665c0284
-./data/meterpreter/elevator.x64.dll:SHA3-256:6987bcb06d77a32691a4222afb19e091e4b71b8afdddf8e931cbdd39b1655200
-./data/meterpreter/elevator.x86.debug.dll:SHA3-256:26aa25fb3b4d80d8a7bdd0d214bbe08daf942a566c4955e89819490ac6329002
-./data/meterpreter/elevator.x86.dll:SHA3-256:d25c174430d88356fb38acbe5f1a918b86dca7d82ac6f824979b089a39d77aa8
-./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:447c3f59849f8f2d169b3be04bf13c5c154d53cf5f917e0c03d1025352304988
-./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:6352e3a5030417f7b1c497a003cbb8e9b74cd9556c7ea011619f973889fc9ec6
-./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:9330aac1edf6e87cbd600c2b2ee44f7187a91b1cfc72bbf8a1d45e5fc15d9cf5
-./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:644d8c8eeb4ceaee530dbd7d04379068af398eab7a8c2647721b58f32455fa94
-./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:02e2a550c9d7fc2ba3fd996cef03d5f55b6676900934b32e0d80da4f56786e7a
-./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:213be244f651604164f2c2fda3c9df320099c99740194f575b12db8394a03cb7
-./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:93a5f0a8d1f4487cfd924d15a0ed37e696e1f06a2db31818a13d4e70febbcd25
-./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:ac965a7c8f7a4ee9171bc7b66f4fb6bc355e379fc204188746eb77aff9f881dd
-./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:4ca236199c2858f7f73e65addc794be1907f63cfd0e5fa9b76af9e980859f34b
-./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:ba4c960ab497e940abee379fbf876fe6268ff3a3052d84a83b3188e54aa3953d
-./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:83a102450e21bd93ea3ab5b9e39f3cfe167585247af0fa9841c089c9fd38a6a5
-./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:d444bb4b044a666f40d95db98075eca80f39b7c07edb77b43b97507d3c798aad
-./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:354de8eb185bd8baf56d9849c63a7154981529b3b96cd46bac871516975065f3
-./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:391394c882e2b83a73615be7684d4a7c6b50a28ac17ee01702bd3a8c1ec88927
-./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:08cccbac96da86527a71915e8248821bc1223cf966715f7be08666a8a1d8c263
-./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:e6a0fbeaef44f93c8d9255b713213967ea37d97acf32237cee020bd0b43f7683
-./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:616caa2df3a5254fef7cf7320d5ea5471c93e4f1ea1753393a00e51b33a639d9
-./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:83676ac9b1b5737e550e763ec5d75771f48aeec46968085aa0ffc36d9240ad7a
-./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:f35c33f85b0a7ef133168d88eda99f387569be0691a2c0d1c35e74204058bf91
-./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:4ddb5b71c2c6ad1bbef5f70a51a72d7c994b75649650c3fa1d9ae6db3fb251ac
-./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:759fd8cdb2e3b983c1b4533efeb48889a7150253fd72745f0fbb3dbcbf681745
-./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:caefffcd6239affbb39b6479185fa115d8c61a4512a4dcf72f257948a0359c23
-./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:75382e26f6510355504c0d641564e4a73dd077607812845fd8eab4dc16f2bb9f
-./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:195ed2bbb501e058ff2384150993319a96cc78aa1b1a70f2c796c59dc5f6c3b9
-./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:ca7eb8aedf03a8359655017c54f43461ba2c57bfee4d523018713cf3a8febb20
-./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:de213f9e96fdec46aa7718e9fb3b55ba0698efdfed34b6838af690f3abad17e8
-./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:ad2a4a388cc6f7af7356178543a61781399695348f64fc702b0a88c0cc7802a6
-./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:ad3bbeca797e879d8a23a7f14fbe949c8262b51cd91a2b20cf65dea01fc90879
-./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:1ea8b483d269725a3c126d60ea2da254c3557c8b72a01f1be947711c0796cbda
-./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:7bf3d98cead48716bde4763d3f956c3490bd9e8604e30c8253cd3bc7530de3b9
-./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:072ac649894fd570f1c37284eccab0c0a58f4adea9f4aad06965fef40ff1a5cb
-./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:65ed5569cf48934515004e6082525bd97dbe56ea6c528b4e349009485e3cf6fe
-./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:b4e6327d7c762c89bea367952d24dde65207d04e58ff3c3803b9e491c781ad3f
-./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:9379d35c137ef8911b962ab503f1ef394ebdbb46d8d03196f8e57cee24587456
-./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:6c477af2aa7251517cc32f78c788fca77bb8072b096ac0ed341a2d5349934d63
-./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:f8af77b54a67c9e945f46070d8840b212967a9d763ee964671f4568871690c69
-./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:2e8c8c8896397c686fa63b3658986d498884f835776c3bb53425f503ba691e43
-./data/meterpreter/ext_server_python.x64.dll:SHA3-256:eaaf729f678744602ca90319d78fb5b40939d8b11876cd243cd75c0f22bdb38e
-./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:44e8de6f8b3de8b574e25f9476a83d9fa86e4c7706b7d9015c625726a08d9f7e
-./data/meterpreter/ext_server_python.x86.dll:SHA3-256:61988ded99dca844f5a9b456c70f6a2ddd4c090ebb049203f1c3d2a378b0f1e5
-./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:d2b79ecd70e482537c6d567b638a735ac558572b76989687649f5180be139de7
-./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:7459e98adc4b3c499fcfedeff5fb6dd20c5d28f089dd9e523f004ed276b5ec31
-./data/meterpreter/ext_server_stdapi.jar:SHA3-256:1b0f9989d196b5e01c9bdf8bf2b5f7a6905bd454c2d9cb19be16ab1f23690f89
-./data/meterpreter/ext_server_stdapi.php:SHA3-256:405f79d15b270baa012f1d2875b6d26abdb987401ca0321ca027e8ab0d5ef28d
-./data/meterpreter/ext_server_stdapi.py:SHA3-256:752606a378d2da68d1be8e8c01389f04505c1f2bcce38be43e0deab675794592
-./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:8d8b0c4a582ae0c68dabce0cd737a5248a30d83dae9144e0bc9eeb0bd191ad66
-./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:b7be52b28dbad0e4a7e2f92d5ae5bb1524c3cf0aa067dfe97b5db5feab4b6dfd
-./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:ba2d387df9e0c7167d66c5e35052e86a7772138c41c2fb1fec3c92f93ef7aac1
-./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:29da7c51a97281ce3922eceb559016724a9b8533412e4dc2ec5a6c0636629604
-./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:26378dacb381a28fe9e595a1b5fd572086214920224385c8f3dc4cd819d8dbd6
-./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:a4fa483f59dbeb43cab92069480b3f7dd48d86eb6debbbce3babc40fa5a1eb69
-./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:f04c293495daf9eac22915651b9661bee67aaa12319c5bb566e4d9e92b2dad55
-./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:efcc529d3b5b98d6a1d9c8414922fc6699e87fde41e6fa50092be76bb5526f3c
-./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:b8d32c50d4efaf28a05d834e9f248495aba56270311a220436b931c8befa68de
-./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:c59284a53ed2883ade5b8cae76065a7c2e39fec2da695bf20495ca0597d47116
-./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:4a6fc66c6437274d0b639ec9310e0b9eac0ec192b445f15a88871b35d5754c62
-./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:e3bcf3692f88b45168f0e00cd28e69c9800edb0fa127892fe5bdc835a228a0bf
-./data/meterpreter/meterpreter.jar:SHA3-256:f9103d8aaf5053ebe1a52c0fb1e9f3ba5fdcac70bfee1ba95b9681c910e95244
-./data/meterpreter/meterpreter.php:SHA3-256:5de0fa5a38305c9fde9f2617df0a96f669cd7a9bb8b4bba6885a6413eb6779b6
-./data/meterpreter/meterpreter.py:SHA3-256:eb979cb8e4743c33a44731218b9ef9bff02967f0384c828465aa8cfc41f66e15
-./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:9b551ac393f9be4f17086084684cad16a8b429a470643b3e78413524a8c7008a
-./data/meterpreter/metsrv.x64.dll:SHA3-256:23469b8f7b5243505c56aee382851a24af659bc6745a41761e43f3554b8a6a32
-./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:dfff236bf37f0df80cd73d42a036bd066f818866408a29f901cfc1d26e05df7f
-./data/meterpreter/metsrv.x86.dll:SHA3-256:9181b3a2671397560e092d55831a638343338d6d08e6c875afa62a27205fa9a8
-./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:b4179caf48aecaf9583556159cc07d5bb22217a64eb484580bed25ac7602e0f8
-./data/meterpreter/screenshot.x64.dll:SHA3-256:ea7482255a6b05a8935f5d8f3f7089cf0e5e0eb0d0a287ed4db327e9f4381d55
-./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:6a35f58ffc39c63f442f793442ced5bf52624166b355373e6bbc921e61dc01dd
-./data/meterpreter/screenshot.x86.dll:SHA3-256:6c91c4a9d1beaa3b41dc5053bb3534213deeb84373cdaa948ed93fa00b4b391b
-./data/meterpreter/tests/test_ext_server_stdapi.py:SHA3-256:80d2f7a0f3fc80ad429e33d9b1afb22e230c3a2da559f8e9ebf11cba26d575f7
+./data/android/apk/AndroidManifest.xml:SHA3-256:fcb403d3d5b26549c005439fef350556fcf0a20cb42a47a88fdf04197b7dbfcf
+./data/android/apk/classes.dex:SHA3-256:849d029644c4f8f12c31fc99e8ce7ac8ee0c9c662b23ad7af9b7b5f9e7f2813d
+./data/android/apk/resources.arsc:SHA3-256:49dabd887dc531fa115bf24f41d781d75bb861cd9ba428c3dc412f2f37904eb8
+./data/android/meterpreter.dex:SHA3-256:a261df94559b5f3f247ebca2c9f72a533d841c9f7781c73012f4efc223c5b4ce
+./data/android/meterpreter.jar:SHA3-256:3ef8a63feb2c60de5bf39fdf1c1ed86b2249c2775f40ba35d577f40005abc95e
+./data/android/metstage.jar:SHA3-256:078e96da70afe731a201e4e2503cd42e1213f9daa6ce87a0698d3b92779ceb09
+./data/android/shell.jar:SHA3-256:b1bdce2b3e83ec9aa24efa98abdcdce4f9358dc7d5ed97e85c73705448020314
+./data/java/com/metasploit/meterpreter/JarFileClassLoader.class:SHA3-256:bdae282b49898aca36d20eb9988daf4aa01ea4f9ef8c90670dea8ad7a32bb8af
+./data/java/javapayload/stage/Meterpreter.class:SHA3-256:6fef1b6098679210652f242413da85ada029f66103bb917feae1a10bb1947c4b
+./data/java/javapayload/stage/Shell.class:SHA3-256:b69d2e843427ba82a2873eaf2490e7908964d5e532a95f2d8a0d434c26f26e8c
+./data/java/javapayload/stage/Stage.class:SHA3-256:40ef20fdd3cc39303de2bee29da1e96a897f2c051593b5029e537e9ae9f9bcae
+./data/java/javapayload/stage/StreamForwarder.class:SHA3-256:583af5855f71ec8c78d1c6b48a1e85e8c1cad98d2f6a36e85a3350f39a4de467
+./data/java/metasploit/AESEncryption.class:SHA3-256:c65fb61bce03b76d6b3c94bed667e0bb2c044b5cc43ebdde9e3802ec3024a3bc
+./data/java/metasploit/JMXPayload.class:SHA3-256:a3df34eaaf1138a5130ca9eee636f5eeaa91fd5e2afd3ce5462d1c73d1d0619e
+./data/java/metasploit/JMXPayloadMBean.class:SHA3-256:b0f51ecafc48c7666d0d30ac0d55ddff4a45e358b9a13ff7a0fb787a3e11c10a
+./data/java/metasploit/Payload.class:SHA3-256:2ce34ee17367aa0e9bf32c965236cc0f6983400428499480d4cdeeb6c6095e8b
+./data/java/metasploit/PayloadServlet.class:SHA3-256:abd977f884c12dc9ac1694410c43821e2a130c7472ea12dddd6657bee6c30a20
+./data/java/metasploit/PayloadTrustManager.class:SHA3-256:989906cd26c6a91fa6c5d4f9c080408c9ad140214e22ab58888c095b5d281637
+./data/java/metasploit/RMILoader.class:SHA3-256:8976612cf33d494de7a232c78be7507e107227d057802d0ff55f739768c10ea0
+./data/java/metasploit/RMIPayload.class:SHA3-256:282c7f921c304ec8cc26f86534435d98d027f284b36bda864e15887cf91fd66a
+./data/meterpreter/dump_sam.x64.debug.dll:SHA3-256:b88b674eb3971093e12b36f07da7817b1e15d398361a29badffee0f2f0624022
+./data/meterpreter/dump_sam.x64.dll:SHA3-256:c71592bff6c30963a5a73d922f62b8ef7fdcb79ccd9e77db40e87d7c726cb523
+./data/meterpreter/dump_sam.x86.debug.dll:SHA3-256:cbff2133a357dc266ff7b96e33ebab48422d4961fd350327a0ef438bb6ad4901
+./data/meterpreter/dump_sam.x86.dll:SHA3-256:f81a25ba91057ed3a114b5f9774d85f5b1d963dfc03b64984b8af6edbd580316
+./data/meterpreter/elevator.x64.debug.dll:SHA3-256:fb273dd40d12507e40953724059f60a758c8734f118cc2f625d17653fbf39dfe
+./data/meterpreter/elevator.x64.dll:SHA3-256:15d5a8d50c5f02b92d3b1a5b9fa59fd2c6f2ba3acee942537625b95c965e785c
+./data/meterpreter/elevator.x86.debug.dll:SHA3-256:1490c523f92bc5e242d08d15e562820ffb04d66e427680e24539d6a600d63472
+./data/meterpreter/elevator.x86.dll:SHA3-256:4d5d378fb9cd2d1e7ad8651a5cf4066e41c26483834161eb9b98eda76bd085c2
+./data/meterpreter/ext_server_bofloader.x64.debug.dll:SHA3-256:b98be78381b61e453b41247510c2fdc2f614ca241d5884eaa29f45c7c13f1849
+./data/meterpreter/ext_server_bofloader.x64.dll:SHA3-256:289d526ac76ff913fe4bcf84b7f7c3002a98f09aadf40c56509e062dd7a78acf
+./data/meterpreter/ext_server_bofloader.x86.debug.dll:SHA3-256:cecd9fbc8e1d4a2458d9617e3dce9afd432bc9ffdd258661237e0c7b021575dd
+./data/meterpreter/ext_server_bofloader.x86.dll:SHA3-256:7b9972e884267646621ed27caa432edfbf25ed57f4d6c6b4c61f4c18fdafe280
+./data/meterpreter/ext_server_espia.x64.debug.dll:SHA3-256:43665d04a170310bc7171cc56ebe520ce7b369a14f32576a30d9ab8d49d59f6c
+./data/meterpreter/ext_server_espia.x64.dll:SHA3-256:f2c1b75a0f0a519536aa64a8acaf869d9974710e96afc9238b5c57f0efff8b7d
+./data/meterpreter/ext_server_espia.x86.debug.dll:SHA3-256:67b89e0e64745c6ec11f537ffcf6624e08bfa7eaa405dc966c877fcd6b6ba6c1
+./data/meterpreter/ext_server_espia.x86.dll:SHA3-256:077e0017b6a837b663eee6e714d094c5f34464af4cece5ccbcafa60807a955c0
+./data/meterpreter/ext_server_extapi.x64.debug.dll:SHA3-256:a31cae86dc085d52635941e28ce53dc2bf8b8a111c3dc288905a99094d129dda
+./data/meterpreter/ext_server_extapi.x64.dll:SHA3-256:34137f77c29accd557c04510e62390a76f76f7b1a67c228b3215dcf13781a59d
+./data/meterpreter/ext_server_extapi.x86.debug.dll:SHA3-256:54f9ac865c81aa6aa260bfd025e0c63fb723289684ba0cc05d13f02d41a889d1
+./data/meterpreter/ext_server_extapi.x86.dll:SHA3-256:359eb1dac4d6971d85b369da6256acd3334a628f059bf13331c6d42500b1b763
+./data/meterpreter/ext_server_incognito.x64.debug.dll:SHA3-256:6da8b5119cbdff94618a706d7dcf45a27976e61fd8d6bd7f7e66397d9d3dc9bd
+./data/meterpreter/ext_server_incognito.x64.dll:SHA3-256:9820d65866054fd167cd2c27d73c7077e6a8d5ed571b02e5948eadf2f28c5268
+./data/meterpreter/ext_server_incognito.x86.debug.dll:SHA3-256:1785c9d71ff46ce049800911cf39ed43bcdf2633d188e9c36ded59452274cb51
+./data/meterpreter/ext_server_incognito.x86.dll:SHA3-256:bf89b88c2b3878d3c58f420c7e9bb6091fc84acf3b7aaac90a783ae2d1bb9ad2
+./data/meterpreter/ext_server_kiwi.x64.debug.dll:SHA3-256:517f294209b0fe49af5eaa30c41f582cbdf24d2bb697ff6982f170e30d0607e8
+./data/meterpreter/ext_server_kiwi.x64.dll:SHA3-256:7403e4017fc90e731d147194d2ff68608c24451660a7fab16624be792ea02076
+./data/meterpreter/ext_server_kiwi.x86.debug.dll:SHA3-256:fadd554347ca40291f215e3359e66e047454b478e82ba2daa93ba66132e5c377
+./data/meterpreter/ext_server_kiwi.x86.dll:SHA3-256:c08b1d65000075966ac1a35cfb0148b6230b98e25aaee71eb06b7c807308c0c2
+./data/meterpreter/ext_server_lanattacks.x64.debug.dll:SHA3-256:7d764af399cdcbfbf2a6edcf1ecb3035f9091e12a23a11ee0359989d0734aef9
+./data/meterpreter/ext_server_lanattacks.x64.dll:SHA3-256:24f9f0e50557111545f7b190f211db600878ac8679908fcc88f3ac27158533dd
+./data/meterpreter/ext_server_lanattacks.x86.debug.dll:SHA3-256:4d1bc7fe41d0def20c49ce0fa1eb7bde68b1b6e0629cdc28123941d4979a706f
+./data/meterpreter/ext_server_lanattacks.x86.dll:SHA3-256:ce9ea99f726ec08eb45471df37f57b74a8eee9896368aad967bfe999c29e36bd
+./data/meterpreter/ext_server_peinjector.x64.debug.dll:SHA3-256:78314437d2a2760a39292e040f94aad736df7e88888a448ec2e748111316fc09
+./data/meterpreter/ext_server_peinjector.x64.dll:SHA3-256:03652c960dbb4f43bdb8b6abc6aa0ea372142b9a4e1236ed39526189c175a8dc
+./data/meterpreter/ext_server_peinjector.x86.debug.dll:SHA3-256:0aac5aa4829940666ec034bcb18086b32615ba36e3902baa69ab567a86a0714c
+./data/meterpreter/ext_server_peinjector.x86.dll:SHA3-256:746cbf5e8b2cef080c176ade797c0aa014fcf4342c832ef63f8e2da299134f50
+./data/meterpreter/ext_server_powershell.x64.debug.dll:SHA3-256:a57eafb229660c270ef6465fa9e925bad51e01f0b514cac0ab68f056b5988df6
+./data/meterpreter/ext_server_powershell.x64.dll:SHA3-256:b3dfae5945f5f3c972e2331a39128490a710cffe61f06138a154f778ead1cd98
+./data/meterpreter/ext_server_powershell.x86.debug.dll:SHA3-256:dbd5bb3100101f766d748a4a4ad111144b28360fb1115d89f7f4a5b9f5e7fccf
+./data/meterpreter/ext_server_powershell.x86.dll:SHA3-256:1dccef6880af7f7cf1477381f26c55fc839a632587df4aa4bda770e1eb2aaa50
+./data/meterpreter/ext_server_priv.x64.debug.dll:SHA3-256:74e5fe0097a84b747597efeb88cb5c4e2274854a2a80601b6bb4e4036beccf5c
+./data/meterpreter/ext_server_priv.x64.dll:SHA3-256:301c7cb990918b90ab2138e9d71070975054c41fbd970df1e7a7ceddf6edda78
+./data/meterpreter/ext_server_priv.x86.debug.dll:SHA3-256:ff0a9b2afa2a8f338d363e400f81b89e77d30073f117a9c9f5d9a47142dd1ca8
+./data/meterpreter/ext_server_priv.x86.dll:SHA3-256:848d1f477c08e12992f53a946e70e710eca7bc1f3ac9fb69930c62f4cf299efa
+./data/meterpreter/ext_server_python.x64.debug.dll:SHA3-256:a4fd10b91fddd079668baa6480e086930f399c7bd12a952228069cd89a3b0ba4
+./data/meterpreter/ext_server_python.x64.dll:SHA3-256:8ed891e0fe7f7398a941011e31a6c5719540eb5f0a7c1b1e9b93e15473e351c0
+./data/meterpreter/ext_server_python.x86.debug.dll:SHA3-256:15f8f0fa5a7d2137c7be8f8fa379d557bfc05727ffdd8ba2900b13cef2dabc2e
+./data/meterpreter/ext_server_python.x86.dll:SHA3-256:93b6ab4247b15afa50a94d8e0fa180c9671b5c7e649f90eeac4a9652c4351892
+./data/meterpreter/ext_server_sniffer.x64.dll:SHA3-256:3e020e533a22ce9e78c268d9f8abd4568f856f7b0811c78f8676ab50f3224910
+./data/meterpreter/ext_server_sniffer.x86.dll:SHA3-256:821008626a4c6e7871b0437d96d91e1a5e8b982e6d1f6b3af72e555f6ef938c5
+./data/meterpreter/ext_server_stdapi.jar:SHA3-256:7c8170ba6286ea8166c714f6a83aae764a5ed1fa64709e4263b9636fbcbe746c
+./data/meterpreter/ext_server_stdapi.php:SHA3-256:ddb98df369a7436140b6c6bd45c959ddda6662fc6351c41815ec06b477955d1e
+./data/meterpreter/ext_server_stdapi.py:SHA3-256:8f2fec1de2737e8d04454a9e71bf65810964849d051744aca513898ab6521cc7
+./data/meterpreter/ext_server_stdapi.x64.debug.dll:SHA3-256:7e1593be1f57612499ebac8d395a37300569098ead1b9399daab0cea879997a3
+./data/meterpreter/ext_server_stdapi.x64.dll:SHA3-256:faf4be7a9fe3af67152feb970773fd660c8eac2e607869de0b0638e6dd2c2801
+./data/meterpreter/ext_server_stdapi.x86.debug.dll:SHA3-256:3c64f46bbebe70bd35540bf5408df0459d7d90a1c1cb5e1dde5ee82ef19f8bfa
+./data/meterpreter/ext_server_stdapi.x86.dll:SHA3-256:faf696b9f83e639b4fff321ba96675f702aebec9846ccfee8182a96ca52439e1
+./data/meterpreter/ext_server_unhook.x64.debug.dll:SHA3-256:78fea9cbe35f4ed9e1d79a457870ef612e99d73bad010eb247eae744b1c4ec0d
+./data/meterpreter/ext_server_unhook.x64.dll:SHA3-256:76ae8cb416c8551b3048105a202e80917007ea10bdf720358f0054b0fb357938
+./data/meterpreter/ext_server_unhook.x86.debug.dll:SHA3-256:26a9228542c3e1ad4dba860a5e7bd1a2dc43bc5fca336b719964ee6d65e885b1
+./data/meterpreter/ext_server_unhook.x86.dll:SHA3-256:643900e9d9765664e8be80ebb2f04785a9e8d227df443a718855ddf6ff7f7996
+./data/meterpreter/ext_server_winpmem.x64.debug.dll:SHA3-256:a51a49a103ef4589a9361bbbb6013e4daa42917afb3d3ae6f1b589939725440b
+./data/meterpreter/ext_server_winpmem.x64.dll:SHA3-256:2795d015454067aa0b8ce51f2e05d25c9c83f36d020a4db4a32455555c1661e2
+./data/meterpreter/ext_server_winpmem.x86.debug.dll:SHA3-256:1fb502f09d5b26d00718853a2ab237ea8172816f38b4fbd62fd0a99c3dfc4f68
+./data/meterpreter/ext_server_winpmem.x86.dll:SHA3-256:c5af7f478ac4854190a68e237a2830ef6eaa1aa9314f9720516db7690483d059
+./data/meterpreter/meterpreter.jar:SHA3-256:5f606da3c03a54cb49807e9337c3eb2aab64c01e6477af061db7318990930f11
+./data/meterpreter/meterpreter.php:SHA3-256:1377f470b77b75caaf8d8d35383315e4b0fca01f89a4da13e229a1c846a76c8a
+./data/meterpreter/meterpreter.py:SHA3-256:80dd8ca52f8b04352b19f613c2cb266d0ea17c56f8f285520009e0320b899607
+./data/meterpreter/metsrv.x64.debug.dll:SHA3-256:bbb9406dd916065eede4308a7a8d65a4517ff10a93a6b6e9b90ec77664a36b26
+./data/meterpreter/metsrv.x64.dll:SHA3-256:dbe06c3f38772644ea5301e487a6e344b06ae001e146abd43d766227c4a6998a
+./data/meterpreter/metsrv.x86.debug.dll:SHA3-256:f50b3223075c3313865690b76f158274e0666ddccdf2269246afd5885925f4c1
+./data/meterpreter/metsrv.x86.dll:SHA3-256:5c26499d617b21f9a856a50adcd6c5b98540f0d48fdb91f4991ab15510dd37bf
+./data/meterpreter/screenshot.x64.debug.dll:SHA3-256:158b74437166c5c49ec1fba9c27d59d1c2366e413b83d32b2bbdf2c0eb6c21cf
+./data/meterpreter/screenshot.x64.dll:SHA3-256:58b80de1e05a8da405fce5dddcd74f5b6766dc7747df71d1f5b6137433a5d10f
+./data/meterpreter/screenshot.x86.debug.dll:SHA3-256:d975907d3a76d50869ddd8cba3b6995a6f4930ab76bf5593ce18cb862288400b
+./data/meterpreter/screenshot.x86.dll:SHA3-256:a69cf5f4bad55f6596458ffb2cd36b0aefa6641e2767056fa4ace3922e6ad69f
+./data/meterpreter/tests/test_ext_server_stdapi.py:SHA3-256:255a4009703062a47d35fbb61dc293e5499fa759a6bcfa9216ace9736986e96d

data/manifest.uuid

@@ -1 +1 @@
-763897d12e762d9c13ddd7407fd200a7f97b3445d95c50fd465dd2deaa7cd5be
+9e572d4f8b7252e918c8a01732400da42f50a0db6c480de57d591163944a13de

data/spec/metasploit_payloads/crypto_spec.rb

@@ -1,22 +1,48 @@
-require 'spec_helper'
 require 'metasploit-payloads'
 
 RSpec.describe ::MetasploitPayloads::Crypto do
+  let(:plaintext) { "Hello World!".b }
+
   describe '#encrypt' do
-    let(:encrypted_header) { ::MetasploitPayloads::Crypto::ENCRYPTED_PAYLOAD_HEADER }
-    let(:plaintext) { "Hello World!".b }
-    let(:ciphertext) { encrypted_header + "\x89:^r\xC1\xC9\xD9\xA1\xDC\xEB\xBFm".b }
+    let(:encrypted_header) { "msf\x02\x01\x01".b }
+    let(:ciphertext) { encrypted_header + "F=\xF9\xCB\xF6\xA1\xE4h\x89\x96DD\xC0+\x04\xF1".b }
 
-    it 'can encrypt plaintext' do
+    it 'encrypts using aes-256-cbc' do
       expect(described_class.encrypt(plaintext: plaintext)).to eq ciphertext
     end
+  end
 
-    it 'can decrypt ciphertext' do
-      expect(described_class.decrypt(ciphertext: ciphertext)).to eq plaintext
-    end
+  describe '#decrypt' do
+    context 'when the ciphertext is' do
+      context 'encrypted with chacha20' do
+        let(:encrypted_header) { "msf\x01\x01\x01".b }
+        let(:ciphertext) { encrypted_header + "\x89:^r\xC1\xC9\xD9\xA1\xDC\xEB\xBFm".b }
+
+        it 'returns plaintext' do
+          expect(described_class.decrypt(ciphertext: ciphertext)).to eq plaintext
+        end
+      end
+
+      context 'encrypted with aes-256-cbc' do
+        let(:encrypted_header) { "msf\x02\x01\x01".b }
+        let(:ciphertext) { encrypted_header + "F=\xF9\xCB\xF6\xA1\xE4h\x89\x96DD\xC0+\x04\xF1".b }
 
-    it 'is idempotent' do
-      expect(described_class.decrypt(ciphertext: described_class.encrypt(plaintext: plaintext))).to eq plaintext
+        it 'returns plaintext' do
+          expect(described_class.decrypt(ciphertext: ciphertext)).to eq plaintext
+        end
+      end
+
+      context 'not encrypted' do
+        let(:ciphertext) { plaintext }
+
+        it 'returns plaintext' do
+          expect(described_class.decrypt(ciphertext: ciphertext)).to eq plaintext
+        end
+      end
     end
   end
+
+  it 'is idempotent' do
+    expect(described_class.decrypt(ciphertext: described_class.encrypt(plaintext: plaintext))).to eq plaintext
+  end
 end

data/spec/metasploit_payloads/metasploit_payloads_spec.rb

@@ -248,10 +248,10 @@ RSpec.describe ::MetasploitPayloads do
   end
 
   describe '#read' do
-    let(:encrypted_header) { 'encrypted_payload_chacha20_v1' }
+    let(:encrypted_header) { "msf\x02\x01\x01" }
     let(:raw_file) { { name: 'meterpreter.py', contents: 'sample_file_contents' } }
-    # ChaCha20 encrypted contents
-    let(:encrypted_contents) { "gg\xB7R\x96\xA00\x84\xC4\xBF5\x1D\xDBG6J\n\x86\x06\xF1" }
+    # AES-256-CBC encrypted contents
+    let(:encrypted_contents) { "\xEA\x00q\xEB\a\xCA\xD2\xD3\xE2',N\x86\x1C\f?\xBE\xC4\x8AJRks\xAD\xD6\xDF\xA3.\xCD\xA7\x84\xD2".b }
     let(:encrypted_file) { { name: raw_file[:name], contents: encrypted_header + encrypted_contents } }
 
     before :each do

data/spec/spec_helper.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'metasploit_payloads/metasploit_payloads_spec'
-
 # This file was generated by the `rspec --init` command. Conventionally, all
 # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
 # The generated `.rspec` file contains `--require spec_helper` which will cause

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.158
+  version: 2.0.159
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2023-10-16 00:00:00.000000000 Z
+date: 2023-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake