metasploit-payloads 2.0.50 → 2.0.54

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a4341cf64530c4372103f3773647ffdca83138ca2b0a04161feee931911e0c4c
-  data.tar.gz: b6026f54d771bdf5c16ed85861a31badced2005036ea31793a917c1efadd6a5f
+  metadata.gz: 1db85f55664f5f23616d2e8964b8e489edfa02438b43cfff65cf725a9d18cfd2
+  data.tar.gz: e235a4c2d27623670395f3380360d55657cb7dc764c01471e6e99adef2442ec5
 SHA512:
-  metadata.gz: 3ed3d4f0c3ab546b6ee9ff80f6245a175aec6b3c1fffe6d66b1c7183a13c1f80f9948a0c6ccee42ee6abb74190dadd4f75f8e603a745eaeb4ba9ba8f6e188224
-  data.tar.gz: 5d2557dba651cb169d878dc8070806c7781fe6add239eef35b440922cbfc4ead199df2aec24e391d404db591c3a2588ee67cea582cca5b71b61a671ad9976a10
+  metadata.gz: 659af5c06e7763acdfabd5f503fb5ce5a184638268df0358d12f20eab555079f76b40b043609d61655308d66d678813b26ae2c4a2db1cc02c317ab9f5e59d957
+  data.tar.gz: 7986adc790b342d080616e67fcf29f648d693b6176a7ec031b97d7074098503c386cfd6b3c1bc40d979a2028fd8ee1b5891212387f03affcd01d4a41587cb27e

data/data/meterpreter/ext_server_stdapi.py

@@ -1167,6 +1167,7 @@ def stdapi_sys_process_execute(request, response):
             proc_h.stdin = os.fdopen(master, 'wb')
             proc_h.stdout = os.fdopen(master, 'rb')
             proc_h.stderr = open(os.devnull, 'rb')
+            proc_h.ptyfd = slave
         else:
             proc_h = STDProcess(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
             proc_h.echo_protection = True

data/data/meterpreter/meterpreter.py

@@ -639,13 +639,17 @@ class MeterpreterProcess(MeterpreterChannel):
         super(MeterpreterProcess, self).__init__()
 
     def close(self):
-        self.proc_h.kill()
-        if hasattr(self.proc_h.stdin, 'close'):
-            self.proc_h.stdin.close()
-        if hasattr(self.proc_h.stdout, 'close'):
-            self.proc_h.stdout.close()
-        if hasattr(self.proc_h.stderr, 'close'):
-            self.proc_h.stderr.close()
+        if self.proc_h.poll() is None:
+            self.proc_h.kill()
+        if self.proc_h.ptyfd is not None:
+            os.close(self.proc_h.ptyfd)
+        for stream in (self.proc_h.stdin, self.proc_h.stdout, self.proc_h.stderr):
+            if not hasattr(stream, 'close'):
+                continue
+            try:
+                stream.close()
+            except (IOError, OSError):
+                pass
 
     def is_alive(self):
         return self.proc_h.poll() is None
@@ -739,18 +743,26 @@ class MeterpreterSocketUDPClient(MeterpreterSocket):
 export(MeterpreterSocketUDPClient)
 
 class STDProcessBuffer(threading.Thread):
-    def __init__(self, std, is_alive):
-        threading.Thread.__init__(self)
+    def __init__(self, std, is_alive, name=None):
+        threading.Thread.__init__(self, name=name or self.__class__.__name__)
         self.std = std
         self.is_alive = is_alive
         self.data = bytes()
         self.data_lock = threading.RLock()
 
+    def _read1(self):
+        try:
+            return self.std.read(1)
+        except (IOError, OSError):
+            return bytes()
+
     def run(self):
-        for byte in iter(lambda: self.std.read(1), bytes()):
+        byte = self._read1()
+        while len(byte):
             self.data_lock.acquire()
             self.data += byte
             self.data_lock.release()
+            byte = self._read1()
 
     def is_read_ready(self):
         return len(self.data) != 0
@@ -778,14 +790,15 @@ class STDProcess(subprocess.Popen):
         debug_print('[*] starting process: ' + repr(args[0]))
         subprocess.Popen.__init__(self, *args, **kwargs)
         self.echo_protection = False
+        self.ptyfd = None
 
     def is_alive(self):
         return self.poll() is None
 
     def start(self):
-        self.stdout_reader = STDProcessBuffer(self.stdout, self.is_alive)
+        self.stdout_reader = STDProcessBuffer(self.stdout, self.is_alive, name='STDProcessBuffer.stdout')
         self.stdout_reader.start()
-        self.stderr_reader = STDProcessBuffer(self.stderr, self.is_alive)
+        self.stderr_reader = STDProcessBuffer(self.stderr, self.is_alive, name='STDProcessBuffer.stderr')
         self.stderr_reader.start()
 
     def write(self, channel_data):
@@ -1273,15 +1286,15 @@ class PythonMeterpreter(object):
                 data = bytes()
                 write_request_parts = []
                 if isinstance(channel, MeterpreterProcess):
-                    if not channel_id in self.interact_channels:
-                        continue
-                    proc_h = channel.proc_h
-                    if proc_h.stderr_reader.is_read_ready():
-                        data = proc_h.stderr_reader.read()
-                    elif proc_h.stdout_reader.is_read_ready():
-                        data = proc_h.stdout_reader.read()
-                    elif not channel.is_alive():
+                    if channel_id in self.interact_channels:
+                        proc_h = channel.proc_h
+                        if proc_h.stderr_reader.is_read_ready():
+                            data = proc_h.stderr_reader.read()
+                        elif proc_h.stdout_reader.is_read_ready():
+                            data = proc_h.stdout_reader.read()
+                    if not channel.is_alive():
                         self.handle_dead_resource_channel(channel_id)
+                        channel.close()
                 elif isinstance(channel, MeterpreterSocketTCPClient):
                     while select.select([channel.fileno()], [], [], 0)[0]:
                         try:
@@ -1552,7 +1565,6 @@ class PythonMeterpreter(object):
         status, response = channel.core_eof(request, response)
         return ERROR_SUCCESS, response
 
-
     def _core_channel_interact(self, request, response):
         channel_id = packet_get_tlv(request, TLV_TYPE_CHANNEL_ID)['value']
         if channel_id not in self.channels:
@@ -1614,7 +1626,10 @@ class PythonMeterpreter(object):
                 if result != ERROR_SUCCESS:
                     debug_print('[-] method ' + handler_name + ' resulted in error: #' + str(result))
         else:
-            debug_print('[-] method ' + handler_name + ' was requested but does not exist')
+            if handler_name is None:
+                debug_print('[-] command id ' + str(commd_id_tlv['value']) + ' was requested but does not exist')
+            else:
+                debug_print('[-] method ' + handler_name + ' was requested but does not exist')
             result = error_result(NotImplementedError)
 
         reqid_tlv = packet_get_tlv(request, TLV_TYPE_REQUEST_ID)

data/lib/metasploit-payloads/version.rb

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.50'
+  VERSION = '2.0.54'
 
   def self.version
     VERSION

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.50
+  version: 2.0.54
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2021-07-31 00:00:00.000000000 Z
+date: 2021-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake