metasploit-payloads 2.0.45 → 2.0.49

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d86e8998efad013b305f344b5b0b4a4f4d5a0311cb84d2f26dd67eb1e4e18b42
-  data.tar.gz: f71837005ae5a093cbaf9fa5baccddd0b739bf1b3bb909facf9b268bd6810bf9
+  metadata.gz: 310f0933ca0bacbd6aa05e311982746b0ab67f0d124669fd14dc02f4a6a11f15
+  data.tar.gz: be3df4ac77d9de64faae0b0cc38f6f2229164d9f56305e2329f15b87b551e9e6
 SHA512:
-  metadata.gz: 2964ff2f4022283f8997eaeedacaa8a0058072c17d0142953c7b4a03fe76b86a655311db524ffae2b68d42cdb1f55ef9fd3b9ea9b1edeac7da49ed55bf398345
-  data.tar.gz: 3513cc88c84ee1aa52210b714859737d941f0341564ae85b90b5d3c52db6e18304fa077d982f8e0a9e6071412289153350f1e63990df72778746debb08d88135
+  metadata.gz: ab7dbf2146d40382acdc6ac1fda6aefd03d704f5ddc8a91dd7806942b2896a5796b57b9045251878ba25046b1d2cc8a5896d76f84b87e230b24f183b12822378
+  data.tar.gz: 16480cba21adaeb5d69ec237fdcd84df0da9b7491ce5d57946022aaeba9ddabda39fbb67c5a9b9dd6b36174ecf6dd16933e23d50079a1709189765b2097459b6

data/data/meterpreter/ext_server_stdapi.py

@@ -649,6 +649,7 @@ PROCESS_EXECUTE_FLAG_HIDDEN = (1 << 0)
 PROCESS_EXECUTE_FLAG_CHANNELIZED = (1 << 1)
 PROCESS_EXECUTE_FLAG_SUSPENDED = (1 << 2)
 PROCESS_EXECUTE_FLAG_USE_THREAD_TOKEN = (1 << 3)
+PROCESS_EXECUTE_FLAG_SUBSHELL         = (1 << 6)
 
 PROCESS_ARCH_UNKNOWN = 0
 PROCESS_ARCH_X86 = 1
@@ -1146,11 +1147,12 @@ def stdapi_sys_process_execute(request, response):
     flags = packet_get_tlv(request, TLV_TYPE_PROCESS_FLAGS)['value']
     if len(cmd) == 0:
         return ERROR_FAILURE, response
-    if os.path.isfile('/bin/sh'):
-        args = ['/bin/sh', '-c', cmd + ' ' + raw_args]
+    if os.path.isfile('/bin/sh') and (flags & PROCESS_EXECUTE_FLAG_SUBSHELL):
+        args = ['/bin/sh', '-c', cmd, raw_args]
     else:
         args = [cmd]
         args.extend(shlex.split(raw_args))
+
     if (flags & PROCESS_EXECUTE_FLAG_CHANNELIZED):
         if has_pty:
             master, slave = pty.openpty()
@@ -1161,7 +1163,7 @@ def stdapi_sys_process_execute(request, response):
                     termios.tcsetattr(master, termios.TCSADRAIN, settings)
                 except:
                     pass
-            proc_h = STDProcess(args, stdin=slave, stdout=slave, stderr=slave, bufsize=0)
+            proc_h = STDProcess(args, stdin=slave, stdout=slave, stderr=slave, bufsize=0, preexec_fn=os.setsid)
             proc_h.stdin = os.fdopen(master, 'wb')
             proc_h.stdout = os.fdopen(master, 'rb')
             proc_h.stderr = open(os.devnull, 'rb')

data/lib/metasploit-payloads.rb

@@ -69,30 +69,24 @@ module MetasploitPayloads
   end
 
   #
-  # List all the available extensions for the given suffix.
+  # List all the available extensions, optionally filtered by the given suffix.
   #
-  def self.list_meterpreter_extensions(binary_suffix)
-    extensions = []
-
-    root_dirs = [local_meterpreter_dir]
-
-    # Find the valid extensions in the data folder first, if MSF
-    # is installed.
-    if metasploit_installed?
-      root_dirs.unshift(msf_meterpreter_dir)
-      root_dirs.unshift(user_meterpreter_dir)
-    end
-
-    root_dirs.each do |dir|
-      next unless ::File.directory?(dir)
-
-      # Merge in any that don't already exist in the collection.
-      meterpreter_enum_ext(dir, binary_suffix).each do |e|
-        extensions.push(e) unless extensions.include?(e)
-      end
-    end
+  # @param [String] binary_suffix An optional suffix to use for filtering results. If omitted, all extensions will be
+  #   returned.
+  # @return [Array<String>] Returns an array of extensions.
+  def self.list_meterpreter_extensions(binary_suffix=nil)
+    list_meterpreter_dirs { |dir| meterpreter_enum_ext(dir, binary_suffix) }
+  end
 
-    extensions
+  #
+  # List all the available suffixes, optionally filtered by the given extension name. This is mostly useful for
+  # determining support for a specific extension.
+  #
+  # @param [String] extension_name An optional extension name to use for filtering results. If omitted, all suffixes
+  #   will be returned.
+  # @return [Array<String>] Returns an array of binary suffixes.
+  def self.list_meterpreter_extension_suffixes(extension_name=nil)
+    list_meterpreter_dirs { |dir| meterpreter_enum_ext_suffixes(dir, extension_name) }
   end
 
   #
@@ -124,19 +118,43 @@ module MetasploitPayloads
   end
 
   #
-  # Enumerate extensions in the given root folder based on the suffix.
+  # Enumerate extensions in the given root folder based on an optional suffix.
   #
-  def self.meterpreter_enum_ext(root_dir, binary_suffix)
+  # @param [String] root_dir The path to the directory from which to enumerate extensions.
+  # @param [String] binary_suffix An optional suffix to use for filtering results. If omitted, all extensions will be
+  #   returned.
+  # @return [Array<String>] Returns an array of extensions.
+  def self.meterpreter_enum_ext(root_dir, binary_suffix=nil)
     exts = []
+    binary_suffix ||= '.*'
     ::Dir.entries(root_dir).each do |f|
       if ::File.readable?(::File.join(root_dir, f)) && \
-         f =~ /#{EXTENSION_PREFIX}(.*)\.#{binary_suffix}/
+         f =~ /#{EXTENSION_PREFIX}(\w+)\.#{binary_suffix}/
         exts.push($1)
       end
     end
     exts
   end
 
+  #
+  # Enumerate binary suffixes in the given root folder based on an optional extension name.
+  #
+  # @param [String] root_dir The path to the directory from which to enumerate extension suffixes.
+  # @param [String] extension_name An optional extension name to use for filtering results. If omitted, all suffixes will
+  #   be returned.
+  # @return [Array<String>] Returns an array of binary suffixes.
+  def self.meterpreter_enum_ext_suffixes(root_dir, extension_name=nil)
+    suffixes = []
+    extension_name ||= '\w+'
+    ::Dir.entries(root_dir).each do |f|
+      if ::File.readable?(::File.join(root_dir, f)) && \
+         f =~ /#{EXTENSION_PREFIX}#{extension_name}\.(\w+(\.\w+)*)/
+        suffixes.push($1)
+      end
+    end
+    suffixes
+  end
+
   private
 
   #
@@ -164,4 +182,30 @@ module MetasploitPayloads
       @local_paths << path
     end
   end
+
+  class << self
+    private
+    def list_meterpreter_dirs(&block)
+      things = [] # *things* is whatever is being enumerated (extension names, suffixes, etc.) as determined by the block
+      root_dirs = [local_meterpreter_dir]
+
+      # Find the valid extensions in the data folder first, if MSF
+      # is installed.
+      if metasploit_installed?
+        root_dirs.unshift(msf_meterpreter_dir)
+        root_dirs.unshift(user_meterpreter_dir)
+      end
+
+      root_dirs.each do |dir|
+        next unless ::File.directory?(dir)
+
+        # Merge in any that don't already exist in the collection.
+        (yield dir).each do |e|
+          things.push(e) unless things.include?(e)
+        end
+      end
+
+      things
+    end
+  end
 end

data/lib/metasploit-payloads/version.rb

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.45'
+  VERSION = '2.0.49'
 
   def self.version
     VERSION

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.45
+  version: 2.0.49
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2021-04-30 00:00:00.000000000 Z
+date: 2021-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake