metasploit-payloads 2.0.57 → 2.0.61

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 828c2137d88b9ecf8a48064976e436f178a4e69bfc3a01b2aac2e880f605e78e
-  data.tar.gz: b5ee9b456a820e72fa918aafb258347b812469de22f47e0bc01d4ea039100d07
+  metadata.gz: 4188f80b9a7c91f79f4085ca10626ec6b13ab0b3b7e65c4573791e4a66382d27
+  data.tar.gz: 7ad4dd897102be313e08336e50cfd74396c52f8c2e3b925ab7aa3da2b7664929
 SHA512:
-  metadata.gz: 19d25d6d1db9e626ea6746c59a4d7344a72435e0c36b46357b2e8dfb27361383b3264b38f24038aaeb9fba6607fbbbcbeef017f81437b3dae9c11dcb2c927506
-  data.tar.gz: a7810ce9c9f07f4438450fb9f2a611a7c4aed844d14035a263784f241074ed773ff4661cf550386839eb939c9ec9adf143d8202161ba969a7f341c2f712ae2e3
+  metadata.gz: a946d5504af1f234e03442151f52293cbd497788dcfbc26486c2ba2f107701cf122f80e9f075485c1426119b4f6d567de36bdf540d300f6f049bd9d27af67f4a
+  data.tar.gz: 41424d3e1c558e3b8c8036c226074e89185f3c45864db86dac4e98e1aa9d0bc13a0222830221823878f0759e0e7d3899f7aa11860568ae172a4da49e6378517d

data/data/meterpreter/ext_server_stdapi.py

@@ -662,6 +662,7 @@ PROCESS_EXECUTE_FLAG_CHANNELIZED = (1 << 1)
 PROCESS_EXECUTE_FLAG_SUSPENDED = (1 << 2)
 PROCESS_EXECUTE_FLAG_USE_THREAD_TOKEN = (1 << 3)
 PROCESS_EXECUTE_FLAG_SUBSHELL         = (1 << 6)
+PROCESS_EXECUTE_FLAG_PTY              = (1 << 7)
 
 PROCESS_ARCH_UNKNOWN = 0
 PROCESS_ARCH_X86 = 1
@@ -1166,7 +1167,7 @@ def stdapi_sys_process_execute(request, response):
         args.extend(shlex.split(raw_args))
 
     if (flags & PROCESS_EXECUTE_FLAG_CHANNELIZED):
-        if has_pty:
+        if has_pty and (flags & PROCESS_EXECUTE_FLAG_PTY):
             master, slave = pty.openpty()
             if has_termios:
                 try:

data/data/meterpreter/meterpreter.py

@@ -596,6 +596,16 @@ class MeterpreterChannel(object):
         response += tlv_pack(TLV_TYPE_LENGTH, self.write(channel_data))
         return ERROR_SUCCESS, response
 
+    def core_seek(self, request, response):
+        offset = packet_get_tlv(request, TLV_TYPE_SEEK_OFFSET)['value']
+        whence = packet_get_tlv(request, TLV_TYPE_SEEK_WHENCE)['value']
+        self.seek(offset, whence)
+        return ERROR_SUCCESS, response
+
+    def core_tell(self, request, response):
+        response += tlv_pack(TLV_TYPE_SEEK_POS, self.tell())
+        return ERROR_SUCCESS, response
+
     def close(self):
         raise NotImplementedError()
 
@@ -614,6 +624,12 @@ class MeterpreterChannel(object):
     def write(self, data):
         raise NotImplementedError()
 
+    def seek(self, offset, whence=os.SEEK_SET):
+        raise NotImplementedError()
+
+    def tell(self):
+        raise NotImplementedError()
+
 #@export
 class MeterpreterFile(MeterpreterChannel):
     def __init__(self, file_obj):
@@ -632,6 +648,12 @@ class MeterpreterFile(MeterpreterChannel):
     def write(self, data):
         self.file_obj.write(data)
         return len(data)
+
+    def seek(self, offset, whence=os.SEEK_SET):
+        self.file_obj.seek(offset, whence)
+
+    def tell(self):
+        return self.file_obj.tell()
 export(MeterpreterFile)
 
 #@export
@@ -645,6 +667,7 @@ class MeterpreterProcess(MeterpreterChannel):
             self.proc_h.kill()
         if self.proc_h.ptyfd is not None:
             os.close(self.proc_h.ptyfd)
+            self.proc_h.ptyfd = None
         for stream in (self.proc_h.stdin, self.proc_h.stdout, self.proc_h.stderr):
             if not hasattr(stream, 'close'):
                 continue
@@ -1315,9 +1338,9 @@ class PythonMeterpreter(object):
                         self.send_packet(tlv_pack_request('stdapi_net_tcp_channel_open', [
                             {'type': TLV_TYPE_CHANNEL_ID, 'value': client_channel_id},
                             {'type': TLV_TYPE_CHANNEL_PARENTID, 'value': channel_id},
-                            {'type': TLV_TYPE_LOCAL_HOST, 'value': inet_pton(channel.sock.family, server_addr[0])},
+                            {'type': TLV_TYPE_LOCAL_HOST, 'value': server_addr[0]},
                             {'type': TLV_TYPE_LOCAL_PORT, 'value': server_addr[1]},
-                            {'type': TLV_TYPE_PEER_HOST, 'value': inet_pton(client_sock.family, client_addr[0])},
+                            {'type': TLV_TYPE_PEER_HOST, 'value': client_addr[0]},
                             {'type': TLV_TYPE_PEER_PORT, 'value': client_addr[1]},
                         ]))
                 elif isinstance(channel, MeterpreterSocketUDPClient):
@@ -1340,7 +1363,6 @@ class PythonMeterpreter(object):
                     self.send_packet(tlv_pack_request('core_channel_write', write_request_parts))
 
     def handle_dead_resource_channel(self, channel_id):
-        del self.channels[channel_id]
         if channel_id in self.interact_channels:
             self.interact_channels.remove(channel_id)
         self.send_packet(tlv_pack_request('core_channel_close', [
@@ -1565,7 +1587,7 @@ class PythonMeterpreter(object):
             return ERROR_FAILURE, response
         channel = self.channels[channel_id]
         status, response = channel.core_eof(request, response)
-        return ERROR_SUCCESS, response
+        return status, response
 
     def _core_channel_interact(self, request, response):
         channel_id = packet_get_tlv(request, TLV_TYPE_CHANNEL_ID)['value']
@@ -1605,6 +1627,20 @@ class PythonMeterpreter(object):
             self.handle_dead_resource_channel(channel_id)
         return status, response
 
+    def _core_channel_seek(self, request, response):
+        channel_id = packet_get_tlv(request, TLV_TYPE_CHANNEL_ID)['value']
+        if channel_id not in self.channels:
+            return ERROR_FAILURE, response
+        channel = self.channels[channel_id]
+        return channel.core_seek(request, response)
+
+    def _core_channel_tell(self, request, response):
+        channel_id = packet_get_tlv(request, TLV_TYPE_CHANNEL_ID)['value']
+        if channel_id not in self.channels:
+            return ERROR_FAILURE, response
+        channel = self.channels[channel_id]
+        return channel.core_tell(request, response)
+
     def create_response(self, request):
         response = struct.pack('>I', PACKET_TYPE_RESPONSE)
         commd_id_tlv = packet_get_tlv(request, TLV_TYPE_COMMAND_ID)

data/lib/metasploit-payloads/version.rb

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.57'
+  VERSION = '2.0.61'
 
   def self.version
     VERSION

data.tar.gz.sig

@@ -1,3 +1 @@
-�*�A�x̭��XS�y�'wp��5��3�2�X�:C��(��$ִR'�Z����t�x[d��N�6��3���m6�����Y�����'~XRiҨ�8�OH����6����{��/����?�v���np��;��̝�8��;������adP�Ә)Q�
-�����QW�dt��/d��y��X��+�
q��_}1]��v��@��b�5�;�_>��� �ʈ�?
-���U�ޢ�f�tgX���U���oJ�$�����;4
+&����2�kG-C�? �-6(>�]?���0t����G�{�#ZP_�޻�Į�mv ��66w�U�l����pl������eMޜ�k�x���JT���p=#gk|���q����B�x~��K}�Y^�!�G�z�5(>a2L{\�5ScH��.?O>�x��!��?�e�+�p�g��njV�X]�Y�f�G���xNo��$g@�#�ɞ�5�5�S�R�gRgТP�����.�e�77\,�M�RCG�j���z�

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.57
+  version: 2.0.61
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2021-09-27 00:00:00.000000000 Z
+date: 2021-11-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake